ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
Public Member Functions | Static Public Member Functions | Data Fields | Protected Member Functions | Protected Attributes
ilPermissionGUI Class Reference
Services/AccessControl

New PermissionGUI (extends from old ilPermission2GUI) RBAC related output. More...

+ Inheritance diagram for ilPermissionGUI:
+ Collaboration diagram for ilPermissionGUI:

Public Member Functions

 __construct ($a_gui_obj)
 Constructor. More...
 
 executeCommand ()
 Execute command. More...
 
 getCurrentObject ()
 Get current object. More...
 
 perm (ilTable2GUI $table=null)
 show permission table More...
 
 applyRoleFilter ($a_roles, $a_filter_id)
 Apply filter to roles. More...
 
- Public Member Functions inherited from ilPermission2GUI
 __construct ($a_gui_obj)
 
 owner ()
 
 changeOwner ()
 
 __initSubTabs ($a_cmd)
 
 log ()
 
 applyLogFilter ()
 
 resetLogFilter ()
 

Static Public Member Functions

static hasContainerCommands ($a_type)
 Check if container commands are possible for the current object type. More...
 

Data Fields

const CMD_PERM_POSITIONS = 'permPositions'
 
const CMD_SAVE_POSITIONS_PERMISSIONS = 'savePositionsPermissions'
 
- Data Fields inherited from ilPermission2GUI
const TAB_POSITION_PERMISSION_SETTINGS = "position_permission_settings"
 

Protected Member Functions

 confirmTemplateSwitch ()
 Called after toolbar action applyTemplateSwitch. More...
 
 isAdminRoleFolder ()
 Check of current location is administration (main) role folder. More...
 
 isAdministrationObject ()
 
 isInAdministration ()
 Check if node is subobject of administration folder. More...
 
 applyFilter ()
 Apply filter. More...
 
 resetFilter ()
 Reset filter. More...
 
 savePermissions ()
 Save permissions. More...
 
 showConfirmBlockRole ($a_blocked_info)
 Show block role confirmation screen. More...
 
 modifyBlockRoles ()
 
 unblockRoles ($roles)
 
 blockRoles ($roles)
 Block role. More...
 
 displayImportRoleForm (ilPropertyFormGUI $form=null)
 Show import form. More...
 
 doImportRole ()
 Perform import. More...
 
 initImportForm ()
 init import form More...
 
 initRoleForm ()
 Shoew add role type $rbacreview type $objDefinition. More...
 
 displayAddRoleForm ()
 Show add role form. More...
 
 addRole ()
 adds a local role This method is only called when choose the option 'you may add local roles'. More...
 
 getModifiedBlockedSettings ()
 
 permPositions ()
 
 savePositionsPermissions ()
 

Protected Attributes

 $current_obj = null
 
- Protected Attributes inherited from ilPermission2GUI
 $gui_obj = null
 
 $ilErr = null
 
 $ctrl = null
 
 $lng = null
 

Detailed Description

New PermissionGUI (extends from old ilPermission2GUI) RBAC related output.

Author
Stefan Meyer smeye.nosp@m.r.il.nosp@m.ias@g.nosp@m.mx.d.nosp@m.e
Sascha Hofmann sasch.nosp@m.ahof.nosp@m.mann@.nosp@m.gmx..nosp@m.de
Version
$Id$

ilPermissionGUI: ilObjRoleGUI, ilRepositorySearchGUI, ilObjectPermissionStatusGUI

Definition at line 19 of file class.ilPermissionGUI.php.

Constructor & Destructor Documentation

◆ __construct()

ilPermissionGUI::__construct (   $a_gui_obj)

Constructor.

Parameters
object$a_gui_obj
Returns

Definition at line 31 of file class.ilPermissionGUI.php.

32  {
33  parent::__construct($a_gui_obj);
34  }

Member Function Documentation

◆ addRole()

ilPermissionGUI::addRole ( )
protected

adds a local role This method is only called when choose the option 'you may add local roles'.

This option is displayed in the permission settings dialogue for an object TODO: this will be changed public

Definition at line 737 of file class.ilPermissionGUI.php.

References $DIC, $form, $GLOBALS, $ilCtrl, ilPermission2GUI\$ilErr, ilObject\_lookupType(), ilRoleDesktopItem\add(), getCurrentObject(), initRoleForm(), ilObjRole\MODE_PROTECTED_KEEP_LOCAL_POLICIES, and ilObjRole\MODE_UNPROTECTED_KEEP_LOCAL_POLICIES.

738  {
739  global $DIC;
740 
741  $rbacadmin = $DIC['rbacadmin'];
742  $rbacreview = $DIC['rbacreview'];
743  $rbacsystem = $DIC['rbacsystem'];
744  $ilErr = $DIC['ilErr'];
745  $ilCtrl = $DIC['ilCtrl'];
746 
747  $form = $this->initRoleForm();
748  if ($form->checkInput()) {
749  $new_title = $form->getInput("title");
750 
751  include_once './Services/AccessControl/classes/class.ilObjRole.php';
752  $role = new ilObjRole();
753  $role->setTitle($new_title);
754  $role->setDescription($form->getInput('desc'));
755  $role->create();
756 
757  $GLOBALS['DIC']['rbacadmin']->assignRoleToFolder($role->getId(), $this->getCurrentObject()->getRefId());
758 
759  // protect
760  $rbacadmin->setProtected(
761  $this->getCurrentObject()->getRefId(),
762  $role->getId(),
763  $form->getInput('pro') ? 'y' : 'n'
764  );
765 
766  // copy rights
767  $right_id_to_copy = $form->getInput("rights");
768  if ($right_id_to_copy) {
769  $parentRoles = $rbacreview->getParentRoleIds($this->getCurrentObject()->getRefId(), true);
770  $rbacadmin->copyRoleTemplatePermissions(
771  $right_id_to_copy,
772  $parentRoles[$right_id_to_copy]["parent"],
773  $this->getCurrentObject()->getRefId(),
774  $role->getId(),
775  false
776  );
777 
778  if ($form->getInput('existing')) {
779  if ($form->getInput('pro')) {
780  $role->changeExistingObjects(
781  $this->getCurrentObject()->getRefId(),
782  ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES,
783  array('all')
784  );
785  } else {
786  $role->changeExistingObjects(
787  $this->getCurrentObject()->getRefId(),
788  ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES,
789  array('all')
790  );
791  }
792  }
793  }
794 
795  // add to desktop items
796  if ($form->getInput("desktop")) {
797  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
798  $role_desk_item_obj = new ilRoleDesktopItem($role->getId());
799  $role_desk_item_obj->add(
800  $this->getCurrentObject()->getRefId(),
801  ilObject::_lookupType($this->getCurrentObject()->getRefId(), true)
802  );
803  }
804 
805  ilUtil::sendSuccess($this->lng->txt("role_added"), true);
806  $this->ctrl->redirect($this, 'perm');
807  } else {
808  $form->setValuesByPost();
809  $this->tpl->setContent($form->getHTML());
810  }
811  }
ilObjRole
Class ilObjRole.
Definition: class.ilObjRole.php:16
ilRoleDesktopItem\add
add($a_item_id, $a_item_type)
Definition: class.ilRoleDesktopItem.php:45
ilRoleDesktopItem
Class ilObjRoleGUI.
Definition: class.ilRoleDesktopItem.php:17
ilPermissionGUI\initRoleForm
initRoleForm()
Shoew add role type $rbacreview type $objDefinition.
Definition: class.ilPermissionGUI.php:642
$DIC
global $DIC
Definition: saml.php:7
ilObjRole\MODE_PROTECTED_KEEP_LOCAL_POLICIES
const MODE_PROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:19
$ilCtrl
global $ilCtrl
Definition: ilias.php:18
$form
if(isset($_POST['submit'])) $form
Definition: registry.edit.php:63
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:97
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1275
ilObjRole\MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:21
$GLOBALS
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
Definition: module.tag.xmp.php:702
+ Here is the call graph for this function:

◆ applyFilter()

ilPermissionGUI::applyFilter ( )
protected

Apply filter.

Returns

Definition at line 187 of file class.ilPermissionGUI.php.

References $table, getCurrentObject(), and perm().

188  {
189  include_once './Services/AccessControl/classes/class.ilObjectRolePermissionTableGUI.php';
190  $table = new ilObjectRolePermissionTableGUI($this, 'perm', $this->getCurrentObject()->getRefId());
191  $table->resetOffset();
192  $table->writeFilterToSession();
193  return $this->perm($table);
194  }
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:97
$table
if(empty($password)) $table
Definition: pwgen.php:24
ilPermissionGUI\perm
perm(ilTable2GUI $table=null)
show permission table
Definition: class.ilPermissionGUI.php:119
+ Here is the call graph for this function:

◆ applyRoleFilter()

ilPermissionGUI::applyRoleFilter (   $a_roles,
  $a_filter_id 
)

Apply filter to roles.

Parameters
int$a_filter_id
Returns

Definition at line 215 of file class.ilPermissionGUI.php.

References $DIC, $GLOBALS, getCurrentObject(), ilObjectRolePermissionTableGUI\ROLE_FILTER_ALL, ilObjectRolePermissionTableGUI\ROLE_FILTER_GLOBAL, ilObjectRolePermissionTableGUI\ROLE_FILTER_LOCAL, ilObjectRolePermissionTableGUI\ROLE_FILTER_LOCAL_OBJECT, and ilObjectRolePermissionTableGUI\ROLE_FILTER_LOCAL_POLICY.

Referenced by savePermissions().

216  {
217  global $DIC;
218 
219  $rbacreview = $DIC['rbacreview'];
220 
221  // Always delete administrator role from view
222  if (isset($a_roles[SYSTEM_ROLE_ID])) {
223  unset($a_roles[SYSTEM_ROLE_ID]);
224  }
225 
226  switch ($a_filter_id) {
227  // all roles in context
228  case ilObjectRolePermissionTableGUI::ROLE_FILTER_ALL:
229 
230  return $a_roles;
231 
232  // only global roles
233  case ilObjectRolePermissionTableGUI::ROLE_FILTER_GLOBAL:
234 
235  $arr_global_roles = $rbacreview->getGlobalRoles();
236  $arr_remove_roles = array_diff(array_keys($a_roles), $arr_global_roles);
237 
238  foreach ($arr_remove_roles as $role_id) {
239  unset($a_roles[$role_id]);
240  }
241  return $a_roles;
242 
243  // only local roles (all local roles in context that are not defined at ROLE_FOLDER_ID)
244  case ilObjectRolePermissionTableGUI::ROLE_FILTER_LOCAL:
245  $arr_global_roles = $rbacreview->getGlobalRoles();
246 
247  foreach ($arr_global_roles as $role_id) {
248  unset($a_roles[$role_id]);
249  }
250 
251  return $a_roles;
252  break;
253 
254  // only roles which use a local policy
255  case ilObjectRolePermissionTableGUI::ROLE_FILTER_LOCAL_POLICY:
256 
257  $arr_local_roles = $GLOBALS['DIC']['rbacreview']->getRolesOfObject($this->getCurrentObject()->getRefId());
258  $arr_remove_roles = array_diff(array_keys($a_roles), $arr_local_roles);
259 
260  foreach ($arr_remove_roles as $role_id) {
261  unset($a_roles[$role_id]);
262  }
263 
264  return $a_roles;
265 
266  // only true local role defined at current position
267  case ilObjectRolePermissionTableGUI::ROLE_FILTER_LOCAL_OBJECT:
268 
269  $arr_local_roles = $GLOBALS['DIC']['rbacreview']->getRolesOfObject($this->getCurrentObject()->getRefId(), true);
270  $arr_remove_roles = array_diff(array_keys($a_roles), $arr_local_roles);
271 
272  foreach ($arr_remove_roles as $role_id) {
273  unset($a_roles[$role_id]);
274  }
275 
276  return $a_roles;
277 
278  default:
279  return $a_roles;
280  }
281  }
$DIC
global $DIC
Definition: saml.php:7
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:97
$GLOBALS
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
Definition: module.tag.xmp.php:702
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ blockRoles()

ilPermissionGUI::blockRoles (   $roles)
protected

Block role.

Returns
void

Definition at line 511 of file class.ilPermissionGUI.php.

References $DIC, and getCurrentObject().

Referenced by modifyBlockRoles().

512  {
513  global $DIC;
514 
515  $rbacadmin = $DIC['rbacadmin'];
516  $rbacreview = $DIC['rbacreview'];
517 
518  foreach ($roles as $role) {
519  // Set assign to 'y' only if it is a local role
520  $assign = $rbacreview->isAssignable($role, $this->getCurrentObject()->getRefId()) ? 'y' : 'n';
521 
522  // Delete permissions
523  $rbacadmin->revokeSubtreePermissions($this->getCurrentObject()->getRefId(), $role);
524 
525  // Delete template permissions
526  $rbacadmin->deleteSubtreeTemplates($this->getCurrentObject()->getRefId(), $role);
527 
528 
529  $rbacadmin->assignRoleToFolder(
530  $role,
531  $this->getCurrentObject()->getRefId(),
532  $assign
533  );
534 
535  // finally set blocked status
536  $rbacadmin->setBlockedStatus(
537  $role,
538  $this->getCurrentObject()->getRefId(),
539  true
540  );
541  }
542  }
$DIC
global $DIC
Definition: saml.php:7
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:97
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ confirmTemplateSwitch()

ilPermissionGUI::confirmTemplateSwitch ( )
protected

Called after toolbar action applyTemplateSwitch.

Definition at line 105 of file class.ilPermissionGUI.php.

106  {
107  include_once './Services/DidacticTemplate/classes/class.ilDidacticTemplateGUI.php';
108  $this->ctrl->setReturn($this, 'perm');
109  $this->ctrl->setCmdClass('ildidactictemplategui');
110  $dtpl_gui = new ilDidacticTemplateGUI($this->gui_obj);
111  $this->ctrl->forwardCommand($dtpl_gui, 'confirmTemplateSwitch');
112  }
ilDidacticTemplateGUI
GUI class for didactic template settings inside repository objects.
Definition: class.ilDidacticTemplateGUI.php:13

◆ displayAddRoleForm()

ilPermissionGUI::displayAddRoleForm ( )
protected

Show add role form.

Definition at line 721 of file class.ilPermissionGUI.php.

References $form, $GLOBALS, and initRoleForm().

722  {
723  $GLOBALS['DIC']['ilTabs']->clearTargets();
724 
725  $form = $this->initRoleForm();
726  $this->tpl->setContent($form->getHTML());
727  }
ilPermissionGUI\initRoleForm
initRoleForm()
Shoew add role type $rbacreview type $objDefinition.
Definition: class.ilPermissionGUI.php:642
$form
if(isset($_POST['submit'])) $form
Definition: registry.edit.php:63
$GLOBALS
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
Definition: module.tag.xmp.php:702
+ Here is the call graph for this function:

◆ displayImportRoleForm()

ilPermissionGUI::displayImportRoleForm ( ilPropertyFormGUI  $form = null)
protected

Show import form.

Parameters
ilPropertyFormGUI$form

Definition at line 563 of file class.ilPermissionGUI.php.

References $form, $GLOBALS, and initImportForm().

Referenced by doImportRole().

564  {
565  $GLOBALS['DIC']['ilTabs']->clearTargets();
566 
567  if (!$form) {
568  $form = $this->initImportForm();
569  }
570  $GLOBALS['DIC']['tpl']->setContent($form->getHTML());
571  }
ilPermissionGUI\initImportForm
initImportForm()
init import form
Definition: class.ilPermissionGUI.php:620
$GLOBALS
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
Definition: module.tag.xmp.php:702
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ doImportRole()

ilPermissionGUI::doImportRole ( )
protected

Perform import.

Definition at line 576 of file class.ilPermissionGUI.php.

References $DIC, $form, displayImportRoleForm(), getCurrentObject(), initImportForm(), and ilUtil\sendFailure().

577  {
578  global $DIC;
579 
580  $rbacreview = $DIC['rbacreview'];
581 
582  $form = $this->initImportForm();
583  if ($form->checkInput()) {
584  try {
585  include_once './Services/Export/classes/class.ilImport.php';
586 
587  // For global roles set import id to parent of current ref_id (adm)
588  $imp = new ilImport($this->getCurrentObject()->getRefId());
589  $imp->getMapping()->addMapping(
590  'Services/AccessControl',
591  'rolf',
592  0,
593  $this->getCurrentObject()->getRefId()
594  );
595 
596  $imp->importObject(
597  null,
598  $_FILES["importfile"]["tmp_name"],
599  $_FILES["importfile"]["name"],
600  'role'
601  );
602  ilUtil::sendSuccess($this->lng->txt('rbac_role_imported'), true);
603  $this->ctrl->redirect($this, 'perm');
604  return;
605  } catch (Exception $e) {
606  ilUtil::sendFailure($e->getMessage());
607  $form->setValuesByPost();
608  $this->displayImportRoleForm($form);
609  return;
610  }
611  }
612  $form->setValuesByPost();
613  ilUtil::sendFailure($this->lng->txt('err_check_input'));
614  $this->displayImportRoleForm($form);
615  }
$DIC
global $DIC
Definition: saml.php:7
ilImport
Import class.
Definition: class.ilImport.php:11
ilPermissionGUI\displayImportRoleForm
displayImportRoleForm(ilPropertyFormGUI $form=null)
Show import form.
Definition: class.ilPermissionGUI.php:563
$form
if(isset($_POST['submit'])) $form
Definition: registry.edit.php:63
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:97
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4497
ilPermissionGUI\initImportForm
initImportForm()
init import form
Definition: class.ilPermissionGUI.php:620
+ Here is the call graph for this function:

◆ executeCommand()

ilPermissionGUI::executeCommand ( )

Execute command.

Returns

Definition at line 40 of file class.ilPermissionGUI.php.

References $_GET, $DIC, ilPermission2GUI\$ilErr, $ret, and ilPermission2GUI\__initSubTabs().

41  {
42  global $DIC;
43 
44  $rbacsystem = $DIC['rbacsystem'];
45  $ilErr = $DIC['ilErr'];
46 
47  // access to all functions in this class are only allowed if edit_permission is granted
48  if (!$rbacsystem->checkAccess("edit_permission", $this->gui_obj->object->getRefId())) {
49  $ilErr->raiseError($this->lng->txt("permission_denied"), $ilErr->MESSAGE);
50  }
51 
52  $next_class = $this->ctrl->getNextClass($this);
53 
54  switch ($next_class) {
55  case "ilobjrolegui":
56  $this->ctrl->setReturn($this, 'perm');
57  include_once("Services/AccessControl/classes/class.ilObjRoleGUI.php");
58  $this->gui_obj = new ilObjRoleGUI("", (int) $_GET["obj_id"], false, false);
59  $ret = $this->ctrl->forwardCommand($this->gui_obj);
60  break;
61 
62  case 'ildidactictemplategui':
63  $this->ctrl->setReturn($this, 'perm');
64  include_once './Services/DidacticTemplate/classes/class.ilDidacticTemplateGUI.php';
65  $did = new ilDidacticTemplateGUI($this->gui_obj);
66  $this->ctrl->forwardCommand($did);
67  break;
68 
69  case 'ilrepositorysearchgui':
70  // used for owner autocomplete
71  include_once('./Services/Search/classes/class.ilRepositorySearchGUI.php');
72  $rep_search = new ilRepositorySearchGUI();
73  $this->ctrl->forwardCommand($rep_search);
74  break;
75 
76  case 'ilobjectpermissionstatusgui':
77  $this->__initSubTabs("perminfo");
78  include_once('./Services/AccessControl/classes/class.ilObjectPermissionStatusGUI.php');
79  $perm_stat = new ilObjectPermissionStatusGUI($this->gui_obj->object);
80  $this->ctrl->forwardCommand($perm_stat);
81  break;
82 
83  default:
84  $cmd = $this->ctrl->getCmd();
85  $this->$cmd();
86  break;
87  }
88 
89  return true;
90  }
$DIC
global $DIC
Definition: saml.php:7
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
ilDidacticTemplateGUI
GUI class for didactic template settings inside repository objects.
Definition: class.ilDidacticTemplateGUI.php:13
$ret
$ret
Definition: parser.php:6
ilObjectPermissionStatusGUI
This class displays the permission status of a user concerning a specific object. ...
Definition: class.ilObjectPermissionStatusGUI.php:16
ilObjRoleGUI
Class ilObjRoleGUI.
Definition: class.ilObjRoleGUI.php:20
+ Here is the call graph for this function:

◆ getCurrentObject()

ilPermissionGUI::getCurrentObject ( )

Get current object.

Returns
ilObject

Definition at line 97 of file class.ilPermissionGUI.php.

Referenced by addRole(), applyFilter(), applyRoleFilter(), blockRoles(), doImportRole(), getModifiedBlockedSettings(), isAdministrationObject(), isAdminRoleFolder(), isInAdministration(), perm(), permPositions(), resetFilter(), savePermissions(), savePositionsPermissions(), and unblockRoles().

98  {
99  return $this->gui_obj->object;
100  }
+ Here is the caller graph for this function:

◆ getModifiedBlockedSettings()

ilPermissionGUI::getModifiedBlockedSettings ( )
protected
Parameters
type$a_blocked_info

Definition at line 817 of file class.ilPermissionGUI.php.

References $_POST, $DIC, and getCurrentObject().

Referenced by savePermissions().

818  {
819  global $DIC;
820 
821  $rbacreview = $DIC['rbacreview'];
822 
823  $blocked_info['new_blocked'] = array();
824  $blocked_info['new_unblocked'] = array();
825  $blocked_info['num'] = 0;
826  foreach ((array) $_POST['visible_block'] as $role => $one) {
827  $blocked = $rbacreview->isBlockedAtPosition($role, $this->getCurrentObject()->getRefId());
828  if (isset($_POST['block'][$role]) && !$blocked) {
829  $blocked_info['new_blocked'][] = $role;
830  $blocked_info['num']++;
831  }
832  if (!isset($_POST['block'][$role]) && $blocked) {
833  $blocked_info['new_unblocked'][] = $role;
834  $blocked_info['num']++;
835  }
836  }
837  return $blocked_info;
838  }
$DIC
global $DIC
Definition: saml.php:7
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:97
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ hasContainerCommands()

static ilPermissionGUI::hasContainerCommands (   $a_type)
static

Check if container commands are possible for the current object type.

Parameters
object$a_type
Returns

Definition at line 550 of file class.ilPermissionGUI.php.

References $a_type, and $DIC.

Referenced by ilObjectRolePermissionTableGUI\parse(), and savePermissions().

551  {
552  global $DIC;
553 
554  $objDefinition = $DIC['objDefinition'];
555 
556  return $objDefinition->isContainer($a_type) and $a_type != 'root' and $a_type != 'adm' and $a_type != 'rolf';
557  }
$DIC
global $DIC
Definition: saml.php:7
$a_type
$a_type
Definition: workflow.php:92
+ Here is the caller graph for this function:

◆ initImportForm()

ilPermissionGUI::initImportForm ( )
protected

init import form

Definition at line 620 of file class.ilPermissionGUI.php.

References $form, and ilFileInputGUI\setSuffixes().

Referenced by displayImportRoleForm(), and doImportRole().

621  {
622  include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
623  $form = new ilPropertyFormGUI();
624  $form->setFormAction($this->ctrl->getFormAction($this));
625  $form->setTitle($this->lng->txt('rbac_import_role'));
626  $form->addCommandButton('doImportRole', $this->lng->txt('import'));
627  $form->addCommandButton('perm', $this->lng->txt('cancel'));
628 
629  $zip = new ilFileInputGUI($this->lng->txt('import_file'), 'importfile');
630  $zip->setSuffixes(array('zip'));
631  $form->addItem($zip);
632 
633  return $form;
634  }
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
ilFileInputGUI
This class represents a file property in a property form.
Definition: class.ilFileInputGUI.php:14
$form
if(isset($_POST['submit'])) $form
Definition: registry.edit.php:63
ilFileInputGUI\setSuffixes
setSuffixes($a_suffixes)
Set Accepted Suffixes.
Definition: class.ilFileInputGUI.php:132
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ initRoleForm()

ilPermissionGUI::initRoleForm ( )
protected

Shoew add role type $rbacreview type $objDefinition.

Returns
ilPropertyFormGUI

Definition at line 642 of file class.ilPermissionGUI.php.

References $DIC, $form, $id, $key, $title, ilObjRole\_getTranslation(), ilUtil\_sortIds(), isInAdministration(), ilTextAreaInputGUI\setCols(), and ilFormPropertyGUI\setInfo().

Referenced by addRole(), and displayAddRoleForm().

643  {
644  global $DIC;
645 
646  $rbacreview = $DIC['rbacreview'];
647  $objDefinition = $DIC['objDefinition'];
648 
649  include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
650  $form = new ilPropertyFormGUI();
651  $form->setFormAction($this->ctrl->getFormAction($this));
652  $form->setTitle($this->lng->txt('role_new'));
653  $form->addCommandButton('addrole', $this->lng->txt('role_new'));
654  $form->addCommandButton('perm', $this->lng->txt('cancel'));
655 
656  $title = new ilTextInputGUI($this->lng->txt('title'), 'title');
657  $title->setValidationRegexp('/^(?!il_).*$/');
658  $title->setValidationFailureMessage($this->lng->txt('msg_role_reserved_prefix'));
659  $title->setSize(40);
660  $title->setMaxLength(70);
661  $title->setRequired(true);
662  $form->addItem($title);
663 
664  $desc = new ilTextAreaInputGUI($this->lng->txt('description'), 'desc');
665  $desc->setCols(40);
666  $desc->setRows(3);
667  $form->addItem($desc);
668 
669  $pro = new ilCheckboxInputGUI($this->lng->txt('role_protect_permissions'), 'pro');
670  $pro->setInfo($this->lng->txt('role_protect_permissions_desc'));
671  $pro->setValue(1);
672  $form->addItem($pro);
673 
674  $pd = new ilCheckboxInputGUI($this->lng->txt('rbac_role_add_to_desktop'), 'desktop');
675  $pd->setInfo($this->lng->txt('rbac_role_add_to_desktop_info'));
676  $pd->setValue(1);
677  $form->addItem($pd);
678 
679 
680  if (!$this->isInAdministration()) {
681  $rights = new ilRadioGroupInputGUI($this->lng->txt("rbac_role_rights_copy"), 'rights');
682  $option = new ilRadioOption($this->lng->txt("rbac_role_rights_copy_empty"), 0);
683  $rights->addOption($option);
684 
685  $parent_role_ids = $rbacreview->getParentRoleIds($this->gui_obj->object->getRefId(), true);
686  $ids = array();
687  foreach ($parent_role_ids as $id => $tmp) {
688  $ids[] = $id;
689  }
690 
691  // Sort ids
692  $sorted_ids = ilUtil::_sortIds($ids, 'object_data', 'type DESC,title', 'obj_id');
693 
694  $key = 0;
695  foreach ($sorted_ids as $id) {
696  $par = $parent_role_ids[$id];
697  if ($par["obj_id"] != SYSTEM_ROLE_ID) {
698  include_once './Services/AccessControl/classes/class.ilObjRole.php';
699  $option = new ilRadioOption(($par["type"] == 'role' ? $this->lng->txt('obj_role') : $this->lng->txt('obj_rolt')) . ": " . ilObjRole::_getTranslation($par["title"]), $par["obj_id"]);
700  $option->setInfo($par["desc"]);
701  $rights->addOption($option);
702  }
703  $key++;
704  }
705  $form->addItem($rights);
706  }
707 
708  // Local policy only for containers
709  if ($objDefinition->isContainer($this->getCurrentObject()->getType())) {
710  $check = new ilCheckboxInputGui($this->lng->txt("rbac_role_rights_copy_change_existing"), 'existing');
711  $check->setInfo($this->lng->txt('rbac_change_existing_objects_desc_new_role'));
712  $form->addItem($check);
713  }
714 
715  return $form;
716  }
ilRadioOption
This class represents an option in a radio group.
Definition: class.ilRadioOption.php:31
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
$DIC
global $DIC
Definition: saml.php:7
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14
ilPermissionGUI\isInAdministration
isInAdministration()
Check if node is subobject of administration folder.
Definition: class.ilPermissionGUI.php:177
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:33
ilFormPropertyGUI\setInfo
setInfo($a_info)
Set Information Text.
Definition: class.ilFormPropertyGUI.php:145
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:33
$form
if(isset($_POST['submit'])) $form
Definition: registry.edit.php:63
ilUtil\_sortIds
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,7),'usr_data','lastname','usr_id') => sorts by lastname.
Definition: class.ilUtil.php:4405
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:16
ilObjRole\_getTranslation
static _getTranslation($a_role_title)
Definition: class.ilObjRole.php:518
ilTextAreaInputGUI
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:34
$key
$key
Definition: croninfo.php:18
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isAdministrationObject()

ilPermissionGUI::isAdministrationObject ( )
protected

Definition at line 168 of file class.ilPermissionGUI.php.

References getCurrentObject().

Referenced by perm().

169  {
170  return $this->getCurrentObject()->getType() == 'adm';
171  }
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:97
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isAdminRoleFolder()

ilPermissionGUI::isAdminRoleFolder ( )
protected

Check of current location is administration (main) role folder.

Returns

Definition at line 163 of file class.ilPermissionGUI.php.

References getCurrentObject().

Referenced by perm().

164  {
165  return $this->getCurrentObject()->getRefId() == ROLE_FOLDER_ID;
166  }
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:97
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isInAdministration()

ilPermissionGUI::isInAdministration ( )
protected

Check if node is subobject of administration folder.

Returns
type

Definition at line 177 of file class.ilPermissionGUI.php.

References $GLOBALS, and getCurrentObject().

Referenced by initRoleForm().

178  {
179  return (bool) $GLOBALS['DIC']['tree']->isGrandChild(SYSTEM_FOLDER_ID, $this->getCurrentObject()->getRefId());
180  }
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:97
$GLOBALS
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
Definition: module.tag.xmp.php:702
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ modifyBlockRoles()

ilPermissionGUI::modifyBlockRoles ( )
protected

Definition at line 467 of file class.ilPermissionGUI.php.

References $_POST, blockRoles(), ilUtil\sendInfo(), and unblockRoles().

468  {
469  $this->blockRoles((array) $_POST['new_block']);
470  $this->unblockRoles((array) $_POST['new_unblock']);
471 
472  ilUtil::sendInfo($this->lng->txt('settings_saved'));
473  $this->ctrl->redirect($this, 'perm');
474  }
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4481
ilPermissionGUI\blockRoles
blockRoles($roles)
Block role.
Definition: class.ilPermissionGUI.php:511
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
+ Here is the call graph for this function:

◆ perm()

ilPermissionGUI::perm ( ilTable2GUI  $table = null)

show permission table

Returns

Definition at line 119 of file class.ilPermissionGUI.php.

References $DIC, $table, ilPermission2GUI\__initSubTabs(), getCurrentObject(), isAdministrationObject(), and isAdminRoleFolder().

Referenced by applyFilter(), and resetFilter().

120  {
121  global $DIC;
122 
123  $objDefinition = $DIC['objDefinition'];
124  $ilToolbar = $DIC['ilToolbar'];
125 
126  include_once './Services/DidacticTemplate/classes/class.ilDidacticTemplateGUI.php';
127  $dtpl = new ilDidacticTemplateGUI($this->gui_obj);
128  if ($dtpl->appendToolbarSwitch(
129  $ilToolbar,
130  $this->getCurrentObject()->getType(),
131  $this->getCurrentObject()->getRefId()
132  )) {
133  $ilToolbar->addSeparator();
134  }
135 
136  if ($objDefinition->hasLocalRoles($this->getCurrentObject()->getType()) and
137  !$this->isAdministrationObject()
138  ) {
139  $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
140 
141  if (!$this->isAdminRoleFolder()) {
142  $ilToolbar->addButton($this->lng->txt('rbac_add_new_local_role'), $this->ctrl->getLinkTarget($this, 'displayAddRoleForm'));
143  }
144  $ilToolbar->addButton($this->lng->txt('rbac_import_role'), $this->ctrl->getLinkTarget($this, 'displayImportRoleForm'));
145  }
146 
147  $this->__initSubTabs("perm");
148 
149  if (!$table instanceof ilTable2GUI) {
150  include_once './Services/AccessControl/classes/class.ilObjectRolePermissionTableGUI.php';
151  $table = new ilObjectRolePermissionTableGUI($this, 'perm', $this->getCurrentObject()->getRefId());
152  }
153  $table->parse();
154  $this->tpl->setContent($table->getHTML());
155  }
$DIC
global $DIC
Definition: saml.php:7
ilPermissionGUI\isAdminRoleFolder
isAdminRoleFolder()
Check of current location is administration (main) role folder.
Definition: class.ilPermissionGUI.php:163
ilTable2GUI\getHTML
getHTML()
Get HTML.
Definition: class.ilTable2GUI.php:1613
ilTable2GUI
Class ilTable2GUI.
Definition: class.ilTable2GUI.php:15
ilDidacticTemplateGUI
GUI class for didactic template settings inside repository objects.
Definition: class.ilDidacticTemplateGUI.php:13
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:97
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ permPositions()

ilPermissionGUI::permPositions ( )
protected

Definition at line 845 of file class.ilPermissionGUI.php.

References $table, ilPermission2GUI\__initSubTabs(), and getCurrentObject().

846  {
847  $perm = self::CMD_PERM_POSITIONS;
848  $this->__initSubTabs($perm);
849 
850  $ref_id = $this->getCurrentObject()->getRefId();
851  $table = new ilOrgUnitPermissionTableGUI($this, $perm, $ref_id);
852  $table->collectData();
853  $this->tpl->setContent($table->getHTML());
854  }
ilOrgUnitPermissionTableGUI
Class ilOrgUnitPermissionTableGUI.
Definition: class.ilOrgUnitPermissionTableGUI.php:8
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:97
$table
if(empty($password)) $table
Definition: pwgen.php:24
+ Here is the call graph for this function:

◆ resetFilter()

ilPermissionGUI::resetFilter ( )
protected

Reset filter.

Returns

Definition at line 200 of file class.ilPermissionGUI.php.

References $table, getCurrentObject(), and perm().

201  {
202  include_once './Services/AccessControl/classes/class.ilObjectRolePermissionTableGUI.php';
203  $table = new ilObjectRolePermissionTableGUI($this, 'perm', $this->getCurrentObject()->getRefId());
204  $table->resetOffset();
205  $table->resetFilter();
206 
207  return $this->perm($table);
208  }
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:97
$table
if(empty($password)) $table
Definition: pwgen.php:24
ilPermissionGUI\perm
perm(ilTable2GUI $table=null)
show permission table
Definition: class.ilPermissionGUI.php:119
+ Here is the call graph for this function:

◆ savePermissions()

ilPermissionGUI::savePermissions ( )
protected

Save permissions.

Returns

Definition at line 287 of file class.ilPermissionGUI.php.

References $_POST, $DIC, $log, $table, ilRbacLog\add(), applyRoleFilter(), ilRbacLog\diffFaPa(), ilRbacLog\EDIT_PERMISSIONS, ilRbacLog\gatherFaPa(), getCurrentObject(), ilObjectFactory\getInstanceByObjId(), ilLoggerFactory\getLogger(), getModifiedBlockedSettings(), hasContainerCommands(), ilRbacReview\lookupCreateOperationIds(), and showConfirmBlockRole().

288  {
289  global $DIC;
290 
291  $rbacreview = $DIC['rbacreview'];
292  $objDefinition = $DIC['objDefinition'];
293  $rbacadmin = $DIC['rbacadmin'];
294 
295  include_once './Services/AccessControl/classes/class.ilObjectRolePermissionTableGUI.php';
296  $table = new ilObjectRolePermissionTableGUI($this, 'perm', $this->getCurrentObject()->getRefId());
297 
298  $roles = $this->applyRoleFilter(
299  $rbacreview->getParentRoleIds($this->getCurrentObject()->getRefId()),
300  $table->getFilterItemByPostVar('role')->getValue()
301  );
302 
303  // Log history
304  include_once "Services/AccessControl/classes/class.ilRbacLog.php";
305  $log_old = ilRbacLog::gatherFaPa($this->getCurrentObject()->getRefId(), array_keys((array) $roles));
306 
307 
308  # all possible create permissions
309  $possible_ops_ids = $rbacreview->getOperationsByTypeAndClass(
310  $this->getCurrentObject()->getType(),
311  'create'
312  );
313 
314  # createable (activated) create permissions
315  $create_types = $objDefinition->getCreatableSubObjects(
316  $this->getCurrentObject()->getType()
317  );
318  $createable_ops_ids = ilRbacReview::lookupCreateOperationIds(array_keys((array) $create_types));
319 
320  foreach ((array) $roles as $role => $role_data) {
321  if ($role_data['protected']) {
322  continue;
323  }
324 
325  $new_ops = array_keys((array) $_POST['perm'][$role]);
326  $old_ops = $rbacreview->getRoleOperationsOnObject(
327  $role,
328  $this->getCurrentObject()->getRefId()
329  );
330 
331  // Add operations which were enabled and are not activated.
332  foreach ($possible_ops_ids as $create_ops_id) {
333  if (in_array($create_ops_id, $createable_ops_ids)) {
334  continue;
335  }
336  if (in_array($create_ops_id, $old_ops)) {
337  $new_ops[] = $create_ops_id;
338  }
339  }
340 
341  $rbacadmin->revokePermission(
342  $this->getCurrentObject()->getRefId(),
343  $role
344  );
345 
346  $rbacadmin->grantPermission(
347  $role,
348  array_unique($new_ops),
349  $this->getCurrentObject()->getRefId()
350  );
351  }
352 
353  if (ilPermissionGUI::hasContainerCommands($this->getCurrentObject()->getType())) {
354  foreach ($roles as $role) {
355  // No action for local roles
356  if ($role['parent'] == $this->getCurrentObject()->getRefId() and $role['assign'] == 'y') {
357  continue;
358  }
359  // Nothing for protected roles
360  if ($role['protected']) {
361  continue;
362  }
363  // Stop local policy
364  if (
365  $role['parent'] == $this->getCurrentObject()->getRefId() and
366  !isset($_POST['inherit'][$role['obj_id']]) and
367  !$rbacreview->isBlockedAtPosition($role['obj_id'], $this->getCurrentObject()->getRefId())
368  ) {
369  ilLoggerFactory::getLogger('ac')->debug('Stop local policy for: ' . $role['obj_id']);
370  $role_obj = ilObjectFactory::getInstanceByObjId($role['obj_id']);
371  $role_obj->setParent($this->getCurrentObject()->getRefId());
372  $role_obj->delete();
373  continue;
374  }
375  // Add local policy
376  if ($role['parent'] != $this->getCurrentObject()->getRefId() and isset($_POST['inherit'][$role['obj_id']])) {
377  ilLoggerFactory::getLogger('ac')->debug('Create local policy');
378  $rbacadmin->copyRoleTemplatePermissions(
379  $role['obj_id'],
380  $role['parent'],
381  $this->getCurrentObject()->getRefId(),
382  $role['obj_id']
383  );
384  ilLoggerFactory::getLogger('ac')->debug('Assign role to folder');
385  $rbacadmin->assignRoleToFolder($role['obj_id'], $this->getCurrentObject()->getRefId(), 'n');
386  }
387  }
388  }
389 
390  // Protect permissions
391  if (ilPermissionGUI::hasContainerCommands($this->getCurrentObject()->getType())) {
392  foreach ($roles as $role) {
393  if ($rbacreview->isAssignable($role['obj_id'], $this->getCurrentObject()->getRefId())) {
394  if (isset($_POST['protect'][$role['obj_id']]) and
395  !$rbacreview->isProtected($this->getCurrentObject()->getRefId(), $role['obj_id'])) {
396  $rbacadmin->setProtected($this->getCurrentObject()->getRefId(), $role['obj_id'], 'y');
397  } elseif (!isset($_POST['protect'][$role['obj_id']]) and
398  $rbacreview->isProtected($this->getCurrentObject()->getRefId(), $role['obj_id'])) {
399  $rbacadmin->setProtected($this->getCurrentObject()->getRefId(), $role['obj_id'], 'n');
400  }
401  }
402  }
403  }
404 
405  $log_new = ilRbacLog::gatherFaPa($this->getCurrentObject()->getRefId(), array_keys((array) $roles));
406  $log = ilRbacLog::diffFaPa($log_old, $log_new);
407  ilRbacLog::add(ilRbacLog::EDIT_PERMISSIONS, $this->getCurrentObject()->getRefId(), $log);
408 
409  $blocked_info = $this->getModifiedBlockedSettings();
410  ilLoggerFactory::getLogger('ac')->debug('Blocked settings: ' . print_r($blocked_info, true));
411  if ($blocked_info['num'] > 0) {
412  return $this->showConfirmBlockRole($blocked_info);
413  }
414 
415 
416  ilUtil::sendSuccess($this->lng->txt('settings_saved'), true);
417  $this->ctrl->redirect($this, 'perm');
418  #$this->perm();
419  }
ilPermissionGUI\applyRoleFilter
applyRoleFilter($a_roles, $a_filter_id)
Apply filter to roles.
Definition: class.ilPermissionGUI.php:215
$DIC
global $DIC
Definition: saml.php:7
$log
$log
Definition: sabredav.php:21
ilPermissionGUI\hasContainerCommands
static hasContainerCommands($a_type)
Check if container commands are possible for the current object type.
Definition: class.ilPermissionGUI.php:550
ilRbacLog\gatherFaPa
static gatherFaPa($a_ref_id, array $a_role_ids, $a_add_action=false)
Definition: class.ilRbacLog.php:35
ilRbacLog\diffFaPa
static diffFaPa(array $a_old, array $a_new)
Definition: class.ilRbacLog.php:69
ilRbacReview\lookupCreateOperationIds
static lookupCreateOperationIds($a_type_arr)
Lookup operation ids.
Definition: class.ilRbacReview.php:1351
ilRbacLog\EDIT_PERMISSIONS
const EDIT_PERMISSIONS
Definition: class.ilRbacLog.php:16
ilPermissionGUI\showConfirmBlockRole
showConfirmBlockRole($a_blocked_info)
Show block role confirmation screen.
Definition: class.ilPermissionGUI.php:426
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:97
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:77
ilRbacLog\add
static add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id=false)
Definition: class.ilRbacLog.php:137
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:74
$table
if(empty($password)) $table
Definition: pwgen.php:24
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
+ Here is the call graph for this function:

◆ savePositionsPermissions()

ilPermissionGUI::savePositionsPermissions ( )
protected

Definition at line 857 of file class.ilPermissionGUI.php.

References $_POST, ilPermission2GUI\__initSubTabs(), ilOrgUnitOperationQueries\findById(), ActiveRecord\getArray(), and getCurrentObject().

858  {
859  $this->__initSubTabs(self::CMD_PERM_POSITIONS);
860 
861  $positions = ilOrgUnitPosition::getArray(null, 'id');
862  $ref_id = $this->getCurrentObject()->getRefId();
863 
864  // handle local sets
865  foreach ($positions as $position_id) {
866  if (isset($_POST['local'][$position_id])) {
867  ilOrgUnitPermissionQueries::findOrCreateSetForRefId($ref_id, $position_id);
868  } else {
869  ilOrgUnitPermissionQueries::removeLocalSetForRefId($ref_id, $position_id);
870  }
871  }
872 
873  if ($_POST['position_perm']) {
874  foreach ($_POST['position_perm'] as $position_id => $ops) {
875  if (!isset($_POST['local'][$position_id])) {
876  continue;
877  }
878  $ilOrgUnitPermission = ilOrgUnitPermissionQueries::getSetForRefId($ref_id, $position_id);
879  $new_ops = [];
880  foreach ($ops as $op_id => $op) {
881  $new_ops[] = ilOrgUnitOperationQueries::findById($op_id);
882  }
883  $ilOrgUnitPermission->setOperations($new_ops);
884  $ilOrgUnitPermission->save();
885  }
886  }
887  ilUtil::sendSuccess($this->lng->txt('settings_saved'), true);
888  $this->ctrl->redirect($this, self::CMD_PERM_POSITIONS);
889  }
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:97
ActiveRecord\getArray
static getArray($key=null, $values=null)
Definition: class.ActiveRecord.php:908
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
+ Here is the call graph for this function:

◆ showConfirmBlockRole()

ilPermissionGUI::showConfirmBlockRole (   $a_blocked_info)
protected

Show block role confirmation screen.

Parameters
array$a_roles
Returns

Definition at line 426 of file class.ilPermissionGUI.php.

References $info, ilObjRole\_getTranslation(), ilObject\_lookupTitle(), and ilUtil\sendInfo().

Referenced by savePermissions().

427  {
428  $info = '';
429  if ($a_blocked_info['new_blocked']) {
430  $info .= $this->lng->txt('role_confirm_block_role_info');
431  if ($a_blocked_info['new_unblocked']) {
432  $info .= '<br /><br />';
433  }
434  }
435  if ($a_blocked_info['new_unblocked']) {
436  $info .= ('<br />' . $this->lng->txt('role_confirm_unblock_role_info'));
437  }
438 
439  ilUtil::sendInfo($info);
440 
441  include_once './Services/Utilities/classes/class.ilConfirmationGUI.php';
442  $confirm = new ilConfirmationGUI();
443  $confirm->setFormAction($this->ctrl->getFormAction($this));
444  $confirm->setHeaderText($this->lng->txt('role_confirm_block_role_header'));
445  $confirm->setConfirm($this->lng->txt('role_confirm_block_role'), 'modifyBlockRoles');
446  $confirm->setCancel($this->lng->txt('cancel'), 'perm');
447 
448  foreach ($a_blocked_info['new_blocked'] as $role_id) {
449  include_once './Services/AccessControl/classes/class.ilObjRole.php';
450  $confirm->addItem(
451  'new_block[]',
452  $role_id,
453  ilObjRole::_getTranslation(ilObject::_lookupTitle($role_id)) . ' ' . $this->lng->txt('role_blocked')
454  );
455  }
456  foreach ($a_blocked_info['new_unblocked'] as $role_id) {
457  include_once './Services/AccessControl/classes/class.ilObjRole.php';
458  $confirm->addItem(
459  'new_unblock[]',
460  $role_id,
461  ilObjRole::_getTranslation(ilObject::_lookupTitle($role_id)) . ' ' . $this->lng->txt('role_unblocked')
462  );
463  }
464  $this->tpl->setContent($confirm->getHTML());
465  }
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:988
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4481
ilObjRole\_getTranslation
static _getTranslation($a_role_title)
Definition: class.ilObjRole.php:518
$info
$info
Definition: index.php:5
ilConfirmationGUI
Confirmation screen class.
Definition: class.ilConfirmationGUI.php:15
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ unblockRoles()

ilPermissionGUI::unblockRoles (   $roles)
protected

Definition at line 479 of file class.ilPermissionGUI.php.

References $DIC, getCurrentObject(), ilObjectFactory\getInstanceByObjId(), ilLoggerFactory\getLogger(), and ilObjRole\MODE_UNPROTECTED_KEEP_LOCAL_POLICIES.

Referenced by modifyBlockRoles().

480  {
481  global $DIC;
482 
483  $rbacadmin = $DIC['rbacadmin'];
484 
485  foreach ($roles as $role) {
486  // delete local policy
487  ilLoggerFactory::getLogger('ac')->debug('Stop local policy for: ' . $role);
488  $role_obj = ilObjectFactory::getInstanceByObjId($role);
489  $role_obj->setParent($this->getCurrentObject()->getRefId());
490  $role_obj->delete();
491 
492  $role_obj->changeExistingObjects(
493  $this->getCurrentObject()->getRefId(),
494  ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES,
495  array('all')
496  );
497 
498  // finally set blocked status
499  $rbacadmin->setBlockedStatus(
500  $role,
501  $this->getCurrentObject()->getRefId(),
502  false
503  );
504  }
505  }
$DIC
global $DIC
Definition: saml.php:7
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:97
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:77
ilObjRole\MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:21
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:74
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

Field Documentation

◆ $current_obj

ilPermissionGUI::$current_obj = null
protected

Definition at line 24 of file class.ilPermissionGUI.php.

◆ CMD_PERM_POSITIONS

const ilPermissionGUI::CMD_PERM_POSITIONS = 'permPositions'

Definition at line 21 of file class.ilPermissionGUI.php.

Referenced by ilPermission2GUI\__initSubTabs().

◆ CMD_SAVE_POSITIONS_PERMISSIONS

const ilPermissionGUI::CMD_SAVE_POSITIONS_PERMISSIONS = 'savePositionsPermissions'

Definition at line 22 of file class.ilPermissionGUI.php.

Referenced by ilOrgUnitPermissionTableGUI\__construct().

The documentation for this class was generated from the following file: