56        $ilias = 
$DIC[
'ilias'];
 
   61        (isset(
$ilDB)) ? $this->ilDB = &
$ilDB : $this->ilDB = &$ilias->db;
 
   85        if (empty($a_title)) {
 
   86            $message = get_class($this) . 
"::roleExists(): No title given!";
 
   87            $this->ilErr->raiseError(
$message, $this->ilErr->WARNING);
 
   90        $clause = ($a_id) ? 
" AND obj_id != " . 
$ilDB->quote($a_id) . 
" " : 
"";
 
   92        $q = 
"SELECT DISTINCT(obj_id) obj_id FROM object_data " .
 
   93             "WHERE title =" . 
$ilDB->quote($a_title) . 
" " .
 
   94             "AND type IN('role','rolt')" .
 
   96        $r = $this->ilDB->query($q);
 
  119        if (!isset($a_path) or !is_array($a_path)) {
 
  120            $message = get_class($this) . 
"::getParentRoles(): No path given or wrong datatype!";
 
  121            $this->ilErr->raiseError(
$message, $this->ilErr->WARNING);
 
  124        $parent_roles = array();
 
  125        $role_hierarchy = array();
 
  127        foreach ($a_path as $ref_id) {
 
  129            foreach ($roles as $role) {
 
  130                $id = $role[
"obj_id"];
 
  131                $role[
"parent"] = $ref_id;
 
  132                $parent_roles[
$id] = $role;
 
  134                if (!array_key_exists($role[
'obj_id'], $role_hierarchy)) {
 
  135                    $role_hierarchy[
$id] = $ref_id;
 
  157        if (!isset($a_endnode_id)) {
 
  158            $GLOBALS[
'DIC'][
'ilLog']->logStack();
 
  159            $message = get_class($this) . 
"::getParentRoleIds(): No node_id (ref_id) given!";
 
  160            $this->ilErr->raiseError(
$message, $this->ilErr->WARNING);
 
  165        $pathIds = 
$tree->getPathId($a_endnode_id);
 
  169        $pathIds[0] = ROLE_FOLDER_ID;
 
  171        #return $this->getParentRoles($a_endnode_id,$a_templates,$a_keep_protected); 
  189        if (!isset($a_ref_id) or !isset($a_templates)) {
 
  190            $message = get_class($this) . 
"::getRoleListByObject(): Missing parameter!" .
 
  191                       "ref_id: " . $a_ref_id .
 
  192                       "tpl_flag: " . $a_templates;
 
  193            $this->ilErr->raiseError(
$message, $this->ilErr->WARNING);
 
  196        $role_list = array();
 
  200        $query = 
"SELECT * FROM object_data " .
 
  201             "JOIN rbac_fa ON obj_id = rol_id " .
 
  203             "AND object_data.obj_id = rbac_fa.rol_id " .
 
  204             "AND rbac_fa.parent = " . 
$ilDB->quote($a_ref_id, 
'integer') . 
" ";
 
  225    public function getAssignableRoles($a_templates = 
false, $a_internal_roles = 
false, $title_filter = 
'')
 
  231        $role_list = array();
 
  235        $query = 
"SELECT * FROM object_data " .
 
  236             "JOIN rbac_fa ON obj_id = rol_id " .
 
  238             "AND rbac_fa.assign = 'y' ";
 
  240        if (strlen($title_filter)) {
 
  273        $query = 
'SELECT rol_id FROM rbac_fa fa ' .
 
  274                'JOIN tree t1 ON t1.child = fa.parent ' .
 
  275                'JOIN object_data obd ON fa.rol_id = obd.obj_id ' .
 
  276                'WHERE assign = ' . 
$ilDB->quote(
'y', 
'text') . 
' ' .
 
  277                'AND obd.type = ' . 
$ilDB->quote(
'role', 
'text') . 
' ' .
 
  278                'AND t1.child IN (' .
 
  279                $GLOBALS[
'DIC'][
'tree']->getSubTreeQuery($ref_id, array(
'child')) . 
' ' .
 
  285        $role_list = array();
 
  287            $role_list[] = 
$row->rol_id;
 
  305        $query = 
"SELECT fa.*, rd.* " .
 
  306             "FROM object_data rd " .
 
  307             "JOIN rbac_fa fa ON rd.obj_id = fa.rol_id " .
 
  308             "WHERE fa.assign = 'y' " .
 
  309             "AND fa.parent = " . $this->ilDB->quote($a_ref_id, 
'integer') . 
" " 
  314            $roles_data[] = 
$row;
 
  316        return $roles_data ? $roles_data : array();
 
  332        if ($a_templates === 
true) {
 
  333            $where = 
"WHERE " . 
$ilDB->in(
'object_data.type', array(
'role',
'rolt'), 
false, 
'text') . 
" ";
 
  335            $where = 
"WHERE " . 
$ilDB->in(
'object_data.type', array(
'role'), 
false, 
'text') . 
" ";
 
  355        foreach ($a_role_list as 
$key => $val) {
 
  357            if ($val[
"type"] == 
"rolt") {
 
  358                $a_role_list[
$key][
"role_type"] = 
"template";
 
  360                if ($val[
"assign"] == 
"y") {
 
  361                    if ($val[
"parent"] == ROLE_FOLDER_ID) {
 
  362                        $a_role_list[
$key][
"role_type"] = 
"global";
 
  364                        $a_role_list[
$key][
"role_type"] = 
"local";
 
  367                    $a_role_list[
$key][
"role_type"] = 
"linked";
 
  371            if ($val[
"protected"] == 
"y") {
 
  372                $a_role_list[
$key][
"protected"] = 
true;
 
  374                $a_role_list[
$key][
"protected"] = 
false;
 
  393        $query = 
'select count(distinct(ua.usr_id)) as num from rbac_ua ua ' .
 
  394            'join object_data on ua.usr_id = obj_id ' .
 
  395            'join usr_data ud on ua.usr_id = ud.usr_id ' .
 
  396            'where ' . 
$ilDB->in(
'rol_id', $a_roles, 
false, 
'integer');
 
  399        if (
$res->numRows()) {
 
  420        if (!isset($a_rol_id)) {
 
  421            $message = get_class($this) . 
"::assignedUsers(): No role_id given!";
 
  422            $this->ilErr->raiseError(
$message, $this->ilErr->WARNING);
 
  424        if (isset(self::$assigned_users_cache[$a_rol_id])) {
 
  425            return self::$assigned_users_cache[$a_rol_id];
 
  428        $result_arr = array();
 
  430        $query = 
"SELECT usr_id FROM rbac_ua WHERE rol_id= " . 
$ilDB->quote($a_rol_id, 
'integer');
 
  433            array_push($result_arr, 
$row[
"usr_id"]);
 
  436        self::$assigned_users_cache[$a_rol_id] = $result_arr;
 
  452        if (isset(self::$is_assigned_cache[$a_role_id][$a_usr_id])) {
 
  453            return self::$is_assigned_cache[$a_role_id][$a_usr_id];
 
  460        $ilDB->setLimit(1, 0);
 
  461        $query = 
"SELECT usr_id FROM rbac_ua WHERE " .
 
  462                    "rol_id= " . 
$ilDB->quote($a_role_id, 
'integer') . 
" " .
 
  463                    "AND usr_id= " . 
$ilDB->quote($a_usr_id);
 
  466        $is_assigned = 
$res->numRows() == 1;
 
  467        self::$is_assigned_cache[$a_role_id][$a_usr_id] = $is_assigned;
 
  490        $ilDB->setLimit(1, 0);
 
  491        $query = 
"SELECT usr_id FROM rbac_ua WHERE " .
 
  492                    $ilDB->in(
'rol_id', $a_role_ids, 
false, 
'integer') .
 
  493                    " AND usr_id= " . 
$ilDB->quote($a_usr_id);
 
  513        $query = 
"SELECT rol_id FROM rbac_ua WHERE usr_id = " . 
$ilDB->quote($a_usr_id, 
'integer');
 
  517            $role_arr[] = 
$row->rol_id;
 
  533        $query = 
"SELECT ua.rol_id FROM rbac_ua ua " .
 
  534            "JOIN rbac_fa fa ON ua.rol_id = fa.rol_id " .
 
  535            "WHERE usr_id = " . 
$ilDB->quote($a_usr_id, 
'integer') . 
' ' .
 
  536            "AND parent = " . 
$ilDB->quote(ROLE_FOLDER_ID) . 
" " .
 
  541            $role_arr[] = 
$row->rol_id;
 
  543        return $role_arr ? $role_arr : array();
 
  561        $ilBench->start(
"RBAC", 
"review_isAssignable");
 
  564        if ($a_rol_id == SYSTEM_ROLE_ID) {
 
  565            $ilBench->stop(
"RBAC", 
"review_isAssignable");
 
  569        if (!isset($a_rol_id) or !isset($a_ref_id)) {
 
  570            $message = get_class($this) . 
"::isAssignable(): Missing parameter!" .
 
  571                       " role_id: " . $a_rol_id . 
" ,ref_id: " . $a_ref_id;
 
  572            $this->ilErr->raiseError(
$message, $this->ilErr->WARNING);
 
  574        $query = 
"SELECT * FROM rbac_fa " .
 
  575             "WHERE rol_id = " . 
$ilDB->quote($a_rol_id, 
'integer') . 
" " .
 
  576             "AND parent = " . 
$ilDB->quote($a_ref_id, 
'integer') . 
" ";
 
  580        $ilBench->stop(
"RBAC", 
"review_isAssignable");
 
  581        return $row->assign == 
'y' ? true : 
false;
 
  595        $query = 
"SELECT * FROM rbac_fa WHERE rol_id = " . 
$ilDB->quote($a_role_id, 
'integer') . 
' ' .
 
  596            "AND assign = " . 
$ilDB->quote(
'y', 
'text');
 
  598        return $res->numRows() > 1;
 
  618        if (!isset($a_rol_id)) {
 
  619            $message = get_class($this) . 
"::getFoldersAssignedToRole(): No role_id given!";
 
  620            $this->ilErr->raiseError(
$message, $this->ilErr->WARNING);
 
  624            $where = 
" AND assign ='y'";
 
  627        $query = 
"SELECT DISTINCT parent FROM rbac_fa " .
 
  628             "WHERE rol_id = " . 
$ilDB->quote($a_rol_id, 
'integer') . 
" " . $where . 
" ";
 
  633            $folders[] = 
$row->parent;
 
  651        if (!isset($a_ref_id)) {
 
  652            $GLOBALS[
'DIC'][
'ilLog']->logStack();
 
  653            throw new InvalidArgumentException(__METHOD__ . 
': No ref_id given!');
 
  655        if ($a_assignable_only === 
true) {
 
  656            $and = 
'AND assign = ' . 
$ilDB->quote(
'y', 
'text');
 
  658        $query = 
"SELECT rol_id FROM rbac_fa " .
 
  659             "WHERE parent = " . 
$ilDB->quote($a_ref_id, 
'integer') . 
" " .
 
  666            $role_ids[] = 
$row->rol_id;
 
  692        $ilBench->start(
"RBAC", 
"review_getRolesOfRoleFolder");
 
  694        if (!isset($a_ref_id)) {
 
  695            $message = get_class($this) . 
"::getRolesOfRoleFolder(): No ref_id given!";
 
  697            $this->ilErr->raiseError(
$message, $this->ilErr->WARNING);
 
  700        if ($a_nonassignable === 
false) {
 
  701            $and = 
" AND assign='y'";
 
  704        $query = 
"SELECT rol_id FROM rbac_fa " .
 
  705             "WHERE parent = " . 
$ilDB->quote($a_ref_id, 
'integer') . 
" " .
 
  710            $rol_id[] = 
$row->rol_id;
 
  713        $ilBench->stop(
"RBAC", 
"review_getRolesOfRoleFolder");
 
  715        return $rol_id ? $rol_id : array();
 
  743                $lroles[] = $role_id;
 
  758            $lroles[] = $role_id;
 
  772            $ga[] = array(
'obj_id' => $role_id,
 
  773                          'role_type' => 
'global');
 
  775        return $ga ? $ga : array();
 
  786        include_once 
'./Services/AccessControl/classes/class.ilObjRole.php';
 
  790                $ga[] = array(
'obj_id' => $role_id,
 
  791                              'role_type' => 
'global');
 
  794        return $ga ? $ga : array();
 
  806        $rbacreview = 
$DIC[
'rbacreview'];
 
  809        $query = 
'SELECT * FROM rbac_fa ' .
 
  810            'WHERE rol_id = ' . 
$ilDB->quote($a_role_id, 
'integer') . 
' ' .
 
  811            'AND parent = ' . 
$ilDB->quote($a_parent_id, 
'integer');
 
  813        return $res->numRows() ? true : 
false;
 
  828        $query = 
'SELECT * FROM rbac_operations ORDER BY ops_id ';
 
  831            $ops[] = array(
'ops_id' => 
$row->ops_id,
 
  832                           'operation' => 
$row->operation,
 
  833                           'description' => 
$row->description);
 
  836        return $ops ? $ops : array();
 
  851        $query = 
'SELECT * FROM rbac_operations WHERE ops_id = ' . 
$ilDB->quote($ops_id, 
'integer');
 
  854            $ops = array(
'ops_id' => 
$row->ops_id,
 
  855                         'operation' => 
$row->operation,
 
  856                         'description' => 
$row->description);
 
  859        return $ops ? $ops : array();
 
  878            $a_parent = ROLE_FOLDER_ID;
 
  881        $query = 
"SELECT ops_id,type FROM rbac_templates " .
 
  882            "WHERE rol_id = " . 
$ilDB->quote($a_rol_id, 
'integer') . 
" " .
 
  883            "AND parent = " . 
$ilDB->quote($a_parent, 
'integer');
 
  888            $ops_arr[
$row->type][] = 
$row->ops_id;
 
  890        return (array) $ops_arr;
 
  906        $query = 
'SELECT * FROM rbac_pa ' .
 
  907            'WHERE ref_id = ' . 
$ilDB->quote($a_ref_id, 
'integer') . 
' ' .
 
  908            'AND rol_id = ' . 
$ilDB->quote($a_role_id, 
'integer') . 
' ';
 
  912            return unserialize(
$row[
'ops_id']);
 
  935        if (!isset($a_rol_id) or !isset(
$a_type)) {
 
  936            $message = get_class($this) . 
"::getOperationsOfRole(): Missing Parameter!" .
 
  937                       "role_id: " . $a_rol_id .
 
  939                       "parent_id: " . $a_parent;
 
  940            $ilLog->logStack(
"Missing parameter! ");
 
  941            $this->ilErr->raiseError(
$message, $this->ilErr->WARNING);
 
  947        if ($a_parent == 0) {
 
  948            $a_parent = ROLE_FOLDER_ID;
 
  951        $query = 
"SELECT ops_id FROM rbac_templates " .
 
  953             "AND rol_id = " . 
$ilDB->quote($a_rol_id, 
'integer') . 
" " .
 
  954             "AND parent = " . 
$ilDB->quote($a_parent, 
'integer');
 
  957            $ops_arr[] = 
$row->ops_id;
 
  976        $query = 
"SELECT * FROM rbac_pa " .
 
  977            "WHERE rol_id = " . 
$ilDB->quote($a_role_id, 
'integer') . 
" " .
 
  978            "AND ref_id = " . 
$ilDB->quote($a_ref_id, 
'integer') . 
" ";
 
  982            $ops = unserialize(
$row->ops_id);
 
  985        return $ops ? $ops : array();
 
 1001        if (!isset($a_typ_id)) {
 
 1002            $message = get_class($this) . 
"::getOperationsOnType(): No type_id given!";
 
 1003            $this->ilErr->raiseError(
$message, $this->ilErr->WARNING);
 
 1006        #$query = "SELECT * FROM rbac_ta WHERE typ_id = ".$ilDB->quote($a_typ_id,'integer');
 
 1008        $query = 
'SELECT * FROM rbac_ta ta JOIN rbac_operations o ON ta.ops_id = o.ops_id ' .
 
 1009            'WHERE typ_id = ' . 
$ilDB->quote($a_typ_id, 
'integer') . 
' ' .
 
 1010            'ORDER BY op_order';
 
 1015            $ops_id[] = 
$row->ops_id;
 
 1018        return $ops_id ? $ops_id : array();
 
 1035        $query = 
"SELECT * FROM object_data WHERE type = 'typ' AND title = " . 
$ilDB->quote(
$a_type, 
'text') . 
" ";
 
 1058        if ($a_class != 
'create') {
 
 1059            $condition = 
"AND class != " . 
$ilDB->quote(
'create', 
'text');
 
 1061            $condition = 
"AND class = " . 
$ilDB->quote(
'create', 
'text');
 
 1064        $query = 
"SELECT ro.ops_id FROM rbac_operations ro " .
 
 1065            "JOIN rbac_ta rt ON  ro.ops_id = rt.ops_id " .
 
 1066            "JOIN object_data od ON rt.typ_id = od.obj_id " .
 
 1067            "WHERE type = " . 
$ilDB->quote(
'typ', 
'text') . 
" " .
 
 1070            "ORDER BY op_order ";
 
 1076            $ops[] = 
$row->ops_id;
 
 1097        #$query = 'SELECT t.parent p FROM tree t JOIN rbac_fa fa ON fa.parent = child '. 
 1098        #       'WHERE assign = '.$ilDB->quote('n','text').' '. 
 1099        #       'AND rol_id = '.$ilDB->quote($a_rol_id,'integer').' '; 
 1101        $query = 
'SELECT parent p FROM rbac_fa ' .
 
 1102                'WHERE assign = ' . 
$ilDB->quote(
'n', 
'text') . 
' ' .
 
 1103                'AND rol_id = ' . 
$ilDB->quote($a_rol_id, 
'integer') . 
' ';
 
 1106            $query .= (
'AND ' . 
$ilDB->in(
'parent', (array) $a_filter, 
false, 
'integer'));
 
 1112            $parent[] = 
$row->p;
 
 1130        $q = 
"SELECT tree FROM tree WHERE child =" . 
$ilDB->quote($a_node_id) . 
" ";
 
 1131        $r = $this->ilDB->query($q);
 
 1137                '%s::isDeleted(): Role folder with ref_id %s not found!',
 
 1141            $this->log->write(
$message, $this->log->FATAL);
 
 1147        if (
$row->tree < 0) {
 
 1182        switch ($a_filter) {
 
 1190                $where = 
'WHERE ' . 
$ilDB->in(
'rbac_fa.rol_id', $this->
getGlobalRoles(), 
false, 
'integer') . 
' ';
 
 1197                $where = 
'WHERE ' . 
$ilDB->in(
'rbac_fa.rol_id', $this->
getGlobalRoles(), 
true, 
'integer');
 
 1202                $where = 
"WHERE object_data.type = 'rolt'";
 
 1213                $where = 
'WHERE ' . 
$ilDB->in(
'rbac_fa.rol_id', $this->
assignedRoles($a_user_id), 
false, 
'integer') . 
' ';
 
 1219        $query = 
"SELECT * FROM object_data " .
 
 1220             "JOIN rbac_fa ON obj_id = rol_id " .
 
 1222             "AND rbac_fa.assign = " . 
$ilDB->quote($assign, 
'text') . 
" ";
 
 1224        if (strlen($title_filter)) {
 
 1228                '%' . $title_filter . 
'%' 
 1234            $prefix = (substr(
$row[
"title"], 0, 3) == 
"il_") ? 
true : 
false;
 
 1237            if ($a_filter == 4 and !$prefix) {
 
 1242            if ($a_filter == 5 and $prefix) {
 
 1246            $row[
"desc"] = 
$row[
"description"];
 
 1253        return $roles ? $roles : array();
 
 1269        $q = 
"SELECT obj_id FROM object_data " .
 
 1270             "WHERE title=" . 
$ilDB->quote(
$a_type, 
'text') . 
" AND type='typ'";
 
 1274        return $row->obj_id;
 
 1293        if (!count($operations)) {
 
 1297        $query = 
'SELECT ops_id FROM rbac_operations ' .
 
 1298            'WHERE ' . 
$ilDB->in(
'operation', $operations, 
false, 
'text');
 
 1302            $ops_ids[] = 
$row->ops_id;
 
 1304        return $ops_ids ? $ops_ids : array();
 
 1322        if (!isset($a_operation)) {
 
 1323            $message = 
"perm::getOperationId(): No operation given!";
 
 1328        if (!is_array(self::$_opsCache)) {
 
 1329            self::$_opsCache = array();
 
 1331            $q = 
"SELECT ops_id, operation FROM rbac_operations";
 
 1334                self::$_opsCache[
$row->operation] = 
$row->ops_id;
 
 1339        if (array_key_exists($a_operation, self::$_opsCache)) {
 
 1340            return self::$_opsCache[$a_operation];
 
 1357        $operations = array();
 
 1358        foreach ($a_type_arr as 
$type) {
 
 1359            $operations[] = (
'create_' . 
$type);
 
 1362        if (!count($operations)) {
 
 1366        $query = 
'SELECT ops_id, operation FROM rbac_operations ' .
 
 1367            'WHERE ' . 
$ilDB->in(
'operation', $operations, 
false, 
'text');
 
 1373            $type_arr = explode(
'_', 
$row->operation);
 
 1374            $type = $type_arr[1];
 
 1398        $query = 
"SELECT protected FROM rbac_fa " .
 
 1399             "WHERE rol_id = " . 
$ilDB->quote($a_role_id, 
'integer') . 
" ";
 
 1419        $query = 
'SELECT blocked from rbac_fa ' .
 
 1420                'WHERE rol_id = ' . 
$ilDB->quote($a_role_id, 
'integer') . 
' ' .
 
 1421                'AND parent = ' . 
$ilDB->quote($a_ref_id, 
'integer');
 
 1424            return (
bool) 
$row->blocked;
 
 1444        $query = 
'SELECT parent from rbac_fa ' .
 
 1445                'WHERE rol_id = ' . 
$ilDB->quote($a_role_id, 
'integer') . 
' ' .
 
 1446                'AND blocked = ' . 
$ilDB->quote(1, 
'integer');
 
 1449        $parent_ids = array();
 
 1451            $parent_ids[] = 
$row->parent;
 
 1454        foreach ($parent_ids as $parent_id) {
 
 1455            if (
$tree->isGrandChild($parent_id, $a_ref_id)) {
 
 1482        $rbacsystem = 
$DIC[
'rbacsystem'];
 
 1489            $leveladmin = 
false;
 
 1491        #vd("RoleHierarchy",$a_role_hierarchy);
 
 1492        foreach ($a_role_hierarchy as $role_id => $rolf_id) {
 
 1494            #echo "<br/>ROLF: ".$rolf_id." ROLE_ID: ".$role_id." (".$a_parent_roles[$role_id]['title'].") ";
 
 1497            if ($leveladmin == 
true) {
 
 1498                $a_parent_roles[$role_id][
'protected'] = 
false;
 
 1502            if ($a_parent_roles[$role_id][
'protected'] == 
true) {
 
 1503                $arr_lvl_roles_user = array_intersect($this->
assignedRoles(
$ilUser->getId()), array_keys($a_role_hierarchy, $rolf_id));
 
 1505                #vd("intersection",$arr_lvl_roles_user);
 
 1507                foreach ($arr_lvl_roles_user as $lvl_role_id) {
 
 1508                    #echo "<br/>level_role: ".$lvl_role_id;
 
 1509                    #echo "<br/>a_ref_id: ".$a_ref_id;
 
 1513                    $rolf = $a_parent_roles[$role_id][
'parent'];
 
 1514                    #$parent_obj = $GLOBALS['DIC']['tree']->getParentId($rolf); 
 1515                    if ($rbacsystem->checkPermission($rolf, $lvl_role_id, 
'edit_permission')) {
 
 1516                        #echo "<br />Permission granted";
 
 1519                        $a_parent_roles[$role_id][
'protected'] = 
false;
 
 1527        return $a_parent_roles;
 
 1550                'SELECT * FROM rbac_operations ' .
 
 1551                'JOIN rbac_ta ON rbac_operations.ops_id = rbac_ta.ops_id ' .
 
 1552                'JOIN object_data ON rbac_ta.typ_id = object_data.obj_id ' .
 
 1553                'WHERE object_data.title = %s ' .
 
 1554                'AND object_data.type = %s ' .
 
 1555                'ORDER BY op_order ASC',
 
 1557                $ilDB->quote(
'typ', 
'text')
 
 1560            $query = 
'SELECT * FROM rbac_operations ORDER BY op_order ASC';
 
 1565                        "ops_id" => 
$row[
'ops_id'],
 
 1566                        "operation" => 
$row[
'operation'],
 
 1567                        "desc" => 
$row[
'description'],
 
 1568                        "class" => 
$row[
'class'],
 
 1569                        "order" => 
$row[
'op_order']
 
 1585        foreach ($a_ops_arr as $ops) {
 
 1586            $arr[$ops[
'class']][] = array(
'ops_id' => $ops[
'ops_id'],
 
 1587                                           'name' => $ops[
'operation']
 
 1605        static $obj_cache = array();
 
 1612        if (isset($obj_cache[$a_role_id]) and $obj_cache[$a_role_id]) {
 
 1613            return $obj_cache[$a_role_id];
 
 1616        $query = 
'SELECT obr.obj_id FROM rbac_fa rfa ' .
 
 1617                'JOIN object_reference obr ON rfa.parent = obr.ref_id ' .
 
 1618                'WHERE assign = ' . 
$ilDB->quote(
'y', 
'text') . 
' ' .
 
 1619                'AND rol_id = ' . 
$ilDB->quote($a_role_id, 
'integer') . 
' ' .
 
 1620                'AND deleted IS NULL';
 
 1622        #$query = "SELECT obr.obj_id FROM rbac_fa rfa ".
 
 1623        #       "JOIN tree ON rfa.parent = tree.child ".
 
 1624        #       "JOIN object_reference obr ON tree.parent = obr.ref_id ".
 
 1625        #       "WHERE tree.tree = 1 ".
 
 1626        #       "AND assign = 'y' ".
 
 1627        #       "AND rol_id = ".$ilDB->quote($a_role_id,'integer')." ";
 
 1630        $obj_cache[$a_role_id] = 0;
 
 1632            $obj_cache[$a_role_id] = 
$row->obj_id;
 
 1634        return $obj_cache[$a_role_id];
 
 1649        $query = 
'SELECT parent p_ref FROM rbac_fa ' .
 
 1650                'WHERE rol_id = ' . 
$ilDB->quote($a_role_id, 
'integer') . 
' ' .
 
 1651                'AND assign = ' . 
$ilDB->quote(
'y', 
'text');
 
 1671        if (count($rolf_list)) {
 
 1672            foreach ($rolf_list as $rolf) {
 
 1697        $role_list = array();
 
 1701        $query = 
"SELECT * FROM object_data " .
 
 1702             "JOIN rbac_fa ON object_data.obj_id = rbac_fa.rol_id " .
 
 1704             "AND rbac_fa.assign = 'y' " .
 
 1705             'AND ' . 
$ilDB->in(
'object_data.obj_id', $role_ids, 
false, 
'integer');
 
 1709            $row[
"desc"] = 
$row[
"description"];
 
 1711            $role_list[] = 
$row;
 
 1729        $query = 
'SELECT ta.typ_id, obj.title, ops.ops_id, ops.operation FROM rbac_ta ta ' .
 
 1730             'JOIN object_data obj ON obj.obj_id = ta.typ_id ' .
 
 1731             'JOIN rbac_operations ops ON ops.ops_id = ta.ops_id ';
 
 1736            $info[$counter][
'typ_id'] = 
$row->typ_id;
 
 1738            $info[$counter][
'ops_id'] = 
$row->ops_id;
 
 1739            $info[$counter][
'operation'] = 
$row->operation;
 
 1757        if ($a_role_id == SYSTEM_ROLE_ID or $a_role_id == ANONYMOUS_ROLE_ID) {
 
 1775        return substr(
$title, 0, 3) == 
'il_' ? true : 
false;
 
 1793            $and = (
'AND assign = ' . 
$ilDB->quote(
'y', 
'text'));
 
 1798        $query = 
'SELECT * FROM rbac_fa ' .
 
 1799            'WHERE rol_id = ' . 
$ilDB->quote($a_role_id, 
'integer') . 
' ' .
 
 1803            return $row->parent;
 
 1821        $query = 
"SELECT ops_id FROM rbac_pa JOIN rbac_ua " .
 
 1822            "ON (rbac_pa.rol_id = rbac_ua.rol_id) " .
 
 1823            "WHERE rbac_ua.usr_id = " . 
$ilDB->quote($a_user_id, 
'integer') . 
" " .
 
 1824            "AND rbac_pa.ref_id = " . 
$ilDB->quote($a_ref_id, 
'integer') . 
" ";
 
 1829            $ops = unserialize(
$row->ops_id);
 
 1830            $all_ops = array_merge($all_ops, $ops);
 
 1832        $all_ops = array_unique($all_ops);
 
 1834        $set = 
$ilDB->query(
"SELECT operation FROM rbac_operations " .
 
 1835            " WHERE " . 
$ilDB->in(
"ops_id", $all_ops, 
false, 
"integer"));
 
 1837        while ($rec = 
$ilDB->fetchAssoc($set)) {
 
 1838            $perms[] = $rec[
"operation"];
 
 1852        self::$is_assigned_cache[$a_role_id][$a_user_id] = $a_value;
 
 1863        return self::$is_assigned_cache[$a_role_id][$a_user_id];
 
 1871        self::$is_assigned_cache = array();
 
 1872        self::$assigned_users_cache = array();
 
const PEAR_ERROR_CALLBACK
An exception for terminatinating execution or to throw for unit testing.
static getLogger($a_component_id)
Get component logger.
static _getAssignUsersStatus($a_role_id)
static _lookupTitle($a_id)
lookup object title
static _lookupType($a_id, $a_reference=false)
lookup object type
class ilRbacReview Contains Review functions of core Rbac.
getAssignableChildRoles($a_ref_id)
Get all assignable roles directly under a specific node @access public.
getRolesByFilter($a_filter=0, $a_user_id=0, $title_filter='')
@global ilDB $ilDB
getTypeId($a_type)
Get type id of object @global ilDB $ilDB.
static _groupOperationsByClass($a_ops_arr)
getLocalPolicies($a_ref_id)
Get all roles with local policies.
assignedRoles($a_usr_id)
get all assigned roles to a given user @access public
getOperationsOfRole($a_rol_id, $a_type, $a_parent=0)
get all possible operations of a specific role The ref_id of the role folder (parent object) is neces...
assignedUsers($a_rol_id)
get all assigned users to a given role @access public
getLocalRoles($a_ref_id)
Get local roles of object.
static _getOperationIdByName($a_operation)
get operation id by name of operation @access public @access static
isDeleted($a_node_id)
Checks if a rolefolder is set as deleted (negative tree_id) @access public.
roleExists($a_title, $a_id=0)
Checks if a role already exists.
getOperationsByTypeAndClass($a_type, $a_class)
Get operations by type and class.
__setRoleType($a_role_list)
computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in oth...
__setProtectedStatus($a_parent_roles, $a_role_hierarchy, $a_ref_id)
Set protected status @global type $rbacsystem @global type $ilUser @global type $log.
getRolesOfRoleFolder($a_ref_id, $a_nonassignable=true)
get all roles of a role folder including linked local roles that are created due to stopped inheritan...
getActiveOperationsOfRole($a_ref_id, $a_role_id)
Get active operations for a role.
getGlobalRoles()
get only 'global' roles @access public
const FILTER_NOT_INTERNAL
isGlobalRole($a_role_id)
Check if role is a global role.
getRolesOfObject($a_ref_id, $a_assignable_only=false)
Get roles of object.
isRoleAssignedToObject($a_role_id, $a_parent_id)
Check if role is assigned to an object.
getFoldersAssignedToRole($a_rol_id, $a_assignable=false)
Returns an array of objects assigned to a role.
getRoleOperationsOnObject($a_role_id, $a_ref_id)
@global ilDB $ilDB
isBlockedAtPosition($a_role_id, $a_ref_id)
Check if role is blocked at position @global ilDB $ilDB.
hasMultipleAssignments($a_role_id)
Temporary bugfix.
getParentRoleIds($a_endnode_id, $a_templates=false)
get an array of parent role ids of all parent roles, if last parameter is set true you get also all p...
clearCaches()
Clear assigned users caches.
isProtected($a_ref_id, $a_role_id)
assignedGlobalRoles($a_usr_id)
Get assigned global roles for an user.
getOperationsOnType($a_typ_id)
all possible operations of a type @access public
static $assigned_users_cache
static _getOperationList($a_type=null)
get operation list by object type @access public @access static
isSystemGeneratedRole($a_role_id)
Check if the role is system generate role or role template.
getRoleListByObject($a_ref_id, $a_templates=false)
Returns a list of roles in an container @access public.
getGlobalAssignableRoles()
get only 'global' roles (with flag 'assign_users') @access public
isRoleDeleted($a_role_id)
return if role is only attached to deleted role folders
getNumberOfAssignedUsers(array $a_roles)
Get the number of assigned users to roles (not properly deleted user accounts are not counted)
isBlockedInUpperContext($a_role_id, $a_ref_id)
Check if role is blocked in upper context.
__getParentRoles($a_path, $a_templates)
Note: This function performs faster than the new getParentRoles function, because it uses database in...
getRoleFolderOfRole($a_role_id)
Get role folder of role @global ilDB $ilDB.
isAssigned($a_usr_id, $a_role_id)
check if a specific user is assigned to specific role @access public
static _getOperationIdsByName($operations)
get ops_id's by name.
isAssignable($a_rol_id, $a_ref_id)
Check if its possible to assign users @access public.
getAssignedCacheEntry($a_role_id, $a_user_id)
get entry of assigned_chache
getObjectReferenceOfRole($a_role_id)
Get reference of role.
getObjectsWithStopedInheritance($a_rol_id, $a_filter=array())
get all objects in which the inheritance of role with role_id was stopped the function returns all re...
static lookupCreateOperationIds($a_type_arr)
Lookup operation ids.
setAssignedCacheEntry($a_role_id, $a_user_id, $a_value)
set entry of assigned_chache
getGlobalRolesArray()
get only 'global' roles @access public
getOperationsOnTypeString($a_type)
all possible operations of a type @access public
getUserPermissionsOnObject($a_user_id, $a_ref_id)
Get all user permissions on an object.
getRolesForIDs($role_ids, $use_templates)
@global ilDB $ilDB
getAssignableRolesInSubtree($ref_id)
Returns a list of assignable roles in a subtree of the repository @access public.
getOperationAssignment()
get operation assignments
getOperation($ops_id)
get one operation by operation id @access public
__construct()
Constructor @access public.
getObjectOfRole($a_role_id)
Get object id of objects a role is assigned to.
__setTemplateFilter($a_templates)
get roles and templates or only roles; returns string for where clause @access private
getOperations()
get all possible operations @access public
getAssignableRoles($a_templates=false, $a_internal_roles=false, $title_filter='')
Returns a list of all assignable roles @access public.
isDeleteable($a_role_id, $a_rolf_id)
Check if role is deleteable at a specific position.
isAssignedToAtLeastOneGivenRole($a_usr_id, $a_role_ids)
check if a specific user is assigned to at least one of the given role ids.
getAllOperationsOfRole($a_rol_id, $a_parent=0)
get all possible operations of a specific role The ref_id of the role folder (parent object) is neces...
static $is_assigned_cache
static yn2tf($a_yn)
convert "y"/"n" to true/false
if(!file_exists(getcwd() . '/ilias.ini.php'))
registration confirmation script for ilias
if(!array_key_exists('StateId', $_REQUEST)) $id
catch(Exception $e) $message
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
foreach($_POST as $key=> $value) $res