ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
Public Member Functions | Private Member Functions
ilSoapRBACAdministration Class Reference
+ Inheritance diagram for ilSoapRBACAdministration:
+ Collaboration diagram for ilSoapRBACAdministration:

Public Member Functions

 deleteRole ($sid, $role_id)
 
 addUserRoleEntry ($sid, $user_id, $role_id)
 
 deleteUserRoleEntry ($sid, $user_id, $role_id)
 
 getOperations ($sid)
 
 revokePermissions ($sid, $ref_id, $role_id)
 
 grantPermissions ($sid, $ref_id, $role_id, $permissions)
 
 getLocalRoles ($sid, $ref_id)
 
 getUserRoles ($sid, $user_id)
 
 addRole ($sid, $target_id, $role_xml)
 
 addRoleFromTemplate ($sid, $target_id, $role_xml, $template_id)
 
 getObjectTreeOperations ($sid, $ref_id, $user_id)
 
 getRoles ($sid, $role_type, $id)
 get roles for a specific type and id More...
 
 searchRoles ($sid, $key, $combination, $role_type)
 search for roles. More...
 
- Public Member Functions inherited from ilSoapAdministration
 __construct ($use_nusoap=true)
 Constructor. More...
 
 initErrorWriter ()
 Overwrite error handler. More...
 
 __explodeSid ($sid)
 
 __setMessage ($a_str)
 
 __getMessage ()
 
 __appendMessage ($a_str)
 
 __setMessageCode ($a_code)
 
 __getMessageCode ()
 
 initAuth ($sid)
 Init authentication. More...
 
 initIlias ()
 
 __initAuthenticationObject ($a_auth_mode=AUTH_LOCAL)
 
 __raiseError ($a_message, $a_code)
 
 getNIC ($sid)
 get client information from current as xml result set More...
 
 isFault ($object)
 
 checkObjectAccess ($ref_id, $expected_type, $permission, $returnObject=false)
 check access for ref id: expected type, permission, return object instance if returnobject is true More...
 
 getInstallationInfoXML ()
 
 getClientInfoXML ($clientid)
 

Private Member Functions

 parseUserID ($id, $role_type)
 

Additional Inherited Members

- Static Public Member Functions inherited from ilSoapAdministration
static return_bytes ($val)
 calculate bytes from K,M,G modifiers e.g: 8M = 8 * 1024 * 1024 bytes More...
 
- Data Fields inherited from ilSoapAdministration
 $sauth = null
 
 $error_method = null
 
- Protected Attributes inherited from ilSoapAdministration
 $soap_check = true
 

Detailed Description

Definition at line 35 of file class.ilSoapRBACAdministration.php.

Member Function Documentation

◆ addRole()

ilSoapRBACAdministration::addRole (   $sid,
  $target_id,
  $role_xml 
)

Definition at line 332 of file class.ilSoapRBACAdministration.php.

333 {
334 $this->initAuth($sid);
335 $this->initIlias();
336
337 if (!$this->__checkSession($sid)) {
338 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
339 }
340
341 global $rbacreview, $objDefinition, $rbacsystem,$ilAccess;
342
343 if (!$tmp_obj =&ilObjectFactory::getInstanceByRefId($target_id, false)) {
344 return $this->__raiseError(
345 'No valid ref id given. Please choose an existing reference id of an ILIAS object',
346 'Client'
347 );
348 }
349
350 if (ilObject::_isInTrash($target_id)) {
351 return $this->__raiseError("Parent with ID $target_id has been deleted.", 'CLIENT_TARGET_DELETED');
352 }
353
354 if (!$ilAccess->checkAccess('edit_permission', '', $target_id)) {
355 return $this->__raiseError('Check access failed. No permission to create roles', 'Server');
356 }
357
358 include_once 'webservice/soap/classes/class.ilObjectXMLParser.php';
359
360 $xml_parser = new ilObjectXMLParser($role_xml);
361 $xml_parser->startParsing();
362
363 foreach ($xml_parser->getObjectData() as $object_data) {
364
365 // check if role title has il_ prefix
366 if (substr($object_data['title'], 0, 3) == "il_") {
367 return $this->__raiseError(
368 'Rolenames are not allowed to start with "il_" ',
369 'Client'
370 );
371 }
372
373 include_once './Services/AccessControl/classes/class.ilObjRole.php';
374 $role = new ilObjRole();
375 $role->setTitle($object_data['title']);
376 $role->setDescription($object_data['description']);
377 $role->setImportId($object_data['import_id']);
378 $role->create();
379
380 $GLOBALS['rbacadmin']->assignRoleToFolder($role->getId(), $target_id);
381 $new_roles[] = $role->getId();
382 }
383
384 return $new_roles ? $new_roles : array();
385 }
ilObjRole
Class ilObjRole.
Definition: class.ilObjRole.php:17
ilObjectFactory\getInstanceByRefId
static getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
Definition: class.ilObjectFactory.php:141
ilObject\_isInTrash
static _isInTrash($a_ref_id)
checks wether object is in trash
Definition: class.ilObject.php:1219
ilSoapAdministration\initAuth
initAuth($sid)
Init authentication.
Definition: class.ilSoapAdministration.php:175
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:204
$GLOBALS
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Definition: generate-standalone.php:18
$target_id
$target_id
Definition: goto.php:49

References $GLOBALS, $target_id, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObject\_isInTrash(), ilObjectFactory\getInstanceByRefId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

+ Here is the call graph for this function:

◆ addRoleFromTemplate()

ilSoapRBACAdministration::addRoleFromTemplate (   $sid,
  $target_id,
  $role_xml,
  $template_id 
)

Definition at line 387 of file class.ilSoapRBACAdministration.php.

388 {
389 $this->initAuth($sid);
390 $this->initIlias();
391
392 if (!$this->__checkSession($sid)) {
393 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
394 }
395
396 global $rbacreview, $objDefinition, $rbacsystem, $rbacadmin,$ilAccess;
397
398 if (!$tmp_obj =&ilObjectFactory::getInstanceByRefId($target_id, false)) {
399 return $this->__raiseError(
400 'No valid ref id given. Please choose an existing reference id of an ILIAS object',
401 'Client'
402 );
403 }
404 if (ilObject::_lookupType($template_id) != 'rolt') {
405 return $this->__raiseError(
406 'No valid template id given. Please choose an existing object id of an ILIAS role template',
407 'Client'
408 );
409 }
410
411
412 if (ilObject::_isInTrash($target_id)) {
413 return $this->__raiseError("Parent with ID $target_id has been deleted.", 'CLIENT_TARGET_DELETED');
414 }
415
416 if (!$ilAccess->checkAccess('edit_permission', '', $target_id)) {
417 return $this->__raiseError('Check access failed. No permission to create roles', 'Server');
418 }
419
420
421 include_once 'webservice/soap/classes/class.ilObjectXMLParser.php';
422
423 $xml_parser = new ilObjectXMLParser($role_xml);
424 $xml_parser->startParsing();
425
426 foreach ($xml_parser->getObjectData() as $object_data) {
427
428 // check if role title has il_ prefix
429 if (substr($object_data['title'], 0, 3) == "il_") {
430 return $this->__raiseError(
431 'Rolenames are not allowed to start with "il_" ',
432 'Client'
433 );
434 }
435
436 include_once './Services/AccessControl/classes/class.ilObjRole.php';
437 $role = new ilObjRole();
438 $role->setTitle($object_data['title']);
439 $role->setDescription($object_data['description']);
440 $role->setImportId($object_data['import_id']);
441 $role->create();
442
443 $GLOBALS['rbacadmin']->assignRoleToFolder($role->getId(), $target_id);
444
445 // Copy permssions
446 $rbacadmin->copyRoleTemplatePermissions($template_id, ROLE_FOLDER_ID, $target_id, $role->getId());
447
448 // Set object permissions according to role template
449 $ops = $rbacreview->getOperationsOfRole($role->getId(), $tmp_obj->getType(), $target_id);
450 $rbacadmin->grantPermission($role->getId(), $ops, $target_id);
451 $new_roles[] = $role->getId();
452 }
453
454
455 // CREATE ADMIN ROLE
456
457
458
459
460
461 return $new_roles ? $new_roles : array();
462 }
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1204
$template_id
$template_id
Definition: logout-iframe.php:118

References $GLOBALS, $target_id, $template_id, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObject\_isInTrash(), ilObject\_lookupType(), ilObjectFactory\getInstanceByRefId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

+ Here is the call graph for this function:

◆ addUserRoleEntry()

ilSoapRBACAdministration::addUserRoleEntry (   $sid,
  $user_id,
  $role_id 
)

Definition at line 79 of file class.ilSoapRBACAdministration.php.

80 {
81 $this->initAuth($sid);
82 $this->initIlias();
83
84 if (!$this->__checkSession($sid)) {
85 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
86 }
87
88 global $rbacadmin,$rbacreview,$ilAccess;
89
90 if ($tmp_user =&ilObjectFactory::getInstanceByObjId($user_id) and $tmp_user->getType() != 'usr') {
91 return $this->__raiseError(
92 'No valid user id given. Please choose an existing id of an ILIAS user',
93 'Client'
94 );
95 }
96 if ($tmp_role =&ilObjectFactory::getInstanceByObjId($role_id) and $tmp_role->getType() != 'role') {
97 return $this->__raiseError(
98 'No valid role id given. Please choose an existing id of an ILIAS role',
99 'Client'
100 );
101 }
102
103 $obj_ref = $rbacreview->getObjectReferenceOfRole($role_id);
104 if (!$ilAccess->checkAccess('edit_permission', '', $obj_ref)) {
105 return $this->__raiseError('Check access failed. No permission to assign users', 'Server');
106 }
107
108 if (!$rbacadmin->assignUser($role_id, $user_id)) {
109 return $this->__raiseError(
110 'Error rbacadmin->assignUser()',
111 'Server'
112 );
113 }
114 return true;
115 }
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:75

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

+ Here is the call graph for this function:

◆ deleteRole()

ilSoapRBACAdministration::deleteRole (   $sid,
  $role_id 
)

Definition at line 37 of file class.ilSoapRBACAdministration.php.

38 {
39 $this->initAuth($sid);
40 $this->initIlias();
41
42 if (!$this->__checkSession($sid)) {
43 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
44 }
45
46 global $rbacreview, $rbacsystem,$ilAccess;
47
48 if (!$tmp_role =&ilObjectFactory::getInstanceByObjId($role_id, false) or $tmp_role->getType() != 'role') {
49 return $this->__raiseError(
50 'No valid role id given. Please choose an existing id of an ILIAS role',
51 'Client'
52 );
53 }
54
55
56 $obj_ref = $rbacreview->getObjectReferenceOfRole($role_id);
57 if (!$ilAccess->checkAccess('edit_permission', '', $obj_ref)) {
58 return $this->__raiseError('Check access failed. No permission to delete role', 'Server');
59 }
60
61 // if it's last role of an user
62 foreach ($assigned_users = $rbacreview->assignedUsers($role_id) as $user_id) {
63 if (count($rbacreview->assignedRoles($user_id)) == 1) {
64 return $this->__raiseError(
65 'Cannot deassign last role of users',
66 'Client'
67 );
68 }
69 }
70
71 // set parent id (role folder id) of role
72 $rolf_id = end($rolf_ids = $rbacreview->getFoldersAssignedToRole($role_id, true));
73 $tmp_role->setParent($rolf_id);
74 $tmp_role->delete();
75
76 return true;
77 }

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

+ Here is the call graph for this function:

◆ deleteUserRoleEntry()

ilSoapRBACAdministration::deleteUserRoleEntry (   $sid,
  $user_id,
  $role_id 
)

Definition at line 116 of file class.ilSoapRBACAdministration.php.

117 {
118 $this->initAuth($sid);
119 $this->initIlias();
120
121 if (!$this->__checkSession($sid)) {
122 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
123 }
124
125 global $rbacadmin,$ilAccess,$rbacreview;
126
127 if ($tmp_user =&ilObjectFactory::getInstanceByObjId($user_id, false) and $tmp_user->getType() != 'usr') {
128 return $this->__raiseError(
129 'No valid user id given. Please choose an existing id of an ILIAS user',
130 'Client'
131 );
132 }
133 if ($tmp_role =&ilObjectFactory::getInstanceByObjId($role_id, false) and $tmp_role->getType() != 'role') {
134 return $this->__raiseError(
135 'No valid role id given. Please choose an existing id of an ILIAS role',
136 'Client'
137 );
138 }
139
140 $obj_ref = $rbacreview->getObjectReferenceOfRole($role_id);
141 if (!$ilAccess->checkAccess('edit_permission', '', $obj_ref)) {
142 return $this->__raiseError('Check access failed. No permission to deassign users', 'Server');
143 }
144
145 if (!$rbacadmin->deassignUser($role_id, $user_id)) {
146 return $this->__raiseError(
147 'Error rbacadmin->deassignUser()',
148 'Server'
149 );
150 }
151 return true;
152 }

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

+ Here is the call graph for this function:

◆ getLocalRoles()

ilSoapRBACAdministration::getLocalRoles (   $sid,
  $ref_id 
)

Definition at line 257 of file class.ilSoapRBACAdministration.php.

258 {
259 $this->initAuth($sid);
260 $this->initIlias();
261
262 if (!$this->__checkSession($sid)) {
263 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
264 }
265
266 global $rbacreview,$ilAccess;
267
268 if (!$tmp_obj =&ilObjectFactory::getInstanceByRefId($ref_id, false)) {
269 return $this->__raiseError(
270 'No valid ref id given. Please choose an existing reference id of an ILIAS object',
271 'Client'
272 );
273 }
274
275 if (!$ilAccess->checkAccess('edit_permission', '', $ref_id)) {
276 return $this->__raiseError('Check access failed. No permission to access role information', 'Server');
277 }
278
279
280 foreach ($rbacreview->getRolesOfRoleFolder($ref_id, false) as $role_id) {
281 if ($tmp_obj = ilObjectFactory::getInstanceByObjId($role_id, false)) {
282 $objs[] = $tmp_obj;
283 }
284 }
285 if (count($objs)) {
286 include_once './webservice/soap/classes/class.ilObjectXMLWriter.php';
287
288 $xml_writer = new ilObjectXMLWriter();
289 $xml_writer->setObjects($objs);
290 if ($xml_writer->start()) {
291 return $xml_writer->getXML();
292 }
293 }
294 return '';
295 }

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilObjectFactory\getInstanceByRefId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

+ Here is the call graph for this function:

◆ getObjectTreeOperations()

ilSoapRBACAdministration::getObjectTreeOperations (   $sid,
  $ref_id,
  $user_id 
)

Definition at line 464 of file class.ilSoapRBACAdministration.php.

465 {
466 $this->initAuth($sid);
467 $this->initIlias();
468
469 if (!$this->__checkSession($sid)) {
470 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
471 }
472
473 global $rbacsystem,$rbacreview,$ilAccess;
474
475
476 if (!$tmp_obj =&ilObjectFactory::getInstanceByRefId($ref_id, false)) {
477 return $this->__raiseError(
478 'No valid ref id given. Please choose an existing reference id of an ILIAS object',
479 'Client'
480 );
481 }
482
483 if (!$tmp_user =&ilObjectFactory::getInstanceByObjId($user_id, false)) {
484 return $this->__raiseError(
485 'No valid user id given.',
486 'Client'
487 );
488 }
489
490 if (ilObject::_isInTrash($ref_id)) {
491 return $this->__raiseError("Parent with ID $target_id has been deleted.", 'CLIENT_TARGET_DELETED');
492 }
493
494
495
496 // check visible for all upper tree entries
497 if (!$ilAccess->checkAccessOfUser($tmp_user->getId(), 'visible', '', $tmp_obj->getRefId())) {
498 return array();
499 }
500 $op_data = $rbacreview->getOperation(2);
501 $ops_data[] = $op_data;
502
503 if (!$ilAccess->checkAccessOfUser($tmp_user->getId(), 'read', '', $tmp_obj->getRefId())) {
504 return $ops_data;
505 }
506
507
508 $ops_data = array();
509 $ops = $rbacreview->getOperationsOnTypeString($tmp_obj->getType());
510 foreach ($ops as $ops_id) {
511 $op_data = $rbacreview->getOperation($ops_id);
512
513 if ($rbacsystem->checkAccessOfUser($user_id, $op_data['operation'], $tmp_obj->getRefId())) {
514 $ops_data[$ops_id] = $op_data;
515 }
516 }
517
518 foreach ($ops_data as $data) {
519 $ret_data[] = $data;
520 }
521 return $ret_data ? $ret_data : array();
522 }

References $data, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObject\_isInTrash(), ilObjectFactory\getInstanceByObjId(), ilObjectFactory\getInstanceByRefId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

+ Here is the call graph for this function:

◆ getOperations()

ilSoapRBACAdministration::getOperations (   $sid)

Definition at line 154 of file class.ilSoapRBACAdministration.php.

155 {
156 $this->initAuth($sid);
157 $this->initIlias();
158
159 if (!$this->__checkSession($sid)) {
160 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
161 }
162
163 global $rbacreview;
164
165 if (is_array($ops = $rbacreview->getOperations())) {
166 return $ops;
167 } else {
168 return $this->__raiseError('Unknown error', 'Server');
169 }
170 }

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

+ Here is the call graph for this function:

◆ getRoles()

ilSoapRBACAdministration::getRoles (   $sid,
  $role_type,
  $id 
)

get roles for a specific type and id

Parameters
String$sidsession id
String$role_typecan be empty which means "local & global", "local", "global", "user", "user_login" or "template"
Mixed$idcan be -1 for system role folder, can be ref id in case for role type "local/global/template", can be user id with "user" or login in case for role type "user_login"
Returns
String according DTD role_3_7

Definition at line 532 of file class.ilSoapRBACAdministration.php.

533 {
534 $this->initAuth($sid);
535 $this->initIlias();
536
537 if (!$this->__checkSession($sid)) {
538 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
539 }
540
541 global $rbacsystem, $rbacreview, $ilUser, $ilDB;
542
543 if (strcasecmp($role_type, "") != 0 &&
544 strcasecmp($role_type, "local") != 0 &&
545 strcasecmp($role_type, "global") != 0 &&
546 strcasecmp($role_type, "user") != 0 &&
547 strcasecmp($role_type, "user_login") != 0 &&
548 strcasecmp($role_type, "template") != 0) {
549 return $this->__raiseError('Called service with wrong role_type parameter \'' . $role_type . '\'', 'Client');
550 }
551
552 $roles = array();
553
554
555 if (strcasecmp($role_type, "template") == 0) {
556 // get templates
557 $roles = $rbacreview->getRolesByFilter(6, $ilUser->getId());
558 } elseif (strcasecmp($role_type, "user")==0 || strcasecmp($role_type, "user_login")==0) {
559 // handle user roles
560 $user_id = $this->parseUserID($id, $role_type);
561 if ($user_id != $ilUser->getId()) {
562 // check access for user folder
563 $tmpUser = new ilObjUser($user_id);
564 $timelimitOwner = $tmpUser->getTimeLimitOwner();
565 if (!$rbacsystem->checkAccess('read', $timelimitOwner)) {
566 return $this->__raiseError('Check access for time limit owner failed.', 'Server');
567 }
568 }
569 $role_type = ""; // local and global roles for user
570
571 $query = sprintf(
572 "SELECT object_data.title, rbac_fa.* FROM object_data, rbac_ua, rbac_fa WHERE rbac_ua.rol_id IN ('%s') AND rbac_ua.rol_id = rbac_fa.rol_id AND object_data.obj_id = rbac_fa.rol_id AND rbac_ua.usr_id=" . $user_id,
573 join("','", $rbacreview->assignedRoles($user_id))
574 );
575
576 $rbacresult = $ilDB->query($query);
577 while ($rbacrow = $rbacresult->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) {
578 if ($rbacrow["assign"] != "y") {
579 continue;
580 }
581
582 $type = "";
583
584 if ($rbacrow["parent"] == ROLE_FOLDER_ID) {
585 $type = "Global";
586 } else {
587 $type = "Local";
588 }
589 if (strlen($type) && $tmp_obj = ilObjectFactory::getInstanceByObjId($rbacrow["rol_id"], false)) {
590 /* @var $tmp_obj IlObjRole */
591 $roles[] = array(
592 "obj_id" =>$rbacrow["rol_id"],
593 "title" => $tmp_obj->getTitle(),
594 "description" => $tmp_obj->getDescription(),
595 "role_type" => $type);
596 }
597 }
598 } elseif ($id == "-1") {
599 // get all roles of system role folder
600 if (!$rbacsystem->checkAccess('read', ROLE_FOLDER_ID)) {
601 return $this->__raiseError('Check access failed.', 'Server');
602 }
603
604 $roles = $rbacreview->getAssignableRoles(false, true);
605 } else {
606 // get local roles for a specific repository object
607 // needs permission to read permissions of this object
608 if (!$rbacsystem->checkAccess('edit_permission', $id)) {
609 return $this->__raiseError('Check access for local roles failed.', 'Server');
610 }
611
612 if (!is_numeric($id)) {
613 return $this->__raiseError('Id must be numeric to process roles of a repository object.', 'Client');
614 }
615
616 $role_type = "local";
617
618 foreach ($rbacreview->getRolesOfRoleFolder($id, false) as $role_id) {
619 if ($tmp_obj = ilObjectFactory::getInstanceByObjId($role_id, false)) {
620 $roles[] = array("obj_id" => $role_id, "title" => $tmp_obj->getTitle(), "description" => $tmp_obj->getDescription(), "role_type" => $role_type);
621 }
622 }
623 }
624
625
626 include_once './webservice/soap/classes/class.ilSoapRoleObjectXMLWriter.php';
627
628 $xml_writer = new ilSoapRoleObjectXMLWriter();
629 $xml_writer->setObjects($roles);
630 $xml_writer->setType($role_type);
631 if ($xml_writer->start()) {
632 return $xml_writer->getXML();
633 }
634 }
sprintf
sprintf('%.4f', $callTime)
Definition: 01pharSimple.php:87
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14
$query
$query
Definition: proxy_ylocal.php:13
$type
$type
Definition: proxy_ylocal.php:10
$ilDB
global $ilDB
Definition: storeScorm2004.php:19
$ilUser
$ilUser
Definition: imgupload.php:18

References $id, $ilDB, $ilUser, $query, $type, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilDBConstants\FETCHMODE_ASSOC, ilObjectFactory\getInstanceByObjId(), ilSoapAdministration\initAuth(), ilSoapAdministration\initIlias(), parseUserID(), and sprintf.

+ Here is the call graph for this function:

◆ getUserRoles()

ilSoapRBACAdministration::getUserRoles (   $sid,
  $user_id 
)

Definition at line 297 of file class.ilSoapRBACAdministration.php.

298 {
299 $this->initAuth($sid);
300 $this->initIlias();
301
302 if (!$this->__checkSession($sid)) {
303 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
304 }
305
306 global $rbacreview;
307
308 if (!$tmp_user =&ilObjectFactory::getInstanceByObjId($user_id, false)) {
309 return $this->__raiseError(
310 'No valid user id given. Please choose an existing id of an ILIAS user',
311 'Client'
312 );
313 }
314
315 foreach ($rbacreview->assignedRoles($user_id) as $role_id) {
316 if ($tmp_obj = ilObjectFactory::getInstanceByObjId($role_id, false)) {
317 $objs[] = $tmp_obj;
318 }
319 }
320 if (count($objs)) {
321 include_once './webservice/soap/classes/class.ilObjectXMLWriter.php';
322
323 $xml_writer = new ilObjectXMLWriter();
324 $xml_writer->setObjects($objs);
325 if ($xml_writer->start()) {
326 return $xml_writer->getXML();
327 }
328 }
329 return '';
330 }

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

+ Here is the call graph for this function:

◆ grantPermissions()

ilSoapRBACAdministration::grantPermissions (   $sid,
  $ref_id,
  $role_id,
  $permissions 
)

Definition at line 210 of file class.ilSoapRBACAdministration.php.

211 {
212 $this->initAuth($sid);
213 $this->initIlias();
214
215 if (!$this->__checkSession($sid)) {
216 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
217 }
218
219 global $rbacadmin,$ilAccess;
220
221 if (!$tmp_obj =&ilObjectFactory::getInstanceByRefId($ref_id, false)) {
222 return $this->__raiseError(
223 'No valid ref id given. Please choose an existing reference id of an ILIAS object',
224 'Client'
225 );
226 }
227 if ($tmp_role =&ilObjectFactory::getInstanceByObjId($role_id, false) and $tmp_role->getType() != 'role') {
228 return $this->__raiseError(
229 'No valid role id given. Please choose an existing id of an ILIAS role',
230 'Client'
231 );
232 }
233
234 if (!$ilAccess->checkAccess('edit_permission', '', $ref_id)) {
235 return $this->__raiseError('Check access failed. No permission to grant permissions', 'Server');
236 }
237
238
239 // mjansen@databay.de: dirty fix
240 if (isset($permissions['item'])) {
241 $permissions = $permissions['item'];
242 }
243
244 if (!is_array($permissions)) {
245 return $this->__raiseError(
246 'No valid permissions given.' . print_r($permissions),
247 'Client'
248 );
249 }
250
251 $rbacadmin->revokePermission($ref_id, $role_id);
252 $rbacadmin->grantPermission($role_id, $permissions, $ref_id);
253
254 return true;
255 }

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilObjectFactory\getInstanceByRefId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

+ Here is the call graph for this function:

◆ parseUserID()

ilSoapRBACAdministration::parseUserID (   $id,
  $role_type 
)
private

Definition at line 711 of file class.ilSoapRBACAdministration.php.

712 {
713 if (strcasecmp($role_type, "user")==0) {
714 // get user roles for user id, which can be numeric or ilias id
715 $user_id = !is_numeric($id) ? ilUtil::__extractId($id, IL_INST_ID) : $id;
716 if (!is_numeric($user_id)) {
717 return $this->__raiseError('ID must be either numeric or ILIAS conform id for type \'user\'', 'Client');
718 }
719 } elseif (strcasecmp($role_type, "user_login") == 0) {
720 // check for login
721 $user_id = ilObjUser::_lookupId($id);
722 if (!$user_id) {
723 // could not find a valid user
724 return $this->__raiseError('User with login \'' . $id . '\' does not exist!', 'Client');
725 }
726 }
727 return $user_id;
728 }
ilObjUser\_lookupId
static _lookupId($a_user_str)
Lookup id by login.
Definition: class.ilObjUser.php:784
ilUtil\__extractId
static __extractId($ilias_id, $inst_id)
extract ref id from role title, e.g.
Definition: class.ilUtil.php:4413

References $id, ilUtil\__extractId(), ilSoapAdministration\__raiseError(), and ilObjUser\_lookupId().

Referenced by getRoles().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ revokePermissions()

ilSoapRBACAdministration::revokePermissions (   $sid,
  $ref_id,
  $role_id 
)

Definition at line 172 of file class.ilSoapRBACAdministration.php.

173 {
174 $this->initAuth($sid);
175 $this->initIlias();
176
177 if (!$this->__checkSession($sid)) {
178 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
179 }
180
181 global $rbacadmin,$ilAccess;
182
183 if (!$tmp_obj =&ilObjectFactory::getInstanceByRefId($ref_id, false)) {
184 return $this->__raiseError(
185 'No valid ref id given. Please choose an existing reference id of an ILIAS object',
186 'Client'
187 );
188 }
189 if ($tmp_role =&ilObjectFactory::getInstanceByObjId($role_id, false) and $tmp_role->getType() != 'role') {
190 return $this->__raiseError(
191 'No valid role id given. Please choose an existing id of an ILIAS role',
192 'Client'
193 );
194 }
195 if ($role_id == SYSTEM_ROLE_ID) {
196 return $this->__raiseError(
197 'Cannot revoke permissions of system role',
198 'Client'
199 );
200 }
201
202 if (!$ilAccess->checkAccess('edit_permission', '', $ref_id)) {
203 return $this->__raiseError('Check access failed. No permission to revoke permissions', 'Server');
204 }
205
206 $rbacadmin->revokePermission($ref_id, $role_id);
207
208 return true;
209 }

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilObjectFactory\getInstanceByRefId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

+ Here is the call graph for this function:

◆ searchRoles()

ilSoapRBACAdministration::searchRoles (   $sid,
  $key,
  $combination,
  $role_type 
)

search for roles.

Parameters
String$sid
String$searchtermscomma separated search terms
String$operatormust be or or and
String$role_typecan be empty which means "local & global", "local", "global", "user" = roles of user, "user_login" or "template"

Definition at line 646 of file class.ilSoapRBACAdministration.php.

647 {
648 $this->initAuth($sid);
649 $this->initIlias();
650
651 if (!$this->__checkSession($sid)) {
652 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
653 }
654
655 global $rbacsystem, $rbacreview, $ilUser, $ilDB;
656
657
658 if (strcasecmp($role_type, "") != 0 &&
659 strcasecmp($role_type, "local") != 0 &&
660 strcasecmp($role_type, "global") != 0 &&
661 strcasecmp($role_type, "template") != 0) {
662 return $this->__raiseError('Called service with wrong role_type parameter \'' . $role_type . '\'', 'Client');
663 }
664
665 if ($combination != 'and' and $combination != 'or') {
666 return $this->__raiseError(
667 'No valid combination given. Must be "and" or "or".',
668 'Client'
669 );
670 }
671
672 include_once './Services/Search/classes/class.ilQueryParser.php';
673
674 $query_parser = new ilQueryParser($key);
675 $query_parser->setMinWordLength(3);
676 $query_parser->setCombination($combination == 'and' ? QP_COMBINATION_AND : QP_COMBINATION_OR);
677 $query_parser->parse();
678 if (!$query_parser->validate()) {
679 return $this->__raiseError($query_parser->getMessage(), 'Client');
680 }
681
682 include_once './Services/Search/classes/class.ilObjectSearchFactory.php';
683
684 $object_search = ilObjectSearchFactory::_getObjectSearchInstance($query_parser);
685 $object_search->setFilter(array("role","rolt"));
686
687 $res = $object_search->performSearch();
688 $res->filter(ROOT_FOLDER_ID, $combination == 'and' ? true : false);
689
690 $obj_ids = array();
691 foreach ($res->getUniqueResults() as $entry) {
692 $obj_ids [] = $entry['obj_id'];
693 }
694
695 $roles = array();
696 if (count($obj_ids)> 0) {
697 #print_r($obj_ids);
698 $roles = $rbacreview->getRolesForIDs($obj_ids, $role_type == "template");
699 }
700 #print_r($roles);
701 include_once './webservice/soap/classes/class.ilSoapRoleObjectXMLWriter.php';
702 $xml_writer = new ilSoapRoleObjectXMLWriter();
703 $xml_writer->setObjects($roles);
704 $xml_writer->setType($role_type);
705 if ($xml_writer->start()) {
706 return $xml_writer->getXML();
707 }
708 }
QP_COMBINATION_OR
const QP_COMBINATION_OR
Definition: class.ilQueryParser.php:36
QP_COMBINATION_AND
const QP_COMBINATION_AND
Definition: class.ilQueryParser.php:35
ilObjectSearchFactory\_getObjectSearchInstance
static _getObjectSearchInstance($query_parser)
get reference of ilFulltext/LikeObjectSearch.
Definition: class.ilObjectSearchFactory.php:46
$key
$key
Definition: croninfo.php:18
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15

References $ilDB, $ilUser, $key, $res, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectSearchFactory\_getObjectSearchInstance(), ilSoapAdministration\initAuth(), ilSoapAdministration\initIlias(), QP_COMBINATION_AND, and QP_COMBINATION_OR.

+ Here is the call graph for this function:
The documentation for this class was generated from the following file: