ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
class.ilObjectPermissionStatusGUI.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3 require_once('./Services/Repository/classes/class.ilObjectPlugin.php');
4 
16 class ilObjectPermissionStatusGUI
17 {
19  public $user;
21  public $lng;
23  public $ilCtrl;
25  public $tpl;
27  public $object;
29  public $rbacreview;
30  public $user_roles;
31  public $global_roles;
32  public $valid_roles;
33  public $assigned_valid_roles;
34 
35  const IMG_OK = 0;
36  const IMG_NOT_OK = 1;
37 
38 
43  public function __construct(&$a_obj)
44  {
45  global $ilCtrl,$lng,$rbacreview, $tpl;
46 
47  $this->lng = $lng;
48  $this->ilCtrl = $ilCtrl;
49  $this->tpl = $tpl;
50  $this->object = $a_obj;
51  $this->rbacreview = $rbacreview;
52 
53  $this->user = $this->getUser();
54  $this->user_roles = $rbacreview->assignedRoles($this->user->getId());
55  $this->global_roles = $rbacreview->getGlobalRoles();
56  $this->valid_roles = $rbacreview->getParentRoleIds($this->object->getRefId());
57  $this->assigned_valid_roles = $this->getAssignedValidRoles();
58  }
59 
63  public function executeCommand()
64  {
65  global $ilCtrl;
66 
67  // determine next class in the call structure
68  $next_class = $this->ilCtrl->getNextClass($this);
69 
70  switch ($next_class) {
71  case 'ilrepositorysearchgui':
72  include_once('./Services/Search/classes/class.ilRepositorySearchGUI.php');
73  $rep_search = new ilRepositorySearchGUI();
74  $this->ilCtrl->setReturn($this, 'perminfo');
75  $this->ilCtrl->forwardCommand($rep_search);
76  break;
77 
78  default:
79  $cmd = $this->ilCtrl->getCmd();
80  $this->$cmd();
81  break;
82  }
83  }
84 
88  public function perminfo()
89  {
90  $tpl = new ilTemplate("tpl.info_layout.html", false, false, "Services/AccessControl");
91 
92  $tpl->setVariable("INFO_SUMMARY", $this->accessStatusInfo());
93  $tpl->setVariable("INFO_PERMISSIONS", $this->accessPermissionsTable());
94  $tpl->setVariable("INFO_ROLES", $this->availableRolesTable());
95  $tpl->setVariable("INFO_REMARK_INTERRUPTED", $this->lng->txt('info_remark_interrupted'));
96 
97  $this->tpl->setVariable("ADM_CONTENT", $tpl->get());
98 
99  $this->addToolbar();
100  }
101 
105  public function addToolbar()
106  {
107  global $ilToolbar;
108 
109  $ilToolbar->setFormAction($this->ilCtrl->getFormAction($this, "perminfo"));
110 
111  $ilToolbar->addText($this->lng->txt('user'));
112 
113  include_once("./Services/Form/classes/class.ilTextInputGUI.php");
114 
115  $login = new ilTextInputGUI($this->lng->txt("username"), "user_login");
116  $login->setDataSource($this->ilCtrl->getLinkTargetByClass(array(get_class($this),
117  'ilRepositorySearchGUI'), 'doUserAutoComplete', '', true));
118  $login->setSize(15);
119  $login->setValue($this->user->getLogin());
120 
121  $ilToolbar->addInputItem($login);
122 
123  $ilToolbar->addFormButton($this->lng->txt("info_change_user_view"), "perminfo");
124 
125  //$ilToolbar->addText($lng->txt("info_enter_login_or_id"));
126  }
127 
132  public function accessStatusInfo()
133  {
134  include_once("./Services/InfoScreen/classes/class.ilInfoScreenGUI.php");
135 
136  $info = new ilInfoScreenGUI(new stdClass());
137  $info->setFormAction($this->ilCtrl->getFormAction($this));
138 
139  $info->addSection($this->lng->txt("info_access_and_status_info"));
140 
141  foreach ($this->getAccessStatusInfoData() as $data) {
142  $info->addProperty($data[0], $data[1]);
143  }
144 
145  return $info->getHTML();
146  }
147 
152  public function accessPermissionsTable()
153  {
154  include_once("./Services/AccessControl/classes/class.ilAccessPermissionsStatusTableGUI.php");
155 
156  $table = new ilAccessPermissionsStatusTableGUI($this, "perminfo");
157 
158  $table->setData($this->getAccessPermissionTableData());
159  $table->setTitle($this->lng->txt("info_access_permissions"));
160 
161  return $table->getHTML();
162  }
163 
168  public function availableRolesTable()
169  {
170  include_once("./Services/AccessControl/classes/class.ilAvailableRolesStatusTableGUI.php");
171 
172  $table = new ilAvailableRolesStatusTableGUI($this, "perminfo");
173 
174  $table->setData($this->getAvailableRolesTableData());
175  $table->setTitle($this->lng->txt("info_available_roles"));
176 
177  return $table->getHTML();
178  }
179 
184  public function getAssignedValidRoles()
185  {
186  include_once('./Services/AccessControl/classes/class.ilObjRole.php');
187  $assigned_valid_roles = array();
188 
189  foreach ($this->valid_roles as $role) {
190  if (in_array($role['obj_id'], $this->user_roles)) {
191  if ($role["obj_id"] == SYSTEM_ROLE_ID) {
192  // get all possible operation of current object
193  $ops_list = ilRbacReview::_getOperationList($this->object->getType());
194 
195  foreach ($ops_list as $ops_data) {
196  $ops[] = (int) $ops_data['ops_id'];
197  }
198 
199  $role['ops'] = $ops;
200  } else {
201  $role['ops'] = $this->rbacreview->getRoleOperationsOnObject($role["obj_id"], $this->object->getRefId());
202  }
203 
204  include_once('./Services/AccessControl/classes/class.ilObjRole.php');
205  $role['translation'] = str_replace(" ", "&nbsp;", ilObjRole::_getTranslation($role["title"]));
206  $assigned_valid_roles[] = $role;
207  }
208  }
209 
210  $this->assigned_valid_roles = $assigned_valid_roles;
211 
212  return $assigned_valid_roles;
213  }
214 
220  public function getCommands($a_type)
221  {
222  global $objDefinition;
223 
224  $class = $objDefinition->getClassName($a_type);
225  $location = $objDefinition->getLocation($a_type);
226  $full_class = "ilObj" . $class . "Access";
227  include_once($location . "/class." . $full_class . ".php");
228 
229  $cmds = call_user_func(array($full_class, "_getCommands"));
230 
231  array_push($cmds, array('permission' => 'visible','cmd' => 'info'));
232 
233  return $cmds;
234  }
235 
240  public function getUser()
241  {
242  global $ilUser;
243 
244  if (!isset($_POST['user_login'])) {
245  $user =&$ilUser;
246  } else {
247  include_once('Services/User/classes/class.ilObjUser.php');
248  $user_id = ilObjUser::_lookupId($_POST['user_login']);
249 
250  $factory = new ilObjectFactory();
251  $user = $factory->getInstanceByObjId($user_id, false);
252 
253 
254  if ($user === false or $user->getType() != 'usr') {
255  $user =&$ilUser;
256  ilUtil::sendFailure($this->lng->txt('info_err_user_not_exist'));
257  } else {
258  ilUtil::sendInfo($this->lng->txt('info_user_view_changed'));
259  }
260  }
261 
262  return $user;
263  }
264 
269  public function getAccessStatusInfoData()
270  {
271  global $ilAccess;
272  $infos = array();
273 
274  $result_set[0][] = $this->lng->txt("info_view_of_user");
275  $result_set[0][] = $this->user->getFullname() . " (#" . $this->user->getId() . ")";
276 
277  $assigned_valid_roles = array();
278 
279  foreach ($this->getAssignedValidRoles() as $role) {
280  $assigned_valid_roles[] = $role["translation"];
