ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
Public Member Functions | Static Public Member Functions | Data Fields | Protected Member Functions | Protected Attributes | Static Protected Attributes | Static Private Attributes
ilRbacReview Class Reference
Services/AccessControl

class ilRbacReview Contains Review functions of core Rbac. More...

+ Collaboration diagram for ilRbacReview:

Public Member Functions

 __construct ()
 Constructor @access public. More...
 
 roleExists ($a_title, $a_id=0)
 Checks if a role already exists. More...
 
 getParentRoleIds ($a_endnode_id, $a_templates=false)
 get an array of parent role ids of all parent roles, if last parameter is set true you get also all parent templates @access public More...
 
 getRoleListByObject ($a_ref_id, $a_templates=false)
 Returns a list of roles in an container @access public. More...
 
 getAssignableRoles ($a_templates=false, $a_internal_roles=false, $title_filter='')
 Returns a list of all assignable roles @access public. More...
 
 getAssignableRolesInSubtree ($ref_id)
 Returns a list of assignable roles in a subtree of the repository @access public. More...
 
 getAssignableChildRoles ($a_ref_id)
 Get all assignable roles directly under a specific node @access public. More...
 
 getNumberOfAssignedUsers (array $a_roles)
 Get the number of assigned users to roles @global ilDB $ilDB. More...
 
 assignedUsers ($a_rol_id)
 get all assigned users to a given role @access public More...
 
 isAssigned ($a_usr_id, $a_role_id)
 check if a specific user is assigned to specific role @access public More...
 
 isAssignedToAtLeastOneGivenRole ($a_usr_id, $a_role_ids)
 check if a specific user is assigned to at least one of the given role ids. More...
 
 assignedRoles ($a_usr_id)
 get all assigned roles to a given user @access public More...
 
 assignedGlobalRoles ($a_usr_id)
 Get assigned global roles for an user. More...
 
 isAssignable ($a_rol_id, $a_ref_id)
 Check if its possible to assign users @access public. More...
 
 hasMultipleAssignments ($a_role_id)
 Temporary bugfix. More...
 
 getFoldersAssignedToRole ($a_rol_id, $a_assignable=false)
 Returns an array of objects assigned to a role. More...
 
 getRolesOfObject ($a_ref_id, $a_assignable_only=false)
 Get roles of object. More...
 
 getRolesOfRoleFolder ($a_ref_id, $a_nonassignable=true)
 get all roles of a role folder including linked local roles that are created due to stopped inheritance returns an array with role ids @access public More...
 
 getGlobalRoles ()
 get only 'global' roles @access public More...
 
 getLocalRoles ($a_ref_id)
 Get local roles of object. More...
 
 getLocalPolicies ($a_ref_id)
 Get all roles with local policies. More...
 
 getGlobalRolesArray ()
 get only 'global' roles @access public More...
 
 getGlobalAssignableRoles ()
 get only 'global' roles (with flag 'assign_users') @access public More...
 
 isRoleAssignedToObject ($a_role_id, $a_parent_id)
 Check if role is assigned to an object. More...
 
 getOperations ()
 get all possible operations @access public More...
 
 getOperation ($ops_id)
 get one operation by operation id @access public More...
 
 getAllOperationsOfRole ($a_rol_id, $a_parent=0)
 get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles @access public More...
 
 getActiveOperationsOfRole ($a_ref_id, $a_role_id)
 Get active operations for a role. More...
 
 getOperationsOfRole ($a_rol_id, $a_type, $a_parent=0)
 get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles @access public More...
 
 getRoleOperationsOnObject ($a_role_id, $a_ref_id)
 @global ilDB $ilDB More...
 
 getOperationsOnType ($a_typ_id)
 all possible operations of a type @access public More...
 
 getOperationsOnTypeString ($a_type)
 all possible operations of a type @access public More...
 
 getOperationsByTypeAndClass ($a_type, $a_class)
 Get operations by type and class. More...
 
 getObjectsWithStopedInheritance ($a_rol_id, $a_filter=array())
 get all objects in which the inheritance of role with role_id was stopped the function returns all reference ids of objects containing a role folder. More...
 
 isDeleted ($a_node_id)
 Checks if a rolefolder is set as deleted (negative tree_id) @access public. More...
 
 isGlobalRole ($a_role_id)
 Check if role is a global role. More...
 
 getRolesByFilter ($a_filter=0, $a_user_id=0, $title_filter='')
 @global ilDB $ilDB More...
 
 getTypeId ($a_type)
 Get type id of object @global ilDB $ilDB. More...
 
 isProtected ($a_ref_id, $a_role_id)
 
 isBlockedAtPosition ($a_role_id, $a_ref_id)
 Check if role is blocked at position @global ilDB $ilDB. More...
 
 isBlockedInUpperContext ($a_role_id, $a_ref_id)
 Check if role is blocked in upper context. More...
 
 getObjectOfRole ($a_role_id)
 Get object id of objects a role is assigned to. More...
 
 getObjectReferenceOfRole ($a_role_id)
 Get reference of role. More...
 
 isRoleDeleted ($a_role_id)
 return if role is only attached to deleted role folders More...
 
 getRolesForIDs ($role_ids, $use_templates)
 @global ilDB $ilDB More...
 
 getOperationAssignment ()
 get operation assignments More...
 
 isDeleteable ($a_role_id, $a_rolf_id)
 Check if role is deleteable at a specific position. More...
 
 isSystemGeneratedRole ($a_role_id)
 Check if the role is system generate role or role template. More...
 
 getRoleFolderOfRole ($a_role_id)
 Get role folder of role @global ilDB $ilDB. More...
 
 getUserPermissionsOnObject ($a_user_id, $a_ref_id)
 Get all user permissions on an object. More...
 
 setAssignedCacheEntry ($a_role_id, $a_user_id, $a_value)
 set entry of assigned_chache More...
 
 getAssignedCacheEntry ($a_role_id, $a_user_id)
 get entry of assigned_chache More...
 
 clearCaches ()
 Clear assigned users caches. More...
 

Static Public Member Functions

static _getOperationIdsByName ($operations)
 get ops_id's by name. More...
 
static _getOperationIdByName ($a_operation)
 get operation id by name of operation @access public @access static More...
 
static lookupCreateOperationIds ($a_type_arr)
 Lookup operation ids. More...
 
static _getOperationList ($a_type=null)
 get operation list by object type @access public @access static More...
 
static _groupOperationsByClass ($a_ops_arr)
 

Data Fields

const FILTER_ALL = 1
 
const FILTER_ALL_GLOBAL = 2
 
const FILTER_ALL_LOCAL = 3
 
const FILTER_INTERNAL = 4
 
const FILTER_NOT_INTERNAL = 5
 
const FILTER_TEMPLATES = 6
 

Protected Member Functions

 __getParentRoles ($a_path, $a_templates)
 Note: This function performs faster than the new getParentRoles function, because it uses database indexes whereas getParentRoles needs a full table space scan. More...
 
 __setTemplateFilter ($a_templates)
 get roles and templates or only roles; returns string for where clause @access private More...
 
 __setRoleType ($a_role_list)
 computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in other role folders linked: roles with stoppped inheritance template: role templates More...
 
 __setProtectedStatus ($a_parent_roles, $a_role_hierarchy, $a_ref_id)
 Set protected status @global type $rbacsystem @global type $ilUser @global type $log. More...
 

Protected Attributes

 $log
 

Static Protected Attributes

static $assigned_users_cache = array()
 
static $is_assigned_cache = array()
 

Static Private Attributes

static $_opsCache = null
 

Detailed Description

class ilRbacReview Contains Review functions of core Rbac.

This class offers the possibility to view the contents of the user <-> role (UR) relation and the permission <-> role (PR) relation. For example, from the UA relation the administrator should have the facility to view all user assigned to a given role.

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Sascha Hofmann sasch.nosp@m.ahof.nosp@m.mann@.nosp@m.gmx..nosp@m.de
Version
$Id$

Definition at line 19 of file class.ilRbacReview.php.

Constructor & Destructor Documentation

◆ __construct()

ilRbacReview::__construct ( )

Constructor @access public.

Definition at line 50 of file class.ilRbacReview.php.

51 {
52 global $ilDB,$ilErr,$ilias;
53
54 $this->log = ilLoggerFactory::getLogger('ac');
55
56 // set db & error handler
57 (isset($ilDB)) ? $this->ilDB =&$ilDB : $this->ilDB =&$ilias->db;
58
59 if (!isset($ilErr)) {
60 $ilErr = new ilErrorHandling();
61 $ilErr->setErrorHandling(PEAR_ERROR_CALLBACK, array($ilErr,'errorHandler'));
62 } else {
63 $this->ilErr =&$ilErr;
64 }
65 }
PEAR_ERROR_CALLBACK
const PEAR_ERROR_CALLBACK
Definition: PEAR.php:35
if
PHPExcel root directory.
Definition: PHPExcel.php:30
ilDB
Database Wrapper.
Definition: class.ilDB.php:30
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:79
$ilErr
global $ilErr
Definition: raiseError.php:16
$ilDB
global $ilDB
Definition: storeScorm2004.php:19

References $ilDB, $ilErr, ilLoggerFactory\getLogger(), and PEAR_ERROR_CALLBACK.

+ Here is the call graph for this function:

Member Function Documentation

◆ __getParentRoles()

ilRbacReview::__getParentRoles (   $a_path,
  $a_templates 
)
protected

Note: This function performs faster than the new getParentRoles function, because it uses database indexes whereas getParentRoles needs a full table space scan.

Get parent roles in a path. If last parameter is set 'true' it delivers also all templates in the path @access protected

Parameters
arrayarray with path_ids
booleantrue for role templates (default: false)
Returns
array array with all parent roles (obj_ids)
Todo:
refactor rolf => DONE

Definition at line 111 of file class.ilRbacReview.php.

112 {
113 if (!isset($a_path) or !is_array($a_path)) {
114 $message = get_class($this) . "::getParentRoles(): No path given or wrong datatype!";
115 $this->ilErr->raiseError($message, $this->ilErr->WARNING);
116 }
117
118 $parent_roles = array();
119 $role_hierarchy = array();
120
121 foreach ($a_path as $ref_id) {
122 $roles = $this->getRoleListByObject($ref_id, $a_templates);
123 foreach ($roles as $role) {
124 $id = $role["obj_id"];
125 $role["parent"] = $ref_id;
126 $parent_roles[$id] = $role;
127
128 if (!array_key_exists($role['obj_id'], $role_hierarchy)) {
129 $role_hierarchy[$id] = $ref_id;
130 }
131 }
132 }
133 return $this->__setProtectedStatus($parent_roles, $role_hierarchy, reset($a_path));
134 }
ilRbacReview\__setProtectedStatus
__setProtectedStatus($a_parent_roles, $a_role_hierarchy, $a_ref_id)
Set protected status @global type $rbacsystem @global type $ilUser @global type $log.
Definition: class.ilRbacReview.php:1382
ilRbacReview\getRoleListByObject
getRoleListByObject($a_ref_id, $a_templates=false)
Returns a list of roles in an container @access public.
Definition: class.ilRbacReview.php:175
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14
$message
catch(Exception $e) $message
Definition: saml2-logout.php:34

References $id, $message, __setProtectedStatus(), and getRoleListByObject().

Referenced by getParentRoleIds().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ __setProtectedStatus()

ilRbacReview::__setProtectedStatus (   $a_parent_roles,
  $a_role_hierarchy,
  $a_ref_id 
)
protected

Set protected status @global type $rbacsystem @global type $ilUser @global type $log.

Parameters
type$a_parent_roles
type$a_role_hierarchy
type$a_ref_id
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 1382 of file class.ilRbacReview.php.

1383 {
1384 //vd('refId',$a_ref_id,'parent roles',$a_parent_roles,'role-hierarchy',$a_role_hierarchy);
1385
1386 global $rbacsystem,$ilUser,$log;
1387
1388 if (in_array(SYSTEM_ROLE_ID, $this->assignedRoles($ilUser->getId()))) {
1389 $leveladmin = true;
1390 } else {
1391 $leveladmin = false;
1392 }
1393 #vd("RoleHierarchy",$a_role_hierarchy);
1394 foreach ($a_role_hierarchy as $role_id => $rolf_id) {
1395 //$log->write("ilRBACreview::__setProtectedStatus(), 0");
1396 #echo "<br/>ROLF: ".$rolf_id." ROLE_ID: ".$role_id." (".$a_parent_roles[$role_id]['title'].") ";
1397 //var_dump($leveladmin,$a_parent_roles[$role_id]['protected']);
1398
1399 if ($leveladmin == true) {
1400 $a_parent_roles[$role_id]['protected'] = false;
1401 continue;
1402 }
1403
1404 if ($a_parent_roles[$role_id]['protected'] == true) {
1405 $arr_lvl_roles_user = array_intersect($this->assignedRoles($ilUser->getId()), array_keys($a_role_hierarchy, $rolf_id));
1406
1407 #vd("intersection",$arr_lvl_roles_user);
1408
1409 foreach ($arr_lvl_roles_user as $lvl_role_id) {
1410 #echo "<br/>level_role: ".$lvl_role_id;
1411 #echo "<br/>a_ref_id: ".$a_ref_id;
1412
1413 //$log->write("ilRBACreview::__setProtectedStatus(), 1");
1414 // check if role grants 'edit_permission' to parent
1415 $rolf = $a_parent_roles[$role_id]['parent'];
1416 #$parent_obj = $GLOBALS['tree']->getParentId($rolf);
1417 if ($rbacsystem->checkPermission($rolf, $lvl_role_id, 'edit_permission')) {
1418 #echo "<br />Permission granted";
1419 //$log->write("ilRBACreview::__setProtectedStatus(), 2");
1420 // user may change permissions of that higher-ranked role
1421 $a_parent_roles[$role_id]['protected'] = false;
1422
1423 // remember successful check
1424 //$leveladmin = true;
1425 }
1426 }
1427 }
1428 }
1429 return $a_parent_roles;
1430 }
ilRbacReview\assignedRoles
assignedRoles($a_usr_id)
get all assigned roles to a given user @access public
Definition: class.ilRbacReview.php:475
$ilUser
$ilUser
Definition: imgupload.php:18

References $ilUser, $log, and assignedRoles().

Referenced by __getParentRoles().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ __setRoleType()

ilRbacReview::__setRoleType (   $a_role_list)
protected

computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in other role folders linked: roles with stoppped inheritance template: role templates

@access private

Parameters
arrayrole list
Returns
array role list with additional entry for role_type
Todo:
refactor rolf => DONE

Definition at line 335 of file class.ilRbacReview.php.

336 {
337 foreach ($a_role_list as $key => $val) {
338 // determine role type
339 if ($val["type"] == "rolt") {
340 $a_role_list[$key]["role_type"] = "template";
341 } else {
342 if ($val["assign"] == "y") {
343 if ($val["parent"] == ROLE_FOLDER_ID) {
344 $a_role_list[$key]["role_type"] = "global";
345 } else {
346 $a_role_list[$key]["role_type"] = "local";
347 }
348 } else {
349 $a_role_list[$key]["role_type"] = "linked";
350 }
351 }
352
353 if ($val["protected"] == "y") {
354 $a_role_list[$key]["protected"] = true;
355 } else {
356 $a_role_list[$key]["protected"] = false;
357 }
358 }
359
360 return $a_role_list;
361 }
$key
$key
Definition: croninfo.php:18

References $key.

Referenced by getAssignableRoles(), getRoleListByObject(), getRolesByFilter(), and getRolesForIDs().

+ Here is the caller graph for this function:

◆ __setTemplateFilter()

ilRbacReview::__setTemplateFilter (   $a_templates)
protected

get roles and templates or only roles; returns string for where clause @access private

Parameters
booleantrue: with templates
Returns
string where clause
Todo:
refactor rolf => DONE

Definition at line 310 of file class.ilRbacReview.php.

311 {
312 global $ilDB;
313
314 if ($a_templates === true) {
315 $where = "WHERE " . $ilDB->in('object_data.type', array('role','rolt'), false, 'text') . " ";
316 } else {
317 $where = "WHERE " . $ilDB->in('object_data.type', array('role'), false, 'text') . " ";
318 }
319
320 return $where;
321 }

References $ilDB.

Referenced by getAssignableRoles(), getRoleListByObject(), and getRolesForIDs().

+ Here is the caller graph for this function:

◆ _getOperationIdByName()

static ilRbacReview::_getOperationIdByName (   $a_operation)
static

get operation id by name of operation @access public @access static

Parameters
stringoperation name
Returns
integer operation id
Todo:
refactor rolf => DONE

Definition at line 1233 of file class.ilRbacReview.php.

1234 {
1235 global $ilDB,$ilErr;
1236
1237 if (!isset($a_operation)) {
1238 $message = "perm::getOperationId(): No operation given!";
1239 $ilErr->raiseError($message, $ilErr->WARNING);
1240 }
1241
1242 // Cache operation ids
1243 if (!is_array(self::$_opsCache)) {
1244 self::$_opsCache = array();
1245
1246 $q = "SELECT ops_id, operation FROM rbac_operations";
1247 $r = $ilDB->query($q);
1248 while ($row = $r->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
1249 self::$_opsCache[$row->operation] = $row->ops_id;
1250 }
1251 }
1252
1253 // Get operation ID by name from cache
1254 if (array_key_exists($a_operation, self::$_opsCache)) {
1255 return self::$_opsCache[$a_operation];
1256 }
1257 return null;
1258 }
$r
$r
Definition: example_031.php:79

References $ilDB, $ilErr, $message, $r, $row, and ilDBConstants\FETCHMODE_OBJECT.

Referenced by ilRepositoryObjectPlugin\beforeActivation(), ilRbacSystem\checkAccessOfUser(), and ilObjBlog\getRolesWithContributeOrRedact().

+ Here is the caller graph for this function:

◆ _getOperationIdsByName()

static ilRbacReview::_getOperationIdsByName (   $operations)
static

get ops_id's by name.

Example usage: $rbacadmin->grantPermission($roles,ilRbacReview::_getOperationIdsByName(array('visible','read'),$ref_id));

@access public

Parameters
arraystring name of operation. see rbac_operations
Returns
array integer ops_id's
Todo:
refactor rolf => DONE

Definition at line 1207 of file class.ilRbacReview.php.

1208 {
1209 global $ilDB;
1210
1211 if (!count($operations)) {
1212 return array();
1213 }
1214
1215 $query = 'SELECT ops_id FROM rbac_operations ' .
1216 'WHERE ' . $ilDB->in('operation', $operations, false, 'text');
1217
1218 $res = $ilDB->query($query);
1219 while ($row = $ilDB->fetchObject($res)) {
1220 $ops_ids[] = $row->ops_id;
1221 }
1222 return $ops_ids ? $ops_ids : array();
1223 }
$query
$query
Definition: proxy_ylocal.php:13
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15

References $ilDB, $query, $res, and $row.

Referenced by ilUtil\_getObjectsByOperations(), ilLicense\getPotentialAccesses(), and ilECSObjectSettings\handlePermissionUpdate().

+ Here is the caller graph for this function:

◆ _getOperationList()

static ilRbacReview::_getOperationList (   $a_type = null)
static

get operation list by object type @access public @access static

Parameters
stringobject type you want to have the operation list
stringorder column
stringorder direction (possible values: ASC or DESC)
Returns
array returns array of operations
Todo:
refactor rolf => DONE

Definition at line 1442 of file class.ilRbacReview.php.

1443 {
1444 global $ilDB;
1445
1446 $arr = array();
1447
1448 if ($a_type) {
1449 $query = sprintf(
1450 'SELECT * FROM rbac_operations ' .
1451 'JOIN rbac_ta ON rbac_operations.ops_id = rbac_ta.ops_id ' .
1452 'JOIN object_data ON rbac_ta.typ_id = object_data.obj_id ' .
1453 'WHERE object_data.title = %s ' .
1454 'AND object_data.type = %s ' .
1455 'ORDER BY op_order ASC',
1456 $ilDB->quote($a_type, 'text'),
1457 $ilDB->quote('typ', 'text')
1458 );
1459 } else {
1460 $query = 'SELECT * FROM rbac_operations ORDER BY op_order ASC';
1461 }
1462 $res = $ilDB->query($query);
1463 while ($row = $ilDB->fetchAssoc($res)) {
1464 $arr[] = array(
1465 "ops_id" => $row['ops_id'],
1466 "operation" => $row['operation'],
1467 "desc" => $row['description'],
1468 "class" => $row['class'],
1469 "order" => $row['op_order']
1470 );
1471 }
1472 return $arr;
1473 }
sprintf
sprintf('%.4f', $callTime)
Definition: 01pharSimple.php:87
$a_type
$a_type
Definition: workflow.php:92

References $a_type, $ilDB, $query, $res, $row, and sprintf.

Referenced by ilSettingsPermissionGUI\__construct(), ilObjTypeDefinitionGUI\editObject(), ilObjectPermissionStatusGUI\getAccessPermissionTableData(), ilObjectPermissionStatusGUI\getAssignedValidRoles(), and ilObjTypeDefinitionGUI\viewObject().

+ Here is the caller graph for this function:

◆ _groupOperationsByClass()

static ilRbacReview::_groupOperationsByClass (   $a_ops_arr)
static
Parameters
type$a_ops_arr
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1481 of file class.ilRbacReview.php.

1482 {
1483 $arr = array();
1484
1485 foreach ($a_ops_arr as $ops) {
1486 $arr[$ops['class']][] = array('ops_id' => $ops['ops_id'],
1487 'name' => $ops['operation']
1488 );
1489 }
1490 return $arr;
1491 }

◆ assignedGlobalRoles()

ilRbacReview::assignedGlobalRoles (   $a_usr_id)

Get assigned global roles for an user.

Parameters
int$a_usr_idId of user account
Todo:
refactor rolf => DONE

Definition at line 495 of file class.ilRbacReview.php.

496 {
497 global $ilDB;
498
499 $query = "SELECT ua.rol_id FROM rbac_ua ua " .
500 "JOIN rbac_fa fa ON ua.rol_id = fa.rol_id " .
501 "WHERE usr_id = " . $ilDB->quote($a_usr_id, 'integer') . ' ' .
502 "AND parent = " . $ilDB->quote(ROLE_FOLDER_ID) . " " .
503 "AND assign = 'y' ";
504
505 $res = $ilDB->query($query);
506 while ($row = $ilDB->fetchObject($res)) {
507 $role_arr[] = $row->rol_id;
508 }
509 return $role_arr ? $role_arr : array();
510 }

References $ilDB, $query, $res, and $row.

◆ assignedRoles()

ilRbacReview::assignedRoles (   $a_usr_id)

get all assigned roles to a given user @access public

Parameters
integerusr_id
Returns
array all roles (id) the user have
Todo:
refactor rolf => DONE

Definition at line 475 of file class.ilRbacReview.php.

476 {
477 global $ilDB;
478
479 $role_arr = array();
480
481 $query = "SELECT rol_id FROM rbac_ua WHERE usr_id = " . $ilDB->quote($a_usr_id, 'integer');
482
483 $res = $ilDB->query($query);
484 while ($row = $ilDB->fetchObject($res)) {
485 $role_arr[] = $row->rol_id;
486 }
487 return $role_arr ? $role_arr : array();
488 }

References $ilDB, $query, $res, and $row.

Referenced by __setProtectedStatus(), and getRolesByFilter().

+ Here is the caller graph for this function:

◆ assignedUsers()

ilRbacReview::assignedUsers (   $a_rol_id)

get all assigned users to a given role @access public

Parameters
integerrole_id
Returns
array all users (id) assigned to role

Definition at line 389 of file class.ilRbacReview.php.

390 {
391 global $ilBench,$ilDB;
392
393 if (!isset($a_rol_id)) {
394 $message = get_class($this) . "::assignedUsers(): No role_id given!";
395 $this->ilErr->raiseError($message, $this->ilErr->WARNING);
396 }
397 if (isset(self::$assigned_users_cache[$a_rol_id])) {
398 return self::$assigned_users_cache[$a_rol_id];
399 }
400
401 $result_arr = array();
402
403 $query = "SELECT usr_id FROM rbac_ua WHERE rol_id= " . $ilDB->quote($a_rol_id, 'integer');
404 $res = $ilDB->query($query);
405 while ($row = $ilDB->fetchAssoc($res)) {
406 array_push($result_arr, $row["usr_id"]);
407 }
408
409 self::$assigned_users_cache[$a_rol_id] = $result_arr;
410
411 return $result_arr;
412 }
$ilBench
global $ilBench
Definition: ilias.php:18

References $ilBench, $ilDB, $message, $query, $res, and $row.

◆ clearCaches()

ilRbacReview::clearCaches ( )

Clear assigned users caches.

Definition at line 1757 of file class.ilRbacReview.php.

1758 {
1759 self::$is_assigned_cache = array();
1760 self::$assigned_users_cache = array();
1761 }

◆ getActiveOperationsOfRole()

ilRbacReview::getActiveOperationsOfRole (   $a_ref_id,
  $a_role_id 
)

Get active operations for a role.

Parameters
object$a_ref_id
object$a_role_id
Returns
Todo:
refactor rolf => DONE

Definition at line 841 of file class.ilRbacReview.php.

842 {
843 global $ilDB;
844
845 $query = 'SELECT * FROM rbac_pa ' .
846 'WHERE ref_id = ' . $ilDB->quote($a_ref_id, 'integer') . ' ' .
847 'AND rol_id = ' . $ilDB->quote($a_role_id, 'integer') . ' ';
848
849 $res = $ilDB->query($query);
850 while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) {
851 return unserialize($row['ops_id']);
852 }
853 return array();
854 }

References $ilDB, $query, $res, $row, and ilDBConstants\FETCHMODE_ASSOC.

◆ getAllOperationsOfRole()

ilRbacReview::getAllOperationsOfRole (   $a_rol_id,
  $a_parent = 0 
)

get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles @access public

Parameters
integerrole_id
integerrole folder id
Returns
array array of operation_id and types
Todo:
refactor rolf => DONE

Definition at line 814 of file class.ilRbacReview.php.

815 {
816 global $ilDB;
817
818 if (!$a_parent) {
819 $a_parent = ROLE_FOLDER_ID;
820 }
821
822 $query = "SELECT ops_id,type FROM rbac_templates " .
823 "WHERE rol_id = " . $ilDB->quote($a_rol_id, 'integer') . " " .
824 "AND parent = " . $ilDB->quote($a_parent, 'integer');
825 $res = $ilDB->query($query);
826
827 $ops_arr = array();
828 while ($row = $ilDB->fetchObject($res)) {
829 $ops_arr[$row->type][] = $row->ops_id;
830 }
831 return (array) $ops_arr;
832 }

References $ilDB, $query, $res, and $row.

◆ getAssignableChildRoles()

ilRbacReview::getAssignableChildRoles (   $a_ref_id)

Get all assignable roles directly under a specific node @access public.

Parameters
ref_id
Returns
array set ids
Todo:
refactor rolf => Find a better name; reduce sql fields

Definition at line 285 of file class.ilRbacReview.php.

286 {
287 global $ilDB;
288
289 $query = "SELECT fa.*, rd.* " .
290 "FROM object_data rd " .
291 "JOIN rbac_fa fa ON rd.obj_id = fa.rol_id " .
292 "WHERE fa.assign = 'y' " .
293 "AND fa.parent = " . $this->ilDB->quote($a_ref_id, 'integer') . " "
294 ;
295
296 $res = $ilDB->query($query);
297 while ($row = $ilDB->fetchAssoc($res)) {
298 $roles_data[] = $row;
299 }
300 return $roles_data ? $roles_data : array();
301 }
ilDB\quote
quote($a_query, $a_type=null)
Wrapper for quote method.
Definition: class.ilDB.php:2133

References $ilDB, $query, $res, $row, and ilDB\quote().

+ Here is the call graph for this function:

◆ getAssignableRoles()

ilRbacReview::getAssignableRoles (   $a_templates = false,
  $a_internal_roles = false,
  $title_filter = '' 
)

Returns a list of all assignable roles @access public.

Parameters
booleanif true fetch template roles too
Returns
array set ids
Todo:
refactor rolf => DONE

Definition at line 215 of file class.ilRbacReview.php.

216 {
217 global $ilDB;
218
219 $role_list = array();
220
221 $where = $this->__setTemplateFilter($a_templates);
222
223 $query = "SELECT * FROM object_data " .
224 "JOIN rbac_fa ON obj_id = rol_id " .
225 $where .
226 "AND rbac_fa.assign = 'y' ";
227
228 if (strlen($title_filter)) {
229 $query .= (' AND ' . $ilDB->like(
230 'title',
231 'text',
232 $title_filter . '%'
233 ));
234 }
235 $res = $ilDB->query($query);
236
237 while ($row = $ilDB->fetchAssoc($res)) {
238 $row["desc"] = $row["description"];
239 $row["user_id"] = $row["owner"];
240 $role_list[] = $row;
241 }
242
243 $role_list = $this->__setRoleType($role_list);
244
245 return $role_list;
246 }
ilRbacReview\__setRoleType
__setRoleType($a_role_list)
computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in oth...
Definition: class.ilRbacReview.php:335
ilRbacReview\__setTemplateFilter
__setTemplateFilter($a_templates)
get roles and templates or only roles; returns string for where clause @access private
Definition: class.ilRbacReview.php:310

References $ilDB, $query, $res, $row, __setRoleType(), and __setTemplateFilter().

Referenced by getRolesByFilter().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getAssignableRolesInSubtree()

ilRbacReview::getAssignableRolesInSubtree (   $ref_id)

Returns a list of assignable roles in a subtree of the repository @access public.

Parameters
ref_idRoot node of subtree
Returns
array set ids
Todo:
refactor rolf => DONE

Definition at line 255 of file class.ilRbacReview.php.

256 {
257 global $ilDB;
258
259 $query = 'SELECT rol_id FROM rbac_fa fa ' .
260 'JOIN tree t1 ON t1.child = fa.parent ' .
261 'JOIN object_data obd ON fa.rol_id = obd.obj_id ' .
262 'WHERE assign = ' . $ilDB->quote('y', 'text') . ' ' .
263 'AND obd.type = ' . $ilDB->quote('role', 'text') . ' ' .
264 'AND t1.child IN (' .
265 $GLOBALS['tree']->getSubTreeQuery($ref_id, array('child')) . ' ' .
266 ') ';
267
268
269 $res = $ilDB->query($query);
270
271 $role_list = array();
272 while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
273 $role_list[] = $row->rol_id;
274 }
275 return $role_list;
276 }
$GLOBALS
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Definition: generate-standalone.php:18

References $GLOBALS, $ilDB, $query, $res, $row, and ilDBConstants\FETCHMODE_OBJECT.

◆ getAssignedCacheEntry()

ilRbacReview::getAssignedCacheEntry (   $a_role_id,
  $a_user_id 
)

get entry of assigned_chache

Parameters
int$a_role_id
int$a_user_id

Definition at line 1749 of file class.ilRbacReview.php.

1750 {
1751 return self::$is_assigned_cache[$a_role_id][$a_user_id];
1752 }

◆ getFoldersAssignedToRole()

ilRbacReview::getFoldersAssignedToRole (   $a_rol_id,
  $a_assignable = false 
)

Returns an array of objects assigned to a role.

A role with stopped inheritance may be assigned to more than one objects. To get only the original location of a role, set the second parameter to true

@access public

Parameters
integerrole id
booleanget only rolefolders where role is assignable (true)
Returns
array reference IDs of role folders
Todo:
refactor rolf => RENAME (rest done)

Definition at line 573 of file class.ilRbacReview.php.

574 {
575 global $ilDB;
576
577 if (!isset($a_rol_id)) {
578 $message = get_class($this) . "::getFoldersAssignedToRole(): No role_id given!";
579 $this->ilErr->raiseError($message, $this->ilErr->WARNING);
580 }
581
582 if ($a_assignable) {
583 $where = " AND assign ='y'";
584 }
585
586 $query = "SELECT DISTINCT parent FROM rbac_fa " .
587 "WHERE rol_id = " . $ilDB->quote($a_rol_id, 'integer') . " " . $where . " ";
588
589 $res = $ilDB->query($query);
590 while ($row = $ilDB->fetchObject($res)) {
591 $folders[] = $row->parent;
592 }
593 return $folders ? $folders : array();
594 }

References $ilDB, $message, $query, $res, and $row.

Referenced by isRoleDeleted().

+ Here is the caller graph for this function:

◆ getGlobalAssignableRoles()

ilRbacReview::getGlobalAssignableRoles ( )

get only 'global' roles (with flag 'assign_users') @access public

Returns
array Array with rol_ids
Todo:
refactor rolf => DONE

Definition at line 734 of file class.ilRbacReview.php.

735 {
736 include_once './Services/AccessControl/classes/class.ilObjRole.php';
737
738 foreach ($this->getGlobalRoles() as $role_id) {
739 if (ilObjRole::_getAssignUsersStatus($role_id)) {
740 $ga[] = array('obj_id' => $role_id,
741 'role_type' => 'global');
742 }
743 }
744 return $ga ? $ga : array();
745 }
ilObjRole\_getAssignUsersStatus
static _getAssignUsersStatus($a_role_id)
Definition: class.ilObjRole.php:138
ilRbacReview\getGlobalRoles
getGlobalRoles()
get only 'global' roles @access public
Definition: class.ilRbacReview.php:676

References ilObjRole\_getAssignUsersStatus(), and getGlobalRoles().

+ Here is the call graph for this function:

◆ getGlobalRoles()

ilRbacReview::getGlobalRoles ( )

get only 'global' roles @access public

Returns
array Array with rol_ids
Todo:
refactor rolf => DONE

Definition at line 676 of file class.ilRbacReview.php.

677 {
678 return $this->getRolesOfRoleFolder(ROLE_FOLDER_ID, false);
679 }
ilRbacReview\getRolesOfRoleFolder
getRolesOfRoleFolder($a_ref_id, $a_nonassignable=true)
get all roles of a role folder including linked local roles that are created due to stopped inheritan...
Definition: class.ilRbacReview.php:640

References getRolesOfRoleFolder().

Referenced by getGlobalAssignableRoles(), getRolesByFilter(), and isGlobalRole().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getGlobalRolesArray()

ilRbacReview::getGlobalRolesArray ( )

get only 'global' roles @access public

Returns
array Array with rol_ids
Todo:
refactor rolf => DONE

Definition at line 719 of file class.ilRbacReview.php.

720 {
721 foreach ($this->getRolesOfRoleFolder(ROLE_FOLDER_ID, false) as $role_id) {
722 $ga[] = array('obj_id' => $role_id,
723 'role_type' => 'global');
724 }
725 return $ga ? $ga : array();
726 }

References getRolesOfRoleFolder().

+ Here is the call graph for this function:

◆ getLocalPolicies()

ilRbacReview::getLocalPolicies (   $a_ref_id)

Get all roles with local policies.

Parameters
type$a_ref_id
Returns
type

Definition at line 704 of file class.ilRbacReview.php.

705 {
706 $lroles = array();
707 foreach ($this->getRolesOfRoleFolder($a_ref_id) as $role_id) {
708 $lroles[] = $role_id;
709 }
710 return $lroles;
711 }

References getRolesOfRoleFolder().

+ Here is the call graph for this function:

◆ getLocalRoles()

ilRbacReview::getLocalRoles (   $a_ref_id)

Get local roles of object.

Parameters
int$a_ref_id
Todo:
refactor rolf => DONE

Definition at line 686 of file class.ilRbacReview.php.

687 {
688 global $ilDB;
689
690 $lroles = array();
691 foreach ($this->getRolesOfRoleFolder($a_ref_id) as $role_id) {
692 if ($this->isAssignable($role_id, $a_ref_id)) {
693 $lroles[] = $role_id;
694 }
695 }
696 return $lroles;
697 }
ilRbacReview\isAssignable
isAssignable($a_rol_id, $a_ref_id)
Check if its possible to assign users @access public.
Definition: class.ilRbacReview.php:520

References $ilDB, getRolesOfRoleFolder(), and isAssignable().

+ Here is the call graph for this function:

◆ getNumberOfAssignedUsers()

ilRbacReview::getNumberOfAssignedUsers ( array  $a_roles)

Get the number of assigned users to roles @global ilDB $ilDB.

Parameters
array$a_roles
Returns
int
Todo:
refactor rolf => DONE

Definition at line 370 of file class.ilRbacReview.php.

371 {
372 global $ilDB;
373
374 $query = 'SELECT COUNT(DISTINCT(usr_id)) as num FROM rbac_ua ' .
375 'WHERE ' . $ilDB->in('rol_id', $a_roles, false, 'integer') . ' ';
376
377 $res = $ilDB->query($query);
378 $row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT);
379 return $row->num ? $row->num : 0;
380 }

References $ilDB, $query, $res, $row, and ilDBConstants\FETCHMODE_OBJECT.

◆ getObjectOfRole()

ilRbacReview::getObjectOfRole (   $a_role_id)

Get object id of objects a role is assigned to.

Todo:
refactor rolf (due to performance reasons the new version does not check for deleted roles only in object reference)

@access public

Parameters
introle id

Definition at line 1502 of file class.ilRbacReview.php.

1503 {
1504 // internal cache
1505 static $obj_cache = array();
1506
1507 global $ilDB;
1508
1509
1510 if (isset($obj_cache[$a_role_id]) and $obj_cache[$a_role_id]) {
1511 return $obj_cache[$a_role_id];
1512 }
1513
1514 $query = 'SELECT obr.obj_id FROM rbac_fa rfa ' .
1515 'JOIN object_reference obr ON rfa.parent = obr.ref_id ' .
1516 'WHERE assign = ' . $ilDB->quote('y', 'text') . ' ' .
1517 'AND rol_id = ' . $ilDB->quote($a_role_id, 'integer') . ' ' .
1518 'AND deleted IS NULL';
1519
1520 #$query = "SELECT obr.obj_id FROM rbac_fa rfa ".
1521 # "JOIN tree ON rfa.parent = tree.child ".
1522 # "JOIN object_reference obr ON tree.parent = obr.ref_id ".
1523 # "WHERE tree.tree = 1 ".
1524 # "AND assign = 'y' ".
1525 # "AND rol_id = ".$ilDB->quote($a_role_id,'integer')." ";
1526 $res = $ilDB->query($query);
1527
1528 $obj_cache[$a_role_id] = 0;
1529 while ($row = $ilDB->fetchObject($res)) {
1530 $obj_cache[$a_role_id] = $row->obj_id;
1531 }
1532 return $obj_cache[$a_role_id];
1533 }

References $ilDB, $query, $res, and $row.

◆ getObjectReferenceOfRole()

ilRbacReview::getObjectReferenceOfRole (   $a_role_id)

Get reference of role.

Parameters
object$a_role_id
Returns
int
Todo:
refactor rolf (no deleted check)

Definition at line 1541 of file class.ilRbacReview.php.

1542 {
1543 global $ilDB;
1544
1545 $query = 'SELECT parent p_ref FROM rbac_fa ' .
1546 'WHERE rol_id = ' . $ilDB->quote($a_role_id, 'integer') . ' ' .
1547 'AND assign = ' . $ilDB->quote('y', 'text');
1548
1549 $res = $ilDB->query($query);
1550 while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
1551 return $row->p_ref;
1552 }
1553 return 0;
1554 }

References $ilDB, $query, $res, $row, and ilDBConstants\FETCHMODE_OBJECT.

◆ getObjectsWithStopedInheritance()

ilRbacReview::getObjectsWithStopedInheritance (   $a_rol_id,
  $a_filter = array() 
)

get all objects in which the inheritance of role with role_id was stopped the function returns all reference ids of objects containing a role folder.

@access public

Parameters
integerrole_id
arrayfilter ref_ids
Returns
array with ref_ids of objects
Todo:
refactor rolf => DONE

Definition at line 1019 of file class.ilRbacReview.php.

1020 {
1021 global $ilDB;
1022
1023 #$query = 'SELECT t.parent p FROM tree t JOIN rbac_fa fa ON fa.parent = child '.
1024 # 'WHERE assign = '.$ilDB->quote('n','text').' '.
1025 # 'AND rol_id = '.$ilDB->quote($a_rol_id,'integer').' ';
1026
1027 $query = 'SELECT parent p FROM rbac_fa ' .
1028 'WHERE assign = ' . $ilDB->quote('n', 'text') . ' ' .
1029 'AND rol_id = ' . $ilDB->quote($a_rol_id, 'integer') . ' ';
1030
1031 if ($a_filter) {
1032 $query .= ('AND ' . $ilDB->in('parent', (array) $a_filter, false, 'integer'));
1033 }
1034
1035 $res = $ilDB->query($query);
1036 $parent = array();
1037 while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
1038 $parent[] = $row->p;
1039 }
1040 return $parent;
1041 }

References $ilDB, $query, $res, $row, and ilDBConstants\FETCHMODE_OBJECT.

◆ getOperation()

ilRbacReview::getOperation (   $ops_id)

get one operation by operation id @access public

Returns
array data of operation_id
Todo:
refactor rolf => DONE

Definition at line 790 of file class.ilRbacReview.php.

791 {
792 global $ilDB;
793
794 $query = 'SELECT * FROM rbac_operations WHERE ops_id = ' . $ilDB->quote($ops_id, 'integer');
795 $res = $this->ilDB->query($query);
796 while ($row = $ilDB->fetchObject($res)) {
797 $ops = array('ops_id' => $row->ops_id,
798 'operation' => $row->operation,
799 'description' => $row->description);
800 }
801
802 return $ops ? $ops : array();
803 }
ilDB\query
query($sql, $a_handle_error=true)
Query.
Definition: class.ilDB.php:1339

References $ilDB, $query, $res, $row, and ilDB\query().

+ Here is the call graph for this function:

◆ getOperationAssignment()

ilRbacReview::getOperationAssignment ( )

get operation assignments

Returns
array array(array('typ_id' => $typ_id,'title' => $title,'ops_id => '$ops_is,'operation' => $operation),...
Todo:
refactor rolf => DONE

Definition at line 1617 of file class.ilRbacReview.php.

1618 {
1619 global $ilDB;
1620
1621 $query = 'SELECT ta.typ_id, obj.title, ops.ops_id, ops.operation FROM rbac_ta ta ' .
1622 'JOIN object_data obj ON obj.obj_id = ta.typ_id ' .
1623 'JOIN rbac_operations ops ON ops.ops_id = ta.ops_id ';
1624 $res = $ilDB->query($query);
1625
1626 $counter = 0;
1627 while ($row = $ilDB->fetchObject($res)) {
1628 $info[$counter]['typ_id'] = $row->typ_id;
1629 $info[$counter]['type'] = $row->title;
1630 $info[$counter]['ops_id'] = $row->ops_id;
1631 $info[$counter]['operation'] = $row->operation;
1632 $counter++;
1633 }
1634 return $info ? $info : array();
1635 }
$counter
$counter
Definition: config-scanner.php:59
$info
$info
Definition: index.php:5

References $counter, $ilDB, $info, $query, $res, and $row.

◆ getOperations()

ilRbacReview::getOperations ( )

get all possible operations @access public

Returns
array array of operation_id
Todo:
refactor rolf => DONE

Definition at line 769 of file class.ilRbacReview.php.

770 {
771 global $ilDB;
772
773 $query = 'SELECT * FROM rbac_operations ORDER BY ops_id ';
774 $res = $this->ilDB->query($query);
775 while ($row = $ilDB->fetchObject($res)) {
776 $ops[] = array('ops_id' => $row->ops_id,
777 'operation' => $row->operation,
778 'description' => $row->description);
779 }
780
781 return $ops ? $ops : array();
782 }

References $ilDB, $query, $res, $row, and ilDB\query().

+ Here is the call graph for this function:

◆ getOperationsByTypeAndClass()

ilRbacReview::getOperationsByTypeAndClass (   $a_type,
  $a_class 
)

Get operations by type and class.

Parameters
string$a_typeType is "object" or
string$a_class
Returns
Todo:
refactor rolf => DONE

Definition at line 982 of file class.ilRbacReview.php.

983 {
984 global $ilDB;
985
986 if ($a_class != 'create') {
987 $condition = "AND class != " . $ilDB->quote('create', 'text');
988 } else {
989 $condition = "AND class = " . $ilDB->quote('create', 'text');
990 }
991
992 $query = "SELECT ro.ops_id FROM rbac_operations ro " .
993 "JOIN rbac_ta rt ON ro.ops_id = rt.ops_id " .
994 "JOIN object_data od ON rt.typ_id = od.obj_id " .
995 "WHERE type = " . $ilDB->quote('typ', 'text') . " " .
996 "AND title = " . $ilDB->quote($a_type, 'text') . " " .
997 $condition . " " .
998 "ORDER BY op_order ";
999
1000 $res = $ilDB->query($query);
1001
1002 $ops = array();
1003 while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
1004 $ops[] = $row->ops_id;
1005 }
1006 return $ops;
1007 }

References $a_type, $ilDB, $query, $res, $row, and ilDBConstants\FETCHMODE_OBJECT.

◆ getOperationsOfRole()

ilRbacReview::getOperationsOfRole (   $a_rol_id,
  $a_type,
  $a_parent = 0 
)

get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles @access public

Parameters
integerrole_id
stringobject type
integerrole folder id
Returns
array array of operation_id
Todo:
refactor rolf => DONE

Definition at line 867 of file class.ilRbacReview.php.

868 {
869 global $ilDB,$ilLog;
870
871 if (!isset($a_rol_id) or !isset($a_type)) {
872 $message = get_class($this) . "::getOperationsOfRole(): Missing Parameter!" .
873 "role_id: " . $a_rol_id .
874 "type: " . $a_type .
875 "parent_id: " . $a_parent;
876 $ilLog->logStack("Missing parameter! ");
877 $this->ilErr->raiseError($message, $this->ilErr->WARNING);
878 }
879
880 $ops_arr = array();
881
882 // if no rolefolder id is given, assume global role folder as target
883 if ($a_parent == 0) {
884 $a_parent = ROLE_FOLDER_ID;
885 }
886
887 $query = "SELECT ops_id FROM rbac_templates " .
888 "WHERE type =" . $ilDB->quote($a_type, 'text') . " " .
889 "AND rol_id = " . $ilDB->quote($a_rol_id, 'integer') . " " .
890 "AND parent = " . $ilDB->quote($a_parent, 'integer');
891 $res = $ilDB->query($query);
892 while ($row = $ilDB->fetchObject($res)) {
893 $ops_arr[] = $row->ops_id;
894 }
895
896 return $ops_arr;
897 }
$ilLog
$ilLog
Definition: inc.setup_header.php:129

References $a_type, $ilDB, $ilLog, $message, $query, $res, and $row.

◆ getOperationsOnType()

ilRbacReview::getOperationsOnType (   $a_typ_id)

all possible operations of a type @access public

Parameters
integerobject_ID of type
Returns
array valid operation_IDs
Todo:
rafactor rolf => DONE

Definition at line 929 of file class.ilRbacReview.php.

930 {
931 global $ilDB;
932
933 if (!isset($a_typ_id)) {
934 $message = get_class($this) . "::getOperationsOnType(): No type_id given!";
935 $this->ilErr->raiseError($message, $this->ilErr->WARNING);
936 }
937
938 #$query = "SELECT * FROM rbac_ta WHERE typ_id = ".$ilDB->quote($a_typ_id,'integer');
939
940 $query = 'SELECT * FROM rbac_ta ta JOIN rbac_operations o ON ta.ops_id = o.ops_id ' .
941 'WHERE typ_id = ' . $ilDB->quote($a_typ_id, 'integer') . ' ' .
942 'ORDER BY op_order';
943
944 $res = $ilDB->query($query);
945
946 while ($row = $ilDB->fetchObject($res)) {
947 $ops_id[] = $row->ops_id;
948 }
949
950 return $ops_id ? $ops_id : array();
951 }

References $ilDB, $message, $query, $res, and $row.

Referenced by getOperationsOnTypeString().

+ Here is the caller graph for this function:

◆ getOperationsOnTypeString()

ilRbacReview::getOperationsOnTypeString (   $a_type)

all possible operations of a type @access public

Parameters
integerobject_ID of type
Returns
array valid operation_IDs
Todo:
rafactor rolf => DONE

Definition at line 961 of file class.ilRbacReview.php.

962 {
963 global $ilDB;
964
965 $query = "SELECT * FROM object_data WHERE type = 'typ' AND title = " . $ilDB->quote($a_type, 'text') . " ";
966
967
968 $res = $this->ilDB->query($query);
969 while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
970 return $this->getOperationsOnType($row->obj_id);
971 }
972 return false;
973 }
ilRbacReview\getOperationsOnType
getOperationsOnType($a_typ_id)
all possible operations of a type @access public
Definition: class.ilRbacReview.php:929

References $a_type, $ilDB, $query, $res, $row, ilDBConstants\FETCHMODE_OBJECT, getOperationsOnType(), and ilDB\query().

+ Here is the call graph for this function:

◆ getParentRoleIds()

ilRbacReview::getParentRoleIds (   $a_endnode_id,
  $a_templates = false 
)

get an array of parent role ids of all parent roles, if last parameter is set true you get also all parent templates @access public

Parameters
integerref_id of an object which is end node
booleantrue for role templates (default: false)
Returns
array array(role_ids => role_data)
Todo:
refactor rolf => DONE

Definition at line 145 of file class.ilRbacReview.php.

146 {
147 global $tree;
148
149 if (!isset($a_endnode_id)) {
150 $GLOBALS['ilLog']->logStack();
151 $message = get_class($this) . "::getParentRoleIds(): No node_id (ref_id) given!";
152 $this->ilErr->raiseError($message, $this->ilErr->WARNING);
153 }
154
155 //var_dump($a_endnode_id);exit;
156 //$log->write("ilRBACreview::getParentRoleIds(), 0");
157 $pathIds = $tree->getPathId($a_endnode_id);
158
159 // add system folder since it may not in the path
160 //$pathIds[0] = SYSTEM_FOLDER_ID;
161 $pathIds[0] = ROLE_FOLDER_ID;
162 //$log->write("ilRBACreview::getParentRoleIds(), 1");
163 #return $this->getParentRoles($a_endnode_id,$a_templates,$a_keep_protected);
164 return $this->__getParentRoles($pathIds, $a_templates);
165 }
ilRbacReview\__getParentRoles
__getParentRoles($a_path, $a_templates)
Note: This function performs faster than the new getParentRoles function, because it uses database in...
Definition: class.ilRbacReview.php:111

References $GLOBALS, $message, and __getParentRoles().

+ Here is the call graph for this function:

◆ getRoleFolderOfRole()

ilRbacReview::getRoleFolderOfRole (   $a_role_id)

Get role folder of role @global ilDB $ilDB.

Parameters
int$a_role_id
Returns
int
Todo:
refactor rolf => RENAME

Definition at line 1678 of file class.ilRbacReview.php.

1679 {
1680 global $ilDB;
1681
1682 if (ilObject::_lookupType($a_role_id) == 'role') {
1683 $and = ('AND assign = ' . $ilDB->quote('y', 'text'));
1684 } else {
1685 $and = '';
1686 }
1687
1688 $query = 'SELECT * FROM rbac_fa ' .
1689 'WHERE rol_id = ' . $ilDB->quote($a_role_id, 'integer') . ' ' .
1690 $and;
1691 $res = $ilDB->query($query);
1692 while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
1693 return $row->parent;
1694 }
1695 return 0;
1696 }
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1204

References $ilDB, $query, $res, $row, ilObject\_lookupType(), and ilDBConstants\FETCHMODE_OBJECT.

+ Here is the call graph for this function:

◆ getRoleListByObject()

ilRbacReview::getRoleListByObject (   $a_ref_id,
  $a_templates = false 
)

Returns a list of roles in an container @access public.

Parameters
integerref_id of object
booleanif true fetch template roles too
Returns
array set ids
Todo:
refactor rolf => DONE

Definition at line 175 of file class.ilRbacReview.php.

176 {
177 global $ilDB;
178
179 if (!isset($a_ref_id) or !isset($a_templates)) {
180 $message = get_class($this) . "::getRoleListByObject(): Missing parameter!" .
181 "ref_id: " . $a_ref_id .
182 "tpl_flag: " . $a_templates;
183 $this->ilErr->raiseError($message, $this->ilErr->WARNING);
184 }
185
186 $role_list = array();
187
188 $where = $this->__setTemplateFilter($a_templates);
189
190 $query = "SELECT * FROM object_data " .
191 "JOIN rbac_fa ON obj_id = rol_id " .
192 $where .
193 "AND object_data.obj_id = rbac_fa.rol_id " .
194 "AND rbac_fa.parent = " . $ilDB->quote($a_ref_id, 'integer') . " ";
195
196 $res = $ilDB->query($query);
197 while ($row = $ilDB->fetchAssoc($res)) {
198 $row["desc"] = $row["description"];
199 $row["user_id"] = $row["owner"];
200 $role_list[] = $row;
201 }
202
203 $role_list = $this->__setRoleType($role_list);
204
205 return $role_list;
206 }

References $ilDB, $message, $query, $res, $row, __setRoleType(), and __setTemplateFilter().

Referenced by __getParentRoles().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getRoleOperationsOnObject()

ilRbacReview::getRoleOperationsOnObject (   $a_role_id,
  $a_ref_id 
)

@global ilDB $ilDB

Parameters
type$a_role_id
type$a_ref_id
Returns
type
Todo:
rafactor rolf => DONE

Definition at line 906 of file class.ilRbacReview.php.

907 {
908 global $ilDB;
909
910 $query = "SELECT * FROM rbac_pa " .
911 "WHERE rol_id = " . $ilDB->quote($a_role_id, 'integer') . " " .
912 "AND ref_id = " . $ilDB->quote($a_ref_id, 'integer') . " ";
913
914 $res = $ilDB->query($query);
915 while ($row = $ilDB->fetchObject($res)) {
916 $ops = unserialize($row->ops_id);
917 }
918
919 return $ops ? $ops : array();
920 }

References $ilDB, $query, $res, and $row.

◆ getRolesByFilter()

ilRbacReview::getRolesByFilter (   $a_filter = 0,
  $a_user_id = 0,
  $title_filter = '' 
)

@global ilDB $ilDB

Parameters
type$a_filter
type$a_user_id
type$title_filter
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1098 of file class.ilRbacReview.php.

1099 {
1100 global $ilDB;
1101
1102 $assign = "y";
1103
1104 switch ($a_filter) {
1105 // all (assignable) roles
1106 case self::FILTER_ALL:
1107 return $this->getAssignableRoles(true, true, $title_filter);
1108 break;
1109
1110 // all (assignable) global roles
1111 case self::FILTER_ALL_GLOBAL:
1112 $where = 'WHERE ' . $ilDB->in('rbac_fa.rol_id', $this->getGlobalRoles(), false, 'integer') . ' ';
1113 break;
1114
1115 // all (assignable) local roles
1116 case self::FILTER_ALL_LOCAL:
1117 case self::FILTER_INTERNAL:
1118 case self::FILTER_NOT_INTERNAL:
1119 $where = 'WHERE ' . $ilDB->in('rbac_fa.rol_id', $this->getGlobalRoles(), true, 'integer');
1120 break;
1121
1122 // all role templates
1123 case self::FILTER_TEMPLATES:
1124 $where = "WHERE object_data.type = 'rolt'";
1125 $assign = "n";
1126 break;
1127
1128 // only assigned roles, handled by ilObjUserGUI::roleassignmentObject()
1129 case 0:
1130 default:
1131 if (!$a_user_id) {
1132 return array();
1133 }
1134
1135 $where = 'WHERE ' . $ilDB->in('rbac_fa.rol_id', $this->assignedRoles($a_user_id), false, 'integer') . ' ';
1136 break;
1137 }
1138
1139 $roles = array();
1140
1141 $query = "SELECT * FROM object_data " .
1142 "JOIN rbac_fa ON obj_id = rol_id " .
1143 $where .
1144 "AND rbac_fa.assign = " . $ilDB->quote($assign, 'text') . " ";
1145
1146 if (strlen($title_filter)) {
1147 $query .= (' AND ' . $ilDB->like(
1148 'title',
1149 'text',
1150 '%' . $title_filter . '%'
1151 ));
1152 }
1153
1154 $res = $ilDB->query($query);
1155 while ($row = $ilDB->fetchAssoc($res)) {
1156 $prefix = (substr($row["title"], 0, 3) == "il_") ? true : false;
1157
1158 // all (assignable) internal local roles only
1159 if ($a_filter == 4 and !$prefix) {
1160 continue;
1161 }
1162
1163 // all (assignable) non internal local roles only
1164 if ($a_filter == 5 and $prefix) {
1165 continue;
1166 }
1167
1168 $row["desc"] = $row["description"];
1169 $row["user_id"] = $row["owner"];
1170 $roles[] = $row;
1171 }
1172
1173 $roles = $this->__setRoleType($roles);
1174
1175 return $roles ? $roles : array();
1176 }
ilRbacReview\getAssignableRoles
getAssignableRoles($a_templates=false, $a_internal_roles=false, $title_filter='')
Returns a list of all assignable roles @access public.
Definition: class.ilRbacReview.php:215

References $ilDB, $query, $res, $row, __setRoleType(), assignedRoles(), FILTER_ALL, FILTER_ALL_GLOBAL, FILTER_ALL_LOCAL, FILTER_INTERNAL, FILTER_NOT_INTERNAL, FILTER_TEMPLATES, getAssignableRoles(), and getGlobalRoles().

+ Here is the call graph for this function:

◆ getRolesForIDs()

ilRbacReview::getRolesForIDs (   $role_ids,
  $use_templates 
)

@global ilDB $ilDB

Parameters
type$role_ids
type$use_templates
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1587 of file class.ilRbacReview.php.

1588 {
1589 global $ilDB;
1590
1591 $role_list = array();
1592
1593 $where = $this->__setTemplateFilter($use_templates);
1594
1595 $query = "SELECT * FROM object_data " .
1596 "JOIN rbac_fa ON object_data.obj_id = rbac_fa.rol_id " .
1597 $where .
1598 "AND rbac_fa.assign = 'y' " .
1599 'AND ' . $ilDB->in('object_data.obj_id', $role_ids, false, 'integer');
1600
1601 $res = $ilDB->query($query);
1602 while ($row = $ilDB->fetchAssoc($res)) {
1603 $row["desc"] = $row["description"];
1604 $row["user_id"] = $row["owner"];
1605 $role_list[] = $row;
1606 }
1607
1608 $role_list = $this->__setRoleType($role_list);
1609 return $role_list;
1610 }

References $ilDB, $query, $res, $row, __setRoleType(), and __setTemplateFilter().

+ Here is the call graph for this function:

◆ getRolesOfObject()

ilRbacReview::getRolesOfObject (   $a_ref_id,
  $a_assignable_only = false 
)

Get roles of object.

Parameters
type$a_ref_id
type$a_assignable
Exceptions
InvalidArgumentException
Todo:
refactor rolf => DONE

Definition at line 603 of file class.ilRbacReview.php.

604 {
605 global $ilDB;
606
607 if (!isset($a_ref_id)) {
608 $GLOBALS['ilLog']->logStack();
609 throw new InvalidArgumentException(__METHOD__ . ': No ref_id given!');
610 }
611 if ($a_assignable_only === true) {
612 $and = 'AND assign = ' . $ilDB->quote('y', 'text');
613 }
614 $query = "SELECT rol_id FROM rbac_fa " .
615 "WHERE parent = " . $ilDB->quote($a_ref_id, 'integer') . " " .
616 $and;
617
618 $res = $ilDB->query($query);
619
620 $role_ids = array();
621 while ($row = $ilDB->fetchObject($res)) {
622 $role_ids[] = $row->rol_id;
623 }
624 return $role_ids;
625 }

References $GLOBALS, $ilDB, $query, $res, and $row.

◆ getRolesOfRoleFolder()

ilRbacReview::getRolesOfRoleFolder (   $a_ref_id,
  $a_nonassignable = true 
)

get all roles of a role folder including linked local roles that are created due to stopped inheritance returns an array with role ids @access public

Parameters
integerref_id of object
booleanif false only get true local roles
Returns
array Array with rol_ids
Deprecated:
since version 4.5.0
Todo:
refactor rolf => RENAME

Definition at line 640 of file class.ilRbacReview.php.

641 {
642 global $ilBench,$ilDB,$ilLog;
643
644 $ilBench->start("RBAC", "review_getRolesOfRoleFolder");
645
646 if (!isset($a_ref_id)) {
647 $message = get_class($this) . "::getRolesOfRoleFolder(): No ref_id given!";
648 ilLoggerFactory::getLogger('ac')->logStack();
649 $this->ilErr->raiseError($message, $this->ilErr->WARNING);
650 }
651
652 if ($a_nonassignable === false) {
653 $and = " AND assign='y'";
654 }
655
656 $query = "SELECT rol_id FROM rbac_fa " .
657 "WHERE parent = " . $ilDB->quote($a_ref_id, 'integer') . " " .
658 $and;
659
660 $res = $ilDB->query($query);
661 while ($row = $ilDB->fetchObject($res)) {
662 $rol_id[] = $row->rol_id;
663 }
664
665 $ilBench->stop("RBAC", "review_getRolesOfRoleFolder");
666
667 return $rol_id ? $rol_id : array();
668 }

References $ilBench, $ilDB, $ilLog, $message, $query, $res, $row, and ilLoggerFactory\getLogger().

Referenced by getGlobalRoles(), getGlobalRolesArray(), getLocalPolicies(), and getLocalRoles().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getTypeId()

ilRbacReview::getTypeId (   $a_type)

Get type id of object @global ilDB $ilDB.

Parameters
type$a_type
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1185 of file class.ilRbacReview.php.

1186 {
1187 global $ilDB;
1188
1189 $q = "SELECT obj_id FROM object_data " .
1190 "WHERE title=" . $ilDB->quote($a_type, 'text') . " AND type='typ'";
1191 $r = $ilDB->query($q);
1192
1193 $row = $r->fetchRow(ilDBConstants::FETCHMODE_OBJECT);
1194 return $row->obj_id;
1195 }

References $a_type, $ilDB, $r, $row, and ilDBConstants\FETCHMODE_OBJECT.

◆ getUserPermissionsOnObject()

ilRbacReview::getUserPermissionsOnObject (   $a_user_id,
  $a_ref_id 
)

Get all user permissions on an object.

Parameters
int$a_user_iduser id
int$a_ref_idref id
Todo:
refactor rolf => DONE

Definition at line 1705 of file class.ilRbacReview.php.

1706 {
1707 global $ilDB;
1708
1709 $query = "SELECT ops_id FROM rbac_pa JOIN rbac_ua " .
1710 "ON (rbac_pa.rol_id = rbac_ua.rol_id) " .
1711 "WHERE rbac_ua.usr_id = " . $ilDB->quote($a_user_id, 'integer') . " " .
1712 "AND rbac_pa.ref_id = " . $ilDB->quote($a_ref_id, 'integer') . " ";
1713
1714 $res = $ilDB->query($query);
1715 $all_ops = array();
1716 while ($row = $ilDB->fetchObject($res)) {
1717 $ops = unserialize($row->ops_id);
1718 $all_ops = array_merge($all_ops, $ops);
1719 }
1720 $all_ops = array_unique($all_ops);
1721
1722 $set = $ilDB->query("SELECT operation FROM rbac_operations " .
1723 " WHERE " . $ilDB->in("ops_id", $all_ops, false, "integer"));
1724 $perms = array();
1725 while ($rec = $ilDB->fetchAssoc($set)) {
1726 $perms[] = $rec["operation"];
1727 }
1728
1729 return $perms;
1730 }

References $ilDB, $query, $res, and $row.

◆ hasMultipleAssignments()

ilRbacReview::hasMultipleAssignments (   $a_role_id)

Temporary bugfix.

Todo:
refactor rolf => DONE

Definition at line 552 of file class.ilRbacReview.php.

553 {
554 global $ilDB;
555
556 $query = "SELECT * FROM rbac_fa WHERE rol_id = " . $ilDB->quote($a_role_id, 'integer') . ' ' .
557 "AND assign = " . $ilDB->quote('y', 'text');
558 $res = $ilDB->query($query);
559 return $res->numRows() > 1;
560 }

References $ilDB, $query, and $res.

◆ isAssignable()

ilRbacReview::isAssignable (   $a_rol_id,
  $a_ref_id 
)

Check if its possible to assign users @access public.

Parameters
integerobject id of role
integerref_id of object in question
Returns
boolean
Todo:
refactor rolf (expects object reference id instead of rolf) => DONE

Definition at line 520 of file class.ilRbacReview.php.

521 {
522 global $ilBench,$ilDB;
523
524 $ilBench->start("RBAC", "review_isAssignable");
525
526 // exclude system role from rbac
527 if ($a_rol_id == SYSTEM_ROLE_ID) {
528 $ilBench->stop("RBAC", "review_isAssignable");
529 return true;
530 }
531
532 if (!isset($a_rol_id) or !isset($a_ref_id)) {
533 $message = get_class($this) . "::isAssignable(): Missing parameter!" .
534 " role_id: " . $a_rol_id . " ,ref_id: " . $a_ref_id;
535 $this->ilErr->raiseError($message, $this->ilErr->WARNING);
536 }
537 $query = "SELECT * FROM rbac_fa " .
538 "WHERE rol_id = " . $ilDB->quote($a_rol_id, 'integer') . " " .
539 "AND parent = " . $ilDB->quote($a_ref_id, 'integer') . " ";
540 $res = $ilDB->query($query);
541 $row = $ilDB->fetchObject($res);
542
543 $ilBench->stop("RBAC", "review_isAssignable");
544 return $row->assign == 'y' ? true : false;
545 }

References $ilBench, $ilDB, $message, $query, $res, and $row.

Referenced by getLocalRoles(), and isDeleteable().

+ Here is the caller graph for this function:

◆ isAssigned()

ilRbacReview::isAssigned (   $a_usr_id,
  $a_role_id 
)

check if a specific user is assigned to specific role @access public

Parameters
integerusr_id
integerrole_id
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 423 of file class.ilRbacReview.php.

424 {
425 if (isset(self::$is_assigned_cache[$a_role_id][$a_usr_id])) {
426 return self::$is_assigned_cache[$a_role_id][$a_usr_id];
427 }
428 // Quickly determine if user is assigned to a role
429 global $ilDB;
430
431 $ilDB->setLimit(1, 0);
432 $query = "SELECT usr_id FROM rbac_ua WHERE " .
433 "rol_id= " . $ilDB->quote($a_role_id, 'integer') . " " .
434 "AND usr_id= " . $ilDB->quote($a_usr_id);
435 $res = $ilDB->query($query);
436
437 $is_assigned = $res->numRows() == 1;
438 self::$is_assigned_cache[$a_role_id][$a_usr_id] = $is_assigned;
439
440 return $is_assigned;
441 }

References $ilDB, $query, and $res.

◆ isAssignedToAtLeastOneGivenRole()

ilRbacReview::isAssignedToAtLeastOneGivenRole (   $a_usr_id,
  $a_role_ids 
)

check if a specific user is assigned to at least one of the given role ids.

This function is used to quickly check whether a user is member of a course or a group.

@access public

Parameters
integerusr_id
array[integer]role_ids
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 455 of file class.ilRbacReview.php.

456 {
457 global $ilDB;
458
459 $ilDB->setLimit(1, 0);
460 $query = "SELECT usr_id FROM rbac_ua WHERE " .
461 $ilDB->in('rol_id', $a_role_ids, false, 'integer') .
462 " AND usr_id= " . $ilDB->quote($a_usr_id);
463 $res = $ilDB->query($query);
464
465 return $ilDB->numRows($res) == 1;
466 }

References $ilDB, $query, and $res.

◆ isBlockedAtPosition()

ilRbacReview::isBlockedAtPosition (   $a_role_id,
  $a_ref_id 
)

Check if role is blocked at position @global ilDB $ilDB.

Parameters
type$a_role_id
type$a_ref_id
Returns
boolean

Definition at line 1324 of file class.ilRbacReview.php.

1325 {
1326 global $ilDB;
1327
1328 $query = 'SELECT blocked from rbac_fa ' .
1329 'WHERE rol_id = ' . $ilDB->quote($a_role_id, 'integer') . ' ' .
1330 'AND parent = ' . $ilDB->quote($a_ref_id, 'integer');
1331 $res = $ilDB->query($query);
1332 while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
1333 return (bool) $row->blocked;
1334 }
1335 return false;
1336 }

References $ilDB, $query, $res, $row, and ilDBConstants\FETCHMODE_OBJECT.

Referenced by isBlockedInUpperContext().

+ Here is the caller graph for this function:

◆ isBlockedInUpperContext()

ilRbacReview::isBlockedInUpperContext (   $a_role_id,
  $a_ref_id 
)

Check if role is blocked in upper context.

Parameters
type$a_role_id
type$a_ref_id

Definition at line 1343 of file class.ilRbacReview.php.

1344 {
1345 global $ilDB, $tree;
1346
1347 if ($this->isBlockedAtPosition($a_role_id, $a_ref_id)) {
1348 return false;
1349 }
1350 $query = 'SELECT parent from rbac_fa ' .
1351 'WHERE rol_id = ' . $ilDB->quote($a_role_id, 'integer') . ' ' .
1352 'AND blocked = ' . $ilDB->quote(1, 'integer');
1353 $res = $ilDB->query($query);
1354
1355 $parent_ids = array();
1356 while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
1357 $parent_ids[] = $row->parent;
1358 }
1359
1360 foreach ($parent_ids as $parent_id) {
1361 if ($tree->isGrandChild($parent_id, $a_ref_id)) {
1362 return true;
1363 }
1364 }
1365 return false;
1366 }
ilRbacReview\isBlockedAtPosition
isBlockedAtPosition($a_role_id, $a_ref_id)
Check if role is blocked at position @global ilDB $ilDB.
Definition: class.ilRbacReview.php:1324

References $ilDB, $query, $res, $row, ilDBConstants\FETCHMODE_OBJECT, and isBlockedAtPosition().

+ Here is the call graph for this function:

◆ isDeleteable()

ilRbacReview::isDeleteable (   $a_role_id,
  $a_rolf_id 
)

Check if role is deleteable at a specific position.

Parameters
object$a_role_id
introlf_id
Returns
Todo:
refactor rolf => DONE

Definition at line 1644 of file class.ilRbacReview.php.

1645 {
1646 if (!$this->isAssignable($a_role_id, $a_rolf_id)) {
1647 return false;
1648 }
1649 if ($a_role_id == SYSTEM_ROLE_ID or $a_role_id == ANONYMOUS_ROLE_ID) {
1650 return false;
1651 }
1652 if (substr(ilObject::_lookupTitle($a_role_id), 0, 3) == 'il_') {
1653 return false;
1654 }
1655 return true;
1656 }
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:933

References ilObject\_lookupTitle(), and isAssignable().

+ Here is the call graph for this function:

◆ isDeleted()

ilRbacReview::isDeleted (   $a_node_id)

Checks if a rolefolder is set as deleted (negative tree_id) @access public.

Parameters
integerref_id of rolefolder
Returns
boolean true if rolefolder is set as deleted
Todo:
refactor rolf => DELETE method

Definition at line 1050 of file class.ilRbacReview.php.

1051 {
1052 global $ilDB;
1053
1054 $q = "SELECT tree FROM tree WHERE child =" . $ilDB->quote($a_node_id) . " ";
1055 $r = $this->ilDB->query($q);
1056
1057 $row = $r->fetchRow(ilDBConstants::FETCHMODE_OBJECT);
1058
1059 if (!$row) {
1060 $message = sprintf(
1061 '%s::isDeleted(): Role folder with ref_id %s not found!',
1062 get_class($this),
1063 $a_node_id
1064 );
1065 $this->log->write($message, $this->log->FATAL);
1066
1067 return true;
1068 }
1069
1070 // rolefolder is deleted
1071 if ($row->tree < 0) {
1072 return true;
1073 }
1074
1075 return false;
1076 }

References $ilDB, $message, $r, $row, ilDBConstants\FETCHMODE_OBJECT, ilDB\query(), and sprintf.

Referenced by isRoleDeleted().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isGlobalRole()

ilRbacReview::isGlobalRole (   $a_role_id)

Check if role is a global role.

Parameters
type$a_role_id
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1084 of file class.ilRbacReview.php.

1085 {
1086 return in_array($a_role_id, $this->getGlobalRoles());
1087 }

References getGlobalRoles().

+ Here is the call graph for this function:

◆ isProtected()

ilRbacReview::isProtected (   $a_ref_id,
  $a_role_id 
)
Todo:
refactor rolf => search calls @global ilDB $ilDB
Parameters
type$a_ref_id
type$a_role_id
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1304 of file class.ilRbacReview.php.

1305 {
1306 global $ilDB;
1307
1308 // ref_id not used yet. protected permission acts 'global' for each role,
1309 $query = "SELECT protected FROM rbac_fa " .
1310 "WHERE rol_id = " . $ilDB->quote($a_role_id, 'integer') . " ";
1311 $res = $ilDB->query($query);
1312 $row = $ilDB->fetchAssoc($res);
1313
1314 return ilUtil::yn2tf($row['protected']);
1315 }
ilUtil\yn2tf
static yn2tf($a_yn)
convert "y"/"n" to true/false
Definition: class.ilUtil.php:3018

References $ilDB, $query, $res, $row, and ilUtil\yn2tf().

+ Here is the call graph for this function:

◆ isRoleAssignedToObject()

ilRbacReview::isRoleAssignedToObject (   $a_role_id,
  $a_parent_id 
)

Check if role is assigned to an object.

Todo:
refactor rolf => DONE (renamed)

Definition at line 752 of file class.ilRbacReview.php.

753 {
754 global $rbacreview, $ilDB;
755
756 $query = 'SELECT * FROM rbac_fa ' .
757 'WHERE rol_id = ' . $ilDB->quote($a_role_id, 'integer') . ' ' .
758 'AND parent = ' . $ilDB->quote($a_parent_id, 'integer');
759 $res = $ilDB->query($query);
760 return $res->numRows() ? true : false;
761 }

References $ilDB, $query, and $res.

◆ isRoleDeleted()

ilRbacReview::isRoleDeleted (   $a_role_id)

return if role is only attached to deleted role folders

Parameters
int$a_role_id
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 1563 of file class.ilRbacReview.php.

1564 {
1565 $rolf_list = $this->getFoldersAssignedToRole($a_role_id, false);
1566 $deleted = true;
1567 if (count($rolf_list)) {
1568 foreach ($rolf_list as $rolf) {
1569 // only list roles that are not set to status "deleted"
1570 if (!$this->isDeleted($rolf)) {
1571 $deleted = false;
1572 break;
1573 }
1574 }
1575 }
1576 return $deleted;
1577 }
ilRbacReview\isDeleted
isDeleted($a_node_id)
Checks if a rolefolder is set as deleted (negative tree_id) @access public.
Definition: class.ilRbacReview.php:1050
ilRbacReview\getFoldersAssignedToRole
getFoldersAssignedToRole($a_rol_id, $a_assignable=false)
Returns an array of objects assigned to a role.
Definition: class.ilRbacReview.php:573

References getFoldersAssignedToRole(), and isDeleted().

+ Here is the call graph for this function:

◆ isSystemGeneratedRole()

ilRbacReview::isSystemGeneratedRole (   $a_role_id)

Check if the role is system generate role or role template.

Parameters
int$a_role_id
Returns
bool
Todo:
refactor rolf => DONE

Definition at line 1664 of file class.ilRbacReview.php.

1665 {
1666 $title = ilObject::_lookupTitle($a_role_id);
1667 return substr($title, 0, 3) == 'il_' ? true : false;
1668 }

References $title, and ilObject\_lookupTitle().

+ Here is the call graph for this function:

◆ lookupCreateOperationIds()

static ilRbacReview::lookupCreateOperationIds (   $a_type_arr)
static

Lookup operation ids.

Parameters
array$a_type_arre.g array('cat','crs','grp'). The operation name (e.g. 'create_cat') is generated automatically
Returns
array int Array with operation ids
Todo:
refactor rolf => DONE

Definition at line 1266 of file class.ilRbacReview.php.

1267 {
1268 global $ilDB;
1269
1270 $operations = array();
1271 foreach ($a_type_arr as $type) {
1272 $operations[] = ('create_' . $type);
1273 }
1274
1275 if (!count($operations)) {
1276 return array();
1277 }
1278
1279 $query = 'SELECT ops_id, operation FROM rbac_operations ' .
1280 'WHERE ' . $ilDB->in('operation', $operations, false, 'text');
1281
1282 $res = $ilDB->query($query);
1283
1284 $ops_ids = array();
1285 while ($row = $ilDB->fetchObject($res)) {
1286 $type_arr = explode('_', $row->operation);
1287 $type = $type_arr[1];
1288
1289 $ops_ids[$type] = $row->ops_id;
1290 }
1291 return $ops_ids;
1292 }
$type
$type
Definition: proxy_ylocal.php:10

References $ilDB, $query, $res, $row, and $type.

Referenced by ilObjectXMLWriter\__appendOperations(), ilObjectRolePermissionTableGUI\parse(), ilObjectRoleTemplatePermissionTableGUI\parse(), ilPermissionGUI\savePermissions(), and ilObjStudyProgrammeTest\testCreatePermissionExists().

+ Here is the caller graph for this function:

◆ roleExists()

ilRbacReview::roleExists (   $a_title,
  $a_id = 0 
)

Checks if a role already exists.

Role title should be unique @access public

Parameters
stringrole title
integerobj_id of role to exclude in the check. Commonly this is the current role you want to edit
Returns
boolean true if exists
Todo:
refactor rolf => DONE

Definition at line 75 of file class.ilRbacReview.php.

76 {
77 global $ilDB;
78
79 if (empty($a_title)) {
80 $message = get_class($this) . "::roleExists(): No title given!";
81 $this->ilErr->raiseError($message, $this->ilErr->WARNING);
82 }
83
84 $clause = ($a_id) ? " AND obj_id != " . $ilDB->quote($a_id) . " " : "";
85
86 $q = "SELECT DISTINCT(obj_id) obj_id FROM object_data " .
87 "WHERE title =" . $ilDB->quote($a_title) . " " .
88 "AND type IN('role','rolt')" .
89 $clause . " ";
90 $r = $this->ilDB->query($q);
91
92 while ($row = $r->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
93 return $row->obj_id;
94 }
95 return false;
96 }

References $ilDB, $message, $r, $row, ilDBConstants\FETCHMODE_OBJECT, and ilDB\query().

+ Here is the call graph for this function:

◆ setAssignedCacheEntry()

ilRbacReview::setAssignedCacheEntry (   $a_role_id,
  $a_user_id,
  $a_value 
)

set entry of assigned_chache

Parameters
int$a_role_id
int$a_user_id
bool$a_value

Definition at line 1738 of file class.ilRbacReview.php.

1739 {
1740 self::$is_assigned_cache[$a_role_id][$a_user_id] = $a_value;
1741 }

Field Documentation

◆ $_opsCache

ilRbacReview::$_opsCache = null
staticprivate

Definition at line 29 of file class.ilRbacReview.php.

◆ $assigned_users_cache

ilRbacReview::$assigned_users_cache = array()
staticprotected

Definition at line 34 of file class.ilRbacReview.php.

◆ $is_assigned_cache

ilRbacReview::$is_assigned_cache = array()
staticprotected

Definition at line 39 of file class.ilRbacReview.php.

◆ $log

ilRbacReview::$log
protected

Definition at line 44 of file class.ilRbacReview.php.

Referenced by __setProtectedStatus().

◆ FILTER_ALL

const ilRbacReview::FILTER_ALL = 1

Definition at line 21 of file class.ilRbacReview.php.

Referenced by getRolesByFilter(), ilRoleTableGUI\initFilter(), and ilRoleTableGUI\parse().

◆ FILTER_ALL_GLOBAL

const ilRbacReview::FILTER_ALL_GLOBAL = 2

Definition at line 22 of file class.ilRbacReview.php.

Referenced by getRolesByFilter(), and ilRoleTableGUI\initFilter().

◆ FILTER_ALL_LOCAL

const ilRbacReview::FILTER_ALL_LOCAL = 3

Definition at line 23 of file class.ilRbacReview.php.

Referenced by getRolesByFilter(), and ilRoleTableGUI\initFilter().

◆ FILTER_INTERNAL

const ilRbacReview::FILTER_INTERNAL = 4

Definition at line 24 of file class.ilRbacReview.php.

Referenced by getRolesByFilter(), ilRoleTableGUI\initFilter(), and ilRoleTableGUI\parse().

◆ FILTER_NOT_INTERNAL

const ilRbacReview::FILTER_NOT_INTERNAL = 5

Definition at line 25 of file class.ilRbacReview.php.

Referenced by getRolesByFilter(), and ilRoleTableGUI\initFilter().

◆ FILTER_TEMPLATES

const ilRbacReview::FILTER_TEMPLATES = 6

Definition at line 26 of file class.ilRbacReview.php.

Referenced by getRolesByFilter(), and ilRoleTableGUI\initFilter().

The documentation for this class was generated from the following file: