ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
class.ilDidacticTemplateLocalPolicyAction.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3
4include_once './Services/DidacticTemplate/classes/class.ilDidacticTemplateAction.php';
5
12class ilDidacticTemplateLocalPolicyAction extends ilDidacticTemplateAction
13{
14 const TPL_ACTION_OVERWRITE = 1;
15 const TPL_ACTION_INTERSECT = 2;
16 const TPL_ACTION_ADD = 3;
17 const TPL_ACTION_SUBTRACT = 4;
18 const TPL_ACTION_UNION = 5;
19
20
21 private $pattern = array();
22 private $filter_type = self::FILTER_SOURCE_TITLE;
23 private $role_template_type = self::TPL_ACTION_OVERWRITE;
24 private $role_template_id = 0;
25
26
31 public function __construct($action_id = 0)
32 {
33 parent::__construct($action_id);
34 }
35
40 public function addFilterPattern(ilDidacticTemplateFilterPattern $pattern)
41 {
42 $this->pattern[] = $pattern;
43 }
44
49 public function setFilterPatterns(array $patterns)
50 {
51 $this->pattern = $patterns;
52 }
53
58 public function getFilterPattern()
59 {
60 return $this->pattern;
61 }
62
67 public function setFilterType($a_type)
68 {
69 $this->filter_type = $a_type;
70 }
71
76 public function getFilterType()
77 {
78 return $this->filter_type;
79 }
80
85 public function setRoleTemplateType($a_tpl_type)
86 {
87 $this->role_template_type = $a_tpl_type;
88 }
89
93 public function getRoleTemplateType()
94 {
95 return $this->role_template_type;
96 }
97
102 public function setRoleTemplateId($a_id)
103 {
104 $this->role_template_id = $a_id;
105 }
106
111 public function getRoleTemplateId()
112 {
113 return $this->role_template_id;
114 }
115
119 public function save()
120 {
121 global $ilDB;
122
123 parent::save();
124
125 $query = 'INSERT INTO didactic_tpl_alp (action_id,filter_type,template_type,template_id) ' .
126 'VALUES( ' .
127 $ilDB->quote($this->getActionId(), 'integer') . ', ' .
128 $ilDB->quote($this->getFilterType(), 'integer') . ', ' .
129 $ilDB->quote($this->getRoleTemplateType(), 'integer') . ', ' .
130 $ilDB->quote($this->getRoleTemplateId(), 'integer') . ' ' .
131 ')';
132 $ilDB->manipulate($query);
133
134 foreach ($this->getFilterPattern() as $pattern) {
135 /* @var ilDidacticTemplateFilterPattern $pattern */
136 $pattern->setParentId($this->getActionId());
137 $pattern->setParentType(self::PATTERN_PARENT_TYPE);
138 $pattern->save();
139 }
140 }
141
147 public function delete()
148 {
149 global $ilDB;
150
151 parent::delete();
152
153 $query = 'DELETE FROM didactic_tpl_alp ' .
154 'WHERE action_id = ' . $ilDB->quote($this->getActionId(), 'integer');
155 $ilDB->manipulate($query);
156
157 foreach ($this->getFilterPattern() as $pattern) {
158 $pattern->delete();
159 }
160 return true;
161 }
162
163
164
165
169 public function apply()
170 {
171 $rbacreview = $GLOBALS['DIC']->rbac()->review();
172
173 $source = $this->initSourceObject();
174 // Create a role folder for the new local policies
175
176 $roles = $this->filterRoles($source);
177
178 // Create local policy for filtered roles
179 foreach ($roles as $role_id => $role) {
180 $this->getLogger()->debug('Apply to role: ' . $role['title']);
181
182 // No local policies for protected roles of higher context
183 if (
184 $rbacreview->isProtected($role['parent'], $role_id) &&
185 $role['parent'] != $source->getRefId()
186 ) {
187 $this->getLogger()->debug('Ignoring protected role.');
188 continue;
189 }
190 $this->createLocalPolicy($source, $role);
191 }
192 return true;
193 }
194
200 public function revert()
201 {
202 global $rbacadmin,$tree;
203 $rbacreview = $GLOBALS['DIC']->rbac()->review();
204
205 $source = $this->initSourceObject();
206 $roles = $this->filterRoles($source);
207
208 // Delete local policy for filtered roles
209 foreach ($roles as $role_id => $role) {
210 // Do not delete local policies of auto genrated roles
211 if (!$rbacreview->isGlobalRole($role['obj_id']) and
212 $rbacreview->isAssignable($role['obj_id'], $source->getRefId()) and
213 $rbacreview->isSystemGeneratedRole($role['obj_id'])) {
214 $this->getLogger()->debug('Reverting local policy of auto generated role: ' . $role['title']);
215 $this->revertLocalPolicy($source, $role);
216 } else {
217 $this->getLogger()->debug('Reverting local policy and deleting local role: ' . $role['title']);
218
219 // delete local role and change exiting objects
220 $rbacadmin->deleteLocalRole($role_id, $source->getRefId());
221 // Change existing object
222 include_once './Services/AccessControl/classes/class.ilObjRole.php';
223 $role_obj = new ilObjRole($role_id);
224
225 $protected = $rbacreview->isProtected($role['parent'], $role['rol_id']);
226
227 $role_obj->changeExistingObjects(
228 $source->getRefId(),
229 $protected ?
230 ilObjRole::MODE_PROTECTED_DELETE_LOCAL_POLICIES :
231 ilObjRole::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES,
232 array('all')
233 );
234 }
235 }
236 return true;
237 }
238
243 public function getType()
244 {
245 return self::TYPE_LOCAL_POLICY;
246 }
247
253 public function toXml(ilXmlWriter $writer)
254 {
255 $writer->xmlStartTag('localPolicyAction');
256
257 switch ($this->getFilterType()) {
258 case self::FILTER_SOURCE_TITLE:
259 $writer->xmlStartTag('roleFilter', array('source' => 'title'));
260 break;
261
262 case self::FILTER_SOURCE_OBJ_ID:
263 $writer->xmlStartTag('roleFilter', array('source' => 'objId'));
264 break;
265
266 }
267
268 foreach ($this->getFilterPattern() as $pattern) {
269 $pattern->toXml($writer);
270 }
271 $writer->xmlEndTag('roleFilter');
272
273 $il_role_id = 'il_' . IL_INST_ID . '_' . ilObject::_lookupType($this->getRoleTemplateId()) . '_' . $this->getRoleTemplateId();
274
275 switch ($this->getRoleTemplateType()) {
276 case self::TPL_ACTION_OVERWRITE:
277 $writer->xmlStartTag(
278 'localPolicyTemplate',
279 array(
280 'type' => 'overwrite',
281 'id' => $il_role_id
282 )
283 );
284 break;
285
286 case self::TPL_ACTION_INTERSECT:
287 $writer->xmlStartTag(
288 'localPolicyTemplate',
289 array(
290 'type' => 'intersect',
291 'id' => $il_role_id
292 )
293 );
294 break;
295
296 case self::TPL_ACTION_UNION:
297 $writer->xmlStartTag(
298 'localPolicyTemplate',
299 array(
300 'type' => 'union',
301 'id' => $il_role_id
302 )
303 );
304 break;
305 }
306
307 include_once './Services/AccessControl/classes/class.ilRoleXmlExport.php';
308 $exp = new ilRoleXmlExport();
309 $exp->setMode(ilRoleXmlExport::MODE_DTPL);
310 $exp->addRole($this->getRoleTemplateId(), ROLE_FOLDER_ID);
311 $exp->write();
312 $writer->appendXML($exp->xmlDumpMem(false));
313 $writer->xmlEndTag('localPolicyTemplate');
314 $writer->xmlEndTag('localPolicyAction');
315 return void;
316 }
317
321 public function __clone()
322 {
323 parent::__clone();
324
325 // Clone patterns
326 $cloned = array();
327 foreach ($this->getFilterPattern() as $pattern) {
328 $clones[] = clone $pattern;
329 }
330 $this->setFilterPatterns($clones);
331 }
332
333 public function read()
334 {
335 global $ilDB;
336
337 if (!parent::read()) {
338 return false;
339 }
340
341 $query = 'SELECT * FROM didactic_tpl_alp ' .
342 'WHERE action_id = ' . $ilDB->quote($this->getActionId());
343 $res = $ilDB->query($query);
344 while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
345 $this->setFilterType($row->filter_type);
346 $this->setRoleTemplateType($row->template_type);
347 $this->setRoleTemplateId($row->template_id);
348 }
349
350 // Read filter
351 include_once './Services/DidacticTemplate/classes/class.ilDidacticTemplateFilterPatternFactory.php';
352 foreach (ilDidacticTemplateFilterPatternFactory::lookupPatternsByParentId($this->getActionId(), self::PATTERN_PARENT_TYPE) as $pattern) {
353 $this->addFilterPattern($pattern);
354 }
355 }
356
357
364 protected function createLocalPolicy(ilObject $source, $role)
365 {
366 global $rbacreview, $rbacadmin;
367
368 // fetch role information
369 $role_data = array();
370 foreach ($rbacreview->getParentRoleIds($source->getRefId()) as $role_id => $tmp_role) {
371 if ($role_id == $role['obj_id']) {
372 $role_data = $tmp_role;
373 }
374 }
375
376 // Add local policy
377 if (!$rbacreview->isRoleAssignedToObject($role['obj_id'], $source->getRefId())) {
378 $GLOBALS['DIC']->rbac()->admin()->assignRoleToFolder(
379 $role['obj_id'],
380 $source->getRefId(),
381 'n'
382 );
383 }
384
385 // do nothing if role is protected in higher context
386 if (
387 $GLOBALS['DIC']->rbac()->review()->isProtected($source->getRefId(), $role['obj_id'])
388 ) {
389 $GLOBALS['DIC']->logger()->otpl()->info('Ignoring protected role: ' . $role['title']);
390 return true;
391 }
392
393 switch ($this->getRoleTemplateType()) {
394 case self::TPL_ACTION_UNION:
395
396 ilLoggerFactory::getLogger('otpl')->info('Using ilRbacAdmin::copyRolePermissionUnion()');
397 $rbacadmin->copyRolePermissionUnion(
398 $role_data['obj_id'],
399 $role_data['parent'],
400 $this->getRoleTemplateId(),
401 ROLE_FOLDER_ID,
402 $role_data['obj_id'],
403 $source->getRefId()
404 );
405 break;
406
407 case self::TPL_ACTION_OVERWRITE:
408
409 ilLoggerFactory::getLogger('otpl')->info('Using ilRbacAdmin::copyRoleTemplatePermission()');
410 $rbacadmin->copyRoleTemplatePermissions(
411 $this->getRoleTemplateId(),
412 ROLE_FOLDER_ID,
413 $source->getRefId(),
414 $role_data['obj_id'],
415 true
416 );
417 break;
418
419 case self::TPL_ACTION_INTERSECT:
420
421 ilLoggerFactory::getLogger('otpl')->info('Using ilRbacAdmin::copyRolePermissionIntersection()' . $this->getRoleTemplateId());
422 $rbacadmin->copyRolePermissionIntersection(
423 $role_data['obj_id'],
424 $role_data['parent'],
425 $this->getRoleTemplateId(),
426 ROLE_FOLDER_ID,
427 $source->getRefId(),
428 $role_data['obj_id']
429 );
430 break;
431
432 }
433
434 // Change existing object
435 include_once './Services/AccessControl/classes/class.ilObjRole.php';
436 $role_obj = new ilObjRole($role_data['obj_id']);
437 $role_obj->changeExistingObjects(
438 $source->getRefId(),
439 $role_data['protected'] ? ilObjRole::MODE_PROTECTED_DELETE_LOCAL_POLICIES : ilObjRole::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES,
440 array('all')
441 );
442
443 return true;
444 }
445
446 protected function revertLocalPolicy(ilObject $source, $role)
447 {
448 global $rbacadmin, $rbacreview, $ilDB;
449
450 ilLoggerFactory::getLogger('otpl')->info('Reverting policy for role ' . $role['title']);
451 // Local policies can only be reverted for auto generated roles. Otherwise the
452 // original role settings are unknown
453 if (substr($role['title'], 0, 3) != 'il_') {
454 ilLoggerFactory::getLogger('otpl')->warning('Cannot revert local policy for role ' . $role['title']);
455 return false;
456 }
457
458
459 // No local policies
460 if (!$rbacreview->getLocalPolicies($source->getRefId())) {
461 return false;
462 }
463
464 $exploded_title = explode('_', $role['title']);
465 $rolt_title = $exploded_title[0] . '_' . $exploded_title[1] . '_' . $exploded_title[2];
466
467 // Lookup role template
468 $query = 'SELECT obj_id FROM object_data ' .
469 'WHERE title = ' . $ilDB->quote($rolt_title, 'text') . ' ' .
470 'AND type = ' . $ilDB->quote('rolt', 'text');
471 $res = $ilDB->query($query);
472 while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
473 $rolt_id = $row->obj_id;
474 }
475
476 // No template found
477 if (!$rolt_id) {
478 return false;
479 }
480
481 $rbacadmin->copyRoleTemplatePermissions(
482 $rolt_id,
483 ROLE_FOLDER_ID,
484 $source->getRefId(),
485 $role['obj_id'],
486 true
487 );
488
489 // Change existing object
490 include_once './Services/AccessControl/classes/class.ilObjRole.php';
491 $role_obj = new ilObjRole($role['obj_id']);
492 $role_obj->changeExistingObjects(
493 $source->getRefId(),
494 $role['protected'] ? ilObjRole::MODE_PROTECTED_DELETE_LOCAL_POLICIES : ilObjRole::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES,
495 array('all')
496 );
497 }
498}
$source
$source
Definition: linkback.php:22
php
An exception for terminatinating execution or to throw for unit testing.
ilDidacticTemplateAction
Abstract class for template actions.
Definition: class.ilDidacticTemplateAction.php:11
ilDidacticTemplateAction\initSourceObject
initSourceObject()
Init the source object.
Definition: class.ilDidacticTemplateAction.php:217
ilDidacticTemplateAction\filterRoles
filterRoles(ilObject $source)
Filter roles.
Definition: class.ilDidacticTemplateAction.php:228
ilDidacticTemplateFilterPatternFactory\lookupPatternsByParentId
static lookupPatternsByParentId($a_parent_id, $a_parent_type)
Get patterns by template id.
Definition: class.ilDidacticTemplateFilterPatternFactory.php:18
ilDidacticTemplateFilterPattern
Represents a filter pattern for didactic template actions.
Definition: class.ilDidacticTemplateFilterPattern.php:12
ilDidacticTemplateLocalPolicyAction\createLocalPolicy
createLocalPolicy(ilObject $source, $role)
Create local policy.
Definition: class.ilDidacticTemplateLocalPolicyAction.php:364
ilDidacticTemplateLocalPolicyAction\addFilterPattern
addFilterPattern(ilDidacticTemplateFilterPattern $pattern)
Add filter.
Definition: class.ilDidacticTemplateLocalPolicyAction.php:40
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:79
ilObjRole
Class ilObjRole.
Definition: class.ilObjRole.php:17
ilObjRole\MODE_PROTECTED_DELETE_LOCAL_POLICIES
const MODE_PROTECTED_DELETE_LOCAL_POLICIES
Definition: class.ilObjRole.php:18
ilObjRole\MODE_UNPROTECTED_DELETE_LOCAL_POLICIES
const MODE_UNPROTECTED_DELETE_LOCAL_POLICIES
Definition: class.ilObjRole.php:20
ilObject
Class ilObject Basic functions for all objects.
Definition: class.ilObject.php:14
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1204
ilRoleXmlExport
Xml export of roles and role templates.
Definition: class.ilRoleXmlExport.php:13
ilXmlWriter
XML writer class.
Definition: class.ilXmlWriter.php:18
ilXmlWriter\xmlEndTag
xmlEndTag($tag)
Writes an endtag.
Definition: class.ilXmlWriter.php:343
ilXmlWriter\appendXML
appendXML($a_str)
append xml string to document
Definition: class.ilXmlWriter.php:461
ilXmlWriter\xmlStartTag
xmlStartTag($tag, $attrs=null, $empty=false, $encode=true, $escape=true)
Writes a starttag.
Definition: class.ilXmlWriter.php:307
$GLOBALS
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Definition: generate-standalone.php:18
$query
$query
Definition: proxy_ylocal.php:13
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$ilDB
global $ilDB
Definition: storeScorm2004.php:19
$a_type
$a_type
Definition: workflow.php:92