4include_once(
'./Services/Table/classes/class.ilTable2GUI.php');
 
    5include_once 
'./Services/AccessControl/classes/class.ilPermissionGUI.php';
 
    6require_once(
'./Services/Repository/classes/class.ilObjectPlugin.php');
 
   37    public function __construct($a_parent_obj, $a_parent_cmd, $a_ref_id)
 
   41        parent::__construct($a_parent_obj, $a_parent_cmd);
 
   43        $this->lng->loadLanguageModule(
'rbac');
 
   45        $this->ref_id = $a_ref_id;
 
   46        $this->tree_path_ids = $tree->getPathId($this->ref_id);
 
   48        $this->
setId(
'objroleperm_' . $this->ref_id);
 
   50        $tpl->addJavaScript(
'./Services/AccessControl/js/ilPermSelect.js');
 
   52        $this->
setTitle($this->lng->txt(
'permission_settings'));
 
   55        $this->
setFormAction($ilCtrl->getFormAction($a_parent_obj, $a_parent_cmd));
 
   57        $this->
setRowTemplate(
"tpl.obj_role_perm_row.html", 
"Services/AccessControl");
 
  112        $this->activeOperations[] = $a_ops_id;
 
  131        $this->visible_roles = $a_ar;
 
  157        if (!
$roles->getValue()) {
 
  158            if ($tree->checkForParentType($this->getRefId(), 
'crs') or
 
  159                $tree->checkForParentType($this->getRefId(), 
'grp')) {
 
  160                $roles->setValue(self::ROLE_FILTER_LOCAL);
 
  162                $roles->setValue(self::ROLE_FILTER_ALL);
 
  169                self::ROLE_FILTER_ALL => $this->lng->txt(
'filter_all_roles'),
 
  170                self::ROLE_FILTER_GLOBAL => $this->lng->txt(
'filter_global_roles'),
 
  171                self::ROLE_FILTER_LOCAL => $this->lng->txt(
'filter_local_roles'),
 
  172                self::ROLE_FILTER_LOCAL_POLICY => $this->lng->txt(
'filter_roles_local_policy'),
 
  173                self::ROLE_FILTER_LOCAL_OBJECT => $this->lng->txt(
'filter_local_roles_object')
 
  185        global $objDefinition;
 
  189        if (isset(
$row[
'show_local_policy_row'])) {
 
  190            foreach (
$row[
'roles'] as $role_id => $role_info) {
 
  191                $this->tpl->setCurrentBlock(
'role_option');
 
  192                $this->tpl->setVariable(
'INHERIT_ROLE_ID', $role_id);
 
  193                $this->tpl->setVariable(
'INHERIT_CHECKED', $role_info[
'local_policy'] ? 
'checked=checked' : 
'');
 
  194                $this->tpl->setVariable(
'INHERIT_DISABLED', ($role_info[
'protected'] or $role_info[
'isLocal'] or $role_info[
'blocked']) ? 
'disabled="disabled"' : 
'');
 
  195                $this->tpl->setVariable(
'TXT_INHERIT', $this->lng->txt(
'rbac_local_policy'));
 
  196                $this->tpl->setVariable(
'INHERIT_LONG', $this->lng->txt(
'perm_use_local_policy_desc'));
 
  197                $this->tpl->parseCurrentBlock();
 
  202        if (isset(
$row[
'show_protected_row'])) {
 
  203            foreach (
$row[
'roles'] as $role_id => $role_info) {
 
  204                $this->tpl->setCurrentBlock(
'role_protect');
 
  205                $this->tpl->setVariable(
'PROTECT_ROLE_ID', $role_id);
 
  206                $this->tpl->setVariable(
'PROTECT_CHECKED', $role_info[
'protected_status'] ? 
'checked=checked' : 
'');
 
  207                $this->tpl->setVariable(
'PROTECT_DISABLED', $role_info[
'protected_allowed'] ? 
'' : 
'disabled="disabled"');
 
  208                $this->tpl->setVariable(
'TXT_PROTECT', $this->lng->txt(
'role_protect_permissions'));
 
  209                $this->tpl->setVariable(
'PROTECT_LONG', $this->lng->txt(
'role_protect_permissions_desc'));
 
  210                $this->tpl->parseCurrentBlock();
 
  216        if (isset(
$row[
'show_block_row'])) {
 
  218                $this->tpl->setCurrentBlock(
'role_block');
 
  219                $this->tpl->setVariable(
'BLOCK_ROLE_ID', $role_info[
'obj_id']);
 
  220                $this->tpl->setVariable(
'TXT_BLOCK', $this->lng->txt(
'role_block_role'));
 
  221                $this->tpl->setVariable(
'BLOCK_LONG', $this->lng->txt(
'role_block_role_desc'));
 
