ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
class.ilSoapRBACAdministration.php
Go to the documentation of this file.
1<?php
2/*
3 +-----------------------------------------------------------------------------+
4 | ILIAS open source |
5 +-----------------------------------------------------------------------------+
6 | Copyright (c) 1998-2001 ILIAS open source, University of Cologne |
7 | |
8 | This program is free software; you can redistribute it and/or |
9 | modify it under the terms of the GNU General Public License |
10 | as published by the Free Software Foundation; either version 2 |
11 | of the License, or (at your option) any later version. |
12 | |
13 | This program is distributed in the hope that it will be useful, |
14 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | GNU General Public License for more details. |
17 | |
18 | You should have received a copy of the GNU General Public License |
19 | along with this program; if not, write to the Free Software |
20 | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21 +-----------------------------------------------------------------------------+
22 */
23
24
33include_once './webservice/soap/classes/class.ilSoapAdministration.php';
34
35class ilSoapRBACAdministration extends ilSoapAdministration
36{
37 public function deleteRole($sid, $role_id)
38 {
39 $this->initAuth($sid);
40 $this->initIlias();
41
42 if (!$this->__checkSession($sid)) {
43 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
44 }
45
46 global $DIC;
47
48 $rbacreview = $DIC['rbacreview'];
49 $rbacsystem = $DIC['rbacsystem'];
50 $ilAccess = $DIC['ilAccess'];
51
52 if (!$tmp_role =&ilObjectFactory::getInstanceByObjId($role_id, false) or $tmp_role->getType() != 'role') {
53 return $this->__raiseError(
54 'No valid role id given. Please choose an existing id of an ILIAS role',
55 'Client'
56 );
57 }
58
59
60 $obj_ref = $rbacreview->getObjectReferenceOfRole($role_id);
61 if (!$ilAccess->checkAccess('edit_permission', '', $obj_ref)) {
62 return $this->__raiseError('Check access failed. No permission to delete role', 'Server');
63 }
64
65 // if it's last role of an user
66 foreach ($assigned_users = $rbacreview->assignedUsers($role_id) as $user_id) {
67 if (count($rbacreview->assignedRoles($user_id)) == 1) {
68 return $this->__raiseError(
69 'Cannot deassign last role of users',
70 'Client'
71 );
72 }
73 }
74
75 // set parent id (role folder id) of role
76 $rolf_id = end($rolf_ids = $rbacreview->getFoldersAssignedToRole($role_id, true));
77 $tmp_role->setParent($rolf_id);
78 $tmp_role->delete();
79
80 return true;
81 }
82
83 public function addUserRoleEntry($sid, $user_id, $role_id)
84 {
85 $this->initAuth($sid);
86 $this->initIlias();
87
88 if (!$this->__checkSession($sid)) {
89 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
90 }
91
92 global $DIC;
93
94 $rbacadmin = $DIC['rbacadmin'];
95 $rbacreview = $DIC['rbacreview'];
96 $ilAccess = $DIC['ilAccess'];
97
98 if ($tmp_user =&ilObjectFactory::getInstanceByObjId($user_id) and $tmp_user->getType() != 'usr') {
99 return $this->__raiseError(
100 'No valid user id given. Please choose an existing id of an ILIAS user',
101 'Client'
102 );
103 }
104 if ($tmp_role =&ilObjectFactory::getInstanceByObjId($role_id) and $tmp_role->getType() != 'role') {
105 return $this->__raiseError(
106 'No valid role id given. Please choose an existing id of an ILIAS role',
107 'Client'
108 );
109 }
110
111 $obj_ref = $rbacreview->getObjectReferenceOfRole($role_id);
112 if (!$ilAccess->checkAccess('edit_permission', '', $obj_ref)) {
113 return $this->__raiseError('Check access failed. No permission to assign users', 'Server');
114 }
115
116 if (!$rbacadmin->assignUser($role_id, $user_id)) {
117 return $this->__raiseError(
118 'Error rbacadmin->assignUser()',
119 'Server'
120 );
121 }
122 return true;
123 }
124 public function deleteUserRoleEntry($sid, $user_id, $role_id)
125 {
126 $this->initAuth($sid);
127 $this->initIlias();
128
129 if (!$this->__checkSession($sid)) {
130 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
131 }
132
133 global $DIC;
134
135 $rbacadmin = $DIC['rbacadmin'];
136 $ilAccess = $DIC['ilAccess'];
137 $rbacreview = $DIC['rbacreview'];
138
139 if ($tmp_user =&ilObjectFactory::getInstanceByObjId($user_id, false) and $tmp_user->getType() != 'usr') {
140 return $this->__raiseError(
141 'No valid user id given. Please choose an existing id of an ILIAS user',
142 'Client'
143 );
144 }
145 if ($tmp_role =&ilObjectFactory::getInstanceByObjId($role_id, false) and $tmp_role->getType() != 'role') {
146 return $this->__raiseError(
147 'No valid role id given. Please choose an existing id of an ILIAS role',
148 'Client'
149 );
150 }
151
152 $obj_ref = $rbacreview->getObjectReferenceOfRole($role_id);
153 if (!$ilAccess->checkAccess('edit_permission', '', $obj_ref)) {
154 return $this->__raiseError('Check access failed. No permission to deassign users', 'Server');
155 }
156
157 if (!$rbacadmin->deassignUser($role_id, $user_id)) {
158 return $this->__raiseError(
159 'Error rbacadmin->deassignUser()',
160 'Server'
161 );
162 }
163 return true;
164 }
165
166 public function getOperations($sid)
167 {
168 $this->initAuth($sid);
169 $this->initIlias();
170
171 if (!$this->__checkSession($sid)) {
172 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
173 }
174
175 global $DIC;
176
177 $rbacreview = $DIC['rbacreview'];
178
179 if (is_array($ops = $rbacreview->getOperations())) {
180 return $ops;
181 } else {
182 return $this->__raiseError('Unknown error', 'Server');
183 }
184 }
185
186 public function revokePermissions($sid, $ref_id, $role_id)
187 {
188 $this->initAuth($sid);
189 $this->initIlias();
190
191 if (!$this->__checkSession($sid)) {
192 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
193 }
194
195 global $DIC;
196
197 $rbacadmin = $DIC['rbacadmin'];
198 $ilAccess = $DIC['ilAccess'];
199
200 if (!$tmp_obj =&ilObjectFactory::getInstanceByRefId($ref_id, false)) {
201 return $this->__raiseError(
202 'No valid ref id given. Please choose an existing reference id of an ILIAS object',
203 'Client'
204 );
205 }
206 if ($tmp_role =&ilObjectFactory::getInstanceByObjId($role_id, false) and $tmp_role->getType() != 'role') {
207 return $this->__raiseError(
208 'No valid role id given. Please choose an existing id of an ILIAS role',
209 'Client'
210 );
211 }
212 if ($role_id == SYSTEM_ROLE_ID) {
213 return $this->__raiseError(
214 'Cannot revoke permissions of system role',
215 'Client'
216 );
217 }
218
219 if (!$ilAccess->checkAccess('edit_permission', '', $ref_id)) {
220 return $this->__raiseError('Check access failed. No permission to revoke permissions', 'Server');
221 }
222
223 $rbacadmin->revokePermission($ref_id, $role_id);
224
225 return true;
226 }
227 public function grantPermissions($sid, $ref_id, $role_id, $permissions)
228 {
229 $this->initAuth($sid);
230 $this->initIlias();
231
232 if (!$this->__checkSession($sid)) {
233 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
234 }
235
236 global $DIC;
237
238 $rbacadmin = $DIC['rbacadmin'];
239 $ilAccess = $DIC['ilAccess'];
240
241 if (!$tmp_obj =&ilObjectFactory::getInstanceByRefId($ref_id, false)) {
242 return $this->__raiseError(
243 'No valid ref id given. Please choose an existing reference id of an ILIAS object',
244 'Client'
245 );
246 }
247 if ($tmp_role =&ilObjectFactory::getInstanceByObjId($role_id, false) and $tmp_role->getType() != 'role') {
248 return $this->__raiseError(
249 'No valid role id given. Please choose an existing id of an ILIAS role',
250 'Client'
251 );
252 }
253
254 if (!$ilAccess->checkAccess('edit_permission', '', $ref_id)) {
255 return $this->__raiseError('Check access failed. No permission to grant permissions', 'Server');
256 }
257
258
259 // mjansen@databay.de: dirty fix
260 if (isset($permissions['item'])) {
261 $permissions = $permissions['item'];
262 }
263
264 if (!is_array($permissions)) {
265 return $this->__raiseError(
266 'No valid permissions given.' . print_r($permissions),
267 'Client'
268 );
269 }
270
271 $rbacadmin->revokePermission($ref_id, $role_id);
272 $rbacadmin->grantPermission($role_id, $permissions, $ref_id);
273
274 return true;
275 }
276
277 public function getLocalRoles($sid, $ref_id)
278 {
279 $this->initAuth($sid);
280 $this->initIlias();
281
282 if (!$this->__checkSession($sid)) {
283 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
284 }
285
286 global $DIC;
287
288 $rbacreview = $DIC['rbacreview'];
289 $ilAccess = $DIC['ilAccess'];
290
291 if (!$tmp_obj =&ilObjectFactory::getInstanceByRefId($ref_id, false)) {
292 return $this->__raiseError(
293 'No valid ref id given. Please choose an existing reference id of an ILIAS object',
294 'Client'
295 );
296 }
297
298 if (!$ilAccess->checkAccess('edit_permission', '', $ref_id)) {
299 return $this->__raiseError('Check access failed. No permission to access role information', 'Server');
300 }
301
302
303 foreach ($rbacreview->getRolesOfRoleFolder($ref_id, false) as $role_id) {
304 if ($tmp_obj = ilObjectFactory::getInstanceByObjId($role_id, false)) {
305 $objs[] = $tmp_obj;
306 }
307 }
308 if (count($objs)) {
309 include_once './webservice/soap/classes/class.ilObjectXMLWriter.php';
310
311 $xml_writer = new ilObjectXMLWriter();
312 $xml_writer->setObjects($objs);
313 if ($xml_writer->start()) {
314 return $xml_writer->getXML();
315 }
316 }
317 return '';
318 }
319
320 public function getUserRoles($sid, $user_id)
321 {
322 $this->initAuth($sid);
323 $this->initIlias();
324
325 if (!$this->__checkSession($sid)) {
326 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
327 }
328
329 global $DIC;
330
331 $rbacreview = $DIC['rbacreview'];
332
333 if (!$tmp_user =&ilObjectFactory::getInstanceByObjId($user_id, false)) {
334 return $this->__raiseError(
335 'No valid user id given. Please choose an existing id of an ILIAS user',
336 'Client'
337 );
338 }
339
340 foreach ($rbacreview->assignedRoles($user_id) as $role_id) {
341 if ($tmp_obj = ilObjectFactory::getInstanceByObjId($role_id, false)) {
342 $objs[] = $tmp_obj;
343 }
344 }
345 if (count($objs)) {
346 include_once './webservice/soap/classes/class.ilObjectXMLWriter.php';
347
348 $xml_writer = new ilObjectXMLWriter();
349 $xml_writer->setObjects($objs);
350 if ($xml_writer->start()) {
351 return $xml_writer->getXML();
352 }
353 }
354 return '';
355 }
356
357 public function addRole($sid, $target_id, $role_xml)
358 {
359 $this->initAuth($sid);
360 $this->initIlias();
361
362 if (!$this->__checkSession($sid)) {
363 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
364 }
365
366 global $DIC;
367
368 $rbacreview = $DIC['rbacreview'];
369 $objDefinition = $DIC['objDefinition'];
370 $rbacsystem = $DIC['rbacsystem'];
371 $ilAccess = $DIC['ilAccess'];
372
373 if (!$tmp_obj =&ilObjectFactory::getInstanceByRefId($target_id, false)) {
374 return $this->__raiseError(
375 'No valid ref id given. Please choose an existing reference id of an ILIAS object',
376 'Client'
377 );
378 }
379
380 if (ilObject::_isInTrash($target_id)) {
381 return $this->__raiseError("Parent with ID $target_id has been deleted.", 'CLIENT_TARGET_DELETED');
382 }
383
384 if (!$ilAccess->checkAccess('edit_permission', '', $target_id)) {
385 return $this->__raiseError('Check access failed. No permission to create roles', 'Server');
386 }
387
388 include_once 'webservice/soap/classes/class.ilObjectXMLParser.php';
389
390 $xml_parser = new ilObjectXMLParser($role_xml);
391 $xml_parser->startParsing();
392
393 foreach ($xml_parser->getObjectData() as $object_data) {
394
395 // check if role title has il_ prefix
396 if (substr($object_data['title'], 0, 3) == "il_") {
397 return $this->__raiseError(
398 'Rolenames are not allowed to start with "il_" ',
399 'Client'
400 );
401 }
402
403 include_once './Services/AccessControl/classes/class.ilObjRole.php';
404 $role = new ilObjRole();
405 $role->setTitle($object_data['title']);
406 $role->setDescription($object_data['description']);
407 $role->setImportId($object_data['import_id']);
408 $role->create();
409
410 $GLOBALS['DIC']['rbacadmin']->assignRoleToFolder($role->getId(), $target_id);
411 $new_roles[] = $role->getId();
412 }
413
414 return $new_roles ? $new_roles : array();
415 }
416
417 public function addRoleFromTemplate($sid, $target_id, $role_xml, $template_id)
418 {
419 $this->initAuth($sid);
420 $this->initIlias();
421
422 if (!$this->__checkSession($sid)) {
423 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
424 }
425
426 global $DIC;
427
428 $rbacreview = $DIC['rbacreview'];
429 $objDefinition = $DIC['objDefinition'];
430 $rbacsystem = $DIC['rbacsystem'];
431 $rbacadmin = $DIC['rbacadmin'];
432 $ilAccess = $DIC['ilAccess'];
433
434 if (!$tmp_obj =&ilObjectFactory::getInstanceByRefId($target_id, false)) {
435 return $this->__raiseError(
436 'No valid ref id given. Please choose an existing reference id of an ILIAS object',
437 'Client'
438 );
439 }
440 if (ilObject::_lookupType($template_id) != 'rolt') {
441 return $this->__raiseError(
442 'No valid template id given. Please choose an existing object id of an ILIAS role template',
443 'Client'
444 );
445 }
446
447
448 if (ilObject::_isInTrash($target_id)) {
449 return $this->__raiseError("Parent with ID $target_id has been deleted.", 'CLIENT_TARGET_DELETED');
450 }
451
452 if (!$ilAccess->checkAccess('edit_permission', '', $target_id)) {
453 return $this->__raiseError('Check access failed. No permission to create roles', 'Server');
454 }
455
456
457 include_once 'webservice/soap/classes/class.ilObjectXMLParser.php';
458
459 $xml_parser = new ilObjectXMLParser($role_xml);
460 $xml_parser->startParsing();
461
462 foreach ($xml_parser->getObjectData() as $object_data) {
463
464 // check if role title has il_ prefix
465 if (substr($object_data['title'], 0, 3) == "il_") {
466 return $this->__raiseError(
467 'Rolenames are not allowed to start with "il_" ',
468 'Client'
469 );
470 }
471
472 include_once './Services/AccessControl/classes/class.ilObjRole.php';
473 $role = new ilObjRole();
474 $role->setTitle($object_data['title']);
475 $role->setDescription($object_data['description']);
476 $role->setImportId($object_data['import_id']);
477 $role->create();
478
479 $GLOBALS['DIC']['rbacadmin']->assignRoleToFolder($role->getId(), $target_id);
480
481 // Copy permssions
482 $rbacadmin->copyRoleTemplatePermissions($template_id, ROLE_FOLDER_ID, $target_id, $role->getId());
483
484 // Set object permissions according to role template
485 $ops = $rbacreview->getOperationsOfRole($role->getId(), $tmp_obj->getType(), $target_id);
486 $rbacadmin->grantPermission($role->getId(), $ops, $target_id);
487 $new_roles[] = $role->getId();
488 }
489
490
491 // CREATE ADMIN ROLE
492
493
494
495
496
497 return $new_roles ? $new_roles : array();
498 }
499
500 public function getObjectTreeOperations($sid, $ref_id, $user_id)
501 {
502 $this->initAuth($sid);
503 $this->initIlias();
504
505 if (!$this->__checkSession($sid)) {
506 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
507 }
508
509 global $DIC;
510
511 $rbacsystem = $DIC['rbacsystem'];
512 $rbacreview = $DIC['rbacreview'];
513 $ilAccess = $DIC['ilAccess'];
514
515
516 if (!$tmp_obj =&ilObjectFactory::getInstanceByRefId($ref_id, false)) {
517 return $this->__raiseError(
518 'No valid ref id given. Please choose an existing reference id of an ILIAS object',
519 'Client'
520 );
521 }
522
523 if (!$tmp_user =&ilObjectFactory::getInstanceByObjId($user_id, false)) {
524 return $this->__raiseError(
525 'No valid user id given.',
526 'Client'
527 );
528 }
529
530 if (ilObject::_isInTrash($ref_id)) {
531 return $this->__raiseError("Parent with ID $target_id has been deleted.", 'CLIENT_TARGET_DELETED');
532 }
533
534
535
536 // check visible for all upper tree entries
537 if (!$ilAccess->checkAccessOfUser($tmp_user->getId(), 'visible', '', $tmp_obj->getRefId())) {
538 return array();
539 }
540 $op_data = $rbacreview->getOperation(2);
541 $ops_data[] = $op_data;
542
543 if (!$ilAccess->checkAccessOfUser($tmp_user->getId(), 'read', '', $tmp_obj->getRefId())) {
544 return $ops_data;
545 }
546
547
548 $ops_data = array();
549 $ops = $rbacreview->getOperationsOnTypeString($tmp_obj->getType());
550 foreach ($ops as $ops_id) {
551 $op_data = $rbacreview->getOperation($ops_id);
552
553 if ($rbacsystem->checkAccessOfUser($user_id, $op_data['operation'], $tmp_obj->getRefId())) {
554 $ops_data[$ops_id] = $op_data;
555 }
556 }
557
558 foreach ($ops_data as $data) {
559 $ret_data[] = $data;
560 }
561 return $ret_data ? $ret_data : array();
562 }
563
572 public function getRoles($sid, $role_type, $id)
573 {
574 $this->initAuth($sid);
575 $this->initIlias();
576
577 if (!$this->__checkSession($sid)) {
578 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
579 }
580
581 global $DIC;
582
583 $rbacsystem = $DIC['rbacsystem'];
584 $rbacreview = $DIC['rbacreview'];
585 $ilUser = $DIC['ilUser'];
586 $ilDB = $DIC['ilDB'];
587
588 if (strcasecmp($role_type, "") != 0 &&
589 strcasecmp($role_type, "local") != 0 &&
590 strcasecmp($role_type, "global") != 0 &&
591 strcasecmp($role_type, "user") != 0 &&
592 strcasecmp($role_type, "user_login") != 0 &&
593 strcasecmp($role_type, "template") != 0) {
594 return $this->__raiseError('Called service with wrong role_type parameter \'' . $role_type . '\'', 'Client');
595 }
596
597 $roles = array();
598
599
600 if (strcasecmp($role_type, "template") == 0) {
601 // get templates
602 $roles = $rbacreview->getRolesByFilter(6, $ilUser->getId());
603 } elseif (strcasecmp($role_type, "user")==0 || strcasecmp($role_type, "user_login")==0) {
604 // handle user roles
605 $user_id = $this->parseUserID($id, $role_type);
606 if ($user_id != $ilUser->getId()) {
607 // check access for user folder
608 $tmpUser = new ilObjUser($user_id);
609 $timelimitOwner = $tmpUser->getTimeLimitOwner();
610 if (!$rbacsystem->checkAccess('read', $timelimitOwner)) {
611 return $this->__raiseError('Check access for time limit owner failed.', 'Server');
612 }
613 }
614 $role_type = ""; // local and global roles for user
615
616 $query = sprintf(
617 "SELECT object_data.title, rbac_fa.* FROM object_data, rbac_ua, rbac_fa WHERE rbac_ua.rol_id IN ('%s') AND rbac_ua.rol_id = rbac_fa.rol_id AND object_data.obj_id = rbac_fa.rol_id AND rbac_ua.usr_id=" . $user_id,
618 join("','", $rbacreview->assignedRoles($user_id))
619 );
620
621 $rbacresult = $ilDB->query($query);
622 while ($rbacrow = $rbacresult->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) {
623 if ($rbacrow["assign"] != "y") {
624 continue;
625 }
626
627 $type = "";
628
629 if ($rbacrow["parent"] == ROLE_FOLDER_ID) {
630 $type = "Global";
631 } else {
632 $type = "Local";
633 }
634 if (strlen($type) && $tmp_obj = ilObjectFactory::getInstanceByObjId($rbacrow["rol_id"], false)) {
635 /* @var $tmp_obj IlObjRole */
636 $roles[] = array(
637 "obj_id" =>$rbacrow["rol_id"],
638 "title" => $tmp_obj->getTitle(),
639 "description" => $tmp_obj->getDescription(),
640 "role_type" => $type);
641 }
642 }
643 } elseif ($id == "-1") {
644 // get all roles of system role folder
645 if (!$rbacsystem->checkAccess('read', ROLE_FOLDER_ID)) {
646 return $this->__raiseError('Check access failed.', 'Server');
647 }
648
649 $roles = $rbacreview->getAssignableRoles(false, true);
650 } else {
651 // get local roles for a specific repository object
652 // needs permission to read permissions of this object
653 if (!$rbacsystem->checkAccess('edit_permission', $id)) {
654 return $this->__raiseError('Check access for local roles failed.', 'Server');
655 }
656
657 if (!is_numeric($id)) {
658 return $this->__raiseError('Id must be numeric to process roles of a repository object.', 'Client');
659 }
660
661 $role_type = "local";
662
663 foreach ($rbacreview->getRolesOfRoleFolder($id, false) as $role_id) {
664 if ($tmp_obj = ilObjectFactory::getInstanceByObjId($role_id, false)) {
665 $roles[] = array("obj_id" => $role_id, "title" => $tmp_obj->getTitle(), "description" => $tmp_obj->getDescription(), "role_type" => $role_type);
666 }
667 }
668 }
669
670
671 include_once './webservice/soap/classes/class.ilSoapRoleObjectXMLWriter.php';
672
673 $xml_writer = new ilSoapRoleObjectXMLWriter();
674 $xml_writer->setObjects($roles);
675 $xml_writer->setType($role_type);
676 if ($xml_writer->start()) {
677 return $xml_writer->getXML();
678 }
679 }
680
691 public function searchRoles($sid, $key, $combination, $role_type)
692 {
693 $this->initAuth($sid);
694 $this->initIlias();
695
696 if (!$this->__checkSession($sid)) {
697 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
698 }
699
700 global $DIC;
701
702 $rbacsystem = $DIC['rbacsystem'];
703 $rbacreview = $DIC['rbacreview'];
704 $ilUser = $DIC['ilUser'];
705 $ilDB = $DIC['ilDB'];
706
707
708 if (strcasecmp($role_type, "") != 0 &&
709 strcasecmp($role_type, "local") != 0 &&
710 strcasecmp($role_type, "global") != 0 &&
711 strcasecmp($role_type, "template") != 0) {
712 return $this->__raiseError('Called service with wrong role_type parameter \'' . $role_type . '\'', 'Client');
713 }
714
715 if ($combination != 'and' and $combination != 'or') {
716 return $this->__raiseError(
717 'No valid combination given. Must be "and" or "or".',
718 'Client'
719 );
720 }
721
722 include_once './Services/Search/classes/class.ilQueryParser.php';
723
724 $query_parser = new ilQueryParser($key);
725 $query_parser->setMinWordLength(3);
726 $query_parser->setCombination($combination == 'and' ? QP_COMBINATION_AND : QP_COMBINATION_OR);
727 $query_parser->parse();
728 if (!$query_parser->validate()) {
729 return $this->__raiseError($query_parser->getMessage(), 'Client');
730 }
731
732 include_once './Services/Search/classes/class.ilObjectSearchFactory.php';
733
734 $object_search = ilObjectSearchFactory::_getObjectSearchInstance($query_parser);
735 $object_search->setFilter(array("role","rolt"));
736
737 $res = $object_search->performSearch();
738 $res->filter(ROOT_FOLDER_ID, $combination == 'and' ? true : false);
739
740 $obj_ids = array();
741 foreach ($res->getUniqueResults() as $entry) {
742 $obj_ids [] = $entry['obj_id'];
743 }
744
745 $roles = array();
746 if (count($obj_ids)> 0) {
747 #print_r($obj_ids);
748 $roles = $rbacreview->getRolesForIDs($obj_ids, $role_type == "template");
749 }
750 #print_r($roles);
751 include_once './webservice/soap/classes/class.ilSoapRoleObjectXMLWriter.php';
752 $xml_writer = new ilSoapRoleObjectXMLWriter();
753 $xml_writer->setObjects($roles);
754 $xml_writer->setType($role_type);
755 if ($xml_writer->start()) {
756 return $xml_writer->getXML();
757 }
758 }
759
760
761 private function parseUserID($id, $role_type)
762 {
763 if (strcasecmp($role_type, "user")==0) {
764 // get user roles for user id, which can be numeric or ilias id
765 $user_id = !is_numeric($id) ? ilUtil::__extractId($id, IL_INST_ID) : $id;
766 if (!is_numeric($user_id)) {
767 return $this->__raiseError('ID must be either numeric or ILIAS conform id for type \'user\'', 'Client');
768 }
769 } elseif (strcasecmp($role_type, "user_login") == 0) {
770 // check for login
771 $user_id = ilObjUser::_lookupId($id);
772 if (!$user_id) {
773 // could not find a valid user
774 return $this->__raiseError('User with login \'' . $id . '\' does not exist!', 'Client');
775 }
776 }
777 return $user_id;
778 }
779}
php
An exception for terminatinating execution or to throw for unit testing.
QP_COMBINATION_OR
const QP_COMBINATION_OR
Definition: class.ilQueryParser.php:36
QP_COMBINATION_AND
const QP_COMBINATION_AND
Definition: class.ilQueryParser.php:35
ilObjRole
Class ilObjRole.
Definition: class.ilObjRole.php:17
ilObjUser\_lookupId
static _lookupId($a_user_str)
Lookup id by login.
Definition: class.ilObjUser.php:827
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:77
ilObjectFactory\getInstanceByRefId
static getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
Definition: class.ilObjectFactory.php:141
ilObjectSearchFactory\_getObjectSearchInstance
static _getObjectSearchInstance($query_parser)
get reference of ilFulltext/LikeObjectSearch.
Definition: class.ilObjectSearchFactory.php:46
ilObject\_isInTrash
static _isInTrash($a_ref_id)
checks wether object is in trash
Definition: class.ilObject.php:1290
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1275
ilSoapAdministration\initAuth
initAuth($sid)
Init authentication.
Definition: class.ilSoapAdministration.php:177
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:206
ilSoapRBACAdministration\addUserRoleEntry
addUserRoleEntry($sid, $user_id, $role_id)
Definition: class.ilSoapRBACAdministration.php:83
ilSoapRBACAdministration\revokePermissions
revokePermissions($sid, $ref_id, $role_id)
Definition: class.ilSoapRBACAdministration.php:186
ilSoapRBACAdministration\addRoleFromTemplate
addRoleFromTemplate($sid, $target_id, $role_xml, $template_id)
Definition: class.ilSoapRBACAdministration.php:417
ilSoapRBACAdministration\grantPermissions
grantPermissions($sid, $ref_id, $role_id, $permissions)
Definition: class.ilSoapRBACAdministration.php:227
ilSoapRBACAdministration\deleteUserRoleEntry
deleteUserRoleEntry($sid, $user_id, $role_id)
Definition: class.ilSoapRBACAdministration.php:124
ilSoapRBACAdministration\getRoles
getRoles($sid, $role_type, $id)
get roles for a specific type and id
Definition: class.ilSoapRBACAdministration.php:572
ilSoapRBACAdministration\addRole
addRole($sid, $target_id, $role_xml)
Definition: class.ilSoapRBACAdministration.php:357
ilSoapRBACAdministration\searchRoles
searchRoles($sid, $key, $combination, $role_type)
search for roles.
Definition: class.ilSoapRBACAdministration.php:691
ilSoapRBACAdministration\getObjectTreeOperations
getObjectTreeOperations($sid, $ref_id, $user_id)
Definition: class.ilSoapRBACAdministration.php:500
ilUtil\__extractId
static __extractId($ilias_id, $inst_id)
extract ref id from role title, e.g.
Definition: class.ilUtil.php:4380
$key
$key
Definition: croninfo.php:18
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14
$target_id
$target_id
Definition: goto.php:49
$GLOBALS
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
Definition: module.tag.xmp.php:702
$query
$query
Definition: proxy_ylocal.php:13
$type
$type
Definition: proxy_ylocal.php:10
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$ilDB
global $ilDB
Definition: storeScorm2004.php:19
$ilUser
$ilUser
Definition: imgupload.php:18
$data
$data
Definition: bench.php:6
$template_id
$template_id
Definition: logout-iframe.php:118