ILIAS  release_6 Revision v6.24-5-g0c8bfefb3b8
class.ilObjectPermissionStatusGUI.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3require_once('./Services/Repository/classes/class.ilObjectPlugin.php');
4
16class ilObjectPermissionStatusGUI
17{
19 public $user;
21 public $lng;
23 public $ilCtrl;
25 public $tpl;
27 public $object;
29 public $rbacreview;
30 public $user_roles;
31 public $global_roles;
32 public $valid_roles;
33 public $assigned_valid_roles;
34
35 const IMG_OK = 0;
36 const IMG_NOT_OK = 1;
37
38
43 public function __construct(&$a_obj)
44 {
45 global $DIC;
46
47 $ilCtrl = $DIC['ilCtrl'];
48 $lng = $DIC['lng'];
49 $rbacreview = $DIC['rbacreview'];
50 $tpl = $DIC['tpl'];
51
52 $this->lng = $lng;
53 $this->ilCtrl = $ilCtrl;
54 $this->tpl = $tpl;
55 $this->object = $a_obj;
56 $this->rbacreview = $rbacreview;
57
58 $this->user = $this->getUser();
59 $this->user_roles = $rbacreview->assignedRoles($this->user->getId());
60 $this->global_roles = $rbacreview->getGlobalRoles();
61 $this->valid_roles = $rbacreview->getParentRoleIds($this->object->getRefId());
62 $this->assigned_valid_roles = $this->getAssignedValidRoles();
63 }
64
68 public function executeCommand()
69 {
70 global $DIC;
71
72 $ilCtrl = $DIC['ilCtrl'];
73
74 // determine next class in the call structure
75 $next_class = $this->ilCtrl->getNextClass($this);
76
77 switch ($next_class) {
78 case 'ilrepositorysearchgui':
79 include_once('./Services/Search/classes/class.ilRepositorySearchGUI.php');
80 $rep_search = new ilRepositorySearchGUI();
81 $this->ilCtrl->setReturn($this, 'perminfo');
82 $this->ilCtrl->forwardCommand($rep_search);
83 break;
84
85 default:
86 $cmd = $this->ilCtrl->getCmd();
87 $this->$cmd();
88 break;
89 }
90 }
91
95 public function perminfo()
96 {
97 $tpl = new ilTemplate("tpl.info_layout.html", false, false, "Services/AccessControl");
98
99 $tpl->setVariable("INFO_SUMMARY", $this->accessStatusInfo());
100 $tpl->setVariable("INFO_PERMISSIONS", $this->accessPermissionsTable());
101 $tpl->setVariable("INFO_ROLES", $this->availableRolesTable());
102 $tpl->setVariable("INFO_REMARK_INTERRUPTED", $this->lng->txt('info_remark_interrupted'));
103
104 $this->tpl->setVariable("ADM_CONTENT", $tpl->get());
105
106 $this->addToolbar();
107 }
108
112 public function addToolbar()
113 {
114 global $DIC;
115
116 $ilToolbar = $DIC['ilToolbar'];
117
118 $ilToolbar->setFormAction($this->ilCtrl->getFormAction($this, "perminfo"));
119
120 $ilToolbar->addText($this->lng->txt('user'));
121
122 include_once("./Services/Form/classes/class.ilTextInputGUI.php");
123
124 $login = new ilTextInputGUI($this->lng->txt("username"), "user_login");
125 $login->setDataSource($this->ilCtrl->getLinkTargetByClass(array(get_class($this),
126 'ilRepositorySearchGUI'), 'doUserAutoComplete', '', true));
127 $login->setSize(15);
128 $login->setValue($this->user->getLogin());
129
130 $ilToolbar->addInputItem($login);
131
132 $ilToolbar->addFormButton($this->lng->txt("info_change_user_view"), "perminfo");
133
134 //$ilToolbar->addText($lng->txt("info_enter_login_or_id"));
135 }
136
141 public function accessStatusInfo()
142 {
143 include_once("./Services/InfoScreen/classes/class.ilInfoScreenGUI.php");
144
145 $info = new ilInfoScreenGUI(new stdClass());
146 $info->setFormAction($this->ilCtrl->getFormAction($this));
147
148 $info->addSection($this->lng->txt("info_access_and_status_info"));
149
150 foreach ($this->getAccessStatusInfoData() as $data) {
151 $info->addProperty($data[0], $data[1]);
152 }
153
154 return $info->getHTML();
155 }
156
161 public function accessPermissionsTable()
162 {
163 include_once("./Services/AccessControl/classes/class.ilAccessPermissionsStatusTableGUI.php");
164
165 $table = new ilAccessPermissionsStatusTableGUI($this, "perminfo");
166
167 $table->setData($this->getAccessPermissionTableData());
168 $table->setTitle($this->lng->txt("info_access_permissions"));
169
170 return $table->getHTML();
171 }
172
177 public function availableRolesTable()
178 {
179 include_once("./Services/AccessControl/classes/class.ilAvailableRolesStatusTableGUI.php");
180
181 $table = new ilAvailableRolesStatusTableGUI($this, "perminfo");
182
183 $table->setData($this->getAvailableRolesTableData());
184 $table->setTitle($this->lng->txt("info_available_roles"));
185
186 return $table->getHTML();
187 }
188
193 public function getAssignedValidRoles()
194 {
195 include_once('./Services/AccessControl/classes/class.ilObjRole.php');
196 $assigned_valid_roles = array();
197
198 foreach ($this->valid_roles as $role) {
199 if (in_array($role['obj_id'], $this->user_roles)) {
200 if ($role["obj_id"] == SYSTEM_ROLE_ID) {
201 // get all possible operation of current object
202 $ops_list = ilRbacReview::_getOperationList($this->object->getType());
203
204 foreach ($ops_list as $ops_data) {
205 $ops[] = (int) $ops_data['ops_id'];
206 }
207
208 $role['ops'] = $ops;
209 } else {
210 $role['ops'] = $this->rbacreview->getRoleOperationsOnObject($role["obj_id"], $this->object->getRefId());
211 }
212
213 include_once('./Services/AccessControl/classes/class.ilObjRole.php');
214 $role['translation'] = str_replace(" ", "&nbsp;", ilObjRole::_getTranslation($role["title"]));
215 $assigned_valid_roles[] = $role;
216 }
217 }
218
219 $this->assigned_valid_roles = $assigned_valid_roles;
220
221 return $assigned_valid_roles;
222 }
223
229 public function getCommands($a_type)
230 {
231 global $DIC;
232
233 $objDefinition = $DIC['objDefinition'];
234
235 $class = $objDefinition->getClassName($a_type);
236 $location = $objDefinition->getLocation($a_type);
237 $full_class = "ilObj" . $class . "Access";
238
239 $cmds = call_user_func(array($full_class, "_getCommands"));
240
241 array_push($cmds, array('permission' => 'visible','cmd' => 'info'));
242
243 return $cmds;
244 }
245
250 public function getUser()
251 {
252 global $DIC;
253
254 $ilUser = $DIC['ilUser'];
255
256 if (!isset($_POST['user_login'])) {
257 $user = &$ilUser;
258 } else {
259 include_once('Services/User/classes/class.ilObjUser.php');
260 $user_id = ilObjUser::_lookupId($_POST['user_login']);
261
262 $factory = new ilObjectFactory();
263 $user = $factory->getInstanceByObjId($user_id, false);
264
265
266 if ($user === false or $user->getType() != 'usr') {
267 $user = &$ilUser;
268 ilUtil::sendFailure($this->lng->txt('info_err_user_not_exist'));
269 } else {
270 ilUtil::sendInfo($this->lng->txt('info_user_view_changed'));
271 }
272 }
273
274 return $user;
275 }
276
281 public function getAccessStatusInfoData()
282 {
283 global $DIC;
284
285 $ilAccess = $DIC['ilAccess'];
286 $infos = array();
287
288 $result_set[0][] = $this->lng->txt("info_view_of_user");
289 $result_set[0][] = $this->user->getFullname() . " (#" . $this->user->getId() . ")";
290
291 $assigned_valid_roles = array();
292
293 foreach ($this->getAssignedValidRoles() as $role) {
294 $assigned_valid_roles[] = $role["translation"];
295 }
296
297 $roles_str = implode(", ", $assigned_valid_roles);
298
299 $result_set[1][] = $this->lng->txt("roles");
300 $result_set[1][] = $roles_str;
301
302 $result_set[2][] = $this->lng->txt("status");
303
304 $ilAccess->clear();
305 $ilAccess->checkAccessOfUser(
306 $this->user->getId(),
307 'read',
308 '',
309 $this->object->getRefId(),
310 $this->object->getType(),
311 $this->object->getId()
312 );
313
314 $infos = array_merge($infos, $ilAccess->getInfo());
315
316 $cmds = $this->getCommands($this->object->getType());
317
318 foreach ($cmds as $cmd) {
319 $ilAccess->clear();
320 $ilAccess->doStatusCheck($cmd['permission'], $cmd['cmd'], $this->object->getRefId(), $this->user->getId(), $this->object->getId(), $this->object->getType());
321 $infos = array_merge($infos, $ilAccess->getInfo());
322 }
323
324 $alert = "il_ItemAlertProperty";
325 $okay = "il_ItemOkayProperty";
326 $text = "";
327
328 if (!$infos) {
329 $text = "<span class=\"" . $okay . "\">" . $this->lng->txt("access") . "</span><br/> ";
330 } else {
331 foreach ($infos as $info) {
332 switch ($info['type']) {
333 case IL_STATUS_MESSAGE:
334 $text .= "<span class=\"" . $okay . "\">" . $info['text'] . "</span><br/> ";
335 break;
336
337 case IL_NO_PARENT_ACCESS:
338 $factory = new ilObjectFactory();
339 $obj = $factory->getInstanceByRefId($info['data']);
340 $text .= "<span class=\"" . $alert . "\">" . $info['text'] . " (" . $this->lng->txt("obj_" . $obj->getType()) . " #" . $obj->getId() . ": " . $obj->getTitle() . ")</span><br/> ";
341 break;
342
343 default:
344 $text .= "<span class=\"" . $alert . "\">" . $info['text'] . "</span><br/> ";
345 break;
346
347 }
348 }
349 }
350
351 $result_set[2][] = $text;
352
353 return $result_set;
354 }
355
360 public function getAccessPermissionTableData()
361 {
362 global $DIC;
363
364 $ilAccess = $DIC['ilAccess'];
365 $ilObjDataCache = $DIC['ilObjDataCache'];
366 $objDefinition = $DIC['objDefinition'];
367
368 // get all possible operation of current object
369 $ops_list = ilRbacReview::_getOperationList($this->object->getType());
370
371 $counter = 0;
372 $result_set = array();
373
374 // check permissions of user
375 foreach ($ops_list as $ops) {
376 $access = $ilAccess->doRBACCheck($ops['operation'], "info", $this->object->getRefId(), $this->user->getId(), $this->object->getType());
377
378 $result_set[$counter]["img"] = $access ? self::IMG_OK : self::IMG_NOT_OK;
379
380 if (substr($ops['operation'], 0, 7) == "create_" &&
381 $objDefinition->isPlugin(substr($ops['operation'], 7))) {
382 $result_set[$counter]["operation"] = ilObjectPlugin::lookupTxtById(
383 substr($ops['operation'], 7),
384 'rbac_' . $ops['operation']
385 );
386 } elseif ($objDefinition->isPlugin($this->object->getType())) {
387 $result_set[$counter]["operation"] = ilObjectPlugin::lookupTxtById(
388 $this->object->getType(),
389 $this->object->getType() . "_" . $ops['operation']
390 );
391 } elseif (substr($ops['operation'], 0, 7) == 'create_') {
392 $result_set[$counter]["operation"] = $this->lng->txt('rbac_' . $ops['operation']);
393 } else {
394 $result_set[$counter]["operation"] = $this->lng->txt($this->object->getType() . "_" . $ops['operation']);
395 }
396
397 $list_role = [];
398
399 // Check ownership
400 if ($this->user->getId() == $ilObjDataCache->lookupOwner($this->object->getId())) {
401 if (
402 (substr($ops['operation'], 0, 7) != 'create_') and
403 ($ops['operation'] != 'edit_permission') and
404 ($ops['operation'] != 'edit_leanring_progress')
405 ) {
406 $list_role[] = $this->lng->txt('info_owner_of_object');
407 }
408 }
409 // get operations on object for each assigned role to user
410 foreach ($this->getAssignedValidRoles() as $role) {
411 if (in_array($ops['ops_id'], $role['ops'])) {
412 $list_role[] = $role['translation'];
413 }
414 }
415
416 if (empty($list_role)) {
417 $list_role[] = $this->lng->txt('none');
418 }
419
420
421 $result_set[$counter]["role_ownership"] = $list_role;
422
423 ++$counter;
424 }
425
426 return $result_set;
427 }
428
433 public function getAvailableRolesTableData()
434 {
435 global $DIC;
436
437 $tree = $DIC['tree'];
438
439 include_once('./Services/AccessControl/classes/class.ilObjRole.php');
440
441 $path = array_reverse($tree->getPathId($this->object->getRefId()));
442
443 include_once('./Services/AccessControl/classes/class.ilObjRole.php');
444 $counter = 0;
445
446 foreach ($this->valid_roles as $role) {
447 $result_set[$counter]["img"] = in_array($role['obj_id'], $this->user_roles) ? self::IMG_OK : self::IMG_NOT_OK;
448
449 if (is_subclass_of($this->object, ilObjectPlugin::class) && $role["parent"] == $this->object->getRefId()) {
450 $result_set[$counter][] = ilObjectPlugin::lookupTxtById($this->object->getType(), ilObjRole::_removeObjectId($role["title"]));
451 } else {
452 $result_set[$counter][] = str_replace(" ", "&nbsp;", ilObjRole::_getTranslation($role["title"]));
453 }
454
455 $result_set[$counter]["role"] = str_replace(" ", "&nbsp;", ilObjRole::_getTranslation($role["title"]));
456
457 if ($role['role_type'] != "linked") {
458 $result_set[$counter]["effective_from"] = "";
459 } else {
460 $rolfs = $this->rbacreview->getFoldersAssignedToRole($role["obj_id"]);
461
462 // ok, try to match the next rolf in path
463 foreach ($path as $node) {
464 if ($node == 1) {
465 break;
466 }
467
468
469 if (in_array($node, $rolfs)) {
470 $nodedata = $tree->getNodeData($node);
471 $result_set[$counter]["effective_from"] = $nodedata["title"];
472 $result_set[$counter]["effective_from_ref_id"] = $node;
473 break;
474 }
475 }
476 }
477
478 if (in_array($role['obj_id'], $this->global_roles)) {
479 $result_set[$counter]["original_position"] = $this->lng->txt("global");
480 $result_set[$counter]["original_position_ref_id"] = false;
481 } else {
482 $rolf = $this->rbacreview->getFoldersAssignedToRole($role["obj_id"], true);
483 $parent_node = $tree->getNodeData($rolf[0]);
484 $result_set[$counter]["original_position"] = $parent_node["title"];
485 $result_set[$counter]["original_position_ref_id"] = $parent_node["ref_id"];
486 }
487
488 ++$counter;
489 }
490
491 return $result_set;
492 }
493}
user
user()
Definition: user.php:4
$location
$location
Definition: buildRTE.php:44
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
php
An exception for terminatinating execution or to throw for unit testing.
IL_STATUS_MESSAGE
const IL_STATUS_MESSAGE
Definition: class.ilAccessInfo.php:30
IL_NO_PARENT_ACCESS
const IL_NO_PARENT_ACCESS
Definition: class.ilAccessInfo.php:27
ilAccessPermissionsStatusTableGUI
Table for Acces Permissons in Permission > Permission of User.
Definition: class.ilAccessPermissionsStatusTableGUI.php:14
ilAvailableRolesStatusTableGUI
Table for Available Roles in Permission > Permission of User.
Definition: class.ilAvailableRolesStatusTableGUI.php:14
ilCtrl
This class provides processing control methods.
Definition: class.ilCtrl.php:16
ilCtrl\getFormAction
getFormAction( $a_gui_obj, $a_fallback_cmd="", $a_anchor="", $a_asynch=false, $xml_style=false)
Get form action url for gui class object.
Definition: class.ilCtrl.php:1002
ilCtrl\getCmd
getCmd($a_default_cmd="", $a_safe_commands="")
Determines current get/post command.
Definition: class.ilCtrl.php:891
ilCtrl\setReturn
setReturn($a_gui_obj, $a_cmd)
Set return command.
Definition: class.ilCtrl.php:1387
ilCtrl\getNextClass
getNextClass($a_gui_class=null)
Get next class in the control path from the current class to the target command class.
Definition: class.ilCtrl.php:745
ilCtrl\getLinkTargetByClass
getLinkTargetByClass( $a_class, $a_cmd="", $a_anchor="", $a_asynch=false, $xml_style=false)
Get link target for command using gui class name.
Definition: class.ilCtrl.php:1358
ilCtrl\forwardCommand
forwardCommand($a_gui_object)
Forward flow of control to next gui class this invokes the executeCommand() method of the gui object ...
Definition: class.ilCtrl.php:188
ilInfoScreenGUI
Class ilInfoScreenGUI.
Definition: class.ilInfoScreenGUI.php:19
ilObjRole\_getTranslation
static _getTranslation($a_role_title)
Definition: class.ilObjRole.php:514
ilObjRole\_removeObjectId
static _removeObjectId($a_role_title)
Definition: class.ilObjRole.php:535
ilObjUser\_lookupId
static _lookupId($a_user_str)
Lookup id by login.
Definition: class.ilObjUser.php:831
ilObjectFactory
Class ilObjectFactory.
Definition: class.ilObjectFactory.php:21
ilObjectPermissionStatusGUI
This class displays the permission status of a user concerning a specific object.
Definition: class.ilObjectPermissionStatusGUI.php:17
ilObjectPermissionStatusGUI\__construct
__construct(&$a_obj)
Constructor @access public.
Definition: class.ilObjectPermissionStatusGUI.php:43
ilObjectPermissionStatusGUI\accessStatusInfo
accessStatusInfo()
Access- and Statusinformation Info.
Definition: class.ilObjectPermissionStatusGUI.php:141
ilObjectPermissionStatusGUI\accessPermissionsTable
accessPermissionsTable()
Access Permissions Table.
Definition: class.ilObjectPermissionStatusGUI.php:161
ilObjectPermissionStatusGUI\getAccessPermissionTableData
getAccessPermissionTableData()
Access Permissions Table Data.
Definition: class.ilObjectPermissionStatusGUI.php:360
ilObjectPermissionStatusGUI\getAvailableRolesTableData
getAvailableRolesTableData()
Available Roles Table Data.
Definition: class.ilObjectPermissionStatusGUI.php:433
ilObjectPlugin\lookupTxtById
static lookupTxtById($plugin_id, $lang_var)
Definition: class.ilObjectPlugin.php:99
ilRbacReview\_getOperationList
static _getOperationList($a_type=null)
get operation list by object type @access public @access static
Definition: class.ilRbacReview.php:1540
ilTemplate
special template class to simplify handling of ITX/PEAR
Definition: class.ilTemplate.php:14
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:17
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4519
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4503
$login
$login
Definition: cron.php:13
$factory
$factory
Definition: metadata.php:58
$data
$data
Definition: storeScorm.php:23
$ilUser
$ilUser
Definition: imgupload.php:18
$a_type
$a_type
Definition: workflow.php:92
$DIC
$DIC
Definition: xapitoken.php:46