ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
class.ilObjRoleFolderGUI.php
Go to the documentation of this file.
1<?php
2/*
3 +-----------------------------------------------------------------------------+
4 | ILIAS open source |
5 +-----------------------------------------------------------------------------+
6 | Copyright (c) 1998-2006 ILIAS open source, University of Cologne |
7 | |
8 | This program is free software; you can redistribute it and/or |
9 | modify it under the terms of the GNU General Public License |
10 | as published by the Free Software Foundation; either version 2 |
11 | of the License, or (at your option) any later version. |
12 | |
13 | This program is distributed in the hope that it will be useful, |
14 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | GNU General Public License for more details. |
17 | |
18 | You should have received a copy of the GNU General Public License |
19 | along with this program; if not, write to the Free Software |
20 | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21 +-----------------------------------------------------------------------------+
22*/
23
24require_once "./Services/Object/classes/class.ilObjectGUI.php";
25
38class ilObjRoleFolderGUI extends ilObjectGUI
39{
40 const COPY_ADD_PERMISSIONS = 1;
41 const COPY_CLONE_PERMISSIONS = 2;
42 const COPY_REMOVE_PERMISSIONS = 3;
43 const COPY_CHANGE_EXISTING_OBJECTS = 1;
44
48 private $logger = null;
49
50
56 public $type;
57
62 public function __construct($a_data, $a_id, $a_call_by_reference)
63 {
64 global $DIC;
65
66 $lng = $DIC['lng'];
67 $this->logger = $DIC->logger()->ac();
68
69 $this->type = "rolf";
70 parent::__construct($a_data, $a_id, $a_call_by_reference, false);
71 $lng->loadLanguageModule('rbac');
72 }
73
74 public function executeCommand()
75 {
76 global $DIC;
77
78 $ilTabs = $DIC['ilTabs'];
79
80 $next_class = $this->ctrl->getNextClass($this);
81 $cmd = $this->ctrl->getCmd();
82 $this->prepareOutput();
83
84 switch ($next_class) {
85
86 case 'ilpermissiongui':
87 include_once("Services/AccessControl/classes/class.ilPermissionGUI.php");
88 $perm_gui = new ilPermissionGUI($this);
89 $ret = &$this->ctrl->forwardCommand($perm_gui);
90 break;
91
92 default:
93 $this->ctrl->setReturn($this, "view");
94 if (!$cmd) {
95 $cmd = "view";
96 }
97 $cmd .= "Object";
98 $this->$cmd();
99
100 break;
101 }
102 return true;
103 }
104
111 public function viewObject()
112 {
113 global $DIC;
114
115 $ilErr = $DIC['ilErr'];
116 $rbacsystem = $DIC['rbacsystem'];
117 $ilToolbar = $DIC['ilToolbar'];
118 $rbacreview = $DIC['rbacreview'];
119 $ilTabs = $DIC['ilTabs'];
120
121 $ilTabs->activateTab('view');
122
123 if (!$rbacsystem->checkAccess('visible,read', $this->object->getRefId())) {
124 $ilErr->raiseError($this->lng->txt('permission_denied'), $ilErr->MESSAGE);
125 }
126
127
128 if ($rbacsystem->checkAccess('create_role', $this->object->getRefId())) {
129 $this->ctrl->setParameter($this, 'new_type', 'role');
130 $ilToolbar->addButton(
131 $this->lng->txt('rolf_create_role'),
132 $this->ctrl->getLinkTarget($this, 'create')
133 );
134 }
135 if ($rbacsystem->checkAccess('create_rolt', $this->object->getRefId())) {
136 $this->ctrl->setParameter($this, 'new_type', 'rolt');
137 $ilToolbar->addButton(
138 $this->lng->txt('rolf_create_rolt'),
139 $this->ctrl->getLinkTarget($this, 'create')
140 );
141 $this->ctrl->clearParameters($this);
142 }
143
144 if (
145 $rbacsystem->checkAccess('create_rolt', $this->object->getRefId()) ||
146 $rbacsystem->checkAccess('create_rolt', $this->object->getRefId())
147 ) {
148 $ilToolbar->addButton(
149 $this->lng->txt('rbac_import_role'),
150 $this->ctrl->getLinkTargetByClass('ilPermissionGUI', 'displayImportRoleForm')
151 );
152 }
153
154 include_once './Services/AccessControl/classes/class.ilRoleTableGUI.php';
155 $table = new ilRoleTableGUI($this, 'view');
156 $table->init();
157 $table->parse($this->object->getId());
158
159 $this->tpl->setContent($table->getHTML());
160 }
161
165 protected function roleSearchObject()
166 {
167 global $DIC;
168
169 $rbacsystem = $DIC['rbacsystem'];
170 $ilCtrl = $DIC['ilCtrl'];
171 $ilTabs = $DIC['ilTabs'];
172 $ilErr = $DIC['ilErr'];
173
174 $ilTabs->clearTargets();
175 $ilTabs->setBackTarget(
176 $this->lng->txt('rbac_back_to_overview'),
177 $this->ctrl->getLinkTarget($this, 'view')
178 );
179
180 if (!$rbacsystem->checkAccess('visible,read', $this->object->getRefId())) {
181 $ilErr->raiseError($this->lng->txt('permission_denied'), $ilErr->MESSAGE);
182 }
183
184 $ilCtrl->setParameter($this, 'csource', (int) $_REQUEST['csource']);
185 ilUtil::sendInfo($this->lng->txt('rbac_choose_copy_targets'));
186
187 $form = $this->initRoleSearchForm();
188 $this->tpl->setContent($form->getHTML());
189 }
190
194 protected function initRoleSearchForm()
195 {
196 global $DIC;
197
198 $ilCtrl = $DIC['ilCtrl'];
199
200 include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
201 $form = new ilPropertyFormGUI();
202 $form->setTitle($this->lng->txt('rbac_role_title'));
203 $form->setFormAction($ilCtrl->getFormAction($this, 'view'));
204
205 $search = new ilTextInputGUI($this->lng->txt('title'), 'title');
206 $search->setRequired(true);
207 $search->setSize(30);
208 $search->setMaxLength(255);
209 $form->addItem($search);
210
211 $form->addCommandButton('roleSearchForm', $this->lng->txt('search'));
212 return $form;
213 }
214
215
220 protected function roleSearchFormObject()
221 {
222 global $DIC;
223
224 $ilCtrl = $DIC['ilCtrl'];
225
226 $_SESSION['rolf_search_query'] = '';
227 $ilCtrl->setParameter($this, 'csource', (int) $_REQUEST['csource']);
228
229 $form = $this->initRoleSearchForm();
230 if ($form->checkInput()) {
231 $_SESSION['rolf_search_query'] = $form->getInput('title');
232 return $this->roleSearchListObject();
233 }
234
235 ilUtil::sendFailure($this->lng->txt('msg_no_search_string'), true);
236 $form->setValuesByPost();
237 $ilCtrl->redirect($this, 'roleSearch');
238 }
239
243 protected function roleSearchListObject()
244 {
245 global $DIC;
246
247 $ilTabs = $DIC['ilTabs'];
248 $ilCtrl = $DIC['ilCtrl'];
249
250 $ilTabs->clearTargets();
251 $ilTabs->setBackTarget(
252 $this->lng->txt('rbac_back_to_overview'),
253 $this->ctrl->getLinkTarget($this, 'view')
254 );
255
256 $ilCtrl->setParameter($this, 'csource', (int) $_REQUEST['csource']);
257
258 if (strlen($_SESSION['rolf_search_query'])) {
259 ilUtil::sendInfo($this->lng->txt('rbac_select_copy_targets'));
260
261 include_once './Services/AccessControl/classes/class.ilRoleTableGUI.php';
262 $table = new ilRoleTableGUI($this, 'roleSearchList');
263 $table->setType(ilRoleTableGUI::TYPE_SEARCH);
264 $table->setRoleTitleFilter($_SESSION['rolf_search_query']);
265 $table->init();
266 $table->parse($this->object->getId());
267 return $this->tpl->setContent($table->getHTML());
268 }
269
270 ilUtil::sendFailure($this->lng->txt('msg_no_search_string'), true);
271 $ilCtrl->redirect($this, 'roleSearch');
272 }
273
278 protected function chooseCopyBehaviourObject(\ilPropertyFormGUI $form = null)
279 {
280 global $DIC;
281
282 $copy_source = (int) $_REQUEST['csource'];
283
284 $this->ctrl->saveParameter($this, 'csource', $copy_source);
285 $this->tabs_gui->clearTargets();
286 $this->tabs_gui->setBackTarget(
287 $this->lng->txt('rbac_back_to_overview'),
288 $this->ctrl->getLinkTarget($this, 'view')
289 );
290 if (!$form instanceof \ilPropertyFormGUI) {
291 $form = $this->initCopyBehaviourForm($copy_source);
292 }
293 $this->tpl->setContent($form->getHTML());
294 }
295
299 protected function initCopyBehaviourForm(int $copy_source)
300 {
301 // not only for role templates; add/remove permissions is also applicable for roles
302 $full_featured = true;
303
304 $form = new ilPropertyFormGUI();
305 $form->setTitle($this->lng->txt('rbac_copy_behaviour'));
306 $form->setFormAction($this->ctrl->getFormAction($this, 'chooseCopyBehaviour'));
307
308 $copy_type = new \ilRadioGroupInputGUI(
309 $this->lng->txt('rbac_form_copy_roles_adjust_type'),
310 'type'
311 );
312 $copy_type->setRequired(true);
313 $copy_type->setValue(self::COPY_CLONE_PERMISSIONS);
314
315 if ($full_featured) {
316 $add = new \ilRadioOption(
317 $this->lng->txt('rbac_form_copy_roles_adjust_type_add'),
318 self::COPY_ADD_PERMISSIONS,
319 $this->lng->txt('rbac_form_copy_roles_adjust_type_add_info')
320 );
321 $copy_type->addOption($add);
322
323 $ce_type_add = new \ilRadioGroupInputGUI(
324 '',
325 'add_ce_type'
326 );
327 $ce_type_add->setRequired(true);
328 $ce_add_yes = new \ilRadioOption(
329 $this->lng->txt('rbac_form_copy_roles_ce_add_yes'),
330 self::COPY_CHANGE_EXISTING_OBJECTS,
331 $this->lng->txt('rbac_form_copy_roles_ce_add_yes_info')
332 );
333 $ce_type_add->addOption($ce_add_yes);
334 $ce_add_no = new \ilRadioOption(
335 $this->lng->txt('rbac_form_copy_roles_ce_add_no'),
336 0,
337 $this->lng->txt('rbac_form_copy_roles_ce_add_no_info')
338 );
339 $ce_type_add->addOption($ce_add_no);
340 $add->addSubItem($ce_type_add);
341 }
342 $clone = new \ilRadioOption(
343 $this->lng->txt('rbac_form_copy_roles_adjust_type_clone'),
344 self::COPY_CLONE_PERMISSIONS,
345 $this->lng->txt('rbac_form_copy_roles_adjust_type_clone_info')
346 );
347 $copy_type->addOption($clone);
348
349
350 $ce_type_clone = new \ilRadioGroupInputGUI(
351 '',
352 'clone_ce_type'
353 );
354 $ce_type_clone->setRequired(true);
355 $ce_clone_yes = new \ilRadioOption(
356 $this->lng->txt('rbac_form_copy_roles_ce_clone_yes'),
357 self::COPY_CHANGE_EXISTING_OBJECTS,
358 $this->lng->txt('rbac_form_copy_roles_ce_clone_yes_info')
359 );
360 $ce_type_clone->addOption($ce_clone_yes);
361 $ce_clone_no = new \ilRadioOption(
362 $this->lng->txt('rbac_form_copy_roles_ce_clone_no'),
363 0,
364 $this->lng->txt('rbac_form_copy_roles_ce_clone_no_info')
365 );
366 $ce_type_clone->addOption($ce_clone_no);
367 $clone->addSubItem($ce_type_clone);
368
369 if ($full_featured) {
370 $remove = new \ilRadioOption(
371 $this->lng->txt('rbac_form_copy_roles_adjust_type_remove'),
372 self::COPY_REMOVE_PERMISSIONS,
373 $this->lng->txt('rbac_form_copy_roles_adjust_type_remove_info')
374 );
375 $copy_type->addOption($remove);
376 $ce_type_remove = new \ilRadioGroupInputGUI(
377 '',
378 'remove_ce_type'
379 );
380 $ce_type_remove->setRequired(true);
381 $ce_remove_yes = new \ilRadioOption(
382 $this->lng->txt('rbac_form_copy_roles_ce_remove_yes'),
383 self::COPY_CHANGE_EXISTING_OBJECTS,
384 $this->lng->txt('rbac_form_copy_roles_ce_remove_yes_info')
385 );
386 $ce_type_remove->addOption($ce_remove_yes);
387 $ce_remove_no = new \ilRadioOption(
388 $this->lng->txt('rbac_form_copy_roles_ce_remove_no'),
389 0,
390 $this->lng->txt('rbac_form_copy_roles_ce_remove_no_info')
391 );
392 $ce_type_remove->addOption($ce_remove_no);
393 $remove->addSubItem($ce_type_remove);
394 }
395
396 $form->addItem($copy_type);
397
398 $roles = new ilHiddenInputGUI('roles');
399 $roles->setValue(implode(',', (array) $_POST['roles']));
400 $form->addItem($roles);
401
402 $form->addCommandButton('roleSearchList', $this->lng->txt('back'));
403 $form->addCommandButton('adjustRole',$this->lng->txt('rbac_form_copy_roles_adjust_button'));
404 return $form;
405 }
406
407
411 protected function adjustRoleObject()
412 {
413 global $DIC;
414
415 $this->checkPermission('write');
416 $review = $DIC->rbac()->review();
417
418 $roles = explode(',', $_POST['roles']);
419 $source = (int) $_REQUEST['csource'];
420
421 $form = $this->initCopyBehaviourForm($source);
422 if ($form->checkInput()) {
423
424 $adjustment_type = $form->getInput('type');
425 foreach ((array) $roles as $role_id) {
426 if ($role_id != $source) {
427
428 $start_obj = $review->getRoleFolderOfRole($role_id);
429 $this->logger->debug('Start object: ' . $start_obj);
430
431 switch ($adjustment_type) {
432 case self::COPY_ADD_PERMISSIONS:
433 $change_existing = (bool) $form->getInput('add_ce_type');
434 $this->doAddRolePermissions(
435 $source,
436 $role_id
437 );
438 if ($change_existing) {
439 $this->doChangeExistingObjects(
440 $start_obj,
441 $role_id,
442 \ilObjRole::MODE_ADD_OPERATIONS,
443 $source
444 );
445 }
446 break;
447 case self::COPY_CLONE_PERMISSIONS:
448 $change_existing = (bool) $form->getInput('clone_ce_type');
449 $this->doCopyRole(
450 $source,
451 $role_id
452 );
453 if ($change_existing) {
454 $this->doChangeExistingObjects(
455 $start_obj,
456 $role_id,
457 \ilObjRole::MODE_READ_OPERATIONS,
458 $source
459 );
460 }
461 break;
462 case self::COPY_REMOVE_PERMISSIONS:
463 $change_existing = (bool) $form->getInput('remove_ce_type');
464 $this->doRemoveRolePermissions(
465 $source,
466 $role_id
467 );
468 if ($change_existing) {
469 $this->doChangeExistingObjects(
470 $start_obj,
471 $role_id,
472 \ilObjRole::MODE_REMOVE_OPERATIONS,
473 $source
474 );
475 }
476 break;
477 }
478 }
479 }
480 ilUtil::sendSuccess($this->lng->txt('rbac_copy_finished'), true);
481 $this->ctrl->redirect($this, 'view');
482 }
483 }
484
485
489 protected function doAddRolePermissions($source, $target)
490 {
491 global $DIC;
492
493 $rbacadmin = $DIC->rbac()->admin();
494 $rbacreview = $DIC->rbac()->review();
495
496 $source_definition = $rbacreview->getRoleFolderOfRole($source);
497 $rbacadmin->copyRolePermissionUnion(
498 $source,
499 $source_definition,
500 $target,
501 $rbacreview->getRoleFolderOfRole($target),
502 $target,
503 $rbacreview->getRoleFolderOfRole($target)
504 );
505 }
506
510 protected function removeRolePermissionsObject()
511 {
512 global $DIC;
513
514 $ilCtrl = $DIC['ilCtrl'];
515
516 // Finally copy role/rolt
517 $roles = explode(',', $_POST['roles']);
518 $source = (int) $_REQUEST['csource'];
519
520 $form = $this->initCopyBehaviourForm();
521 if ($form->checkInput()) {
522 foreach ((array) $roles as $role_id) {
523 if ($role_id != $source) {
524 $this->doRemoveRolePermissions($source, $role_id, $form->getInput('change_existing'));
525 }
526 }
527
528 ilUtil::sendSuccess($this->lng->txt('rbac_copy_finished'), true);
529 $ilCtrl->redirect($this, 'view');
530 }
531 }
532
536 protected function doRemoveRolePermissions($source, $target)
537 {
538 global $DIC;
539
540 $rbacadmin = $DIC->rbac()->admin();
541 $rbacreview = $DIC->rbac()->review();
542
543 ilLoggerFactory::getLogger('ac')->debug('Remove permission source: ' . $source);
544 ilLoggerFactory::getLogger('ac')->debug('Remove permission target: ' . $target);
545
546 $source_obj = $rbacreview->getRoleFolderOfRole($source);
547 $rbacadmin->copyRolePermissionSubtract(
548 $source,
549 $source_obj,
550 $target,
551 $rbacreview->getRoleFolderOfRole($target)
552 );
553
554 }
555
556
557
561 protected function doCopyRole($source, $target)
562 {
563 global $DIC;
564
565 $rbacadmin = $DIC->rbac()->admin();
566 $rbacreview = $DIC->rbac()->review();
567
568 $target_obj = $rbacreview->getRoleFolderOfRole($target);
569 $source_obj = $rbacreview->getRoleFolderOfRole($source);
570 // Copy role template permissions
571 $rbacadmin->copyRoleTemplatePermissions(
572 $source,
573 $source_obj,
574 $target_obj,
575 $target
576 );
577 }
578
582 protected function doChangeExistingObjects($a_start_obj, $a_target_role, $a_operation_mode, $a_source_role)
583 {
584 global $DIC;
585
586 $review = $DIC->rbac()->review();
587
588 if (!$a_start_obj) {
589 $this->logger->warning('Missing parameter start object.');
590 $this->logger->logStack(\ilLogLevel::WARNING);
591 throw new InvalidArgumentException('Missing parameter: start object');
592 }
593 // the mode is unchanged and read out from the target object
594 $target_ref_id = $review->getRoleFolderOfRole($a_target_role);
595 if ($review->isProtected($target_ref_id, $a_target_role)) {
596 $mode = \ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES;
597 }
598 else {
599 $mode = \ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES;
600 }
601 if ($a_start_obj) {
602
603 $operation_stack = [];
604 if ($a_operation_mode !== \ilObjRole::MODE_READ_OPERATIONS) {
605 $operation_stack[] = $review->getAllOperationsOfRole($a_source_role, $a_start_obj);
606 }
607
608 $this->logger->debug('Current operation stack');
609 $this->logger->dump($operation_stack);
610
611 $role = new ilObjRole($a_target_role);
612 $role->changeExistingObjects(
613 $a_start_obj,
614 $mode,
615 array('all'),
616 [],
617 $a_operation_mode,
618 $operation_stack
619 );
620 }
621 }
622
623
627 protected function applyFilterObject()
628 {
629 include_once './Services/AccessControl/classes/class.ilRoleTableGUI.php';
630 $table = new ilRoleTableGUI($this, 'view');
631 $table->init();
632 $table->resetOffset();
633 $table->writeFilterToSession();
634
635 $this->viewObject();
636 }
637
641 public function resetFilterObject()
642 {
643 include_once './Services/AccessControl/classes/class.ilRoleTableGUI.php';
644 $table = new ilRoleTableGUI($this, 'view');
645 $table->init();
646 $table->resetOffset();
647 $table->resetFilter();
648
649 $this->viewObject();
650 }
651
655 protected function confirmDeleteObject()
656 {
657 global $DIC;
658
659 $ilCtrl = $DIC['ilCtrl'];
660
661 $roles = (array) ($_POST['roles'] ?? []);
662 if (!count($roles)) {
663 ilUtil::sendFailure($this->lng->txt('select_one'), true);
664 $ilCtrl->redirect($this, 'view');
665 }
666
667 $question = $this->lng->txt('rbac_role_delete_qst');
668
669 include_once './Services/Utilities/classes/class.ilConfirmationGUI.php';
670 $confirm = new ilConfirmationGUI();
671 $confirm->setHeaderText($question);
672 $confirm->setFormAction($ilCtrl->getFormAction($this));
673 $confirm->setHeaderText($this->lng->txt("info_delete_sure"));
674 $confirm->setConfirm($this->lng->txt('delete'), 'deleteRole');
675 $confirm->setCancel($this->lng->txt('cancel'), 'cancel');
676
677
678 include_once './Services/AccessControl/classes/class.ilObjRole.php';
679 foreach ($roles as $role_id) {
680 $confirm->addItem(
681 'roles[]',
682 $role_id,
683 ilObjRole::_getTranslation(ilObject::_lookupTitle($role_id))
684 );
685 }
686 $this->tpl->setContent($confirm->getHTML());
687 }
688
692 protected function deleteRoleObject()
693 {
694 global $DIC;
695
696 $rbacsystem = $DIC['rbacsystem'];
697 $ilErr = $DIC['ilErr'];
698 $rbacreview = $DIC['rbacreview'];
699 $ilCtrl = $DIC['ilCtrl'];
700
701 if (!$rbacsystem->checkAccess('delete', $this->object->getRefId())) {
702 $ilErr->raiseError(
703 $this->lng->txt('msg_no_perm_delete'),
704 $ilErr->MESSAGE
705 );
706 }
707
708 foreach ((array) $_POST['roles'] as $id) {
709 // instatiate correct object class (role or rolt)
710 $obj = ilObjectFactory::getInstanceByObjId($id, false);
711
712 if ($obj->getType() == "role") {
713 $rolf_arr = $rbacreview->getFoldersAssignedToRole($obj->getId(), true);
714 $obj->setParent($rolf_arr[0]);
715 }
716
717 $obj->delete();
718 }
719
720 // set correct return location if rolefolder is removed
721 ilUtil::sendSuccess($this->lng->txt("msg_deleted_roles_rolts"), true);
722 $ilCtrl->redirect($this, 'view');
723 }
724
725
726
727
728
734 public function createObject()
735 {
736 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
737
738 /*
739 $this->object->setTitle($this->lng->txt("obj_".$this->object->getType()."_local"));
740 $this->object->setDescription("obj_".$this->object->getType()."_local_desc");
741
742 $this->saveObject();
743 */
744 }
745
751 public function deleteObject($a_error = false)
752 {
753 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
754 }
755
761 public function adoptPermSaveObject()
762 {
763 ilUtil::sendSuccess($this->lng->txt("saved_successfully"), true);
764
765 $this->ctrl->redirect($this, "view");
766 }
767
774 public function showPossibleSubObjects()
775 {
776 global $DIC;
777
778 $rbacsystem = $DIC['rbacsystem'];
779
780 $d = $this->objDefinition->getCreatableSubObjects($this->object->getType());
781
782 if ($this->object->getRefId() != ROLE_FOLDER_ID or !$rbacsystem->checkAccess('create_rolt', ROLE_FOLDER_ID)) {
783 unset($d["rolt"]);
784 }
785
786 if (!$rbacsystem->checkAccess('create_role', $this->object->getRefId())) {
787 unset($d["role"]);
788 }
789
790 if (count($d) > 0) {
791 foreach ($d as $row) {
792 $count = 0;
793 if ($row["max"] > 0) {
794 //how many elements are present?
795 for ($i = 0; $i < count($this->data["ctrl"]); $i++) {
796 if ($this->data["ctrl"][$i]["type"] == $row["name"]) {
797 $count++;
798 }
799 }
800 }
801 if ($row["max"] == "" || $count < $row["max"]) {
802 $subobj[] = $row["name"];
803 }
804 }
805 }
806
807 if (is_array($subobj)) {
808 //build form
809 $opts = ilUtil::formSelect(12, "new_type", $subobj);
810 $this->tpl->setCurrentBlock("add_object");
811 $this->tpl->setVariable("SELECT_OBJTYPE", $opts);
812 $this->tpl->setVariable("BTN_NAME", "create");
813 $this->tpl->setVariable("TXT_ADD", $this->lng->txt("add"));
814 $this->tpl->parseCurrentBlock();
815 }
816 }
817
822 public function saveObject()
823 {
824 global $DIC;
825
826 $rbacadmin = $DIC['rbacadmin'];
827
828 // role folders are created automatically
829 $_GET["new_type"] = $this->object->getType();
830 $_POST["Fobject"]["title"] = $this->object->getTitle();
831 $_POST["Fobject"]["desc"] = $this->object->getDescription();
832
833 // always call parent method first to create an object_data entry & a reference
834 $newObj = parent::saveObject();
835
836 // put here your object specific stuff
837
838 // always send a message
839 ilUtil::sendSuccess($this->lng->txt("rolf_added"), true);
840
841 $this->ctrl->redirect($this, "view");
842 }
843
850 public function getAdminTabs()
851 {
852 if ($this->checkPermissionBool("visible,read")) {
853 $this->tabs_gui->addTarget(
854 "view",
855 $this->ctrl->getLinkTarget($this, "view"),
856 array("", "view"),
857 get_class($this)
858 );
859
860 $this->tabs_gui->addTarget(
861 "settings",
862 $this->ctrl->getLinkTarget($this, "editSettings"),
863 array("editSettings"),
864 get_class($this)
865 );
866 }
867
868 if ($this->checkPermissionBool("edit_permission")) {
869 $this->tabs_gui->addTarget(
870 "perm_settings",
871 $this->ctrl->getLinkTargetByClass(
872 array(get_class($this),'ilpermissiongui'),
873 "perm"
874 ),
875 "",
876 "ilpermissiongui"
877 );
878 }
879 }
880
881 public function editSettingsObject(ilPropertyFormGUI $a_form = null)
882 {
883 if (!$a_form) {
884 $a_form = $this->initSettingsForm();
885 }
886
887 $this->tpl->setContent($a_form->getHTML());
888 }
889
890 public function saveSettingsObject()
891 {
892 global $DIC;
893
894 $ilErr = $DIC['ilErr'];
895 $rbacreview = $DIC['rbacreview'];
896 $ilUser = $DIC['ilUser'];
897
898 if (!$this->checkPermissionBool("write")) {
899 $ilErr->raiseError($this->lng->txt('permission_denied'), $ilErr->MESSAGE);
900 }
901
902 $form = $this->initSettingsForm();
903 if ($form->checkInput()) {
904 include_once('./Services/PrivacySecurity/classes/class.ilPrivacySettings.php');
905 $privacy = ilPrivacySettings::_getInstance();
906 $privacy->enableRbacLog((int) $_POST['rbac_log']);
907 $privacy->setRbacLogAge((int) $_POST['rbac_log_age']);
908 $privacy->save();
909
910 if ($rbacreview->isAssigned($ilUser->getId(), SYSTEM_ROLE_ID)) {
911 include_once('./Services/PrivacySecurity/classes/class.ilSecuritySettings.php');
912 $security = ilSecuritySettings::_getInstance();
913 $security->protectedAdminRole((int) $_POST['admin_role']);
914 $security->save();
915 }
916
917 ilUtil::sendSuccess($this->lng->txt("settings_saved"), true);
918 $this->ctrl->redirect($this, "editSettings");
919 }
920
921 $form->setValuesByPost();
922 $this->editSettingsObject($form);
923 }
924
925 protected function initSettingsForm()
926 {
927 global $DIC;
928
929 $rbacreview = $DIC['rbacreview'];
930 $ilUser = $DIC['ilUser'];
931
932 $this->lng->loadLanguageModule('ps');
933
934 include_once('./Services/PrivacySecurity/classes/class.ilPrivacySettings.php');
935 include_once('./Services/PrivacySecurity/classes/class.ilSecuritySettings.php');
936 $privacy = ilPrivacySettings::_getInstance();
937 $security = ilSecuritySettings::_getInstance();
938
939 include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
940 $form = new ilPropertyFormGUI();
941 $form->setFormAction($this->ctrl->getFormAction($this, "saveSettings"));
942 $form->setTitle($this->lng->txt('settings'));
943
944 // protected admin
945 $admin = new ilCheckboxInputGUI($GLOBALS['DIC']['lng']->txt('adm_adm_role_protect'), 'admin_role');
946 $admin->setDisabled(!$rbacreview->isAssigned($ilUser->getId(), SYSTEM_ROLE_ID));
947 $admin->setInfo($this->lng->txt('adm_adm_role_protect_info'));
948 $admin->setChecked((int) $security->isAdminRoleProtected());
949 $admin->setValue(1);
950 $form->addItem($admin);
951
952 $check = new ilCheckboxInputGui($this->lng->txt('rbac_log'), 'rbac_log');
953 $check->setInfo($this->lng->txt('rbac_log_info'));
954 $check->setChecked($privacy->enabledRbacLog());
955 $form->addItem($check);
956
957 $age = new ilNumberInputGUI($this->lng->txt('rbac_log_age'), 'rbac_log_age');
958 $age->setInfo($this->lng->txt('rbac_log_age_info'));
959 $age->setValue($privacy->getRbacLogAge());
960 $age->setMinValue(1);
961 $age->setMaxValue(24);
962 $age->setSize(2);
963 $age->setMaxLength(2);
964 $check->addSubItem($age);
965
966 $form->addCommandButton('saveSettings', $this->lng->txt('save'));
967
968 return $form;
969 }
970
971 public function addToExternalSettingsForm($a_form_id)
972 {
973 switch ($a_form_id) {
974 case ilAdministrationSettingsFormHandler::FORM_SECURITY:
975
976 include_once('./Services/PrivacySecurity/classes/class.ilSecuritySettings.php');
977 $security = ilSecuritySettings::_getInstance();
978
979 $fields = array('adm_adm_role_protect' => array($security->isAdminRoleProtected(), ilAdministrationSettingsFormHandler::VALUE_BOOL));
980
981 return array(array("editSettings", $fields));
982
983 case ilAdministrationSettingsFormHandler::FORM_PRIVACY:
984
985 include_once('./Services/PrivacySecurity/classes/class.ilPrivacySettings.php');
986 $privacy = ilPrivacySettings::_getInstance();
987
988 $subitems = null;
989 if ((bool) $privacy->enabledRbacLog()) {
990 $subitems = array('rbac_log_age' => $privacy->getRbacLogAge());
991 }
992 $fields = array('rbac_log' => array($privacy->enabledRbacLog(), ilAdministrationSettingsFormHandler::VALUE_BOOL, $subitems));
993
994 return array(array("editSettings", $fields));
995 }
996 }
997} // END class.ilObjRoleFolderGUI
$source
$source
Definition: linkback.php:22
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
php
An exception for terminatinating execution or to throw for unit testing.
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:34
ilConfirmationGUI
Confirmation screen class.
Definition: class.ilConfirmationGUI.php:16
ilHiddenInputGUI
This class represents a hidden form property in a property form.
Definition: class.ilHiddenInputGUI.php:33
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:74
ilNumberInputGUI
This class represents a number property in a property form.
Definition: class.ilNumberInputGUI.php:15
ilObjRoleFolderGUI
Class ilObjRoleFolderGUI.
Definition: class.ilObjRoleFolderGUI.php:39
ilObjRoleFolderGUI\doAddRolePermissions
doAddRolePermissions($source, $target)
do add role permission
Definition: class.ilObjRoleFolderGUI.php:489
ilObjRoleFolderGUI\doRemoveRolePermissions
doRemoveRolePermissions($source, $target)
do add role permission
Definition: class.ilObjRoleFolderGUI.php:536
ilObjRoleFolderGUI\doChangeExistingObjects
doChangeExistingObjects($a_start_obj, $a_target_role, $a_operation_mode, $a_source_role)
Do change existing objects.
Definition: class.ilObjRoleFolderGUI.php:582
ilObjRoleFolderGUI\chooseCopyBehaviourObject
chooseCopyBehaviourObject(\ilPropertyFormGUI $form=null)
Choose option for copying roles/role templates.
Definition: class.ilObjRoleFolderGUI.php:278
ilObjRoleFolderGUI\showPossibleSubObjects
showPossibleSubObjects()
show possible subobjects (pulldown menu) overwritten to prevent displaying of role templates in local...
Definition: class.ilObjRoleFolderGUI.php:774
ilObjRoleFolderGUI\adoptPermSaveObject
adoptPermSaveObject()
??? TODO: what is the purpose of this function? @access public
Definition: class.ilObjRoleFolderGUI.php:761
ilObjRoleFolderGUI\executeCommand
executeCommand()
execute command
Definition: class.ilObjRoleFolderGUI.php:74
ilObjRoleFolderGUI\createObject
createObject()
role folders are created automatically DEPRECATED !!! @access public
Definition: class.ilObjRoleFolderGUI.php:734
ilObjRoleFolderGUI\initRoleSearchForm
initRoleSearchForm()
Init role search form.
Definition: class.ilObjRoleFolderGUI.php:194
ilObjRoleFolderGUI\saveObject
saveObject()
save object @access public
Definition: class.ilObjRoleFolderGUI.php:822
ilObjRoleFolderGUI\__construct
__construct($a_data, $a_id, $a_call_by_reference)
Constructor @access public.
Definition: class.ilObjRoleFolderGUI.php:62
ilObjRoleFolderGUI\roleSearchFormObject
roleSearchFormObject()
Parse search query @global \ilCtrl $ilCtrl.
Definition: class.ilObjRoleFolderGUI.php:220
ilObjRoleFolderGUI\deleteObject
deleteObject($a_error=false)
display deletion confirmation screen DEPRECATED !!! @access public
Definition: class.ilObjRoleFolderGUI.php:751
ilObjRoleFolderGUI\resetFilterObject
resetFilterObject()
Reset role filter.
Definition: class.ilObjRoleFolderGUI.php:641
ilObjRoleFolderGUI\editSettingsObject
editSettingsObject(ilPropertyFormGUI $a_form=null)
Definition: class.ilObjRoleFolderGUI.php:881
ilObjRoleFolderGUI\roleSearchObject
roleSearchObject()
Search target roles.
Definition: class.ilObjRoleFolderGUI.php:165
ilObjRoleFolderGUI\getAdminTabs
getAdminTabs()
Add role folder tabs @global ilTree $tree @global ilLanguage $lng.
Definition: class.ilObjRoleFolderGUI.php:850
ilObjRoleFolderGUI\confirmDeleteObject
confirmDeleteObject()
Confirm deletion of roles.
Definition: class.ilObjRoleFolderGUI.php:655
ilObjRoleFolderGUI\doCopyRole
doCopyRole($source, $target)
Perform copy of role.
Definition: class.ilObjRoleFolderGUI.php:561
ilObjRoleFolderGUI\removeRolePermissionsObject
removeRolePermissionsObject()
Remove role permissions.
Definition: class.ilObjRoleFolderGUI.php:510
ilObjRoleFolderGUI\viewObject
viewObject()
@global ilErrorHandler $ilErr @global ilRbacSystem $rbacsystem @global ilToolbarGUI $ilToolbar
Definition: class.ilObjRoleFolderGUI.php:111
ilObjRoleFolderGUI\applyFilterObject
applyFilterObject()
Apply role filter.
Definition: class.ilObjRoleFolderGUI.php:627
ilObjRoleFolderGUI\initCopyBehaviourForm
initCopyBehaviourForm(int $copy_source)
Show copy behaviour form.
Definition: class.ilObjRoleFolderGUI.php:299
ilObjRole
Class ilObjRole.
Definition: class.ilObjRole.php:17
ilObjRole\MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:21
ilObjRole\MODE_REMOVE_OPERATIONS
const MODE_REMOVE_OPERATIONS
Definition: class.ilObjRole.php:25
ilObjRole\_getTranslation
static _getTranslation($a_role_title)
Definition: class.ilObjRole.php:518
ilObjRole\MODE_PROTECTED_KEEP_LOCAL_POLICIES
const MODE_PROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:19
ilObjRole\MODE_ADD_OPERATIONS
const MODE_ADD_OPERATIONS
Definition: class.ilObjRole.php:23
ilObjRole\MODE_READ_OPERATIONS
const MODE_READ_OPERATIONS
Definition: class.ilObjRole.php:24
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:77
ilObjectGUI
Class ilObjectGUI Basic methods of all Output classes.
Definition: class.ilObjectGUI.php:14
ilObjectGUI\checkPermission
checkPermission($a_perm, $a_cmd="", $a_type="", $a_ref_id=null)
Check permission and redirect on error.
Definition: class.ilObjectGUI.php:1915
ilObjectGUI\prepareOutput
prepareOutput($a_show_subobjects=true)
prepare output
Definition: class.ilObjectGUI.php:296
ilObjectGUI\checkPermissionBool
checkPermissionBool($a_perm, $a_cmd="", $a_type="", $a_ref_id=null)
Check permission.
Definition: class.ilObjectGUI.php:1962
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:988
ilPermissionGUI
New PermissionGUI (extends from old ilPermission2GUI) RBAC related output.
Definition: class.ilPermissionGUI.php:20
ilPrivacySettings\_getInstance
static _getInstance()
Get instance of ilPrivacySettings.
Definition: class.ilPrivacySettings.php:89
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:48
ilRoleTableGUI
TableGUI for the presentation og roles and role templates.
Definition: class.ilRoleTableGUI.php:15
ilSecuritySettings\_getInstance
static _getInstance()
Get instance of ilSecuritySettings.
Definition: class.ilSecuritySettings.php:107
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:17
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4497
ilUtil\formSelect
static formSelect( $selected, $varname, $options, $multiple=false, $direct_text=false, $size="0", $style_class="", $attribs="", $disabled=false)
Builds a select form field with options and shows the selected option first.
Definition: class.ilUtil.php:328
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4481
$d
for( $i=6;$i< 13;$i++) for($i=1; $i< 13; $i++) $d
Definition: date.php:296
$i
$i
Definition: disco.tpl.php:19
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14
$ilCtrl
global $ilCtrl
Definition: ilias.php:18
$target
$target
Definition: test.php:19
$row
$row
Definition: migrateto20.php:360
$GLOBALS
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
Definition: module.tag.xmp.php:702
ilias
redirection script todo: (a better solution should control the processing via a xml file)
$ret
$ret
Definition: parser.php:6
$table
if(empty($password)) $table
Definition: pwgen.php:24
$form
if(isset($_POST['submit'])) $form
Definition: registry.edit.php:63
$DIC
global $DIC
Definition: saml.php:7
data
$this data['403_header']
Definition: authorize_403.php:13
$ilUser
$ilUser
Definition: imgupload.php:18