ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
class.ilObjectPermissionStatusGUI.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3require_once('./Services/Repository/classes/class.ilObjectPlugin.php');
4
16class ilObjectPermissionStatusGUI
17{
19 public $user;
21 public $lng;
23 public $ilCtrl;
25 public $tpl;
27 public $object;
29 public $rbacreview;
30 public $user_roles;
31 public $global_roles;
32 public $valid_roles;
33 public $assigned_valid_roles;
34
35 const IMG_OK = 0;
36 const IMG_NOT_OK = 1;
37
38
43 public function __construct(&$a_obj)
44 {
45 global $ilCtrl,$lng,$rbacreview, $tpl;
46
47 $this->lng = $lng;
48 $this->ilCtrl = $ilCtrl;
49 $this->tpl = $tpl;
50 $this->object = $a_obj;
51 $this->rbacreview = $rbacreview;
52
53 $this->user = $this->getUser();
54 $this->user_roles = $rbacreview->assignedRoles($this->user->getId());
55 $this->global_roles = $rbacreview->getGlobalRoles();
56 $this->valid_roles = $rbacreview->getParentRoleIds($this->object->getRefId());
57 $this->assigned_valid_roles = $this->getAssignedValidRoles();
58 }
59
63 public function executeCommand()
64 {
65 global $ilCtrl;
66
67 // determine next class in the call structure
68 $next_class = $this->ilCtrl->getNextClass($this);
69
70 switch ($next_class) {
71 case 'ilrepositorysearchgui':
72 include_once('./Services/Search/classes/class.ilRepositorySearchGUI.php');
73 $rep_search = new ilRepositorySearchGUI();
74 $this->ilCtrl->setReturn($this, 'perminfo');
75 $this->ilCtrl->forwardCommand($rep_search);
76 break;
77
78 default:
79 $cmd = $this->ilCtrl->getCmd();
80 $this->$cmd();
81 break;
82 }
83 }
84
88 public function perminfo()
89 {
90 $tpl = new ilTemplate("tpl.info_layout.html", false, false, "Services/AccessControl");
91
92 $tpl->setVariable("INFO_SUMMARY", $this->accessStatusInfo());
93 $tpl->setVariable("INFO_PERMISSIONS", $this->accessPermissionsTable());
94 $tpl->setVariable("INFO_ROLES", $this->availableRolesTable());
95 $tpl->setVariable("INFO_REMARK_INTERRUPTED", $this->lng->txt('info_remark_interrupted'));
96
97 $this->tpl->setVariable("ADM_CONTENT", $tpl->get());
98
99 $this->addToolbar();
100 }
101
105 public function addToolbar()
106 {
107 global $ilToolbar;
108
109 $ilToolbar->setFormAction($this->ilCtrl->getFormAction($this, "perminfo"));
110
111 $ilToolbar->addText($this->lng->txt('user'));
112
113 include_once("./Services/Form/classes/class.ilTextInputGUI.php");
114
115 $login = new ilTextInputGUI($this->lng->txt("username"), "user_login");
116 $login->setDataSource($this->ilCtrl->getLinkTargetByClass(array(get_class($this),
117 'ilRepositorySearchGUI'), 'doUserAutoComplete', '', true));
118 $login->setSize(15);
119 $login->setValue($this->user->getLogin());
120
121 $ilToolbar->addInputItem($login);
122
123 $ilToolbar->addFormButton($this->lng->txt("info_change_user_view"), "perminfo");
124
125 //$ilToolbar->addText($lng->txt("info_enter_login_or_id"));
126 }
127
132 public function accessStatusInfo()
133 {
134 include_once("./Services/InfoScreen/classes/class.ilInfoScreenGUI.php");
135
136 $info = new ilInfoScreenGUI(new stdClass());
137 $info->setFormAction($this->ilCtrl->getFormAction($this));
138
139 $info->addSection($this->lng->txt("info_access_and_status_info"));
140
141 foreach ($this->getAccessStatusInfoData() as $data) {
142 $info->addProperty($data[0], $data[1]);
143 }
144
145 return $info->getHTML();
146 }
147
152 public function accessPermissionsTable()
153 {
154 include_once("./Services/AccessControl/classes/class.ilAccessPermissionsStatusTableGUI.php");
155
156 $table = new ilAccessPermissionsStatusTableGUI($this, "perminfo");
157
158 $table->setData($this->getAccessPermissionTableData());
159 $table->setTitle($this->lng->txt("info_access_permissions"));
160
161 return $table->getHTML();
162 }
163
168 public function availableRolesTable()
169 {
170 include_once("./Services/AccessControl/classes/class.ilAvailableRolesStatusTableGUI.php");
171
172 $table = new ilAvailableRolesStatusTableGUI($this, "perminfo");
173
174 $table->setData($this->getAvailableRolesTableData());
175 $table->setTitle($this->lng->txt("info_available_roles"));
176
177 return $table->getHTML();
178 }
179
184 public function getAssignedValidRoles()
185 {
186 include_once('./Services/AccessControl/classes/class.ilObjRole.php');
187 $assigned_valid_roles = array();
188
189 foreach ($this->valid_roles as $role) {
190 if (in_array($role['obj_id'], $this->user_roles)) {
191 if ($role["obj_id"] == SYSTEM_ROLE_ID) {
192 // get all possible operation of current object
193 $ops_list = ilRbacReview::_getOperationList($this->object->getType());
194
195 foreach ($ops_list as $ops_data) {
196 $ops[] = (int) $ops_data['ops_id'];
197 }
198
199 $role['ops'] = $ops;
200 } else {
201 $role['ops'] = $this->rbacreview->getRoleOperationsOnObject($role["obj_id"], $this->object->getRefId());
202 }
203
204 include_once('./Services/AccessControl/classes/class.ilObjRole.php');
205 $role['translation'] = str_replace(" ", "&nbsp;", ilObjRole::_getTranslation($role["title"]));
206 $assigned_valid_roles[] = $role;
207 }
208 }
209
210 $this->assigned_valid_roles = $assigned_valid_roles;
211
212 return $assigned_valid_roles;
213 }
214
220 public function getCommands($a_type)
221 {
222 global $objDefinition;
223
224 $class = $objDefinition->getClassName($a_type);
225 $location = $objDefinition->getLocation($a_type);
226 $full_class = "ilObj" . $class . "Access";
227 include_once($location . "/class." . $full_class . ".php");
228
229 $cmds = call_user_func(array($full_class, "_getCommands"));
230
231 array_push($cmds, array('permission' => 'visible','cmd' => 'info'));
232
233 return $cmds;
234 }
235
240 public function getUser()
241 {
242 global $ilUser;
243
244 if (!isset($_POST['user_login'])) {
245 $user =&$ilUser;
246 } else {
247 include_once('Services/User/classes/class.ilObjUser.php');
248 $user_id = ilObjUser::_lookupId($_POST['user_login']);
249
250 $factory = new ilObjectFactory();
251 $user = $factory->getInstanceByObjId($user_id, false);
252
253
254 if ($user === false or $user->getType() != 'usr') {
255 $user =&$ilUser;
256 ilUtil::sendFailure($this->lng->txt('info_err_user_not_exist'));
257 } else {
258 ilUtil::sendInfo($this->lng->txt('info_user_view_changed'));
259 }
260 }
261
262 return $user;
263 }
264
269 public function getAccessStatusInfoData()
270 {
271 global $ilAccess;
272 $infos = array();
273
274 $result_set[0][] = $this->lng->txt("info_view_of_user");
275 $result_set[0][] = $this->user->getFullname() . " (#" . $this->user->getId() . ")";
276
277 $assigned_valid_roles = array();
278