281  }
282 
283  $roles_str = implode(", ", $assigned_valid_roles);
284 
285  $result_set[1][] = $this->lng->txt("roles");
286  $result_set[1][] = $roles_str;
287 
288  $result_set[2][] = $this->lng->txt("status");
289 
290  $ilAccess->clear();
291  $ilAccess->checkAccessOfUser(
292  $this->user->getId(),
293  'read',
294  '',
295  $this->object->getRefId(),
296  $this->object->getType(),
297  $this->object->getId()
298  );
299 
300  $infos = array_merge($infos, $ilAccess->getInfo());
301 
302  $cmds = $this->getCommands($this->object->getType());
303 
304  foreach ($cmds as $cmd) {
305  $ilAccess->clear();
306  $ilAccess->doStatusCheck($cmd['permission'], $cmd['cmd'], $this->object->getRefId(), $this->user->getId(), $this->object->getId(), $this->object->getType());
307  $infos = array_merge($infos, $ilAccess->getInfo());
308  }
309 
310  $alert = "il_ItemAlertProperty";
311  $okay = "il_ItemOkayProperty";
312  $text = "";
313 
314  if (!$infos) {
315  $text = "<span class=\"" . $okay . "\">" . $this->lng->txt("access") . "</span><br/> ";
316  } else {
317  foreach ($infos as $info) {
318  switch ($info['type']) {
319  case IL_STATUS_MESSAGE:
320  $text .= "<span class=\"" . $okay . "\">" . $info['text'] . "</span><br/> ";
321  break;
322 
323  case IL_NO_PARENT_ACCESS:
324  $factory = new ilObjectFactory();
325  $obj = $factory->getInstanceByRefId($info['data']);
326  $text .= "<span class=\"" . $alert . "\">" . $info['text'] . " (" . $this->lng->txt("obj_" . $obj->getType()) . " #" . $obj->getId() . ": " . $obj->getTitle() . ")</span><br/> ";
327  break;
328 
329  default:
330  $text .= "<span class=\"" . $alert . "\">" . $info['text'] . "</span><br/> ";
331  break;
332 
333  }
334  }
335  }
336 
337  $result_set[2][] = $text;
338 
339  return $result_set;
340  }
341 
346  public function getAccessPermissionTableData()
347  {
348  global $ilAccess,$ilObjDataCache,$objDefinition;
349 
350  // get all possible operation of current object
351  $ops_list = ilRbacReview::_getOperationList($this->object->getType());
352 
353  $counter = 0;
354  $result_set = array();
355 
356  // check permissions of user
357  foreach ($ops_list as $ops) {
358  $access = $ilAccess->doRBACCheck($ops['operation'], "info", $this->object->getRefId(), $this->user->getId(), $this->object->getType());
359 
360  $result_set[$counter]["img"] = $access ? self::IMG_OK : self::IMG_NOT_OK;
361 
362  if (substr($ops['operation'], 0, 7) == "create_" &&
363  $objDefinition->isPlugin(substr($ops['operation'], 7))) {
364  $result_set[$counter]["operation"] = ilObjectPlugin::lookupTxtById(
365  substr($ops['operation'], 7),
366  'rbac_' . $ops['operation']
367  );
368  } elseif ($objDefinition->isPlugin($this->object->getType())) {
369  $result_set[$counter]["operation"] = ilObjectPlugin::lookupTxtById(
370  $this->object->getType(),
371  $this->object->getType() . "_" . $ops['operation']
372  );
373  } elseif (substr($ops['operation'], 0, 7) == 'create_') {
374  $result_set[$counter]["operation"] = $this->lng->txt('rbac_' . $ops['operation']);
375  } else {
376  $result_set[$counter]["operation"] = $this->lng->txt($this->object->getType() . "_" . $ops['operation']);
377  }
378 
379  $list_role = [];
380 
381  // Check ownership
382  if ($this->user->getId() == $ilObjDataCache->lookupOwner($this->object->getId())) {
383  if (
384  (substr($ops['operation'], 0, 7) != 'create_') and
385  ($ops['operation'] != 'edit_permission') and
386  ($ops['operation'] != 'edit_leanring_progress')
387  ) {
388  $list_role[] = $this->lng->txt('info_owner_of_object');
389  }
390  }
391  // get operations on object for each assigned role to user
392  foreach ($this->getAssignedValidRoles() as $role) {
393  if (in_array($ops['ops_id'], $role['ops'])) {
394  $list_role[] = $role['translation'];
395  }
396  }
397 
398  if (empty($list_role)) {
399  $list_role[] = $this->lng->txt('none');
400  }
401 
402 
403  $result_set[$counter]["role_ownership"] = $list_role;
404 
405  ++$counter;
406  }
407 
408  return $result_set;
409  }
410 
415  public function getAvailableRolesTableData()
416  {
417  global $tree;
418 
419  include_once('./Services/AccessControl/classes/class.ilObjRole.php');
420 
421  $path = array_reverse($tree->getPathId($this->object->getRefId()));
422 
423  include_once('./Services/AccessControl/classes/class.ilObjRole.php');
424  $counter = 0;
425 
426  foreach ($this->valid_roles as $role) {
427  $result_set[$counter]["img"] = in_array($role['obj_id'], $this->user_roles) ? self::IMG_OK : self::IMG_NOT_OK;
428 
429  if (is_subclass_of($this->object, ilObjectPlugin::class) && $role["parent"] == $this->object->getRefId()) {
430  $result_set[$counter][] = ilObjectPlugin::lookupTxtById($this->object->getType(), ilObjRole::_removeObjectId($role["title"]));
431  } else {
432  $result_set[$counter][] = str_replace(" ", "&nbsp;", ilObjRole::_getTranslation($role["title"]));
433  }
434 
435  $result_set[$counter]["role"] = str_replace(" ", "&nbsp;", ilObjRole::_getTranslation($role["title"]));
436 
437  if ($role['role_type'] != "linked") {
438  $result_set[$counter]["effective_from"] = "";
439  } else {
440  $rolfs = $this->rbacreview->getFoldersAssignedToRole($role["obj_id"]);
441 
442  // ok, try to match the next rolf in path
443  foreach ($path as $node) {
444  if ($node == 1) {
445  break;
446  }
447 
448 
449  if (in_array($node, $rolfs)) {
450  $nodedata = $tree->getNodeData($node);
451  $result_set[$counter]["effective_from"] = $nodedata["title"];
452  $result_set[$counter]["effective_from_ref_id"] = $node;
453  break;
454  }
455  }
456  }
457 
458  if (in_array($role['obj_id'], $this->global_roles)) {
459  $result_set[$counter]["original_position"] = $this->lng->txt("global");
460  $result_set[$counter]["original_position_ref_id"] = false;
461  } else {
462  $rolf = $this->rbacreview->getFoldersAssignedToRole($role["obj_id"], true);
463  $parent_node = $tree->getNodeData($rolf[0]);
464  $result_set[$counter]["original_position"] = $parent_node["title"];
465  $result_set[$counter]["original_position_ref_id"] = $parent_node["ref_id"];
466  }
467 
468  ++$counter;
469  }
470 
471  return $result_set;
472  }
473 }
ilObjectPermissionStatusGUI\getAvailableRolesTableData
getAvailableRolesTableData()
Available Roles Table Data.
Definition: class.ilObjectPermissionStatusGUI.php:415
ilObjectPermissionStatusGUI\getAccessStatusInfoData
getAccessStatusInfoData()
Access Status Info Data.
Definition: class.ilObjectPermissionStatusGUI.php:269
ilCtrl
This class provides processing control methods.
Definition: class.ilCtrl.php:11
ilTextInputGUI\setDataSource
setDataSource($href, $a_delimiter=null)
set datasource link for js autocomplete
Definition: class.ilTextInputGUI.php:333
ilCtrl\setReturn
setReturn($a_gui_obj, $a_cmd)
Set return command.
Definition: class.ilCtrl.php:1509
ilInfoScreenGUI
Class ilInfoScreenGUI.
Definition: class.ilInfoScreenGUI.php:18
ilObjectFactory
Class ilObjectFactory.
Definition: class.ilObjectFactory.php:20
ilObjectPlugin\lookupTxtById
static lookupTxtById($plugin_id, $lang_var)
Definition: class.ilObjectPlugin.php:83
$location
$location
Definition: buildRTE.php:44
ilAccessPermissionsStatusTableGUI
Table for Acces Permissons in Permission > Permission of User.
Definition: class.ilAccessPermissionsStatusTableGUI.php:13
$factory
$factory
Definition: metadata.php:47
ilRbacReview\_getOperationList
static _getOperationList($a_type=null)
get operation list by object type public static
Definition: class.ilRbacReview.php:1442
IL_NO_PARENT_ACCESS
const IL_NO_PARENT_ACCESS
Definition: class.ilAccessInfo.php:27
ilObjUser\_lookupId
static _lookupId($a_user_str)
Lookup id by login.
Definition: class.ilObjUser.php:784
ilObjectPermissionStatusGUI\getAccessPermissionTableData
getAccessPermissionTableData()
Access Permissions Table Data.
Definition: class.ilObjectPermissionStatusGUI.php:346
user
user()
Definition: user.php:4
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4514
$counter
$counter
Definition: config-scanner.php:59
$a_type
$a_type
Definition: workflow.php:92
ilCtrl\getNextClass
getNextClass($a_gui_class=null)
Get next class in the control path from the current class to the target command class.
Definition: class.ilCtrl.php:833
ilObjectPermissionStatusGUI\accessStatusInfo
accessStatusInfo()
Access- and Statusinformation Info.
Definition: class.ilObjectPermissionStatusGUI.php:132
IL_STATUS_MESSAGE
const IL_STATUS_MESSAGE
Definition: class.ilAccessInfo.php:30
ilCtrl\getCmd
getCmd($a_default_cmd="", $a_safe_commands="")
Determines current get/post command.
Definition: class.ilCtrl.php:996
ilTemplate
special template class to simplify handling of ITX/PEAR
Definition: class.ilTemplate.php:13
$text
$text
Definition: errorreport.php:18
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:16
ilObjectPermissionStatusGUI\accessPermissionsTable
accessPermissionsTable()
Access Permissions Table.
Definition: class.ilObjectPermissionStatusGUI.php:152
$ilUser
$ilUser
Definition: imgupload.php:18
ilObjRole\_getTranslation
static _getTranslation($a_role_title)
Definition: class.ilObjRole.php:484
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4530
ilCtrl\getLinkTargetByClass
getLinkTargetByClass( $a_class, $a_cmd="", $a_anchor="", $a_asynch=false, $xml_style=true)
Get link target for command using gui class name.
Definition: class.ilCtrl.php:1473
ilObjRole\_removeObjectId
static _removeObjectId($a_role_title)
Definition: class.ilObjRole.php:497
object
Create new PHPExcel object
obj_idprivate
Definition: 01pharSimple.php:37
$table
if(empty($password)) $table
Definition: pwgen.php:24
$info
$info
Definition: index.php:5
ilAvailableRolesStatusTableGUI
Table for Available Roles in Permission > Permission of User.
Definition: class.ilAvailableRolesStatusTableGUI.php:13
ilObjectPermissionStatusGUI
This class displays the permission status of a user concerning a specific object. ...
Definition: class.ilObjectPermissionStatusGUI.php:16
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
ilCtrl\forwardCommand
forwardCommand($a_gui_object)
Forward flow of control to next gui class this invokes the executeCommand() method of the gui object ...
Definition: class.ilCtrl.php:175
ilObjectPermissionStatusGUI\getAssignedValidRoles
getAssignedValidRoles()
get Assigned Valid Roles
Definition: class.ilObjectPermissionStatusGUI.php:184
ilCtrl\getFormAction
getFormAction( $a_gui_obj, $a_fallback_cmd="", $a_anchor="", $a_asynch=false, $xml_style=true)
Get form action url for gui class object.
Definition: class.ilCtrl.php:1107