ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
class.ilObjRoleFolderGUI.php
Go to the documentation of this file.
1 <?php
2 /*
3  +-----------------------------------------------------------------------------+
4  | ILIAS open source |
5  +-----------------------------------------------------------------------------+
6  | Copyright (c) 1998-2006 ILIAS open source, University of Cologne |
7  | |
8  | This program is free software; you can redistribute it and/or |
9  | modify it under the terms of the GNU General Public License |
10  | as published by the Free Software Foundation; either version 2 |
11  | of the License, or (at your option) any later version. |
12  | |
13  | This program is distributed in the hope that it will be useful, |
14  | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15  | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16  | GNU General Public License for more details. |
17  | |
18  | You should have received a copy of the GNU General Public License |
19  | along with this program; if not, write to the Free Software |
20  | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21  +-----------------------------------------------------------------------------+
22 */
23 
24 require_once "./Services/Object/classes/class.ilObjectGUI.php";
25 
38 class ilObjRoleFolderGUI extends ilObjectGUI
39 {
40  const COPY_ADD_PERMISSIONS = 1;
41  const COPY_CLONE_PERMISSIONS = 2;
42  const COPY_REMOVE_PERMISSIONS = 3;
43  const COPY_CHANGE_EXISTING_OBJECTS = 1;
44 
48  private $logger = null;
49 
50 
56  public $type;
57 
62  public function __construct($a_data, $a_id, $a_call_by_reference)
63  {
64  global $DIC;
65 
66  $lng = $DIC['lng'];
67  $this->logger = $DIC->logger()->ac();
68 
69  $this->type = "rolf";
70  parent::__construct($a_data, $a_id, $a_call_by_reference, false);
71  $lng->loadLanguageModule('rbac');
72  }
73 
74  public function executeCommand()
75  {
76  global $DIC;
77 
78  $ilTabs = $DIC['ilTabs'];
79 
80  $next_class = $this->ctrl->getNextClass($this);
81  $cmd = $this->ctrl->getCmd();
82  $this->prepareOutput();
83 
84  switch ($next_class) {
85 
86  case 'ilpermissiongui':
87  include_once("Services/AccessControl/classes/class.ilPermissionGUI.php");
88  $perm_gui = new ilPermissionGUI($this);
89  $ret = &$this->ctrl->forwardCommand($perm_gui);
90  break;
91 
92  default:
93  $this->ctrl->setReturn($this, "view");
94  if (!$cmd) {
95  $cmd = "view";
96  }
97  $cmd .= "Object";
98  $this->$cmd();
99 
100  break;
101  }
102  return true;
103  }
104 
111  public function viewObject()
112  {
113  global $DIC;
114 
115  $ilErr = $DIC['ilErr'];
116  $rbacsystem = $DIC['rbacsystem'];
117  $ilToolbar = $DIC['ilToolbar'];
118  $rbacreview = $DIC['rbacreview'];
119  $ilTabs = $DIC['ilTabs'];
120 
121  $ilTabs->activateTab('view');
122 
123  if (!$rbacsystem->checkAccess('visible,read', $this->object->getRefId())) {
124  $ilErr->raiseError($this->lng->txt('permission_denied'), $ilErr->MESSAGE);
125  }
126 
127 
128  if ($rbacsystem->checkAccess('create_role', $this->object->getRefId())) {
129  $this->ctrl->setParameter($this, 'new_type', 'role');
130  $ilToolbar->addButton(
131  $this->lng->txt('rolf_create_role'),
132  $this->ctrl->getLinkTarget($this, 'create')
133  );
134  }
135  if ($rbacsystem->checkAccess('create_rolt', $this->object->getRefId())) {
136  $this->ctrl->setParameter($this, 'new_type', 'rolt');
137  $ilToolbar->addButton(
138  $this->lng->txt('rolf_create_rolt'),
139  $this->ctrl->getLinkTarget($this, 'create')
140  );
141  $this->ctrl->clearParameters($this);
142  }
143 
144  if (
145  $rbacsystem->checkAccess('create_rolt', $this->object->getRefId()) ||
146  $rbacsystem->checkAccess('create_rolt', $this->object->getRefId())
147  ) {
148  $ilToolbar->addButton(
149  $this->lng->txt('rbac_import_role'),
150  $this->ctrl->getLinkTargetByClass('ilPermissionGUI', 'displayImportRoleForm')
151  );
152  }
153 
154  include_once './Services/AccessControl/classes/class.ilRoleTableGUI.php';
155  $table = new ilRoleTableGUI($this, 'view');
156  $table->init();
157  $table->parse($this->object->getId());
158 
159  $this->tpl->setContent($table->getHTML());
160  }
161 
165  protected function roleSearchObject()
166  {
167  global $DIC;
168 
169  $rbacsystem = $DIC['rbacsystem'];
170  $ilCtrl = $DIC['ilCtrl'];
171  $ilTabs = $DIC['ilTabs'];
172  $ilErr = $DIC['ilErr'];
173 
174  $ilTabs->clearTargets();
175  $ilTabs->setBackTarget(
176  $this->lng->txt('rbac_back_to_overview'),
177  $this->ctrl->getLinkTarget($this, 'view')
178  );
179 
180  if (!$rbacsystem->checkAccess('visible,read', $this->object->getRefId())) {
181  $ilErr->raiseError($this->lng->txt('permission_denied'), $ilErr->MESSAGE);
182  }
183 
184  $ilCtrl->setParameter($this, 'csource', (int) $_REQUEST['csource']);
185  ilUtil::sendInfo($this->lng->txt('rbac_choose_copy_targets'));
186 
187  $form = $this->initRoleSearchForm();
188  $this->tpl->setContent($form->getHTML());
189  }
190 
194  protected function initRoleSearchForm()
195  {
196  global $DIC;
197 
198  $ilCtrl = $DIC['ilCtrl'];
199 
200  include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
201  $form = new ilPropertyFormGUI();
202  $form->setTitle($this->lng->txt('rbac_role_title'));
203  $form->setFormAction($ilCtrl->getFormAction($this, 'view'));
204 
205  $search = new ilTextInputGUI($this->lng->txt('title'), 'title');
206  $search->setRequired(true);
207  $search->setSize(30);
208  $search->setMaxLength(255);
209  $form->addItem($search);
210 
211  $form->addCommandButton('roleSearchForm', $this->lng->txt('search'));
212  return $form;
213  }
214 
215 
220  protected function roleSearchFormObject()
221  {
222  global $DIC;
223 
224  $ilCtrl = $DIC['ilCtrl'];
225 
226  $_SESSION['rolf_search_query'] = '';
227  $ilCtrl->setParameter($this, 'csource', (int) $_REQUEST['csource']);
228 
229  $form = $this->initRoleSearchForm();
230  if ($form->checkInput()) {
231  $_SESSION['rolf_search_query'] = $form->getInput('title');
232  return $this->roleSearchListObject();
233  }
234 
235  ilUtil::sendFailure($this->lng->txt('msg_no_search_string'), true);
236  $form->setValuesByPost();
237  $ilCtrl->redirect($this, 'roleSearch');
238  }
239 
243  protected function roleSearchListObject()
244  {
245  global $DIC;
246 
247  $ilTabs = $DIC['ilTabs'];
248  $ilCtrl = $DIC['ilCtrl'];
249 
250  $ilTabs->clearTargets();
251  $ilTabs->setBackTarget(
252  $this->lng->txt('rbac_back_to_overview'),
253  $this->ctrl->getLinkTarget($this, 'view')
254  );
255 
256  $ilCtrl->setParameter($this, 'csource', (int) $_REQUEST['csource']);
257 
258  if (strlen($_SESSION['rolf_search_query'])) {
259  ilUtil::sendInfo($this->lng->txt('rbac_select_copy_targets'));
260 
261  include_once './Services/AccessControl/classes/class.ilRoleTableGUI.php';
262  $table = new ilRoleTableGUI($this, 'roleSearchList');
263  $table->setType(ilRoleTableGUI::TYPE_SEARCH);
264  $table->setRoleTitleFilter($_SESSION['rolf_search_query']);
265  $table->init();
266  $table->parse($this->object->getId());
267  return $this->tpl->setContent($table->getHTML());
268  }
269 
270  ilUtil::sendFailure($this->lng->txt('msg_no_search_string'), true);
271  $ilCtrl->redirect($this, 'roleSearch');
272  }
273 
278  protected function chooseCopyBehaviourObject(\ilPropertyFormGUI $form = null)
279  {
280  global $DIC;
281 
282  $copy_source = (int) $_REQUEST['csource'];
283 
284  $this->ctrl->saveParameter($this, 'csource', $copy_source);
285  $this->tabs_gui->clearTargets();
286  $this->tabs_gui->setBackTarget(
287  $this->lng->txt('rbac_back_to_overview'),
288  $this->ctrl->getLinkTarget($this, 'view')
289  );
290  if (!$form instanceof \ilPropertyFormGUI) {
291  $form = $this->initCopyBehaviourForm($copy_source);
292  }
293  $this->tpl->setContent($form->getHTML());
294  }
295 
299  protected function initCopyBehaviourForm(int $copy_source)
300  {
301  // not only for role templates; add/remove permissions is also applicable for roles
302  $full_featured = true;
303 
304  $form = new ilPropertyFormGUI();
305  $form->setTitle($this->lng->txt('rbac_copy_behaviour'));
306  $form->setFormAction($this->ctrl->getFormAction($this, 'chooseCopyBehaviour'));
307 
308  $copy_type = new \ilRadioGroupInputGUI(
309  $this->lng->txt('rbac_form_copy_roles_adjust_type'),
310  'type'
311  );
312  $copy_type->setRequired(true);
313  $copy_type->setValue(self::COPY_CLONE_PERMISSIONS);
314 
315  if ($full_featured) {
316  $add = new \ilRadioOption(
317  $this->lng->txt('rbac_form_copy_roles_adjust_type_add'),
318  self::COPY_ADD_PERMISSIONS,
319  $this->lng->txt('rbac_form_copy_roles_adjust_type_add_info')
320  );
321  $copy_type->addOption($add);
322 
323  $ce_type_add = new \ilRadioGroupInputGUI(
324  '',
325  'add_ce_type'
326  );
327  $ce_type_add->setRequired(true);
328  $ce_add_yes = new \ilRadioOption(
329  $this->lng->txt('rbac_form_copy_roles_ce_add_yes'),
330  self::COPY_CHANGE_EXISTING_OBJECTS,
331  $this->lng->txt('rbac_form_copy_roles_ce_add_yes_info')
332  );
333  $ce_type_add->addOption($ce_add_yes);
334  $ce_add_no = new \ilRadioOption(
335  $this->lng->txt('rbac_form_copy_roles_ce_add_no'),
336  0,
337  $this->lng->txt('rbac_form_copy_roles_ce_add_no_info')
338  );
339  $ce_type_add->addOption($ce_add_no);
340  $add->addSubItem($ce_type_add);
341  }
342  $clone = new \ilRadioOption(
343  $this->lng->txt('rbac_form_copy_roles_adjust_type_clone'),
344  self::COPY_CLONE_PERMISSIONS,
345  $this->lng->txt('rbac_form_copy_roles_adjust_type_clone_info')
346  );
347  $copy_type->addOption($clone);
348 
349 
350  $ce_type_clone = new \ilRadioGroupInputGUI(
351  '',
352  'clone_ce_type'
353  );
354  $ce_type_clone->setRequired(true);
355  $ce_clone_yes = new \ilRadioOption(
356  $this->lng->txt('rbac_form_copy_roles_ce_clone_yes'),
357  self::COPY_CHANGE_EXISTING_OBJECTS,
358  $this->lng->txt('rbac_form_copy_roles_ce_clone_yes_info')
359  );
360  $ce_type_clone->addOption($ce_clone_yes);
361  $ce_clone_no = new \ilRadioOption(
362  $this->lng->txt('rbac_form_copy_roles_ce_clone_no'),
363  0,
364  $this->lng->txt('rbac_form_copy_roles_ce_clone_no_info')
365  );
366  $ce_type_clone->addOption($ce_clone_no);
367  $clone->addSubItem($ce_type_clone);
368 
369  if ($full_featured) {
370  $remove = new \ilRadioOption(
371  $this->lng->txt('rbac_form_copy_roles_adjust_type_remove'),
372  self::COPY_REMOVE_PERMISSIONS,
373  $this->lng->txt('rbac_form_copy_roles_adjust_type_remove_info')
374  );
375  $copy_type->addOption($remove);
376  $ce_type_remove = new \ilRadioGroupInputGUI(
377  '',
378  'remove_ce_type'
379  );
380  $ce_type_remove->setRequired(true);
381  $ce_remove_yes = new \ilRadioOption(
382  $this->lng->txt('rbac_form_copy_roles_ce_remove_yes'),
383  self::COPY_CHANGE_EXISTING_OBJECTS,
384  $this->lng->txt('rbac_form_copy_roles_ce_remove_yes_info')
385  );
386  $ce_type_remove->addOption($ce_remove_yes);
387  $ce_remove_no = new \ilRadioOption(
388  $this->lng->txt('rbac_form_copy_roles_ce_remove_no'),
389  0,
390  $this->lng->txt('rbac_form_copy_roles_ce_remove_no_info')
391  );
392  $ce_type_remove->addOption($ce_remove_no);
393  $remove->addSubItem($ce_type_remove);
394  }
395 
396  $form->addItem($copy_type);
397 
398  $roles = new ilHiddenInputGUI('roles');
399  $roles->setValue(implode(',', (array) $_POST['roles']));
400  $form->addItem($roles);
401 
402  $form->addCommandButton('roleSearchList', $this->lng->txt('back'));
403  $form->addCommandButton('adjustRole',$this->lng->txt('rbac_form_copy_roles_adjust_button'));
404  return $form;
405  }
406 
407 
411  protected function adjustRoleObject()
412  {
413  global $DIC;
414 
415  $this->checkPermission('write');
416  $review = $DIC->rbac()->review();
417 
418  $roles = explode(',', $_POST['roles']);
419  $source = (int) $_REQUEST['csource'];
420 
421  $form = $this->initCopyBehaviourForm($source);
422  if ($form->checkInput()) {
423 
424  $adjustment_type = $form->getInput('type');
425  foreach ((array) $roles as $role_id) {
426  if ($role_id != $source) {
427 
428  $start_obj = $review->getRoleFolderOfRole($role_id);
429  $this->logger->debug('Start object: ' . $start_obj);
430 
431  switch ($adjustment_type) {
432  case self::COPY_ADD_PERMISSIONS:
433  $change_existing = (bool) $form->getInput('add_ce_type');
434  $this->doAddRolePermissions(
435  $source,
436  $role_id
437  );
438  if ($change_existing) {
439  $this->doChangeExistingObjects(
440  $start_obj,
441  $role_id,
442  \ilObjRole::MODE_ADD_OPERATIONS,
443  $source
444  );
445  }
446  break;
447  case self::COPY_CLONE_PERMISSIONS:
448  $change_existing = (bool) $form->getInput('clone_ce_type');
449  $this->doCopyRole(
450  $source,
451  $role_id
452  );
453  if ($change_existing) {
454  $this->doChangeExistingObjects(
455  $start_obj,
456  $role_id,
457  \ilObjRole::MODE_READ_OPERATIONS,
458  $source
459  );
460  }
461  break;
462  case self::COPY_REMOVE_PERMISSIONS:
463  $change_existing = (bool) $form->getInput('remove_ce_type');
464  $this->doRemoveRolePermissions(
465  $source,
466  $role_id
467  );
468  if ($change_existing) {
469  $this->doChangeExistingObjects(
470  $start_obj,
471  $role_id,
472  \ilObjRole::MODE_REMOVE_OPERATIONS,
473  $source
474  );
475  }
476  break;
477  }
478  }
479  }
480  ilUtil::sendSuccess($this->lng->txt('rbac_copy_finished'), true);
481  $this->ctrl->redirect($this, 'view');
482  }
483  }
484 
485 
489  protected function doAddRolePermissions($source, $target)
490  {
491  global $DIC;
492 
493  $rbacadmin = $DIC->rbac()->admin();
494  $rbacreview = $DIC->rbac()->review();
495 
496  $source_definition = $rbacreview->getRoleFolderOfRole($source);
497  $rbacadmin->copyRolePermissionUnion(
498  $source,
499  $source_definition,
500  $target,
501  $rbacreview->getRoleFolderOfRole($target),
502  $target,
503  $rbacreview->getRoleFolderOfRole($target)
504  );
505  }
506 
510  protected function removeRolePermissionsObject()
511  {
512  global $DIC;
513 
514  $ilCtrl = $DIC['ilCtrl'];
515 
516  // Finally copy role/rolt
517  $roles = explode(',', $_POST['roles']);
518  $source = (int) $_REQUEST['csource'];
519 
520  $form = $this->initCopyBehaviourForm();
521  if ($form->checkInput()) {
522  foreach ((array) $roles as $role_id) {
523  if ($role_id != $source) {
524  $this->doRemoveRolePermissions($source, $role_id, $form->getInput('change_existing'));
525  }
526  }
527 
528  ilUtil::sendSuccess($this->lng->txt('rbac_copy_finished'), true);
529  $ilCtrl->redirect($this, 'view');
530  }
531  }
532 
536  protected function doRemoveRolePermissions($source, $target)
537  {
538  global $DIC;
539 
540  $rbacadmin = $DIC->rbac()->admin();
541  $rbacreview = $DIC->rbac()->review();
542 
543  ilLoggerFactory::getLogger('ac')->debug('Remove permission source: ' . $source);
544  ilLoggerFactory::getLogger('ac')->debug('Remove permission target: ' . $target);
545 
546  $source_obj = $rbacreview->getRoleFolderOfRole($source);
547  $rbacadmin->copyRolePermissionSubtract(
548  $source,
549  $source_obj,
550  $target,
551  $rbacreview->getRoleFolderOfRole($target)
552  );
553 
554  }
555 
556 
557 
561  protected function doCopyRole($source, $target)
562  {
563  global $DIC;
564 
565  $rbacadmin = $DIC->rbac()->admin();
566  $rbacreview = $DIC->rbac()->review();
567 
568  $target_obj = $rbacreview->getRoleFolderOfRole($target);
569  $source_obj = $rbacreview->getRoleFolderOfRole($source);
570  // Copy role template permissions
571  $rbacadmin->copyRoleTemplatePermissions(
572  $source,
573  $source_obj,
574  $target_obj,
575  $target
576  );
577  }
578 
582  protected function doChangeExistingObjects($a_start_obj, $a_target_role, $a_operation_mode, $a_source_role)
583  {
584  global $DIC;
585 
586  $review = $DIC->rbac()->review();
587 
588  if (!$a_start_obj) {
589  $this->logger->warning('Missing parameter start object.');
590  $this->logger->logStack(\ilLogLevel::WARNING);
591  throw new InvalidArgumentException('Missing parameter: start object');
592  }
593  // the mode is unchanged and read out from the target object
594  $target_ref_id = $review->getRoleFolderOfRole($a_target_role);
595  if ($review->isProtected($target_ref_id, $a_target_role)) {
596  $mode = \ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES;
597  }
598  else {
599  $mode = \ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES;
600  }
601  if ($a_start_obj) {
602 
603  $operation_stack = [];
604  if ($a_operation_mode !== \ilObjRole::MODE_READ_OPERATIONS) {
605  $operation_stack[] = $review->getAllOperationsOfRole($a_source_role, $a_start_obj);
606  }
607 
608  $this->logger->debug('Current operation stack');
609  $this->logger->dump($operation_stack);
610 
611  $role = new ilObjRole($a_target_role);
612  $role->changeExistingObjects(
613  $a_start_obj,
614  $mode,
615  array('all'),
616  [],
617  $a_operation_mode,
618  $operation_stack
619  );
620  }
621  }
622 
623 
627  protected function applyFilterObject()
628  {
629  include_once './Services/AccessControl/classes/class.ilRoleTableGUI.php';
630  $table = new ilRoleTableGUI($this, 'view');
631  $table->init();
632  $table->resetOffset();
633  $table->writeFilterToSession();
634 
635  $this->viewObject();
636  }
637 
641  public function resetFilterObject()
642  {
643  include_once './Services/AccessControl/classes/class.ilRoleTableGUI.php';
644  $table = new ilRoleTableGUI($this, 'view');
645  $table->init();
646  $table->resetOffset();
647  $table->resetFilter();
648 
649  $this->viewObject();
650  }
651 
655  protected function confirmDeleteObject()
656  {
657  global $DIC;
658 
659  $ilCtrl = $DIC['ilCtrl'];
660 
661  $roles = (array) ($_POST['roles'] ?? []);
662  if (!count($roles)) {
663  ilUtil::sendFailure($this->lng->txt('select_one'), true);
664  $ilCtrl->redirect($this, 'view');
665  }
666 
667  $question = $this->lng->txt('rbac_role_delete_qst');
668 
669  include_once './Services/Utilities/classes/class.ilConfirmationGUI.php';
670  $confirm = new ilConfirmationGUI();
671  $confirm->setHeaderText($question);
672  $confirm->setFormAction($ilCtrl->getFormAction($this));
673  $confirm->setHeaderText($this->lng->txt("info_delete_sure"));
674  $confirm->setConfirm($this->lng->txt('delete'), 'deleteRole');
675  $confirm->setCancel($this->lng->txt('cancel'), 'cancel');
676 
677 
678  include_once './Services/AccessControl/classes/class.ilObjRole.php';
679  foreach ($roles as $role_id) {
680  $confirm->addItem(
681  'roles[]',
682  $role_id,
683  ilObjRole::_getTranslation(ilObject::_lookupTitle($role_id))
684  );
685  }
686  $this->tpl->setContent($confirm->getHTML());
687  }
688 
692  protected function deleteRoleObject()
693  {
694  global $DIC;
695 
696  $rbacsystem = $DIC['rbacsystem'];
697  $ilErr = $DIC['ilErr'];
698  $rbacreview = $DIC['rbacreview'];
699  $ilCtrl = $DIC['ilCtrl'];
700 
701  if (!$rbacsystem->checkAccess('delete', $this->object->getRefId())) {
702  $ilErr->raiseError(
703  $this->lng->txt('msg_no_perm_delete'),
704  $ilErr->MESSAGE
705  );
706  }
707 
708  foreach ((array) $_POST['roles'] as $id) {
709  // instatiate correct object class (role or rolt)
710  $obj = ilObjectFactory::getInstanceByObjId($id, false);
711 
712  if ($obj->getType() == "role") {
713  $rolf_arr = $rbacreview->getFoldersAssignedToRole($obj->getId(), true);
714  $obj->setParent($rolf_arr[0]);
715  }
716 
717  $obj->delete();
718  }
719 
720  // set correct return location if rolefolder is removed
721  ilUtil::sendSuccess($this->lng->txt("msg_deleted_roles_rolts"), true);
722  $ilCtrl->redirect($this, 'view');
723  }
724 
725 
726 
727 
728 
734  public function createObject()
735  {
736  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
737 
738  /*
739  $this->object->setTitle($this->lng->txt("obj_".$this->object->getType()."_local"));
740  $this->object->setDescription("obj_".$this->object->getType()."_local_desc");
741 
742  $this->saveObject();
743  */
744  }
745 
751  public function deleteObject($a_error = false)
752  {
753  $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
754  }
755 
761  public function adoptPermSaveObject()
762  {
763  ilUtil::sendSuccess($this->lng->txt("saved_successfully"), true);
764 
765  $this->ctrl->redirect($this, "view");
766  }
767 
774  public function showPossibleSubObjects()
775  {
776  global $DIC;
777 
778  $rbacsystem = $DIC['rbacsystem'];
779 
780  $d = $this->objDefinition->getCreatableSubObjects($this->object->getType());
781 
782  if ($this->object->getRefId() != ROLE_FOLDER_ID or !$rbacsystem->checkAccess('create_rolt', ROLE_FOLDER_ID)) {
783  unset($d["rolt"]);
784  }
785 
786  if (!$rbacsystem->checkAccess('create_role', $this->object->getRefId())) {
787  unset($d["role"]);
788  }
789 
790  if (count($d) > 0) {
791  foreach ($d as $row) {
792  $count = 0;
793  if ($row["max"] > 0) {
794  //how many elements are present?
795  for ($i = 0; $i < count($this->data["ctrl"]); $i++) {
796  if ($this->data["ctrl"][$i]["type"] == $row["name"]) {
797  $count++;
798  }
799  }
800  }
801  if ($row["max"] == "" || $count < $row["max"]) {
802  $subobj[] = $row["name"];
803  }
804  }
805  }
806 
807  if (is_array($subobj)) {
808  //build form
809  $opts = ilUtil::formSelect(12, "new_type", $subobj);
810  $this->tpl->setCurrentBlock("add_object");
811  $this->tpl->setVariable("SELECT_OBJTYPE", $opts);
812  $this->tpl->setVariable("BTN_NAME", "create");
813  $this->tpl->setVariable("TXT_ADD", $this->lng->txt("add"));
814  $this->tpl->parseCurrentBlock();
815  }
816  }
817 
822  public function saveObject()
823  {
824  global $DIC;
825 
826  $rbacadmin = $DIC['rbacadmin'];
827 
828  // role folders are created automatically
829  $_GET["new_type"] = $this->object->getType();
830  $_POST["Fobject"]["title"] = $this->object->getTitle();
831  $_POST["Fobject"]["desc"] = $this->object->getDescription();
832 
833  // always call parent method first to create an object_data entry & a reference
834  $newObj = parent::saveObject();
835 
836  // put here your object specific stuff
837 
838  // always send a message
839  ilUtil::sendSuccess($this->lng->txt("rolf_added"), true);
840 
841  $this->ctrl->redirect($this, "view");
842  }
843 
850  public function getAdminTabs()
851  {
852  if ($this->checkPermissionBool("visible,read")) {
853  $this->tabs_gui->addTarget(
854  "view",
855  $this->ctrl->getLinkTarget($this, "view"),
856  array("", "view"),
857  get_class($this)
858  );
859 
860  $this->tabs_gui->addTarget(
861  "settings",
862  $this->ctrl->getLinkTarget($this, "editSettings"),
863  array("editSettings"),
864  get_class($this)
865  );
866  }
867 
868  if ($this->checkPermissionBool("edit_permission")) {
869  $this->tabs_gui->addTarget(
870  "perm_settings",
871  $this->ctrl->getLinkTargetByClass(
872  array(get_class($this),'ilpermissiongui'),
873  "perm"
874  ),
875  "",
876  "ilpermissiongui"
877  );
878  }
879  }
880 
881  public function editSettingsObject(ilPropertyFormGUI $a_form = null)
882  {
883  if (!$a_form) {
884  $a_form = $this->initSettingsForm();
885  }
886 
887  $this->tpl->setContent($a_form->getHTML());
888  }
889 
890  public function saveSettingsObject()
891  {
892  global $DIC;
893 
894  $ilErr = $DIC['ilErr'];
895  $rbacreview = $DIC['rbacreview'];
896  $ilUser = $DIC['ilUser'];
897 
898  if (!$this->checkPermissionBool("write")) {
899  $ilErr->raiseError($this->lng->txt('permission_denied'), $ilErr->MESSAGE);
900  }
901 
902  $form = $this->initSettingsForm();
903  if ($form->checkInput()) {
904  include_once('./Services/PrivacySecurity/classes/class.ilPrivacySettings.php');
905  $privacy = ilPrivacySettings::_getInstance();
906  $privacy->enableRbacLog((int) $_POST['rbac_log']);
907  $privacy->setRbacLogAge((int) $_POST['rbac_log_age']);
908  $privacy->save();
909 
910  if ($rbacreview->isAssigned($ilUser->getId(), SYSTEM_ROLE_ID)) {
911  include_once('./Services/PrivacySecurity/classes/class.ilSecuritySettings.php');
912  $security = ilSecuritySettings::_getInstance();
913  $security->protectedAdminRole((int) $_POST['admin_role']);
914  $security->save();
915  }
916 
917  ilUtil::sendSuccess($this->lng->txt("settings_saved"), true);
918  $this->ctrl->redirect($this, "editSettings");
919  }
920 
921  $form->setValuesByPost();
922  $this->editSettingsObject($form);
923  }
924 
925  protected function initSettingsForm()
926  {
927  global $DIC;
928 
929  $rbacreview = $DIC['rbacreview'];
930  $ilUser = $DIC['ilUser'];
931 
932  $this->lng->loadLanguageModule('ps');
933 
934  include_once('./Services/PrivacySecurity/classes/class.ilPrivacySettings.php');
935  include_once('./Services/PrivacySecurity/classes/class.ilSecuritySettings.php');
936  $privacy = ilPrivacySettings::_getInstance();
937  $security = ilSecuritySettings::_getInstance();
938 
939  include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
940  $form = new ilPropertyFormGUI();
941  $form->setFormAction($this->ctrl->getFormAction($this, "saveSettings"));
942  $form->setTitle($this->lng->txt('settings'));
943 
944  // protected admin
945  $admin = new ilCheckboxInputGUI($GLOBALS['DIC']['lng']->txt('adm_adm_role_protect'), 'admin_role');
946  $admin->setDisabled(!$rbacreview->isAssigned($ilUser->getId(), SYSTEM_ROLE_ID));
947  $admin->setInfo($this->lng->txt('adm_adm_role_protect_info'));
948  $admin->setChecked((int) $security->isAdminRoleProtected());
949  $admin->setValue(1);
950  $form->addItem($admin);
951 
952  $check = new ilCheckboxInputGui($this->lng->txt('rbac_log'), 'rbac_log');
953  $check->setInfo($this->lng->txt('rbac_log_info'));
954  $check->setChecked($privacy->enabledRbacLog());
955  $form->addItem($check);
956 
957  $age = new ilNumberInputGUI($this->lng->txt('rbac_log_age'), 'rbac_log_age');
958  $age->setInfo($this->lng->txt('rbac_log_age_info'));
959  $age->setValue($privacy->getRbacLogAge());
960  $age->setMinValue(1);
961  $age->setMaxValue(24);
962  $age->setSize(2);
963  $age->setMaxLength(2);
964  $check->addSubItem($age);
965 
966  $form->addCommandButton('saveSettings', $this->lng->txt('save'));
967 
968  return $form;
969  }
970 
971  public function addToExternalSettingsForm($a_form_id)
972  {
973  switch ($a_form_id) {
974  case ilAdministrationSettingsFormHandler::FORM_SECURITY:
975 
976  include_once('./Services/PrivacySecurity/classes/class.ilSecuritySettings.php');
977  $security = ilSecuritySettings::_getInstance();
978 
979  $fields = array('adm_adm_role_protect' => array($security->isAdminRoleProtected(), ilAdministrationSettingsFormHandler::VALUE_BOOL));
980 
981  return array(array("editSettings", $fields));
982 
983  case ilAdministrationSettingsFormHandler::FORM_PRIVACY:
984 
985  include_once('./Services/PrivacySecurity/classes/class.ilPrivacySettings.php');
986  $privacy = ilPrivacySettings::_getInstance();
987 
988  $subitems = null;
989  if ((bool) $privacy->enabledRbacLog()) {
990  $subitems = array('rbac_log_age' => $privacy->getRbacLogAge());
991  }
992  $fields = array('rbac_log' => array($privacy->enabledRbacLog(), ilAdministrationSettingsFormHandler::VALUE_BOOL, $subitems));
993 
994  return array(array("editSettings", $fields));
995  }
996  }
997 } // END class.ilObjRoleFolderGUI
ilObjRole
Class ilObjRole.
Definition: class.ilObjRole.php:16
ilObjRoleFolderGUI\doAddRolePermissions
doAddRolePermissions($source, $target)
do add role permission
Definition: class.ilObjRoleFolderGUI.php:489
ilObjRoleFolderGUI\editSettingsObject
editSettingsObject(ilPropertyFormGUI $a_form=null)
Definition: class.ilObjRoleFolderGUI.php:881
ilObjRoleFolderGUI\adoptPermSaveObject
adoptPermSaveObject()
??? TODO: what is the purpose of this function? public
Definition: class.ilObjRoleFolderGUI.php:761
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
ilObjRoleFolderGUI\initCopyBehaviourForm
initCopyBehaviourForm(int $copy_source)
Show copy behaviour form.
Definition: class.ilObjRoleFolderGUI.php:299
ilObjRoleFolderGUI\confirmDeleteObject
confirmDeleteObject()
Confirm deletion of roles.
Definition: class.ilObjRoleFolderGUI.php:655
$DIC
global $DIC
Definition: saml.php:7
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
ilObjRoleFolderGUI\getAdminTabs
getAdminTabs()
Add role folder tabs ilTree $tree ilLanguage $lng.
Definition: class.ilObjRoleFolderGUI.php:850
ilObjRoleFolderGUI\showPossibleSubObjects
showPossibleSubObjects()
show possible subobjects (pulldown menu) overwritten to prevent displaying of role templates in local...
Definition: class.ilObjRoleFolderGUI.php:774
ilObjRoleFolderGUI\chooseCopyBehaviourObject
chooseCopyBehaviourObject(\ilPropertyFormGUI $form=null)
Choose option for copying roles/role templates.
Definition: class.ilObjRoleFolderGUI.php:278
ilObjRoleFolderGUI\deleteObject
deleteObject($a_error=false)
display deletion confirmation screen DEPRECATED !!! public
Definition: class.ilObjRoleFolderGUI.php:751
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:33
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:988
ilObjRole\MODE_REMOVE_OPERATIONS
const MODE_REMOVE_OPERATIONS
Definition: class.ilObjRole.php:25
ilObjRoleFolderGUI
Class ilObjRoleFolderGUI.
Definition: class.ilObjRoleFolderGUI.php:38
ilObjRoleFolderGUI\doCopyRole
doCopyRole($source, $target)
Perform copy of role.
Definition: class.ilObjRoleFolderGUI.php:561
ilRoleTableGUI
TableGUI for the presentation og roles and role templates.
Definition: class.ilRoleTableGUI.php:14
ilObjRole\MODE_PROTECTED_KEEP_LOCAL_POLICIES
const MODE_PROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:19
ilObjRole\MODE_READ_OPERATIONS
const MODE_READ_OPERATIONS
Definition: class.ilObjRole.php:24
$ilCtrl
global $ilCtrl
Definition: ilias.php:18
ilFormPropertyGUI\setInfo
setInfo($a_info)
Set Information Text.
Definition: class.ilFormPropertyGUI.php:145
ilObjRoleFolderGUI\__construct
__construct($a_data, $a_id, $a_call_by_reference)
Constructor public.
Definition: class.ilObjRoleFolderGUI.php:62
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4481
ilHiddenInputGUI
This class represents a hidden form property in a property form.
Definition: class.ilHiddenInputGUI.php:32
ilObjectGUI\prepareOutput
prepareOutput($a_show_subobjects=true)
prepare output
Definition: class.ilObjectGUI.php:296
$form
if(isset($_POST['submit'])) $form
Definition: registry.edit.php:63
ilNumberInputGUI
This class represents a number property in a property form.
Definition: class.ilNumberInputGUI.php:14
ilObjectGUI
Class ilObjectGUI Basic methods of all Output classes.
Definition: class.ilObjectGUI.php:13
ilObjRoleFolderGUI\initRoleSearchForm
initRoleSearchForm()
Init role search form.
Definition: class.ilObjRoleFolderGUI.php:194
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:16
ilObjRoleFolderGUI\removeRolePermissionsObject
removeRolePermissionsObject()
Remove role permissions.
Definition: class.ilObjRoleFolderGUI.php:510
$ilUser
$ilUser
Definition: imgupload.php:18
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
ilObjRoleFolderGUI\applyFilterObject
applyFilterObject()
Apply role filter.
Definition: class.ilObjRoleFolderGUI.php:627
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:77
ilObjRole\_getTranslation
static _getTranslation($a_role_title)
Definition: class.ilObjRole.php:518
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4497
ilObjRole\MODE_ADD_OPERATIONS
const MODE_ADD_OPERATIONS
Definition: class.ilObjRole.php:23
$row
$row
Definition: migrateto20.php:360
ilObjRoleFolderGUI\resetFilterObject
resetFilterObject()
Reset role filter.
Definition: class.ilObjRoleFolderGUI.php:641
ilObjRoleFolderGUI\viewObject
viewObject()
ilErrorHandler $ilErr ilRbacSystem $rbacsystem ilToolbarGUI $ilToolbar
Definition: class.ilObjRoleFolderGUI.php:111
ilUtil\formSelect
static formSelect( $selected, $varname, $options, $multiple=false, $direct_text=false, $size="0", $style_class="", $attribs="", $disabled=false)
Builds a select form field with options and shows the selected option first.
Definition: class.ilUtil.php:328
data
$this data['403_header']
Definition: authorize_403.php:13
ilObjRoleFolderGUI\createObject
createObject()
role folders are created automatically DEPRECATED !!! public
Definition: class.ilObjRoleFolderGUI.php:734
ilObjRole\MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:21
$ret
$ret
Definition: parser.php:6
$i
$i
Definition: disco.tpl.php:19
ilObjRoleFolderGUI\saveObject
saveObject()
save object public
Definition: class.ilObjRoleFolderGUI.php:822
ilObjRoleFolderGUI\doRemoveRolePermissions
doRemoveRolePermissions($source, $target)
do add role permission
Definition: class.ilObjRoleFolderGUI.php:536
ilObjectGUI\checkPermission
checkPermission($a_perm, $a_cmd="", $a_type="", $a_ref_id=null)
Check permission and redirect on error.
Definition: class.ilObjectGUI.php:1915
ilPermissionGUI
New PermissionGUI (extends from old ilPermission2GUI) RBAC related output.
Definition: class.ilPermissionGUI.php:19
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:74
ilPrivacySettings\_getInstance
static _getInstance()
Get instance of ilPrivacySettings.
Definition: class.ilPrivacySettings.php:89
$source
$source
Definition: linkback.php:22
$table
if(empty($password)) $table
Definition: pwgen.php:24
$target
$target
Definition: test.php:19
ilObjRoleFolderGUI\roleSearchFormObject
roleSearchFormObject()
Parse search query $ilCtrl.
Definition: class.ilObjRoleFolderGUI.php:220
ilObjRoleFolderGUI\doChangeExistingObjects
doChangeExistingObjects($a_start_obj, $a_target_role, $a_operation_mode, $a_source_role)
Do change existing objects.
Definition: class.ilObjRoleFolderGUI.php:582
ilSecuritySettings\_getInstance
static _getInstance()
Get instance of ilSecuritySettings.
Definition: class.ilSecuritySettings.php:107
ilObjectGUI\checkPermissionBool
checkPermissionBool($a_perm, $a_cmd="", $a_type="", $a_ref_id=null)
Check permission.
Definition: class.ilObjectGUI.php:1962
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
ilFormPropertyGUI\setRequired
setRequired($a_required)
Set Required.
Definition: class.ilFormPropertyGUI.php:185
$GLOBALS
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
Definition: module.tag.xmp.php:702
$d
for($i=6; $i< 13; $i++) for($i=1; $i< 13; $i++) $d
Definition: date.php:296
ilConfirmationGUI
Confirmation screen class.
Definition: class.ilConfirmationGUI.php:15
ilObjRoleFolderGUI\roleSearchObject
roleSearchObject()
Search target roles.
Definition: class.ilObjRoleFolderGUI.php:165