279 foreach ($this->getAssignedValidRoles() as $role) {
280 $assigned_valid_roles[] = $role["translation"];
281 }
282
283 $roles_str = implode(", ", $assigned_valid_roles);
284
285 $result_set[1][] = $this->lng->txt("roles");
286 $result_set[1][] = $roles_str;
287
288 $result_set[2][] = $this->lng->txt("status");
289
290 $ilAccess->clear();
291 $ilAccess->checkAccessOfUser(
292 $this->user->getId(),
293 'read',
294 '',
295 $this->object->getRefId(),
296 $this->object->getType(),
297 $this->object->getId()
298 );
299
300 $infos = array_merge($infos, $ilAccess->getInfo());
301
302 $cmds = $this->getCommands($this->object->getType());
303
304 foreach ($cmds as $cmd) {
305 $ilAccess->clear();
306 $ilAccess->doStatusCheck($cmd['permission'], $cmd['cmd'], $this->object->getRefId(), $this->user->getId(), $this->object->getId(), $this->object->getType());
307 $infos = array_merge($infos, $ilAccess->getInfo());
308 }
309
310 $alert = "il_ItemAlertProperty";
311 $okay = "il_ItemOkayProperty";
312 $text = "";
313
314 if (!$infos) {
315 $text = "<span class=\"" . $okay . "\">" . $this->lng->txt("access") . "</span><br/> ";
316 } else {
317 foreach ($infos as $info) {
318 switch ($info['type']) {
319 case IL_STATUS_MESSAGE:
320 $text .= "<span class=\"" . $okay . "\">" . $info['text'] . "</span><br/> ";
321 break;
322
323 case IL_NO_PARENT_ACCESS:
324 $factory = new ilObjectFactory();
325 $obj = $factory->getInstanceByRefId($info['data']);
326 $text .= "<span class=\"" . $alert . "\">" . $info['text'] . " (" . $this->lng->txt("obj_" . $obj->getType()) . " #" . $obj->getId() . ": " . $obj->getTitle() . ")</span><br/> ";
327 break;
328
329 default:
330 $text .= "<span class=\"" . $alert . "\">" . $info['text'] . "</span><br/> ";
331 break;
332
333 }
334 }
335 }
336
337 $result_set[2][] = $text;
338
339 return $result_set;
340 }
341
346 public function getAccessPermissionTableData()
347 {
348 global $ilAccess,$ilObjDataCache,$objDefinition;
349
350 // get all possible operation of current object
351 $ops_list = ilRbacReview::_getOperationList($this->object->getType());
352
353 $counter = 0;
354 $result_set = array();
355
356 // check permissions of user
357 foreach ($ops_list as $ops) {
358 $access = $ilAccess->doRBACCheck($ops['operation'], "info", $this->object->getRefId(), $this->user->getId(), $this->object->getType());
359
360 $result_set[$counter]["img"] = $access ? self::IMG_OK : self::IMG_NOT_OK;
361
362 if (substr($ops['operation'], 0, 7) == "create_" &&
363 $objDefinition->isPlugin(substr($ops['operation'], 7))) {
364 $result_set[$counter]["operation"] = ilObjectPlugin::lookupTxtById(
365 substr($ops['operation'], 7),
366 'rbac_' . $ops['operation']
367 );
368 } elseif ($objDefinition->isPlugin($this->object->getType())) {
369 $result_set[$counter]["operation"] = ilObjectPlugin::lookupTxtById(
370 $this->object->getType(),
371 $this->object->getType() . "_" . $ops['operation']
372 );
373 } elseif (substr($ops['operation'], 0, 7) == 'create_') {
374 $result_set[$counter]["operation"] = $this->lng->txt('rbac_' . $ops['operation']);
375 } else {
376 $result_set[$counter]["operation"] = $this->lng->txt($this->object->getType() . "_" . $ops['operation']);
377 }
378
379 $list_role = [];
380
381 // Check ownership
382 if ($this->user->getId() == $ilObjDataCache->lookupOwner($this->object->getId())) {
383 if (
384 (substr($ops['operation'], 0, 7) != 'create_') and
385 ($ops['operation'] != 'edit_permission') and
386 ($ops['operation'] != 'edit_leanring_progress')
387 ) {
388 $list_role[] = $this->lng->txt('info_owner_of_object');
389 }
390 }
391 // get operations on object for each assigned role to user
392 foreach ($this->getAssignedValidRoles() as $role) {
393 if (in_array($ops['ops_id'], $role['ops'])) {
394 $list_role[] = $role['translation'];
395 }
396 }
397
398 if (empty($list_role)) {
399 $list_role[] = $this->lng->txt('none');
400 }
401
402
403 $result_set[$counter]["role_ownership"] = $list_role;
404
405 ++$counter;
406 }
407
408 return $result_set;
409 }
410
415 public function getAvailableRolesTableData()
416 {
417 global $tree;
418
419 include_once('./Services/AccessControl/classes/class.ilObjRole.php');
420
421 $path = array_reverse($tree->getPathId($this->object->getRefId()));
422
423 include_once('./Services/AccessControl/classes/class.ilObjRole.php');
424 $counter = 0;
425
426 foreach ($this->valid_roles as $role) {
427 $result_set[$counter]["img"] = in_array($role['obj_id'], $this->user_roles) ? self::IMG_OK : self::IMG_NOT_OK;
428
429 if (is_subclass_of($this->object, ilObjectPlugin::class) && $role["parent"] == $this->object->getRefId()) {
430 $result_set[$counter][] = ilObjectPlugin::lookupTxtById($this->object->getType(), ilObjRole::_removeObjectId($role["title"]));
431 } else {
432 $result_set[$counter][] = str_replace(" ", "&nbsp;", ilObjRole::_getTranslation($role["title"]));
433 }
434
435 $result_set[$counter]["role"] = str_replace(" ", "&nbsp;", ilObjRole::_getTranslation($role["title"]));
436
437 if ($role['role_type'] != "linked") {
438 $result_set[$counter]["effective_from"] = "";
439 } else {
440 $rolfs = $this->rbacreview->getFoldersAssignedToRole($role["obj_id"]);
441
442 // ok, try to match the next rolf in path
443 foreach ($path as $node) {
444 if ($node == 1) {
445 break;
446 }
447
448
449 if (in_array($node, $rolfs)) {
450 $nodedata = $tree->getNodeData($node);
451 $result_set[$counter]["effective_from"] = $nodedata["title"];
452 $result_set[$counter]["effective_from_ref_id"] = $node;
453 break;
454 }
455 }
456 }
457
458 if (in_array($role['obj_id'], $this->global_roles)) {
459 $result_set[$counter]["original_position"] = $this->lng->txt("global");
460 $result_set[$counter]["original_position_ref_id"] = false;
461 } else {
462 $rolf = $this->rbacreview->getFoldersAssignedToRole($role["obj_id"], true);
463 $parent_node = $tree->getNodeData($rolf[0]);
464 $result_set[$counter]["original_position"] = $parent_node["title"];
465 $result_set[$counter]["original_position_ref_id"] = $parent_node["ref_id"];
466 }
467
468 ++$counter;
469 }
470
471 return $result_set;
472 }
473}
user
user()
Definition: user.php:4
$factory
$factory
Definition: metadata.php:47
$location
$location
Definition: buildRTE.php:44
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
php
An exception for terminatinating execution or to throw for unit testing.
IL_STATUS_MESSAGE
const IL_STATUS_MESSAGE
Definition: class.ilAccessInfo.php:30
IL_NO_PARENT_ACCESS
const IL_NO_PARENT_ACCESS
Definition: class.ilAccessInfo.php:27
ilAccessPermissionsStatusTableGUI
Table for Acces Permissons in Permission > Permission of User.
Definition: class.ilAccessPermissionsStatusTableGUI.php:14
ilAvailableRolesStatusTableGUI
Table for Available Roles in Permission > Permission of User.
Definition: class.ilAvailableRolesStatusTableGUI.php:14
ilCtrl
This class provides processing control methods.
Definition: class.ilCtrl.php:12
ilCtrl\getLinkTargetByClass
getLinkTargetByClass( $a_class, $a_cmd="", $a_anchor="", $a_asynch=false, $xml_style=true)
Get link target for command using gui class name.
Definition: class.ilCtrl.php:1473
ilCtrl\getCmd
getCmd($a_default_cmd="", $a_safe_commands="")
Determines current get/post command.
Definition: class.ilCtrl.php:996
ilCtrl\setReturn
setReturn($a_gui_obj, $a_cmd)
Set return command.
Definition: class.ilCtrl.php:1509
ilCtrl\getNextClass
getNextClass($a_gui_class=null)
Get next class in the control path from the current class to the target command class.
Definition: class.ilCtrl.php:833
ilCtrl\getFormAction
getFormAction( $a_gui_obj, $a_fallback_cmd="", $a_anchor="", $a_asynch=false, $xml_style=true)
Get form action url for gui class object.
Definition: class.ilCtrl.php:1107
ilCtrl\forwardCommand
forwardCommand($a_gui_object)
Forward flow of control to next gui class this invokes the executeCommand() method of the gui object ...
Definition: class.ilCtrl.php:175
ilInfoScreenGUI
Class ilInfoScreenGUI.
Definition: class.ilInfoScreenGUI.php:19
ilObjRole\_getTranslation
static _getTranslation($a_role_title)
Definition: class.ilObjRole.php:484
ilObjRole\_removeObjectId
static _removeObjectId($a_role_title)
Definition: class.ilObjRole.php:497
ilObjUser\_lookupId
static _lookupId($a_user_str)
Lookup id by login.
Definition: class.ilObjUser.php:784
ilObjectFactory
Class ilObjectFactory.
Definition: class.ilObjectFactory.php:21
ilObjectPermissionStatusGUI
This class displays the permission status of a user concerning a specific object.
Definition: class.ilObjectPermissionStatusGUI.php:17
ilObjectPermissionStatusGUI\__construct
__construct(&$a_obj)
Constructor @access public.
Definition: class.ilObjectPermissionStatusGUI.php:43
ilObjectPermissionStatusGUI\accessStatusInfo
accessStatusInfo()
Access- and Statusinformation Info.
Definition: class.ilObjectPermissionStatusGUI.php:132
ilObjectPermissionStatusGUI\accessPermissionsTable
accessPermissionsTable()
Access Permissions Table.
Definition: class.ilObjectPermissionStatusGUI.php:152
ilObjectPermissionStatusGUI\getAccessPermissionTableData
getAccessPermissionTableData()
Access Permissions Table Data.
Definition: class.ilObjectPermissionStatusGUI.php:346
ilObjectPermissionStatusGUI\getAvailableRolesTableData
getAvailableRolesTableData()
Available Roles Table Data.
Definition: class.ilObjectPermissionStatusGUI.php:415
ilObjectPlugin\lookupTxtById
static lookupTxtById($plugin_id, $lang_var)
Definition: class.ilObjectPlugin.php:83
ilRbacReview\_getOperationList
static _getOperationList($a_type=null)
get operation list by object type @access public @access static
Definition: class.ilRbacReview.php:1442
ilTemplate
special template class to simplify handling of ITX/PEAR
Definition: class.ilTemplate.php:14
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:17
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4530
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4514
$counter
$counter
Definition: config-scanner.php:59
$info
$info
Definition: index.php:5
$table
if(empty($password)) $table
Definition: pwgen.php:24
$ilUser
$ilUser
Definition: imgupload.php:18
$a_type
$a_type
Definition: workflow.php:92
$text
$text
Definition: errorreport.php:18