ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
Public Member Functions | Private Member Functions
ilSoapRBACAdministration Class Reference
+ Inheritance diagram for ilSoapRBACAdministration:
+ Collaboration diagram for ilSoapRBACAdministration:

Public Member Functions

 deleteRole ($sid, $role_id)
 
 addUserRoleEntry ($sid, $user_id, $role_id)
 
 deleteUserRoleEntry ($sid, $user_id, $role_id)
 
 getOperations ($sid)
 
 revokePermissions ($sid, $ref_id, $role_id)
 
 grantPermissions ($sid, $ref_id, $role_id, $permissions)
 
 getLocalRoles ($sid, $ref_id)
 
 getUserRoles ($sid, $user_id)
 
 addRole ($sid, $target_id, $role_xml)
 
 addRoleFromTemplate ($sid, $target_id, $role_xml, $template_id)
 
 getObjectTreeOperations ($sid, $ref_id, $user_id)
 
 getRoles ($sid, $role_type, $id)
 get roles for a specific type and id More...
 
 searchRoles ($sid, $key, $combination, $role_type)
 search for roles. More...
 
- Public Member Functions inherited from ilSoapAdministration
 __construct ($use_nusoap=true)
 Constructor. More...
 
 initErrorWriter ()
 Overwrite error handler. More...
 
 __explodeSid ($sid)
 
 __setMessage ($a_str)
 
 __getMessage ()
 
 __appendMessage ($a_str)
 
 __setMessageCode ($a_code)
 
 __getMessageCode ()
 
 initAuth ($sid)
 Init authentication. More...
 
 initIlias ()
 
 __initAuthenticationObject ($a_auth_mode=AUTH_LOCAL)
 
 __raiseError ($a_message, $a_code)
 
 getNIC ($sid)
 get client information from current as xml result set More...
 
 isFault ($object)
 
 checkObjectAccess ($ref_id, $expected_type, $permission, $returnObject=false)
 check access for ref id: expected type, permission, return object instance if returnobject is true More...
 
 getInstallationInfoXML ()
 
 getClientInfoXML ($clientid)
 

Private Member Functions

 parseUserID ($id, $role_type)
 

Additional Inherited Members

- Static Public Member Functions inherited from ilSoapAdministration
static return_bytes ($val)
 calculate bytes from K,M,G modifiers e.g: 8M = 8 * 1024 * 1024 bytes More...
 
- Data Fields inherited from ilSoapAdministration
 $sauth = null
 
 $error_method = null
 
- Protected Attributes inherited from ilSoapAdministration
 $soap_check = true
 

Detailed Description

Definition at line 35 of file class.ilSoapRBACAdministration.php.

Member Function Documentation

◆ addRole()

ilSoapRBACAdministration::addRole (   $sid,
  $target_id,
  $role_xml 
)

Definition at line 332 of file class.ilSoapRBACAdministration.php.

References $GLOBALS, $target_id, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObject\_isInTrash(), array, ilObjectFactory\getInstanceByRefId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

333  {
334  $this->initAuth($sid);
335  $this->initIlias();
336 
337  if (!$this->__checkSession($sid)) {
338  return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
339  }
340 
341  global $rbacreview, $objDefinition, $rbacsystem,$ilAccess;
342 
343  if (!$tmp_obj =&ilObjectFactory::getInstanceByRefId($target_id, false)) {
344  return $this->__raiseError(
345  'No valid ref id given. Please choose an existing reference id of an ILIAS object',
346  'Client'
347  );
348  }
349 
350  if (ilObject::_isInTrash($target_id)) {
351  return $this->__raiseError("Parent with ID $target_id has been deleted.", 'CLIENT_TARGET_DELETED');
352  }
353 
354  if (!$ilAccess->checkAccess('edit_permission', '', $target_id)) {
355  return $this->__raiseError('Check access failed. No permission to create roles', 'Server');
356  }
357 
358  include_once 'webservice/soap/classes/class.ilObjectXMLParser.php';
359 
360  $xml_parser = new ilObjectXMLParser($role_xml);
361  $xml_parser->startParsing();
362 
363  foreach ($xml_parser->getObjectData() as $object_data) {
364 
365  // check if role title has il_ prefix
366  if (substr($object_data['title'], 0, 3) == "il_") {
367  return $this->__raiseError(
368  'Rolenames are not allowed to start with "il_" ',
369  'Client'
370  );
371  }
372 
373  include_once './Services/AccessControl/classes/class.ilObjRole.php';
374  $role = new ilObjRole();
375  $role->setTitle($object_data['title']);
376  $role->setDescription($object_data['description']);
377  $role->setImportId($object_data['import_id']);
378  $role->create();
379 
380  $GLOBALS['rbacadmin']->assignRoleToFolder($role->getId(), $target_id);
381  $new_roles[] = $role->getId();
382  }
383 
384  return $new_roles ? $new_roles : array();
385  }
ilObjRole
Class ilObjRole.
Definition: class.ilObjRole.php:16
$GLOBALS
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Definition: generate-standalone.php:18
ilObject\_isInTrash
static _isInTrash($a_ref_id)
checks wether object is in trash
Definition: class.ilObject.php:1219
$target_id
$target_id
Definition: goto.php:49
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:204
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilSoapAdministration\initAuth
initAuth($sid)
Init authentication.
Definition: class.ilSoapAdministration.php:175
ilObjectFactory\getInstanceByRefId
static getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
Definition: class.ilObjectFactory.php:141
+ Here is the call graph for this function:

◆ addRoleFromTemplate()

ilSoapRBACAdministration::addRoleFromTemplate (   $sid,
  $target_id,
  $role_xml,
  $template_id 
)

Definition at line 387 of file class.ilSoapRBACAdministration.php.

References $GLOBALS, $target_id, $template_id, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObject\_isInTrash(), ilObject\_lookupType(), array, ilObjectFactory\getInstanceByRefId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

388  {
389  $this->initAuth($sid);
390  $this->initIlias();
391 
392  if (!$this->__checkSession($sid)) {
393  return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
394  }
395 
396  global $rbacreview, $objDefinition, $rbacsystem, $rbacadmin,$ilAccess;
397 
398  if (!$tmp_obj =&ilObjectFactory::getInstanceByRefId($target_id, false)) {
399  return $this->__raiseError(
400  'No valid ref id given. Please choose an existing reference id of an ILIAS object',
401  'Client'
402  );
403  }
404  if (ilObject::_lookupType($template_id) != 'rolt') {
405  return $this->__raiseError(
406  'No valid template id given. Please choose an existing object id of an ILIAS role template',
407  'Client'
408  );
409  }
410 
411 
412  if (ilObject::_isInTrash($target_id)) {
413  return $this->__raiseError("Parent with ID $target_id has been deleted.", 'CLIENT_TARGET_DELETED');
414  }
415 
416  if (!$ilAccess->checkAccess('edit_permission', '', $target_id)) {
417  return $this->__raiseError('Check access failed. No permission to create roles', 'Server');
418  }
419 
420 
421  include_once 'webservice/soap/classes/class.ilObjectXMLParser.php';
422 
423  $xml_parser = new ilObjectXMLParser($role_xml);
424  $xml_parser->startParsing();
425 
426  foreach ($xml_parser->getObjectData() as $object_data) {
427 
428  // check if role title has il_ prefix
429  if (substr($object_data['title'], 0, 3) == "il_") {
430  return $this->__raiseError(
431  'Rolenames are not allowed to start with "il_" ',
432  'Client'
433  );
434  }
435 
436  include_once './Services/AccessControl/classes/class.ilObjRole.php';
437  $role = new ilObjRole();
438  $role->setTitle($object_data['title']);
439  $role->setDescription($object_data['description']);
440  $role->setImportId($object_data['import_id']);
441  $role->create();
442 
443  $GLOBALS['rbacadmin']->assignRoleToFolder($role->getId(), $target_id);
444 
445  // Copy permssions
446  $rbacadmin->copyRoleTemplatePermissions($template_id, ROLE_FOLDER_ID, $target_id, $role->getId());
447 
448  // Set object permissions according to role template
449  $ops = $rbacreview->getOperationsOfRole($role->getId(), $tmp_obj->getType(), $target_id);
450  $rbacadmin->grantPermission($role->getId(), $ops, $target_id);
451  $new_roles[] = $role->getId();
452  }
453 
454 
455  // CREATE ADMIN ROLE
456 
457 
458 
459 
460 
461  return $new_roles ? $new_roles : array();
462  }
ilObjRole
Class ilObjRole.
Definition: class.ilObjRole.php:16
$GLOBALS
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Definition: generate-standalone.php:18
ilObject\_isInTrash
static _isInTrash($a_ref_id)
checks wether object is in trash
Definition: class.ilObject.php:1219
$target_id
$target_id
Definition: goto.php:49
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:204
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1204
ilSoapAdministration\initAuth
initAuth($sid)
Init authentication.
Definition: class.ilSoapAdministration.php:175
ilObjectFactory\getInstanceByRefId
static getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
Definition: class.ilObjectFactory.php:141
$template_id
$template_id
Definition: logout-iframe.php:118
+ Here is the call graph for this function:

◆ addUserRoleEntry()

ilSoapRBACAdministration::addUserRoleEntry (   $sid,
  $user_id,
  $role_id 
)

Definition at line 79 of file class.ilSoapRBACAdministration.php.

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

80  {
81  $this->initAuth($sid);
82  $this->initIlias();
83 
84  if (!$this->__checkSession($sid)) {
85  return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
86  }
87 
88  global $rbacadmin,$rbacreview,$ilAccess;
89 
90  if ($tmp_user =&ilObjectFactory::getInstanceByObjId($user_id) and $tmp_user->getType() != 'usr') {
91  return $this->__raiseError(
92  'No valid user id given. Please choose an existing id of an ILIAS user',
93  'Client'
94  );
95  }
96  if ($tmp_role =&ilObjectFactory::getInstanceByObjId($role_id) and $tmp_role->getType() != 'role') {
97  return $this->__raiseError(
98  'No valid role id given. Please choose an existing id of an ILIAS role',
99  'Client'
100  );
101  }
102 
103  $obj_ref = $rbacreview->getObjectReferenceOfRole($role_id);
104  if (!$ilAccess->checkAccess('edit_permission', '', $obj_ref)) {
105  return $this->__raiseError('Check access failed. No permission to assign users', 'Server');
106  }
107 
108  if (!$rbacadmin->assignUser($role_id, $user_id)) {
109  return $this->__raiseError(
110  'Error rbacadmin->assignUser()',
111  'Server'
112  );
113  }
114  return true;
115  }
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:204
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:75
ilSoapAdministration\initAuth
initAuth($sid)
Init authentication.
Definition: class.ilSoapAdministration.php:175
+ Here is the call graph for this function:

◆ deleteRole()

ilSoapRBACAdministration::deleteRole (   $sid,
  $role_id 
)

Definition at line 37 of file class.ilSoapRBACAdministration.php.

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

38  {
39  $this->initAuth($sid);
40  $this->initIlias();
41 
42  if (!$this->__checkSession($sid)) {
43  return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
44  }
45 
46  global $rbacreview, $rbacsystem,$ilAccess;
47 
48  if (!$tmp_role =&ilObjectFactory::getInstanceByObjId($role_id, false) or $tmp_role->getType() != 'role') {
49  return $this->__raiseError(
50  'No valid role id given. Please choose an existing id of an ILIAS role',
51  'Client'
52  );
53  }
54 
55 
56  $obj_ref = $rbacreview->getObjectReferenceOfRole($role_id);
57  if (!$ilAccess->checkAccess('edit_permission', '', $obj_ref)) {
58  return $this->__raiseError('Check access failed. No permission to delete role', 'Server');
59  }
60 
61  // if it's last role of an user
62  foreach ($assigned_users = $rbacreview->assignedUsers($role_id) as $user_id) {
63  if (count($rbacreview->assignedRoles($user_id)) == 1) {
64  return $this->__raiseError(
65  'Cannot deassign last role of users',
66  'Client'
67  );
68  }
69  }
70 
71  // set parent id (role folder id) of role
72  $rolf_id = end($rolf_ids = $rbacreview->getFoldersAssignedToRole($role_id, true));
73  $tmp_role->setParent($rolf_id);
74  $tmp_role->delete();
75 
76  return true;
77  }
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:204
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:75
ilSoapAdministration\initAuth
initAuth($sid)
Init authentication.
Definition: class.ilSoapAdministration.php:175
+ Here is the call graph for this function:

◆ deleteUserRoleEntry()

ilSoapRBACAdministration::deleteUserRoleEntry (   $sid,
  $user_id,
  $role_id 
)

Definition at line 116 of file class.ilSoapRBACAdministration.php.

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

117  {
118  $this->initAuth($sid);
119  $this->initIlias();
120 
121  if (!$this->__checkSession($sid)) {
122  return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
123  }
124 
125  global $rbacadmin,$ilAccess,$rbacreview;
126 
127  if ($tmp_user =&ilObjectFactory::getInstanceByObjId($user_id, false) and $tmp_user->getType() != 'usr') {
128  return $this->__raiseError(
129  'No valid user id given. Please choose an existing id of an ILIAS user',
130  'Client'
131  );
132  }
133  if ($tmp_role =&ilObjectFactory::getInstanceByObjId($role_id, false) and $tmp_role->getType() != 'role') {
134  return $this->__raiseError(
135  'No valid role id given. Please choose an existing id of an ILIAS role',
136  'Client'
137  );
138  }
139 
140  $obj_ref = $rbacreview->getObjectReferenceOfRole($role_id);
141  if (!$ilAccess->checkAccess('edit_permission', '', $obj_ref)) {
142  return $this->__raiseError('Check access failed. No permission to deassign users', 'Server');
143  }
144 
145  if (!$rbacadmin->deassignUser($role_id, $user_id)) {
146  return $this->__raiseError(
147  'Error rbacadmin->deassignUser()',
148  'Server'
149  );
150  }
151  return true;
152  }
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:204
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:75
ilSoapAdministration\initAuth
initAuth($sid)
Init authentication.
Definition: class.ilSoapAdministration.php:175
+ Here is the call graph for this function:

◆ getLocalRoles()

ilSoapRBACAdministration::getLocalRoles (   $sid,
  $ref_id 
)

Definition at line 257 of file class.ilSoapRBACAdministration.php.

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilObjectFactory\getInstanceByRefId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

258  {
259  $this->initAuth($sid);
260  $this->initIlias();
261 
262  if (!$this->__checkSession($sid)) {
263  return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
264  }
265 
266  global $rbacreview,$ilAccess;
267 
268  if (!$tmp_obj =&ilObjectFactory::getInstanceByRefId($ref_id, false)) {
269  return $this->__raiseError(
270  'No valid ref id given. Please choose an existing reference id of an ILIAS object',
271  'Client'
272  );
273  }
274 
275  if (!$ilAccess->checkAccess('edit_permission', '', $ref_id)) {
276  return $this->__raiseError('Check access failed. No permission to access role information', 'Server');
277  }
278 
279 
280  foreach ($rbacreview->getRolesOfRoleFolder($ref_id, false) as $role_id) {
281  if ($tmp_obj = ilObjectFactory::getInstanceByObjId($role_id, false)) {
282  $objs[] = $tmp_obj;
283  }
284  }
285  if (count($objs)) {
286  include_once './webservice/soap/classes/class.ilObjectXMLWriter.php';
287 
288  $xml_writer = new ilObjectXMLWriter();
289  $xml_writer->setObjects($objs);
290  if ($xml_writer->start()) {
291  return $xml_writer->getXML();
292  }
293  }
294  return '';
295  }
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:204
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:75
ilSoapAdministration\initAuth
initAuth($sid)
Init authentication.
Definition: class.ilSoapAdministration.php:175
ilObjectFactory\getInstanceByRefId
static getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
Definition: class.ilObjectFactory.php:141
+ Here is the call graph for this function:

◆ getObjectTreeOperations()

ilSoapRBACAdministration::getObjectTreeOperations (   $sid,
  $ref_id,
  $user_id 
)

Definition at line 464 of file class.ilSoapRBACAdministration.php.

References $data, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObject\_isInTrash(), array, ilObjectFactory\getInstanceByObjId(), ilObjectFactory\getInstanceByRefId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

465  {
466  $this->initAuth($sid);
467  $this->initIlias();
468 
469  if (!$this->__checkSession($sid)) {
470  return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
471  }
472 
473  global $rbacsystem,$rbacreview,$ilAccess;
474 
475 
476  if (!$tmp_obj =&ilObjectFactory::getInstanceByRefId($ref_id, false)) {
477  return $this->__raiseError(
478  'No valid ref id given. Please choose an existing reference id of an ILIAS object',
479  'Client'
480  );
481  }
482 
483  if (!$tmp_user =&ilObjectFactory::getInstanceByObjId($user_id, false)) {
484  return $this->__raiseError(
485  'No valid user id given.',
486  'Client'
487  );
488  }
489 
490  if (ilObject::_isInTrash($ref_id)) {
491  return $this->__raiseError("Parent with ID $target_id has been deleted.", 'CLIENT_TARGET_DELETED');
492  }
493 
494 
495 
496  // check visible for all upper tree entries
497  if (!$ilAccess->checkAccessOfUser($tmp_user->getId(), 'visible', '', $tmp_obj->getRefId())) {
498  return array();
499  }
500  $op_data = $rbacreview->getOperation(2);
501  $ops_data[] = $op_data;
502 
503  if (!$ilAccess->checkAccessOfUser($tmp_user->getId(), 'read', '', $tmp_obj->getRefId())) {
504  return $ops_data;
505  }
506 
507 
508  $ops_data = array();
509  $ops = $rbacreview->getOperationsOnTypeString($tmp_obj->getType());
510  foreach ($ops as $ops_id) {
511  $op_data = $rbacreview->getOperation($ops_id);
512 
513  if ($rbacsystem->checkAccessOfUser($user_id, $op_data['operation'], $tmp_obj->getRefId())) {
514  $ops_data[$ops_id] = $op_data;
515  }
516  }
517 
518  foreach ($ops_data as $data) {
519  $ret_data[] = $data;
520  }
521  return $ret_data ? $ret_data : array();
522  }
ilObject\_isInTrash
static _isInTrash($a_ref_id)
checks wether object is in trash
Definition: class.ilObject.php:1219
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:204
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:75
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilSoapAdministration\initAuth
initAuth($sid)
Init authentication.
Definition: class.ilSoapAdministration.php:175
ilObjectFactory\getInstanceByRefId
static getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
Definition: class.ilObjectFactory.php:141
+ Here is the call graph for this function:

◆ getOperations()

ilSoapRBACAdministration::getOperations (   $sid)

Definition at line 154 of file class.ilSoapRBACAdministration.php.

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

155  {
156  $this->initAuth($sid);
157  $this->initIlias();
158 
159  if (!$this->__checkSession($sid)) {
160  return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
161  }
162 
163  global $rbacreview;
164 
165  if (is_array($ops = $rbacreview->getOperations())) {
166  return $ops;
167  } else {
168  return $this->__raiseError('Unknown error', 'Server');
169  }
170  }
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:204
ilSoapAdministration\initAuth
initAuth($sid)
Init authentication.
Definition: class.ilSoapAdministration.php:175
+ Here is the call graph for this function:

◆ getRoles()

ilSoapRBACAdministration::getRoles (   $sid,
  $role_type,
  $id 
)

get roles for a specific type and id

Parameters
String$sidsession id
String$role_typecan be empty which means "local & global", "local", "global", "user", "user_login" or "template"
Mixed$idcan be -1 for system role folder, can be ref id in case for role type "local/global/template", can be user id with "user" or login in case for role type "user_login"
Returns
String according DTD role_3_7

Definition at line 532 of file class.ilSoapRBACAdministration.php.

References $id, $ilDB, $ilUser, $query, $type, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), array, ilDBConstants\FETCHMODE_ASSOC, ilObjectFactory\getInstanceByObjId(), ilSoapAdministration\initAuth(), ilSoapAdministration\initIlias(), and parseUserID().

533  {
534  $this->initAuth($sid);
535  $this->initIlias();
536 
537  if (!$this->__checkSession($sid)) {
538  return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
539  }
540 
541  global $rbacsystem, $rbacreview, $ilUser, $ilDB;
542 
543  if (strcasecmp($role_type, "") != 0 &&
544  strcasecmp($role_type, "local") != 0 &&
545  strcasecmp($role_type, "global") != 0 &&
546  strcasecmp($role_type, "user") != 0 &&
547  strcasecmp($role_type, "user_login") != 0 &&
548  strcasecmp($role_type, "template") != 0) {
549  return $this->__raiseError('Called service with wrong role_type parameter \'' . $role_type . '\'', 'Client');
550  }
551 
552  $roles = array();
553 
554 
555  if (strcasecmp($role_type, "template") == 0) {
556  // get templates
557  $roles = $rbacreview->getRolesByFilter(6, $ilUser->getId());
558  } elseif (strcasecmp($role_type, "user")==0 || strcasecmp($role_type, "user_login")==0) {
559  // handle user roles
560  $user_id = $this->parseUserID($id, $role_type);
561  if ($user_id != $ilUser->getId()) {
562  // check access for user folder
563  $tmpUser = new ilObjUser($user_id);
564  $timelimitOwner = $tmpUser->getTimeLimitOwner();
565  if (!$rbacsystem->checkAccess('read', $timelimitOwner)) {
566  return $this->__raiseError('Check access for time limit owner failed.', 'Server');
567  }
568  }
569  $role_type = ""; // local and global roles for user
570 
571  $query = sprintf(
572  "SELECT object_data.title, rbac_fa.* FROM object_data, rbac_ua, rbac_fa WHERE rbac_ua.rol_id IN ('%s') AND rbac_ua.rol_id = rbac_fa.rol_id AND object_data.obj_id = rbac_fa.rol_id AND rbac_ua.usr_id=" . $user_id,
573  join("','", $rbacreview->assignedRoles($user_id))
574  );
575 
576  $rbacresult = $ilDB->query($query);
577  while ($rbacrow = $rbacresult->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) {
578  if ($rbacrow["assign"] != "y") {
579  continue;
580  }
581 
582  $type = "";
583 
584  if ($rbacrow["parent"] == ROLE_FOLDER_ID) {
585  $type = "Global";
586  } else {
587  $type = "Local";
588  }
589  if (strlen($type) && $tmp_obj = ilObjectFactory::getInstanceByObjId($rbacrow["rol_id"], false)) {
590  /* @var $tmp_obj IlObjRole */
591  $roles[] = array(
592  "obj_id" =>$rbacrow["rol_id"],
593  "title" => $tmp_obj->getTitle(),
594  "description" => $tmp_obj->getDescription(),
595  "role_type" => $type);
596  }
597  }
598  } elseif ($id == "-1") {
599  // get all roles of system role folder
600  if (!$rbacsystem->checkAccess('read', ROLE_FOLDER_ID)) {
601  return $this->__raiseError('Check access failed.', 'Server');
602  }
603 
604  $roles = $rbacreview->getAssignableRoles(false, true);
605  } else {
606  // get local roles for a specific repository object
607  // needs permission to read permissions of this object
608  if (!$rbacsystem->checkAccess('edit_permission', $id)) {
609  return $this->__raiseError('Check access for local roles failed.', 'Server');
610  }
611 
612  if (!is_numeric($id)) {
613  return $this->__raiseError('Id must be numeric to process roles of a repository object.', 'Client');
614  }
615 
616  $role_type = "local";
617 
618  foreach ($rbacreview->getRolesOfRoleFolder($id, false) as $role_id) {
619  if ($tmp_obj = ilObjectFactory::getInstanceByObjId($role_id, false)) {
620  $roles[] = array("obj_id" => $role_id, "title" => $tmp_obj->getTitle(), "description" => $tmp_obj->getDescription(), "role_type" => $role_type);
621  }
622  }
623  }
624 
625 
626  include_once './webservice/soap/classes/class.ilSoapRoleObjectXMLWriter.php';
627 
628  $xml_writer = new ilSoapRoleObjectXMLWriter();
629  $xml_writer->setObjects($roles);
630  $xml_writer->setType($role_type);
631  if ($xml_writer->start()) {
632  return $xml_writer->getXML();
633  }
634  }
$type
$type
Definition: proxy_ylocal.php:10
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:204
$ilUser
$ilUser
Definition: imgupload.php:18
$query
$query
Definition: proxy_ylocal.php:13
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:75
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilSoapAdministration\initAuth
initAuth($sid)
Init authentication.
Definition: class.ilSoapAdministration.php:175
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ getUserRoles()

ilSoapRBACAdministration::getUserRoles (   $sid,
  $user_id 
)

Definition at line 297 of file class.ilSoapRBACAdministration.php.

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

298  {
299  $this->initAuth($sid);
300  $this->initIlias();
301 
302  if (!$this->__checkSession($sid)) {
303  return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
304  }
305 
306  global $rbacreview;
307 
308  if (!$tmp_user =&ilObjectFactory::getInstanceByObjId($user_id, false)) {
309  return $this->__raiseError(
310  'No valid user id given. Please choose an existing id of an ILIAS user',
311  'Client'
312  );
313  }
314 
315  foreach ($rbacreview->assignedRoles($user_id) as $role_id) {
316  if ($tmp_obj = ilObjectFactory::getInstanceByObjId($role_id, false)) {
317  $objs[] = $tmp_obj;
318  }
319  }
320  if (count($objs)) {
321  include_once './webservice/soap/classes/class.ilObjectXMLWriter.php';
322 
323  $xml_writer = new ilObjectXMLWriter();
324  $xml_writer->setObjects($objs);
325  if ($xml_writer->start()) {
326  return $xml_writer->getXML();
327  }
328  }
329  return '';
330  }
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:204
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:75
ilSoapAdministration\initAuth
initAuth($sid)
Init authentication.
Definition: class.ilSoapAdministration.php:175
+ Here is the call graph for this function:

◆ grantPermissions()

ilSoapRBACAdministration::grantPermissions (   $sid,
  $ref_id,
  $role_id,
  $permissions 
)

Definition at line 210 of file class.ilSoapRBACAdministration.php.

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilObjectFactory\getInstanceByRefId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

211  {
212  $this->initAuth($sid);
213  $this->initIlias();
214 
215  if (!$this->__checkSession($sid)) {
216  return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
217  }
218 
219  global $rbacadmin,$ilAccess;
220 
221  if (!$tmp_obj =&ilObjectFactory::getInstanceByRefId($ref_id, false)) {
222  return $this->__raiseError(
223  'No valid ref id given. Please choose an existing reference id of an ILIAS object',
224  'Client'
225  );
226  }
227  if ($tmp_role =&ilObjectFactory::getInstanceByObjId($role_id, false) and $tmp_role->getType() != 'role') {
228  return $this->__raiseError(
229  'No valid role id given. Please choose an existing id of an ILIAS role',
230  'Client'
231  );
232  }
233 
234  if (!$ilAccess->checkAccess('edit_permission', '', $ref_id)) {
235  return $this->__raiseError('Check access failed. No permission to grant permissions', 'Server');
236  }
237 
238 
239  // mjansen@databay.de: dirty fix
240  if (isset($permissions['item'])) {
241  $permissions = $permissions['item'];
242  }
243 
244  if (!is_array($permissions)) {
245  return $this->__raiseError(
246  'No valid permissions given.' . print_r($permissions),
247  'Client'
248  );
249  }
250 
251  $rbacadmin->revokePermission($ref_id, $role_id);
252  $rbacadmin->grantPermission($role_id, $permissions, $ref_id);
253 
254  return true;
255  }
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:204
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:75
ilSoapAdministration\initAuth
initAuth($sid)
Init authentication.
Definition: class.ilSoapAdministration.php:175
ilObjectFactory\getInstanceByRefId
static getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
Definition: class.ilObjectFactory.php:141
+ Here is the call graph for this function:

◆ parseUserID()

ilSoapRBACAdministration::parseUserID (   $id,
  $role_type 
)
private

Definition at line 711 of file class.ilSoapRBACAdministration.php.

References $id, ilUtil\__extractId(), ilSoapAdministration\__raiseError(), and ilObjUser\_lookupId().

Referenced by getRoles().

712  {
713  if (strcasecmp($role_type, "user")==0) {
714  // get user roles for user id, which can be numeric or ilias id
715  $user_id = !is_numeric($id) ? ilUtil::__extractId($id, IL_INST_ID) : $id;
716  if (!is_numeric($user_id)) {
717  return $this->__raiseError('ID must be either numeric or ILIAS conform id for type \'user\'', 'Client');
718  }
719  } elseif (strcasecmp($role_type, "user_login") == 0) {
720  // check for login
721  $user_id = ilObjUser::_lookupId($id);
722  if (!$user_id) {
723  // could not find a valid user
724  return $this->__raiseError('User with login \'' . $id . '\' does not exist!', 'Client');
725  }
726  }
727  return $user_id;
728  }
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14
ilObjUser\_lookupId
static _lookupId($a_user_str)
Lookup id by login.
Definition: class.ilObjUser.php:784
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:204
ilUtil\__extractId
static __extractId($ilias_id, $inst_id)
extract ref id from role title, e.g.
Definition: class.ilUtil.php:4413
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ revokePermissions()

ilSoapRBACAdministration::revokePermissions (   $sid,
  $ref_id,
  $role_id 
)

Definition at line 172 of file class.ilSoapRBACAdministration.php.

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilObjectFactory\getInstanceByRefId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

173  {
174  $this->initAuth($sid);
175  $this->initIlias();
176 
177  if (!$this->__checkSession($sid)) {
178  return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
179  }
180 
181  global $rbacadmin,$ilAccess;
182 
183  if (!$tmp_obj =&ilObjectFactory::getInstanceByRefId($ref_id, false)) {
184  return $this->__raiseError(
185  'No valid ref id given. Please choose an existing reference id of an ILIAS object',
186  'Client'
187  );
188  }
189  if ($tmp_role =&ilObjectFactory::getInstanceByObjId($role_id, false) and $tmp_role->getType() != 'role') {
190  return $this->__raiseError(
191  'No valid role id given. Please choose an existing id of an ILIAS role',
192  'Client'
193  );
194  }
195  if ($role_id == SYSTEM_ROLE_ID) {
196  return $this->__raiseError(
197  'Cannot revoke permissions of system role',
198  'Client'
199  );
200  }
201 
202  if (!$ilAccess->checkAccess('edit_permission', '', $ref_id)) {
203  return $this->__raiseError('Check access failed. No permission to revoke permissions', 'Server');
204  }
205 
206  $rbacadmin->revokePermission($ref_id, $role_id);
207 
208  return true;
209  }
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:204
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:75
ilSoapAdministration\initAuth
initAuth($sid)
Init authentication.
Definition: class.ilSoapAdministration.php:175
ilObjectFactory\getInstanceByRefId
static getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
Definition: class.ilObjectFactory.php:141
+ Here is the call graph for this function:

◆ searchRoles()

ilSoapRBACAdministration::searchRoles (   $sid,
  $key,
  $combination,
  $role_type 
)

search for roles.

Parameters
String$sid
String$searchtermscomma separated search terms
String$operatormust be or or and
String$role_typecan be empty which means "local & global", "local", "global", "user" = roles of user, "user_login" or "template"

Definition at line 646 of file class.ilSoapRBACAdministration.php.

References $ilDB, $ilUser, $key, $res, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectSearchFactory\_getObjectSearchInstance(), array, ilSoapAdministration\initAuth(), ilSoapAdministration\initIlias(), QP_COMBINATION_AND, and QP_COMBINATION_OR.

647  {
648  $this->initAuth($sid);
649  $this->initIlias();
650 
651  if (!$this->__checkSession($sid)) {
652  return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
653  }
654 
655  global $rbacsystem, $rbacreview, $ilUser, $ilDB;
656 
657 
658  if (strcasecmp($role_type, "") != 0 &&
659  strcasecmp($role_type, "local") != 0 &&
660  strcasecmp($role_type, "global") != 0 &&
661  strcasecmp($role_type, "template") != 0) {
662  return $this->__raiseError('Called service with wrong role_type parameter \'' . $role_type . '\'', 'Client');
663  }
664 
665  if ($combination != 'and' and $combination != 'or') {
666  return $this->__raiseError(
667  'No valid combination given. Must be "and" or "or".',
668  'Client'
669  );
670  }
671 
672  include_once './Services/Search/classes/class.ilQueryParser.php';
673 
674  $query_parser = new ilQueryParser($key);
675  $query_parser->setMinWordLength(3);
676  $query_parser->setCombination($combination == 'and' ? QP_COMBINATION_AND : QP_COMBINATION_OR);
677  $query_parser->parse();
678  if (!$query_parser->validate()) {
679  return $this->__raiseError($query_parser->getMessage(), 'Client');
680  }
681 
682  include_once './Services/Search/classes/class.ilObjectSearchFactory.php';
683 
684  $object_search = ilObjectSearchFactory::_getObjectSearchInstance($query_parser);
685  $object_search->setFilter(array("role","rolt"));
686 
687  $res = $object_search->performSearch();
688  $res->filter(ROOT_FOLDER_ID, $combination == 'and' ? true : false);
689 
690  $obj_ids = array();
691  foreach ($res->getUniqueResults() as $entry) {
692  $obj_ids [] = $entry['obj_id'];
693  }
694 
695  $roles = array();
696  if (count($obj_ids)> 0) {
697  #print_r($obj_ids);
698  $roles = $rbacreview->getRolesForIDs($obj_ids, $role_type == "template");
699  }
700  #print_r($roles);
701  include_once './webservice/soap/classes/class.ilSoapRoleObjectXMLWriter.php';
702  $xml_writer = new ilSoapRoleObjectXMLWriter();
703  $xml_writer->setObjects($roles);
704  $xml_writer->setType($role_type);
705  if ($xml_writer->start()) {
706  return $xml_writer->getXML();
707  }
708  }
QP_COMBINATION_OR
const QP_COMBINATION_OR
Definition: class.ilQueryParser.php:36
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:204
$ilUser
$ilUser
Definition: imgupload.php:18
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilObjectSearchFactory\_getObjectSearchInstance
static _getObjectSearchInstance($query_parser)
get reference of ilFulltext/LikeObjectSearch.
Definition: class.ilObjectSearchFactory.php:46
ilSoapAdministration\initAuth
initAuth($sid)
Init authentication.
Definition: class.ilSoapAdministration.php:175
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
QP_COMBINATION_AND
const QP_COMBINATION_AND
Definition: class.ilQueryParser.php:35
$key
$key
Definition: croninfo.php:18
+ Here is the call graph for this function:
The documentation for this class was generated from the following file: