ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
Public Member Functions | Static Public Member Functions | Data Fields | Protected Member Functions | Protected Attributes | Static Protected Attributes | Static Private Attributes
ilRbacReview Class Reference
Services/AccessControl

class ilRbacReview Contains Review functions of core Rbac. More...

+ Collaboration diagram for ilRbacReview:

Public Member Functions

 __construct ()
 Constructor public. More...
 
 roleExists ($a_title, $a_id=0)
 Checks if a role already exists. More...
 
 getParentRoleIds ($a_endnode_id, $a_templates=false)
 get an array of parent role ids of all parent roles, if last parameter is set true you get also all parent templates public More...
 
 getRoleListByObject ($a_ref_id, $a_templates=false)
 Returns a list of roles in an container public. More...
 
 getAssignableRoles ($a_templates=false, $a_internal_roles=false, $title_filter='')
 Returns a list of all assignable roles public. More...
 
 getAssignableRolesInSubtree ($ref_id)
 Returns a list of assignable roles in a subtree of the repository public. More...
 
 getAssignableChildRoles ($a_ref_id)
 Get all assignable roles directly under a specific node public. More...
 
 getNumberOfAssignedUsers (array $a_roles)
 Get the number of assigned users to roles (not properly deleted user accounts are not counted) More...
 
 assignedUsers ($a_rol_id)
 get all assigned users to a given role public More...
 
 isAssigned ($a_usr_id, $a_role_id)
 check if a specific user is assigned to specific role public More...
 
 isAssignedToAtLeastOneGivenRole ($a_usr_id, $a_role_ids)
 check if a specific user is assigned to at least one of the given role ids. More...
 
 assignedRoles ($a_usr_id)
 get all assigned roles to a given user public More...
 
 assignedGlobalRoles ($a_usr_id)
 Get assigned global roles for an user. More...
 
 isAssignable ($a_rol_id, $a_ref_id)
 Check if its possible to assign users public. More...
 
 hasMultipleAssignments ($a_role_id)
 Temporary bugfix. More...
 
 getFoldersAssignedToRole ($a_rol_id, $a_assignable=false)
 Returns an array of objects assigned to a role. More...
 
 getRolesOfObject ($a_ref_id, $a_assignable_only=false)
 Get roles of object. More...
 
 getRolesOfRoleFolder ($a_ref_id, $a_nonassignable=true)
 get all roles of a role folder including linked local roles that are created due to stopped inheritance returns an array with role ids public More...
 
 getGlobalRoles ()
 get only 'global' roles public More...
 
 getLocalRoles ($a_ref_id)
 Get local roles of object. More...
 
 getLocalPolicies ($a_ref_id)
 Get all roles with local policies. More...
 
 getGlobalRolesArray ()
 get only 'global' roles public More...
 
 getGlobalAssignableRoles ()
 get only 'global' roles (with flag 'assign_users') public More...
 
 isRoleAssignedToObject ($a_role_id, $a_parent_id)
 Check if role is assigned to an object. More...
 
 getOperations ()
 get all possible operations public More...
 
 getOperation ($ops_id)
 get one operation by operation id public More...
 
 getAllOperationsOfRole ($a_rol_id, $a_parent=0)
 get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles public More...
 
 getActiveOperationsOfRole ($a_ref_id, $a_role_id)
 Get active operations for a role. More...
 
 getOperationsOfRole ($a_rol_id, $a_type, $a_parent=0)
 get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles public More...
 
 getRoleOperationsOnObject ($a_role_id, $a_ref_id)
 ilDB $ilDB More...
 
 getOperationsOnType ($a_typ_id)
 all possible operations of a type public More...
 
 getOperationsOnTypeString ($a_type)
 all possible operations of a type public More...
 
 getOperationsByTypeAndClass ($a_type, $a_class)
 Get operations by type and class. More...
 
 getObjectsWithStopedInheritance ($a_rol_id, $a_filter=array())
 get all objects in which the inheritance of role with role_id was stopped the function returns all reference ids of objects containing a role folder. More...
 
 isDeleted ($a_node_id)
 Checks if a rolefolder is set as deleted (negative tree_id) public. More...
 
 isGlobalRole ($a_role_id)
 Check if role is a global role. More...
 
 getRolesByFilter ($a_filter=0, $a_user_id=0, $title_filter='')
 ilDB $ilDB More...
 
 getTypeId ($a_type)
 Get type id of object ilDB $ilDB. More...
 
 isProtected ($a_ref_id, $a_role_id)
 
 isBlockedAtPosition ($a_role_id, $a_ref_id)
 Check if role is blocked at position ilDB $ilDB. More...
 
 isBlockedInUpperContext ($a_role_id, $a_ref_id)
 Check if role is blocked in upper context. More...
 
 getObjectOfRole ($a_role_id)
 Get object id of objects a role is assigned to. More...
 
 getObjectReferenceOfRole ($a_role_id)
 Get reference of role. More...
 
 isRoleDeleted ($a_role_id)
 return if role is only attached to deleted role folders More...
 
 getRolesForIDs ($role_ids, $use_templates)
 ilDB $ilDB More...
 
 getOperationAssignment ()
 get operation assignments More...
 
 isDeleteable ($a_role_id, $a_rolf_id)
 Check if role is deleteable at a specific position. More...
 
 isSystemGeneratedRole ($a_role_id)
 Check if the role is system generate role or role template. More...
 
 getRoleFolderOfRole ($a_role_id)
 Get role folder of role ilDB $ilDB. More...
 
 getUserPermissionsOnObject ($a_user_id, $a_ref_id)
 Get all user permissions on an object. More...
 
 setAssignedCacheEntry ($a_role_id, $a_user_id, $a_value)
 set entry of assigned_chache More...
 
 getAssignedCacheEntry ($a_role_id, $a_user_id)
 get entry of assigned_chache More...
 
 clearCaches ()
 Clear assigned users caches. More...
 

Static Public Member Functions

static _getOperationIdsByName ($operations)
 get ops_id's by name. More...
 
static _getOperationIdByName ($a_operation)
 get operation id by name of operation public static More...
 
static lookupCreateOperationIds ($a_type_arr)
 Lookup operation ids. More...
 
static _getOperationList ($a_type=null)
 get operation list by object type public static More...
 
static _groupOperationsByClass ($a_ops_arr)
 

Data Fields

const FILTER_ALL = 1
 
const FILTER_ALL_GLOBAL = 2
 
const FILTER_ALL_LOCAL = 3
 
const FILTER_INTERNAL = 4
 
const FILTER_NOT_INTERNAL = 5
 
const FILTER_TEMPLATES = 6
 

Protected Member Functions

 __getParentRoles ($a_path, $a_templates)
 Note: This function performs faster than the new getParentRoles function, because it uses database indexes whereas getParentRoles needs a full table space scan. More...
 
 __setTemplateFilter ($a_templates)
 get roles and templates or only roles; returns string for where clause private More...
 
 __setRoleType ($a_role_list)
 computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in other role folders linked: roles with stoppped inheritance template: role templates More...
 
 __setProtectedStatus ($a_parent_roles, $a_role_hierarchy, $a_ref_id)
 Set protected status type $rbacsystem type $ilUser type $log. More...
 

Protected Attributes

 $log
 

Static Protected Attributes

static $assigned_users_cache = array()
 
static $is_assigned_cache = array()
 

Static Private Attributes

static $_opsCache = null
 

Detailed Description

class ilRbacReview Contains Review functions of core Rbac.

This class offers the possibility to view the contents of the user <-> role (UR) relation and the permission <-> role (PR) relation. For example, from the UA relation the administrator should have the facility to view all user assigned to a given role.

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Sascha Hofmann sasch.nosp@m.ahof.nosp@m.mann@.nosp@m.gmx..nosp@m.de
Version
$Id$

Definition at line 19 of file class.ilRbacReview.php.

Constructor & Destructor Documentation

◆ __construct()

ilRbacReview::__construct ( )

Constructor public.

Definition at line 50 of file class.ilRbacReview.php.

References $DIC, $ilDB, $ilErr, ilLoggerFactory\getLogger(), if, and PEAR_ERROR_CALLBACK.

51  {
52  global $DIC;
53 
54  $ilDB = $DIC['ilDB'];
55  $ilErr = $DIC['ilErr'];
56  $ilias = $DIC['ilias'];
57 
58  $this->log = ilLoggerFactory::getLogger('ac');
59 
60  // set db & error handler
61  (isset($ilDB)) ? $this->ilDB = &$ilDB : $this->ilDB = &$ilias->db;
62 
63  if (!isset($ilErr)) {
64  $ilErr = new ilErrorHandling();
65  $ilErr->setErrorHandling(PEAR_ERROR_CALLBACK, array($ilErr,'errorHandler'));
66  } else {
67  $this->ilErr = &$ilErr;
68  }
69  }
PEAR_ERROR_CALLBACK
const PEAR_ERROR_CALLBACK
Definition: PEAR.php:35
$DIC
global $DIC
Definition: saml.php:7
$ilErr
$ilErr
Definition: raiseError.php:18
if
if(!file_exists(getcwd() . '/ilias.ini.php'))
registration confirmation script for ilias
Definition: confirmReg.php:12
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:74
+ Here is the call graph for this function:

Member Function Documentation

◆ __getParentRoles()

ilRbacReview::__getParentRoles (   $a_path,
  $a_templates 
)
protected

Note: This function performs faster than the new getParentRoles function, because it uses database indexes whereas getParentRoles needs a full table space scan.

Get parent roles in a path. If last parameter is set 'true' it delivers also all templates in the path protected

Parameters
arrayarray with path_ids
booleantrue for role templates (default: false)
Returns
array array with all parent roles (obj_ids)
Todo:
refactor rolf => DONE

Definition at line 117 of file class.ilRbacReview.php.

References $id, $message, __setProtectedStatus(), and getRoleListByObject().

Referenced by getParentRoleIds().

118  {
119  if (!isset($a_path) or !is_array($a_path)) {
120  $message = get_class($this) . "::getParentRoles(): No path given or wrong datatype!";
121  $this->ilErr->raiseError($message, $this->ilErr->WARNING);
122  }
123 
124  $parent_roles = array();
125  $role_hierarchy = array();
126 
127  foreach ($a_path as $ref_id) {
128  $roles = $this->getRoleListByObject($ref_id, $a_templates);
129  foreach ($roles as $role) {
130  $id = $role["obj_id"];
131  $role["parent"] = $ref_id;
132  $parent_roles[$id] = $role;
133 
134  if (!array_key_exists($role['obj_id'], $role_hierarchy)) {
135  $role_hierarchy[$id] = $ref_id;
136  }
137  }
138  }
139  return $this->__setProtectedStatus($parent_roles, $role_hierarchy, reset($a_path));
140  }
ilRbacReview\getRoleListByObject
getRoleListByObject($a_ref_id, $a_templates=false)
Returns a list of roles in an container public.
Definition: class.ilRbacReview.php:183
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14
ilRbacReview\__setProtectedStatus
__setProtectedStatus($a_parent_roles, $a_role_hierarchy, $a_ref_id)
Set protected status type $rbacsystem type $ilUser type $log.
Definition: class.ilRbacReview.php:1476
$message
catch(Exception $e) $message
Definition: saml2-logout.php:34
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ __setProtectedStatus()

ilRbacReview::__setProtectedStatus (   $a_parent_roles,
  $a_role_hierarchy,
  $a_ref_id 
)
protected

Set protected status type $rbacsystem type $ilUser type $log.

Parameters
type$a_parent_roles
type$a_role_hierarchy
type$a_ref_id
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 1476 of file class.ilRbacReview.php.

References $DIC, $ilUser, $log, and assignedRoles().

Referenced by __getParentRoles().

1477  {
1478  //vd('refId',$a_ref_id,'parent roles',$a_parent_roles,'role-hierarchy',$a_role_hierarchy);
1479 
1480  global $DIC;
1481 
1482  $rbacsystem = $DIC['rbacsystem'];
1483  $ilUser = $DIC['ilUser'];
1484  $log = $DIC['log'];
1485 
1486  if (in_array(SYSTEM_ROLE_ID, $this->assignedRoles($ilUser->getId()))) {
1487  $leveladmin = true;
1488  } else {
1489  $leveladmin = false;
1490  }
1491  #vd("RoleHierarchy",$a_role_hierarchy);
1492  foreach ($a_role_hierarchy as $role_id => $rolf_id) {
1493  //$log->write("ilRBACreview::__setProtectedStatus(), 0");
1494  #echo "<br/>ROLF: ".$rolf_id." ROLE_ID: ".$role_id." (".$a_parent_roles[$role_id]['title'].") ";
1495  //var_dump($leveladmin,$a_parent_roles[$role_id]['protected']);
1496 
1497  if ($leveladmin == true) {
1498  $a_parent_roles[$role_id]['protected'] = false;
1499  continue;
1500  }
1501 
1502  if ($a_parent_roles[$role_id]['protected'] == true) {
1503  $arr_lvl_roles_user = array_intersect($this->assignedRoles($ilUser->getId()), array_keys($a_role_hierarchy, $rolf_id));
1504 
1505  #vd("intersection",$arr_lvl_roles_user);
1506 
1507  foreach ($arr_lvl_roles_user as $lvl_role_id) {
1508  #echo "<br/>level_role: ".$lvl_role_id;
1509  #echo "<br/>a_ref_id: ".$a_ref_id;
1510 
1511  //$log->write("ilRBACreview::__setProtectedStatus(), 1");
1512  // check if role grants 'edit_permission' to parent
1513  $rolf = $a_parent_roles[$role_id]['parent'];
1514  #$parent_obj = $GLOBALS['DIC']['tree']->getParentId($rolf);
1515  if ($rbacsystem->checkPermission($rolf, $lvl_role_id, 'edit_permission')) {
1516  #echo "<br />Permission granted";
1517  //$log->write("ilRBACreview::__setProtectedStatus(), 2");
1518  // user may change permissions of that higher-ranked role
1519  $a_parent_roles[$role_id]['protected'] = false;
1520 
1521  // remember successful check
1522  //$leveladmin = true;
1523  }
1524  }
1525  }
1526  }
1527  return $a_parent_roles;
1528  }
$DIC
global $DIC
Definition: saml.php:7
$ilUser
$ilUser
Definition: imgupload.php:18
ilRbacReview\assignedRoles
assignedRoles($a_usr_id)
get all assigned roles to a given user public
Definition: class.ilRbacReview.php:506
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ __setRoleType()

ilRbacReview::__setRoleType (   $a_role_list)
protected

computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in other role folders linked: roles with stoppped inheritance template: role templates

private

Parameters
arrayrole list
Returns
array role list with additional entry for role_type
Todo:
refactor rolf => DONE

Definition at line 353 of file class.ilRbacReview.php.

References $key.

Referenced by getAssignableRoles(), getRoleListByObject(), getRolesByFilter(), and getRolesForIDs().

354  {
355  foreach ($a_role_list as $key => $val) {
356  // determine role type
357  if ($val["type"] == "rolt") {
358  $a_role_list[$key]["role_type"] = "template";
359  } else {
360  if ($val["assign"] == "y") {
361  if ($val["parent"] == ROLE_FOLDER_ID) {
362  $a_role_list[$key]["role_type"] = "global";
363  } else {
364  $a_role_list[$key]["role_type"] = "local";
365  }
366  } else {
367  $a_role_list[$key]["role_type"] = "linked";
368  }
369  }
370 
371  if ($val["protected"] == "y") {
372  $a_role_list[$key]["protected"] = true;
373  } else {
374  $a_role_list[$key]["protected"] = false;
375  }
376  }
377 
378  return $a_role_list;
379  }
$key
$key
Definition: croninfo.php:18
+ Here is the caller graph for this function:

◆ __setTemplateFilter()

ilRbacReview::__setTemplateFilter (   $a_templates)
protected

get roles and templates or only roles; returns string for where clause private

Parameters
booleantrue: with templates
Returns
string where clause
Todo:
refactor rolf => DONE

Definition at line 326 of file class.ilRbacReview.php.

References $DIC, and $ilDB.

Referenced by getAssignableRoles(), getRoleListByObject(), and getRolesForIDs().

327  {
328  global $DIC;
329 
330  $ilDB = $DIC['ilDB'];
331 
332  if ($a_templates === true) {
333  $where = "WHERE " . $ilDB->in('object_data.type', array('role','rolt'), false, 'text') . " ";
334  } else {
335  $where = "WHERE " . $ilDB->in('object_data.type', array('role'), false, 'text') . " ";
336  }
337 
338  return $where;
339  }
$DIC
global $DIC
Definition: saml.php:7
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ _getOperationIdByName()

static ilRbacReview::_getOperationIdByName (   $a_operation)
static

get operation id by name of operation public static

Parameters
stringoperation name
Returns
integer operation id
Todo:
refactor rolf => DONE

Definition at line 1315 of file class.ilRbacReview.php.

References $DIC, $ilDB, $ilErr, $message, $r, $row, and ilDBConstants\FETCHMODE_OBJECT.

Referenced by ilRepositoryObjectPlugin\beforeActivation(), ilRbacSystem\checkAccessOfUser(), and ilObjBlog\getRolesWithContributeOrRedact().

1316  {
1317  global $DIC;
1318 
1319  $ilDB = $DIC['ilDB'];
1320  $ilErr = $DIC['ilErr'];
1321 
1322  if (!isset($a_operation)) {
1323  $message = "perm::getOperationId(): No operation given!";
1324  $ilErr->raiseError($message, $ilErr->WARNING);
1325  }
1326 
1327  // Cache operation ids
1328  if (!is_array(self::$_opsCache)) {
1329  self::$_opsCache = array();
1330 
1331  $q = "SELECT ops_id, operation FROM rbac_operations";
1332  $r = $ilDB->query($q);
1333  while ($row = $r->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
1334  self::$_opsCache[$row->operation] = $row->ops_id;
1335  }
1336  }
1337 
1338  // Get operation ID by name from cache
1339  if (array_key_exists($a_operation, self::$_opsCache)) {
1340  return self::$_opsCache[$a_operation];
1341  }
1342  return null;
1343  }
$DIC
global $DIC
Definition: saml.php:7
$ilErr
$ilErr
Definition: raiseError.php:18
$r
$r
Definition: example_031.php:79
$message
catch(Exception $e) $message
Definition: saml2-logout.php:34
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ _getOperationIdsByName()

static ilRbacReview::_getOperationIdsByName (   $operations)
static

get ops_id's by name.

Example usage: $rbacadmin->grantPermission($roles,ilRbacReview::_getOperationIdsByName(array('visible','read'),$ref_id));

public

Parameters
arraystring name of operation. see rbac_operations
Returns
array integer ops_id's
Todo:
refactor rolf => DONE

Definition at line 1287 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, $res, and $row.

Referenced by ilUtil\_getObjectsByOperations(), and ilECSObjectSettings\handlePermissionUpdate().

1288  {
1289  global $DIC;
1290 
1291  $ilDB = $DIC['ilDB'];
1292 
1293  if (!count($operations)) {
1294  return array();
1295  }
1296 
1297  $query = 'SELECT ops_id FROM rbac_operations ' .
1298  'WHERE ' . $ilDB->in('operation', $operations, false, 'text');
1299 
1300  $res = $ilDB->query($query);
1301  while ($row = $ilDB->fetchObject($res)) {
1302  $ops_ids[] = $row->ops_id;
1303  }
1304  return $ops_ids ? $ops_ids : array();
1305  }
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ _getOperationList()

static ilRbacReview::_getOperationList (   $a_type = null)
static

get operation list by object type public static

Parameters
stringobject type you want to have the operation list
stringorder column
stringorder direction (possible values: ASC or DESC)
Returns
array returns array of operations
Todo:
refactor rolf => DONE

Definition at line 1540 of file class.ilRbacReview.php.

References $a_type, $DIC, $ilDB, $query, $res, and $row.

Referenced by ilSettingsPermissionGUI\__construct(), ilObjTypeDefinitionGUI\editObject(), ilObjectPermissionStatusGUI\getAccessPermissionTableData(), ilObjectPermissionStatusGUI\getAssignedValidRoles(), and ilObjTypeDefinitionGUI\viewObject().

1541  {
1542  global $DIC;
1543 
1544  $ilDB = $DIC['ilDB'];
1545 
1546  $arr = array();
1547 
1548  if ($a_type) {
1549  $query = sprintf(
1550  'SELECT * FROM rbac_operations ' .
1551  'JOIN rbac_ta ON rbac_operations.ops_id = rbac_ta.ops_id ' .
1552  'JOIN object_data ON rbac_ta.typ_id = object_data.obj_id ' .
1553  'WHERE object_data.title = %s ' .
1554  'AND object_data.type = %s ' .
1555  'ORDER BY op_order ASC',
1556  $ilDB->quote($a_type, 'text'),
1557  $ilDB->quote('typ', 'text')
1558  );
1559  } else {
1560  $query = 'SELECT * FROM rbac_operations ORDER BY op_order ASC';
1561  }
1562  $res = $ilDB->query($query);
1563  while ($row = $ilDB->fetchAssoc($res)) {
1564  $arr[] = array(
1565  "ops_id" => $row['ops_id'],
1566  "operation" => $row['operation'],
1567  "desc" => $row['description'],
1568  "class" => $row['class'],
1569  "order" => $row['op_order']
1570  );
1571  }
1572  return $arr;
1573  }
$DIC
global $DIC
Definition: saml.php:7
$a_type
$a_type
Definition: workflow.php:92
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ _groupOperationsByClass()

static ilRbacReview::_groupOperationsByClass (   $a_ops_arr)
static
Parameters
type$a_ops_arr
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1581 of file class.ilRbacReview.php.

1582  {
1583  $arr = array();
1584 
1585  foreach ($a_ops_arr as $ops) {
1586  $arr[$ops['class']][] = array('ops_id' => $ops['ops_id'],
1587  'name' => $ops['operation']
1588  );
1589  }
1590  return $arr;
1591  }

◆ assignedGlobalRoles()

ilRbacReview::assignedGlobalRoles (   $a_usr_id)

Get assigned global roles for an user.

Parameters
int$a_usr_idId of user account
Todo:
refactor rolf => DONE

Definition at line 527 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, $res, and $row.

528  {
529  global $DIC;
530 
531  $ilDB = $DIC['ilDB'];
532 
533  $query = "SELECT ua.rol_id FROM rbac_ua ua " .
534  "JOIN rbac_fa fa ON ua.rol_id = fa.rol_id " .
535  "WHERE usr_id = " . $ilDB->quote($a_usr_id, 'integer') . ' ' .
536  "AND parent = " . $ilDB->quote(ROLE_FOLDER_ID) . " " .
537  "AND assign = 'y' ";
538 
539  $res = $ilDB->query($query);
540  while ($row = $ilDB->fetchObject($res)) {
541  $role_arr[] = $row->rol_id;
542  }
543  return $role_arr ? $role_arr : array();
544  }
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ assignedRoles()

ilRbacReview::assignedRoles (   $a_usr_id)

get all assigned roles to a given user public

Parameters
intusr_id
Returns
int[] all roles (id) the user is assigned to
Todo:
refactor rolf => DONE

Definition at line 506 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, $res, and $row.

Referenced by __setProtectedStatus(), and getRolesByFilter().

507  {
508  global $DIC;
509 
510  $ilDB = $DIC->database();
511 
512  $role_arr = [];
513  $query = "SELECT rol_id FROM rbac_ua WHERE usr_id = " . $ilDB->quote($a_usr_id, 'integer');
514 
515  $res = $ilDB->query($query);
516  while ($row = $ilDB->fetchObject($res)) {
517  $role_arr[] = $row->rol_id;
518  }
519  return $role_arr;
520  }
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ assignedUsers()

ilRbacReview::assignedUsers (   $a_rol_id)

get all assigned users to a given role public

Parameters
integerrole_id
Returns
array all users (id) assigned to role

Definition at line 413 of file class.ilRbacReview.php.

References $DIC, $ilBench, $ilDB, $message, $query, $res, and $row.

414  {
415  global $DIC;
416 
417  $ilBench = $DIC['ilBench'];
418  $ilDB = $DIC['ilDB'];
419 
420  if (!isset($a_rol_id)) {
421  $message = get_class($this) . "::assignedUsers(): No role_id given!";
422  $this->ilErr->raiseError($message, $this->ilErr->WARNING);
423  }
424  if (isset(self::$assigned_users_cache[$a_rol_id])) {
425  return self::$assigned_users_cache[$a_rol_id];
426  }
427 
428  $result_arr = array();
429 
430  $query = "SELECT usr_id FROM rbac_ua WHERE rol_id= " . $ilDB->quote($a_rol_id, 'integer');
431  $res = $ilDB->query($query);
432  while ($row = $ilDB->fetchAssoc($res)) {
433  array_push($result_arr, $row["usr_id"]);
434  }
435 
436  self::$assigned_users_cache[$a_rol_id] = $result_arr;
437 
438  return $result_arr;
439  }
$DIC
global $DIC
Definition: saml.php:7
$message
catch(Exception $e) $message
Definition: saml2-logout.php:34
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilBench
global $ilBench
Definition: ilias.php:18
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ clearCaches()

ilRbacReview::clearCaches ( )

Clear assigned users caches.

Definition at line 1869 of file class.ilRbacReview.php.

1870  {
1871  self::$is_assigned_cache = array();
1872  self::$assigned_users_cache = array();
1873  }

◆ getActiveOperationsOfRole()

ilRbacReview::getActiveOperationsOfRole (   $a_ref_id,
  $a_role_id 
)

Get active operations for a role.

Parameters
object$a_ref_id
object$a_role_id
Returns
Todo:
refactor rolf => DONE

Definition at line 900 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, $res, $row, and ilDBConstants\FETCHMODE_ASSOC.

901  {
902  global $DIC;
903 
904  $ilDB = $DIC['ilDB'];
905 
906  $query = 'SELECT * FROM rbac_pa ' .
907  'WHERE ref_id = ' . $ilDB->quote($a_ref_id, 'integer') . ' ' .
908  'AND rol_id = ' . $ilDB->quote($a_role_id, 'integer') . ' ';
909 
910  $res = $ilDB->query($query);
911  while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) {
912  return unserialize($row['ops_id']);
913  }
914  return array();
915  }
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getAllOperationsOfRole()

ilRbacReview::getAllOperationsOfRole (   $a_rol_id,
  $a_parent = 0 
)

get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles public

Parameters
integerrole_id
integerrole folder id
Returns
array array of operation_id and types
Todo:
refactor rolf => DONE

Definition at line 871 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, $res, and $row.

872  {
873  global $DIC;
874 
875  $ilDB = $DIC['ilDB'];
876 
877  if (!$a_parent) {
878  $a_parent = ROLE_FOLDER_ID;
879  }
880 
881  $query = "SELECT ops_id,type FROM rbac_templates " .
882  "WHERE rol_id = " . $ilDB->quote($a_rol_id, 'integer') . " " .
883  "AND parent = " . $ilDB->quote($a_parent, 'integer');
884  $res = $ilDB->query($query);
885 
886  $ops_arr = array();
887  while ($row = $ilDB->fetchObject($res)) {
888  $ops_arr[$row->type][] = $row->ops_id;
889  }
890  return (array) $ops_arr;
891  }
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getAssignableChildRoles()

ilRbacReview::getAssignableChildRoles (   $a_ref_id)

Get all assignable roles directly under a specific node public.

Parameters
ref_id
Returns
array set ids
Todo:
refactor rolf => Find a better name; reduce sql fields

Definition at line 299 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, $res, and $row.

300  {
301  global $DIC;
302 
303  $ilDB = $DIC['ilDB'];
304 
305  $query = "SELECT fa.*, rd.* " .
306  "FROM object_data rd " .
307  "JOIN rbac_fa fa ON rd.obj_id = fa.rol_id " .
308  "WHERE fa.assign = 'y' " .
309  "AND fa.parent = " . $this->ilDB->quote($a_ref_id, 'integer') . " "
310  ;
311 
312  $res = $ilDB->query($query);
313  while ($row = $ilDB->fetchAssoc($res)) {
314  $roles_data[] = $row;
315  }
316  return $roles_data ? $roles_data : array();
317  }
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getAssignableRoles()

ilRbacReview::getAssignableRoles (   $a_templates = false,
  $a_internal_roles = false,
  $title_filter = '' 
)

Returns a list of all assignable roles public.

Parameters
booleanif true fetch template roles too
Returns
array set ids
Todo:
refactor rolf => DONE

Definition at line 225 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, $res, $row, __setRoleType(), and __setTemplateFilter().

Referenced by getRolesByFilter().

226  {
227  global $DIC;
228 
229  $ilDB = $DIC['ilDB'];
230 
231  $role_list = array();
232 
233  $where = $this->__setTemplateFilter($a_templates);
234 
235  $query = "SELECT * FROM object_data " .
236  "JOIN rbac_fa ON obj_id = rol_id " .
237  $where .
238  "AND rbac_fa.assign = 'y' ";
239 
240  if (strlen($title_filter)) {
241  $query .= (' AND ' . $ilDB->like(
242  'title',
243  'text',
244  $title_filter . '%'
245  ));
246  }
247  $res = $ilDB->query($query);
248 
249  while ($row = $ilDB->fetchAssoc($res)) {
250  $row["desc"] = $row["description"];
251  $row["user_id"] = $row["owner"];
252  $role_list[] = $row;
253  }
254 
255  $role_list = $this->__setRoleType($role_list);
256 
257  return $role_list;
258  }
$DIC
global $DIC
Definition: saml.php:7
ilRbacReview\__setTemplateFilter
__setTemplateFilter($a_templates)
get roles and templates or only roles; returns string for where clause private
Definition: class.ilRbacReview.php:326
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilRbacReview\__setRoleType
__setRoleType($a_role_list)
computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in oth...
Definition: class.ilRbacReview.php:353
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getAssignableRolesInSubtree()

ilRbacReview::getAssignableRolesInSubtree (   $ref_id)

Returns a list of assignable roles in a subtree of the repository public.

Parameters
ref_idRoot node of subtree
Returns
array set ids
Todo:
refactor rolf => DONE

Definition at line 267 of file class.ilRbacReview.php.

References $DIC, $GLOBALS, $ilDB, $query, $res, $row, and ilDBConstants\FETCHMODE_OBJECT.

268  {
269  global $DIC;
270 
271  $ilDB = $DIC['ilDB'];
272 
273  $query = 'SELECT rol_id FROM rbac_fa fa ' .
274  'JOIN tree t1 ON t1.child = fa.parent ' .
275  'JOIN object_data obd ON fa.rol_id = obd.obj_id ' .
276  'WHERE assign = ' . $ilDB->quote('y', 'text') . ' ' .
277  'AND obd.type = ' . $ilDB->quote('role', 'text') . ' ' .
278  'AND t1.child IN (' .
279  $GLOBALS['DIC']['tree']->getSubTreeQuery($ref_id, array('child')) . ' ' .
280  ') ';
281 
282 
283  $res = $ilDB->query($query);
284 
285  $role_list = array();
286  while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
287  $role_list[] = $row->rol_id;
288  }
289  return $role_list;
290  }
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
$GLOBALS
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
Definition: module.tag.xmp.php:702

◆ getAssignedCacheEntry()

ilRbacReview::getAssignedCacheEntry (   $a_role_id,
  $a_user_id 
)

get entry of assigned_chache

Parameters
int$a_role_id
int$a_user_id

Definition at line 1861 of file class.ilRbacReview.php.

1862  {
1863  return self::$is_assigned_cache[$a_role_id][$a_user_id];
1864  }

◆ getFoldersAssignedToRole()

ilRbacReview::getFoldersAssignedToRole (   $a_rol_id,
  $a_assignable = false 
)

Returns an array of objects assigned to a role.

A role with stopped inheritance may be assigned to more than one objects. To get only the original location of a role, set the second parameter to true

public

Parameters
integerrole id
booleanget only rolefolders where role is assignable (true)
Returns
array reference IDs of role folders
Todo:
refactor rolf => RENAME (rest done)

Definition at line 612 of file class.ilRbacReview.php.

References $DIC, $ilDB, $message, $query, $res, and $row.

Referenced by isRoleDeleted().

613  {
614  global $DIC;
615 
616  $ilDB = $DIC['ilDB'];
617 
618  if (!isset($a_rol_id)) {
619  $message = get_class($this) . "::getFoldersAssignedToRole(): No role_id given!";
620  $this->ilErr->raiseError($message, $this->ilErr->WARNING);
621  }
622 
623  if ($a_assignable) {
624  $where = " AND assign ='y'";
625  }
626 
627  $query = "SELECT DISTINCT parent FROM rbac_fa " .
628  "WHERE rol_id = " . $ilDB->quote($a_rol_id, 'integer') . " " . $where . " ";
629 
630  $res = $ilDB->query($query);
631  $folders = [];
632  while ($row = $ilDB->fetchObject($res)) {
633  $folders[] = $row->parent;
634  }
635  return $folders;
636  }
$DIC
global $DIC
Definition: saml.php:7
$message
catch(Exception $e) $message
Definition: saml2-logout.php:34
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ getGlobalAssignableRoles()

ilRbacReview::getGlobalAssignableRoles ( )

get only 'global' roles (with flag 'assign_users') public

Returns
array Array with rol_ids
Todo:
refactor rolf => DONE

Definition at line 784 of file class.ilRbacReview.php.

References ilObjRole\_getAssignUsersStatus(), and getGlobalRoles().

785  {
786  include_once './Services/AccessControl/classes/class.ilObjRole.php';
787 
788  foreach ($this->getGlobalRoles() as $role_id) {
789  if (ilObjRole::_getAssignUsersStatus($role_id)) {
790  $ga[] = array('obj_id' => $role_id,
791  'role_type' => 'global');
792  }
793  }
794  return $ga ? $ga : array();
795  }
ilObjRole\_getAssignUsersStatus
static _getAssignUsersStatus($a_role_id)
Definition: class.ilObjRole.php:154
ilRbacReview\getGlobalRoles
getGlobalRoles()
get only &#39;global&#39; roles public
Definition: class.ilRbacReview.php:724
+ Here is the call graph for this function:

◆ getGlobalRoles()

ilRbacReview::getGlobalRoles ( )

get only 'global' roles public

Returns
array Array with rol_ids
Todo:
refactor rolf => DONE

Definition at line 724 of file class.ilRbacReview.php.

References getRolesOfRoleFolder().

Referenced by getGlobalAssignableRoles(), getRolesByFilter(), and isGlobalRole().

725  {
726  return $this->getRolesOfRoleFolder(ROLE_FOLDER_ID, false);
727  }
ilRbacReview\getRolesOfRoleFolder
getRolesOfRoleFolder($a_ref_id, $a_nonassignable=true)
get all roles of a role folder including linked local roles that are created due to stopped inheritan...
Definition: class.ilRbacReview.php:684
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getGlobalRolesArray()

ilRbacReview::getGlobalRolesArray ( )

get only 'global' roles public

Returns
array Array with rol_ids
Todo:
refactor rolf => DONE

Definition at line 769 of file class.ilRbacReview.php.

References getRolesOfRoleFolder().

770  {
771  foreach ($this->getRolesOfRoleFolder(ROLE_FOLDER_ID, false) as $role_id) {
772  $ga[] = array('obj_id' => $role_id,
773  'role_type' => 'global');
774  }
775  return $ga ? $ga : array();
776  }
ilRbacReview\getRolesOfRoleFolder
getRolesOfRoleFolder($a_ref_id, $a_nonassignable=true)
get all roles of a role folder including linked local roles that are created due to stopped inheritan...
Definition: class.ilRbacReview.php:684
+ Here is the call graph for this function:

◆ getLocalPolicies()

ilRbacReview::getLocalPolicies (   $a_ref_id)

Get all roles with local policies.

Parameters
type$a_ref_id
Returns
type

Definition at line 754 of file class.ilRbacReview.php.

References getRolesOfRoleFolder().

755  {
756  $lroles = array();
757  foreach ($this->getRolesOfRoleFolder($a_ref_id) as $role_id) {
758  $lroles[] = $role_id;
759  }
760  return $lroles;
761  }
ilRbacReview\getRolesOfRoleFolder
getRolesOfRoleFolder($a_ref_id, $a_nonassignable=true)
get all roles of a role folder including linked local roles that are created due to stopped inheritan...
Definition: class.ilRbacReview.php:684
+ Here is the call graph for this function:

◆ getLocalRoles()

ilRbacReview::getLocalRoles (   $a_ref_id)

Get local roles of object.

Parameters
int$a_ref_id
Todo:
refactor rolf => DONE

Definition at line 734 of file class.ilRbacReview.php.

References $DIC, $ilDB, getRolesOfRoleFolder(), and isAssignable().

735  {
736  global $DIC;
737 
738  $ilDB = $DIC['ilDB'];
739 
740  $lroles = array();
741  foreach ($this->getRolesOfRoleFolder($a_ref_id) as $role_id) {
742  if ($this->isAssignable($role_id, $a_ref_id)) {
743  $lroles[] = $role_id;
744  }
745  }
746  return $lroles;
747  }
$DIC
global $DIC
Definition: saml.php:7
ilRbacReview\getRolesOfRoleFolder
getRolesOfRoleFolder($a_ref_id, $a_nonassignable=true)
get all roles of a role folder including linked local roles that are created due to stopped inheritan...
Definition: class.ilRbacReview.php:684
ilRbacReview\isAssignable
isAssignable($a_rol_id, $a_ref_id)
Check if its possible to assign users public.
Definition: class.ilRbacReview.php:554
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ getNumberOfAssignedUsers()

ilRbacReview::getNumberOfAssignedUsers ( array  $a_roles)

Get the number of assigned users to roles (not properly deleted user accounts are not counted)

Parameters
int[]$a_roles
Returns
int
Todo:
refactor rolf => DONE

Definition at line 387 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, $res, $row, and ilDBConstants\FETCHMODE_OBJECT.

388  {
389  global $DIC;
390 
391  $ilDB = $DIC->database();
392 
393  $query = 'select count(distinct(ua.usr_id)) as num from rbac_ua ua ' .
394  'join object_data on ua.usr_id = obj_id ' .
395  'join usr_data ud on ua.usr_id = ud.usr_id ' .
396  'where ' . $ilDB->in('rol_id', $a_roles, false, 'integer');
397 
398  $res = $ilDB->query($query);
399  if ($res->numRows()) {
400  $row = $res->fetchRow(\ilDBConstants::FETCHMODE_OBJECT);
401  return $row->num;
402  }
403  return 0;
404  }
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getObjectOfRole()

ilRbacReview::getObjectOfRole (   $a_role_id)

Get object id of objects a role is assigned to.

Todo:
refactor rolf (due to performance reasons the new version does not check for deleted roles only in object reference)

public

Parameters
introle id

Definition at line 1602 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, $res, and $row.

1603  {
1604  // internal cache
1605  static $obj_cache = array();
1606 
1607  global $DIC;
1608 
1609  $ilDB = $DIC['ilDB'];
1610 
1611 
1612  if (isset($obj_cache[$a_role_id]) and $obj_cache[$a_role_id]) {
1613  return $obj_cache[$a_role_id];
1614  }
1615 
1616  $query = 'SELECT obr.obj_id FROM rbac_fa rfa ' .
1617  'JOIN object_reference obr ON rfa.parent = obr.ref_id ' .
1618  'WHERE assign = ' . $ilDB->quote('y', 'text') . ' ' .
1619  'AND rol_id = ' . $ilDB->quote($a_role_id, 'integer') . ' ' .
1620  'AND deleted IS NULL';
1621 
1622  #$query = "SELECT obr.obj_id FROM rbac_fa rfa ".
1623  # "JOIN tree ON rfa.parent = tree.child ".
1624  # "JOIN object_reference obr ON tree.parent = obr.ref_id ".
1625  # "WHERE tree.tree = 1 ".
1626  # "AND assign = 'y' ".
1627  # "AND rol_id = ".$ilDB->quote($a_role_id,'integer')." ";
1628  $res = $ilDB->query($query);
1629 
1630  $obj_cache[$a_role_id] = 0;
1631  while ($row = $ilDB->fetchObject($res)) {
1632  $obj_cache[$a_role_id] = $row->obj_id;
1633  }
1634  return $obj_cache[$a_role_id];
1635  }
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getObjectReferenceOfRole()

ilRbacReview::getObjectReferenceOfRole (   $a_role_id)

Get reference of role.

Parameters
object$a_role_id
Returns
int
Todo:
refactor rolf (no deleted check)

Definition at line 1643 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, $res, $row, and ilDBConstants\FETCHMODE_OBJECT.

1644  {
1645  global $DIC;
1646 
1647  $ilDB = $DIC['ilDB'];
1648 
1649  $query = 'SELECT parent p_ref FROM rbac_fa ' .
1650  'WHERE rol_id = ' . $ilDB->quote($a_role_id, 'integer') . ' ' .
1651  'AND assign = ' . $ilDB->quote('y', 'text');
1652 
1653  $res = $ilDB->query($query);
1654  while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
1655  return $row->p_ref;
1656  }
1657  return 0;
1658  }
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getObjectsWithStopedInheritance()

ilRbacReview::getObjectsWithStopedInheritance (   $a_rol_id,
  $a_filter = array() 
)

get all objects in which the inheritance of role with role_id was stopped the function returns all reference ids of objects containing a role folder.

public

Parameters
integerrole_id
arrayfilter ref_ids
Returns
array with ref_ids of objects
Todo:
refactor rolf => DONE

Definition at line 1091 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, $res, $row, and ilDBConstants\FETCHMODE_OBJECT.

1092  {
1093  global $DIC;
1094 
1095  $ilDB = $DIC['ilDB'];
1096 
1097  #$query = 'SELECT t.parent p FROM tree t JOIN rbac_fa fa ON fa.parent = child '.
1098  # 'WHERE assign = '.$ilDB->quote('n','text').' '.
1099  # 'AND rol_id = '.$ilDB->quote($a_rol_id,'integer').' ';
1100 
1101  $query = 'SELECT parent p FROM rbac_fa ' .
1102  'WHERE assign = ' . $ilDB->quote('n', 'text') . ' ' .
1103  'AND rol_id = ' . $ilDB->quote($a_rol_id, 'integer') . ' ';
1104 
1105  if ($a_filter) {
1106  $query .= ('AND ' . $ilDB->in('parent', (array) $a_filter, false, 'integer'));
1107  }
1108 
1109  $res = $ilDB->query($query);
1110  $parent = array();
1111  while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
1112  $parent[] = $row->p;
1113  }
1114  return $parent;
1115  }
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getOperation()

ilRbacReview::getOperation (   $ops_id)

get one operation by operation id public

Returns
array data of operation_id
Todo:
refactor rolf => DONE

Definition at line 845 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, $res, and $row.

846  {
847  global $DIC;
848 
849  $ilDB = $DIC['ilDB'];
850 
851  $query = 'SELECT * FROM rbac_operations WHERE ops_id = ' . $ilDB->quote($ops_id, 'integer');
852  $res = $this->ilDB->query($query);
853  while ($row = $ilDB->fetchObject($res)) {
854  $ops = array('ops_id' => $row->ops_id,
855  'operation' => $row->operation,
856  'description' => $row->description);
857  }
858 
859  return $ops ? $ops : array();
860  }
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getOperationAssignment()

ilRbacReview::getOperationAssignment ( )

get operation assignments

Returns
array array(array('typ_id' => $typ_id,'title' => $title,'ops_id => '$ops_is,'operation' => $operation),...
Todo:
refactor rolf => DONE

Definition at line 1723 of file class.ilRbacReview.php.

References $DIC, $ilDB, $info, $query, $res, and $row.

1724  {
1725  global $DIC;
1726 
1727  $ilDB = $DIC['ilDB'];
1728 
1729  $query = 'SELECT ta.typ_id, obj.title, ops.ops_id, ops.operation FROM rbac_ta ta ' .
1730  'JOIN object_data obj ON obj.obj_id = ta.typ_id ' .
1731  'JOIN rbac_operations ops ON ops.ops_id = ta.ops_id ';
1732  $res = $ilDB->query($query);
1733 
1734  $counter = 0;
1735  while ($row = $ilDB->fetchObject($res)) {
1736  $info[$counter]['typ_id'] = $row->typ_id;
1737  $info[$counter]['type'] = $row->title;
1738  $info[$counter]['ops_id'] = $row->ops_id;
1739  $info[$counter]['operation'] = $row->operation;
1740  $counter++;
1741  }
1742  return $info ? $info : array();
1743  }
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
$info
$info
Definition: index.php:5

◆ getOperations()

ilRbacReview::getOperations ( )

get all possible operations public

Returns
array array of operation_id
Todo:
refactor rolf => DONE

Definition at line 822 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, $res, and $row.

823  {
824  global $DIC;
825 
826  $ilDB = $DIC['ilDB'];
827 
828  $query = 'SELECT * FROM rbac_operations ORDER BY ops_id ';
829  $res = $this->ilDB->query($query);
830  while ($row = $ilDB->fetchObject($res)) {
831  $ops[] = array('ops_id' => $row->ops_id,
832  'operation' => $row->operation,
833  'description' => $row->description);
834  }
835 
836  return $ops ? $ops : array();
837  }
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getOperationsByTypeAndClass()

ilRbacReview::getOperationsByTypeAndClass (   $a_type,
  $a_class 
)

Get operations by type and class.

Parameters
string$a_typeType is "object" or
string$a_class
Returns
Todo:
refactor rolf => DONE

Definition at line 1052 of file class.ilRbacReview.php.

References $a_type, $DIC, $ilDB, $query, $res, $row, and ilDBConstants\FETCHMODE_OBJECT.

1053  {
1054  global $DIC;
1055 
1056  $ilDB = $DIC['ilDB'];
1057 
1058  if ($a_class != 'create') {
1059  $condition = "AND class != " . $ilDB->quote('create', 'text');
1060  } else {
1061  $condition = "AND class = " . $ilDB->quote('create', 'text');
1062  }
1063 
1064  $query = "SELECT ro.ops_id FROM rbac_operations ro " .
1065  "JOIN rbac_ta rt ON ro.ops_id = rt.ops_id " .
1066  "JOIN object_data od ON rt.typ_id = od.obj_id " .
1067  "WHERE type = " . $ilDB->quote('typ', 'text') . " " .
1068  "AND title = " . $ilDB->quote($a_type, 'text') . " " .
1069  $condition . " " .
1070  "ORDER BY op_order ";
1071 
1072  $res = $ilDB->query($query);
1073 
1074  $ops = array();
1075  while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
1076  $ops[] = $row->ops_id;
1077  }
1078  return $ops;
1079  }
$DIC
global $DIC
Definition: saml.php:7
$a_type
$a_type
Definition: workflow.php:92
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getOperationsOfRole()

ilRbacReview::getOperationsOfRole (   $a_rol_id,
  $a_type,
  $a_parent = 0 
)

get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles public

Parameters
integerrole_id
stringobject type
integerrole folder id
Returns
array array of operation_id
Todo:
refactor rolf => DONE

Definition at line 928 of file class.ilRbacReview.php.

References $a_type, $DIC, $ilDB, $ilLog, $message, $query, $res, and $row.

929  {
930  global $DIC;
931 
932  $ilDB = $DIC['ilDB'];
933  $ilLog = $DIC['ilLog'];
934 
935  if (!isset($a_rol_id) or !isset($a_type)) {
936  $message = get_class($this) . "::getOperationsOfRole(): Missing Parameter!" .
937  "role_id: " . $a_rol_id .
938  "type: " . $a_type .
939  "parent_id: " . $a_parent;
940  $ilLog->logStack("Missing parameter! ");
941  $this->ilErr->raiseError($message, $this->ilErr->WARNING);
942  }
943 
944  $ops_arr = array();
945 
946  // if no rolefolder id is given, assume global role folder as target
947  if ($a_parent == 0) {
948  $a_parent = ROLE_FOLDER_ID;
949  }
950 
951  $query = "SELECT ops_id FROM rbac_templates " .
952  "WHERE type =" . $ilDB->quote($a_type, 'text') . " " .
953  "AND rol_id = " . $ilDB->quote($a_rol_id, 'integer') . " " .
954  "AND parent = " . $ilDB->quote($a_parent, 'integer');
955  $res = $ilDB->query($query);
956  while ($row = $ilDB->fetchObject($res)) {
957  $ops_arr[] = $row->ops_id;
958  }
959 
960  return $ops_arr;
961  }
$DIC
global $DIC
Definition: saml.php:7
$a_type
$a_type
Definition: workflow.php:92
$message
catch(Exception $e) $message
Definition: saml2-logout.php:34
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$ilLog
$ilLog
Definition: inc.setup_header.php:123
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getOperationsOnType()

ilRbacReview::getOperationsOnType (   $a_typ_id)

all possible operations of a type public

Parameters
integerobject_ID of type
Returns
array valid operation_IDs
Todo:
rafactor rolf => DONE

Definition at line 995 of file class.ilRbacReview.php.

References $DIC, $ilDB, $message, $query, $res, and $row.

Referenced by getOperationsOnTypeString().

996  {
997  global $DIC;
998 
999  $ilDB = $DIC['ilDB'];
1000 
1001  if (!isset($a_typ_id)) {
1002  $message = get_class($this) . "::getOperationsOnType(): No type_id given!";
1003  $this->ilErr->raiseError($message, $this->ilErr->WARNING);
1004  }
1005 
1006  #$query = "SELECT * FROM rbac_ta WHERE typ_id = ".$ilDB->quote($a_typ_id,'integer');
1007 
1008  $query = 'SELECT * FROM rbac_ta ta JOIN rbac_operations o ON ta.ops_id = o.ops_id ' .
1009  'WHERE typ_id = ' . $ilDB->quote($a_typ_id, 'integer') . ' ' .
1010  'ORDER BY op_order';
1011 
1012  $res = $ilDB->query($query);
1013 
1014  while ($row = $ilDB->fetchObject($res)) {
1015  $ops_id[] = $row->ops_id;
1016  }
1017 
1018  return $ops_id ? $ops_id : array();
1019  }
$DIC
global $DIC
Definition: saml.php:7
$message
catch(Exception $e) $message
Definition: saml2-logout.php:34
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ getOperationsOnTypeString()

ilRbacReview::getOperationsOnTypeString (   $a_type)

all possible operations of a type public

Parameters
integerobject_ID of type
Returns
array valid operation_IDs
Todo:
rafactor rolf => DONE

Definition at line 1029 of file class.ilRbacReview.php.

References $a_type, $DIC, $ilDB, $query, $res, $row, ilDBConstants\FETCHMODE_OBJECT, and getOperationsOnType().

1030  {
1031  global $DIC;
1032 
1033  $ilDB = $DIC['ilDB'];
1034 
1035  $query = "SELECT * FROM object_data WHERE type = 'typ' AND title = " . $ilDB->quote($a_type, 'text') . " ";
1036 
1037 
1038  $res = $this->ilDB->query($query);
1039  while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
1040  return $this->getOperationsOnType($row->obj_id);
1041  }
1042  return false;
1043  }
$DIC
global $DIC
Definition: saml.php:7
$a_type
$a_type
Definition: workflow.php:92
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilRbacReview\getOperationsOnType
getOperationsOnType($a_typ_id)
all possible operations of a type public
Definition: class.ilRbacReview.php:995
+ Here is the call graph for this function:

◆ getParentRoleIds()

ilRbacReview::getParentRoleIds (   $a_endnode_id,
  $a_templates = false 
)

get an array of parent role ids of all parent roles, if last parameter is set true you get also all parent templates public

Parameters
integerref_id of an object which is end node
booleantrue for role templates (default: false)
Returns
array array(role_ids => role_data)
Todo:
refactor rolf => DONE

Definition at line 151 of file class.ilRbacReview.php.

References $DIC, $GLOBALS, $message, $tree, and __getParentRoles().

152  {
153  global $DIC;
154 
155  $tree = $DIC['tree'];
156 
157  if (!isset($a_endnode_id)) {
158  $GLOBALS['DIC']['ilLog']->logStack();
159  $message = get_class($this) . "::getParentRoleIds(): No node_id (ref_id) given!";
160  $this->ilErr->raiseError($message, $this->ilErr->WARNING);
161  }
162 
163  //var_dump($a_endnode_id);exit;
164  //$log->write("ilRBACreview::getParentRoleIds(), 0");
165  $pathIds = $tree->getPathId($a_endnode_id);
166 
167  // add system folder since it may not in the path
168  //$pathIds[0] = SYSTEM_FOLDER_ID;
169  $pathIds[0] = ROLE_FOLDER_ID;
170  //$log->write("ilRBACreview::getParentRoleIds(), 1");
171  #return $this->getParentRoles($a_endnode_id,$a_templates,$a_keep_protected);
172  return $this->__getParentRoles($pathIds, $a_templates);
173  }
$DIC
global $DIC
Definition: saml.php:7
ilRbacReview\__getParentRoles
__getParentRoles($a_path, $a_templates)
Note: This function performs faster than the new getParentRoles function, because it uses database in...
Definition: class.ilRbacReview.php:117
$message
catch(Exception $e) $message
Definition: saml2-logout.php:34
$GLOBALS
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
Definition: module.tag.xmp.php:702
+ Here is the call graph for this function:

◆ getRoleFolderOfRole()

ilRbacReview::getRoleFolderOfRole (   $a_role_id)

Get role folder of role ilDB $ilDB.

Parameters
int$a_role_id
Returns
int
Todo:
refactor rolf => RENAME

Definition at line 1786 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, $res, $row, ilObject\_lookupType(), and ilDBConstants\FETCHMODE_OBJECT.

1787  {
1788  global $DIC;
1789 
1790  $ilDB = $DIC['ilDB'];
1791 
1792  if (ilObject::_lookupType($a_role_id) == 'role') {
1793  $and = ('AND assign = ' . $ilDB->quote('y', 'text'));
1794  } else {
1795  $and = '';
1796  }
1797 
1798  $query = 'SELECT * FROM rbac_fa ' .
1799  'WHERE rol_id = ' . $ilDB->quote($a_role_id, 'integer') . ' ' .
1800  $and;
1801  $res = $ilDB->query($query);
1802  while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
1803  return $row->parent;
1804  }
1805  return 0;
1806  }
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1275
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ getRoleListByObject()

ilRbacReview::getRoleListByObject (   $a_ref_id,
  $a_templates = false 
)

Returns a list of roles in an container public.

Parameters
integerref_id of object
booleanif true fetch template roles too
Returns
array set ids
Todo:
refactor rolf => DONE

Definition at line 183 of file class.ilRbacReview.php.

References $DIC, $ilDB, $message, $query, $res, $row, __setRoleType(), and __setTemplateFilter().

Referenced by __getParentRoles().

184  {
185  global $DIC;
186 
187  $ilDB = $DIC['ilDB'];
188 
189  if (!isset($a_ref_id) or !isset($a_templates)) {
190  $message = get_class($this) . "::getRoleListByObject(): Missing parameter!" .
191  "ref_id: " . $a_ref_id .
192  "tpl_flag: " . $a_templates;
193  $this->ilErr->raiseError($message, $this->ilErr->WARNING);
194  }
195 
196  $role_list = array();
197 
198  $where = $this->__setTemplateFilter($a_templates);
199 
200  $query = "SELECT * FROM object_data " .
201  "JOIN rbac_fa ON obj_id = rol_id " .
202  $where .
203  "AND object_data.obj_id = rbac_fa.rol_id " .
204  "AND rbac_fa.parent = " . $ilDB->quote($a_ref_id, 'integer') . " ";
205 
206  $res = $ilDB->query($query);
207  while ($row = $ilDB->fetchAssoc($res)) {
208  $row["desc"] = $row["description"];
209  $row["user_id"] = $row["owner"];
210  $role_list[] = $row;
211  }
212 
213  $role_list = $this->__setRoleType($role_list);
214 
215  return $role_list;
216  }
$DIC
global $DIC
Definition: saml.php:7
ilRbacReview\__setTemplateFilter
__setTemplateFilter($a_templates)
get roles and templates or only roles; returns string for where clause private
Definition: class.ilRbacReview.php:326
$message
catch(Exception $e) $message
Definition: saml2-logout.php:34
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilRbacReview\__setRoleType
__setRoleType($a_role_list)
computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in oth...
Definition: class.ilRbacReview.php:353
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getRoleOperationsOnObject()

ilRbacReview::getRoleOperationsOnObject (   $a_role_id,
  $a_ref_id 
)

ilDB $ilDB

Parameters
type$a_role_id
type$a_ref_id
Returns
type
Todo:
rafactor rolf => DONE

Definition at line 970 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, $res, and $row.

971  {
972  global $DIC;
973 
974  $ilDB = $DIC['ilDB'];
975 
976  $query = "SELECT * FROM rbac_pa " .
977  "WHERE rol_id = " . $ilDB->quote($a_role_id, 'integer') . " " .
978  "AND ref_id = " . $ilDB->quote($a_ref_id, 'integer') . " ";
979 
980  $res = $ilDB->query($query);
981  while ($row = $ilDB->fetchObject($res)) {
982  $ops = unserialize($row->ops_id);
983  }
984 
985  return $ops ? $ops : array();
986  }
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getRolesByFilter()

ilRbacReview::getRolesByFilter (   $a_filter = 0,
  $a_user_id = 0,
  $title_filter = '' 
)

ilDB $ilDB

Parameters
type$a_filter
type$a_user_id
type$title_filter
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1174 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, $res, $row, __setRoleType(), assignedRoles(), getAssignableRoles(), and getGlobalRoles().

1175  {
1176  global $DIC;
1177 
1178  $ilDB = $DIC['ilDB'];
1179 
1180  $assign = "y";
1181 
1182  switch ($a_filter) {
1183  // all (assignable) roles
1184  case self::FILTER_ALL:
1185  return $this->getAssignableRoles(true, true, $title_filter);
1186  break;
1187 
1188  // all (assignable) global roles
1189  case self::FILTER_ALL_GLOBAL:
1190  $where = 'WHERE ' . $ilDB->in('rbac_fa.rol_id', $this->getGlobalRoles(), false, 'integer') . ' ';
1191  break;
1192 
1193  // all (assignable) local roles
1194  case self::FILTER_ALL_LOCAL:
1195  case self::FILTER_INTERNAL:
1196  case self::FILTER_NOT_INTERNAL:
1197  $where = 'WHERE ' . $ilDB->in('rbac_fa.rol_id', $this->getGlobalRoles(), true, 'integer');
1198  break;
1199 
1200  // all role templates
1201  case self::FILTER_TEMPLATES:
1202  $where = "WHERE object_data.type = 'rolt'";
1203  $assign = "n";
1204  break;
1205 
1206  // only assigned roles, handled by ilObjUserGUI::roleassignmentObject()
1207  case 0:
1208  default:
1209  if (!$a_user_id) {
1210  return array();
1211  }
1212 
1213  $where = 'WHERE ' . $ilDB->in('rbac_fa.rol_id', $this->assignedRoles($a_user_id), false, 'integer') . ' ';
1214  break;
1215  }
1216 
1217  $roles = array();
1218 
1219  $query = "SELECT * FROM object_data " .
1220  "JOIN rbac_fa ON obj_id = rol_id " .
1221  $where .
1222  "AND rbac_fa.assign = " . $ilDB->quote($assign, 'text') . " ";
1223 
1224  if (strlen($title_filter)) {
1225  $query .= (' AND ' . $ilDB->like(
1226  'title',
1227  'text',
1228  '%' . $title_filter . '%'
1229  ));
1230  }
1231 
1232  $res = $ilDB->query($query);
1233  while ($row = $ilDB->fetchAssoc($res)) {
1234  $prefix = (substr($row["title"], 0, 3) == "il_") ? true : false;
1235 
1236  // all (assignable) internal local roles only
1237  if ($a_filter == 4 and !$prefix) {
1238  continue;
1239  }
1240 
1241  // all (assignable) non internal local roles only
1242  if ($a_filter == 5 and $prefix) {
1243  continue;
1244  }
1245 
1246  $row["desc"] = $row["description"];
1247  $row["user_id"] = $row["owner"];
1248  $roles[] = $row;
1249  }
1250 
1251  $roles = $this->__setRoleType($roles);
1252 
1253  return $roles ? $roles : array();
1254  }
$DIC
global $DIC
Definition: saml.php:7
ilRbacReview\getAssignableRoles
getAssignableRoles($a_templates=false, $a_internal_roles=false, $title_filter='')
Returns a list of all assignable roles public.
Definition: class.ilRbacReview.php:225
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
ilRbacReview\getGlobalRoles
getGlobalRoles()
get only &#39;global&#39; roles public
Definition: class.ilRbacReview.php:724
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
ilRbacReview\assignedRoles
assignedRoles($a_usr_id)
get all assigned roles to a given user public
Definition: class.ilRbacReview.php:506
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilRbacReview\__setRoleType
__setRoleType($a_role_list)
computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in oth...
Definition: class.ilRbacReview.php:353
+ Here is the call graph for this function:

◆ getRolesForIDs()

ilRbacReview::getRolesForIDs (   $role_ids,
  $use_templates 
)

ilDB $ilDB

Parameters
type$role_ids
type$use_templates
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1691 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, $res, $row, __setRoleType(), and __setTemplateFilter().

1692  {
1693  global $DIC;
1694 
1695  $ilDB = $DIC['ilDB'];
1696 
1697  $role_list = array();
1698 
1699  $where = $this->__setTemplateFilter($use_templates);
1700 
1701  $query = "SELECT * FROM object_data " .
1702  "JOIN rbac_fa ON object_data.obj_id = rbac_fa.rol_id " .
1703  $where .
1704  "AND rbac_fa.assign = 'y' " .
1705  'AND ' . $ilDB->in('object_data.obj_id', $role_ids, false, 'integer');
1706 
1707  $res = $ilDB->query($query);
1708  while ($row = $ilDB->fetchAssoc($res)) {
1709  $row["desc"] = $row["description"];
1710  $row["user_id"] = $row["owner"];
1711  $role_list[] = $row;
1712  }
1713 
1714  $role_list = $this->__setRoleType($role_list);
1715  return $role_list;
1716  }
$DIC
global $DIC
Definition: saml.php:7
ilRbacReview\__setTemplateFilter
__setTemplateFilter($a_templates)
get roles and templates or only roles; returns string for where clause private
Definition: class.ilRbacReview.php:326
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilRbacReview\__setRoleType
__setRoleType($a_role_list)
computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in oth...
Definition: class.ilRbacReview.php:353
+ Here is the call graph for this function:

◆ getRolesOfObject()

ilRbacReview::getRolesOfObject (   $a_ref_id,
  $a_assignable_only = false 
)

Get roles of object.

Parameters
type$a_ref_id
type$a_assignable
Exceptions
InvalidArgumentException
Todo:
refactor rolf => DONE

Definition at line 645 of file class.ilRbacReview.php.

References $DIC, $GLOBALS, $ilDB, $query, $res, and $row.

646  {
647  global $DIC;
648 
649  $ilDB = $DIC['ilDB'];
650 
651  if (!isset($a_ref_id)) {
652  $GLOBALS['DIC']['ilLog']->logStack();
653  throw new InvalidArgumentException(__METHOD__ . ': No ref_id given!');
654  }
655  if ($a_assignable_only === true) {
656  $and = 'AND assign = ' . $ilDB->quote('y', 'text');
657  }
658  $query = "SELECT rol_id FROM rbac_fa " .
659  "WHERE parent = " . $ilDB->quote($a_ref_id, 'integer') . " " .
660  $and;
661 
662  $res = $ilDB->query($query);
663 
664  $role_ids = array();
665  while ($row = $ilDB->fetchObject($res)) {
666  $role_ids[] = $row->rol_id;
667  }
668  return $role_ids;
669  }
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
$GLOBALS
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
Definition: module.tag.xmp.php:702

◆ getRolesOfRoleFolder()

ilRbacReview::getRolesOfRoleFolder (   $a_ref_id,
  $a_nonassignable = true 
)

get all roles of a role folder including linked local roles that are created due to stopped inheritance returns an array with role ids public

Parameters
integerref_id of object
booleanif false only get true local roles
Returns
array Array with rol_ids
Deprecated:
since version 4.5.0
Todo:
refactor rolf => RENAME

Definition at line 684 of file class.ilRbacReview.php.

References $DIC, $ilBench, $ilDB, $ilLog, $message, $query, $res, $row, and ilLoggerFactory\getLogger().

Referenced by getGlobalRoles(), getGlobalRolesArray(), getLocalPolicies(), and getLocalRoles().

685  {
686  global $DIC;
687 
688  $ilBench = $DIC['ilBench'];
689  $ilDB = $DIC['ilDB'];
690  $ilLog = $DIC['ilLog'];
691 
692  $ilBench->start("RBAC", "review_getRolesOfRoleFolder");
693 
694  if (!isset($a_ref_id)) {
695  $message = get_class($this) . "::getRolesOfRoleFolder(): No ref_id given!";
696  ilLoggerFactory::getLogger('ac')->logStack();
697  $this->ilErr->raiseError($message, $this->ilErr->WARNING);
698  }
699 
700  if ($a_nonassignable === false) {
701  $and = " AND assign='y'";
702  }
703 
704  $query = "SELECT rol_id FROM rbac_fa " .
705  "WHERE parent = " . $ilDB->quote($a_ref_id, 'integer') . " " .
706  $and;
707 
708  $res = $ilDB->query($query);
709  while ($row = $ilDB->fetchObject($res)) {
710  $rol_id[] = $row->rol_id;
711  }
712 
713  $ilBench->stop("RBAC", "review_getRolesOfRoleFolder");
714 
715  return $rol_id ? $rol_id : array();
716  }
$DIC
global $DIC
Definition: saml.php:7
$message
catch(Exception $e) $message
Definition: saml2-logout.php:34
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$ilLog
$ilLog
Definition: inc.setup_header.php:123
$row
$row
Definition: migrateto20.php:360
$ilBench
global $ilBench
Definition: ilias.php:18
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:74
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getTypeId()

ilRbacReview::getTypeId (   $a_type)

Get type id of object ilDB $ilDB.

Parameters
type$a_type
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1263 of file class.ilRbacReview.php.

References $a_type, $DIC, $ilDB, $r, $row, and ilDBConstants\FETCHMODE_OBJECT.

1264  {
1265  global $DIC;
1266 
1267  $ilDB = $DIC['ilDB'];
1268 
1269  $q = "SELECT obj_id FROM object_data " .
1270  "WHERE title=" . $ilDB->quote($a_type, 'text') . " AND type='typ'";
1271  $r = $ilDB->query($q);
1272 
1273  $row = $r->fetchRow(ilDBConstants::FETCHMODE_OBJECT);
1274  return $row->obj_id;
1275  }
$DIC
global $DIC
Definition: saml.php:7
$a_type
$a_type
Definition: workflow.php:92
$r
$r
Definition: example_031.php:79
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getUserPermissionsOnObject()

ilRbacReview::getUserPermissionsOnObject (   $a_user_id,
  $a_ref_id 
)

Get all user permissions on an object.

Parameters
int$a_user_iduser id
int$a_ref_idref id
Todo:
refactor rolf => DONE

Definition at line 1815 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, $res, and $row.

1816  {
1817  global $DIC;
1818 
1819  $ilDB = $DIC['ilDB'];
1820 
1821  $query = "SELECT ops_id FROM rbac_pa JOIN rbac_ua " .
1822  "ON (rbac_pa.rol_id = rbac_ua.rol_id) " .
1823  "WHERE rbac_ua.usr_id = " . $ilDB->quote($a_user_id, 'integer') . " " .
1824  "AND rbac_pa.ref_id = " . $ilDB->quote($a_ref_id, 'integer') . " ";
1825 
1826  $res = $ilDB->query($query);
1827  $all_ops = array();
1828  while ($row = $ilDB->fetchObject($res)) {
1829  $ops = unserialize($row->ops_id);
1830  $all_ops = array_merge($all_ops, $ops);
1831  }
1832  $all_ops = array_unique($all_ops);
1833 
1834  $set = $ilDB->query("SELECT operation FROM rbac_operations " .
1835  " WHERE " . $ilDB->in("ops_id", $all_ops, false, "integer"));
1836  $perms = array();
1837  while ($rec = $ilDB->fetchAssoc($set)) {
1838  $perms[] = $rec["operation"];
1839  }
1840 
1841  return $perms;
1842  }
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ hasMultipleAssignments()

ilRbacReview::hasMultipleAssignments (   $a_role_id)

Temporary bugfix.

Todo:
refactor rolf => DONE

Definition at line 589 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, and $res.

590  {
591  global $DIC;
592 
593  $ilDB = $DIC['ilDB'];
594 
595  $query = "SELECT * FROM rbac_fa WHERE rol_id = " . $ilDB->quote($a_role_id, 'integer') . ' ' .
596  "AND assign = " . $ilDB->quote('y', 'text');
597  $res = $ilDB->query($query);
598  return $res->numRows() > 1;
599  }
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ isAssignable()

ilRbacReview::isAssignable (   $a_rol_id,
  $a_ref_id 
)

Check if its possible to assign users public.

Parameters
integerobject id of role
integerref_id of object in question
Returns
boolean
Todo:
refactor rolf (expects object reference id instead of rolf) => DONE

Definition at line 554 of file class.ilRbacReview.php.

References $DIC, $ilBench, $ilDB, $message, $query, $res, and $row.

Referenced by getLocalRoles(), and isDeleteable().

555  {
556  global $DIC;
557 
558  $ilBench = $DIC['ilBench'];
559  $ilDB = $DIC['ilDB'];
560 
561  $ilBench->start("RBAC", "review_isAssignable");
562 
563  // exclude system role from rbac
564  if ($a_rol_id == SYSTEM_ROLE_ID) {
565  $ilBench->stop("RBAC", "review_isAssignable");
566  return true;
567  }
568 
569  if (!isset($a_rol_id) or !isset($a_ref_id)) {
570  $message = get_class($this) . "::isAssignable(): Missing parameter!" .
571  " role_id: " . $a_rol_id . " ,ref_id: " . $a_ref_id;
572  $this->ilErr->raiseError($message, $this->ilErr->WARNING);
573  }
574  $query = "SELECT * FROM rbac_fa " .
575  "WHERE rol_id = " . $ilDB->quote($a_rol_id, 'integer') . " " .
576  "AND parent = " . $ilDB->quote($a_ref_id, 'integer') . " ";
577  $res = $ilDB->query($query);
578  $row = $ilDB->fetchObject($res);
579 
580  $ilBench->stop("RBAC", "review_isAssignable");
581  return $row->assign == 'y' ? true : false;
582  }
$DIC
global $DIC
Definition: saml.php:7
$message
catch(Exception $e) $message
Definition: saml2-logout.php:34
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilBench
global $ilBench
Definition: ilias.php:18
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ isAssigned()

ilRbacReview::isAssigned (   $a_usr_id,
  $a_role_id 
)

check if a specific user is assigned to specific role public

Parameters
integerusr_id
integerrole_id
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 450 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, and $res.

451  {
452  if (isset(self::$is_assigned_cache[$a_role_id][$a_usr_id])) {
453  return self::$is_assigned_cache[$a_role_id][$a_usr_id];
454  }
455  // Quickly determine if user is assigned to a role
456  global $DIC;
457 
458  $ilDB = $DIC['ilDB'];
459 
460  $ilDB->setLimit(1, 0);
461  $query = "SELECT usr_id FROM rbac_ua WHERE " .
462  "rol_id= " . $ilDB->quote($a_role_id, 'integer') . " " .
463  "AND usr_id= " . $ilDB->quote($a_usr_id);
464  $res = $ilDB->query($query);
465 
466  $is_assigned = $res->numRows() == 1;
467  self::$is_assigned_cache[$a_role_id][$a_usr_id] = $is_assigned;
468 
469  return $is_assigned;
470  }
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ isAssignedToAtLeastOneGivenRole()

ilRbacReview::isAssignedToAtLeastOneGivenRole (   $a_usr_id,
  $a_role_ids 
)

check if a specific user is assigned to at least one of the given role ids.

This function is used to quickly check whether a user is member of a course or a group.

public

Parameters
integerusr_id
array[integer]role_ids
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 484 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, and $res.

485  {
486  global $DIC;
487 
488  $ilDB = $DIC['ilDB'];
489 
490  $ilDB->setLimit(1, 0);
491  $query = "SELECT usr_id FROM rbac_ua WHERE " .
492  $ilDB->in('rol_id', $a_role_ids, false, 'integer') .
493  " AND usr_id= " . $ilDB->quote($a_usr_id);
494  $res = $ilDB->query($query);
495 
496  return $ilDB->numRows($res) == 1;
497  }
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ isBlockedAtPosition()

ilRbacReview::isBlockedAtPosition (   $a_role_id,
  $a_ref_id 
)

Check if role is blocked at position ilDB $ilDB.

Parameters
type$a_role_id
type$a_ref_id
Returns
boolean

Definition at line 1413 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, $res, $row, and ilDBConstants\FETCHMODE_OBJECT.

Referenced by isBlockedInUpperContext().

1414  {
1415  global $DIC;
1416 
1417  $ilDB = $DIC['ilDB'];
1418 
1419  $query = 'SELECT blocked from rbac_fa ' .
1420  'WHERE rol_id = ' . $ilDB->quote($a_role_id, 'integer') . ' ' .
1421  'AND parent = ' . $ilDB->quote($a_ref_id, 'integer');
1422  $res = $ilDB->query($query);
1423  while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
1424  return (bool) $row->blocked;
1425  }
1426  return false;
1427  }
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ isBlockedInUpperContext()

ilRbacReview::isBlockedInUpperContext (   $a_role_id,
  $a_ref_id 
)

Check if role is blocked in upper context.

Parameters
type$a_role_id
type$a_ref_id

Definition at line 1434 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, $res, $row, $tree, ilDBConstants\FETCHMODE_OBJECT, and isBlockedAtPosition().

1435  {
1436  global $DIC;
1437 
1438  $ilDB = $DIC['ilDB'];
1439  $tree = $DIC['tree'];
1440 
1441  if ($this->isBlockedAtPosition($a_role_id, $a_ref_id)) {
1442  return false;
1443  }
1444  $query = 'SELECT parent from rbac_fa ' .
1445  'WHERE rol_id = ' . $ilDB->quote($a_role_id, 'integer') . ' ' .
1446  'AND blocked = ' . $ilDB->quote(1, 'integer');
1447  $res = $ilDB->query($query);
1448 
1449  $parent_ids = array();
1450  while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
1451  $parent_ids[] = $row->parent;
1452  }
1453 
1454  foreach ($parent_ids as $parent_id) {
1455  if ($tree->isGrandChild($parent_id, $a_ref_id)) {
1456  return true;
1457  }
1458  }
1459  return false;
1460  }
$DIC
global $DIC
Definition: saml.php:7
ilRbacReview\isBlockedAtPosition
isBlockedAtPosition($a_role_id, $a_ref_id)
Check if role is blocked at position ilDB $ilDB.
Definition: class.ilRbacReview.php:1413
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ isDeleteable()

ilRbacReview::isDeleteable (   $a_role_id,
  $a_rolf_id 
)

Check if role is deleteable at a specific position.

Parameters
object$a_role_id
introlf_id
Returns
Todo:
refactor rolf => DONE

Definition at line 1752 of file class.ilRbacReview.php.

References ilObject\_lookupTitle(), and isAssignable().

1753  {
1754  if (!$this->isAssignable($a_role_id, $a_rolf_id)) {
1755  return false;
1756  }
1757  if ($a_role_id == SYSTEM_ROLE_ID or $a_role_id == ANONYMOUS_ROLE_ID) {
1758  return false;
1759  }
1760  if (substr(ilObject::_lookupTitle($a_role_id), 0, 3) == 'il_') {
1761  return false;
1762  }
1763  return true;
1764  }
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:988
ilRbacReview\isAssignable
isAssignable($a_rol_id, $a_ref_id)
Check if its possible to assign users public.
Definition: class.ilRbacReview.php:554
+ Here is the call graph for this function:

◆ isDeleted()

ilRbacReview::isDeleted (   $a_node_id)

Checks if a rolefolder is set as deleted (negative tree_id) public.

Parameters
integerref_id of rolefolder
Returns
boolean true if rolefolder is set as deleted
Todo:
refactor rolf => DELETE method

Definition at line 1124 of file class.ilRbacReview.php.

References $DIC, $ilDB, $message, $r, $row, and ilDBConstants\FETCHMODE_OBJECT.

Referenced by isRoleDeleted().

1125  {
1126  global $DIC;
1127 
1128  $ilDB = $DIC['ilDB'];
1129 
1130  $q = "SELECT tree FROM tree WHERE child =" . $ilDB->quote($a_node_id) . " ";
1131  $r = $this->ilDB->query($q);
1132 
1133  $row = $r->fetchRow(ilDBConstants::FETCHMODE_OBJECT);
1134 
1135  if (!$row) {
1136  $message = sprintf(
1137  '%s::isDeleted(): Role folder with ref_id %s not found!',
1138  get_class($this),
1139  $a_node_id
1140  );
1141  $this->log->write($message, $this->log->FATAL);
1142 
1143  return true;
1144  }
1145 
1146  // rolefolder is deleted
1147  if ($row->tree < 0) {
1148  return true;
1149  }
1150 
1151  return false;
1152  }
$DIC
global $DIC
Definition: saml.php:7
$r
$r
Definition: example_031.php:79
$message
catch(Exception $e) $message
Definition: saml2-logout.php:34
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ isGlobalRole()

ilRbacReview::isGlobalRole (   $a_role_id)

Check if role is a global role.

Parameters
type$a_role_id
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1160 of file class.ilRbacReview.php.

References getGlobalRoles().

1161  {
1162  return in_array($a_role_id, $this->getGlobalRoles());
1163  }
ilRbacReview\getGlobalRoles
getGlobalRoles()
get only &#39;global&#39; roles public
Definition: class.ilRbacReview.php:724
+ Here is the call graph for this function:

◆ isProtected()

ilRbacReview::isProtected (   $a_ref_id,
  $a_role_id 
)
Todo:
refactor rolf => search calls ilDB $ilDB
Parameters
type$a_ref_id
type$a_role_id
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1391 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, $res, $row, and ilUtil\yn2tf().

1392  {
1393  global $DIC;
1394 
1395  $ilDB = $DIC['ilDB'];
1396 
1397  // ref_id not used yet. protected permission acts 'global' for each role,
1398  $query = "SELECT protected FROM rbac_fa " .
1399  "WHERE rol_id = " . $ilDB->quote($a_role_id, 'integer') . " ";
1400  $res = $ilDB->query($query);
1401  $row = $ilDB->fetchAssoc($res);
1402 
1403  return ilUtil::yn2tf($row['protected']);
1404  }
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilUtil\yn2tf
static yn2tf($a_yn)
convert "y"/"n" to true/false
Definition: class.ilUtil.php:2983
+ Here is the call graph for this function:

◆ isRoleAssignedToObject()

ilRbacReview::isRoleAssignedToObject (   $a_role_id,
  $a_parent_id 
)

Check if role is assigned to an object.

Todo:
refactor rolf => DONE (renamed)

Definition at line 802 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, and $res.

803  {
804  global $DIC;
805 
806  $rbacreview = $DIC['rbacreview'];
807  $ilDB = $DIC['ilDB'];
808 
809  $query = 'SELECT * FROM rbac_fa ' .
810  'WHERE rol_id = ' . $ilDB->quote($a_role_id, 'integer') . ' ' .
811  'AND parent = ' . $ilDB->quote($a_parent_id, 'integer');
812  $res = $ilDB->query($query);
813  return $res->numRows() ? true : false;
814  }
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ isRoleDeleted()

ilRbacReview::isRoleDeleted (   $a_role_id)

return if role is only attached to deleted role folders

Parameters
int$a_role_id
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 1667 of file class.ilRbacReview.php.

References getFoldersAssignedToRole(), and isDeleted().

1668  {
1669  $rolf_list = $this->getFoldersAssignedToRole($a_role_id, false);
1670  $deleted = true;
1671  if (count($rolf_list)) {
1672  foreach ($rolf_list as $rolf) {
1673  // only list roles that are not set to status "deleted"
1674  if (!$this->isDeleted($rolf)) {
1675  $deleted = false;
1676  break;
1677  }
1678  }
1679  }
1680  return $deleted;
1681  }
ilRbacReview\isDeleted
isDeleted($a_node_id)
Checks if a rolefolder is set as deleted (negative tree_id) public.
Definition: class.ilRbacReview.php:1124
ilRbacReview\getFoldersAssignedToRole
getFoldersAssignedToRole($a_rol_id, $a_assignable=false)
Returns an array of objects assigned to a role.
Definition: class.ilRbacReview.php:612
+ Here is the call graph for this function:

◆ isSystemGeneratedRole()

ilRbacReview::isSystemGeneratedRole (   $a_role_id)

Check if the role is system generate role or role template.

Parameters
int$a_role_id
Returns
bool
Todo:
refactor rolf => DONE

Definition at line 1772 of file class.ilRbacReview.php.

References $title, and ilObject\_lookupTitle().

1773  {
1774  $title = ilObject::_lookupTitle($a_role_id);
1775  return substr($title, 0, 3) == 'il_' ? true : false;
1776  }
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:988
+ Here is the call graph for this function:

◆ lookupCreateOperationIds()

static ilRbacReview::lookupCreateOperationIds (   $a_type_arr)
static

Lookup operation ids.

Parameters
array$a_type_arre.g array('cat','crs','grp'). The operation name (e.g. 'create_cat') is generated automatically
Returns
array int Array with operation ids
Todo:
refactor rolf => DONE

Definition at line 1351 of file class.ilRbacReview.php.

References $DIC, $ilDB, $query, $res, $row, and $type.

Referenced by ilObjectXMLWriter\__appendOperations(), ilObjectRoleTemplatePermissionTableGUI\parse(), ilObjectRolePermissionTableGUI\parse(), ilPermissionGUI\savePermissions(), and ilObjStudyProgrammeTest\testCreatePermissionExists().

1352  {
1353  global $DIC;
1354 
1355  $ilDB = $DIC['ilDB'];
1356 
1357  $operations = array();
1358  foreach ($a_type_arr as $type) {
1359  $operations[] = ('create_' . $type);
1360  }
1361 
1362  if (!count($operations)) {
1363  return array();
1364  }
1365 
1366  $query = 'SELECT ops_id, operation FROM rbac_operations ' .
1367  'WHERE ' . $ilDB->in('operation', $operations, false, 'text');
1368 
1369  $res = $ilDB->query($query);
1370 
1371  $ops_ids = array();
1372  while ($row = $ilDB->fetchObject($res)) {
1373  $type_arr = explode('_', $row->operation);
1374  $type = $type_arr[1];
1375 
1376  $ops_ids[$type] = $row->ops_id;
1377  }
1378  return $ops_ids;
1379  }
$type
$type
Definition: proxy_ylocal.php:10
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$query
$query
Definition: proxy_ylocal.php:13
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ roleExists()

ilRbacReview::roleExists (   $a_title,
  $a_id = 0 
)

Checks if a role already exists.

Role title should be unique public

Parameters
stringrole title
integerobj_id of role to exclude in the check. Commonly this is the current role you want to edit
Returns
boolean true if exists
Todo:
refactor rolf => DONE

Definition at line 79 of file class.ilRbacReview.php.

References $DIC, $ilDB, $message, $r, $row, and ilDBConstants\FETCHMODE_OBJECT.

80  {
81  global $DIC;
82 
83  $ilDB = $DIC['ilDB'];
84 
85  if (empty($a_title)) {
86  $message = get_class($this) . "::roleExists(): No title given!";
87  $this->ilErr->raiseError($message, $this->ilErr->WARNING);
88  }
89 
90  $clause = ($a_id) ? " AND obj_id != " . $ilDB->quote($a_id) . " " : "";
91 
92  $q = "SELECT DISTINCT(obj_id) obj_id FROM object_data " .
93  "WHERE title =" . $ilDB->quote($a_title) . " " .
94  "AND type IN('role','rolt')" .
95  $clause . " ";
96  $r = $this->ilDB->query($q);
97 
98  while ($row = $r->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
99  return $row->obj_id;
100  }
101  return false;
102  }
$DIC
global $DIC
Definition: saml.php:7
$r
$r
Definition: example_031.php:79
$message
catch(Exception $e) $message
Definition: saml2-logout.php:34
$row
$row
Definition: migrateto20.php:360
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ setAssignedCacheEntry()

ilRbacReview::setAssignedCacheEntry (   $a_role_id,
  $a_user_id,
  $a_value 
)

set entry of assigned_chache

Parameters
int$a_role_id
int$a_user_id
bool$a_value

Definition at line 1850 of file class.ilRbacReview.php.

1851  {
1852  self::$is_assigned_cache[$a_role_id][$a_user_id] = $a_value;
1853  }

Field Documentation

◆ $_opsCache

ilRbacReview::$_opsCache = null
staticprivate

Definition at line 29 of file class.ilRbacReview.php.

◆ $assigned_users_cache

ilRbacReview::$assigned_users_cache = array()
staticprotected

Definition at line 34 of file class.ilRbacReview.php.

◆ $is_assigned_cache

ilRbacReview::$is_assigned_cache = array()
staticprotected

Definition at line 39 of file class.ilRbacReview.php.

◆ $log

ilRbacReview::$log
protected

Definition at line 44 of file class.ilRbacReview.php.

Referenced by __setProtectedStatus().

◆ FILTER_ALL

const ilRbacReview::FILTER_ALL = 1

Definition at line 21 of file class.ilRbacReview.php.

Referenced by ilRoleTableGUI\initFilter(), and ilRoleTableGUI\parse().

◆ FILTER_ALL_GLOBAL

const ilRbacReview::FILTER_ALL_GLOBAL = 2

Definition at line 22 of file class.ilRbacReview.php.

Referenced by ilRoleTableGUI\initFilter().

◆ FILTER_ALL_LOCAL

const ilRbacReview::FILTER_ALL_LOCAL = 3

Definition at line 23 of file class.ilRbacReview.php.

Referenced by ilRoleTableGUI\initFilter().

◆ FILTER_INTERNAL

const ilRbacReview::FILTER_INTERNAL = 4

Definition at line 24 of file class.ilRbacReview.php.

Referenced by ilRoleTableGUI\initFilter(), and ilRoleTableGUI\parse().

◆ FILTER_NOT_INTERNAL

const ilRbacReview::FILTER_NOT_INTERNAL = 5

Definition at line 25 of file class.ilRbacReview.php.

Referenced by ilRoleTableGUI\initFilter().

◆ FILTER_TEMPLATES

const ilRbacReview::FILTER_TEMPLATES = 6

Definition at line 26 of file class.ilRbacReview.php.

Referenced by ilRoleTableGUI\initFilter().

The documentation for this class was generated from the following file: