4include_once
"./Services/Object/classes/class.ilObjectGUI.php";
5include_once
'./Services/AccessControl/classes/class.ilObjRole.php';
6require_once(
'./Services/Repository/classes/class.ilObjectPlugin.php');
47 public function __construct($a_data, $a_id, $a_call_by_reference =
false, $a_prepare_output =
true)
51 $lng->loadLanguageModule(
'rbac');
54 define(
"USER_FOLDER_ID", 7);
60 (int) $_REQUEST[
'rolf_ref_id'] ?
61 (
int) $_REQUEST[
'rolf_ref_id'] :
62 (int) $_REQUEST[
'ref_id']
71 parent::__construct($a_data, $a_id, $a_call_by_reference,
false);
72 $this->ctrl->saveParameter($this, array(
'obj_id',
'rolf_ref_id'));
82 $next_class = $this->ctrl->getNextClass($this);
83 $cmd = $this->ctrl->getCmd();
87 switch ($next_class) {
88 case 'ilrepositorysearchgui':
93 include_once(
'./Services/Search/classes/class.ilRepositorySearchGUI.php');
95 $rep_search->setTitle($this->lng->txt(
'role_add_user'));
96 $rep_search->setCallback($this,
'addUserObject');
99 $this->tabs_gui->setTabActive(
'user_assignment');
100 $this->ctrl->setReturn($this,
'userassignment');
101 $ret =&$this->ctrl->forwardCommand($rep_search);
106 $this->tabs_gui->setTabActive(
'export');
108 include_once
'./Services/Export/classes/class.ilExportOptions.php';
112 include_once
'./Services/Export/classes/class.ilExportGUI.php';
114 $exp->addFormat(
'xml');
115 $this->ctrl->forwardCommand($exp);
123 $cmd =
'userassignment';
167 $this->back_target = array(
"text" => $a_text,
173 return $this->back_target ? $this->back_target : array();
209 if (!
$rbacreview->isAssignable($this->object->getId(), $this->obj_ref_id) &&
210 $this->obj_ref_id != ROLE_FOLDER_ID) {
216 $this->
__showButton(
'selectDesktopItem', $this->lng->txt(
'role_desk_add'));
219 include_once
'Services/AccessControl/classes/class.ilRoleDesktopItemsTableGUI.php';
221 $this->tpl->setContent(
$tbl->getHTML());
232 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
235 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
237 if (!count(
$_POST[
'del_desk_item'])) {
245 include_once(
"./Services/Utilities/classes/class.ilConfirmationGUI.php");
247 $confirmation_gui->setFormAction($this->ctrl->getFormAction($this));
248 $confirmation_gui->setHeaderText($this->lng->txt(
'role_assigned_desk_items') .
249 ' "' . $this->object->getTitle() .
'": ' .
250 $this->lng->txt(
'role_sure_delete_desk_items'));
251 $confirmation_gui->setCancel($this->lng->txt(
"cancel"),
"listDesktopItems");
252 $confirmation_gui->setConfirm($this->lng->txt(
"delete"),
"deleteDesktopItems");
254 include_once
'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
257 foreach (
$_POST[
'del_desk_item'] as $role_item_id) {
258 $item_data = $role_desk_item_obj->getItem($role_item_id);
261 if (strlen($desc = $tmp_obj->getDescription())) {
262 $desc =
'<div class="il_Description_no_margin">' . $desc .
'</div>';
265 $confirmation_gui->addItem(
"del_desk_item[]", $role_item_id, $tmp_obj->getTitle() . $desc);
268 $this->tpl->setContent($confirmation_gui->getHTML());
278 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
282 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
285 if (!count(
$_POST[
'del_desk_item'])) {
293 include_once
'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
297 foreach (
$_POST[
'del_desk_item'] as $role_item_id) {
298 $role_desk_item_obj->delete($role_item_id);
312 include_once
'Services/AccessControl/classes/class.ilRoleDesktopItemSelector.php';
313 include_once
'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
316 #$this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
322 $this->tpl->addBlockFile(
"ADM_CONTENT",
"adm_content",
"tpl.role_desktop_item_selector.html",
"Services/AccessControl");
323 $this->
__showButton(
'listDesktopItems', $this->lng->txt(
'back'));
328 $this->ctrl->getLinkTarget($this,
'selectDesktopItem'),
331 $exp->setExpand(
$_GET[
"role_desk_item_link_expand"] ?
