UI class for handling permissions that can be configured having the write permission for an object. More...

Collaboration diagram for ilSettingsPermissionGUI:

Public Member Functions
	__construct ($a_gui_obj)
	Constructor. More...

	determineRoles ()
	Determine roles. More...

	setRoleRequiredPermissions ($a_val)
	Set role required permissions (this permissions are required for a role to be listed) More...

	getRoleRequiredPermissions ()
	Get role required permissions. More...

	setRoleProhibitedPermissions ($a_val)
	Set role prohibited permissions (this permissions are prohibited for a role to be listed) More...

	getRoleProhibitedPermissions ()
	Get role prohibited permissions. More...

	setPermissions ($a_val)
	Set permissions. More...

	getPermissions ()
	Get permissions. More...

	executeCommand ()
	Execute command. More...

	showForm ()
	Show form. More...

	initPermissionForm ()
	Init permission form. More...

	save ()
	Save form. More...

Protected Attributes
	$permissions = array()

	$base_permissions = array()

	$base_permissions_by_op = array()

	$role_required_permissions = array()

	$role_prohibited_permissions = array()

Detailed Description

UI class for handling permissions that can be configured having the write permission for an object.

Author: Alex Killing alex..nosp@m.kill.nosp@m.ing@g.nosp@m.mx.d.nosp@m.e

Version: $Id$

Definition at line 13 of file class.ilSettingsPermissionGUI.php.

Constructor & Destructor Documentation

◆ __construct()

ilSettingsPermissionGUI::__construct ( $a_gui_obj )

Constructor.

Parameters

ilObjectGUI $a_gui_obj object gui object

Definition at line 26 of file class.ilSettingsPermissionGUI.php.

    {
        global $DIC;
 
        $objDefinition = $DIC['objDefinition'];
        $tpl = $DIC['tpl'];
        $ilCtrl = $DIC['ilCtrl'];
        $lng = $DIC['lng'];
        $rbacreview = $DIC['rbacreview'];
 
        $this->objDefinition = $objDefinition;
        $this->tpl = $tpl;
        $this->lng = $lng;
        $this->lng->loadLanguageModule("rbac");
 
        $this->ctrl = $ilCtrl;
 
        $this->gui_obj = $a_gui_obj;
        $this->obj = $a_gui_obj->object;
        $this->red_id = $this->obj->getRefId();
 
 
        foreach (ilRbacReview::_getOperationList($this->obj->getType()) as $p) {
            $this->base_permissions[$p["ops_id"]] = $p["operation"];
            $this->base_permissions_by_op[$p["operation"]] = $p["ops_id"];
        }
 
        $this->base_roles = $rbacreview->getParentRoleIds($this->obj->getRefId());
    }

References $DIC, $ilCtrl, $lng, $tpl, and ilRbacReview\_getOperationList().

Here is the call graph for this function:

Member Function Documentation

◆ determineRoles()

ilSettingsPermissionGUI::determineRoles ( )

Determine roles.

Definition at line 59 of file class.ilSettingsPermissionGUI.php.

    {
        global $DIC;
 
        $rbacreview = $DIC['rbacreview'];
 
        $roles = array();
        foreach ($this->base_roles as $k => $r) {
            $ops = $rbacreview->getActiveOperationsOfRole($this->obj->getRefId(), $r["rol_id"]);
            $use = true;
            foreach ($this->getRoleRequiredPermissions() as $o) {
                if (!in_array($o, $ops)) {
                    $use = false;
                }
            }
            foreach ($this->getRoleProhibitedPermissions() as $o) {
                if (in_array($o, $ops)) {
                    $use = false;
                }
            }
            if ($use) {
                $roles[$k] = $r;
            }
        }
        return $roles;
    }

References $DIC, $r, getRoleProhibitedPermissions(), and getRoleRequiredPermissions().

Referenced by initPermissionForm(), and save().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ executeCommand()

ilSettingsPermissionGUI::executeCommand ( )

Execute command.

Definition at line 168 of file class.ilSettingsPermissionGUI.php.

    {
        $cmd = $this->ctrl->getCmd("showForm");
        if (in_array($cmd, array("showForm", "save"))) {
            $this->$cmd();
        }
    }

◆ getPermissions()

ilSettingsPermissionGUI::getPermissions ( )

Get permissions.

Returns: array array of operations (string) that should be offered

Definition at line 160 of file class.ilSettingsPermissionGUI.php.

    {
        return $this->permissions;
    }

References $permissions.

Referenced by initPermissionForm(), and save().

Here is the caller graph for this function:

◆ getRoleProhibitedPermissions()

ilSettingsPermissionGUI::getRoleProhibitedPermissions ( )

Get role prohibited permissions.

Returns: array permissions prohibited to be listed

Definition at line 134 of file class.ilSettingsPermissionGUI.php.

    {
        return $this->role_prohibited_permissions;
    }

References $role_prohibited_permissions.

Referenced by determineRoles().

Here is the caller graph for this function:

◆ getRoleRequiredPermissions()

ilSettingsPermissionGUI::getRoleRequiredPermissions ( )

Get role required permissions.

Returns: array permissions required to be listed

Definition at line 108 of file class.ilSettingsPermissionGUI.php.

    {
        return $this->role_required_permissions;
    }

References $role_required_permissions.

Referenced by determineRoles().

Here is the caller graph for this function:

◆ initPermissionForm()

ilSettingsPermissionGUI::initPermissionForm ( )

Init permission form.

Definition at line 189 of file class.ilSettingsPermissionGUI.php.

    {
        global $DIC;
 
        $rbacreview = $DIC['rbacreview'];
 
        include_once("Services/Form/classes/class.ilPropertyFormGUI.php");
        $form = new ilPropertyFormGUI();
 
        $roles = $this->determineRoles();
        $ops = array();
        foreach ($roles as $r) {
            $ops[$r["rol_id"]] = $rbacreview->getActiveOperationsOfRole($this->obj->getRefId(), $r["rol_id"]);
        }
 
        // for each permission, collect all roles that have the permission activated
        $perm_roles = array();
        foreach ($ops as $r => $o2) {
            foreach ($o2 as $o) {
                $perm_roles[$o][] = $r;
            }
        }
 
        // for each permission
        include_once './Services/AccessControl/classes/class.ilObjRole.php';
        foreach ($this->getPermissions() as $p) {
            // roles
            $cb = new ilCheckboxGroupInputGUI($this->lng->txt($p), $p);
            reset($roles);
            foreach ($roles as $k => $r) {
                $option = new ilCheckboxOption(ilObjRole::_getTranslation($r["title"]), $k);
                $cb->addOption($option);
            }
            if (is_array($perm_roles[$this->base_permissions_by_op[$p]])) {
                $cb->setValue($perm_roles[$this->base_permissions_by_op[$p]]);
            }
            $form->addItem($cb);
        }
 
        $form->addCommandButton("save", $this->lng->txt("save"));
 
        $form->setTitle($this->lng->txt("rbac_permissions"));
        $form->setFormAction($this->ctrl->getFormAction($this));
 
        return $form;
    }

References $DIC, $form, $r, ilObjRole\_getTranslation(), determineRoles(), and getPermissions().

Referenced by save(), and showForm().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ save()

ilSettingsPermissionGUI::save ( )

Save form.

Definition at line 239 of file class.ilSettingsPermissionGUI.php.

    {
        global $DIC;
 
        $rbacreview = $DIC['rbacreview'];
        $rbacadmin = $DIC['rbacadmin'];
 
        $form = $this->initPermissionForm();
        if ($form->checkInput()) {
            foreach ($this->determineRoles() as $r) {
                // get active operations for role
                $ops = $rbacreview->getActiveOperationsOfRole($this->obj->getRefId(), $r["rol_id"]);
 
                // revode all permissions for the role
                $rbacadmin->revokePermission($this->obj->getRefId(), $r["rol_id"]);
 
                // for all permissions of the form...
                foreach ($this->getPermissions() as $p) {
                    $roles = $form->getInput($p);
                    if (!is_array($roles)) {
                        $roles = array();
                    }
                    $o = $this->base_permissions_by_op[$p];
 
                    // ... if in original operations, but not checked, remove it from operations
                    if (in_array($o, $ops) && !in_array($r["rol_id"], $roles)) {
                        if (($key = array_search($o, $ops)) !== false) {
                            unset($ops[$key]);
                        }
                    }
 
                    // ...if not in original operations, but checked, add to operations
                    if (!in_array($o, $ops) && in_array($r["rol_id"], $roles)) {
                        $ops[] = $o;
                    }
                }
 
                // now grant resulting permissions
                $rbacadmin->grantPermission(
                    $r["rol_id"],
                    array_unique($ops),
                    $this->obj->getRefId()
                );
            }
 
            ilUtil::sendSuccess($this->lng->txt("msg_obj_modified"), true);
            $this->ctrl->redirect($this, "");
        } else {
            $form->setValuesByPost();
            $this->tpl->setContent($form->getHtml());
        }
    }

References $DIC, $form, $key, $r, determineRoles(), getPermissions(), and initPermissionForm().

Here is the call graph for this function:

◆ setPermissions()

ilSettingsPermissionGUI::setPermissions ( $a_val )

Set permissions.

Parameters

array $a_val array of operations (string) that should be offered

Definition at line 144 of file class.ilSettingsPermissionGUI.php.

    {
        if (is_array($a_val)) {
            foreach ($a_val as $p) {
                if (in_array($p, $this->base_permissions)) {
                    $this->permissions[$this->base_permissions_by_op[$p]] = $p;
                }
            }
        }
    }

◆ setRoleProhibitedPermissions()

ilSettingsPermissionGUI::setRoleProhibitedPermissions ( $a_val )

Set role prohibited permissions (this permissions are prohibited for a role to be listed)

Parameters

array $a_val permissions prohibited to be listed

Definition at line 118 of file class.ilSettingsPermissionGUI.php.

    {
        if (is_array($a_val)) {
            foreach ($a_val as $p) {
                if (in_array($p, $this->base_permissions)) {
                    $this->role_prohibited_permissions[] = $this->base_permissions_by_op[$p];
                }
            }
        }
    }

◆ setRoleRequiredPermissions()

ilSettingsPermissionGUI::setRoleRequiredPermissions ( $a_val )

Set role required permissions (this permissions are required for a role to be listed)

Parameters

array $a_val permissions required to be listed

Definition at line 92 of file class.ilSettingsPermissionGUI.php.

    {
        if (is_array($a_val)) {
            foreach ($a_val as $p) {
                if (in_array($p, $this->base_permissions)) {
                    $this->role_required_permissions[] = $this->base_permissions_by_op[$p];
                }
            }
        }
    }

◆ showForm()

ilSettingsPermissionGUI::showForm ( )

Show form.

Definition at line 179 of file class.ilSettingsPermissionGUI.php.

    {
        $form = $this->initPermissionForm();
        $this->tpl->setContent($form->getHTML());
    }

References $form, and initPermissionForm().

Here is the call graph for this function:

Field Documentation

◆ $base_permissions

ilSettingsPermissionGUI::$base_permissions = array()

protected

Definition at line 16 of file class.ilSettingsPermissionGUI.php.

◆ $base_permissions_by_op

ilSettingsPermissionGUI::$base_permissions_by_op = array()

protected

Definition at line 17 of file class.ilSettingsPermissionGUI.php.

◆ $permissions

ilSettingsPermissionGUI::$permissions = array()

protected

Definition at line 15 of file class.ilSettingsPermissionGUI.php.

Referenced by getPermissions().

◆ $role_prohibited_permissions

ilSettingsPermissionGUI::$role_prohibited_permissions = array()

protected

Definition at line 19 of file class.ilSettingsPermissionGUI.php.

Referenced by getRoleProhibitedPermissions().

◆ $role_required_permissions

ilSettingsPermissionGUI::$role_required_permissions = array()

protected

Definition at line 18 of file class.ilSettingsPermissionGUI.php.

Referenced by getRoleRequiredPermissions().

The documentation for this class was generated from the following file:

Services/AccessControl/classes/class.ilSettingsPermissionGUI.php

Public Member Functions

Protected Attributes

Detailed Description

Constructor & Destructor Documentation

◆ __construct()

Member Function Documentation

◆ determineRoles()

◆ executeCommand()

◆ getPermissions()

◆ getRoleProhibitedPermissions()

◆ getRoleRequiredPermissions()

◆ initPermissionForm()

◆ save()

◆ setPermissions()

◆ setRoleProhibitedPermissions()

◆ setRoleRequiredPermissions()

◆ showForm()

Field Documentation

◆ $base_permissions

◆ $base_permissions_by_op

◆ $permissions

◆ $role_prohibited_permissions

◆ $role_required_permissions