24require_once 
"./Services/Object/classes/class.ilObjectGUI.php";
 
   62    public function __construct($a_data, $a_id, $a_call_by_reference)
 
   67        $this->logger = 
$DIC->logger()->ac();
 
   70        parent::__construct($a_data, $a_id, $a_call_by_reference, 
false);
 
   71        $lng->loadLanguageModule(
'rbac');
 
   78        $ilTabs = 
$DIC[
'ilTabs'];
 
   80        $next_class = $this->ctrl->getNextClass($this);
 
   81        $cmd = $this->ctrl->getCmd();
 
   84        switch ($next_class) {
 
   86            case 'ilpermissiongui':
 
   87                include_once(
"Services/AccessControl/classes/class.ilPermissionGUI.php");
 
   89                $ret = &$this->ctrl->forwardCommand($perm_gui);
 
   93                $this->ctrl->setReturn($this, 
"view");
 
  116        $rbacsystem = 
$DIC[
'rbacsystem'];
 
  117        $ilToolbar = 
$DIC[
'ilToolbar'];
 
  119        $ilTabs = 
$DIC[
'ilTabs'];
 
  121        $ilTabs->activateTab(
'view');
 
  123        if (!$rbacsystem->checkAccess(
'visible,read', $this->object->getRefId())) {
 
  124            $ilErr->raiseError($this->lng->txt(
'permission_denied'), 
$ilErr->MESSAGE);
 
  128        if ($rbacsystem->checkAccess(
'create_role', $this->object->getRefId())) {
 
  129            $this->ctrl->setParameter($this, 
'new_type', 
'role');
 
  130            $ilToolbar->addButton(
 
  131                $this->lng->txt(
'rolf_create_role'),
 
  132                $this->ctrl->getLinkTarget($this, 
'create')
 
  135        if ($rbacsystem->checkAccess(
'create_rolt', $this->object->getRefId())) {
 
  136            $this->ctrl->setParameter($this, 
'new_type', 
'rolt');
 
  137            $ilToolbar->addButton(
 
  138                $this->lng->txt(
'rolf_create_rolt'),
 
  139                $this->ctrl->getLinkTarget($this, 
'create')
 
  141            $this->ctrl->clearParameters($this);
 
  145            $rbacsystem->checkAccess(
'create_rolt', $this->object->getRefId()) ||
 
  146            $rbacsystem->checkAccess(
'create_rolt', $this->object->getRefId())
 
  148            $ilToolbar->addButton(
 
  149                $this->lng->txt(
'rbac_import_role'),
 
  150                $this->ctrl->getLinkTargetByClass(
'ilPermissionGUI', 
'displayImportRoleForm')
 
  154        include_once 
'./Services/AccessControl/classes/class.ilRoleTableGUI.php';
 
  157        $table->parse($this->object->getId());
 
  159        $this->tpl->setContent(
$table->getHTML());
 
  169        $rbacsystem = 
$DIC[
'rbacsystem'];
 
  171        $ilTabs = 
$DIC[
'ilTabs'];
 
  174        $ilTabs->clearTargets();
 
  175        $ilTabs->setBackTarget(
 
  176            $this->lng->txt(
'rbac_back_to_overview'),
 
  177            $this->ctrl->getLinkTarget($this, 
'view')
 
  180        if (!$rbacsystem->checkAccess(
'visible,read', $this->object->getRefId())) {
 
  181            $ilErr->raiseError($this->lng->txt(
'permission_denied'), 
$ilErr->MESSAGE);
 
  184        $ilCtrl->setParameter($this, 
'csource', (
int) $_REQUEST[
'csource']);
 
  188        $this->tpl->setContent(
$form->getHTML());
 
  200        include_once 
'./Services/Form/classes/class.ilPropertyFormGUI.php';
 
  202        $form->setTitle($this->lng->txt(
'rbac_role_title'));
 
  203        $form->setFormAction(
$ilCtrl->getFormAction($this, 
'view'));
 
  206        $search->setRequired(
true);
 
  207        $search->setSize(30);
 
  208        $search->setMaxLength(255);
 
  209        $form->addItem($search);
 
  211        $form->addCommandButton(
'roleSearchForm', $this->lng->txt(
'search'));
 
  227        $ilCtrl->setParameter($this, 
'csource', (
int) $_REQUEST[
'csource']);
 
  230        if (
$form->checkInput()) {
 
  236        $form->setValuesByPost();
 
  237        $ilCtrl->redirect($this, 
'roleSearch');
 
  247        $ilTabs = 
$DIC[
'ilTabs'];
 
  250        $ilTabs->clearTargets();
 
  251        $ilTabs->setBackTarget(
 
  252            $this->lng->txt(
'rbac_back_to_overview'),
 
  253            $this->ctrl->getLinkTarget($this, 
'view')
 
  256        $ilCtrl->setParameter($this, 
'csource', (
int) $_REQUEST[
'csource']);
 
  258        if (strlen(
$_SESSION[
'rolf_search_query'])) {
 
  261            include_once 
'./Services/AccessControl/classes/class.ilRoleTableGUI.php';
 
  266            $table->parse($this->object->getId());
 
  267            return $this->tpl->setContent(
$table->getHTML());
 
  271        $ilCtrl->redirect($this, 
'roleSearch');
 
  282        $copy_source = (int) $_REQUEST[
'csource'];
 
  284        $this->ctrl->saveParameter($this, 
'csource', $copy_source);
 
  285        $this->tabs_gui->clearTargets();
 
  286        $this->tabs_gui->setBackTarget(
 
  287            $this->lng->txt(
'rbac_back_to_overview'),
 
  288            $this->ctrl->getLinkTarget($this, 
'view')
 
  293        $this->tpl->setContent(
$form->getHTML());
 
  302        $full_featured = 
true;
 
  305        $form->setTitle($this->lng->txt(
'rbac_copy_behaviour'));
 
  306        $form->setFormAction($this->ctrl->getFormAction($this, 
'chooseCopyBehaviour'));
 
  308        $copy_type = new \ilRadioGroupInputGUI(
 
  309            $this->lng->txt(
'rbac_form_copy_roles_adjust_type'),
 
  312        $copy_type->setRequired(
true);
 
  313        $copy_type->setValue(self::COPY_CLONE_PERMISSIONS);
 
  315        if ($full_featured) {
 
  316            $add = new \ilRadioOption(
 
  317                $this->lng->txt(
'rbac_form_copy_roles_adjust_type_add'),
 
  318                self::COPY_ADD_PERMISSIONS,
 
  319                $this->lng->txt(
'rbac_form_copy_roles_adjust_type_add_info')
 
  321            $copy_type->addOption($add);
 
  323            $ce_type_add = new \ilRadioGroupInputGUI(
 
  327            $ce_type_add->setRequired(
true);
 
  328            $ce_add_yes = new \ilRadioOption(
 
  329                $this->lng->txt(
'rbac_form_copy_roles_ce_add_yes'),
 
  330                self::COPY_CHANGE_EXISTING_OBJECTS,
 
  331                $this->lng->txt(
'rbac_form_copy_roles_ce_add_yes_info')
 
  333            $ce_type_add->addOption($ce_add_yes);
 
  334            $ce_add_no = new \ilRadioOption(
 
  335                $this->lng->txt(
'rbac_form_copy_roles_ce_add_no'),
 
  337                $this->lng->txt(
'rbac_form_copy_roles_ce_add_no_info')
 
  339            $ce_type_add->addOption($ce_add_no);
 
  340            $add->addSubItem($ce_type_add);
 
  342        $clone = new \ilRadioOption(
 
  343            $this->lng->txt(
'rbac_form_copy_roles_adjust_type_clone'),
 
  344            self::COPY_CLONE_PERMISSIONS,
 
  345            $this->lng->txt(
'rbac_form_copy_roles_adjust_type_clone_info')
 
  347        $copy_type->addOption($clone);
 
  350        $ce_type_clone = new \ilRadioGroupInputGUI(
 
  354        $ce_type_clone->setRequired(
true);
 
  355        $ce_clone_yes = new \ilRadioOption(
 
  356            $this->lng->txt(
'rbac_form_copy_roles_ce_clone_yes'),
 
  357            self::COPY_CHANGE_EXISTING_OBJECTS,
 
  358            $this->lng->txt(
'rbac_form_copy_roles_ce_clone_yes_info')
 
  360        $ce_type_clone->addOption($ce_clone_yes);
 
  361        $ce_clone_no = new \ilRadioOption(
 
  362            $this->lng->txt(
'rbac_form_copy_roles_ce_clone_no'),
 
  364            $this->lng->txt(
'rbac_form_copy_roles_ce_clone_no_info')
 
  366        $ce_type_clone->addOption($ce_clone_no);
 
  367        $clone->addSubItem($ce_type_clone);
 
  369        if ($full_featured) {
 
  370            $remove = new \ilRadioOption(
 
  371                $this->lng->txt(
'rbac_form_copy_roles_adjust_type_remove'),
 
  372                self::COPY_REMOVE_PERMISSIONS,
 
  373                $this->lng->txt(
'rbac_form_copy_roles_adjust_type_remove_info')
 
  375            $copy_type->addOption($remove);
 
  376            $ce_type_remove = new \ilRadioGroupInputGUI(
 
  380            $ce_type_remove->setRequired(
true);
 
  381            $ce_remove_yes = new \ilRadioOption(
 
  382                $this->lng->txt(
'rbac_form_copy_roles_ce_remove_yes'),
 
  383                self::COPY_CHANGE_EXISTING_OBJECTS,
 
  384                $this->lng->txt(
'rbac_form_copy_roles_ce_remove_yes_info')
 
  386            $ce_type_remove->addOption($ce_remove_yes);
 
  387            $ce_remove_no = new \ilRadioOption(
 
  388                $this->lng->txt(
'rbac_form_copy_roles_ce_remove_no'),
 
  390                $this->lng->txt(
'rbac_form_copy_roles_ce_remove_no_info')
 
  392            $ce_type_remove->addOption($ce_remove_no);
 
  393            $remove->addSubItem($ce_type_remove);
 
  396        $form->addItem($copy_type);
 
  399        $roles->setValue(implode(
',', (array) 
$_POST[
'roles']));
 
  400        $form->addItem($roles);
 
  402        $form->addCommandButton(
'roleSearchList', $this->lng->txt(
'back'));
 
  403        $form->addCommandButton(
'adjustRole',$this->lng->txt(
'rbac_form_copy_roles_adjust_button'));
 
  416        $review = 
$DIC->rbac()->review();
 
  418        $roles = explode(
',', 
$_POST[
'roles']);
 
  419        $source = (int) $_REQUEST[
'csource'];
 
  422        if (
$form->checkInput()) {
 
  424            $adjustment_type = 
$form->getInput(
'type');
 
  425            foreach ((array) $roles as $role_id) {
 
  428                    $start_obj = $review->getRoleFolderOfRole($role_id);
 
  429                    $this->logger->debug(
'Start object: ' . $start_obj);
 
  431                    switch ($adjustment_type) {
 
  433                            $change_existing = (bool) 
$form->getInput(
'add_ce_type');
 
  438                            if ($change_existing) {
 
  448                            $change_existing = (bool) 
$form->getInput(
'clone_ce_type');
 
  453                            if ($change_existing) {
 
  463                            $change_existing = (bool) 
$form->getInput(
'remove_ce_type');
 
  468                            if ($change_existing) {
 
  480            ilUtil::sendSuccess($this->lng->txt(
'rbac_copy_finished'), 
true);
 
  481            $this->ctrl->redirect($this, 
'view');
 
  493        $rbacadmin = 
$DIC->rbac()->admin();
 
  497        $rbacadmin->copyRolePermissionUnion(
 
  517        $roles = explode(
',', 
$_POST[
'roles']);
 
  518        $source = (int) $_REQUEST[
'csource'];
 
  521        if (
$form->checkInput()) {
 
  522            foreach ((array) $roles as $role_id) {
 
  528            ilUtil::sendSuccess($this->lng->txt(
'rbac_copy_finished'), 
true);
 
  529            $ilCtrl->redirect($this, 
'view');
 
  540        $rbacadmin = 
$DIC->rbac()->admin();
 
  547        $rbacadmin->copyRolePermissionSubtract(
 
  565        $rbacadmin = 
$DIC->rbac()->admin();
 
  571        $rbacadmin->copyRoleTemplatePermissions(
 
  586        $review = 
$DIC->rbac()->review();
 
  589            $this->logger->warning(
'Missing parameter start object.');
 
  591            throw new InvalidArgumentException(
'Missing parameter: start object');
 
  594        $target_ref_id = $review->getRoleFolderOfRole($a_target_role);
 
  595        if ($review->isProtected($target_ref_id, $a_target_role)) {
 
  603            $operation_stack = [];
 
  605                $operation_stack[] = $review->getAllOperationsOfRole($a_source_role, $a_start_obj);
 
  608            $this->logger->debug(
'Current operation stack');
 
  609            $this->logger->dump($operation_stack);
 
  612            $role->changeExistingObjects(
 
  629        include_once 
'./Services/AccessControl/classes/class.ilRoleTableGUI.php';
 
  633        $table->writeFilterToSession();
 
  643        include_once 
'./Services/AccessControl/classes/class.ilRoleTableGUI.php';
 
  661        $roles = (array) (
$_POST[
'roles'] ?? []);
 
  662        if (!count($roles)) {
 
  664            $ilCtrl->redirect($this, 
'view');
 
  667        $question = $this->lng->txt(
'rbac_role_delete_qst');
 
  669        include_once 
'./Services/Utilities/classes/class.ilConfirmationGUI.php';
 
  671        $confirm->setHeaderText($question);
 
  672        $confirm->setFormAction(
$ilCtrl->getFormAction($this));
 
  673        $confirm->setHeaderText($this->lng->txt(
"info_delete_sure"));
 
  674        $confirm->setConfirm($this->lng->txt(
'delete'), 
'deleteRole');
 
  675        $confirm->setCancel($this->lng->txt(
'cancel'), 
'cancel');
 
  678        include_once 
'./Services/AccessControl/classes/class.ilObjRole.php';
 
  679        foreach ($roles as $role_id) {
 
  686        $this->tpl->setContent($confirm->getHTML());
 
  696        $rbacsystem = 
$DIC[
'rbacsystem'];
 
  701        if (!$rbacsystem->checkAccess(
'delete', $this->object->getRefId())) {
 
  703                $this->lng->txt(
'msg_no_perm_delete'),
 
  708        foreach ((array) 
$_POST[
'roles'] as 
$id) {
 
  712            if ($obj->getType() == 
"role") {
 
  713                $rolf_arr = 
$rbacreview->getFoldersAssignedToRole($obj->getId(), 
true);
 
  714                $obj->setParent($rolf_arr[0]);
 
  721        ilUtil::sendSuccess($this->lng->txt(
"msg_deleted_roles_rolts"), 
true);
 
  722        $ilCtrl->redirect($this, 
'view');
 
  736        $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
 
  753        $this->
ilias->raiseError($this->lng->txt(
"permission_denied"), $this->ilias->error_obj->MESSAGE);
 
  763        ilUtil::sendSuccess($this->lng->txt(
"saved_successfully"), 
true);
 
  765        $this->ctrl->redirect($this, 
"view");
 
  778        $rbacsystem = 
$DIC[
'rbacsystem'];
 
  780        $d = $this->objDefinition->getCreatableSubObjects($this->object->getType());
 
  782        if ($this->object->getRefId() != ROLE_FOLDER_ID or !$rbacsystem->checkAccess(
'create_rolt', ROLE_FOLDER_ID)) {
 
  786        if (!$rbacsystem->checkAccess(
'create_role', $this->object->getRefId())) {
 
  793                if (
$row[
"max"] > 0) {
 
  795                    for (
$i = 0; 
$i < count($this->
data[
"ctrl"]); 
$i++) {
 
  796                        if ($this->
data[
"ctrl"][
$i][
"type"] == $row[
"name"]) {
 
  801                if (
$row[
"max"] == 
"" || $count < 
$row[
"max"]) {
 
  802                    $subobj[] = 
$row[
"name"];
 
  807        if (is_array($subobj)) {
 
  810            $this->tpl->setCurrentBlock(
"add_object");
 
  811            $this->tpl->setVariable(
"SELECT_OBJTYPE", $opts);
 
  812            $this->tpl->setVariable(
"BTN_NAME", 
"create");
 
  813            $this->tpl->setVariable(
"TXT_ADD", $this->lng->txt(
"add"));
 
  814            $this->tpl->parseCurrentBlock();
 
  826        $rbacadmin = 
$DIC[
'rbacadmin'];
 
  829        $_GET[
"new_type"] = $this->
object->getType();
 
  830        $_POST[
"Fobject"][
"title"] = $this->
object->getTitle();
 
  831        $_POST[
"Fobject"][
"desc"] = $this->
object->getDescription();
 
  834        $newObj = parent::saveObject();
 
  839        ilUtil::sendSuccess($this->lng->txt(
"rolf_added"), 
true);
 
  841        $this->ctrl->redirect($this, 
"view");
 
  853            $this->tabs_gui->addTarget(
 
  855                $this->ctrl->getLinkTarget($this, 
"view"),
 
  860            $this->tabs_gui->addTarget(
 
  862                $this->ctrl->getLinkTarget($this, 
"editSettings"),
 
  863                array(
"editSettings"),
 
  869            $this->tabs_gui->addTarget(
 
  871                $this->ctrl->getLinkTargetByClass(
 
  872                    array(get_class($this),
'ilpermissiongui'),
 
  887        $this->tpl->setContent($a_form->getHTML());
 
  899            $ilErr->raiseError($this->lng->txt(
'permission_denied'), 
$ilErr->MESSAGE);
 
  903        if (
$form->checkInput()) {
 
  904            include_once(
'./Services/PrivacySecurity/classes/class.ilPrivacySettings.php');
 
  906            $privacy->enableRbacLog((
int) 
$_POST[
'rbac_log']);
 
  907            $privacy->setRbacLogAge((
int) 
$_POST[
'rbac_log_age']);
 
  911                include_once(
'./Services/PrivacySecurity/classes/class.ilSecuritySettings.php');
 
  913                $security->protectedAdminRole((
int) 
$_POST[
'admin_role']);
 
  917            ilUtil::sendSuccess($this->lng->txt(
"settings_saved"), 
true);
 
  918            $this->ctrl->redirect($this, 
"editSettings");
 
  921        $form->setValuesByPost();
 
  932        $this->lng->loadLanguageModule(
'ps');
 
  934        include_once(
'./Services/PrivacySecurity/classes/class.ilPrivacySettings.php');
 
  935        include_once(
'./Services/PrivacySecurity/classes/class.ilSecuritySettings.php');
 
  939        include_once(
"./Services/Form/classes/class.ilPropertyFormGUI.php");
 
  941        $form->setFormAction($this->ctrl->getFormAction($this, 
"saveSettings"));
 
  942        $form->setTitle($this->lng->txt(
'settings'));
 
  947        $admin->setInfo($this->lng->txt(
'adm_adm_role_protect_info'));
 
  948        $admin->setChecked((
int) $security->isAdminRoleProtected());
 
  950        $form->addItem($admin);
 
  952        $check = 
new ilCheckboxInputGui($this->lng->txt(
'rbac_log'), 
'rbac_log');
 
  953        $check->setInfo($this->lng->txt(
'rbac_log_info'));
 
  954        $check->setChecked($privacy->enabledRbacLog());
 
  955        $form->addItem($check);
 
  957        $age = 
new ilNumberInputGUI($this->lng->txt(
'rbac_log_age'), 
'rbac_log_age');
 
  958        $age->setInfo($this->lng->txt(
'rbac_log_age_info'));
 
  959        $age->setValue($privacy->getRbacLogAge());
 
  960        $age->setMinValue(1);
 
  961        $age->setMaxValue(24);
 
  963        $age->setMaxLength(2);
 
  964        $check->addSubItem($age);
 
  966        $form->addCommandButton(
'saveSettings', $this->lng->txt(
'save'));
 
  973        switch ($a_form_id) {
 
  976                include_once(
'./Services/PrivacySecurity/classes/class.ilSecuritySettings.php');
 
  981                return array(array(
"editSettings", $fields));
 
  985                include_once(
'./Services/PrivacySecurity/classes/class.ilPrivacySettings.php');
 
  989                if ((
bool) $privacy->enabledRbacLog()) {
 
  990                    $subitems = array(
'rbac_log_age' => $privacy->getRbacLogAge());
 
  994                return array(array(
"editSettings", $fields));
 
An exception for terminatinating execution or to throw for unit testing.
Confirmation screen class.
static getLogger($a_component_id)
Get component logger.
Class ilObjRoleFolderGUI.
const COPY_CLONE_PERMISSIONS
doAddRolePermissions($source, $target)
do add role permission
doRemoveRolePermissions($source, $target)
do add role permission
roleSearchListObject()
List roles.
doChangeExistingObjects($a_start_obj, $a_target_role, $a_operation_mode, $a_source_role)
Do change existing objects.
chooseCopyBehaviourObject(\ilPropertyFormGUI $form=null)
Choose option for copying roles/role templates.
showPossibleSubObjects()
show possible subobjects (pulldown menu) overwritten to prevent displaying of role templates in local...
adoptPermSaveObject()
??? TODO: what is the purpose of this function? @access public
executeCommand()
execute command
const COPY_REMOVE_PERMISSIONS
createObject()
role folders are created automatically DEPRECATED !!! @access public
initRoleSearchForm()
Init role search form.
saveObject()
save object @access public
__construct($a_data, $a_id, $a_call_by_reference)
Constructor @access public.
roleSearchFormObject()
Parse search query @global \ilCtrl $ilCtrl.
deleteObject($a_error=false)
display deletion confirmation screen DEPRECATED !!! @access public
resetFilterObject()
Reset role filter.
editSettingsObject(ilPropertyFormGUI $a_form=null)
const COPY_CHANGE_EXISTING_OBJECTS
roleSearchObject()
Search target roles.
addToExternalSettingsForm($a_form_id)
getAdminTabs()
Add role folder tabs @global ilTree $tree @global ilLanguage $lng.
adjustRoleObject()
Copy role.
confirmDeleteObject()
Confirm deletion of roles.
const COPY_ADD_PERMISSIONS
doCopyRole($source, $target)
Perform copy of role.
removeRolePermissionsObject()
Remove role permissions.
deleteRoleObject()
Delete roles.
viewObject()
@global ilErrorHandler $ilErr @global ilRbacSystem $rbacsystem @global ilToolbarGUI $ilToolbar
applyFilterObject()
Apply role filter.
initCopyBehaviourForm(int $copy_source)
Show copy behaviour form.
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
const MODE_REMOVE_OPERATIONS
static _getTranslation($a_role_title)
const MODE_PROTECTED_KEEP_LOCAL_POLICIES
const MODE_ADD_OPERATIONS
const MODE_READ_OPERATIONS
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Class ilObjectGUI Basic methods of all Output classes.
checkPermission($a_perm, $a_cmd="", $a_type="", $a_ref_id=null)
Check permission and redirect on error.
prepareOutput($a_show_subobjects=true)
prepare output
checkPermissionBool($a_perm, $a_cmd="", $a_type="", $a_ref_id=null)
Check permission.
static _lookupTitle($a_id)
lookup object title
New PermissionGUI (extends from old ilPermission2GUI) RBAC related output.
static _getInstance()
Get instance of ilPrivacySettings.
TableGUI for the presentation og roles and role templates.
static _getInstance()
Get instance of ilSecuritySettings.
This class represents a text property in a property form.
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
static formSelect( $selected, $varname, $options, $multiple=false, $direct_text=false, $size="0", $style_class="", $attribs="", $disabled=false)
Builds a select form field with options and shows the selected option first.
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
for( $i=6;$i< 13;$i++) for($i=1; $i< 13; $i++) $d
if(!array_key_exists('StateId', $_REQUEST)) $id
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
redirection script todo: (a better solution should control the processing via a xml file)
if(empty($password)) $table
if(isset($_POST['submit'])) $form