ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
class.ilObjRoleGUI.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
4 include_once "./Services/Object/classes/class.ilObjectGUI.php";
5 include_once './Services/AccessControl/classes/class.ilObjRole.php';
6 require_once('./Services/Repository/classes/class.ilObjectPlugin.php');
7 
20 class ilObjRoleGUI extends ilObjectGUI
21 {
22  const MODE_GLOBAL_UPDATE = 1;
23  const MODE_GLOBAL_CREATE = 2;
24  const MODE_LOCAL_UPDATE = 3;
25  const MODE_LOCAL_CREATE = 4;
26 
32  public $type;
33 
34 
35  protected $obj_ref_id = 0;
36  protected $obj_obj_id = 0;
37  protected $obj_obj_type = '';
38  protected $container_type = '';
39 
40 
41  public $ctrl;
42 
47  public function __construct($a_data, $a_id, $a_call_by_reference = false, $a_prepare_output = true)
48  {
49  global $DIC;
50 
51  $tree = $DIC['tree'];
52  $lng = $DIC['lng'];
53 
54  $lng->loadLanguageModule('rbac');
55 
56  //TODO: move this to class.ilias.php
57  define("USER_FOLDER_ID", 7);
58 
59  // Add ref_id of object that contains this role folder
60 
61  $this->obj_ref_id =
62  (
63  (int) $_REQUEST['rolf_ref_id'] ?
64  (int) $_REQUEST['rolf_ref_id'] :
65  (int) $_REQUEST['ref_id']
66  );
67 
68  $this->obj_obj_id = ilObject::_lookupObjId($this->getParentRefId());
69  $this->obj_obj_type = ilObject::_lookupType($this->getParentObjId());
70 
71  $this->container_type = ilObject::_lookupType(ilObject::_lookupObjId($this->obj_ref_id));
72 
73  $this->type = "role";
74  parent::__construct($a_data, $a_id, $a_call_by_reference, false);
75  $this->ctrl->saveParameter($this, array('obj_id', 'rolf_ref_id'));
76  }
77 
78 
79  public function executeCommand()
80  {
81  global $DIC;
82 
83  $rbacsystem = $DIC['rbacsystem'];
84 
85  $this->prepareOutput();
86 
87  $next_class = $this->ctrl->getNextClass($this);
88  $cmd = $this->ctrl->getCmd();
89 
90  $this->ensureRoleAccessForContext();
91 
92  switch ($next_class) {
93  case 'ilrepositorysearchgui':
94 
95  if (!$GLOBALS['DIC']['ilAccess']->checkAccess('edit_permission', '', $this->obj_ref_id)) {
96  $GLOBALS['DIC']['ilErr']->raiseError($GLOBALS['DIC']['lng']->txt('permission_denied'), $GLOBALS['DIC']['ilErr']->WARNING);
97  }
98  include_once('./Services/Search/classes/class.ilRepositorySearchGUI.php');
99  $rep_search = new ilRepositorySearchGUI();
100  $rep_search->setTitle($this->lng->txt('role_add_user'));
101  $rep_search->setCallback($this, 'addUserObject');
102 
103  // Set tabs
104  $this->tabs_gui->setTabActive('user_assignment');
105  $this->ctrl->setReturn($this, 'userassignment');
106  $ret = &$this->ctrl->forwardCommand($rep_search);
107  break;
108 
109  case 'ilexportgui':
110 
111  $this->tabs_gui->setTabActive('export');
112 
113  include_once './Services/Export/classes/class.ilExportOptions.php';
114  $eo = ilExportOptions::newInstance(ilExportOptions::allocateExportId());
115  $eo->addOption(ilExportOptions::KEY_ROOT, 0, $this->object->getId(), $this->obj_ref_id);
116 
117  include_once './Services/Export/classes/class.ilExportGUI.php';
118  $exp = new ilExportGUI($this, new ilObjRole($this->object->getId()));
119  $exp->addFormat('xml');
120  $this->ctrl->forwardCommand($exp);
121  break;
122 
123  default:
124  if (!$cmd) {
125  if ($this->showDefaultPermissionSettings()) {
126  $cmd = "perm";
127  } else {
128  $cmd = 'userassignment';
129  }
130  }
131  $cmd .= "Object";
132  $this->$cmd();
133 
134  break;
135  }
136 
137  return true;
138  }
139 
144  public function getParentRefId()
145  {
146  return $this->obj_ref_id;
147  }
148 
153  public function getParentObjId()
154  {
155  return $this->obj_obj_id;
156  }
157 
162  public function getParentType()
163  {
164  return $this->obj_obj_type;
165  }
166 
170  public function setBackTarget($a_text, $a_link)
171  {
172  $this->back_target = array("text" => $a_text,
173  "link" => $a_link);
174  }
175 
176  public function getBackTarget()
177  {
178  return $this->back_target ? $this->back_target : array();
179  }
180 
184  public function getAdminTabs()
185  {
186  $this->getTabs();
187  }
188 
193  protected function getContainerType()
194  {
195  return $this->container_type;
196  }
197 
202  protected function showDefaultPermissionSettings()
203  {
204  global $DIC;
205 
206  $objDefinition = $DIC['objDefinition'];
207 
208  return $objDefinition->isContainer($this->getContainerType());
209  }
210 
211 
212  public function listDesktopItemsObject()
213  {
214  global $DIC;
215 
216  $rbacsystem = $DIC['rbacsystem'];
217  $rbacreview = $DIC['rbacreview'];
218 
219  if (!$rbacreview->isAssignable($this->object->getId(), $this->obj_ref_id) &&
220  $this->obj_ref_id != ROLE_FOLDER_ID) {
221  ilUtil::sendInfo($this->lng->txt('role_no_users_no_desk_items'));
222  return true;
223  }
224 
225  if ($rbacsystem->checkAccess('push_desktop_items', USER_FOLDER_ID)) {
226  $this->__showButton('selectDesktopItem', $this->lng->txt('role_desk_add'));
227  }
228 
229  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItemsTableGUI.php';
230  $tbl = new ilRoleDesktopItemsTableGUI($this, 'listDesktopItems', $this->object);
231  $this->tpl->setContent($tbl->getHTML());
232 
233  return true;
234  }
235 
236  public function askDeleteDesktopItemObject()
237  {
238  global $DIC;
239 
240  $rbacsystem = $DIC['rbacsystem'];
241 
242 
243  if (!$this->checkAccess('edit_permission')) {
244  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
245  }
246  if (!$rbacsystem->checkAccess('push_desktop_items', USER_FOLDER_ID)) {
247  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
248  }
249  if (!count($_POST['del_desk_item'])) {
250  ilUtil::sendFailure($this->lng->txt('role_select_one_item'));
251 
252  $this->listDesktopItemsObject();
253 
254  return true;
255  }
256 
257  include_once("./Services/Utilities/classes/class.ilConfirmationGUI.php");
258  $confirmation_gui = new ilConfirmationGUI();
259  $confirmation_gui->setFormAction($this->ctrl->getFormAction($this));
260  $confirmation_gui->setHeaderText($this->lng->txt('role_assigned_desk_items') .
261  ' "' . $this->object->getTitle() . '": ' .
262  $this->lng->txt('role_sure_delete_desk_items'));
263  $confirmation_gui->setCancel($this->lng->txt("cancel"), "listDesktopItems");
264  $confirmation_gui->setConfirm($this->lng->txt("delete"), "deleteDesktopItems");
265 
266  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
267  $role_desk_item_obj = new ilRoleDesktopItem($this->object->getId());
268  $counter = 0;
269  foreach ($_POST['del_desk_item'] as $role_item_id) {
270  $item_data = $role_desk_item_obj->getItem($role_item_id);
271  $tmp_obj = &ilObjectFactory::getInstanceByRefId($item_data['item_id']);
272 
273  if (strlen($desc = $tmp_obj->getDescription())) {
274  $desc = '<div class="il_Description_no_margin">' . $desc . '</div>';
275  }
276 
277  $confirmation_gui->addItem("del_desk_item[]", $role_item_id, $tmp_obj->getTitle() . $desc);
278  }
279 
280  $this->tpl->setContent($confirmation_gui->getHTML());
281 
282  return true;
283  }
284 
285  public function deleteDesktopItemsObject()
286  {
287  global $DIC;
288 
289  $rbacsystem = $DIC['rbacsystem'];
290 
291  if (!$this->checkAccess('edit_permission')) {
292  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
293  }
294 
295  if (!$rbacsystem->checkAccess('push_desktop_items', USER_FOLDER_ID)) {
296  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
297  }
298 
299  if (!count($_POST['del_desk_item'])) {
300  ilUtil::sendFailure($this->lng->txt('role_select_one_item'));
301 
302  $this->listDesktopItemsObject();
303 
304  return true;
305  }
306 
307  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
308 
309  $role_desk_item_obj = new ilRoleDesktopItem($this->object->getId());
310 
311  foreach ($_POST['del_desk_item'] as $role_item_id) {
312  $role_desk_item_obj->delete($role_item_id);
313  }
314 
315  ilUtil::sendSuccess($this->lng->txt('role_deleted_desktop_items'));
316  $this->listDesktopItemsObject();
317 
318  return true;
319  }
320 
321 
322  public function selectDesktopItemObject()
323  {
324  global $DIC;
325 
326  $rbacsystem = $DIC['rbacsystem'];
327  $tree = $DIC['tree'];
328 
329  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItemSelector.php';
330  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
331 
332  if (!$rbacsystem->checkAccess('push_desktop_items', USER_FOLDER_ID)) {
333  #$this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
334  ilUtil::sendFailure($this->lng->txt('permission_denied'));
335  $this->listDesktopItemsObject();
336  return false;
337  }
338 
339  $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_desktop_item_selector.html", "Services/AccessControl");
340  $this->__showButton('listDesktopItems', $this->lng->txt('back'));
341 
342  ilUtil::sendInfo($this->lng->txt("role_select_desktop_item"));
343 
344  $exp = new ilRoleDesktopItemSelector(
345  $this->ctrl->getLinkTarget($this, 'selectDesktopItem'),
346  new ilRoleDesktopItem($this->object->getId())
347  );
348  $exp->setExpand($_GET["role_desk_item_link_expand"] ? $_GET["role_desk_item_link_expand"] : $tree->readRootId());
349  $exp->setExpandTarget($this->ctrl->getLinkTarget($this, 'selectDesktopItem'));
350 
351  $exp->setOutput(0);
352 
353  $output = $exp->getOutput();
354  $this->tpl->setVariable("EXPLORER", $output);
355  //$this->tpl->setVariable("EXPLORER", $exp->getOutput());
356 
357  return true;
358  }
359 
360  public function assignDesktopItemObject()
361  {
362  global $DIC;
363 
364  $rbacsystem = $DIC['rbacsystem'];
365 
366  if (!$rbacsystem->checkAccess('push_desktop_items', USER_FOLDER_ID)) {
367  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
368  return false;
369  }
370 
371 
372  if (!isset($_GET['item_id'])) {
373  ilUtil::sendFailure($this->lng->txt('role_no_item_selected'));
374  $this->selectDesktopItemObject();
375 
376  return false;
377  }
378 
379  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
380 
381  $role_desk_item_obj = new ilRoleDesktopItem($this->object->getId());
382  $role_desk_item_obj->add((int) $_GET['item_id'], ilObject::_lookupType((int) $_GET['item_id'], true));
383 
384  ilUtil::sendSuccess($this->lng->txt('role_assigned_desktop_item'));
385 
386  $this->ctrl->redirect($this, 'listDesktopItems');
387  return true;
388  }
389 
395  protected function initFormRoleProperties($a_mode)
396  {
397  include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
398  $this->form = new ilPropertyFormGUI();
399 
400  if ($this->creation_mode) {
401  $this->ctrl->setParameter($this, "new_type", 'role');
402  }
403  $this->form->setFormAction($this->ctrl->getFormAction($this));
404 
405  switch ($a_mode) {
406  case self::MODE_GLOBAL_CREATE:
407  $this->form->setTitle($this->lng->txt('role_new'));
408  $this->form->addCommandButton('save', $this->lng->txt('role_new'));
409  break;
410 
411  case self::MODE_GLOBAL_UPDATE:
412  $this->form->setTitle($this->lng->txt('role_edit'));
413  $this->form->addCommandButton('update', $this->lng->txt('save'));
414  break;
415 
416  case self::MODE_LOCAL_CREATE:
417  case self::MODE_LOCAL_UPDATE:
418  }
419  // Fix cancel
420  $this->form->addCommandButton('cancel', $this->lng->txt('cancel'));
421 
422  $title = new ilTextInputGUI($this->lng->txt('title'), 'title');
423  if (ilObjRole::isAutoGenerated($this->object->getId())) {
424  $title->setDisabled(true);
425  } else {
426  //#17111 No validation for disabled fields
427  $title->setValidationRegexp('/^(?!il_).*$/');
428  $title->setValidationFailureMessage($this->lng->txt('msg_role_reserved_prefix'));
429  }
430 
431  $title->setSize(40);
432  $title->setMaxLength(70);
433  $title->setRequired(true);
434  $this->form->addItem($title);
435 
436  $desc = new ilTextAreaInputGUI($this->lng->txt('description'), 'desc');
437  if (ilObjRole::isAutoGenerated($this->object->getId())) {
438  $desc->setDisabled(true);
439  }
440  $desc->setCols(40);
441  $desc->setRows(3);
442  $this->form->addItem($desc);
443 
444  if ($a_mode != self::MODE_LOCAL_CREATE && $a_mode != self::MODE_GLOBAL_CREATE) {
445  $ilias_id = new ilNonEditableValueGUI($this->lng->txt("ilias_id"), "ilias_id");
446  $this->form->addItem($ilias_id);
447  }
448 
449  if ($this->obj_ref_id == ROLE_FOLDER_ID) {
450  $reg = new ilCheckboxInputGUI($this->lng->txt('allow_register'), 'reg');
451  $reg->setValue(1);
452  #$reg->setInfo($this->lng->txt('rbac_new_acc_reg_info'));
453  $this->form->addItem($reg);
454 
455  $la = new ilCheckboxInputGUI($this->lng->txt('allow_assign_users'), 'la');
456  $la->setValue(1);
457  #$la->setInfo($this->lng->txt('rbac_local_admin_info'));
458  $this->form->addItem($la);
459  }
460 
461  $pro = new ilCheckboxInputGUI($this->lng->txt('role_protect_permissions'), 'pro');
462  $pro->setValue(1);
463  #$pro->setInfo($this->lng->txt('role_protext_permission_info'));
464  $this->form->addItem($pro);
465 
466  include_once 'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
467  if (ilDiskQuotaActivationChecker::_isActive()) {
468  $quo = new ilNumberInputGUI($this->lng->txt('disk_quota'), 'disk_quota');
469  $quo->setMinValue(0);
470  $quo->setSize(4);
471  $quo->setInfo($this->lng->txt('enter_in_mb_desc') . '<br />' . $this->lng->txt('disk_quota_on_role_desc'));
472  $this->form->addItem($quo);
473  }
474  if (ilDiskQuotaActivationChecker::_isPersonalWorkspaceActive()) {
475  $this->lng->loadLanguageModule("file");
476  $wquo = new ilNumberInputGUI($this->lng->txt('personal_workspace_disk_quota'), 'wsp_disk_quota');
477  $wquo->setMinValue(0);
478  $wquo->setSize(4);
479  $wquo->setInfo($this->lng->txt('enter_in_mb_desc') . '<br />' . $this->lng->txt('disk_quota_on_role_desc'));
480  $this->form->addItem($wquo);
481  }
482 
483  return true;
484  }
485 
491  protected function loadRoleProperties(ilObjRole $role)
492  {
493  //Don't set if fields are disabled to prevent html manipulation.
494  if (!$this->form->getItemByPostVar('title')->getDisabled()) {
495  $role->setTitle($this->form->getInput('title'));
496  }
497  if (!$this->form->getItemByPostVar('desc')->getDisabled()) {
498  $role->setDescription($this->form->getInput('desc'));
499  }
500  $role->setAllowRegister($this->form->getInput('reg'));
501  $role->toggleAssignUsersStatus($this->form->getInput('la'));
502  $role->setDiskQuota(ilUtil::MB2Bytes($this->form->getInput('disk_quota')));
503  $role->setPersonalWorkspaceDiskQuota(ilUtil::MB2Bytes($this->form->getInput('wsp_disk_quota')));
504  return true;
505  }
506 
512  protected function readRoleProperties(ilObjRole $role)
513  {
514  global $DIC;
515 
516  $rbacreview = $DIC['rbacreview'];
517 
518  include_once 'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
519 
520  $data['title'] = $role->getTitle();
521  $data['desc'] = $role->getDescription();
522  $data['ilias_id'] = 'il_' . IL_INST_ID . '_' . ilObject::_lookupType($role->getId()) . '_' . $role->getId();
523  $data['reg'] = $role->getAllowRegister();
524  $data['la'] = $role->getAssignUsersStatus();
525  if (ilDiskQuotaActivationChecker::_isActive()) {
526  $data['disk_quota'] = ilUtil::Bytes2MB($role->getDiskQuota());
527  }
528  if (ilDiskQuotaActivationChecker::_isPersonalWorkspaceActive()) {
529  $data['wsp_disk_quota'] = ilUtil::Bytes2MB($role->getPersonalWorkspaceDiskQuota());
530  }
531  $data['pro'] = $rbacreview->isProtected($this->obj_ref_id, $role->getId());
532 
533  $this->form->setValuesByArray($data);
534  }
535 
536 
537 
538 
544  public function createObject()
545  {
546  global $DIC;
547 
548  $rbacsystem = $DIC['rbacsystem'];
549 
550  if (!$rbacsystem->checkAccess('create_role', $this->obj_ref_id)) {
551  $ilErr->raiseError($this->lng->txt('permission_denied'), $ilErr->MESSAGE);
552  }
553 
554  $this->initFormRoleProperties(self::MODE_GLOBAL_CREATE);
555  $this->tpl->setContent($this->form->getHTML());
556  }
557 
562  public function editObject()
563  {
564  global $DIC;
565 
566  $rbacsystem = $DIC['rbacsystem'];
567  $rbacreview = $DIC['rbacreview'];
568  $ilSetting = $DIC['ilSetting'];
569  $ilErr = $DIC['ilErr'];
570  $ilToolbar = $DIC['ilToolbar'];
571 
572  if (!$this->checkAccess('write', 'edit_permission')) {
573  $ilErr->raiseError($this->lng->txt("msg_no_perm_write"), $ilErr->MESSAGE);
574  }
575 
576  // Show copy role button
577  if ($this->object->getId() != SYSTEM_ROLE_ID) {
578  $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
579  if ($rbacreview->isDeleteable($this->object->getId(), $this->obj_ref_id)) {
580  $ilToolbar->addButton(
581  $this->lng->txt('rbac_delete_role'),
582  $this->ctrl->getLinkTarget($this, 'confirmDeleteRole')
583  );
584  }
585  }
586 
587  $this->initFormRoleProperties(self::MODE_GLOBAL_UPDATE);
588  $this->readRoleProperties($this->object);
589  $this->tpl->setContent($this->form->getHTML());
590  }
591 
592 
597  public function saveObject()
598  {
599  global $DIC;
600 
601  $rbacadmin = $DIC['rbacadmin'];
602  $rbacreview = $DIC['rbacreview'];
603 
604  $this->initFormRoleProperties(self::MODE_GLOBAL_CREATE);
605  if ($this->form->checkInput() and !$this->checkDuplicate()) {
606  include_once './Services/AccessControl/classes/class.ilObjRole.php';
607  $this->loadRoleProperties($this->role = new ilObjRole());
608  $this->role->create();
609  $rbacadmin->assignRoleToFolder($this->role->getId(), $this->obj_ref_id, 'y');
610  $rbacadmin->setProtected(
611  $this->obj_ref_id,
612  $this->role->getId(),
613  $this->form->getInput('pro') ? 'y' : 'n'
614  );
615  ilUtil::sendSuccess($this->lng->txt("role_added"), true);
616  $this->ctrl->setParameter($this, 'obj_id', $this->role->getId());
617  $this->ctrl->redirect($this, 'perm');
618  }
619 
620  ilUtil::sendFailure($this->lng->txt('err_check_input'));
621  $this->form->setValuesByPost();
622  $this->tpl->setContent($this->form->getHTML());
623  return false;
624  }
625 
630  protected function checkDuplicate($a_role_id = 0)
631  {
632  // disabled due to mantis #0013742: Renaming global roles: ILIAS denies if title fits other role title partially
633  return false;
634  }
635 
640  public function updateObject()
641  {
642  global $DIC;
643 
644  $rbacadmin = $DIC['rbacadmin'];
645 
646  $this->initFormRoleProperties(self::MODE_GLOBAL_UPDATE);
647  if ($this->form->checkInput() and !$this->checkDuplicate($this->object->getId())) {
648  include_once './Services/AccessControl/classes/class.ilObjRole.php';
649  $this->loadRoleProperties($this->object);
650  $this->object->update();
651  $rbacadmin->setProtected(
652  $this->obj_ref_id,
653  $this->object->getId(),
654  $this->form->getInput('pro') ? 'y' : 'n'
655  );
656  ilUtil::sendSuccess($this->lng->txt("saved_successfully"), true);
657  $this->ctrl->redirect($this, 'edit');
658  }
659 
660  ilUtil::sendFailure($this->lng->txt('err_check_input'));
661  $this->form->setValuesByPost();
662  $this->tpl->setContent($this->form->getHTML());
663  return false;
664  }
665 
670  protected function permObject($a_show_admin_permissions = false)
671  {
672  global $DIC;
673 
674  $ilTabs = $DIC['ilTabs'];
675  $ilErr = $DIC['ilErr'];
676  $ilToolbar = $DIC['ilToolbar'];
677  $objDefinition = $DIC['objDefinition'];
678  $rbacreview = $DIC['rbacreview'];
679 
680  $ilTabs->setTabActive('default_perm_settings');
681 
682  $this->setSubTabs('default_perm_settings');
683 
684  if ($a_show_admin_permissions) {
685  $ilTabs->setSubTabActive('rbac_admin_permissions');
686  } else {
687  $ilTabs->setSubTabActive('rbac_repository_permissions');
688  }
689 
690  if (!$this->checkAccess('write', 'edit_permission')) {
691  $ilErr->raiseError($this->lng->txt('msg_no_perm_perm'), $ilErr->MESSAGE);
692  return true;
693  }
694 
695  // Show copy role button
696  if ($this->object->getId() != SYSTEM_ROLE_ID) {
697  $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
698  $ilToolbar->addButton(
699  $this->lng->txt("adopt_perm_from_template"),
700  $this->ctrl->getLinkTarget($this, 'adoptPerm')
701  );
702  if ($rbacreview->isDeleteable($this->object->getId(), $this->obj_ref_id)) {
703  $ilToolbar->addButton(
704  $this->lng->txt('rbac_delete_role'),
705  $this->ctrl->getLinkTarget($this, 'confirmDeleteRole')
706  );
707  }
708  }
709 
710  $this->tpl->addBlockFile(
711  'ADM_CONTENT',
712  'adm_content',
713  'tpl.rbac_template_permissions.html',
714  'Services/AccessControl'
715  );
716 
717  $this->tpl->setVariable('PERM_ACTION', $this->ctrl->getFormAction($this));
718 
719  include_once './Services/Accordion/classes/class.ilAccordionGUI.php';
720  $acc = new ilAccordionGUI();
721  $acc->setBehaviour(ilAccordionGUI::FORCE_ALL_OPEN);
722  $acc->setId('template_perm_' . $this->getParentRefId());
723 
724  if ($this->obj_ref_id == ROLE_FOLDER_ID) {
725  if ($a_show_admin_permissions) {
726  $subs = ilObjRole::getSubObjects('adm', true);
727  } else {
728  $subs = ilObjRole::getSubObjects('root', false);
729  }
730  } else {
731  $subs = ilObjRole::getSubObjects($this->getParentType(), $a_show_admin_permissions);
732  }
733 
734  foreach ($subs as $subtype => $def) {
735  include_once 'Services/AccessControl/classes/class.ilObjectRoleTemplatePermissionTableGUI.php';
736  $tbl = new ilObjectRoleTemplatePermissionTableGUI(
737  $this,
738  'perm',
739  $this->getParentRefId(),
740  $this->object->getId(),
741  $subtype,
742  $a_show_admin_permissions
743  );
744  $tbl->parse();
745 
746  $acc->addItem($def['translation'], $tbl->getHTML());
747  }
748 
749  $this->tpl->setVariable('ACCORDION', $acc->getHTML());
750 
751  // Add options table
752  include_once './Services/AccessControl/classes/class.ilObjectRoleTemplateOptionsTableGUI.php';
753  $options = new ilObjectRoleTemplateOptionsTableGUI(
754  $this,
755  'perm',
756  $this->obj_ref_id,
757  $this->object->getId(),
758  $a_show_admin_permissions
759  );
760  if ($this->object->getId() != SYSTEM_ROLE_ID) {
761  $options->addMultiCommand(
762  $a_show_admin_permissions ? 'adminPermSave' : 'permSave',
763  $this->lng->txt('save')
764  );
765  }
766 
767  $options->parse();
768  $this->tpl->setVariable('OPTIONS_TABLE', $options->getHTML());
769  }
770 
775  protected function adminPermObject()
776  {
777  return $this->permObject(true);
778  }
779 
784  protected function adminPermSaveObject()
785  {
786  return $this->permSaveObject(true);
787  }
788 
789  protected function adoptPermObject()
790  {
791  global $DIC;
792 
793  $rbacreview = $DIC['rbacreview'];
794 
795  $output = array();
796 
797  $parent_role_ids = $rbacreview->getParentRoleIds($this->obj_ref_id, true);
798  $ids = array();
799  foreach ($parent_role_ids as $id => $tmp) {
800  $ids[] = $id;
801  }
802  // Sort ids
803  $sorted_ids = ilUtil::_sortIds($ids, 'object_data', 'type,title', 'obj_id');
804  $key = 0;
805  foreach ($sorted_ids as $id) {
806  $par = $parent_role_ids[$id];
807  if ($par["obj_id"] != SYSTEM_ROLE_ID && $this->object->getId() != $par["obj_id"]) {
808  $output[$key]["role_id"] = $par["obj_id"];
809  $output[$key]["type"] = ($par["type"] == 'role' ? $this->lng->txt('obj_role') : $this->lng->txt('obj_rolt'));
810  $output[$key]["role_name"] = ilObjRole::_getTranslation($par["title"]);
811  $output[$key]["role_desc"] = $par["desc"];
812  $key++;
813  }
814  }
815 
816 
817  include_once('./Services/AccessControl/classes/class.ilRoleAdoptPermissionTableGUI.php');
818 
819  $tbl = new ilRoleAdoptPermissionTableGUI($this, "adoptPerm");
820  $tbl->setTitle($this->lng->txt("adopt_perm_from_template"));
821  $tbl->setData($output);
822 
823  $this->tpl->setContent($tbl->getHTML());
824  }
825 
830  protected function confirmDeleteRoleObject()
831  {
832  global $DIC;
833 
834  $ilErr = $DIC['ilErr'];
835  $rbacreview = $DIC['rbacreview'];
836  $ilUser = $DIC['ilUser'];
837 
838  $access = $this->checkAccess('visible,write', 'edit_permission');
839  if (!$access) {
840  $ilErr->raiseError($this->lng->txt('msg_no_perm_perm'), $ilErr->WARNING);
841  }
842 
843  $question = $this->lng->txt('rbac_role_delete_qst');
844  if ($rbacreview->isAssigned($ilUser->getId(), $this->object->getId())) {
845  $question .= ('<br />' . $this->lng->txt('rbac_role_delete_self'));
846  }
847  ilUtil::sendQuestion($question);
848 
849  include_once './Services/Utilities/classes/class.ilConfirmationGUI.php';
850 
851  $confirm = new ilConfirmationGUI();
852  $confirm->setFormAction($this->ctrl->getFormAction($this));
853  $confirm->setHeaderText($question);
854  $confirm->setCancel($this->lng->txt('cancel'), 'perm');
855  $confirm->setConfirm($this->lng->txt('rbac_delete_role'), 'performDeleteRole');
856 
857  $confirm->addItem(
858  'role',
859  $this->object->getId(),
860  $this->object->getTitle(),
861  ilUtil::getImagePath('icon_role.svg')
862  );
863 
864  $this->tpl->setContent($confirm->getHTML());
865  return true;
866  }
867 
868 
873  protected function performDeleteRoleObject()
874  {
875  global $DIC;
876 
877  $ilErr = $DIC['ilErr'];
878 
879  $access = $this->checkAccess('visible,write', 'edit_permission');
880  if (!$access) {
881  $ilErr->raiseError($this->lng->txt('msg_no_perm_perm'), $ilErr->WARNING);
882  }
883 
884  $this->object->setParent((int) $this->obj_ref_id);
885  $this->object->delete();
886  ilUtil::sendSuccess($this->lng->txt('msg_deleted_role'), true);
887 
888  $this->ctrl->returnToParent($this);
889  }
890 
896  public function permSaveObject($a_show_admin_permissions = false)
897  {
898  global $DIC;
899 
900  $rbacsystem = $DIC['rbacsystem'];
901  $rbacadmin = $DIC['rbacadmin'];
902  $rbacreview = $DIC['rbacreview'];
903  $objDefinition = $DIC['objDefinition'];
904  $tree = $DIC['tree'];
905 
906  // for role administration check write of global role folder
907  $access = $this->checkAccess('visible,write', 'edit_permission');
908 
909  if (!$access) {
910  $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"), $this->ilias->error_obj->MESSAGE);
911  }
912 
913  // rbac log
914  include_once "Services/AccessControl/classes/class.ilRbacLog.php";
915  $rbac_log_active = ilRbacLog::isActive();
916  if ($rbac_log_active) {
917  $rbac_log_old = ilRbacLog::gatherTemplate($this->obj_ref_id, $this->object->getId());
918  }
919 
920  // delete all template entries of enabled types
921  if ($this->obj_ref_id == ROLE_FOLDER_ID) {
922  if ($a_show_admin_permissions) {
923  $subs = ilObjRole::getSubObjects('adm', true);
924  } else {
925  $subs = ilObjRole::getSubObjects('root', false);
926  }
927  } else {
928  $subs = ilObjRole::getSubObjects($this->getParentType(), $a_show_admin_permissions);
929  }
930 
931  foreach ($subs as $subtype => $def) {
932  // Delete per object type
933  $rbacadmin->deleteRolePermission($this->object->getId(), $this->obj_ref_id, $subtype);
934  }
935 
936  if (empty($_POST["template_perm"])) {
937  $_POST["template_perm"] = array();
938  }
939 
940  foreach ($_POST["template_perm"] as $key => $ops_array) {
941  // sets new template permissions
942  $rbacadmin->setRolePermission($this->object->getId(), $key, $ops_array, $this->obj_ref_id);
943  }
944 
945  if ($rbac_log_active) {
946  $rbac_log_new = ilRbacLog::gatherTemplate($this->obj_ref_id, $this->object->getId());
947  $rbac_log_diff = ilRbacLog::diffTemplate($rbac_log_old, $rbac_log_new);
948  ilRbacLog::add(ilRbacLog::EDIT_TEMPLATE, $this->obj_ref_id, $rbac_log_diff);
949  }
950 
951  // update object data entry (to update last modification date)
952  $this->object->update();
953 
954  // set protected flag
955  if ($this->obj_ref_id == ROLE_FOLDER_ID or $rbacreview->isAssignable($this->object->getId(), $this->obj_ref_id)) {
956  $rbacadmin->setProtected($this->obj_ref_id, $this->object->getId(), ilUtil::tf2yn($_POST['protected']));
957  }
958 
959  if ($a_show_admin_permissions) {
960  $_POST['recursive'] = true;
961  }
962 
963  // Redirect if Change existing objects is not chosen
964  if (!$_POST['recursive'] and !is_array($_POST['recursive_list'])) {
965  ilUtil::sendSuccess($this->lng->txt("saved_successfully"), true);
966  if ($a_show_admin_permissions) {
967  $this->ctrl->redirect($this, 'adminPerm');
968  } else {
969  $this->ctrl->redirect($this, 'perm');
970  }
971  }
972  // New implementation
973  if ($this->isChangeExistingObjectsConfirmationRequired() and !$a_show_admin_permissions) {
974  $this->showChangeExistingObjectsConfirmation();
975  return true;
976  }
977 
978  $start = ($this->obj_ref_id == ROLE_FOLDER_ID ? ROOT_FOLDER_ID : $this->obj_ref_id);
979  if ($a_show_admin_permissions) {
980  $start = $tree->getParentId($this->obj_ref_id);
981  }
982 
983  if ($_POST['protected']) {
984  $this->object->changeExistingObjects(
985  $start,
986  ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES,
987  array('all'),
988  array()
989  #$a_show_admin_permissions ? array('adm') : array()
990  );
991  } else {
992  $this->object->changeExistingObjects(
993  $start,
994  ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES,
995  array('all'),
996  array()
997  #$a_show_admin_permissions ? array('adm') : array()
998  );
999  }
1000  ilUtil::sendSuccess($this->lng->txt("saved_successfully"), true);
1001 
1002  if ($a_show_admin_permissions) {
1003  $this->ctrl->redirect($this, 'adminPerm');
1004  } else {
1005  $this->ctrl->redirect($this, 'perm');
1006  }
1007  return true;
1008  }
1009 
1010 
1016  public function adoptPermSaveObject()
1017  {
1018  global $DIC;
1019 
1020  $rbacadmin = $DIC['rbacadmin'];
1021  $rbacsystem = $DIC['rbacsystem'];
1022  $rbacreview = $DIC['rbacreview'];
1023  $tree = $DIC['tree'];
1024 
1025  if (!$_POST['adopt']) {
1026  ilUtil::sendFailure($this->lng->txt('select_one'));
1027  $this->adoptPermObject();
1028  return false;
1029  }
1030 
1031  $access = $this->checkAccess('visible,write', 'edit_permission');
1032  if (!$access) {
1033  $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"), $this->ilias->error_obj->MESSAGE);
1034  }
1035 
1036  if ($this->object->getId() == $_POST["adopt"]) {
1037  ilUtil::sendFailure($this->lng->txt("msg_perm_adopted_from_itself"), true);
1038  } else {
1039  $rbacadmin->deleteRolePermission($this->object->getId(), $this->obj_ref_id);
1040  $parentRoles = $rbacreview->getParentRoleIds($this->obj_ref_id, true);
1041  $rbacadmin->copyRoleTemplatePermissions(
1042  $_POST["adopt"],
1043  $parentRoles[$_POST["adopt"]]["parent"],
1044  $this->obj_ref_id,
1045  $this->object->getId(),
1046  false
1047  );
1048 
1049  // update object data entry (to update last modification date)
1050  $this->object->update();
1051 
1052  // send info
1053  $obj_data = &$this->ilias->obj_factory->getInstanceByObjId($_POST["adopt"]);
1054  ilUtil::sendSuccess($this->lng->txt("msg_perm_adopted_from1") . " '" . $obj_data->getTitle() . "'.<br/>" .
1055  $this->lng->txt("msg_perm_adopted_from2"), true);
1056  }
1057 
1058  $this->ctrl->redirect($this, "perm");
1059  }
1060 
1066  public function assignSaveObject()
1067  {
1068  $this->assignUserObject();
1069  }
1070 
1071 
1072 
1078  public function addUserObject($a_user_ids)
1079  {
1080  global $DIC;
1081 
1082  $rbacreview = $DIC['rbacreview'];
1083  $rbacadmin = $DIC['rbacadmin'];
1084 
1085  if (!$this->checkAccess('edit_userassignment', 'edit_permission')) {
1086  ilUtil::sendFailure($this->lng->txt('msg_no_perm_assign_user_to_role'), true);
1087  return false;
1088  }
1089  if (!$rbacreview->isAssignable($this->object->getId(), $this->obj_ref_id) &&
1090  $this->obj_ref_id != ROLE_FOLDER_ID) {
1091  ilUtil::sendFailure($this->lng->txt('err_role_not_assignable'), true);
1092  return false;
1093  }
1094  if (!$a_user_ids) {
1095  $GLOBALS['DIC']['lng']->loadLanguageModule('search');
1096  ilUtil::sendFailure($this->lng->txt('search_err_user_not_exist'), true);
1097  return false;
1098  }
1099 
1100  $assigned_users_all = $rbacreview->assignedUsers($this->object->getId());
1101 
1102  // users to assign
1103  $assigned_users_new = array_diff($a_user_ids, array_intersect($a_user_ids, $assigned_users_all));
1104 
1105  // selected users all already assigned. stop
1106  if (count($assigned_users_new) == 0) {
1107  ilUtil::sendInfo($this->lng->txt("rbac_msg_user_already_assigned"), true);
1108  $this->ctrl->redirect($this, 'userassignment');
1109  }
1110 
1111  // assign new users
1112  foreach ($assigned_users_new as $user) {
1113  $rbacadmin->assignUser($this->object->getId(), $user, false);
1114  }
1115 
1116  // update object data entry (to update last modification date)
1117  $this->object->update();
1118 
1119  ilUtil::sendSuccess($this->lng->txt("msg_userassignment_changed"), true);
1120  $this->ctrl->redirect($this, 'userassignment');
1121  }
1122 
1128  public function deassignUserObject()
1129  {
1130  global $DIC;
1131 
1132  $rbacsystem = $DIC['rbacsystem'];
1133  $rbacadmin = $DIC['rbacadmin'];
1134  $rbacreview = $DIC['rbacreview'];
1135 
1136  if (!$this->checkAccess('edit_userassignment', 'edit_permission')) {
1137  $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"), $this->ilias->error_obj->MESSAGE);
1138  }
1139 
1140  $selected_users = ($_POST["user_id"]) ? $_POST["user_id"] : array($_GET["user_id"]);
1141 
1142  if ($selected_users[0] === null) {
1143  $this->ilias->raiseError($this->lng->txt("no_checkbox"), $this->ilias->error_obj->MESSAGE);
1144  }
1145 
1146  // prevent unassignment of system user from system role
1147  if ($this->object->getId() == SYSTEM_ROLE_ID) {
1148  if ($admin = array_search(SYSTEM_USER_ID, $selected_users) !== false) {
1149  unset($selected_users[$admin]);
1150  }
1151  }
1152 
1153  // check for each user if the current role is his last global role before deassigning him
1154  $last_role = array();
1155  $global_roles = $rbacreview->getGlobalRoles();
1156 
1157  foreach ($selected_users as $user) {
1158  $assigned_roles = $rbacreview->assignedRoles($user);
1159  $assigned_global_roles = array_intersect($assigned_roles, $global_roles);
1160 
1161  if (count($assigned_roles) == 1 or (count($assigned_global_roles) == 1 and in_array($this->object->getId(), $assigned_global_roles))) {
1162  $userObj = $this->ilias->obj_factory->getInstanceByObjId($user);
1163  $last_role[$user] = $userObj->getFullName();
1164  unset($userObj);
1165  }
1166  }
1167 
1168 
1169  // ... else perform deassignment
1170  foreach ($selected_users as $user) {
1171  if (!isset($last_role[$user])) {
1172  $rbacadmin->deassignUser($this->object->getId(), $user);
1173  }
1174  }
1175 
1176  // update object data entry (to update last modification date)
1177  $this->object->update();
1178 
1179  // raise error if last role was taken from a user...
1180  if (count($last_role)) {
1181  $user_list = implode(", ", $last_role);
1182  ilUtil::sendFailure($this->lng->txt('msg_is_last_role') . ': ' . $user_list . '<br />' . $this->lng->txt('msg_min_one_role'), true);
1183  } else {
1184  ilUtil::sendSuccess($this->lng->txt("msg_userassignment_changed"), true);
1185  }
1186  $this->ctrl->redirect($this, 'userassignment');
1187  }
1188 
1189 
1193  public function userassignmentObject()
1194  {
1195  global $DIC;
1196 
1197  $rbacreview = $DIC['rbacreview'];
1198  $rbacsystem = $DIC['rbacsystem'];
1199  $lng = $DIC['lng'];
1200  $ilUser = $DIC['ilUser'];
1201 
1202  if (!$this->checkAccess('edit_userassignment', 'edit_permission')) {
1203  $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"), $this->ilias->error_obj->MESSAGE);
1204  }
1205 
1206  $this->tabs_gui->setTabActive('user_assignment');
1207 
1208  $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.rbac_ua.html', 'Services/AccessControl');
1209 
1210  include_once './Services/UIComponent/Toolbar/classes/class.ilToolbarGUI.php';
1211  $tb = new ilToolbarGUI();
1212 
1213  // protected admin role
1214  include_once './Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
1215  if (
1216  $this->object->getId() != SYSTEM_ROLE_ID ||
1217  (
1218  !$rbacreview->isAssigned($ilUser->getId(), SYSTEM_ROLE_ID) or
1219  !ilSecuritySettings::_getInstance()->isAdminRoleProtected()
1220  )
1221  ) {
1222 
1223 
1224  // add member
1225  include_once './Services/Search/classes/class.ilRepositorySearchGUI.php';
1226  ilRepositorySearchGUI::fillAutoCompleteToolbar(
1227  $this,
1228  $tb,
1229  array(
1230  'auto_complete_name' => $lng->txt('user'),
1231  'submit_name' => $lng->txt('add')
1232  )
1233  );
1234 
1235  /*
1236  // add button
1237  $tb->addFormButton($lng->txt("add"), "assignUser");
1238  */
1239  $tb->addSpacer();
1240 
1241  $tb->addButton(
1242  $this->lng->txt('search_user'),
1243  $this->ctrl->getLinkTargetByClass('ilRepositorySearchGUI', 'start')
1244  );
1245  $tb->addSpacer();
1246  }
1247 
1248  $tb->addButton(
1249  $this->lng->txt('role_mailto'),
1250  $this->ctrl->getLinkTarget($this, 'mailToRole')
1251  );
1252  $this->tpl->setVariable('BUTTONS_UA', $tb->getHTML());
1253 
1254 
1255  include_once './Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
1256  $role_assignment_editable = true;
1257  if (
1258  $this->object->getId() == SYSTEM_ROLE_ID &&
1259  !ilSecuritySettings::_getInstance()->checkAdminRoleAccessible($ilUser->getId())) {
1260  $role_assignment_editable = false;
1261  }
1262 
1263  include_once './Services/AccessControl/classes/class.ilAssignedUsersTableGUI.php';
1264  $ut = new ilAssignedUsersTableGUI($this, 'userassignment', $this->object->getId(), $role_assignment_editable);
1265 
1266  $this->tpl->setVariable('TABLE_UA', $ut->getHTML());
1267 
1268  return true;
1269  }
1270 
1271 
1276  public function cancelObject()
1277  {
1278  if ($_GET["new_type"] != "role") {
1279  $this->ctrl->redirect($this, "userassignment");
1280  } else {
1281  $this->ctrl->redirectByClass("ilobjrolefoldergui", "view");
1282  }
1283  }
1284 
1285 
1286  public function listUsersRoleObject()
1287  {
1288  global $DIC;
1289 
1290  $rbacsystem = $DIC['rbacsystem'];
1291  $rbacreview = $DIC['rbacreview'];
1292 
1293  $_SESSION["role_role"] = $_POST["role"] = $_POST["role"] ? $_POST["role"] : $_SESSION["role_role"];
1294 
1295  if (!is_array($_POST["role"])) {
1296  ilUtil::sendFailure($this->lng->txt("role_no_roles_selected"));
1297  $this->searchObject();
1298 
1299  return false;
1300  }
1301 
1302  $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_usr_selection.html", "Services/AccessControl");
1303  $this->__showButton("searchUserForm", $this->lng->txt("role_new_search"));
1304 
1305  // GET ALL MEMBERS
1306  $members = array();
1307 
1308  foreach ($_POST["role"] as $role_id) {
1309  $members = array_merge($rbacreview->assignedUsers($role_id), $members);
1310  }
1311 
1312  $members = array_unique($members);
1313 
1314  // FORMAT USER DATA
1315  $counter = 0;
1316  $f_result = array();
1317 
1318  foreach ($members as $user) {
1319  if (!$tmp_obj = ilObjectFactory::getInstanceByObjId($user, false)) {
1320  continue;
1321  }
1322 
1323  $user_ids[$counter] = $user;
1324 
1325  // TODO: exclude anonymous user
1326  $f_result[$counter][] = ilUtil::formCheckbox(0, "user[]", $user);
1327  $f_result[$counter][] = $tmp_obj->getLogin();
1328  $f_result[$counter][] = $tmp_obj->getFirstname();
1329  $f_result[$counter][] = $tmp_obj->getLastname();
1330 
1331  unset($tmp_obj);
1332  ++$counter;
1333  }
1334 
1335  $this->__showSearchUserTable($f_result, $user_ids, "listUsersRole");
1336 
1337  return true;
1338  }
1339 
1340  public function __prepareOutput()
1341  {
1342  // output objects
1343  $this->tpl->addBlockFile("CONTENT", "content", "tpl.adm_content.html");
1344  $this->tpl->addBlockFile("STATUSLINE", "statusline", "tpl.statusline.html");
1345 
1346  // output message
1347  if ($this->message) {
1348  ilUtil::sendInfo($this->message);
1349  }
1350 
1351  // display infopanel if something happened
1352  ilUtil::infoPanel();
1353 
1354  // set header
1355  $this->__setHeader();
1356  }
1357 
1358  public function __setHeader()
1359  {
1360  $this->tpl->setTitle($this->lng->txt('role'));
1361  $this->tpl->setDescription($this->object->getTitle());
1362  $this->tpl->setTitleIcon(ilUtil::getImagePath("icon_role.svg"));
1363 
1364  $this->getTabs($this->tabs_gui);
1365  }
1366 
1367 
1371  protected function addAdminLocatorItems($a_do_not_add_object = false)
1372  {
1373  global $DIC;
1374 
1375  $ilLocator = $DIC['ilLocator'];
1376 
1377  if (
1378  $_GET["admin_mode"] == "settings"
1379  && $_GET["ref_id"] == ROLE_FOLDER_ID) { // system settings
1380  parent::addAdminLocatorItems(true);
1381 
1382  $ilLocator->addItem(
1383  $this->lng->txt("obj_" . ilObject::_lookupType(ilObject::_lookupObjId($_GET["ref_id"]))),
1384  $this->ctrl->getLinkTargetByClass("ilobjrolefoldergui", 'view')
1385  );
1386 
1387  if ($_GET["obj_id"] > 0) {
1388  $ilLocator->addItem(
1389  $this->object->getTitle(),
1390  $this->ctrl->getLinkTarget($this, 'perm')
1391  );
1392  }
1393  } else {
1394  parent::addAdminLocatorItems($a_do_not_add_object);
1395  }
1396  }
1397 
1398 
1399 
1400 
1401  public function getTabs()
1402  {
1403  global $DIC;
1404 
1405  $rbacreview = $DIC['rbacreview'];
1406  $ilHelp = $DIC['ilHelp'];
1407 
1408  $base_role_container = $rbacreview->getFoldersAssignedToRole($this->object->getId(), true);
1409 
1410 
1411  $activate_role_edit = false;
1412 
1413  // todo: activate the following (allow editing of local roles in
1414  // roles administration)
1415  if (in_array($this->obj_ref_id, $base_role_container) ||
1416  (strtolower($_GET["baseClass"]) == "iladministrationgui" &&
1417  $_GET["admin_mode"] == "settings")) {
1418  $activate_role_edit = true;
1419  }
1420 
1421  // not so nice (workaround for using tabs in repository)
1422  $this->tabs_gui->clearTargets();
1423 
1424  $ilHelp->setScreenIdComponent("role");
1425 
1426  if ($this->back_target != "") {
1427  $this->tabs_gui->setBackTarget(
1428  $this->back_target["text"],
1429  $this->back_target["link"]
1430  );
1431  } else {
1432  $this->tabs_gui->setBackTarget($this->lng->txt('btn_back'), $this->ctrl->getParentReturn($this));
1433  }
1434 
1435  if ($this->checkAccess('write', 'edit_permission') && $activate_role_edit) {
1436  $this->tabs_gui->addTarget(
1437  "edit_properties",
1438  $this->ctrl->getLinkTarget($this, "edit"),
1439  array("edit","update"),
1440  get_class($this)
1441  );
1442  }
1443  /*
1444  if($this->checkAccess('write','edit_permission') and $this->showDefaultPermissionSettings())
1445  {
1446  $force_active = ($_GET["cmd"] == "perm" || $_GET["cmd"] == "")
1447  ? true
1448  : false;
1449  $this->tabs_gui->addTarget("default_perm_settings",
1450  $this->ctrl->getLinkTarget($this, "perm"), array("perm", "adoptPermSave", "permSave"),
1451  get_class($this),
1452  "", $force_active);
1453  }
1454  */
1455  if ($this->checkAccess('write', 'edit_permission') and $this->showDefaultPermissionSettings()) {
1456  $this->tabs_gui->addTarget(
1457  "default_perm_settings",
1458  $this->ctrl->getLinkTarget($this, "perm"),
1459  array(),
1460  get_class($this)
1461  );
1462  }
1463 
1464  if ($this->checkAccess('write', 'edit_permission') && $activate_role_edit && $this->object->getId() != ANONYMOUS_ROLE_ID) {
1465  $this->tabs_gui->addTarget(
1466  "user_assignment",
1467  $this->ctrl->getLinkTarget($this, "userassignment"),
1468  array("deassignUser", "userassignment", "assignUser", "searchUserForm", "search"),
1469  get_class($this)
1470  );
1471  }
1472 
1473  if ($this->checkAccess('write', 'edit_permission') && $activate_role_edit && $this->object->getId() != ANONYMOUS_ROLE_ID) {
1474  $this->tabs_gui->addTarget(
1475  "desktop_items",
1476  $this->ctrl->getLinkTarget($this, "listDesktopItems"),
1477  array("listDesktopItems", "deleteDesktopItems", "selectDesktopItem", "askDeleteDesktopItem"),
1478  get_class($this)
1479  );
1480  }
1481  if ($this->checkAccess('write', 'edit_permission')) {
1482  $this->tabs_gui->addTarget(
1483  'export',
1484  $this->ctrl->getLinkTargetByClass('ilExportGUI'),
1485  array()
1486  );
1487  }
1488  }
1489 
1490  public function mailToRoleObject()
1491  {
1492  $obj_ids = ilObject::_getIdsForTitle($this->object->getTitle(), $this->object->getType());
1493  if (count($obj_ids) > 1) {
1494  $_SESSION['mail_roles'][] = '#il_role_' . $this->object->getId();
1495  } else {
1496  $_SESSION['mail_roles'][] = (new \ilRoleMailboxAddress($this->object->getId()))->value();
1497  }
1498 
1499  require_once 'Services/Mail/classes/class.ilMailFormCall.php';
1500  $script = ilMailFormCall::getRedirectTarget($this, 'userassignment', array(), array('type' => 'role'));
1501  ilUtil::redirect($script);
1502  }
1503 
1504  public function checkAccess($a_perm_global, $a_perm_obj = '')
1505  {
1506  global $DIC;
1507 
1508  $rbacsystem = $DIC['rbacsystem'];
1509  $ilAccess = $DIC['ilAccess'];
1510 
1511  $a_perm_obj = $a_perm_obj ? $a_perm_obj : $a_perm_global;
1512 
1513  if ($this->obj_ref_id == ROLE_FOLDER_ID) {
1514  return $rbacsystem->checkAccess($a_perm_global, $this->obj_ref_id);
1515  } else {
1516  return $ilAccess->checkAccess($a_perm_obj, '', $this->obj_ref_id);
1517  }
1518  }
1519 
1524  protected function isChangeExistingObjectsConfirmationRequired()
1525  {
1526  global $DIC;
1527 
1528  $rbacreview = $DIC['rbacreview'];
1529 
1530  if (!(int) $_POST['recursive'] and !is_array($_POST['recursive_list'])) {
1531  return false;
1532  }
1533 
1534  // Role is protected
1535  if ($rbacreview->isProtected($this->obj_ref_id, $this->object->getId())) {
1536  // TODO: check if recursive_list is enabled
1537  // and if yes: check if inheritance is broken for the relevant object types
1538  return count($rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
1539  } else {
1540  // TODO: check if recursive_list is enabled
1541  // and if yes: check if inheritance is broken for the relevant object types
1542  return count($rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
1543  }
1544  }
1545 
1550  protected function showChangeExistingObjectsConfirmation()
1551  {
1552  $protected = $_POST['protected'];
1553 
1554  include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
1555  $form = new ilPropertyFormGUI();
1556  $form->setFormAction($this->ctrl->getFormAction($this, 'changeExistingObjects'));
1557  $form->setTitle($this->lng->txt('rbac_change_existing_confirm_tbl'));
1558 
1559  $form->addCommandButton('changeExistingObjects', $this->lng->txt('change_existing_objects'));
1560  $form->addCommandButton('perm', $this->lng->txt('cancel'));
1561 
1562  $hidden = new ilHiddenInputGUI('type_filter');
1563  $hidden->setValue(
1564  $_POST['recursive'] ?
1565  serialize(array('all')) :
1566  serialize($_POST['recursive_list'])
1567  );
1568  $form->addItem($hidden);
1569 
1570  $rad = new ilRadioGroupInputGUI($this->lng->txt('rbac_local_policies'), 'mode');
1571 
1572  if ($protected) {
1573  $rad->setValue(ilObjRole::MODE_PROTECTED_DELETE_LOCAL_POLICIES);
1574  $keep = new ilRadioOption(
1575  $this->lng->txt('rbac_keep_local_policies'),
1576  ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES,
1577  $this->lng->txt('rbac_keep_local_policies_info')
1578  );
1579  } else {
1580  $rad->setValue(ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES);
1581  $keep = new ilRadioOption(
1582  $this->lng->txt('rbac_keep_local_policies'),
1583  ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES,
1584  $this->lng->txt('rbac_unprotected_keep_local_policies_info')
1585  );
1586  }
1587  $rad->addOption($keep);
1588 
1589  if ($protected) {
1590  $del = new ilRadioOption(
1591  $this->lng->txt('rbac_delete_local_policies'),
1592  ilObjRole::MODE_PROTECTED_DELETE_LOCAL_POLICIES,
1593  $this->lng->txt('rbac_delete_local_policies_info')
1594  );
1595  } else {
1596  $del = new ilRadioOption(
1597  $this->lng->txt('rbac_delete_local_policies'),
1598  ilObjRole::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES,
1599  $this->lng->txt('rbac_unprotected_delete_local_policies_info')
1600  );
1601  }
1602  $rad->addOption($del);
1603 
1604  $form->addItem($rad);
1605  $this->tpl->setContent($form->getHTML());
1606  }
1607 
1612  protected function changeExistingObjectsObject()
1613  {
1614  global $DIC;
1615 
1616  $tree = $DIC['tree'];
1617  $rbacreview = $DIC['rbacreview'];
1618  $rbacadmin = $DIC['rbacadmin'];
1619 
1620  $mode = (int) $_POST['mode'];
1621  $start = ($this->obj_ref_id == ROLE_FOLDER_ID ? ROOT_FOLDER_ID : $this->obj_ref_id);
1622 
1623  $this->object->changeExistingObjects($start, $mode, unserialize(ilUtil::stripSlashes($_POST['type_filter'])));
1624 
1625  ilUtil::sendSuccess($this->lng->txt('settings_saved'), true);
1626  $this->ctrl->redirect($this, 'perm');
1627  }
1628 
1634  protected function setSubTabs($a_tab)
1635  {
1636  global $DIC;
1637 
1638  $ilTabs = $DIC['ilTabs'];
1639 
1640  switch ($a_tab) {
1641  case 'default_perm_settings':
1642  if ($this->obj_ref_id != ROLE_FOLDER_ID) {
1643  return true;
1644  }
1645  $ilTabs->addSubTabTarget(
1646  'rbac_repository_permissions',
1647  $this->ctrl->getLinkTarget($this, 'perm')
1648  );
1649  $ilTabs->addSubTabTarget(
1650  'rbac_admin_permissions',
1651  $this->ctrl->getLinkTarget($this, 'adminPerm')
1652  );
1653  }
1654  return true;
1655  }
1656 
1660  protected function addToClipboardObject()
1661  {
1662  global $DIC;
1663 
1664  $lng = $DIC['lng'];
1665  $ilCtrl = $DIC['ilCtrl'];
1666 
1667  $users = (array) $_POST['user_id'];
1668  if (!count($users)) {
1669  ilUtil::sendFailure($this->lng->txt('select_one'), true);
1670  $ilCtrl->redirect($this, 'userassignment');
1671  }
1672  include_once './Services/User/classes/class.ilUserClipboard.php';
1673  $clip = ilUserClipboard::getInstance($GLOBALS['DIC']['ilUser']->getId());
1674  $clip->add($users);
1675  $clip->save();
1676 
1677  $lng->loadLanguageModule('user');
1678  ilUtil::sendSuccess($this->lng->txt('clipboard_user_added'), true);
1679  $ilCtrl->redirect($this, 'userassignment');
1680  }
1681 
1685  protected function addLocatorItems()
1686  {
1687  global $DIC;
1688 
1689  $ilLocator = $DIC['ilLocator'];
1690 
1691  if ($_GET["admin_mode"] == "") {
1692  $this->ctrl->setParameterByClass(
1693  "ilobjrolegui",
1694  "obj_id",
1695  (int) $_GET["obj_id"]
1696  );
1697  $ilLocator->addItem(
1698  ilObjRole::_getTranslation($this->object->getTitle()),
1699  $this->ctrl->getLinkTargetByClass(
1700  array(
1701  "ilpermissiongui",
1702  "ilobjrolegui"),
1703  "perm"
1704  )
1705  );
1706  }
1707  }
1708 
1709  /*
1710  * Ensure access to role for ref_id
1711  * @throws ilObjectException
1712  */
1713  protected function ensureRoleAccessForContext()
1714  {
1715  global $DIC;
1716 
1717  $review = $DIC->rbac()->review();
1718  $logger = $DIC->logger()->ac();
1719 
1720  // creation of roles
1721  if (
1722  !$this->object->getId() ||
1723  $this->object->getId() == ROLE_FOLDER_ID
1724  ) {
1725  return true;
1726  }
1727 
1728 
1729  $possible_roles = [];
1730  try {
1731  $possible_roles = $review->getRolesOfObject(
1732  $this->obj_ref_id,
1733  false
1734  );
1735  } catch (\InvalidArgumentException $e) {
1736  $logger->warning('Role access check failed: ' . $e);
1737 
1738  include_once "Services/Object/exceptions/class.ilObjectException.php";
1739  throw new \ilObjectException($this->lng->txt('permission_denied'));
1740  }
1741 
1742  if (!in_array($this->object->getId(), $possible_roles)) {
1743  $logger->warning('Object id: ' . $this->object->getId() . ' is not accessible for ref_id: ' . $this->obj_ref_id);
1744  include_once "Services/Object/exceptions/class.ilObjectException.php";
1745  throw new \ilObjectException($this->lng->txt('permission_denied'));
1746  }
1747  return true;
1748  }
1749 } // END class.ilObjRoleGUI
ilObjRoleGUI\adoptPermSaveObject
adoptPermSaveObject()
copy permissions from role
Definition: class.ilObjRoleGUI.php:1016
ilObjRole
Class ilObjRole.
Definition: class.ilObjRole.php:16
ilRadioOption
This class represents an option in a radio group.
Definition: class.ilRadioOption.php:31
ilUtil\tf2yn
static tf2yn($a_tf)
convert true/false to "y"/"n"
Definition: class.ilUtil.php:2998
ilRoleDesktopItem\add
add($a_item_id, $a_item_type)
Definition: class.ilRoleDesktopItem.php:45
ilObjRoleGUI\createObject
createObject()
Only called from administration -> role folder ? Otherwise this check access is wrong.
Definition: class.ilObjRoleGUI.php:544
ilRoleDesktopItem
Class ilObjRoleGUI.
Definition: class.ilRoleDesktopItem.php:17
ilObjRoleGUI\setSubTabs
setSubTabs($a_tab)
Set sub tabs.
Definition: class.ilObjRoleGUI.php:1634
ilObjRoleGUI\setBackTarget
setBackTarget($a_text, $a_link)
set back tab target
Definition: class.ilObjRoleGUI.php:170
ilUserClipboard\getInstance
static getInstance($a_usr_id)
Get singelton instance.
Definition: class.ilUserClipboard.php:35
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
ilRoleAdoptPermissionTableGUI
Copyright (c) 1998-2015 ILIAS open source, Extended GPL, see docs/LICENSE Date: 07.01.15 Time: 11:43.
Definition: class.ilRoleAdoptPermissionTableGUI.php:16
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
ilObjRole\getPersonalWorkspaceDiskQuota
getPersonalWorkspaceDiskQuota()
Gets the minimal personal workspace disk quota imposed by this role.
Definition: class.ilObjRole.php:338
ilObjRoleGUI\checkDuplicate
checkDuplicate($a_role_id=0)
Check if role with same name already exists in this folder.
Definition: class.ilObjRoleGUI.php:630
$DIC
global $DIC
Definition: saml.php:7
ilObjRoleGUI\addToClipboardObject
addToClipboardObject()
Add selected users to user clipboard.
Definition: class.ilObjRoleGUI.php:1660
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
$tbl
$tbl
Definition: example_048.php:81
ilObjRoleGUI\adminPermObject
adminPermObject()
Show administration permissions.
Definition: class.ilObjRoleGUI.php:775
ilObjRole\MODE_PROTECTED_DELETE_LOCAL_POLICIES
const MODE_PROTECTED_DELETE_LOCAL_POLICIES
Definition: class.ilObjRole.php:18
ilObjectGUI\__showButton
__showButton($a_cmd, $a_text, $a_target='')
Definition: class.ilObjectGUI.php:1678
ilUtil\MB2Bytes
static MB2Bytes($a_value)
Definition: class.ilUtil.php:5001
ilObjRoleGUI\deassignUserObject
deassignUserObject()
de-assign users from role
Definition: class.ilObjRoleGUI.php:1128
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14
ilObjRoleGUI\assignSaveObject
assignSaveObject()
wrapper for renamed function
Definition: class.ilObjRoleGUI.php:1066
ilObjRole\toggleAssignUsersStatus
toggleAssignUsersStatus($a_assign_users)
Definition: class.ilObjRole.php:145
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:33
ilObjRoleGUI\permObject
permObject($a_show_admin_permissions=false)
Show template permissions.
Definition: class.ilObjRoleGUI.php:670
ilObjRoleGUI\adminPermSaveObject
adminPermSaveObject()
Save admin permissions.
Definition: class.ilObjRoleGUI.php:784
ilObjRole\setAllowRegister
setAllowRegister($a_allow_register)
set allow_register of role
Definition: class.ilObjRole.php:268
ilRbacLog\isActive
static isActive()
Definition: class.ilRbacLog.php:25
ilObjRoleGUI\cancelObject
cancelObject()
cancelObject is called when an operation is canceled, method links back public
Definition: class.ilObjRoleGUI.php:1276
ilObjRole\getAllowRegister
getAllowRegister()
get allow_register
Definition: class.ilObjRole.php:283
ilObjRole\getDiskQuota
getDiskQuota()
Gets the minimal disk quota imposed by this role.
Definition: class.ilObjRole.php:310
ilObjRoleGUI\addUserObject
addUserObject($a_user_ids)
Assign user (callback from ilRepositorySearchGUI)
Definition: class.ilObjRoleGUI.php:1078
ilObject\setTitle
setTitle($a_title)
set object title
Definition: class.ilObject.php:418
ilObjRole\MODE_PROTECTED_KEEP_LOCAL_POLICIES
const MODE_PROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:19
$ilCtrl
global $ilCtrl
Definition: ilias.php:18
$start
$start
Definition: bench.php:8
ilObjRoleGUI\saveObject
saveObject()
Save new role.
Definition: class.ilObjRoleGUI.php:597
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4481
ilExportGUI
Export User Interface Class.
Definition: class.ilExportGUI.php:14
ilExportOptions\newInstance
static newInstance($a_export_id)
Create new instance.
Definition: class.ilExportOptions.php:56
ilHiddenInputGUI
This class represents a hidden form property in a property form.
Definition: class.ilHiddenInputGUI.php:32
ilObjectGUI\prepareOutput
prepareOutput($a_show_subobjects=true)
prepare output
Definition: class.ilObjectGUI.php:296
ilObjRole\isAutoGenerated
static isAutoGenerated($a_role_id)
Definition: class.ilObjRole.php:695
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:33
ilRadioOption\setValue
setValue($a_value)
Set Value.
Definition: class.ilRadioOption.php:91
ilNumberInputGUI\setMinValue
setMinValue($a_minvalue, $a_display_always=false)
Set Minimum Value.
Definition: class.ilNumberInputGUI.php:195
ilObjRoleGUI\permSaveObject
permSaveObject($a_show_admin_permissions=false)
save permissions
Definition: class.ilObjRoleGUI.php:896
ilObjRoleGUI\loadRoleProperties
loadRoleProperties(ilObjRole $role)
Store form input in role object.
Definition: class.ilObjRoleGUI.php:491
$form
if(isset($_POST['submit'])) $form
Definition: registry.edit.php:63
ilObjRoleGUI\confirmDeleteRoleObject
confirmDeleteRoleObject()
Show delete confirmation screen.
Definition: class.ilObjRoleGUI.php:830
ilObject\getId
getId()
get object id public
Definition: class.ilObject.php:320
ilUtil\_sortIds
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,7),&#39;usr_data&#39;,&#39;lastname&#39;,&#39;usr_id&#39;) => sorts by lastname.
Definition: class.ilUtil.php:4405
ilObjRoleGUI\isChangeExistingObjectsConfirmationRequired
isChangeExistingObjectsConfirmationRequired()
Check if a confirmation about further settings is required or not.
Definition: class.ilObjRoleGUI.php:1524
ilUtil\getImagePath
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:79
ilNumberInputGUI
This class represents a number property in a property form.
Definition: class.ilNumberInputGUI.php:14
ilObjRoleGUI\getParentObjId
getParentObjId()
Get obj_id of current object.
Definition: class.ilObjRoleGUI.php:153
ilObjRoleGUI\performDeleteRoleObject
performDeleteRoleObject()
Delete role.
Definition: class.ilObjRoleGUI.php:873
ilObjectGUI
Class ilObjectGUI Basic methods of all Output classes.
Definition: class.ilObjectGUI.php:13
ilObject\_lookupObjId
static _lookupObjId($a_id)
Definition: class.ilObject.php:1107
ilCheckboxInputGUI\setValue
setValue($a_value)
Set Value.
Definition: class.ilCheckboxInputGUI.php:65
ilObjRoleGUI\initFormRoleProperties
initFormRoleProperties($a_mode)
Create role prperty form.
Definition: class.ilObjRoleGUI.php:395
ilUtil\Bytes2MB
static Bytes2MB($a_value)
Definition: class.ilUtil.php:5006
ilObjRoleGUI\getParentType
getParentType()
get type of current object (not role folder)
Definition: class.ilObjRoleGUI.php:162
ilObjRoleGUI\editObject
editObject()
Edit role properties.
Definition: class.ilObjRoleGUI.php:562
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:16
ilObject\getTitle
getTitle()
get object title public
Definition: class.ilObject.php:396
ilUtil\infoPanel
static infoPanel($a_keep=true)
Definition: class.ilUtil.php:4538
ilObject\getDescription
getDescription()
get object description
Definition: class.ilObject.php:432
$ilUser
$ilUser
Definition: imgupload.php:18
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
ilObjRoleGUI\readRoleProperties
readRoleProperties(ilObjRole $role)
Read role properties and write them to form.
Definition: class.ilObjRoleGUI.php:512
ilObjRoleGUI\showDefaultPermissionSettings
showDefaultPermissionSettings()
check if default permissions are shown or not
Definition: class.ilObjRoleGUI.php:202
ilUtil\stripSlashes
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
Definition: class.ilUtil.php:2406
ilUtil\sendQuestion
static sendQuestion($a_info="", $a_keep=false)
Send Question to Screen.
Definition: class.ilUtil.php:4513
ilObjRole\setPersonalWorkspaceDiskQuota
setPersonalWorkspaceDiskQuota($a_disk_quota)
Sets the minimal personal workspace disk quota imposed by this role.
Definition: class.ilObjRole.php:324
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:77
ilObjRole\_getTranslation
static _getTranslation($a_role_title)
Definition: class.ilObjRole.php:518
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1275
$users
$users
Definition: authpage.php:44
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4497
ilObjRoleGUI\__construct
__construct($a_data, $a_id, $a_call_by_reference=false, $a_prepare_output=true)
Constructor public.
Definition: class.ilObjRoleGUI.php:47
ilObjRoleGUI\showChangeExistingObjectsConfirmation
showChangeExistingObjectsConfirmation()
Show confirmation screen.
Definition: class.ilObjRoleGUI.php:1550
ilRbacLog\gatherTemplate
static gatherTemplate($a_role_ref_id, $a_role_id)
Definition: class.ilRbacLog.php:105
ilObjRoleGUI\checkAccess
checkAccess($a_perm_global, $a_perm_obj='')
Definition: class.ilObjRoleGUI.php:1504
ilObjRoleGUI\getParentRefId
getParentRefId()
Get ref id of current object (not role folder id)
Definition: class.ilObjRoleGUI.php:144
ilObjRoleGUI\changeExistingObjectsObject
changeExistingObjectsObject()
Change existing objects.
Definition: class.ilObjRoleGUI.php:1612
ilObjRoleGUI\userassignmentObject
userassignmentObject()
display user assignment panel
Definition: class.ilObjRoleGUI.php:1193
ilNonEditableValueGUI
This class represents a non editable value in a property form.
Definition: class.ilNonEditableValueGUI.php:13
ilObjRole\MODE_UNPROTECTED_DELETE_LOCAL_POLICIES
const MODE_UNPROTECTED_DELETE_LOCAL_POLICIES
Definition: class.ilObjRole.php:20
$ilSetting
global $ilSetting
Definition: privfeed.php:17
ilMailFormCall\getRedirectTarget
static getRedirectTarget($gui, $cmd, array $gui_params=array(), array $mail_params=array(), array $context_params=array())
Definition: class.ilMailFormCall.php:60
ilTextAreaInputGUI
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:34
ilRbacLog\add
static add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id=false)
Definition: class.ilRbacLog.php:137
ilObjRole\MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:21
$ret
$ret
Definition: parser.php:6
ilRbacLog\diffTemplate
static diffTemplate(array $a_old, array $a_new)
Definition: class.ilRbacLog.php:114
ilObject\_getIdsForTitle
static _getIdsForTitle($title, $type='', $partialmatch=false)
Definition: class.ilObject.php:1030
$def
$def
Definition: croninfo.php:21
ilAssignedUsersTableGUI
TableGUI class for role administration.
Definition: class.ilAssignedUsersTableGUI.php:15
ilObjectFactory\getInstanceByRefId
static getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
Definition: class.ilObjectFactory.php:141
USER_FOLDER_ID
const USER_FOLDER_ID
Class ilObjUserFolder.
Definition: class.ilObjUserFolder.php:16
ilRbacLog\EDIT_TEMPLATE
const EDIT_TEMPLATE
Definition: class.ilRbacLog.php:21
ilObject\setDescription
setDescription($a_desc)
set object description
Definition: class.ilObject.php:443
ilObjRoleGUI\addAdminLocatorItems
addAdminLocatorItems($a_do_not_add_object=false)
Definition: class.ilObjRoleGUI.php:1371
ilRepositorySearchGUI\fillAutoCompleteToolbar
static fillAutoCompleteToolbar($parent_object, ilToolbarGUI $toolbar=null, $a_options=array(), $a_sticky=false)
fill toolbar with
Definition: class.ilRepositorySearchGUI.php:174
ilObjRoleGUI\getAdminTabs
getAdminTabs()
admin and normal tabs are equal for roles
Definition: class.ilObjRoleGUI.php:184
ilExportOptions\allocateExportId
static allocateExportId()
Allocate a new export id.
Definition: class.ilExportOptions.php:65
ilUtil\redirect
static redirect($a_script)
Definition: class.ilUtil.php:3318
ilAccordionGUI
Accordion user interface class.
Definition: class.ilAccordionGUI.php:11
ilObjRoleGUI
Class ilObjRoleGUI.
Definition: class.ilObjRoleGUI.php:20
ilObjRoleGUI\updateObject
updateObject()
Save role settings.
Definition: class.ilObjRoleGUI.php:640
ilSecuritySettings\_getInstance
static _getInstance()
Get instance of ilSecuritySettings.
Definition: class.ilSecuritySettings.php:107
$key
$key
Definition: croninfo.php:18
ilFormPropertyGUI\setDisabled
setDisabled($a_disabled)
Set Disabled.
Definition: class.ilFormPropertyGUI.php:205
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
ilObjRoleGUI\getContainerType
getContainerType()
Get type of role container.
Definition: class.ilObjRoleGUI.php:193
ilObjRole\setDiskQuota
setDiskQuota($a_disk_quota)
Sets the minimal disk quota imposed by this role.
Definition: class.ilObjRole.php:296
$GLOBALS
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
Definition: module.tag.xmp.php:702
ilUtil\formCheckbox
static formCheckbox($checked, $varname, $value, $disabled=false)
??? public
Definition: class.ilUtil.php:432
ilConfirmationGUI
Confirmation screen class.
Definition: class.ilConfirmationGUI.php:15