ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
Public Member Functions | Data Fields | Protected Member Functions | Protected Attributes
ilObjRoleGUI Class Reference
Services/AccessControl

Class ilObjRoleGUI. More...

+ Inheritance diagram for ilObjRoleGUI:
+ Collaboration diagram for ilObjRoleGUI:

Public Member Functions

 __construct ($a_data, $a_id, $a_call_by_reference=false, $a_prepare_output=true)
 Constructor public. More...
 
 executeCommand ()
 
 getParentRefId ()
 Get ref id of current object (not role folder id) More...
 
 getParentObjId ()
 Get obj_id of current object. More...
 
 getParentType ()
 get type of current object (not role folder) More...
 
 setBackTarget ($a_text, $a_link)
 set back tab target More...
 
 getBackTarget ()
 
 getAdminTabs ()
 admin and normal tabs are equal for roles More...
 
 listDesktopItemsObject ()
 
 askDeleteDesktopItemObject ()
 
 deleteDesktopItemsObject ()
 
 selectDesktopItemObject ()
 
 assignDesktopItemObject ()
 
 createObject ()
 Only called from administration -> role folder ? Otherwise this check access is wrong. More...
 
 editObject ()
 Edit role properties. More...
 
 saveObject ()
 Save new role. More...
 
 updateObject ()
 Save role settings. More...
 
 permSaveObject ($a_show_admin_permissions=false)
 save permissions More...
 
 adoptPermSaveObject ()
 copy permissions from role More...
 
 assignSaveObject ()
 wrapper for renamed function More...
 
 addUserObject ($a_user_ids)
 Assign user (callback from ilRepositorySearchGUI) More...
 
 deassignUserObject ()
 de-assign users from role More...
 
 userassignmentObject ()
 display user assignment panel More...
 
 cancelObject ()
 cancelObject is called when an operation is canceled, method links back public More...
 
 listUsersRoleObject ()
 
 __prepareOutput ()
 
 __setHeader ()
 
 getTabs ()
 
 mailToRoleObject ()
 
 checkAccess ($a_perm_global, $a_perm_obj='')
 
- Public Member Functions inherited from ilObjectGUI
 executeCommand ()
 execute command More...
 
 withReferences ()
 determines wether objects are referenced or not (got ref ids or not) More...
 
 setCreationMode ($a_mode=true)
 if true, a creation screen is displayed the current $_GET[ref_id] don't belong to the current class! the mode is determined in ilrepositorygui More...
 
 getCreationMode ()
 get creation mode More...
 
 prepareOutput ($a_show_subobjects=true)
 prepare output More...
 
 getAdminTabs ()
 administration tabs show only permissions and trash folder More...
 
 getHTML ()
 
 confirmedDeleteObject ()
 confirmed deletion of object -> objects are moved to trash or deleted immediately, if trash is disabled More...
 
 cancelDeleteObject ()
 cancel deletion of object More...
 
 cancelObject ()
 cancel action and go back to previous page public More...
 
 createObject ()
 create new object form More...
 
 cancelCreation ()
 cancel create action and go back to repository parent More...
 
 saveObject ()
 save object More...
 
 getDidacticTemplateVar ($a_type)
 Get didactic template setting from creation screen. More...
 
 putObjectInTree (ilObject $a_obj, $a_parent_node_id=null)
 Add object to tree at given position. More...
 
 editObject ()
 edit object More...
 
 addExternalEditFormCustom (ilPropertyFormGUI $a_form)
 
 updateObject ()
 updates object entry in object_data More...
 
 getFormAction ($a_cmd, $a_formaction="")
 get form action for command (command is method name without "Object", e.g. More...
 
 isVisible ($a_ref_id, $a_type)
 
 viewObject ()
 list childs of current object More...
 
 deleteObject ($a_error=false)
 Display deletion confirmation screen. More...
 
 cloneAllObject ()
 Clone single (not container object) Method is overwritten in ilContainerGUI. More...
 
 redirectAfterCreation ()
 Redirect after creation, see https://docu.ilias.de/goto_docu_wiki_wpage_5035_1357.html. More...
 

Data Fields

const MODE_GLOBAL_UPDATE = 1
 
const MODE_GLOBAL_CREATE = 2
 
const MODE_LOCAL_UPDATE = 3
 
const MODE_LOCAL_CREATE = 4
 
 $type
 
 $ctrl
 
- Data Fields inherited from ilObjectGUI
const COPY_WIZARD_NEEDS_PAGE = 1
 
 $objDefinition
 
 $tpl
 
 $tree
 
 $lng
 
 $data
 
 $object
 
 $ref_id
 
 $obj_id
 
 $maxcount
 
 $formaction
 
 $return_location
 
 $target_frame
 
 $tab_target_script
 
 $actions
 
 $sub_objects
 
 $omit_locator = false
 
const CFORM_NEW = 1
 
const CFORM_IMPORT = 2
 
const CFORM_CLONE = 3
 

Protected Member Functions

 getContainerType ()
 Get type of role container. More...
 
 showDefaultPermissionSettings ()
 check if default permissions are shown or not More...
 
 initFormRoleProperties ($a_mode)
 Create role prperty form. More...
 
 loadRoleProperties (ilObjRole $role)
 Store form input in role object. More...
 
 readRoleProperties (ilObjRole $role)
 Read role properties and write them to form. More...
 
 checkDuplicate ($a_role_id=0)
 Check if role with same name already exists in this folder. More...
 
 permObject ($a_show_admin_permissions=false)
 Show template permissions. More...
 
 adminPermObject ()
 Show administration permissions. More...
 
 adminPermSaveObject ()
 Save admin permissions. More...
 
 adoptPermObject ()
 
 confirmDeleteRoleObject ()
 Show delete confirmation screen. More...
 
 performDeleteRoleObject ()
 Delete role. More...
 
 addAdminLocatorItems ($a_do_not_add_object=false)
 
 isChangeExistingObjectsConfirmationRequired ()
 Check if a confirmation about further settings is required or not. More...
 
 showChangeExistingObjectsConfirmation ()
 Show confirmation screen. More...
 
 changeExistingObjectsObject ()
 Change existing objects. More...
 
 setSubTabs ($a_tab)
 Set sub tabs. More...
 
 addToClipboardObject ()
 Add selected users to user clipboard. More...
 
 addLocatorItems ()
 
 ensureRoleAccessForContext ()
 
- Protected Member Functions inherited from ilObjectGUI
 getObjectService ()
 Get object service. More...
 
 assignObject ()
 
 setTitleAndDescription ()
 called by prepare output More...
 
 initHeaderAction ($a_sub_type=null, $a_sub_id=null)
 Add header action menu. More...
 
 insertHeaderAction ($a_list_gui)
 Insert header action into main template. More...
 
 addHeaderAction ()
 Add header action menu. More...
 
 redrawHeaderActionObject ()
 Ajax call: redraw action header only. More...
 
 showMountWebfolderIcon ()
 
 setTabs ()
 set admin tabs public More...
 
 setAdminTabs ()
 set admin tabs public More...
 
 setLocator ()
 set Locator More...
 
 addLocatorItems ()
 should be overwritten to add object specific items (repository items are preloaded) More...
 
 omitLocator ($a_omit=true)
 
 addAdminLocatorItems ($a_do_not_add_object=false)
 should be overwritten to add object specific items (repository items are preloaded) More...
 
 initCreationForms ($a_new_type)
 Init creation froms. More...
 
 getCreationFormsHTML (array $a_forms)
 Get HTML for creation forms (accordion) More...
 
 initCreateForm ($a_new_type)
 Init object creation form. More...
 
 initDidacticTemplate (ilPropertyFormGUI $form)
 Show didactic template types. More...
 
 addDidacticTemplateOptions (array &$a_options)
 Add custom templates. More...
 
 afterSave (ilObject $a_new_object)
 Post (successful) object creation hook. More...
 
 initEditForm ()
 Init object edit form. More...
 
 initEditCustomForm (ilPropertyFormGUI $a_form)
 Add custom fields to update form. More...
 
 getEditFormValues ()
 Get values for edit form. More...
 
 getEditFormCustomValues (array &$a_values)
 Add values to custom edit fields. More...
 
 validateCustom (ilPropertyFormGUI $a_form)
 Validate custom values (if not possible with checkInput()) More...
 
 updateCustom (ilPropertyFormGUI $a_form)
 Insert custom update form values into object. More...
 
 afterUpdate ()
 Post (successful) object update hook. More...
 
 initImportForm ($a_new_type)
 Init object import form. More...
 
 importFileObject ($parent_id=null, $a_catch_errors=true)
 Import. More...
 
 afterImport (ilObject $a_new_object)
 Post (successful) object import hook. More...
 
 setFormAction ($a_cmd, $a_formaction)
 set specific form action for command More...
 
 getReturnLocation ($a_cmd, $a_location="")
 get return location for command (command is method name without "Object", e.g. More...
 
 setReturnLocation ($a_cmd, $a_location)
 set specific return location for command More...
 
 getTargetFrame ($a_cmd, $a_target_frame="")
 get target frame for command (command is method name without "Object", e.g. More...
 
 setTargetFrame ($a_cmd, $a_target_frame)
 set specific target frame for command More...
 
 showPossibleSubObjects ()
 show possible subobjects (pulldown menu) More...
 
 getTemplateFile ($a_cmd, $a_type="")
 get a template blockfile format: tpl. More...
 
 getTabs ()
 get tabs abstract method. More...
 
 __showButton ($a_cmd, $a_text, $a_target='')
 
 hitsperpageObject ()
 
__initTableGUI ()
 
 __setTableGUIBasicData (&$tbl, &$result_set, $a_from="")
 standard implementation for tables use 'from' variable use different initial setting of table More...
 
 redirectToRefId ($a_ref_id, $a_cmd="")
 redirects to (repository) view per ref id usually to a container and usually used at the end of a save/import method where the object gui type (of the new object) doesn't match with the type of the current $_GET["ref_id"] value More...
 
 fillCloneTemplate ($a_tpl_varname, $a_type)
 Fill object clone template This method can be called from any object GUI class that wants to offer object cloning. More...
 
 getCenterColumnHTML ()
 Get center column. More...
 
 getRightColumnHTML ()
 Display right column. More...
 
 setColumnSettings (ilColumnGUI $column_gui)
 May be overwritten in subclasses. More...
 
 checkPermission ($a_perm, $a_cmd="", $a_type="", $a_ref_id=null)
 Check permission and redirect on error. More...
 
 checkPermissionBool ($a_perm, $a_cmd="", $a_type="", $a_ref_id=null)
 Check permission. More...
 
 enableDragDropFileUpload ()
 Enables the file upload into this object by dropping files. More...
 
 handleAutoRating (ilObject $a_new_obj)
 Activate rating automatically if parent container setting. More...
 

Protected Attributes

 $obj_ref_id = 0
 
 $obj_obj_id = 0
 
 $obj_obj_type = ''
 
 $container_type = ''
 
- Protected Attributes inherited from ilObjectGUI
 $ilErr
 
 $locator
 
 $user
 
 $access
 
 $settings
 
 $rbacreview
 
 $toolbar
 
 $tmp_import_dir
 
 $tabs_gui = null
 
 $ctrl
 
 $object_service
 

Additional Inherited Members

- Static Public Member Functions inherited from ilObjectGUI
static _gotoRepositoryRoot ($a_raise_error=false)
 Goto repository root. More...
 
static _gotoRepositoryNode ($a_ref_id, $a_cmd="frameset")
 Goto repository root. More...
 

Detailed Description

Class ilObjRoleGUI.

Author
Stefan Meyer <smeyer.de>
Sascha Hofmann sasch.nosp@m.ahof.nosp@m.mann@.nosp@m.gmx..nosp@m.de
Version
$Id$

ilObjRoleGUI: ilRepositorySearchGUI, ilExportGUI

Definition at line 20 of file class.ilObjRoleGUI.php.

Constructor & Destructor Documentation

◆ __construct()

ilObjRoleGUI::__construct (   $a_data,
  $a_id,
  $a_call_by_reference = false,
  $a_prepare_output = true 
)

Constructor public.

Definition at line 47 of file class.ilObjRoleGUI.php.

References $DIC, ilObjectGUI\$lng, ilObjectGUI\$tree, ilObject\_lookupObjId(), ilObject\_lookupType(), getParentObjId(), and getParentRefId().

48  {
49  global $DIC;
50 
51  $tree = $DIC['tree'];
52  $lng = $DIC['lng'];
53 
54  $lng->loadLanguageModule('rbac');
55 
56  //TODO: move this to class.ilias.php
57  define("USER_FOLDER_ID", 7);
58 
59  // Add ref_id of object that contains this role folder
60 
61  $this->obj_ref_id =
62  (
63  (int) $_REQUEST['rolf_ref_id'] ?
64  (int) $_REQUEST['rolf_ref_id'] :
65  (int) $_REQUEST['ref_id']
66  );
67 
68  $this->obj_obj_id = ilObject::_lookupObjId($this->getParentRefId());
69  $this->obj_obj_type = ilObject::_lookupType($this->getParentObjId());
70 
71  $this->container_type = ilObject::_lookupType(ilObject::_lookupObjId($this->obj_ref_id));
72 
73  $this->type = "role";
74  parent::__construct($a_data, $a_id, $a_call_by_reference, false);
75  $this->ctrl->saveParameter($this, array('obj_id', 'rolf_ref_id'));
76  }
$DIC
global $DIC
Definition: saml.php:7
ilObjRoleGUI\getParentObjId
getParentObjId()
Get obj_id of current object.
Definition: class.ilObjRoleGUI.php:153
ilObject\_lookupObjId
static _lookupObjId($a_id)
Definition: class.ilObject.php:1107
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1275
ilObjRoleGUI\getParentRefId
getParentRefId()
Get ref id of current object (not role folder id)
Definition: class.ilObjRoleGUI.php:144
+ Here is the call graph for this function:

Member Function Documentation

◆ __prepareOutput()

ilObjRoleGUI::__prepareOutput ( )

Definition at line 1340 of file class.ilObjRoleGUI.php.

References __setHeader(), ilUtil\infoPanel(), and ilUtil\sendInfo().

1341  {
1342  // output objects
1343  $this->tpl->addBlockFile("CONTENT", "content", "tpl.adm_content.html");
1344  $this->tpl->addBlockFile("STATUSLINE", "statusline", "tpl.statusline.html");
1345 
1346  // output message
1347  if ($this->message) {
1348  ilUtil::sendInfo($this->message);
1349  }
1350 
1351  // display infopanel if something happened
1352  ilUtil::infoPanel();
1353 
1354  // set header
1355  $this->__setHeader();
1356  }
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4481
ilUtil\infoPanel
static infoPanel($a_keep=true)
Definition: class.ilUtil.php:4538
+ Here is the call graph for this function:

◆ __setHeader()

ilObjRoleGUI::__setHeader ( )

Definition at line 1358 of file class.ilObjRoleGUI.php.

References ilUtil\getImagePath(), and getTabs().

Referenced by __prepareOutput().

1359  {
1360  $this->tpl->setTitle($this->lng->txt('role'));
1361  $this->tpl->setDescription($this->object->getTitle());
1362  $this->tpl->setTitleIcon(ilUtil::getImagePath("icon_role.svg"));
1363 
1364  $this->getTabs($this->tabs_gui);
1365  }
ilUtil\getImagePath
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:79
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ addAdminLocatorItems()

ilObjRoleGUI::addAdminLocatorItems (   $a_do_not_add_object = false)
protected

Definition at line 1371 of file class.ilObjRoleGUI.php.

References $_GET, $DIC, ilObject\_lookupObjId(), and ilObject\_lookupType().

1372  {
1373  global $DIC;
1374 
1375  $ilLocator = $DIC['ilLocator'];
1376 
1377  if (
1378  $_GET["admin_mode"] == "settings"
1379  && $_GET["ref_id"] == ROLE_FOLDER_ID) { // system settings
1380  parent::addAdminLocatorItems(true);
1381 
1382  $ilLocator->addItem(
1383  $this->lng->txt("obj_" . ilObject::_lookupType(ilObject::_lookupObjId($_GET["ref_id"]))),
1384  $this->ctrl->getLinkTargetByClass("ilobjrolefoldergui", 'view')
1385  );
1386 
1387  if ($_GET["obj_id"] > 0) {
1388  $ilLocator->addItem(
1389  $this->object->getTitle(),
1390  $this->ctrl->getLinkTarget($this, 'perm')
1391  );
1392  }
1393  } else {
1394  parent::addAdminLocatorItems($a_do_not_add_object);
1395  }
1396  }
$DIC
global $DIC
Definition: saml.php:7
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
ilObject\_lookupObjId
static _lookupObjId($a_id)
Definition: class.ilObject.php:1107
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1275
+ Here is the call graph for this function:

◆ addLocatorItems()

ilObjRoleGUI::addLocatorItems ( )
protected

Definition at line 1685 of file class.ilObjRoleGUI.php.

References $_GET, $DIC, and ilObjRole\_getTranslation().

1686  {
1687  global $DIC;
1688 
1689  $ilLocator = $DIC['ilLocator'];
1690 
1691  if ($_GET["admin_mode"] == "") {
1692  $this->ctrl->setParameterByClass(
1693  "ilobjrolegui",
1694  "obj_id",
1695  (int) $_GET["obj_id"]
1696  );
1697  $ilLocator->addItem(
1698  ilObjRole::_getTranslation($this->object->getTitle()),
1699  $this->ctrl->getLinkTargetByClass(
1700  array(
1701  "ilpermissiongui",
1702  "ilobjrolegui"),
1703  "perm"
1704  )
1705  );
1706  }
1707  }
$DIC
global $DIC
Definition: saml.php:7
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
ilObjRole\_getTranslation
static _getTranslation($a_role_title)
Definition: class.ilObjRole.php:518
+ Here is the call graph for this function:

◆ addToClipboardObject()

ilObjRoleGUI::addToClipboardObject ( )
protected

Add selected users to user clipboard.

Definition at line 1660 of file class.ilObjRoleGUI.php.

References $_POST, $DIC, $GLOBALS, $ilCtrl, ilObjectGUI\$lng, $users, ilUserClipboard\getInstance(), and ilUtil\sendFailure().

1661  {
1662  global $DIC;
1663 
1664  $lng = $DIC['lng'];
1665  $ilCtrl = $DIC['ilCtrl'];
1666 
1667  $users = (array) $_POST['user_id'];
1668  if (!count($users)) {
1669  ilUtil::sendFailure($this->lng->txt('select_one'), true);
1670  $ilCtrl->redirect($this, 'userassignment');
1671  }
1672  include_once './Services/User/classes/class.ilUserClipboard.php';
1673  $clip = ilUserClipboard::getInstance($GLOBALS['DIC']['ilUser']->getId());
1674  $clip->add($users);
1675  $clip->save();
1676 
1677  $lng->loadLanguageModule('user');
1678  ilUtil::sendSuccess($this->lng->txt('clipboard_user_added'), true);
1679  $ilCtrl->redirect($this, 'userassignment');
1680  }
ilUserClipboard\getInstance
static getInstance($a_usr_id)
Get singelton instance.
Definition: class.ilUserClipboard.php:35
$DIC
global $DIC
Definition: saml.php:7
$ilCtrl
global $ilCtrl
Definition: ilias.php:18
$users
$users
Definition: authpage.php:44
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4497
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
$GLOBALS
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
Definition: module.tag.xmp.php:702
+ Here is the call graph for this function:

◆ addUserObject()

ilObjRoleGUI::addUserObject (   $a_user_ids)

Assign user (callback from ilRepositorySearchGUI)

Parameters
array$a_user_idsArray of user ids
Returns

Definition at line 1078 of file class.ilObjRoleGUI.php.

References $DIC, $GLOBALS, $obj_ref_id, ilObjectGUI\$rbacreview, ilObjectGUI\$user, checkAccess(), ilUtil\sendFailure(), and ilUtil\sendInfo().

1079  {
1080  global $DIC;
1081 
1082  $rbacreview = $DIC['rbacreview'];
1083  $rbacadmin = $DIC['rbacadmin'];
1084 
1085  if (!$this->checkAccess('edit_userassignment', 'edit_permission')) {
1086  ilUtil::sendFailure($this->lng->txt('msg_no_perm_assign_user_to_role'), true);
1087  return false;
1088  }
1089  if (!$rbacreview->isAssignable($this->object->getId(), $this->obj_ref_id) &&
1090  $this->obj_ref_id != ROLE_FOLDER_ID) {
1091  ilUtil::sendFailure($this->lng->txt('err_role_not_assignable'), true);
1092  return false;
1093  }
1094  if (!$a_user_ids) {
1095  $GLOBALS['DIC']['lng']->loadLanguageModule('search');
1096  ilUtil::sendFailure($this->lng->txt('search_err_user_not_exist'), true);
1097  return false;
1098  }
1099 
1100  $assigned_users_all = $rbacreview->assignedUsers($this->object->getId());
1101 
1102  // users to assign
1103  $assigned_users_new = array_diff($a_user_ids, array_intersect($a_user_ids, $assigned_users_all));
1104 
1105  // selected users all already assigned. stop
1106  if (count($assigned_users_new) == 0) {
1107  ilUtil::sendInfo($this->lng->txt("rbac_msg_user_already_assigned"), true);
1108  $this->ctrl->redirect($this, 'userassignment');
1109  }
1110 
1111  // assign new users
1112  foreach ($assigned_users_new as $user) {
1113  $rbacadmin->assignUser($this->object->getId(), $user, false);
1114  }
1115 
1116  // update object data entry (to update last modification date)
1117  $this->object->update();
1118 
1119  ilUtil::sendSuccess($this->lng->txt("msg_userassignment_changed"), true);
1120  $this->ctrl->redirect($this, 'userassignment');
1121  }
$DIC
global $DIC
Definition: saml.php:7
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4481
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4497
ilObjRoleGUI\checkAccess
checkAccess($a_perm_global, $a_perm_obj='')
Definition: class.ilObjRoleGUI.php:1504
$GLOBALS
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
Definition: module.tag.xmp.php:702
+ Here is the call graph for this function:

◆ adminPermObject()

ilObjRoleGUI::adminPermObject ( )
protected

Show administration permissions.

Returns

Definition at line 775 of file class.ilObjRoleGUI.php.

References permObject().

776  {
777  return $this->permObject(true);
778  }
ilObjRoleGUI\permObject
permObject($a_show_admin_permissions=false)
Show template permissions.
Definition: class.ilObjRoleGUI.php:670
+ Here is the call graph for this function:

◆ adminPermSaveObject()

ilObjRoleGUI::adminPermSaveObject ( )
protected

Save admin permissions.

Returns

Definition at line 784 of file class.ilObjRoleGUI.php.

References permSaveObject().

785  {
786  return $this->permSaveObject(true);
787  }
ilObjRoleGUI\permSaveObject
permSaveObject($a_show_admin_permissions=false)
save permissions
Definition: class.ilObjRoleGUI.php:896
+ Here is the call graph for this function:

◆ adoptPermObject()

ilObjRoleGUI::adoptPermObject ( )
protected

Definition at line 789 of file class.ilObjRoleGUI.php.

References $DIC, $id, $key, Sabre\VObject\$output, ilObjectGUI\$rbacreview, $tbl, ilObjRole\_getTranslation(), and ilUtil\_sortIds().

Referenced by adoptPermSaveObject().

790  {
791  global $DIC;
792 
793  $rbacreview = $DIC['rbacreview'];
794 
795  $output = array();
796 
797  $parent_role_ids = $rbacreview->getParentRoleIds($this->obj_ref_id, true);
798  $ids = array();
799  foreach ($parent_role_ids as $id => $tmp) {
800  $ids[] = $id;
801  }
802  // Sort ids
803  $sorted_ids = ilUtil::_sortIds($ids, 'object_data', 'type,title', 'obj_id');
804  $key = 0;
805  foreach ($sorted_ids as $id) {
806  $par = $parent_role_ids[$id];
807  if ($par["obj_id"] != SYSTEM_ROLE_ID && $this->object->getId() != $par["obj_id"]) {
808  $output[$key]["role_id"] = $par["obj_id"];
809  $output[$key]["type"] = ($par["type"] == 'role' ? $this->lng->txt('obj_role') : $this->lng->txt('obj_rolt'));
810  $output[$key]["role_name"] = ilObjRole::_getTranslation($par["title"]);
811  $output[$key]["role_desc"] = $par["desc"];
812  $key++;
813  }
814  }
815 
816 
817  include_once('./Services/AccessControl/classes/class.ilRoleAdoptPermissionTableGUI.php');
818 
819  $tbl = new ilRoleAdoptPermissionTableGUI($this, "adoptPerm");
820  $tbl->setTitle($this->lng->txt("adopt_perm_from_template"));
821  $tbl->setData($output);
822 
823  $this->tpl->setContent($tbl->getHTML());
824  }
ilRoleAdoptPermissionTableGUI
Copyright (c) 1998-2015 ILIAS open source, Extended GPL, see docs/LICENSE Date: 07.01.15 Time: 11:43.
Definition: class.ilRoleAdoptPermissionTableGUI.php:16
$DIC
global $DIC
Definition: saml.php:7
$tbl
$tbl
Definition: example_048.php:81
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14
ilUtil\_sortIds
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,7),&#39;usr_data&#39;,&#39;lastname&#39;,&#39;usr_id&#39;) => sorts by lastname.
Definition: class.ilUtil.php:4405
ilObjRole\_getTranslation
static _getTranslation($a_role_title)
Definition: class.ilObjRole.php:518
$key
$key
Definition: croninfo.php:18
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ adoptPermSaveObject()

ilObjRoleGUI::adoptPermSaveObject ( )

copy permissions from role

public

Definition at line 1016 of file class.ilObjRoleGUI.php.

References $_POST, ilObjectGUI\$access, $DIC, $obj_ref_id, ilObjectGUI\$rbacreview, ilObjectGUI\$tree, adoptPermObject(), checkAccess(), and ilUtil\sendFailure().

1017  {
1018  global $DIC;
1019 
1020  $rbacadmin = $DIC['rbacadmin'];
1021  $rbacsystem = $DIC['rbacsystem'];
1022  $rbacreview = $DIC['rbacreview'];
1023  $tree = $DIC['tree'];
1024 
1025  if (!$_POST['adopt']) {
1026  ilUtil::sendFailure($this->lng->txt('select_one'));
1027  $this->adoptPermObject();
1028  return false;
1029  }
1030 
1031  $access = $this->checkAccess('visible,write', 'edit_permission');
1032  if (!$access) {
1033  $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"), $this->ilias->error_obj->MESSAGE);
1034  }
1035 
1036  if ($this->object->getId() == $_POST["adopt"]) {
1037  ilUtil::sendFailure($this->lng->txt("msg_perm_adopted_from_itself"), true);
1038  } else {
1039  $rbacadmin->deleteRolePermission($this->object->getId(), $this->obj_ref_id);
1040  $parentRoles = $rbacreview->getParentRoleIds($this->obj_ref_id, true);
1041  $rbacadmin->copyRoleTemplatePermissions(
1042  $_POST["adopt"],
1043  $parentRoles[$_POST["adopt"]]["parent"],
1044  $this->obj_ref_id,
1045  $this->object->getId(),
1046  false
1047  );
1048 
1049  // update object data entry (to update last modification date)
1050  $this->object->update();
1051 
1052  // send info
1053  $obj_data = &$this->ilias->obj_factory->getInstanceByObjId($_POST["adopt"]);
1054  ilUtil::sendSuccess($this->lng->txt("msg_perm_adopted_from1") . " '" . $obj_data->getTitle() . "'.<br/>" .
1055  $this->lng->txt("msg_perm_adopted_from2"), true);
1056  }
1057 
1058  $this->ctrl->redirect($this, "perm");
1059  }
$DIC
global $DIC
Definition: saml.php:7
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4497
ilObjRoleGUI\checkAccess
checkAccess($a_perm_global, $a_perm_obj='')
Definition: class.ilObjRoleGUI.php:1504
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
+ Here is the call graph for this function:

◆ askDeleteDesktopItemObject()

ilObjRoleGUI::askDeleteDesktopItemObject ( )

Definition at line 236 of file class.ilObjRoleGUI.php.

References $_POST, $DIC, checkAccess(), ilObjectFactory\getInstanceByRefId(), ilRoleDesktopItem\getItem(), listDesktopItemsObject(), ilUtil\sendFailure(), and USER_FOLDER_ID.

237  {
238  global $DIC;
239 
240  $rbacsystem = $DIC['rbacsystem'];
241 
242 
243  if (!$this->checkAccess('edit_permission')) {
244  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
245  }
246  if (!$rbacsystem->checkAccess('push_desktop_items', USER_FOLDER_ID)) {
247  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
248  }
249  if (!count($_POST['del_desk_item'])) {
250  ilUtil::sendFailure($this->lng->txt('role_select_one_item'));
251 
252  $this->listDesktopItemsObject();
253 
254  return true;
255  }
256 
257  include_once("./Services/Utilities/classes/class.ilConfirmationGUI.php");
258  $confirmation_gui = new ilConfirmationGUI();
259  $confirmation_gui->setFormAction($this->ctrl->getFormAction($this));
260  $confirmation_gui->setHeaderText($this->lng->txt('role_assigned_desk_items') .
261  ' "' . $this->object->getTitle() . '": ' .
262  $this->lng->txt('role_sure_delete_desk_items'));
263  $confirmation_gui->setCancel($this->lng->txt("cancel"), "listDesktopItems");
264  $confirmation_gui->setConfirm($this->lng->txt("delete"), "deleteDesktopItems");
265 
266  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
267  $role_desk_item_obj = new ilRoleDesktopItem($this->object->getId());
268  $counter = 0;
269  foreach ($_POST['del_desk_item'] as $role_item_id) {
270  $item_data = $role_desk_item_obj->getItem($role_item_id);
271  $tmp_obj = &ilObjectFactory::getInstanceByRefId($item_data['item_id']);
272 
273  if (strlen($desc = $tmp_obj->getDescription())) {
274  $desc = '<div class="il_Description_no_margin">' . $desc . '</div>';
275  }
276 
277  $confirmation_gui->addItem("del_desk_item[]", $role_item_id, $tmp_obj->getTitle() . $desc);
278  }
279 
280  $this->tpl->setContent($confirmation_gui->getHTML());
281 
282  return true;
283  }
ilRoleDesktopItem
Class ilObjRoleGUI.
Definition: class.ilRoleDesktopItem.php:17
$DIC
global $DIC
Definition: saml.php:7
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4497
ilObjRoleGUI\checkAccess
checkAccess($a_perm_global, $a_perm_obj='')
Definition: class.ilObjRoleGUI.php:1504
ilObjectFactory\getInstanceByRefId
static getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
Definition: class.ilObjectFactory.php:141
USER_FOLDER_ID
const USER_FOLDER_ID
Class ilObjUserFolder.
Definition: class.ilObjUserFolder.php:16
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
ilConfirmationGUI
Confirmation screen class.
Definition: class.ilConfirmationGUI.php:15
+ Here is the call graph for this function:

◆ assignDesktopItemObject()

ilObjRoleGUI::assignDesktopItemObject ( )

Definition at line 360 of file class.ilObjRoleGUI.php.

References $_GET, $DIC, ilObject\_lookupType(), ilRoleDesktopItem\add(), selectDesktopItemObject(), ilUtil\sendFailure(), and USER_FOLDER_ID.

361  {
362  global $DIC;
363 
364  $rbacsystem = $DIC['rbacsystem'];
365 
366  if (!$rbacsystem->checkAccess('push_desktop_items', USER_FOLDER_ID)) {
367  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
368  return false;
369  }
370 
371 
372  if (!isset($_GET['item_id'])) {
373  ilUtil::sendFailure($this->lng->txt('role_no_item_selected'));
374  $this->selectDesktopItemObject();
375 
376  return false;
377  }
378 
379  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
380 
381  $role_desk_item_obj = new ilRoleDesktopItem($this->object->getId());
382  $role_desk_item_obj->add((int) $_GET['item_id'], ilObject::_lookupType((int) $_GET['item_id'], true));
383 
384  ilUtil::sendSuccess($this->lng->txt('role_assigned_desktop_item'));
385 
386  $this->ctrl->redirect($this, 'listDesktopItems');
387  return true;
388  }
ilRoleDesktopItem\add
add($a_item_id, $a_item_type)
Definition: class.ilRoleDesktopItem.php:45
ilRoleDesktopItem
Class ilObjRoleGUI.
Definition: class.ilRoleDesktopItem.php:17
$DIC
global $DIC
Definition: saml.php:7
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1275
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4497
USER_FOLDER_ID
const USER_FOLDER_ID
Class ilObjUserFolder.
Definition: class.ilObjUserFolder.php:16
+ Here is the call graph for this function:

◆ assignSaveObject()

ilObjRoleGUI::assignSaveObject ( )

wrapper for renamed function

public

Definition at line 1066 of file class.ilObjRoleGUI.php.

1067  {
1068  $this->assignUserObject();
1069  }

◆ cancelObject()

ilObjRoleGUI::cancelObject ( )

cancelObject is called when an operation is canceled, method links back public

Definition at line 1276 of file class.ilObjRoleGUI.php.

References $_GET.

1277  {
1278  if ($_GET["new_type"] != "role") {
1279  $this->ctrl->redirect($this, "userassignment");
1280  } else {
1281  $this->ctrl->redirectByClass("ilobjrolefoldergui", "view");
1282  }
1283  }
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12

◆ changeExistingObjectsObject()

ilObjRoleGUI::changeExistingObjectsObject ( )
protected

Change existing objects.

Returns

Definition at line 1612 of file class.ilObjRoleGUI.php.

References $_POST, $DIC, $obj_ref_id, ilObjectGUI\$rbacreview, $start, ilObjectGUI\$tree, and ilUtil\stripSlashes().

1613  {
1614  global $DIC;
1615 
1616  $tree = $DIC['tree'];
1617  $rbacreview = $DIC['rbacreview'];
1618  $rbacadmin = $DIC['rbacadmin'];
1619 
1620  $mode = (int) $_POST['mode'];
1621  $start = ($this->obj_ref_id == ROLE_FOLDER_ID ? ROOT_FOLDER_ID : $this->obj_ref_id);
1622 
1623  $this->object->changeExistingObjects($start, $mode, unserialize(ilUtil::stripSlashes($_POST['type_filter'])));
1624 
1625  ilUtil::sendSuccess($this->lng->txt('settings_saved'), true);
1626  $this->ctrl->redirect($this, 'perm');
1627  }
$DIC
global $DIC
Definition: saml.php:7
$start
$start
Definition: bench.php:8
ilUtil\stripSlashes
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
Definition: class.ilUtil.php:2406
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
+ Here is the call graph for this function:

◆ checkAccess()

ilObjRoleGUI::checkAccess (   $a_perm_global,
  $a_perm_obj = '' 
)

Definition at line 1504 of file class.ilObjRoleGUI.php.

References $DIC.

Referenced by addUserObject(), adoptPermSaveObject(), askDeleteDesktopItemObject(), confirmDeleteRoleObject(), deassignUserObject(), deleteDesktopItemsObject(), editObject(), executeCommand(), getTabs(), performDeleteRoleObject(), permObject(), permSaveObject(), and userassignmentObject().

1505  {
1506  global $DIC;
1507 
1508  $rbacsystem = $DIC['rbacsystem'];
1509  $ilAccess = $DIC['ilAccess'];
1510 
1511  $a_perm_obj = $a_perm_obj ? $a_perm_obj : $a_perm_global;
1512 
1513  if ($this->obj_ref_id == ROLE_FOLDER_ID) {
1514  return $rbacsystem->checkAccess($a_perm_global, $this->obj_ref_id);
1515  } else {
1516  return $ilAccess->checkAccess($a_perm_obj, '', $this->obj_ref_id);
1517  }
1518  }
$DIC
global $DIC
Definition: saml.php:7
+ Here is the caller graph for this function:

◆ checkDuplicate()

ilObjRoleGUI::checkDuplicate (   $a_role_id = 0)
protected

Check if role with same name already exists in this folder.

Returns
bool

Definition at line 630 of file class.ilObjRoleGUI.php.

Referenced by saveObject(), and updateObject().

631  {
632  // disabled due to mantis #0013742: Renaming global roles: ILIAS denies if title fits other role title partially
633  return false;
634  }
+ Here is the caller graph for this function:

◆ confirmDeleteRoleObject()

ilObjRoleGUI::confirmDeleteRoleObject ( )
protected

Show delete confirmation screen.

Returns

Definition at line 830 of file class.ilObjRoleGUI.php.

References ilObjectGUI\$access, $DIC, ilObjectGUI\$ilErr, $ilUser, ilObjectGUI\$rbacreview, checkAccess(), ilUtil\getImagePath(), and ilUtil\sendQuestion().

831  {
832  global $DIC;
833 
834  $ilErr = $DIC['ilErr'];
835  $rbacreview = $DIC['rbacreview'];
836  $ilUser = $DIC['ilUser'];
837 
838  $access = $this->checkAccess('visible,write', 'edit_permission');
839  if (!$access) {
840  $ilErr->raiseError($this->lng->txt('msg_no_perm_perm'), $ilErr->WARNING);
841  }
842 
843  $question = $this->lng->txt('rbac_role_delete_qst');
844  if ($rbacreview->isAssigned($ilUser->getId(), $this->object->getId())) {
845  $question .= ('<br />' . $this->lng->txt('rbac_role_delete_self'));
846  }
847  ilUtil::sendQuestion($question);
848 
849  include_once './Services/Utilities/classes/class.ilConfirmationGUI.php';
850 
851  $confirm = new ilConfirmationGUI();
852  $confirm->setFormAction($this->ctrl->getFormAction($this));
853  $confirm->setHeaderText($question);
854  $confirm->setCancel($this->lng->txt('cancel'), 'perm');
855  $confirm->setConfirm($this->lng->txt('rbac_delete_role'), 'performDeleteRole');
856 
857  $confirm->addItem(
858  'role',
859  $this->object->getId(),
860  $this->object->getTitle(),
861  ilUtil::getImagePath('icon_role.svg')
862  );
863 
864  $this->tpl->setContent($confirm->getHTML());
865  return true;
866  }
$DIC
global $DIC
Definition: saml.php:7
ilUtil\getImagePath
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:79
$ilUser
$ilUser
Definition: imgupload.php:18
ilUtil\sendQuestion
static sendQuestion($a_info="", $a_keep=false)
Send Question to Screen.
Definition: class.ilUtil.php:4513
ilObjRoleGUI\checkAccess
checkAccess($a_perm_global, $a_perm_obj='')
Definition: class.ilObjRoleGUI.php:1504
ilConfirmationGUI
Confirmation screen class.
Definition: class.ilConfirmationGUI.php:15
+ Here is the call graph for this function:

◆ createObject()

ilObjRoleGUI::createObject ( )

Only called from administration -> role folder ? Otherwise this check access is wrong.

Returns

Definition at line 544 of file class.ilObjRoleGUI.php.

References $DIC, ilObjectGUI\$ilErr, and initFormRoleProperties().

545  {
546  global $DIC;
547 
548  $rbacsystem = $DIC['rbacsystem'];
549 
550  if (!$rbacsystem->checkAccess('create_role', $this->obj_ref_id)) {
551  $ilErr->raiseError($this->lng->txt('permission_denied'), $ilErr->MESSAGE);
552  }
553 
554  $this->initFormRoleProperties(self::MODE_GLOBAL_CREATE);
555  $this->tpl->setContent($this->form->getHTML());
556  }
$DIC
global $DIC
Definition: saml.php:7
ilObjRoleGUI\initFormRoleProperties
initFormRoleProperties($a_mode)
Create role prperty form.
Definition: class.ilObjRoleGUI.php:395
+ Here is the call graph for this function:

◆ deassignUserObject()

ilObjRoleGUI::deassignUserObject ( )

de-assign users from role

public

Definition at line 1128 of file class.ilObjRoleGUI.php.

References $_GET, $_POST, $DIC, ilObjectGUI\$rbacreview, ilObjectGUI\$user, checkAccess(), and ilUtil\sendFailure().

1129  {
1130  global $DIC;
1131 
1132  $rbacsystem = $DIC['rbacsystem'];
1133  $rbacadmin = $DIC['rbacadmin'];
1134  $rbacreview = $DIC['rbacreview'];
1135 
1136  if (!$this->checkAccess('edit_userassignment', 'edit_permission')) {
1137  $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"), $this->ilias->error_obj->MESSAGE);
1138  }
1139 
1140  $selected_users = ($_POST["user_id"]) ? $_POST["user_id"] : array($_GET["user_id"]);
1141 
1142  if ($selected_users[0] === null) {
1143  $this->ilias->raiseError($this->lng->txt("no_checkbox"), $this->ilias->error_obj->MESSAGE);
1144  }
1145 
1146  // prevent unassignment of system user from system role
1147  if ($this->object->getId() == SYSTEM_ROLE_ID) {
1148  if ($admin = array_search(SYSTEM_USER_ID, $selected_users) !== false) {
1149  unset($selected_users[$admin]);
1150  }
1151  }
1152 
1153  // check for each user if the current role is his last global role before deassigning him
1154  $last_role = array();
1155  $global_roles = $rbacreview->getGlobalRoles();
1156 
1157  foreach ($selected_users as $user) {
1158  $assigned_roles = $rbacreview->assignedRoles($user);
1159  $assigned_global_roles = array_intersect($assigned_roles, $global_roles);
1160 
1161  if (count($assigned_roles) == 1 or (count($assigned_global_roles) == 1 and in_array($this->object->getId(), $assigned_global_roles))) {
1162  $userObj = $this->ilias->obj_factory->getInstanceByObjId($user);
1163  $last_role[$user] = $userObj->getFullName();
1164  unset($userObj);
1165  }
1166  }
1167 
1168 
1169  // ... else perform deassignment
1170  foreach ($selected_users as $user) {
1171  if (!isset($last_role[$user])) {
1172  $rbacadmin->deassignUser($this->object->getId(), $user);
1173  }
1174  }
1175 
1176  // update object data entry (to update last modification date)
1177  $this->object->update();
1178 
1179  // raise error if last role was taken from a user...
1180  if (count($last_role)) {
1181  $user_list = implode(", ", $last_role);
1182  ilUtil::sendFailure($this->lng->txt('msg_is_last_role') . ': ' . $user_list . '<br />' . $this->lng->txt('msg_min_one_role'), true);
1183  } else {
1184  ilUtil::sendSuccess($this->lng->txt("msg_userassignment_changed"), true);
1185  }
1186  $this->ctrl->redirect($this, 'userassignment');
1187  }
$DIC
global $DIC
Definition: saml.php:7
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4497
ilObjRoleGUI\checkAccess
checkAccess($a_perm_global, $a_perm_obj='')
Definition: class.ilObjRoleGUI.php:1504
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
+ Here is the call graph for this function:

◆ deleteDesktopItemsObject()

ilObjRoleGUI::deleteDesktopItemsObject ( )

Definition at line 285 of file class.ilObjRoleGUI.php.

References $_POST, $DIC, checkAccess(), ilRoleDesktopItem\delete(), listDesktopItemsObject(), ilUtil\sendFailure(), and USER_FOLDER_ID.

286  {
287  global $DIC;
288 
289  $rbacsystem = $DIC['rbacsystem'];
290 
291  if (!$this->checkAccess('edit_permission')) {
292  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
293  }
294 
295  if (!$rbacsystem->checkAccess('push_desktop_items', USER_FOLDER_ID)) {
296  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
297  }
298 
299  if (!count($_POST['del_desk_item'])) {
300  ilUtil::sendFailure($this->lng->txt('role_select_one_item'));
301 
302  $this->listDesktopItemsObject();
303 
304  return true;
305  }
306 
307  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
308 
309  $role_desk_item_obj = new ilRoleDesktopItem($this->object->getId());
310 
311  foreach ($_POST['del_desk_item'] as $role_item_id) {
312  $role_desk_item_obj->delete($role_item_id);
313  }
314 
315  ilUtil::sendSuccess($this->lng->txt('role_deleted_desktop_items'));
316  $this->listDesktopItemsObject();
317 
318  return true;
319  }
ilRoleDesktopItem
Class ilObjRoleGUI.
Definition: class.ilRoleDesktopItem.php:17
$DIC
global $DIC
Definition: saml.php:7
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4497
ilObjRoleGUI\checkAccess
checkAccess($a_perm_global, $a_perm_obj='')
Definition: class.ilObjRoleGUI.php:1504
USER_FOLDER_ID
const USER_FOLDER_ID
Class ilObjUserFolder.
Definition: class.ilObjUserFolder.php:16
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
+ Here is the call graph for this function:

◆ editObject()

ilObjRoleGUI::editObject ( )

Edit role properties.

Returns

Definition at line 562 of file class.ilObjRoleGUI.php.

References $DIC, ilObjectGUI\$ilErr, $ilSetting, $obj_ref_id, ilObjectGUI\$rbacreview, checkAccess(), initFormRoleProperties(), and readRoleProperties().

563  {
564  global $DIC;
565 
566  $rbacsystem = $DIC['rbacsystem'];
567  $rbacreview = $DIC['rbacreview'];
568  $ilSetting = $DIC['ilSetting'];
569  $ilErr = $DIC['ilErr'];
570  $ilToolbar = $DIC['ilToolbar'];
571 
572  if (!$this->checkAccess('write', 'edit_permission')) {
573  $ilErr->raiseError($this->lng->txt("msg_no_perm_write"), $ilErr->MESSAGE);
574  }
575 
576  // Show copy role button
577  if ($this->object->getId() != SYSTEM_ROLE_ID) {
578  $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
579  if ($rbacreview->isDeleteable($this->object->getId(), $this->obj_ref_id)) {
580  $ilToolbar->addButton(
581  $this->lng->txt('rbac_delete_role'),
582  $this->ctrl->getLinkTarget($this, 'confirmDeleteRole')
583  );
584  }
585  }
586 
587  $this->initFormRoleProperties(self::MODE_GLOBAL_UPDATE);
588  $this->readRoleProperties($this->object);
589  $this->tpl->setContent($this->form->getHTML());
590  }
$DIC
global $DIC
Definition: saml.php:7
ilObjRoleGUI\initFormRoleProperties
initFormRoleProperties($a_mode)
Create role prperty form.
Definition: class.ilObjRoleGUI.php:395
ilObjRoleGUI\readRoleProperties
readRoleProperties(ilObjRole $role)
Read role properties and write them to form.
Definition: class.ilObjRoleGUI.php:512
ilObjRoleGUI\checkAccess
checkAccess($a_perm_global, $a_perm_obj='')
Definition: class.ilObjRoleGUI.php:1504
$ilSetting
global $ilSetting
Definition: privfeed.php:17
+ Here is the call graph for this function:

◆ ensureRoleAccessForContext()

ilObjRoleGUI::ensureRoleAccessForContext ( )
protected

Definition at line 1713 of file class.ilObjRoleGUI.php.

References $DIC, and $obj_ref_id.

Referenced by executeCommand().

1714  {
1715  global $DIC;
1716 
1717  $review = $DIC->rbac()->review();
1718  $logger = $DIC->logger()->ac();
1719 
1720  // creation of roles
1721  if (
1722  !$this->object->getId() ||
1723  $this->object->getId() == ROLE_FOLDER_ID
1724  ) {
1725  return true;
1726  }
1727 
1728 
1729  $possible_roles = [];
1730  try {
1731  $possible_roles = $review->getRolesOfObject(
1732  $this->obj_ref_id,
1733  false
1734  );
1735  } catch (\InvalidArgumentException $e) {
1736  $logger->warning('Role access check failed: ' . $e);
1737 
1738  include_once "Services/Object/exceptions/class.ilObjectException.php";
1739  throw new \ilObjectException($this->lng->txt('permission_denied'));
1740  }
1741 
1742  if (!in_array($this->object->getId(), $possible_roles)) {
1743  $logger->warning('Object id: ' . $this->object->getId() . ' is not accessible for ref_id: ' . $this->obj_ref_id);
1744  include_once "Services/Object/exceptions/class.ilObjectException.php";
1745  throw new \ilObjectException($this->lng->txt('permission_denied'));
1746  }
1747  return true;
1748  }
$DIC
global $DIC
Definition: saml.php:7
+ Here is the caller graph for this function:

◆ executeCommand()

ilObjRoleGUI::executeCommand ( )

Definition at line 79 of file class.ilObjRoleGUI.php.

References $DIC, $GLOBALS, $obj_ref_id, $ret, ilExportOptions\allocateExportId(), checkAccess(), ensureRoleAccessForContext(), ilExportOptions\KEY_ROOT, ilExportOptions\newInstance(), ilObjectGUI\prepareOutput(), and showDefaultPermissionSettings().

80  {
81  global $DIC;
82 
83  $rbacsystem = $DIC['rbacsystem'];
84 
85  $this->prepareOutput();
86 
87  $next_class = $this->ctrl->getNextClass($this);
88  $cmd = $this->ctrl->getCmd();
89 
90  $this->ensureRoleAccessForContext();
91 
92  switch ($next_class) {
93  case 'ilrepositorysearchgui':
94 
95  if (!$GLOBALS['DIC']['ilAccess']->checkAccess('edit_permission', '', $this->obj_ref_id)) {
96  $GLOBALS['DIC']['ilErr']->raiseError($GLOBALS['DIC']['lng']->txt('permission_denied'), $GLOBALS['DIC']['ilErr']->WARNING);
97  }
98  include_once('./Services/Search/classes/class.ilRepositorySearchGUI.php');
99  $rep_search = new ilRepositorySearchGUI();
100  $rep_search->setTitle($this->lng->txt('role_add_user'));
101  $rep_search->setCallback($this, 'addUserObject');
102 
103  // Set tabs
104  $this->tabs_gui->setTabActive('user_assignment');
105  $this->ctrl->setReturn($this, 'userassignment');
106  $ret = &$this->ctrl->forwardCommand($rep_search);
107  break;
108 
109  case 'ilexportgui':
110 
111  $this->tabs_gui->setTabActive('export');
112 
113  include_once './Services/Export/classes/class.ilExportOptions.php';
114  $eo = ilExportOptions::newInstance(ilExportOptions::allocateExportId());
115  $eo->addOption(ilExportOptions::KEY_ROOT, 0, $this->object->getId(), $this->obj_ref_id);
116 
117  include_once './Services/Export/classes/class.ilExportGUI.php';
118  $exp = new ilExportGUI($this, new ilObjRole($this->object->getId()));
119  $exp->addFormat('xml');
120  $this->ctrl->forwardCommand($exp);
121  break;
122 
123  default:
124  if (!$cmd) {
125  if ($this->showDefaultPermissionSettings()) {
126  $cmd = "perm";
127  } else {
128  $cmd = 'userassignment';
129  }
130  }
131  $cmd .= "Object";
132  $this->$cmd();
133 
134  break;
135  }
136 
137  return true;
138  }
ilObjRole
Class ilObjRole.
Definition: class.ilObjRole.php:16
$DIC
global $DIC
Definition: saml.php:7
ilExportGUI
Export User Interface Class.
Definition: class.ilExportGUI.php:14
ilExportOptions\newInstance
static newInstance($a_export_id)
Create new instance.
Definition: class.ilExportOptions.php:56
ilObjectGUI\prepareOutput
prepareOutput($a_show_subobjects=true)
prepare output
Definition: class.ilObjectGUI.php:296
ilObjRoleGUI\showDefaultPermissionSettings
showDefaultPermissionSettings()
check if default permissions are shown or not
Definition: class.ilObjRoleGUI.php:202
ilObjRoleGUI\checkAccess
checkAccess($a_perm_global, $a_perm_obj='')
Definition: class.ilObjRoleGUI.php:1504
$ret
$ret
Definition: parser.php:6
ilExportOptions\allocateExportId
static allocateExportId()
Allocate a new export id.
Definition: class.ilExportOptions.php:65
$GLOBALS
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
Definition: module.tag.xmp.php:702
+ Here is the call graph for this function:

◆ getAdminTabs()

ilObjRoleGUI::getAdminTabs ( )

admin and normal tabs are equal for roles

Definition at line 184 of file class.ilObjRoleGUI.php.

References getTabs().

185  {
186  $this->getTabs();
187  }
+ Here is the call graph for this function:

◆ getBackTarget()

ilObjRoleGUI::getBackTarget ( )

Definition at line 176 of file class.ilObjRoleGUI.php.

177  {
178  return $this->back_target ? $this->back_target : array();
179  }

◆ getContainerType()

ilObjRoleGUI::getContainerType ( )
protected

Get type of role container.

Returns

Definition at line 193 of file class.ilObjRoleGUI.php.

References $container_type.

Referenced by showDefaultPermissionSettings().

194  {
195  return $this->container_type;
196  }
+ Here is the caller graph for this function:

◆ getParentObjId()

ilObjRoleGUI::getParentObjId ( )

Get obj_id of current object.

Returns

Definition at line 153 of file class.ilObjRoleGUI.php.

References $obj_obj_id.

Referenced by __construct().

154  {
155  return $this->obj_obj_id;
156  }
+ Here is the caller graph for this function:

◆ getParentRefId()

ilObjRoleGUI::getParentRefId ( )

Get ref id of current object (not role folder id)

Returns

Definition at line 144 of file class.ilObjRoleGUI.php.

References $obj_ref_id.

Referenced by __construct(), and permObject().

145  {
146  return $this->obj_ref_id;
147  }
+ Here is the caller graph for this function:

◆ getParentType()

ilObjRoleGUI::getParentType ( )

get type of current object (not role folder)

Returns

Definition at line 162 of file class.ilObjRoleGUI.php.

References $obj_obj_type.

Referenced by permObject(), and permSaveObject().

163  {
164  return $this->obj_obj_type;
165  }
+ Here is the caller graph for this function:

◆ getTabs()

ilObjRoleGUI::getTabs ( )

Definition at line 1401 of file class.ilObjRoleGUI.php.

References $_GET, $DIC, ilObjectGUI\$rbacreview, checkAccess(), and showDefaultPermissionSettings().

Referenced by __setHeader(), and getAdminTabs().

1402  {
1403  global $DIC;
1404 
1405  $rbacreview = $DIC['rbacreview'];
1406  $ilHelp = $DIC['ilHelp'];
1407 
1408  $base_role_container = $rbacreview->getFoldersAssignedToRole($this->object->getId(), true);
1409 
1410 
1411  $activate_role_edit = false;
1412 
1413  // todo: activate the following (allow editing of local roles in
1414  // roles administration)
1415  if (in_array($this->obj_ref_id, $base_role_container) ||
1416  (strtolower($_GET["baseClass"]) == "iladministrationgui" &&
1417  $_GET["admin_mode"] == "settings")) {
1418  $activate_role_edit = true;
1419  }
1420 
1421  // not so nice (workaround for using tabs in repository)
1422  $this->tabs_gui->clearTargets();
1423 
1424  $ilHelp->setScreenIdComponent("role");
1425 
1426  if ($this->back_target != "") {
1427  $this->tabs_gui->setBackTarget(
1428  $this->back_target["text"],
1429  $this->back_target["link"]
1430  );
1431  } else {
1432  $this->tabs_gui->setBackTarget($this->lng->txt('btn_back'), $this->ctrl->getParentReturn($this));
1433  }
1434 
1435  if ($this->checkAccess('write', 'edit_permission') && $activate_role_edit) {
1436  $this->tabs_gui->addTarget(
1437  "edit_properties",
1438  $this->ctrl->getLinkTarget($this, "edit"),
1439  array("edit","update"),
1440  get_class($this)
1441  );
1442  }
1443  /*
1444  if($this->checkAccess('write','edit_permission') and $this->showDefaultPermissionSettings())
1445  {
1446  $force_active = ($_GET["cmd"] == "perm" || $_GET["cmd"] == "")
1447  ? true
1448  : false;
1449  $this->tabs_gui->addTarget("default_perm_settings",
1450  $this->ctrl->getLinkTarget($this, "perm"), array("perm", "adoptPermSave", "permSave"),
1451  get_class($this),
1452  "", $force_active);
1453  }
1454  */
1455  if ($this->checkAccess('write', 'edit_permission') and $this->showDefaultPermissionSettings()) {
1456  $this->tabs_gui->addTarget(
1457  "default_perm_settings",
1458  $this->ctrl->getLinkTarget($this, "perm"),
1459  array(),
1460  get_class($this)
1461  );
1462  }
1463 
1464  if ($this->checkAccess('write', 'edit_permission') && $activate_role_edit && $this->object->getId() != ANONYMOUS_ROLE_ID) {
1465  $this->tabs_gui->addTarget(
1466  "user_assignment",
1467  $this->ctrl->getLinkTarget($this, "userassignment"),
1468  array("deassignUser", "userassignment", "assignUser", "searchUserForm", "search"),
1469  get_class($this)
1470  );
1471  }
1472 
1473  if ($this->checkAccess('write', 'edit_permission') && $activate_role_edit && $this->object->getId() != ANONYMOUS_ROLE_ID) {
1474  $this->tabs_gui->addTarget(
1475  "desktop_items",
1476  $this->ctrl->getLinkTarget($this, "listDesktopItems"),
1477  array("listDesktopItems", "deleteDesktopItems", "selectDesktopItem", "askDeleteDesktopItem"),
1478  get_class($this)
1479  );
1480  }
1481  if ($this->checkAccess('write', 'edit_permission')) {
1482  $this->tabs_gui->addTarget(
1483  'export',
1484  $this->ctrl->getLinkTargetByClass('ilExportGUI'),
1485  array()
1486  );
1487  }
1488  }
$DIC
global $DIC
Definition: saml.php:7
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
ilObjRoleGUI\showDefaultPermissionSettings
showDefaultPermissionSettings()
check if default permissions are shown or not
Definition: class.ilObjRoleGUI.php:202
ilObjRoleGUI\checkAccess
checkAccess($a_perm_global, $a_perm_obj='')
Definition: class.ilObjRoleGUI.php:1504
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ initFormRoleProperties()

ilObjRoleGUI::initFormRoleProperties (   $a_mode)
protected

Create role prperty form.

Returns
Parameters
int$a_mode

Definition at line 395 of file class.ilObjRoleGUI.php.

References $title, ilDiskQuotaActivationChecker\_isActive(), ilDiskQuotaActivationChecker\_isPersonalWorkspaceActive(), ilObjRole\isAutoGenerated(), ilFormPropertyGUI\setDisabled(), ilNumberInputGUI\setMinValue(), and ilCheckboxInputGUI\setValue().

Referenced by createObject(), editObject(), saveObject(), and updateObject().

396  {
397  include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
398  $this->form = new ilPropertyFormGUI();
399 
400  if ($this->creation_mode) {
401  $this->ctrl->setParameter($this, "new_type", 'role');
402  }
403  $this->form->setFormAction($this->ctrl->getFormAction($this));
404 
405  switch ($a_mode) {
406  case self::MODE_GLOBAL_CREATE:
407  $this->form->setTitle($this->lng->txt('role_new'));
408  $this->form->addCommandButton('save', $this->lng->txt('role_new'));
409  break;
410 
411  case self::MODE_GLOBAL_UPDATE:
412  $this->form->setTitle($this->lng->txt('role_edit'));
413  $this->form->addCommandButton('update', $this->lng->txt('save'));
414  break;
415 
416  case self::MODE_LOCAL_CREATE:
417  case self::MODE_LOCAL_UPDATE:
418  }
419  // Fix cancel
420  $this->form->addCommandButton('cancel', $this->lng->txt('cancel'));
421 
422  $title = new ilTextInputGUI($this->lng->txt('title'), 'title');
423  if (ilObjRole::isAutoGenerated($this->object->getId())) {
424  $title->setDisabled(true);
425  } else {
426  //#17111 No validation for disabled fields
427  $title->setValidationRegexp('/^(?!il_).*$/');
428  $title->setValidationFailureMessage($this->lng->txt('msg_role_reserved_prefix'));
429  }
430 
431  $title->setSize(40);
432  $title->setMaxLength(70);
433  $title->setRequired(true);
434  $this->form->addItem($title);
435 
436  $desc = new ilTextAreaInputGUI($this->lng->txt('description'), 'desc');
437  if (ilObjRole::isAutoGenerated($this->object->getId())) {
438  $desc->setDisabled(true);
439  }
440  $desc->setCols(40);
441  $desc->setRows(3);
442  $this->form->addItem($desc);
443 
444  if ($a_mode != self::MODE_LOCAL_CREATE && $a_mode != self::MODE_GLOBAL_CREATE) {
445  $ilias_id = new ilNonEditableValueGUI($this->lng->txt("ilias_id"), "ilias_id");
446  $this->form->addItem($ilias_id);
447  }
448 
449  if ($this->obj_ref_id == ROLE_FOLDER_ID) {
450  $reg = new ilCheckboxInputGUI($this->lng->txt('allow_register'), 'reg');
451  $reg->setValue(1);
452  #$reg->setInfo($this->lng->txt('rbac_new_acc_reg_info'));
453  $this->form->addItem($reg);
454 
455  $la = new ilCheckboxInputGUI($this->lng->txt('allow_assign_users'), 'la');
456  $la->setValue(1);
457  #$la->setInfo($this->lng->txt('rbac_local_admin_info'));
458  $this->form->addItem($la);
459  }
460 
461  $pro = new ilCheckboxInputGUI($this->lng->txt('role_protect_permissions'), 'pro');
462  $pro->setValue(1);
463  #$pro->setInfo($this->lng->txt('role_protext_permission_info'));
464  $this->form->addItem($pro);
465 
466  include_once 'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
467  if (ilDiskQuotaActivationChecker::_isActive()) {
468  $quo = new ilNumberInputGUI($this->lng->txt('disk_quota'), 'disk_quota');
469  $quo->setMinValue(0);
470  $quo->setSize(4);
471  $quo->setInfo($this->lng->txt('enter_in_mb_desc') . '<br />' . $this->lng->txt('disk_quota_on_role_desc'));
472  $this->form->addItem($quo);
473  }
474  if (ilDiskQuotaActivationChecker::_isPersonalWorkspaceActive()) {
475  $this->lng->loadLanguageModule("file");
476  $wquo = new ilNumberInputGUI($this->lng->txt('personal_workspace_disk_quota'), 'wsp_disk_quota');
477  $wquo->setMinValue(0);
478  $wquo->setSize(4);
479  $wquo->setInfo($this->lng->txt('enter_in_mb_desc') . '<br />' . $this->lng->txt('disk_quota_on_role_desc'));
480  $this->form->addItem($wquo);
481  }
482 
483  return true;
484  }
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:33
ilObjRole\isAutoGenerated
static isAutoGenerated($a_role_id)
Definition: class.ilObjRole.php:695
ilNumberInputGUI\setMinValue
setMinValue($a_minvalue, $a_display_always=false)
Set Minimum Value.
Definition: class.ilNumberInputGUI.php:195
ilNumberInputGUI
This class represents a number property in a property form.
Definition: class.ilNumberInputGUI.php:14
ilCheckboxInputGUI\setValue
setValue($a_value)
Set Value.
Definition: class.ilCheckboxInputGUI.php:65
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:16
ilNonEditableValueGUI
This class represents a non editable value in a property form.
Definition: class.ilNonEditableValueGUI.php:13
ilTextAreaInputGUI
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:34
ilFormPropertyGUI\setDisabled
setDisabled($a_disabled)
Set Disabled.
Definition: class.ilFormPropertyGUI.php:205
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isChangeExistingObjectsConfirmationRequired()

ilObjRoleGUI::isChangeExistingObjectsConfirmationRequired ( )
protected

Check if a confirmation about further settings is required or not.

Returns
bool

Definition at line 1524 of file class.ilObjRoleGUI.php.

References $_POST, $DIC, and ilObjectGUI\$rbacreview.

Referenced by permSaveObject().

1525  {
1526  global $DIC;
1527 
1528  $rbacreview = $DIC['rbacreview'];
1529 
1530  if (!(int) $_POST['recursive'] and !is_array($_POST['recursive_list'])) {
1531  return false;
1532  }
1533 
1534  // Role is protected
1535  if ($rbacreview->isProtected($this->obj_ref_id, $this->object->getId())) {
1536  // TODO: check if recursive_list is enabled
1537  // and if yes: check if inheritance is broken for the relevant object types
1538  return count($rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
1539  } else {
1540  // TODO: check if recursive_list is enabled
1541  // and if yes: check if inheritance is broken for the relevant object types
1542  return count($rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
1543  }
1544  }
$DIC
global $DIC
Definition: saml.php:7
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
+ Here is the caller graph for this function:

◆ listDesktopItemsObject()

ilObjRoleGUI::listDesktopItemsObject ( )

Definition at line 212 of file class.ilObjRoleGUI.php.

References $DIC, $obj_ref_id, ilObjectGUI\$rbacreview, $tbl, ilObjectGUI\__showButton(), ilUtil\sendInfo(), and USER_FOLDER_ID.

Referenced by askDeleteDesktopItemObject(), deleteDesktopItemsObject(), and selectDesktopItemObject().

213  {
214  global $DIC;
215 
216  $rbacsystem = $DIC['rbacsystem'];
217  $rbacreview = $DIC['rbacreview'];
218 
219  if (!$rbacreview->isAssignable($this->object->getId(), $this->obj_ref_id) &&
220  $this->obj_ref_id != ROLE_FOLDER_ID) {
221  ilUtil::sendInfo($this->lng->txt('role_no_users_no_desk_items'));
222  return true;
223  }
224 
225  if ($rbacsystem->checkAccess('push_desktop_items', USER_FOLDER_ID)) {
226  $this->__showButton('selectDesktopItem', $this->lng->txt('role_desk_add'));
227  }
228 
229  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItemsTableGUI.php';
230  $tbl = new ilRoleDesktopItemsTableGUI($this, 'listDesktopItems', $this->object);
231  $this->tpl->setContent($tbl->getHTML());
232 
233  return true;
234  }
$DIC
global $DIC
Definition: saml.php:7
$tbl
$tbl
Definition: example_048.php:81
ilObjectGUI\__showButton
__showButton($a_cmd, $a_text, $a_target='')
Definition: class.ilObjectGUI.php:1678
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4481
USER_FOLDER_ID
const USER_FOLDER_ID
Class ilObjUserFolder.
Definition: class.ilObjUserFolder.php:16
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ listUsersRoleObject()

ilObjRoleGUI::listUsersRoleObject ( )

Definition at line 1286 of file class.ilObjRoleGUI.php.

References $_POST, $_SESSION, $DIC, ilObjectGUI\$rbacreview, ilObjectGUI\$user, ilObjectGUI\__showButton(), ilUtil\formCheckbox(), ilObjectFactory\getInstanceByObjId(), and ilUtil\sendFailure().

1287  {
1288  global $DIC;
1289 
1290  $rbacsystem = $DIC['rbacsystem'];
1291  $rbacreview = $DIC['rbacreview'];
1292 
1293  $_SESSION["role_role"] = $_POST["role"] = $_POST["role"] ? $_POST["role"] : $_SESSION["role_role"];
1294 
1295  if (!is_array($_POST["role"])) {
1296  ilUtil::sendFailure($this->lng->txt("role_no_roles_selected"));
1297  $this->searchObject();
1298 
1299  return false;
1300  }
1301 
1302  $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_usr_selection.html", "Services/AccessControl");
1303  $this->__showButton("searchUserForm", $this->lng->txt("role_new_search"));
1304 
1305  // GET ALL MEMBERS
1306  $members = array();
1307 
1308  foreach ($_POST["role"] as $role_id) {
1309  $members = array_merge($rbacreview->assignedUsers($role_id), $members);
1310  }
1311 
1312  $members = array_unique($members);
1313 
1314  // FORMAT USER DATA
1315  $counter = 0;
1316  $f_result = array();
1317 
1318  foreach ($members as $user) {
1319  if (!$tmp_obj = ilObjectFactory::getInstanceByObjId($user, false)) {
1320  continue;
1321  }
1322 
1323  $user_ids[$counter] = $user;
1324 
1325  // TODO: exclude anonymous user
1326  $f_result[$counter][] = ilUtil::formCheckbox(0, "user[]", $user);
1327  $f_result[$counter][] = $tmp_obj->getLogin();
1328  $f_result[$counter][] = $tmp_obj->getFirstname();
1329  $f_result[$counter][] = $tmp_obj->getLastname();
1330 
1331  unset($tmp_obj);
1332  ++$counter;
1333  }
1334 
1335  $this->__showSearchUserTable($f_result, $user_ids, "listUsersRole");
1336 
1337  return true;
1338  }
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
$DIC
global $DIC
Definition: saml.php:7
ilObjectGUI\__showButton
__showButton($a_cmd, $a_text, $a_target='')
Definition: class.ilObjectGUI.php:1678
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:77
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4497
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
ilUtil\formCheckbox
static formCheckbox($checked, $varname, $value, $disabled=false)
??? public
Definition: class.ilUtil.php:432
+ Here is the call graph for this function:

◆ loadRoleProperties()

ilObjRoleGUI::loadRoleProperties ( ilObjRole  $role)
protected

Store form input in role object.

Returns
Parameters
object$role

Definition at line 491 of file class.ilObjRoleGUI.php.

References ilUtil\MB2Bytes(), ilObjRole\setAllowRegister(), ilObject\setDescription(), ilObjRole\setDiskQuota(), ilObjRole\setPersonalWorkspaceDiskQuota(), ilObject\setTitle(), and ilObjRole\toggleAssignUsersStatus().

Referenced by saveObject(), and updateObject().

492  {
493  //Don't set if fields are disabled to prevent html manipulation.
494  if (!$this->form->getItemByPostVar('title')->getDisabled()) {
495  $role->setTitle($this->form->getInput('title'));
496  }
497  if (!$this->form->getItemByPostVar('desc')->getDisabled()) {
498  $role->setDescription($this->form->getInput('desc'));
499  }
500  $role->setAllowRegister($this->form->getInput('reg'));
501  $role->toggleAssignUsersStatus($this->form->getInput('la'));
502  $role->setDiskQuota(ilUtil::MB2Bytes($this->form->getInput('disk_quota')));
503  $role->setPersonalWorkspaceDiskQuota(ilUtil::MB2Bytes($this->form->getInput('wsp_disk_quota')));
504  return true;
505  }
ilUtil\MB2Bytes
static MB2Bytes($a_value)
Definition: class.ilUtil.php:5001
ilObjRole\toggleAssignUsersStatus
toggleAssignUsersStatus($a_assign_users)
Definition: class.ilObjRole.php:145
ilObjRole\setAllowRegister
setAllowRegister($a_allow_register)
set allow_register of role
Definition: class.ilObjRole.php:268
ilObject\setTitle
setTitle($a_title)
set object title
Definition: class.ilObject.php:418
ilObjRole\setPersonalWorkspaceDiskQuota
setPersonalWorkspaceDiskQuota($a_disk_quota)
Sets the minimal personal workspace disk quota imposed by this role.
Definition: class.ilObjRole.php:324
ilObject\setDescription
setDescription($a_desc)
set object description
Definition: class.ilObject.php:443
ilObjRole\setDiskQuota
setDiskQuota($a_disk_quota)
Sets the minimal disk quota imposed by this role.
Definition: class.ilObjRole.php:296
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ mailToRoleObject()

ilObjRoleGUI::mailToRoleObject ( )

Definition at line 1490 of file class.ilObjRoleGUI.php.

References $_SESSION, ilObject\_getIdsForTitle(), ilMailFormCall\getRedirectTarget(), and ilUtil\redirect().

1491  {
1492  $obj_ids = ilObject::_getIdsForTitle($this->object->getTitle(), $this->object->getType());
1493  if (count($obj_ids) > 1) {
1494  $_SESSION['mail_roles'][] = '#il_role_' . $this->object->getId();
1495  } else {
1496  $_SESSION['mail_roles'][] = (new \ilRoleMailboxAddress($this->object->getId()))->value();
1497  }
1498 
1499  require_once 'Services/Mail/classes/class.ilMailFormCall.php';
1500  $script = ilMailFormCall::getRedirectTarget($this, 'userassignment', array(), array('type' => 'role'));
1501  ilUtil::redirect($script);
1502  }
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
ilMailFormCall\getRedirectTarget
static getRedirectTarget($gui, $cmd, array $gui_params=array(), array $mail_params=array(), array $context_params=array())
Definition: class.ilMailFormCall.php:60
ilObject\_getIdsForTitle
static _getIdsForTitle($title, $type='', $partialmatch=false)
Definition: class.ilObject.php:1030
ilUtil\redirect
static redirect($a_script)
Definition: class.ilUtil.php:3318
+ Here is the call graph for this function:

◆ performDeleteRoleObject()

ilObjRoleGUI::performDeleteRoleObject ( )
protected

Delete role.

Returns

Definition at line 873 of file class.ilObjRoleGUI.php.

References ilObjectGUI\$access, $DIC, ilObjectGUI\$ilErr, and checkAccess().

874  {
875  global $DIC;
876 
877  $ilErr = $DIC['ilErr'];
878 
879  $access = $this->checkAccess('visible,write', 'edit_permission');
880  if (!$access) {
881  $ilErr->raiseError($this->lng->txt('msg_no_perm_perm'), $ilErr->WARNING);
882  }
883 
884  $this->object->setParent((int) $this->obj_ref_id);
885  $this->object->delete();
886  ilUtil::sendSuccess($this->lng->txt('msg_deleted_role'), true);
887 
888  $this->ctrl->returnToParent($this);
889  }
$DIC
global $DIC
Definition: saml.php:7
ilObjRoleGUI\checkAccess
checkAccess($a_perm_global, $a_perm_obj='')
Definition: class.ilObjRoleGUI.php:1504
+ Here is the call graph for this function:

◆ permObject()

ilObjRoleGUI::permObject (   $a_show_admin_permissions = false)
protected

Show template permissions.

Returns
void

Definition at line 670 of file class.ilObjRoleGUI.php.

References $def, $DIC, ilObjectGUI\$ilErr, $obj_ref_id, ilObjectGUI\$objDefinition, PHPMailer\PHPMailer\$options, ilObjectGUI\$rbacreview, $tbl, checkAccess(), ilAccordionGUI\FORCE_ALL_OPEN, getParentRefId(), getParentType(), and setSubTabs().

Referenced by adminPermObject().

671  {
672  global $DIC;
673 
674  $ilTabs = $DIC['ilTabs'];
675  $ilErr = $DIC['ilErr'];
676  $ilToolbar = $DIC['ilToolbar'];
677  $objDefinition = $DIC['objDefinition'];
678  $rbacreview = $DIC['rbacreview'];
679 
680  $ilTabs->setTabActive('default_perm_settings');
681 
682  $this->setSubTabs('default_perm_settings');
683 
684  if ($a_show_admin_permissions) {
685  $ilTabs->setSubTabActive('rbac_admin_permissions');
686  } else {
687  $ilTabs->setSubTabActive('rbac_repository_permissions');
688  }
689 
690  if (!$this->checkAccess('write', 'edit_permission')) {
691  $ilErr->raiseError($this->lng->txt('msg_no_perm_perm'), $ilErr->MESSAGE);
692  return true;
693  }
694 
695  // Show copy role button
696  if ($this->object->getId() != SYSTEM_ROLE_ID) {
697  $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
698  $ilToolbar->addButton(
699  $this->lng->txt("adopt_perm_from_template"),
700  $this->ctrl->getLinkTarget($this, 'adoptPerm')
701  );
702  if ($rbacreview->isDeleteable($this->object->getId(), $this->obj_ref_id)) {
703  $ilToolbar->addButton(
704  $this->lng->txt('rbac_delete_role'),
705  $this->ctrl->getLinkTarget($this, 'confirmDeleteRole')
706  );
707  }
708  }
709 
710  $this->tpl->addBlockFile(
711  'ADM_CONTENT',
712  'adm_content',
713  'tpl.rbac_template_permissions.html',
714  'Services/AccessControl'
715  );
716 
717  $this->tpl->setVariable('PERM_ACTION', $this->ctrl->getFormAction($this));
718 
719  include_once './Services/Accordion/classes/class.ilAccordionGUI.php';
720  $acc = new ilAccordionGUI();
721  $acc->setBehaviour(ilAccordionGUI::FORCE_ALL_OPEN);
722  $acc->setId('template_perm_' . $this->getParentRefId());
723 
724  if ($this->obj_ref_id == ROLE_FOLDER_ID) {
725  if ($a_show_admin_permissions) {
726  $subs = ilObjRole::getSubObjects('adm', true);
727  } else {
728  $subs = ilObjRole::getSubObjects('root', false);
729  }
730  } else {
731  $subs = ilObjRole::getSubObjects($this->getParentType(), $a_show_admin_permissions);
732  }
733 
734  foreach ($subs as $subtype => $def) {
735  include_once 'Services/AccessControl/classes/class.ilObjectRoleTemplatePermissionTableGUI.php';
736  $tbl = new ilObjectRoleTemplatePermissionTableGUI(
737  $this,
738  'perm',
739  $this->getParentRefId(),
740  $this->object->getId(),
741  $subtype,
742  $a_show_admin_permissions
743  );
744  $tbl->parse();
745 
746  $acc->addItem($def['translation'], $tbl->getHTML());
747  }
748 
749  $this->tpl->setVariable('ACCORDION', $acc->getHTML());
750 
751  // Add options table
752  include_once './Services/AccessControl/classes/class.ilObjectRoleTemplateOptionsTableGUI.php';
753  $options = new ilObjectRoleTemplateOptionsTableGUI(
754  $this,
755  'perm',
756  $this->obj_ref_id,
757  $this->object->getId(),
758  $a_show_admin_permissions
759  );
760  if ($this->object->getId() != SYSTEM_ROLE_ID) {
761  $options->addMultiCommand(
762  $a_show_admin_permissions ? 'adminPermSave' : 'permSave',
763  $this->lng->txt('save')
764  );
765  }
766 
767  $options->parse();
768  $this->tpl->setVariable('OPTIONS_TABLE', $options->getHTML());
769  }
ilObjRoleGUI\setSubTabs
setSubTabs($a_tab)
Set sub tabs.
Definition: class.ilObjRoleGUI.php:1634
$DIC
global $DIC
Definition: saml.php:7
$tbl
$tbl
Definition: example_048.php:81
ilObjRoleGUI\getParentType
getParentType()
get type of current object (not role folder)
Definition: class.ilObjRoleGUI.php:162
ilObjRoleGUI\checkAccess
checkAccess($a_perm_global, $a_perm_obj='')
Definition: class.ilObjRoleGUI.php:1504
ilObjRoleGUI\getParentRefId
getParentRefId()
Get ref id of current object (not role folder id)
Definition: class.ilObjRoleGUI.php:144
$def
$def
Definition: croninfo.php:21
ilAccordionGUI
Accordion user interface class.
Definition: class.ilAccordionGUI.php:11
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ permSaveObject()

ilObjRoleGUI::permSaveObject (   $a_show_admin_permissions = false)

save permissions

public

Definition at line 896 of file class.ilObjRoleGUI.php.

References $_POST, ilObjectGUI\$access, $def, $DIC, $key, $obj_ref_id, ilObjectGUI\$objDefinition, ilObjectGUI\$rbacreview, $start, ilObjectGUI\$tree, ilRbacLog\add(), checkAccess(), ilRbacLog\diffTemplate(), ilRbacLog\EDIT_TEMPLATE, ilRbacLog\gatherTemplate(), getParentType(), ilRbacLog\isActive(), isChangeExistingObjectsConfirmationRequired(), ilObjRole\MODE_PROTECTED_KEEP_LOCAL_POLICIES, ilObjRole\MODE_UNPROTECTED_KEEP_LOCAL_POLICIES, showChangeExistingObjectsConfirmation(), and ilUtil\tf2yn().

Referenced by adminPermSaveObject().

897  {
898  global $DIC;
899 
900  $rbacsystem = $DIC['rbacsystem'];
901  $rbacadmin = $DIC['rbacadmin'];
902  $rbacreview = $DIC['rbacreview'];
903  $objDefinition = $DIC['objDefinition'];
904  $tree = $DIC['tree'];
905 
906  // for role administration check write of global role folder
907  $access = $this->checkAccess('visible,write', 'edit_permission');
908 
909  if (!$access) {
910  $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"), $this->ilias->error_obj->MESSAGE);
911  }
912 
913  // rbac log
914  include_once "Services/AccessControl/classes/class.ilRbacLog.php";
915  $rbac_log_active = ilRbacLog::isActive();
916  if ($rbac_log_active) {
917  $rbac_log_old = ilRbacLog::gatherTemplate($this->obj_ref_id, $this->object->getId());
918  }
919 
920  // delete all template entries of enabled types
921  if ($this->obj_ref_id == ROLE_FOLDER_ID) {
922  if ($a_show_admin_permissions) {
923  $subs = ilObjRole::getSubObjects('adm', true);
924  } else {
925  $subs = ilObjRole::getSubObjects('root', false);
926  }
927  } else {
928  $subs = ilObjRole::getSubObjects($this->getParentType(), $a_show_admin_permissions);
929  }
930 
931  foreach ($subs as $subtype => $def) {
932  // Delete per object type
933  $rbacadmin->deleteRolePermission($this->object->getId(), $this->obj_ref_id, $subtype);
934  }
935 
936  if (empty($_POST["template_perm"])) {
937  $_POST["template_perm"] = array();
938  }
939 
940  foreach ($_POST["template_perm"] as $key => $ops_array) {
941  // sets new template permissions
942  $rbacadmin->setRolePermission($this->object->getId(), $key, $ops_array, $this->obj_ref_id);
943  }
944 
945  if ($rbac_log_active) {
946  $rbac_log_new = ilRbacLog::gatherTemplate($this->obj_ref_id, $this->object->getId());
947  $rbac_log_diff = ilRbacLog::diffTemplate($rbac_log_old, $rbac_log_new);
948  ilRbacLog::add(ilRbacLog::EDIT_TEMPLATE, $this->obj_ref_id, $rbac_log_diff);
949  }
950 
951  // update object data entry (to update last modification date)
952  $this->object->update();
953 
954  // set protected flag
955  if ($this->obj_ref_id == ROLE_FOLDER_ID or $rbacreview->isAssignable($this->object->getId(), $this->obj_ref_id)) {
956  $rbacadmin->setProtected($this->obj_ref_id, $this->object->getId(), ilUtil::tf2yn($_POST['protected']));
957  }
958 
959  if ($a_show_admin_permissions) {
960  $_POST['recursive'] = true;
961  }
962 
963  // Redirect if Change existing objects is not chosen
964  if (!$_POST['recursive'] and !is_array($_POST['recursive_list'])) {
965  ilUtil::sendSuccess($this->lng->txt("saved_successfully"), true);
966  if ($a_show_admin_permissions) {
967  $this->ctrl->redirect($this, 'adminPerm');
968  } else {
969  $this->ctrl->redirect($this, 'perm');
970  }
971  }
972  // New implementation
973  if ($this->isChangeExistingObjectsConfirmationRequired() and !$a_show_admin_permissions) {
974  $this->showChangeExistingObjectsConfirmation();
975  return true;
976  }
977 
978  $start = ($this->obj_ref_id == ROLE_FOLDER_ID ? ROOT_FOLDER_ID : $this->obj_ref_id);
979  if ($a_show_admin_permissions) {
980  $start = $tree->getParentId($this->obj_ref_id);
981  }
982 
983  if ($_POST['protected']) {
984  $this->object->changeExistingObjects(
985  $start,
986  ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES,
987  array('all'),
988  array()
989  #$a_show_admin_permissions ? array('adm') : array()
990  );
991  } else {
992  $this->object->changeExistingObjects(
993  $start,
994  ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES,
995  array('all'),
996  array()
997  #$a_show_admin_permissions ? array('adm') : array()
998  );
999  }
1000  ilUtil::sendSuccess($this->lng->txt("saved_successfully"), true);
1001 
1002  if ($a_show_admin_permissions) {
1003  $this->ctrl->redirect($this, 'adminPerm');
1004  } else {
1005  $this->ctrl->redirect($this, 'perm');
1006  }
1007  return true;
1008  }
ilUtil\tf2yn
static tf2yn($a_tf)
convert true/false to "y"/"n"
Definition: class.ilUtil.php:2998
$DIC
global $DIC
Definition: saml.php:7
ilRbacLog\isActive
static isActive()
Definition: class.ilRbacLog.php:25
ilObjRole\MODE_PROTECTED_KEEP_LOCAL_POLICIES
const MODE_PROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:19
$start
$start
Definition: bench.php:8
ilObjRoleGUI\isChangeExistingObjectsConfirmationRequired
isChangeExistingObjectsConfirmationRequired()
Check if a confirmation about further settings is required or not.
Definition: class.ilObjRoleGUI.php:1524
ilObjRoleGUI\getParentType
getParentType()
get type of current object (not role folder)
Definition: class.ilObjRoleGUI.php:162
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
ilObjRoleGUI\showChangeExistingObjectsConfirmation
showChangeExistingObjectsConfirmation()
Show confirmation screen.
Definition: class.ilObjRoleGUI.php:1550
ilRbacLog\gatherTemplate
static gatherTemplate($a_role_ref_id, $a_role_id)
Definition: class.ilRbacLog.php:105
ilObjRoleGUI\checkAccess
checkAccess($a_perm_global, $a_perm_obj='')
Definition: class.ilObjRoleGUI.php:1504
ilRbacLog\add
static add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id=false)
Definition: class.ilRbacLog.php:137
ilObjRole\MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:21
ilRbacLog\diffTemplate
static diffTemplate(array $a_old, array $a_new)
Definition: class.ilRbacLog.php:114
$def
$def
Definition: croninfo.php:21
ilRbacLog\EDIT_TEMPLATE
const EDIT_TEMPLATE
Definition: class.ilRbacLog.php:21
$key
$key
Definition: croninfo.php:18
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ readRoleProperties()

ilObjRoleGUI::readRoleProperties ( ilObjRole  $role)
protected

Read role properties and write them to form.

Returns
Parameters
object$role

Definition at line 512 of file class.ilObjRoleGUI.php.

References ilObjectGUI\$data, $DIC, ilObjectGUI\$rbacreview, ilDiskQuotaActivationChecker\_isActive(), ilDiskQuotaActivationChecker\_isPersonalWorkspaceActive(), ilObject\_lookupType(), ilUtil\Bytes2MB(), ilObjRole\getAllowRegister(), ilObjRole\getAssignUsersStatus(), ilObject\getDescription(), ilObjRole\getDiskQuota(), ilObject\getId(), ilObjRole\getPersonalWorkspaceDiskQuota(), and ilObject\getTitle().

Referenced by editObject().

513  {
514  global $DIC;
515 
516  $rbacreview = $DIC['rbacreview'];
517 
518  include_once 'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
519 
520  $data['title'] = $role->getTitle();
521  $data['desc'] = $role->getDescription();
522  $data['ilias_id'] = 'il_' . IL_INST_ID . '_' . ilObject::_lookupType($role->getId()) . '_' . $role->getId();
523  $data['reg'] = $role->getAllowRegister();
524  $data['la'] = $role->getAssignUsersStatus();
525  if (ilDiskQuotaActivationChecker::_isActive()) {
526  $data['disk_quota'] = ilUtil::Bytes2MB($role->getDiskQuota());
527  }
528  if (ilDiskQuotaActivationChecker::_isPersonalWorkspaceActive()) {
529  $data['wsp_disk_quota'] = ilUtil::Bytes2MB($role->getPersonalWorkspaceDiskQuota());
530  }
531  $data['pro'] = $rbacreview->isProtected($this->obj_ref_id, $role->getId());
532 
533  $this->form->setValuesByArray($data);
534  }
ilObjRole\getPersonalWorkspaceDiskQuota
getPersonalWorkspaceDiskQuota()
Gets the minimal personal workspace disk quota imposed by this role.
Definition: class.ilObjRole.php:338
$DIC
global $DIC
Definition: saml.php:7
ilObjRole\getAllowRegister
getAllowRegister()
get allow_register
Definition: class.ilObjRole.php:283
ilObjRole\getDiskQuota
getDiskQuota()
Gets the minimal disk quota imposed by this role.
Definition: class.ilObjRole.php:310
ilObject\getId
getId()
get object id public
Definition: class.ilObject.php:320
ilUtil\Bytes2MB
static Bytes2MB($a_value)
Definition: class.ilUtil.php:5006
ilObject\getTitle
getTitle()
get object title public
Definition: class.ilObject.php:396
ilObject\getDescription
getDescription()
get object description
Definition: class.ilObject.php:432
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1275
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ saveObject()

ilObjRoleGUI::saveObject ( )

Save new role.

Returns

Definition at line 597 of file class.ilObjRoleGUI.php.

References $DIC, $obj_ref_id, ilObjectGUI\$rbacreview, checkDuplicate(), initFormRoleProperties(), loadRoleProperties(), and ilUtil\sendFailure().

598  {
599  global $DIC;
600 
601  $rbacadmin = $DIC['rbacadmin'];
602  $rbacreview = $DIC['rbacreview'];
603 
604  $this->initFormRoleProperties(self::MODE_GLOBAL_CREATE);
605  if ($this->form->checkInput() and !$this->checkDuplicate()) {
606  include_once './Services/AccessControl/classes/class.ilObjRole.php';
607  $this->loadRoleProperties($this->role = new ilObjRole());
608  $this->role->create();
609  $rbacadmin->assignRoleToFolder($this->role->getId(), $this->obj_ref_id, 'y');
610  $rbacadmin->setProtected(
611  $this->obj_ref_id,
612  $this->role->getId(),
613  $this->form->getInput('pro') ? 'y' : 'n'
614  );
615  ilUtil::sendSuccess($this->lng->txt("role_added"), true);
616  $this->ctrl->setParameter($this, 'obj_id', $this->role->getId());
617  $this->ctrl->redirect($this, 'perm');
618  }
619 
620  ilUtil::sendFailure($this->lng->txt('err_check_input'));
621  $this->form->setValuesByPost();
622  $this->tpl->setContent($this->form->getHTML());
623  return false;
624  }
ilObjRole
Class ilObjRole.
Definition: class.ilObjRole.php:16
ilObjRoleGUI\checkDuplicate
checkDuplicate($a_role_id=0)
Check if role with same name already exists in this folder.
Definition: class.ilObjRoleGUI.php:630
$DIC
global $DIC
Definition: saml.php:7
ilObjRoleGUI\loadRoleProperties
loadRoleProperties(ilObjRole $role)
Store form input in role object.
Definition: class.ilObjRoleGUI.php:491
ilObjRoleGUI\initFormRoleProperties
initFormRoleProperties($a_mode)
Create role prperty form.
Definition: class.ilObjRoleGUI.php:395
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4497
+ Here is the call graph for this function:

◆ selectDesktopItemObject()

ilObjRoleGUI::selectDesktopItemObject ( )

Definition at line 322 of file class.ilObjRoleGUI.php.

References $_GET, $DIC, Sabre\VObject\$output, ilObjectGUI\$tree, ilObjectGUI\__showButton(), listDesktopItemsObject(), ilUtil\sendFailure(), ilUtil\sendInfo(), and USER_FOLDER_ID.

Referenced by assignDesktopItemObject().

323  {
324  global $DIC;
325 
326  $rbacsystem = $DIC['rbacsystem'];
327  $tree = $DIC['tree'];
328 
329  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItemSelector.php';
330  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
331 
332  if (!$rbacsystem->checkAccess('push_desktop_items', USER_FOLDER_ID)) {
333  #$this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
334  ilUtil::sendFailure($this->lng->txt('permission_denied'));
335  $this->listDesktopItemsObject();
336  return false;
337  }
338 
339  $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_desktop_item_selector.html", "Services/AccessControl");
340  $this->__showButton('listDesktopItems', $this->lng->txt('back'));
341 
342  ilUtil::sendInfo($this->lng->txt("role_select_desktop_item"));
343 
344  $exp = new ilRoleDesktopItemSelector(
345  $this->ctrl->getLinkTarget($this, 'selectDesktopItem'),
346  new ilRoleDesktopItem($this->object->getId())
347  );
348  $exp->setExpand($_GET["role_desk_item_link_expand"] ? $_GET["role_desk_item_link_expand"] : $tree->readRootId());
349  $exp->setExpandTarget($this->ctrl->getLinkTarget($this, 'selectDesktopItem'));
350 
351  $exp->setOutput(0);
352 
353  $output = $exp->getOutput();
354  $this->tpl->setVariable("EXPLORER", $output);
355  //$this->tpl->setVariable("EXPLORER", $exp->getOutput());
356 
357  return true;
358  }
ilRoleDesktopItem
Class ilObjRoleGUI.
Definition: class.ilRoleDesktopItem.php:17
$DIC
global $DIC
Definition: saml.php:7
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
ilObjectGUI\__showButton
__showButton($a_cmd, $a_text, $a_target='')
Definition: class.ilObjectGUI.php:1678
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4481
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4497
USER_FOLDER_ID
const USER_FOLDER_ID
Class ilObjUserFolder.
Definition: class.ilObjUserFolder.php:16
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ setBackTarget()

ilObjRoleGUI::setBackTarget (   $a_text,
  $a_link 
)

set back tab target

Definition at line 170 of file class.ilObjRoleGUI.php.

171  {
172  $this->back_target = array("text" => $a_text,
173  "link" => $a_link);
174  }

◆ setSubTabs()

ilObjRoleGUI::setSubTabs (   $a_tab)
protected

Set sub tabs.

Parameters
object$a_tab
Returns

Definition at line 1634 of file class.ilObjRoleGUI.php.

References $DIC.

Referenced by permObject().

1635  {
1636  global $DIC;
1637 
1638  $ilTabs = $DIC['ilTabs'];
1639 
1640  switch ($a_tab) {
1641  case 'default_perm_settings':
1642  if ($this->obj_ref_id != ROLE_FOLDER_ID) {
1643  return true;
1644  }
1645  $ilTabs->addSubTabTarget(
1646  'rbac_repository_permissions',
1647  $this->ctrl->getLinkTarget($this, 'perm')
1648  );
1649  $ilTabs->addSubTabTarget(
1650  'rbac_admin_permissions',
1651  $this->ctrl->getLinkTarget($this, 'adminPerm')
1652  );
1653  }
1654  return true;
1655  }
$DIC
global $DIC
Definition: saml.php:7
+ Here is the caller graph for this function:

◆ showChangeExistingObjectsConfirmation()

ilObjRoleGUI::showChangeExistingObjectsConfirmation ( )
protected

Show confirmation screen.

Returns

Definition at line 1550 of file class.ilObjRoleGUI.php.

References $_POST, $form, ilObjRole\MODE_PROTECTED_DELETE_LOCAL_POLICIES, ilObjRole\MODE_PROTECTED_KEEP_LOCAL_POLICIES, ilObjRole\MODE_UNPROTECTED_DELETE_LOCAL_POLICIES, ilObjRole\MODE_UNPROTECTED_KEEP_LOCAL_POLICIES, ilRadioGroupInputGUI\setValue(), and ilRadioOption\setValue().

Referenced by permSaveObject().

1551  {
1552  $protected = $_POST['protected'];
1553 
1554  include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
1555  $form = new ilPropertyFormGUI();
1556  $form->setFormAction($this->ctrl->getFormAction($this, 'changeExistingObjects'));
1557  $form->setTitle($this->lng->txt('rbac_change_existing_confirm_tbl'));
1558 
1559  $form->addCommandButton('changeExistingObjects', $this->lng->txt('change_existing_objects'));
1560  $form->addCommandButton('perm', $this->lng->txt('cancel'));
1561 
1562  $hidden = new ilHiddenInputGUI('type_filter');
1563  $hidden->setValue(
1564  $_POST['recursive'] ?
1565  serialize(array('all')) :
1566  serialize($_POST['recursive_list'])
1567  );
1568  $form->addItem($hidden);
1569 
1570  $rad = new ilRadioGroupInputGUI($this->lng->txt('rbac_local_policies'), 'mode');
1571 
1572  if ($protected) {
1573  $rad->setValue(ilObjRole::MODE_PROTECTED_DELETE_LOCAL_POLICIES);
1574  $keep = new ilRadioOption(
1575  $this->lng->txt('rbac_keep_local_policies'),
1576  ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES,
1577  $this->lng->txt('rbac_keep_local_policies_info')
1578  );
1579  } else {
1580  $rad->setValue(ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES);
1581  $keep = new ilRadioOption(
1582  $this->lng->txt('rbac_keep_local_policies'),
1583  ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES,
1584  $this->lng->txt('rbac_unprotected_keep_local_policies_info')
1585  );
1586  }
1587  $rad->addOption($keep);
1588 
1589  if ($protected) {
1590  $del = new ilRadioOption(
1591  $this->lng->txt('rbac_delete_local_policies'),
1592  ilObjRole::MODE_PROTECTED_DELETE_LOCAL_POLICIES,
1593  $this->lng->txt('rbac_delete_local_policies_info')
1594  );
1595  } else {
1596  $del = new ilRadioOption(
1597  $this->lng->txt('rbac_delete_local_policies'),
1598  ilObjRole::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES,
1599  $this->lng->txt('rbac_unprotected_delete_local_policies_info')
1600  );
1601  }
1602  $rad->addOption($del);
1603 
1604  $form->addItem($rad);
1605  $this->tpl->setContent($form->getHTML());
1606  }
ilRadioOption
This class represents an option in a radio group.
Definition: class.ilRadioOption.php:31
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
ilObjRole\MODE_PROTECTED_DELETE_LOCAL_POLICIES
const MODE_PROTECTED_DELETE_LOCAL_POLICIES
Definition: class.ilObjRole.php:18
ilObjRole\MODE_PROTECTED_KEEP_LOCAL_POLICIES
const MODE_PROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:19
ilHiddenInputGUI
This class represents a hidden form property in a property form.
Definition: class.ilHiddenInputGUI.php:32
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:33
ilRadioOption\setValue
setValue($a_value)
Set Value.
Definition: class.ilRadioOption.php:91
$form
if(isset($_POST['submit'])) $form
Definition: registry.edit.php:63
ilObjRole\MODE_UNPROTECTED_DELETE_LOCAL_POLICIES
const MODE_UNPROTECTED_DELETE_LOCAL_POLICIES
Definition: class.ilObjRole.php:20
ilObjRole\MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:21
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ showDefaultPermissionSettings()

ilObjRoleGUI::showDefaultPermissionSettings ( )
protected

check if default permissions are shown or not

Returns

Definition at line 202 of file class.ilObjRoleGUI.php.

References $DIC, ilObjectGUI\$objDefinition, and getContainerType().

Referenced by executeCommand(), and getTabs().

203  {
204  global $DIC;
205 
206  $objDefinition = $DIC['objDefinition'];
207 
208  return $objDefinition->isContainer($this->getContainerType());
209  }
$DIC
global $DIC
Definition: saml.php:7
ilObjRoleGUI\getContainerType
getContainerType()
Get type of role container.
Definition: class.ilObjRoleGUI.php:193
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ updateObject()

ilObjRoleGUI::updateObject ( )

Save role settings.

Returns

Definition at line 640 of file class.ilObjRoleGUI.php.

References $DIC, checkDuplicate(), initFormRoleProperties(), loadRoleProperties(), and ilUtil\sendFailure().

641  {
642  global $DIC;
643 
644  $rbacadmin = $DIC['rbacadmin'];
645 
646  $this->initFormRoleProperties(self::MODE_GLOBAL_UPDATE);
647  if ($this->form->checkInput() and !$this->checkDuplicate($this->object->getId())) {
648  include_once './Services/AccessControl/classes/class.ilObjRole.php';
649  $this->loadRoleProperties($this->object);
650  $this->object->update();
651  $rbacadmin->setProtected(
652  $this->obj_ref_id,
653  $this->object->getId(),
654  $this->form->getInput('pro') ? 'y' : 'n'
655  );
656  ilUtil::sendSuccess($this->lng->txt("saved_successfully"), true);
657  $this->ctrl->redirect($this, 'edit');
658  }
659 
660  ilUtil::sendFailure($this->lng->txt('err_check_input'));
661  $this->form->setValuesByPost();
662  $this->tpl->setContent($this->form->getHTML());
663  return false;
664  }
ilObjRoleGUI\checkDuplicate
checkDuplicate($a_role_id=0)
Check if role with same name already exists in this folder.
Definition: class.ilObjRoleGUI.php:630
$DIC
global $DIC
Definition: saml.php:7
ilObjRoleGUI\loadRoleProperties
loadRoleProperties(ilObjRole $role)
Store form input in role object.
Definition: class.ilObjRoleGUI.php:491
ilObjRoleGUI\initFormRoleProperties
initFormRoleProperties($a_mode)
Create role prperty form.
Definition: class.ilObjRoleGUI.php:395
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4497
+ Here is the call graph for this function:

◆ userassignmentObject()

ilObjRoleGUI::userassignmentObject ( )

display user assignment panel

Definition at line 1193 of file class.ilObjRoleGUI.php.

References $DIC, $ilUser, ilObjectGUI\$lng, ilObjectGUI\$rbacreview, ilSecuritySettings\_getInstance(), checkAccess(), and ilRepositorySearchGUI\fillAutoCompleteToolbar().

1194  {
1195  global $DIC;
1196 
1197  $rbacreview = $DIC['rbacreview'];
1198  $rbacsystem = $DIC['rbacsystem'];
1199  $lng = $DIC['lng'];
1200  $ilUser = $DIC['ilUser'];
1201 
1202  if (!$this->checkAccess('edit_userassignment', 'edit_permission')) {
1203  $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"), $this->ilias->error_obj->MESSAGE);
1204  }
1205 
1206  $this->tabs_gui->setTabActive('user_assignment');
1207 
1208  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.rbac_ua.html', 'Services/AccessControl');
1209 
1210  include_once './Services/UIComponent/Toolbar/classes/class.ilToolbarGUI.php';
1211  $tb = new ilToolbarGUI();
1212 
1213  // protected admin role
1214  include_once './Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
1215  if (
1216  $this->object->getId() != SYSTEM_ROLE_ID ||
1217  (
1218  !$rbacreview->isAssigned($ilUser->getId(), SYSTEM_ROLE_ID) or
1219  !ilSecuritySettings::_getInstance()->isAdminRoleProtected()
1220  )
1221  ) {
1222 
1223 
1224  // add member
1225  include_once './Services/Search/classes/class.ilRepositorySearchGUI.php';
1226  ilRepositorySearchGUI::fillAutoCompleteToolbar(
1227  $this,
1228  $tb,
1229  array(
1230  'auto_complete_name' => $lng->txt('user'),
1231  'submit_name' => $lng->txt('add')
1232  )
1233  );
1234 
1235  /*
1236  // add button
1237  $tb->addFormButton($lng->txt("add"), "assignUser");
1238  */
1239  $tb->addSpacer();
1240 
1241  $tb->addButton(
1242  $this->lng->txt('search_user'),
1243  $this->ctrl->getLinkTargetByClass('ilRepositorySearchGUI', 'start')
1244  );
1245  $tb->addSpacer();
1246  }
1247 
1248  $tb->addButton(
1249  $this->lng->txt('role_mailto'),
1250  $this->ctrl->getLinkTarget($this, 'mailToRole')
1251  );
1252  $this->tpl->setVariable('BUTTONS_UA', $tb->getHTML());
1253 
1254 
1255  include_once './Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
1256  $role_assignment_editable = true;
1257  if (
1258  $this->object->getId() == SYSTEM_ROLE_ID &&
1259  !ilSecuritySettings::_getInstance()->checkAdminRoleAccessible($ilUser->getId())) {
1260  $role_assignment_editable = false;
1261  }
1262 
1263  include_once './Services/AccessControl/classes/class.ilAssignedUsersTableGUI.php';
1264  $ut = new ilAssignedUsersTableGUI($this, 'userassignment', $this->object->getId(), $role_assignment_editable);
1265 
1266  $this->tpl->setVariable('TABLE_UA', $ut->getHTML());
1267 
1268  return true;
1269  }
$DIC
global $DIC
Definition: saml.php:7
$ilUser
$ilUser
Definition: imgupload.php:18
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
ilObjRoleGUI\checkAccess
checkAccess($a_perm_global, $a_perm_obj='')
Definition: class.ilObjRoleGUI.php:1504
ilAssignedUsersTableGUI
TableGUI class for role administration.
Definition: class.ilAssignedUsersTableGUI.php:15
ilRepositorySearchGUI\fillAutoCompleteToolbar
static fillAutoCompleteToolbar($parent_object, ilToolbarGUI $toolbar=null, $a_options=array(), $a_sticky=false)
fill toolbar with
Definition: class.ilRepositorySearchGUI.php:174
ilSecuritySettings\_getInstance
static _getInstance()
Get instance of ilSecuritySettings.
Definition: class.ilSecuritySettings.php:107
+ Here is the call graph for this function:

Field Documentation

◆ $container_type

ilObjRoleGUI::$container_type = ''
protected

Definition at line 38 of file class.ilObjRoleGUI.php.

Referenced by getContainerType().

◆ $ctrl

ilObjRoleGUI::$ctrl

Definition at line 41 of file class.ilObjRoleGUI.php.

◆ $obj_obj_id

ilObjRoleGUI::$obj_obj_id = 0
protected

Definition at line 36 of file class.ilObjRoleGUI.php.

Referenced by getParentObjId().

◆ $obj_obj_type

ilObjRoleGUI::$obj_obj_type = ''
protected

Definition at line 37 of file class.ilObjRoleGUI.php.

Referenced by getParentType().

◆ $obj_ref_id

ilObjRoleGUI::$obj_ref_id = 0
protected

Definition at line 35 of file class.ilObjRoleGUI.php.

Referenced by addUserObject(), adoptPermSaveObject(), changeExistingObjectsObject(), editObject(), ensureRoleAccessForContext(), executeCommand(), getParentRefId(), listDesktopItemsObject(), permObject(), permSaveObject(), and saveObject().

◆ $type

ilObjRoleGUI::$type

Definition at line 32 of file class.ilObjRoleGUI.php.

◆ MODE_GLOBAL_CREATE

const ilObjRoleGUI::MODE_GLOBAL_CREATE = 2

Definition at line 23 of file class.ilObjRoleGUI.php.

◆ MODE_GLOBAL_UPDATE

const ilObjRoleGUI::MODE_GLOBAL_UPDATE = 1

Definition at line 22 of file class.ilObjRoleGUI.php.

◆ MODE_LOCAL_CREATE

const ilObjRoleGUI::MODE_LOCAL_CREATE = 4

Definition at line 25 of file class.ilObjRoleGUI.php.

◆ MODE_LOCAL_UPDATE

const ilObjRoleGUI::MODE_LOCAL_UPDATE = 3

Definition at line 24 of file class.ilObjRoleGUI.php.

The documentation for this class was generated from the following file: