ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
class.ilLocalUserGUI.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2013 ILIAS open source, Extended GPL, see docs/LICENSE */
9class ilLocalUserGUI
10{
11
15 protected $tabs_gui;
19 protected $form;
23 protected $toolbar;
27 protected $ctrl;
31 protected $tpl;
35 public $object;
39 protected $lng;
43 protected $ilAccess;
44
45
49 //TODO MST 14.11.2013 - we should split this class into ilLocalUserTableGUI and ilLocalUserRoleGUI
50 public function __construct($parent_gui)
51 {
52 global $DIC;
53 $tpl = $DIC['tpl'];
54 $ilCtrl = $DIC['ilCtrl'];
55 $ilTabs = $DIC['ilTabs'];
56 $ilToolbar = $DIC['ilToolbar'];
57 $lng = $DIC['lng'];
58 $rbacsystem = $DIC['rbacsystem'];
59 $ilAccess = $DIC['ilAccess'];
60 $this->tpl = $tpl;
61 $this->ctrl = $ilCtrl;
62 $this->parent_gui = $parent_gui;
63 $this->object = $parent_gui->object;
64 $this->tabs_gui = $this->parent_gui->tabs_gui;
65 $this->toolbar = $ilToolbar;
66 $this->lng = $lng;
67 $this->ilAccess = $ilAccess;
68 $this->lng->loadLanguageModule('user');
69 if (!$rbacsystem->checkAccess("cat_administrate_users", $this->parent_gui->object->getRefId())) {
70 ilUtil::sendFailure($this->lng->txt("msg_no_perm_admin_users"), true);
71 }
72 }
73
74
78 public function executeCommand()
79 {
80 $cmd = $this->ctrl->getCmd();
81 switch ($cmd) {
82 case "assignRoles":
83 case "assignSave":
84 $this->tabs_gui->clearTargets();
85 $this->tabs_gui->setBackTarget($this->lng->txt("back"), $this->ctrl->getLinkTargetByClass("illocalusergui", 'index'));
86 $this->$cmd();
87 break;
88 default:
89 $this->$cmd();
90 break;
91 }
92
93 return true;
94 }
95
96
101 protected function resetFilter()
102 {
103 $table = new ilUserTableGUI($this, "index", ilUserTableGUI::MODE_LOCAL_USER);
104 $table->resetOffset();
105 $table->resetFilter();
106 $this->index();
107 }
108
109
115 protected function applyFilter()
116 {
117 $table = new ilUserTableGUI($this, "index", ilUserTableGUI::MODE_LOCAL_USER);
118 $table->resetOffset();
119 $table->writeFilterToSession();
120 $this->index();
121 }
122
123
124 public function index($show_delete = false)
125 {
126 global $DIC;
127 $ilUser = $DIC['ilUser'];
128 $rbacreview = $DIC['rbacreview'];
129 $rbacsystem = $DIC['rbacsystem'];
130 $this->tpl->addBlockfile(
131 'ADM_CONTENT',
132 'adm_content',
133 'tpl.cat_admin_users.html',
134 "Modules/Category"
135 );
136 if (count($rbacreview->getGlobalAssignableRoles())
137 or in_array(SYSTEM_ROLE_ID, $rbacreview->assignedRoles($ilUser->getId()))
138 ) {
139 $this->toolbar->addButton(
140 $this->lng->txt('add_user'),
141 $this->ctrl->getLinkTargetByClass('ilobjusergui', 'create')
142 );
143 $this->toolbar->addButton(
144 $this->lng->txt('import_users'),
145 $this->ctrl->getLinkTargetByClass('ilobjuserfoldergui', 'importUserForm')
146 );
147 } else {
148 ilUtil::sendInfo($this->lng->txt('no_roles_user_can_be_assigned_to'));
149 }
150 if ($show_delete) {
151 $this->tpl->setCurrentBlock("confirm_delete");
152 $this->tpl->setVariable("CONFIRM_FORMACTION", $this->ctrl->getFormAction($this));
153 $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt('cancel'));
154 $this->tpl->setVariable("CONFIRM_CMD", 'performDeleteUsers');
155 $this->tpl->setVariable("TXT_CONFIRM", $this->lng->txt('delete'));
156 $this->tpl->parseCurrentBlock();
157 }
158 $table = new ilUserTableGUI($this, 'index', ilUserTableGUI::MODE_LOCAL_USER);
159 $this->tpl->setVariable('USERS_TABLE', $table->getHTML());
160
161 return true;
162 }
163
164
168 protected function addUserAutoCompleteObject()
169 {
170 $auto = new ilUserAutoComplete();
171 $auto->setSearchFields(array( 'login', 'firstname', 'lastname', 'email' ));
172 $auto->enableFieldSearchableCheck(true);
173 $auto->setMoreLinkAvailable(true);
174
175 if (($_REQUEST['fetchall'])) {
176 $auto->setLimit(ilUserAutoComplete::MAX_ENTRIES);
177 }
178
179 echo $auto->getList($_REQUEST['term']);
180 exit();
181 }
182
183
187 public function performDeleteUsers()
188 {
189 global $DIC;
190 $ilLog = $DIC['ilLog'];
191 $this->checkPermission("cat_administrate_users");
192 foreach ($_POST['user_ids'] as $user_id) {
193 if (!in_array($user_id, ilLocalUser::_getAllUserIds($_GET['ref_id']))) {
194 $ilLog->write(__FILE__ . ":" . __LINE__ . " User with id $user_id could not be found.");
195 ilUtil::sendFailure($this->lng->txt('user_not_found_to_delete'));
196 }
197 if (!$tmp_obj = &ilObjectFactory::getInstanceByObjId($user_id, false)) {
198 continue;
199 }
200 $tmp_obj->delete();
201 }
202 ilUtil::sendSuccess($this->lng->txt('deleted_users'), true);
203 $this->ctrl->redirect($this, 'index');
204
205 return true;
206 }
207
208
209 public function deleteUsers()
210 {
211 $this->checkPermission("cat_administrate_users");
212 if (!count($_POST['id'])) {
213 ilUtil::sendFailure($this->lng->txt('no_users_selected'));
214 $this->index();
215
216 return true;
217 }
218 $confirm = new ilConfirmationGUI();
219 $confirm->setFormAction($this->ctrl->getFormAction($this));
220 $confirm->setHeaderText($this->lng->txt('sure_delete_selected_users'));
221 $confirm->setConfirm($this->lng->txt('delete'), 'performDeleteUsers');
222 $confirm->setCancel($this->lng->txt('cancel'), 'index');
223 foreach ($_POST['id'] as $user) {
224 $name = ilObjUser::_lookupName($user);
225 $confirm->addItem(
226 'user_ids[]',
227 $user,
228 $name['lastname'] . ', ' . $name['firstname'] . ' [' . $name['login'] . ']'
229 );
230 }
231 $this->tpl->setContent($confirm->getHTML());
232 }
233
234
235 public function assignRoles()
236 {
237 global $DIC;
238 $rbacreview = $DIC['rbacreview'];
239 if (!$this->ilAccess->checkAccess("cat_administrate_users", "", $_GET["ref_id"])) {
240 ilUtil::sendFailure($this->lng->txt("permission_denied"), true);
241 $this->ctrl->redirect($this, "");
242 }
243 $offset = $_GET["offset"];
244 // init sort_by (unfortunatly sort_by is preset with 'title'
245 if ($_GET["sort_by"] == "title" or empty($_GET["sort_by"])) {
246 $_GET["sort_by"] = "login";
247 }
248 $order = $_GET["sort_by"];
249 $direction = $_GET["sort_order"];
250 if (!isset($_GET['obj_id'])) {
251 ilUtil::sendFailure('no_user_selected');
252 $this->index();
253
254 return true;
255 }
256 $roles = $this->__getAssignableRoles();
257 $this->tpl->addBlockfile(
258 'ADM_CONTENT',
259 'adm_content',
260 'tpl.cat_role_assignment.html',
261 "Modules/Category"
262 );
263 $ass_roles = $rbacreview->assignedRoles($_GET['obj_id']);
264 $counter = 0;
265 foreach ($roles as $role) {
266 $role_obj = &ilObjectFactory::getInstanceByObjId($role['obj_id']);
267 $disabled = false;
268 $f_result[$counter][] = ilUtil::formCheckbox(
269 in_array($role['obj_id'], $ass_roles) ? 1 : 0,
270 'role_ids[]',
271 $role['obj_id'],
272 $disabled
273 );
274 $f_result[$counter][] = $role_obj->getTitle();
275 $f_result[$counter][] = $role_obj->getDescription()?$role_obj->getDescription():'';
276 $f_result[$counter][] = $role['role_type'] == 'global' ?
277 $this->lng->txt('global') :
278 $this->lng->txt('local');
279 unset($role_obj);
280 ++$counter;
281 }
282 $this->__showRolesTable($f_result, "assignRolesObject");
283 }
284
285
286 public function assignSave()
287 {
288 global $DIC;
289 $rbacreview = $DIC['rbacreview'];
290 $rbacadmin = $DIC['rbacadmin'];
291 if (!$this->ilAccess->checkAccess("cat_administrate_users", "", $_GET["ref_id"])) {
292 ilUtil::sendFailure($this->lng->txt("permission_denied"), true);
293 $this->ctrl->redirect($this, "");
294 }
295 // check hack
296 if (!isset($_GET['obj_id']) or !in_array($_REQUEST['obj_id'], ilLocalUser::_getAllUserIds())) {
297 ilUtil::sendFailure('no_user_selected');
298 $this->index();
299
300 return true;
301 }
302 $roles = $this->__getAssignableRoles();
303 // check minimum one global role
304 if (!$this->__checkGlobalRoles($_POST['role_ids'])) {
305 ilUtil::sendFailure($this->lng->txt('no_global_role_left'));
306 $this->assignRolesObject();
307
308 return false;
309 }
310 $new_role_ids = $_POST['role_ids'] ? $_POST['role_ids'] : array();
311 $assigned_roles = $rbacreview->assignedRoles((int) $_REQUEST['obj_id']);
312 foreach ($roles as $role) {
313 if (in_array($role['obj_id'], $new_role_ids) and !in_array($role['obj_id'], $assigned_roles)) {
314 $rbacadmin->assignUser($role['obj_id'], (int) $_REQUEST['obj_id']);
315 }
316 if (in_array($role['obj_id'], $assigned_roles) and !in_array($role['obj_id'], $new_role_ids)) {
317 $rbacadmin->deassignUser($role['obj_id'], (int) $_REQUEST['obj_id']);
318 }
319 }
320 ilUtil::sendSuccess($this->lng->txt('role_assignment_updated'));
321 $this->assignRoles();
322
323 return true;
324 }
325
326
327 public function __checkGlobalRoles($new_assigned)
328 {
329 global $DIC;
330 $rbacreview = $DIC['rbacreview'];
331 $ilUser = $DIC['ilUser'];
332 if (!$this->ilAccess->checkAccess("cat_administrate_users", "", $_GET["ref_id"])) {
333 ilUtil::sendFailure($this->lng->txt("permission_denied"), true);
334 $this->ctrl->redirect($this, "");
335 }
336 // return true if it's not a local user
337 $tmp_obj = &ilObjectFactory::getInstanceByObjId($_REQUEST['obj_id']);
338 if ($tmp_obj->getTimeLimitOwner() != $this->object->getRefId() and
339 !in_array(SYSTEM_ROLE_ID, $rbacreview->assignedRoles($ilUser->getId()))
340 ) {
341 return true;
342 }
343 // new assignment by form
344 $new_assigned = $new_assigned ? $new_assigned : array();
345 $assigned = $rbacreview->assignedRoles((int) $_GET['obj_id']);
346 // all assignable globals
347 if (!in_array(SYSTEM_ROLE_ID, $rbacreview->assignedRoles($ilUser->getId()))) {
348 $ga = $rbacreview->getGlobalAssignableRoles();
349 } else {
350 $ga = $rbacreview->getGlobalRolesArray();
351 }
352 $global_assignable = array();
353 foreach ($ga as $role) {
354 $global_assignable[] = $role['obj_id'];
355 }
356 $new_visible_assigned_roles = array_intersect($new_assigned, $global_assignable);
357 $all_assigned_roles = array_intersect($assigned, $rbacreview->getGlobalRoles());
358 $main_assigned_roles = array_diff($all_assigned_roles, $global_assignable);
359 if (!count($new_visible_assigned_roles) and !count($main_assigned_roles)) {
360 return false;
361 }
362
363 return true;
364 }
365
366
367 public function __getAssignableRoles()
368 {
369 global $DIC;
370 $rbacreview = $DIC['rbacreview'];
371 $ilUser = $DIC['ilUser'];
372 // check local user
373 $tmp_obj = &ilObjectFactory::getInstanceByObjId($_REQUEST['obj_id']);
374 // Admin => all roles
375 if (in_array(SYSTEM_ROLE_ID, $rbacreview->assignedRoles($ilUser->getId()))) {
376 $global_roles = $rbacreview->getGlobalRolesArray();
377 } elseif ($tmp_obj->getTimeLimitOwner() == $this->object->getRefId()) {
378 $global_roles = $rbacreview->getGlobalAssignableRoles();
379 } else {
380 $global_roles = array();
381 }
382
383 return $roles = array_merge($global_roles, $rbacreview->getAssignableChildRoles($this->object->getRefId()));
384 }
385
386
387 public function __showRolesTable($a_result_set, $a_from = "")
388 {
389 if (!$this->ilAccess->checkAccess("cat_administrate_users", "", $_GET["ref_id"])) {
390 ilUtil::sendFailure($this->lng->txt("permission_denied"), true);
391 $this->ctrl->redirect($this, "");
392 }
393 $tbl = &$this->parent_gui->__initTableGUI();
394 $tpl = &$tbl->getTemplateObject();
395 // SET FORMAACTION
396 $tpl->setCurrentBlock("tbl_form_header");
397 $this->ctrl->setParameter($this, 'obj_id', $_GET['obj_id']);
398 $tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
399 $tpl->parseCurrentBlock();
400 // SET FOOTER BUTTONS
401 $tpl->setVariable("IMG_ARROW", ilUtil::getImagePath("arrow_downright.svg"));
402 $tpl->setVariable("BTN_NAME", "assignSave");
403 $tpl->setVariable("BTN_VALUE", $this->lng->txt("change_assignment"));
404 $tpl->setCurrentBlock("tbl_action_row");
405 $tpl->setVariable("TPLPATH", $this->tpl->tplPath);
406 $tpl->parseCurrentBlock();
407 $tmp_obj = &ilObjectFactory::getInstanceByObjId($_GET['obj_id']);
408 $title = $this->lng->txt('role_assignment') . ' (' . $tmp_obj->getFullname() . ')';
409 $tbl->setTitle($title, "icon_role.svg", $this->lng->txt("role_assignment"));
410 $tbl->setHeaderNames(array(
411 '',
412 $this->lng->txt("title"),
413 $this->lng->txt('description'),
414 $this->lng->txt("type")
415 ));
416 $tbl->setHeaderVars(array(
417 "",
418 "title",
419 "description",
420 "type"
421 ), (get_class($this->parent_gui) == 'ilObjOrgUnitGUI') ? array(
422 "ref_id" => $this->object->getRefId(),
423 "cmd" => "assignRoles",
424 "obj_id" => $_GET['obj_id'],
425 "cmdNode" => $_GET["cmdNode"],
426 "baseClass" => 'ilAdministrationGUI',
427 "admin_mode" => "settings"
428 ) : array(
429 "ref_id" => $this->object->getRefId(),
430 "cmd" => "assignRoles",
431 "obj_id" => $_GET['obj_id'],
432 "cmdClass" => "ilobjcategorygui",
433 "baseClass" => 'ilRepositoryGUI',
434 "cmdNode" => $_GET["cmdNode"],
435 ));
436 $tbl->setColumnWidth(array( "4%", "35%", "45%", "16%" ));
437 $this->set_unlimited = true;
438 $this->parent_gui->__setTableGUIBasicData($tbl, $a_result_set, $a_from, true);
439 $tbl->render();
440 $this->tpl->setVariable('OBJECTS', $tbl->getTemplateObject()->get());
441
442 return true;
443 }
444
448 protected function checkPermission($permission)
449 {
450 if (!$this->ilAccess->checkAccess($permission, "", $_GET["ref_id"])) {
451 ilUtil::sendFailure($this->lng->txt("permission_denied"), true);
452 $this->ctrl->redirect($this, "");
453 }
454 }
455}
exit
exit
Definition: backend.php:16
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
php
An exception for terminatinating execution or to throw for unit testing.
ilAccess
Class ilAccessHandler.
Definition: class.ilAccess.php:20
ilAccess\checkAccess
checkAccess($a_permission, $a_cmd, $a_ref_id, $a_type="", $a_obj_id="", $a_tree_id="")
check access for an object (provide $a_type and $a_obj_id if available for better performance)
Definition: class.ilAccess.php:252
ilConfirmationGUI
Confirmation screen class.
Definition: class.ilConfirmationGUI.php:16
ilLocalUserGUI
Class ilLocalUserGUI.
Definition: class.ilLocalUserGUI.php:10
ilLocalUserGUI\applyFilter
applyFilter()
Apply filter.
Definition: class.ilLocalUserGUI.php:115
ilLocalUserGUI\resetFilter
resetFilter()
Reset filter (note: this function existed before data table filter has been introduced.
Definition: class.ilLocalUserGUI.php:101
ilLocalUserGUI\__showRolesTable
__showRolesTable($a_result_set, $a_from="")
Definition: class.ilLocalUserGUI.php:387
ilLocalUserGUI\__checkGlobalRoles
__checkGlobalRoles($new_assigned)
Definition: class.ilLocalUserGUI.php:327
ilLocalUserGUI\addUserAutoCompleteObject
addUserAutoCompleteObject()
Show auto complete results.
Definition: class.ilLocalUserGUI.php:168
ilLocalUserGUI\checkPermission
checkPermission($permission)
Definition: class.ilLocalUserGUI.php:448
ilLocalUserGUI\index
index($show_delete=false)
Definition: class.ilLocalUserGUI.php:124
ilLocalUserGUI\__construct
__construct($parent_gui)
Definition: class.ilLocalUserGUI.php:50
ilLocalUserGUI\performDeleteUsers
performDeleteUsers()
Delete User.
Definition: class.ilLocalUserGUI.php:187
ilLocalUser\_getAllUserIds
static _getAllUserIds($a_filter=0)
Definition: class.ilLocalUser.php:85
ilObjUser\_lookupName
static _lookupName($a_user_id)
lookup user name
Definition: class.ilObjUser.php:771
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:77
ilUserAutoComplete
Auto completion class for user lists.
Definition: class.ilUserAutoComplete.php:8
ilUserTableGUI
TableGUI class for user administration.
Definition: class.ilUserTableGUI.php:16
ilUtil\formCheckbox
static formCheckbox($checked, $varname, $value, $disabled=false)
??? @access public
Definition: class.ilUtil.php:432
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4497
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4481
ilUtil\getImagePath
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:79
$name
$name
Definition: client_example.php:35
$tbl
$tbl
Definition: example_048.php:81
$ilCtrl
global $ilCtrl
Definition: ilias.php:18
$ilLog
$ilLog
Definition: inc.setup_header.php:123
$user
$user
Definition: migrateto20.php:57
$table
if(empty($password)) $table
Definition: pwgen.php:24
$DIC
global $DIC
Definition: saml.php:7
$ilUser
$ilUser
Definition: imgupload.php:18