ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
class.ilRbacLog.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
14 class ilRbacLog
15 {
16  const EDIT_PERMISSIONS = 1;
17  const MOVE_OBJECT = 2;
18  const LINK_OBJECT = 3;
19  const COPY_OBJECT = 4;
20  const CREATE_OBJECT = 5;
21  const EDIT_TEMPLATE = 6;
22  const EDIT_TEMPLATE_EXISTING = 7;
23  const CHANGE_OWNER = 8;
24 
25  public static function isActive()
26  {
27  include_once "Services/PrivacySecurity/classes/class.ilPrivacySettings.php";
28  $settings = ilPrivacySettings::_getInstance();
29  if ($settings->enabledRbacLog()) {
30  return true;
31  }
32  return false;
33  }
34 
35  public static function gatherFaPa($a_ref_id, array $a_role_ids, $a_add_action = false)
36  {
37  global $rbacreview;
38 
39  $result = array();
40 
41  // #10946 - if result is written to log directly we need to add an "action" dimension
42  // if result is used as input to diffFaPa() we need "raw" data
43 
44  // roles
45  foreach ($a_role_ids as $role_id) {
46  if ($role_id != SYSTEM_ROLE_ID) {
47  if ($a_add_action) {
48  $result["ops"][$role_id]["add"] = $rbacreview->getRoleOperationsOnObject($role_id, $a_ref_id);
49  } else {
50  $result["ops"][$role_id] = $rbacreview->getRoleOperationsOnObject($role_id, $a_ref_id);
51  }
52  }
53  }
54 
55  // inheritance
56  if ($a_ref_id && $a_ref_id != ROLE_FOLDER_ID) {
57  if ($a_add_action) {
58  $result["inht"]["add"] = $rbacreview->getRolesOfRoleFolder($a_ref_id);
59  } else {
60  $result["inht"] = $rbacreview->getRolesOfRoleFolder($a_ref_id);
61  }
62  }
63 
64  return $result;
65  }
66 
67  public static function diffFaPa(array $a_old, array $a_new)
68  {
69  $result = array();
70 
71  // roles
72  foreach ((array) $a_old["ops"] as $role_id => $ops) {
73  $diff = array_diff($ops, $a_new["ops"][$role_id]);
74  if (sizeof($diff)) {
75  $result["ops"][$role_id]["rmv"] = array_values($diff);
76  }
77  $diff = array_diff($a_new["ops"][$role_id], $ops);
78  if (sizeof($diff)) {
79  $result["ops"][$role_id]["add"] = array_values($diff);
80  }
81  }
82 
83  if (isset($a_old["inht"]) || isset($a_new["inht"])) {
84  if (isset($a_old["inht"]) && !isset($a_new["inht"])) {
85  $result["inht"]["rmv"] = $a_old["inht"];
86  } elseif (!isset($a_old["inht"]) && isset($a_new["inht"])) {
87  $result["inht"]["add"] = $a_new["inht"];
88  } else {
89  $diff = array_diff($a_old["inht"], $a_new["inht"]);
90  if (sizeof($diff)) {
91  $result["inht"]["rmv"] = array_values($diff);
92  }
93  $diff = array_diff($a_new["inht"], $a_old["inht"]);
94  if (sizeof($diff)) {
95  $result["inht"]["add"] = array_values($diff);
96  }
97  }
98  }
99 
100  return $result;
101  }
102 
103  public static function gatherTemplate($a_role_ref_id, $a_role_id)
104  {
105  global $rbacreview;
106 
107  return $rbacreview->getAllOperationsOfRole($a_role_id, $a_role_ref_id);
108  }
109 
110  public static function diffTemplate(array $a_old, array $a_new)
111  {
112  $result = array();
113  $types = array_unique(array_merge(array_keys($a_old), array_keys($a_new)));
114  foreach ($types as $type) {
115  if (!isset($a_old[$type])) {
116  $result[$type]["add"] = $a_new[$type];
117  } elseif (!isset($a_new[$type])) {
118  $result[$type]["rmv"] = $a_old[$type];
119  } else {
120  $diff = array_diff($a_old[$type], $a_new[$type]);
121  if (sizeof($diff)) {
122  $result[$type]["rmv"] = array_values($diff);
123  }
124  $diff = array_diff($a_new[$type], $a_old[$type]);
125  if (sizeof($diff)) {
126  $result[$type]["add"] = array_values($diff);
127  }
128  }
129  }
130  return $result;
131  }
132 
133  public static function add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id = false)
134  {
135  global $ilUser, $ilDB;
136 
137  if (self::isValidAction($a_action) && sizeof($a_diff)) {
138  if ($a_source_ref_id) {
139  $a_diff["src"] = $a_source_ref_id;
140  }
141  $id = $ilDB->nextId('rbac_log');
142 
143  $ilDB->query("INSERT INTO rbac_log (log_id, user_id, created, ref_id, action, data)" .
144  " VALUES (" . $ilDB->quote($id, "integer") . "," . $ilDB->quote($ilUser->getId(), "integer") .
145  "," . $ilDB->quote(time(), "integer") .
146  "," . $ilDB->quote($a_ref_id, "integer") . "," . $ilDB->quote($a_action, "integer") .
147  "," . $ilDB->quote(serialize($a_diff), "text") . ")");
148  return true;
149  }
150  return false;
151  }
152 
153  protected static function isValidAction($a_action)
154  {
155  if (in_array($a_action, array(self::EDIT_PERMISSIONS, self::MOVE_OBJECT, self::LINK_OBJECT,
156  self::COPY_OBJECT, self::CREATE_OBJECT, self::EDIT_TEMPLATE, self::EDIT_TEMPLATE_EXISTING,
157  self::CHANGE_OWNER))) {
158  return true;
159  }
160  return false;
161  }
162 
163  public static function getLogItems($a_ref_id, $a_limit, $a_offset, array $a_filter = null)
164  {
165  global $ilDB, $rbacreview;
166 
167  $where = [];
168  if ($a_filter) {
169  if ($a_filter["action"]) {
170  $where[] = "action = " . $ilDB->quote($a_filter["action"], "integer");
171  }
172  if ($a_filter["date"]["from"]) {
173  $from = $a_filter["date"]["from"]->get(IL_CAL_UNIX);
174  $from = strtotime("00:00:00", $from);
175  $where[] = "created >= " . $ilDB->quote($from, "integer");
176  }
177  if ($a_filter["date"]["to"]) {
178  $to = $a_filter["date"]["to"]->get(IL_CAL_UNIX);
179  $to = strtotime("23:59:59", $to);
180  $where[] = "created <= " . $ilDB->quote($to, "integer");
181  }
182 
183  if (count($where) > 0) {
184  $where = array_merge([' AND '], [implode(' AND ', $where)]);
185  }
186  }
187 
188  $set = $ilDB->query("SELECT COUNT(*) FROM rbac_log WHERE ref_id = " . $ilDB->quote($a_ref_id, "integer") . implode('', $where));
189  $count = array_pop($ilDB->fetchAssoc($set));
190 
191  $ilDB->setLimit($a_limit, $a_offset);
192  $set = $ilDB->query("SELECT * FROM rbac_log WHERE ref_id = " . $ilDB->quote($a_ref_id, "integer") .
193  implode('', $where) . " ORDER BY created DESC");
194  $result = array();
195  while ($row = $ilDB->fetchAssoc($set)) {
196  $row["data"] = unserialize($row["data"]);
197  $result[] = $row;
198  }
199  return array("cnt"=>$count, "set"=>$result);
200  }
201 
202  public static function delete($a_ref_id)
203  {
204  global $ilDB;
205 
206  $ilDB->query("DELETE FROM rbac_log WHERE ref_id = " . $ilDB->quote($a_ref_id, "integer"));
207 
208  self::garbageCollection();
209  }
210 
211  public static function garbageCollection()
212  {
213  global $ilDB;
214 
215  include_once "Services/PrivacySecurity/classes/class.ilPrivacySettings.php";
216  $settings = ilPrivacySettings::_getInstance();
217  $max = $settings->getRbacLogAge();
218 
219  $ilDB->query("DELETE FROM rbac_log WHERE created < " . $ilDB->quote(strtotime("-" . $max . "months"), "integer"));
220  }
221 }
$result
$result
Definition: CleanUpTest.php:463
$type
$type
Definition: proxy_ylocal.php:10
ilRbacLog\garbageCollection
static garbageCollection()
Definition: class.ilRbacLog.php:211
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14
ilRbacLog\CHANGE_OWNER
const CHANGE_OWNER
Definition: class.ilRbacLog.php:23
$from
$from
Definition: logout-iframe.php:5
ilRbacLog\isActive
static isActive()
Definition: class.ilRbacLog.php:25
IL_CAL_UNIX
const IL_CAL_UNIX
Definition: class.ilDateTime.php:11
ilRbacLog\gatherFaPa
static gatherFaPa($a_ref_id, array $a_role_ids, $a_add_action=false)
Definition: class.ilRbacLog.php:35
ilRbacLog\diffFaPa
static diffFaPa(array $a_old, array $a_new)
Definition: class.ilRbacLog.php:67
ilRbacLog\EDIT_PERMISSIONS
const EDIT_PERMISSIONS
Definition: class.ilRbacLog.php:16
ilRbacLog\CREATE_OBJECT
const CREATE_OBJECT
Definition: class.ilRbacLog.php:20
ilRbacLog\COPY_OBJECT
const COPY_OBJECT
Definition: class.ilRbacLog.php:19
$ilUser
$ilUser
Definition: imgupload.php:18
ilRbacLog\LINK_OBJECT
const LINK_OBJECT
Definition: class.ilRbacLog.php:18
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilRbacLog\getLogItems
static getLogItems($a_ref_id, $a_limit, $a_offset, array $a_filter=null)
Definition: class.ilRbacLog.php:163
ilRbacLog\gatherTemplate
static gatherTemplate($a_role_ref_id, $a_role_id)
Definition: class.ilRbacLog.php:103
ilRbacLog\add
static add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id=false)
Definition: class.ilRbacLog.php:133
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilRbacLog\diffTemplate
static diffTemplate(array $a_old, array $a_new)
Definition: class.ilRbacLog.php:110
ilRbacLog\EDIT_TEMPLATE_EXISTING
const EDIT_TEMPLATE_EXISTING
Definition: class.ilRbacLog.php:22
ilRbacLog\EDIT_TEMPLATE
const EDIT_TEMPLATE
Definition: class.ilRbacLog.php:21
ilRbacLog\MOVE_OBJECT
const MOVE_OBJECT
Definition: class.ilRbacLog.php:17
ilPrivacySettings\_getInstance
static _getInstance()
Get instance of ilPrivacySettings.
Definition: class.ilPrivacySettings.php:77
time
Add data(end) time
Method that wraps PHPs time in order to allow simulations with the workflow.
Definition: 40duplicateStyle.php:39
ilRbacLog\isValidAction
static isValidAction($a_action)
Definition: class.ilRbacLog.php:153
ilRbacLog
class ilRbacLog Log changes in Rbac-related settings
Definition: class.ilRbacLog.php:14