  222                if ($role_info[
'blocked']) {
 
  223                    $this->tpl->setVariable(
'BLOCK_CHECKED', 
'checked="checked"');
 
  226                    ($role_info[
'protected'] == 
'y') ||
 
  227                    ($role_info[
'assign'] == 
'y' and ($role_info[
'parent'] == $this->
getRefId()))
 
  229                    $this->tpl->setVariable(
'BLOCK_DISABLED', 
'disabled="disabled');
 
  232                $this->tpl->parseCurrentBlock();
 
  238        if (isset(
$row[
'show_select_all'])) {
 
  240                $this->tpl->setCurrentBlock(
'role_select_all');
 
  241                $this->tpl->setVariable(
'JS_ROLE_ID', $role[
'obj_id']);
 
  242                $this->tpl->setVariable(
'JS_SUBID', 
$row[
'subtype']);
 
  243                $this->tpl->setVariable(
'JS_ALL_PERMS', 
"['" . implode(
"','", 
$row[
'ops']) . 
"']");
 
  244                $this->tpl->setVariable(
'JS_FORM_NAME', $this->
getFormName());
 
  245                $this->tpl->setVariable(
'TXT_SEL_ALL', $this->lng->txt(
'select_all'));
 
  246                $this->tpl->parseCurrentBlock();
 
  252        if (isset(
$row[
'show_start_info'])) {
 
  253            $this->tpl->setCurrentBlock(
'section_info');
 
  254            $this->tpl->setVariable(
'SECTION_TITLE', $this->lng->txt(
'perm_class_object'));
 
  255            $this->tpl->setVariable(
'SECTION_DESC', $this->lng->txt(
'perm_class_object_desc'));
 
  256            $this->tpl->parseCurrentBlock();
 
  261        if (isset(
$row[
'show_create_info'])) {
 
  262            $this->tpl->setCurrentBlock(
'section_info');
 
  263            $this->tpl->setVariable(
'SECTION_TITLE', $this->lng->txt(
'perm_class_create'));
 
  264            $this->tpl->setVariable(
'SECTION_DESC', $this->lng->txt(
'perm_class_create_desc'));
 
  265            $this->tpl->parseCurrentBlock();
 
  270        foreach ((array) 
$row[
'roles'] as $role_id => $role_info) {
 
  272            $this->tpl->setCurrentBlock(
'role_td');
 
  273            $this->tpl->setVariable(
'PERM_ROLE_ID', $role_id);
 
  274            $this->tpl->setVariable(
'PERM_PERM_ID', 
$row[
'perm'][
'ops_id']);
 
  277            if (substr(
$row[
'perm'][
'operation'], 0, 6) == 
'create') {
 
  278                if ($objDefinition->isPlugin(substr(
$row[
'perm'][
'operation'], 7))) {
 
  280                        substr(
$row[
'perm'][
'operation'], 7),
 
  281                        "obj_" . substr(
$row[
'perm'][
'operation'], 7)
 
  284                    $perm = $this->lng->txt(
'obj_' . substr(
$row[
'perm'][
'operation'], 7));
 
  287                if ($objDefinition->isPlugin($this->getObjType())) {
 
  294                    if ($this->lng->exists($this->getObjType() . 
'_' . 
$row[
'perm'][
'operation'] . 
'_short')) {
 
  295                        $perm = $this->lng->txt($this->
getObjType() . 
'_' . 
$row[
'perm'][
'operation'] . 
'_short');
 
  297                        $perm = $this->lng->txt(
$row[
'perm'][
'operation']);
 
  302            $this->tpl->setVariable(
'TXT_PERM', $perm);
 
  304            if ($objDefinition->isPlugin($this->getObjType())) {
 
  309            } elseif (substr(
$row[
'perm'][
'operation'], 0, 6) == 
'create') {
 
  310                $this->tpl->setVariable(
'PERM_LONG', $this->lng->txt(
'rbac_' . 
$row[
'perm'][
'operation']));
 
  312                $this->tpl->setVariable(
'PERM_LONG', $this->lng->txt($this->getObjType() . 
'_' . 
$row[
'perm'][
'operation']));
 
  315            if ($role_info[
'protected'] || $role_info[
'blocked']) {
 
  316                $this->tpl->setVariable(
'PERM_DISABLED', 
'disabled="disabled"');
 
  318            if ($role_info[
'permission_set']) {
 
  319                $this->tpl->setVariable(
'PERM_CHECKED', 
'checked="checked"');
 
  322            $this->tpl->parseCurrentBlock();
 
  333        global $rbacreview,$objDefinition;
 
  341            return $this->
setData(array());
 
  345        $operations = array();
 