$_GET[
"role_desk_item_link_expand"] :
$tree->readRootId());
332 $exp->setExpandTarget($this->ctrl->getLinkTarget($this,
'selectDesktopItem'));
337 $this->tpl->setVariable(
"EXPLORER",
$output);
348 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
353 if (!isset(
$_GET[
'item_id'])) {
360 include_once
'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
367 $this->ctrl->redirect($this,
'listDesktopItems');
378 include_once
'./Services/Form/classes/class.ilPropertyFormGUI.php';
381 if ($this->creation_mode) {
382 $this->ctrl->setParameter($this,
"new_type",
'role');
384 $this->form->setFormAction($this->ctrl->getFormAction($this));
388 $this->form->setTitle($this->lng->txt(
'role_new'));
389 $this->form->addCommandButton(
'save', $this->lng->txt(
'role_new'));
393 $this->form->setTitle($this->lng->txt(
'role_edit'));
394 $this->form->addCommandButton(
'update', $this->lng->txt(
'save'));
401 $this->form->addCommandButton(
'cancel', $this->lng->txt(
'cancel'));
405 $title->setDisabled(
true);
408 $title->setValidationRegexp(
'/^(?!il_).*$/');
409 $title->setValidationFailureMessage($this->lng->txt(
'msg_role_reserved_prefix'));
414 $title->setRequired(
true);
415 $this->form->addItem(
$title);
419 $desc->setDisabled(
true);
423 $this->form->addItem($desc);
425 if ($a_mode != self::MODE_LOCAL_CREATE && $a_mode != self::MODE_GLOBAL_CREATE) {
427 $this->form->addItem($ilias_id);
430 if ($this->obj_ref_id == ROLE_FOLDER_ID) {
433 #$reg->setInfo($this->lng->txt('rbac_new_acc_reg_info'));
434 $this->form->addItem($reg);
438 #$la->setInfo($this->lng->txt('rbac_local_admin_info'));
439 $this->form->addItem($la);
444 #$pro->setInfo($this->lng->txt('role_protext_permission_info'));
445 $this->form->addItem($pro);
447 include_once
'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
450 $quo->setMinValue(0);
452 $quo->setInfo($this->lng->txt(
'enter_in_mb_desc') .
'<br />' . $this->lng->txt(
'disk_quota_on_role_desc'));
453 $this->form->addItem($quo);
456 $this->lng->loadLanguageModule(
"file");
457 $wquo =
new ilNumberInputGUI($this->lng->txt(
'personal_workspace_disk_quota'),
'wsp_disk_quota');
458 $wquo->setMinValue(0);
460 $wquo->setInfo($this->lng->txt(
'enter_in_mb_desc') .
'<br />' . $this->lng->txt(
'disk_quota_on_role_desc'));
461 $this->form->addItem($wquo);
475 if (!$this->form->getItemByPostVar(
'title')->getDisabled()) {
476 $role->
setTitle($this->form->getInput(
'title'));
478 if (!$this->form->getItemByPostVar(
'desc')->getDisabled()) {
497 include_once
'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
512 $this->form->setValuesByArray(
$data);
527 if (!
$rbacsystem->checkAccess(
'create_role', $this->obj_ref_id)) {
528 $ilErr->raiseError($this->lng->txt(
'permission_denied'),
$ilErr->MESSAGE);
532 $this->tpl->setContent($this->form->getHTML());
543 if (!$this->
checkAccess(
'write',
'edit_permission')) {
544 $ilErr->raiseError($this->lng->txt(
"msg_no_perm_write"),
$ilErr->MESSAGE);
548 if ($this->object->getId() != SYSTEM_ROLE_ID) {
549 $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
550 if (
$rbacreview->isDeleteable($this->object->getId(), $this->obj_ref_id)) {
551 $ilToolbar->addButton(
552 $this->lng->txt(
'rbac_delete_role'),
553 $this->ctrl->getLinkTarget($this,
'confirmDeleteRole')
560 $this->tpl->setContent($this->form->getHTML());
573 if ($this->form->checkInput() and !$this->checkDuplicate()) {
574 include_once
'./Services/AccessControl/classes/class.ilObjRole.php';
576 $this->role->create();
577 $rbacadmin->assignRoleToFolder($this->role->getId(), $this->obj_ref_id,
'y');
578 $rbacadmin->setProtected(
580 $this->role->getId(),
581 $this->form->getInput(
'pro') ?
'y' :
'n'
584 $this->ctrl->setParameter($this,
'obj_id', $this->role->getId());
585 $this->ctrl->redirect($this,
'perm');
589 $this->form->setValuesByPost();
590 $this->tpl->setContent($this->form->getHTML());
613 if ($this->form->checkInput() and !$this->checkDuplicate($this->object->getId())) {
614 include_once
'./Services/AccessControl/classes/class.ilObjRole.php';
616 $this->
object->update();
617 $rbacadmin->setProtected(
619 $this->object->getId(),
620 $this->form->getInput(
'pro') ?
'y' :
'n'
623 $this->ctrl->redirect($this,
'edit');
627 $this->form->setValuesByPost();
628 $this->tpl->setContent($this->form->getHTML());
636 protected function permObject($a_show_admin_permissions =
false)
640 $ilTabs->setTabActive(
'default_perm_settings');
644 if ($a_show_admin_permissions) {
645 $ilTabs->setSubTabActive(
'rbac_admin_permissions');
647 $ilTabs->setSubTabActive(
'rbac_repository_permissions');
650 if (!$this->
checkAccess(
'write',
'edit_permission')) {
651 $ilErr->raiseError($this->lng->txt(
'msg_no_perm_perm'),
$ilErr->MESSAGE);
656 if ($this->object->getId() != SYSTEM_ROLE_ID) {
657 $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
658 $ilToolbar->addButton(
659 $this->lng->txt(
"adopt_perm_from_template"),
660 $this->ctrl->getLinkTarget($this,
'adoptPerm')
662 if (
$rbacreview->isDeleteable($this->object->getId(), $this->obj_ref_id)) {
663 $ilToolbar->addButton(
664 $this->lng->txt(
'rbac_delete_role'),
665 $this->ctrl->getLinkTarget($this,
'confirmDeleteRole')
670 $this->tpl->addBlockFile(
673 'tpl.rbac_template_permissions.html',
674 'Services/AccessControl'
677 $this->tpl->setVariable(
'PERM_ACTION', $this->ctrl->getFormAction($this));
679 include_once
'./Services/Accordion/classes/class.ilAccordionGUI.php';
684 if ($this->obj_ref_id == ROLE_FOLDER_ID) {
685 if ($a_show_admin_permissions) {
686 $subs =
$objDefinition->getSubObjectsRecursively(
'adm',
true,
true);
688 $subs =
$objDefinition->getSubObjectsRecursively(
'root',
true, $a_show_admin_permissions);
695 foreach ($subs as $subtype =>
$def) {
699 $translation = $this->lng->txt(
"obj_" . $subtype);
701 $translation = $this->lng->txt(
'objs_' . $subtype);
704 $sorted[$subtype] =
$def;
705 $sorted[$subtype][
'translation'] = $translation;
710 foreach ($sorted as $subtype =>
$def) {
714 $translation = $this->lng->txt(
"obj_" . $subtype);
716 $translation = $this->lng->txt(
'objs_' . $subtype);
719 include_once
'Services/AccessControl/classes/class.ilObjectRoleTemplatePermissionTableGUI.php';
724 $this->object->getId(),
726 $a_show_admin_permissions
730 $acc->addItem($translation,
$tbl->getHTML());
733 $this->tpl->setVariable(
'ACCORDION', $acc->getHTML());
736 include_once
'./Services/AccessControl/classes/class.ilObjectRoleTemplateOptionsTableGUI.php';
741 $this->object->getId(),
742 $a_show_admin_permissions
744 if ($this->object->getId() != SYSTEM_ROLE_ID) {
746 $a_show_admin_permissions ?
'adminPermSave' :
'permSave',
747 $this->lng->txt(
'save')
752 $this->tpl->setVariable(
'OPTIONS_TABLE',
$options->getHTML());
779 $parent_role_ids =
$rbacreview->getParentRoleIds($this->obj_ref_id,
true);
781 foreach ($parent_role_ids as
$id => $tmp) {
785 $sorted_ids =
ilUtil::_sortIds($ids,
'object_data',
'type,title',
'obj_id');
787 foreach ($sorted_ids as
$id) {
788 $par = $parent_role_ids[
$id];
789 if ($par[
"obj_id"] != SYSTEM_ROLE_ID && $this->object->getId() != $par[
"obj_id"]) {
791 $output[
$key][
"type"] = ($par[
"type"] ==
'role' ? $this->lng->txt(
'obj_role') : $this->lng->txt(
'obj_rolt'));
799 include_once(
'./Services/AccessControl/classes/class.ilRoleAdoptPermissionTableGUI.php');
802 $tbl->setTitle($this->lng->txt(
"adopt_perm_from_template"));
805 $this->tpl->setContent(
$tbl->getHTML());
818 $ilErr->raiseError($this->lng->txt(
'msg_no_perm_perm'),
$ilErr->WARNING);
821 $question = $this->lng->txt(
'rbac_role_delete_qst');
823 $question .= (
'<br />' . $this->lng->txt(
'rbac_role_delete_self'));
827 include_once
'./Services/Utilities/classes/class.ilConfirmationGUI.php';
830 $confirm->setFormAction($this->ctrl->getFormAction($this));
831 $confirm->setHeaderText($question);
832 $confirm->setCancel($this->lng->txt(
'cancel'),
'perm');
833 $confirm->setConfirm($this->lng->txt(
'rbac_delete_role'),
'performDeleteRole');
837 $this->object->getId(),
838 $this->object->getTitle(),
842 $this->tpl->setContent($confirm->getHTML());
857 $ilErr->raiseError($this->lng->txt(
'msg_no_perm_perm'),
$ilErr->WARNING);
860 $this->
object->setParent((
int) $this->obj_ref_id);
861 $this->
object->delete();
864 $this->ctrl->returnToParent($this);
880 $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_perm"), $this->ilias->error_obj->MESSAGE);
884 include_once
"Services/AccessControl/classes/class.ilRbacLog.php";
886 if ($rbac_log_active) {
891 if ($this->obj_ref_id == ROLE_FOLDER_ID) {
892 if ($a_show_admin_permissions) {
893 $subs =
$objDefinition->getSubObjectsRecursively(
'adm',
true,
true);
895 $subs =
$objDefinition->getSubObjectsRecursively(
'root',
true,
false);
901 foreach ($subs as $subtype =>
$def) {
903 $rbacadmin->deleteRolePermission($this->object->getId(), $this->obj_ref_id, $subtype);
906 if (empty(
$_POST[
"template_perm"])) {
907 $_POST[
"template_perm"] = array();
910 foreach (
$_POST[
"template_perm"] as
$key => $ops_array) {
912 $rbacadmin->setRolePermission($this->object->getId(),
$key, $ops_array, $this->obj_ref_id);
915 if ($rbac_log_active) {
922 $this->
object->update();
925 if ($this->obj_ref_id == ROLE_FOLDER_ID or
$rbacreview->isAssignable($this->object->getId(), $this->obj_ref_id)) {
926 $rbacadmin->setProtected($this->obj_ref_id, $this->object->getId(),
ilUtil::tf2yn(
$_POST[
'protected']));
929 if ($a_show_admin_permissions) {
930 $_POST[
'recursive'] =
true;
934 if (!
$_POST[
'recursive'] and !is_array(
$_POST[
'recursive_list'])) {
936 if ($a_show_admin_permissions) {
937 $this->ctrl->redirect($this,
'adminPerm');
939 $this->ctrl->redirect($this,
'perm');
948 $start = ($this->obj_ref_id == ROLE_FOLDER_ID ? ROOT_FOLDER_ID :
$this->obj_ref_id);
949 if ($a_show_admin_permissions) {
950 $start =
$tree->getParentId($this->obj_ref_id);
953 if (
$_POST[
'protected']) {
954 $this->
object->changeExistingObjects(
959 #$a_show_admin_permissions ? array('adm') : array()
962 $this->
object->changeExistingObjects(
967 #$a_show_admin_permissions ? array('adm') : array()
972 if ($a_show_admin_permissions) {
973 $this->ctrl->redirect($this,
'adminPerm');
975 $this->ctrl->redirect($this,
'perm');
998 $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_perm"), $this->ilias->error_obj->MESSAGE);
1001 if ($this->object->getId() ==
$_POST[
"adopt"]) {
1004 $rbacadmin->deleteRolePermission($this->object->getId(), $this->obj_ref_id);
1005 $parentRoles =
$rbacreview->getParentRoleIds($this->obj_ref_id,
true);
1006 $rbacadmin->copyRoleTemplatePermissions(
1008 $parentRoles[
$_POST[
"adopt"]][
"parent"],
1010 $this->object->getId(),
1015 $this->
object->update();
1018 $obj_data =&$this->
ilias->obj_factory->getInstanceByObjId($_POST[
"adopt"]);
1019 ilUtil::sendSuccess($this->lng->txt(
"msg_perm_adopted_from1") .
" '" . $obj_data->getTitle() .
"'.<br/>" .
1020 $this->lng->txt(
"msg_perm_adopted_from2"),
true);
1023 $this->ctrl->redirect($this,
"perm");
1033 $this->assignUserObject();
1047 if (!$this->
checkAccess(
'edit_userassignment',
'edit_permission')) {
1051 if (!
$rbacreview->isAssignable($this->object->getId(), $this->obj_ref_id) &&
1052 $this->obj_ref_id != ROLE_FOLDER_ID) {
1057 $GLOBALS[
'lng']->loadLanguageModule(
'search');
1062 $assigned_users_all =
$rbacreview->assignedUsers($this->object->getId());
1065 $assigned_users_new = array_diff($a_user_ids, array_intersect($a_user_ids, $assigned_users_all));
1068 if (count($assigned_users_new) == 0) {
1070 $this->ctrl->redirect($this,
'userassignment');
1074 foreach ($assigned_users_new as
$user) {
1075 $rbacadmin->assignUser($this->object->getId(),
$user,
false);
1079 $this->
object->update();
1082 $this->ctrl->redirect($this,
'userassignment');
1094 if (!$this->
checkAccess(
'edit_userassignment',
'edit_permission')) {
1095 $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_assign_user_to_role"), $this->ilias->error_obj->MESSAGE);
1098 $selected_users = (
$_POST[
"user_id"]) ?
$_POST[
"user_id"] : array(
$_GET[
"user_id"]);
1100 if ($selected_users[0]===
null) {
1101 $this->
ilias->raiseError($this->lng->txt(
"no_checkbox"), $this->
ilias->error_obj->MESSAGE);
1105 if ($this->object->getId() == SYSTEM_ROLE_ID) {
1106 if ($admin = array_search(SYSTEM_USER_ID, $selected_users) !==
false) {
1107 unset($selected_users[$admin]);
1112 $last_role = array();
1115 foreach ($selected_users as
$user) {
1117 $assigned_global_roles = array_intersect($assigned_roles, $global_roles);
1119 if (count($assigned_roles) == 1 or (count($assigned_global_roles) == 1 and in_array($this->object->getId(), $assigned_global_roles))) {
1120 $userObj = $this->
ilias->obj_factory->getInstanceByObjId($user);
1121 $last_role[
$user] = $userObj->getFullName();
1128 foreach ($selected_users as
$user) {
1129 if (!isset($last_role[
$user])) {
1130 $rbacadmin->deassignUser($this->object->getId(),
$user);
1135 $this->
object->update();
1138 if (count($last_role)) {
1139 $user_list = implode(
", ", $last_role);
1140 ilUtil::sendFailure($this->lng->txt(
'msg_is_last_role') .
': ' . $user_list .
'<br />' . $this->lng->txt(
'msg_min_one_role'),
true);
1144 $this->ctrl->redirect($this,
'userassignment');
1155 if (!$this->
checkAccess(
'edit_userassignment',
'edit_permission')) {
1156 $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_assign_user_to_role"), $this->ilias->error_obj->MESSAGE);
1159 $this->tabs_gui->setTabActive(
'user_assignment');
1161 $this->tpl->addBlockFile(
'ADM_CONTENT',
'adm_content',
'tpl.rbac_ua.html',
'Services/AccessControl');
1163 include_once
'./Services/UIComponent/Toolbar/classes/class.ilToolbarGUI.php';
1167 include_once
'./Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
1169 $this->object->getId() != SYSTEM_ROLE_ID ||
1178 include_once
'./Services/Search/classes/class.ilRepositorySearchGUI.php';
1183 'auto_complete_name' =>
$lng->txt(
'user'),
1184 'submit_name' =>
$lng->txt(
'add')
1195 $this->lng->txt(
'search_user'),
1196 $this->ctrl->getLinkTargetByClass(
'ilRepositorySearchGUI',
'start')
1202 $this->lng->txt(
'role_mailto'),
1203 $this->ctrl->getLinkTarget($this,
'mailToRole')
1205 $this->tpl->setVariable(
'BUTTONS_UA', $tb->getHTML());
1208 include_once
'./Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
1209 $role_assignment_editable =
true;
1211 $this->object->getId() == SYSTEM_ROLE_ID &&
1213 $role_assignment_editable =
false;
1216 include_once
'./Services/AccessControl/classes/class.ilAssignedUsersTableGUI.php';
1217 $ut =
new ilAssignedUsersTableGUI($this,
'userassignment', $this->object->getId(), $role_assignment_editable);
1219 $this->tpl->setVariable(
'TABLE_UA', $ut->getHTML());
1231 if (
$_GET[
"new_type"] !=
"role") {
1232 $this->ctrl->redirect($this,
"userassignment");
1234 $this->ctrl->redirectByClass(
"ilobjrolefoldergui",
"view");
1245 if (!is_array(
$_POST[
"role"])) {
1247 $this->searchObject();
1252 $this->tpl->addBlockFile(
"ADM_CONTENT",
"adm_content",
"tpl.role_usr_selection.html",
"Services/AccessControl");
1253 $this->
__showButton(
"searchUserForm", $this->lng->txt(
"role_new_search"));
1258 foreach (
$_POST[
"role"] as $role_id) {
1259 $members = array_merge(
$rbacreview->assignedUsers($role_id), $members);
1262 $members = array_unique($members);
1266 $f_result = array();
1268 foreach ($members as
$user) {
1277 $f_result[
$counter][] = $tmp_obj->getLogin();
1278 $f_result[
$counter][] = $tmp_obj->getFirstname();
1279 $f_result[
$counter][] = $tmp_obj->getLastname();
1285 $this->__showSearchUserTable($f_result, $user_ids,
"listUsersRole");
1293 $this->tpl->addBlockFile(
"CONTENT",
"content",
"tpl.adm_content.html");
1294 $this->tpl->addBlockFile(
"STATUSLINE",
"statusline",
"tpl.statusline.html");
1297 if ($this->message) {
1310 $this->tpl->setTitle($this->lng->txt(
'role'));
1311 $this->tpl->setDescription($this->object->getTitle());
1314 $this->
getTabs($this->tabs_gui);
1325 $ilLocator =
$DIC[
'ilLocator'];
1328 $_GET[
"admin_mode"] ==
"settings"
1329 &&
$_GET[
"ref_id"] == ROLE_FOLDER_ID) {
1330 parent::addAdminLocatorItems(
true);
1332 $ilLocator->addItem(
1334 $this->ctrl->getLinkTargetByClass(
"ilobjrolefoldergui",
'view')
1337 if (
$_GET[
"obj_id"] > 0) {
1338 $ilLocator->addItem(
1339 $this->object->getTitle(),
1340 $this->ctrl->getLinkTarget($this,
'perm')
1344 parent::addAdminLocatorItems($a_do_not_add_object);
1355 $base_role_container =
$rbacreview->getFoldersAssignedToRole($this->object->getId(),
true);
1358 $activate_role_edit =
false;
1362 if (in_array($this->obj_ref_id, $base_role_container) ||
1363 (strtolower(
$_GET[
"baseClass"]) ==
"iladministrationgui" &&
1364 $_GET[
"admin_mode"] ==
"settings")) {
1365 $activate_role_edit =
true;
1369 $this->tabs_gui->clearTargets();
1371 $ilHelp->setScreenIdComponent(
"role");
1373 if ($this->back_target !=
"") {
1374 $this->tabs_gui->setBackTarget(
1375 $this->back_target[
"text"],
1376 $this->back_target[
"link"]
1380 if ($this->
checkAccess(
'write',
'edit_permission') && $activate_role_edit) {
1381 $this->tabs_gui->addTarget(
1383 $this->ctrl->getLinkTarget($this,
"edit"),
1384 array(
"edit",
"update"),
1401 $this->tabs_gui->addTarget(
1402 "default_perm_settings",
1403 $this->ctrl->getLinkTarget($this,
"perm"),
1409 if ($this->
checkAccess(
'write',
'edit_permission') && $activate_role_edit && $this->object->getId() != ANONYMOUS_ROLE_ID) {
1410 $this->tabs_gui->addTarget(
1412 $this->ctrl->getLinkTarget($this,
"userassignment"),
1413 array(
"deassignUser",
"userassignment",
"assignUser",
"searchUserForm",
"search"),
1418 if ($this->
checkAccess(
'write',
'edit_permission') && $activate_role_edit && $this->object->getId() != ANONYMOUS_ROLE_ID) {
1419 $this->tabs_gui->addTarget(
1421 $this->ctrl->getLinkTarget($this,
"listDesktopItems"),
1422 array(
"listDesktopItems",
"deleteDesktopItems",
"selectDesktopItem",
"askDeleteDesktopItem"),
1426 if ($this->
checkAccess(
'write',
'edit_permission')) {
1427 $this->tabs_gui->addTarget(
1429 $this->ctrl->getLinkTargetByClass(
'ilExportGUI'),
1438 if (count($obj_ids) > 1) {
1439 $_SESSION[
'mail_roles'][] =
'#il_role_' . $this->
object->getId();
1441 require_once
'Services/Mail/classes/Address/Type/class.ilMailRoleAddressType.php';
1445 require_once
'Services/Mail/classes/class.ilMailFormCall.php';
1454 $a_perm_obj = $a_perm_obj ? $a_perm_obj : $a_perm_global;
1456 if ($this->obj_ref_id == ROLE_FOLDER_ID) {
1457 return $rbacsystem->checkAccess($a_perm_global, $this->obj_ref_id);
1459 return $ilAccess->checkAccess($a_perm_obj,
'', $this->obj_ref_id);
1471 if (!(
int)
$_POST[
'recursive'] and !is_array(
$_POST[
'recursive_list'])) {
1476 if (
$rbacreview->isProtected($this->obj_ref_id, $this->object->getId())) {
1479 return count(
$rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
1483 return count(
$rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
1493 $protected =
$_POST[
'protected'];
1495 include_once
'./Services/Form/classes/class.ilPropertyFormGUI.php';
1497 $form->setFormAction($this->ctrl->getFormAction($this,
'changeExistingObjects'));
1498 $form->setTitle($this->lng->txt(
'rbac_change_existing_confirm_tbl'));
1500 $form->addCommandButton(
'changeExistingObjects', $this->lng->txt(
'change_existing_objects'));
1501 $form->addCommandButton(
'perm', $this->lng->txt(
'cancel'));
1506 serialize(array(
'all')) :
1507 serialize(
$_POST[
'recursive_list'])
1509 $form->addItem($hidden);
1516 $this->lng->txt(
'rbac_keep_local_policies'),
1518 $this->lng->txt(
'rbac_keep_local_policies_info')
1523 $this->lng->txt(
'rbac_keep_local_policies'),
1525 $this->lng->txt(
'rbac_unprotected_keep_local_policies_info')
1528 $rad->addOption($keep);
1532 $this->lng->txt(
'rbac_delete_local_policies'),
1534 $this->lng->txt(
'rbac_delete_local_policies_info')
1538 $this->lng->txt(
'rbac_delete_local_policies'),
1540 $this->lng->txt(
'rbac_unprotected_delete_local_policies_info')
1543 $rad->addOption($del);
1545 $form->addItem($rad);
1546 $this->tpl->setContent(
$form->getHTML());
1557 $mode = (int)
$_POST[
'mode'];
1558 $start = ($this->obj_ref_id == ROLE_FOLDER_ID ? ROOT_FOLDER_ID :
$this->obj_ref_id);
1563 $this->ctrl->redirect($this,
'perm');
1576 case 'default_perm_settings':
1577 if ($this->obj_ref_id != ROLE_FOLDER_ID) {
1580 $ilTabs->addSubTabTarget(
1581 'rbac_repository_permissions',
1582 $this->ctrl->getLinkTarget($this,
'perm')
1584 $ilTabs->addSubTabTarget(
1585 'rbac_admin_permissions',
1586 $this->ctrl->getLinkTarget($this,
'adminPerm')
1602 $ilCtrl->redirect($this,
'userassignment');
1604 include_once
'./Services/User/classes/class.ilUserClipboard.php';
1609 $lng->loadLanguageModule(
'user');
1611 $ilCtrl->redirect($this,
'userassignment');
1621 $ilLocator =
$DIC[
'ilLocator'];
1623 if (
$_GET[
"admin_mode"] ==
"") {
1624 $this->ctrl->setParameterByClass(
1627 (
int)
$_GET[
"obj_id"]
1629 $ilLocator->addItem(
1631 $this->ctrl->getLinkTargetByClass(
1649 $review =
$DIC->rbac()->review();
1650 $logger =
$DIC->logger()->ac();
1654 !$this->object->getId() ||
1655 $this->object->getId() == ROLE_FOLDER_ID
1661 $possible_roles = [];
1663 $possible_roles = $review->getRolesOfObject(
1667 }
catch (\InvalidArgumentException $e) {
1668 $logger->warning(
'Role access check failed: ' . $e);
1670 include_once
"Services/Object/exceptions/class.ilObjectException.php";
1671 throw new \ilObjectException($this->lng->txt(
'permission_denied'));
1674 if (!in_array($this->object->getId(), $possible_roles)) {
1675 $logger->warning(
'Object id: ' . $this->object->getId() .
' is not accessible for ref_id: ' . $this->obj_ref_id);
1676 include_once
"Services/Object/exceptions/class.ilObjectException.php";
1677 throw new \ilObjectException($this->lng->txt(
'permission_denied'));
if(!isset( $_REQUEST[ 'ReturnTo'])) if(!isset($_REQUEST['AuthId'])) $options
An exception for terminatinating execution or to throw for unit testing.
const USER_FOLDER_ID
Class ilObjUserFolder.
Accordion user interface class.
TableGUI class for role administration.
Confirmation screen class.
static _isActive()
Static getter.
static _isPersonalWorkspaceActive()
Static getter.
Export User Interface Class.
static newInstance($a_export_id)
Create new instance.
static allocateExportId()
Allocate a new export id.
static getRoleMailboxAddress( $a_role_id, $is_localize=true, ilMailRfc822AddressParserFactory $mailAddressParserFactory=null)
Returns the mailbox address of a role.
This class represents a non editable value in a property form.
getAdminTabs()
admin and normal tabs are equal for roles
editObject()
Edit role properties.
getTabs()
get tabs abstract method.
performDeleteRoleObject()
Delete role.
saveObject()
Save new role.
updateObject()
Save role settings.
initFormRoleProperties($a_mode)
Create role prperty form.
userassignmentObject()
display user assignment panel
showChangeExistingObjectsConfirmation()
Show confirmation screen.
ensureRoleAccessForContext()
__construct($a_data, $a_id, $a_call_by_reference=false, $a_prepare_output=true)
Constructor @access public.
setBackTarget($a_text, $a_link)
set back tab target
readRoleProperties(ilObjRole $role)
Read role properties and write them to form.
addLocatorItems()
should be overwritten to add object specific items (repository items are preloaded)
deassignUserObject()
de-assign users from role
permObject($a_show_admin_permissions=false)
Show template permissions.
loadRoleProperties(ilObjRole $role)
Store form input in role object.
assignSaveObject()
wrapper for renamed function
permSaveObject($a_show_admin_permissions=false)
save permissions
getParentType()
get type of current object (not role folder)
getContainerType()
Get type of role container.
addAdminLocatorItems($a_do_not_add_object=false)
should be overwritten to add object specific items (repository items are preloaded)
deleteDesktopItemsObject()
addUserObject($a_user_ids)
Assign user (callback from ilRepositorySearchGUI)
checkAccess($a_perm_global, $a_perm_obj='')
cancelObject()
cancelObject is called when an operation is canceled, method links back @access public
showDefaultPermissionSettings()
check if default permissions are shown or not
adminPermObject()
Show administration permissions.
assignDesktopItemObject()
executeCommand()
execute command
adminPermSaveObject()
Save admin permissions.
checkDuplicate($a_role_id=0)
Check if role with same name already exists in this folder.
confirmDeleteRoleObject()
Show delete confirmation screen.
createObject()
Only called from administration -> role folder ? Otherwise this check access is wrong.
getParentRefId()
Get ref id of current object (not role folder id)
isChangeExistingObjectsConfirmationRequired()
Check if a confirmation about further settings is required or not.
adoptPermSaveObject()
copy permissions from role
selectDesktopItemObject()
getParentObjId()
Get obj_id of current object.
setSubTabs($a_tab)
Set sub tabs.
addToClipboardObject()
Add selected users to user clipboard.
changeExistingObjectsObject()
Change existing objects.
askDeleteDesktopItemObject()
setAllowRegister($a_allow_register)
set allow_register of role
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
const MODE_PROTECTED_DELETE_LOCAL_POLICIES
const MODE_UNPROTECTED_DELETE_LOCAL_POLICIES
getPersonalWorkspaceDiskQuota()
Gets the minimal personal workspace disk quota imposed by this role.
getAllowRegister()
get allow_register
static _getTranslation($a_role_title)
const MODE_PROTECTED_KEEP_LOCAL_POLICIES
static isAutoGenerated($a_role_id)
getDiskQuota()
Gets the minimal disk quota imposed by this role.
toggleAssignUsersStatus($a_assign_users)
setDiskQuota($a_disk_quota)
Sets the minimal disk quota imposed by this role.
setPersonalWorkspaceDiskQuota($a_disk_quota)
Sets the minimal personal workspace disk quota imposed by this role.
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
static getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
Class ilObjectGUI Basic methods of all Output classes.
__showButton($a_cmd, $a_text, $a_target='')
prepareOutput($a_show_subobjects=true)
prepare output
static lookupTxtById($plugin_id, $lang_var)
Table for object role permissions.
Table for object role permissions.
static _lookupObjId($a_id)
setTitle($a_title)
set object title
setDescription($a_desc)
set object description
getDescription()
get object description
getId()
get object id @access public
static _lookupType($a_id, $a_reference=false)
lookup object type
static _getIdsForTitle($title, $type='', $partialmatch=false)
getTitle()
get object title @access public
This class represents an option in a radio group.
static diffTemplate(array $a_old, array $a_new)
static add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id=false)
static gatherTemplate($a_role_ref_id, $a_role_id)
static fillAutoCompleteToolbar($parent_object, ilToolbarGUI $toolbar=null, $a_options=array(), $a_sticky=false)
fill toolbar with
Copyright (c) 1998-2015 ILIAS open source, Extended GPL, see docs/LICENSE Date: 07....
Table for role desktop items.
static _getInstance()
Get instance of ilSecuritySettings.
This class represents a text area property in a property form.
This class represents a text property in a property form.
static getInstance($a_usr_id)
Get singelton instance.
static formCheckbox($checked, $varname, $value, $disabled=false)
??? @access public
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,...
static sortArray( $array, $a_array_sortby, $a_array_sortorder=0, $a_numeric=false, $a_keep_keys=false)
sortArray
static sendQuestion($a_info="", $a_keep=false)
Send Question to Screen.
static tf2yn($a_tf)
convert true/false to "y"/"n"
static sendSuccess($a_info="", $a_keep=false)
Send Success Message to Screen.
static redirect($a_script)
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
static MB2Bytes($a_value)
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
static infoPanel($a_keep=true)
static Bytes2MB($a_value)
if(!array_key_exists('StateId', $_REQUEST)) $id
if(!is_dir( $entity_dir)) exit("Fatal Error ([A-Za-z0-9]+)\s+" &#(? foreach( $entity_files as $file) $output
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
redirection script todo: (a better solution should control the processing via a xml file)
if(isset($_POST['submit'])) $form
1.9.4 (using Doxyfile)