  347            $operations[$role_data[
'obj_id']] = $rbacreview->getActiveOperationsOfRole($this->
getRefId(), $role_data[
'obj_id']);
 
  355            $local_roles = $rbacreview->getRolesOfObject($this->
getRefId());
 
  357                $roles[$role_data[
'obj_id']] = array(
 
  358                    'blocked' => $role_data[
'blocked'],
 
  359                    'protected' => $role_data[
'protected'],
 
  360                    'local_policy' => in_array($role_data[
'obj_id'], $local_roles),
 
  361                    'isLocal' => ($this->
getRefId() == $role_data[
'parent']) && $role_data[
'assign'] == 
'y' 
  365            $perms[
$counter][
'show_local_policy_row'] = 1;
 
  374                $roles[$role_data[
'obj_id']] = array(
 
  375                    'blocked' => $role_data[
'blocked'],
 
  376                    'protected_allowed' => $rbacreview->isAssignable($role_data[
'obj_id'], $this->getRefId()),
 
  377                    'protected_status' => $rbacreview->isProtected($role_data[
'parent'], $role_data[
'obj_id']),
 
  378                    'isLocal' => ($this->getRefId() == $role_data[
'parent']) && $role_data[
'assign'] == 
'y' 
  382            $perms[
$counter][
'show_protected_row'] = 1;
 
  388            $perms[
$counter++][
'show_block_row'] = 1;
 
  393            $perms[
$counter++][
'show_start_info'] = 
true;
 
  397        $no_creation_operations = array();
 
  398        foreach ($rbacreview->getOperationsByTypeAndClass($this->getObjType(), 
'object') as $operation) {
 
  400            $no_creation_operations[] = $operation;
 
  404                $roles[$role_data[
'obj_id']] =
 
  406                        'blocked' => $role_data[
'blocked'],
 
  407                        'protected' => $role_data[
'protected'],
 
  408                        'permission_set' => in_array($operation, (array) $operations[$role_data[
'obj_id']]),
 
  409                        'isLocal' => ($this->
getRefId() == $role_data[
'parent']) && $role_data[
'assign'] == 
'y' 
  413            $op = $rbacreview->getOperation($operation);
 
  423        if ($no_creation_operations) {
 
  424            $perms[
$counter][
'show_select_all'] = 1;
 
  425            $perms[
$counter][
'ops'] = $no_creation_operations;
 
  426            $perms[
$counter][
'subtype'] = 
'nocreation';
 
  431        if ($objDefinition->isContainer($this->getObjType())) {
 
  432            $perms[
$counter++][
'show_create_info'] = 
true;
 
  436        $objects = $objDefinition->getCreatableSubObjects($this->
getObjType());
 
  438        $creation_operations = array();
 
  440            $ops_id = $ops_ids[
$type];
 
  447            $creation_operations[] = $ops_id;
 
  451                $roles[$role_data[
'obj_id']] =
 
  453                        'blocked' => $role_data[
'blocked'],
 
  454                        'protected' => $role_data[
'protected'],
 
  455                        'permission_set' => in_array($ops_id, (array) $operations[$role_data[
'obj_id']]),
 
  456                        'isLocal' => ($this->
getRefId() == $role_data[
'parent']) && $role_data[
'assign'] == 
'y' 
  461            $op = $rbacreview->getOperation($ops_id);
 
  471        if (count($creation_operations)) {
 
  472            $perms[
$counter][
'show_select_all'] = 1;
 
  473            $perms[
$counter][
'ops'] = $creation_operations;
 
  474            $perms[
$counter][
'subtype'] = 
'creation';
 
  495        $possible_roles = array();
 
  496        foreach (
$roles as $role) {
 
  497            if ($rbacreview->isBlockedInUpperContext($role[
'obj_id'], $this->getRefId())) {
 
  501            $possible_roles[] = $role;
 
  505        if (count($possible_roles)) {
 
  509            $column_widht = 
"0%";
 
  512        $all_roles = array();
 
  513        foreach ($possible_roles as $role) {
 
  514            if ($role[
'obj_id'] == SYSTEM_ROLE_ID) {
 
  518            $role[
'blocked'] = (bool) $rbacreview->isBlockedAtPosition($role[
'obj_id'], $this->getRefId());
 
  519            $role[
'role_type'] = $rbacreview->isGlobalRole($role[
'obj_id']) ? 
'global' : 
'local';
 
  530            $all_roles[] = $role;
 
  544        global $rbacreview,$tree, $objDefinition;
 
  547        $protected_status = $rbacreview->isProtected($role[
'parent'], $role[
'obj_id']) ? 
'protected_' : 
'';
 
  548        if ($role[
'role_type'] == 
'global') {
 
  549            $tp = $this->lng->txt(
'perm_' . $protected_status . 
'global_role');
 
  551            $tp = $this->lng->txt(
'perm_' . $protected_status . 
'local_role');
 
  554        $inheritance_seperator = 
': ';
 
  558            ($role[
'assign'] == 
'y' and $role[
'role_type'] != 
'global') or
 
  559            ($role[
'assign'] == 
'n' and $role[
'role_type'] != 
'global')
 
  563            $obj = $rbacreview->getObjectOfRole($role[
'obj_id']);
 
  566                if ($objDefinition->isPlugin(
$type)) {
 
  573                    $this->lng->txt(
'perm_role_path_info_created'),
 
  577                $inheritance_seperator = 
', ';
 
  581        $path_hierarchy = $rbacreview->getObjectsWithStopedInheritance(
 
  583            $tree->getPathId($this->getRefId())
 
  586        $reduced_path_hierarchy = (array) array_diff(
 
  590                $rbacreview->getObjectReferenceOfRole($role[
'obj_id'])
 
  596        if ($role[
'assign'] == 
'n' and count($reduced_path_hierarchy)) {
 
  597            $tp .= $inheritance_seperator;
 
  599            $parent = end($reduced_path_hierarchy);
 
  602            $tp .= 
sprintf($this->lng->txt(
'perm_role_path_info_inheritance'), $this->lng->txt(
'obj_' . $p_type), $p_title);
 
  615        global 
$ilCtrl, $objDefinition;
 
  617        include_once 
'./Services/AccessControl/classes/class.ilObjRole.php';
 
  621        if ($role[
'parent'] != $this->
getRefId()) {
 
  626        if ($objDefinition->isPlugin(
$type)) {
 
  627            if (preg_match(
"/^il_./", $role[
"title"])) {
 
  632        if ($role[
'blocked']) {
 
  635        $ilCtrl->setParameterByClass(
'ilobjrolegui', 
'obj_id', $role[
'obj_id']);
 
  637        return '<a class="tblheader" href="' . 
$ilCtrl->getLinkTargetByClass(
'ilobjrolegui', 
'') . 
'" >' . $role_title . 
'</a>';
 
sprintf('%.4f', $callTime)
An exception for terminatinating execution or to throw for unit testing.
static getLogger($a_component_id)
Get component logger.
static _getTranslation($a_role_title)
static _removeObjectId($a_role_title)
static lookupTxtById($plugin_id, $lang_var)
Table for object role permissions.
const ROLE_FILTER_LOCAL_OBJECT
getRefId()
Get ref id of current object.
fillRow($row)
Fill one permission row.
initColumns()
init Columns
setVisibleRoles($a_ar)
Set Visible roles.
getActiveOperations()
get active operations
__construct($a_parent_obj, $a_parent_cmd, $a_ref_id)
Constructor.
createTitle($role)
Create (linked) title.
addActiveOperation($a_ops_id)
Add active operation.
getVisibleRoles()
get visible roles
createTooltip($role)
Create a linked title for roles with local policy.
const ROLE_FILTER_LOCAL_POLICY
initFilter()
Init role filter.
getPathIds()
Get tree path ids.
static _lookupObjId($a_id)
static _lookupTitle($a_id)
lookup object title
static _lookupType($a_id, $a_reference=false)
lookup object type
static hasContainerCommands($a_type)
Check if container commands are possible for the current object type.
static langExitsById($pluginId, $langVar)
Is searched lang var available in plugin lang files.
static lookupCreateOperationIds($a_type_arr)
Lookup operation ids.
getFormName()
Get Form name.
setEnableHeader($a_enableheader)
Set Enable Header.
setDisableFilterHiding($a_val=true)
Set disable filter hiding.
setShowRowsSelector($a_value)
Toggle rows-per-page selector.
getParentObject()
Get parent object.
setTitle($a_title, $a_icon=0, $a_icon_alt=0)
Set title and title icon.
setNoEntriesText($a_text)
Set text for an empty table.
setData($a_data)
set table data @access public
setRowTemplate($a_template, $a_template_dir="")
Set row template.
setLimit($a_limit=0, $a_default_limit=0)
set max.
getFilterItemByPostVar($a_post_var)
addColumn( $a_text, $a_sort_field="", $a_width="", $a_is_checkbox_action_column=false, $a_class="", $a_tooltip="", $a_tooltip_with_html=false)
Add a column to the header.
addFilterItemByMetaType($id, $type=self::FILTER_TEXT, $a_optional=false, $caption=null)
Add filter by standard type.
setFormAction($a_form_action, $a_multipart=false)
Set Form action parameter.
addCommandButton($a_cmd, $a_text, $a_onclick='', $a_id="", $a_class=null)
Add Command button.
disable($a_module_name)
diesables particular modules of table