4 include_once
"./Services/Object/classes/class.ilObjectGUI.php";
5 include_once
'./Services/AccessControl/classes/class.ilObjRole.php';
6 require_once(
'./Services/Repository/classes/class.ilObjectPlugin.php');
47 public function __construct($a_data, $a_id, $a_call_by_reference =
false, $a_prepare_output =
true)
54 $lng->loadLanguageModule(
'rbac');
57 define(
"USER_FOLDER_ID", 7);
63 (int) $_REQUEST[
'rolf_ref_id'] ?
64 (
int) $_REQUEST[
'rolf_ref_id'] :
65 (int) $_REQUEST[
'ref_id']
75 $this->ctrl->saveParameter($this, array(
'obj_id',
'rolf_ref_id'));
87 $next_class = $this->ctrl->getNextClass($this);
88 $cmd = $this->ctrl->getCmd();
92 switch ($next_class) {
93 case 'ilrepositorysearchgui':
96 $GLOBALS[
'DIC'][
'ilErr']->raiseError(
$GLOBALS[
'DIC'][
'lng']->txt(
'permission_denied'),
$GLOBALS[
'DIC'][
'ilErr']->WARNING);
98 include_once(
'./Services/Search/classes/class.ilRepositorySearchGUI.php');
100 $rep_search->setTitle($this->lng->txt(
'role_add_user'));
101 $rep_search->setCallback($this,
'addUserObject');
104 $this->tabs_gui->setTabActive(
'user_assignment');
105 $this->ctrl->setReturn($this,
'userassignment');
106 $ret = &$this->ctrl->forwardCommand($rep_search);
111 $this->tabs_gui->setTabActive(
'export');
113 include_once
'./Services/Export/classes/class.ilExportOptions.php';
117 include_once
'./Services/Export/classes/class.ilExportGUI.php';
119 $exp->addFormat(
'xml');
120 $this->ctrl->forwardCommand($exp);
123 case 'ilrecommendedcontentroleconfiggui':
124 $this->tabs_gui->setTabActive(
'rep_recommended_content');
126 $this->ctrl->forwardCommand($ui);
134 $cmd =
'userassignment';
178 $this->back_target = array(
"text" => $a_text,
184 return $this->back_target ? $this->back_target : array();
226 include_once
'./Services/Form/classes/class.ilPropertyFormGUI.php';
229 if ($this->creation_mode) {
230 $this->ctrl->setParameter($this,
"new_type",
'role');
232 $this->form->setFormAction($this->ctrl->getFormAction($this));
235 case self::MODE_GLOBAL_CREATE:
236 $this->form->setTitle($this->lng->txt(
'role_new'));
237 $this->form->addCommandButton(
'save', $this->lng->txt(
'role_new'));
240 case self::MODE_GLOBAL_UPDATE:
241 $this->form->setTitle($this->lng->txt(
'role_edit'));
242 $this->form->addCommandButton(
'update', $this->lng->txt(
'save'));
245 case self::MODE_LOCAL_CREATE:
246 case self::MODE_LOCAL_UPDATE:
249 $this->form->addCommandButton(
'cancel', $this->lng->txt(
'cancel'));
253 $title->setDisabled(
true);
256 $title->setValidationRegexp(
'/^(?!il_).*$/');
257 $title->setValidationFailureMessage($this->lng->txt(
'msg_role_reserved_prefix'));
261 $title->setMaxLength(70);
262 $title->setRequired(
true);
263 $this->form->addItem($title);
271 $this->form->addItem($desc);
273 if ($a_mode != self::MODE_LOCAL_CREATE && $a_mode != self::MODE_GLOBAL_CREATE) {
275 $this->form->addItem($ilias_id);
278 if ($this->obj_ref_id == ROLE_FOLDER_ID) {
281 #$reg->setInfo($this->lng->txt('rbac_new_acc_reg_info')); 282 $this->form->addItem($reg);
286 #$la->setInfo($this->lng->txt('rbac_local_admin_info')); 287 $this->form->addItem($la);
292 #$pro->setInfo($this->lng->txt('role_protext_permission_info')); 293 $this->form->addItem($pro);
299 $quo->setInfo($this->lng->txt(
'enter_in_mb_desc') .
'<br />' . $this->lng->txt(
'disk_quota_on_role_desc'));
300 $this->form->addItem($quo);
303 $this->lng->loadLanguageModule(
"file");
304 $wquo =
new ilNumberInputGUI($this->lng->txt(
'personal_resources_disk_quota'),
'wsp_disk_quota');
307 $wquo->setInfo($this->lng->txt(
'enter_in_mb_desc') .
'<br />' . $this->lng->txt(
'disk_quota_on_role_desc'));
308 $this->form->addItem($wquo);
322 if (!$this->form->getItemByPostVar(
'title')->getDisabled()) {
323 $role->
setTitle($this->form->getInput(
'title'));
325 if (!$this->form->getItemByPostVar(
'desc')->getDisabled()) {
359 $this->form->setValuesByArray($data);
376 if (!
$rbacsystem->checkAccess(
'create_role', $this->obj_ref_id)) {
377 $ilErr->raiseError($this->lng->txt(
'permission_denied'),
$ilErr->MESSAGE);
381 $this->tpl->setContent($this->form->getHTML());
396 $ilToolbar = $DIC[
'ilToolbar'];
398 if (!$this->
checkAccess(
'write',
'edit_permission')) {
399 $ilErr->raiseError($this->lng->txt(
"msg_no_perm_write"),
$ilErr->MESSAGE);
402 $this->tabs_gui->activateTab(
'edit_properties');
405 if ($this->object->getId() != SYSTEM_ROLE_ID) {
406 $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
408 $ilToolbar->addButton(
409 $this->lng->txt(
'rbac_delete_role'),
410 $this->ctrl->getLinkTarget($this,
'confirmDeleteRole')
417 $this->tpl->setContent($this->form->getHTML());
429 $rbacadmin = $DIC[
'rbacadmin'];
434 include_once
'./Services/AccessControl/classes/class.ilObjRole.php';
436 $this->role->create();
438 $rbacadmin->setProtected(
440 $this->role->getId(),
441 $this->form->getInput(
'pro') ?
'y' :
'n' 443 ilUtil::sendSuccess($this->lng->txt(
"role_added"),
true);
444 $this->ctrl->setParameter($this,
'obj_id', $this->role->getId());
445 $this->ctrl->redirect($this,
'perm');
449 $this->form->setValuesByPost();
450 $this->tpl->setContent($this->form->getHTML());
472 $rbacadmin = $DIC[
'rbacadmin'];
475 if ($this->form->checkInput() and !$this->
checkDuplicate($this->object->getId())) {
476 include_once
'./Services/AccessControl/classes/class.ilObjRole.php';
478 $this->
object->update();
479 $rbacadmin->setProtected(
481 $this->object->getId(),
482 $this->form->getInput(
'pro') ?
'y' :
'n' 484 ilUtil::sendSuccess($this->lng->txt(
"saved_successfully"),
true);
485 $this->ctrl->redirect($this,
'edit');
489 $this->form->setValuesByPost();
490 $this->tpl->setContent($this->form->getHTML());
498 protected function permObject($a_show_admin_permissions =
false)
502 $ilTabs = $DIC[
'ilTabs'];
504 $ilToolbar = $DIC[
'ilToolbar'];
508 $ilTabs->setTabActive(
'default_perm_settings');
512 if ($a_show_admin_permissions) {
513 $ilTabs->setSubTabActive(
'rbac_admin_permissions');
515 $ilTabs->setSubTabActive(
'rbac_repository_permissions');
518 if (!$this->
checkAccess(
'write',
'edit_permission')) {
519 $ilErr->raiseError($this->lng->txt(
'msg_no_perm_perm'),
$ilErr->MESSAGE);
524 if ($this->object->getId() != SYSTEM_ROLE_ID) {
525 $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
526 $ilToolbar->addButton(
527 $this->lng->txt(
"adopt_perm_from_template"),
528 $this->ctrl->getLinkTarget($this,
'adoptPerm')
531 $ilToolbar->addButton(
532 $this->lng->txt(
'rbac_delete_role'),
533 $this->ctrl->getLinkTarget($this,
'confirmDeleteRole')
538 $this->tpl->addBlockFile(
541 'tpl.rbac_template_permissions.html',
542 'Services/AccessControl' 545 $this->tpl->setVariable(
'PERM_ACTION', $this->ctrl->getFormAction($this));
547 include_once
'./Services/Accordion/classes/class.ilAccordionGUI.php';
552 if ($this->obj_ref_id == ROLE_FOLDER_ID) {
553 if ($a_show_admin_permissions) {
554 $subs = ilObjRole::getSubObjects(
'adm',
true);
556 $subs = ilObjRole::getSubObjects(
'root',
false);
559 $subs = ilObjRole::getSubObjects($this->
getParentType(), $a_show_admin_permissions);
562 foreach ($subs as $subtype => $def) {
563 include_once
'Services/AccessControl/classes/class.ilObjectRoleTemplatePermissionTableGUI.php';
568 $this->object->getId(),
570 $a_show_admin_permissions
574 $acc->addItem($def[
'translation'], $tbl->getHTML());
577 $this->tpl->setVariable(
'ACCORDION', $acc->getHTML());
580 include_once
'./Services/AccessControl/classes/class.ilObjectRoleTemplateOptionsTableGUI.php';
585 $this->object->getId(),
586 $a_show_admin_permissions
588 if ($this->object->getId() != SYSTEM_ROLE_ID) {
590 $a_show_admin_permissions ?
'adminPermSave' :
'permSave',
591 $this->lng->txt(
'save')
596 $this->tpl->setVariable(
'OPTIONS_TABLE', $options->getHTML());
625 $parent_role_ids =
$rbacreview->getParentRoleIds($this->obj_ref_id,
true);
627 foreach ($parent_role_ids as $id => $tmp) {
631 $sorted_ids =
ilUtil::_sortIds($ids,
'object_data',
'type,title',
'obj_id');
633 foreach ($sorted_ids as $id) {
634 $par = $parent_role_ids[$id];
635 if ($par[
"obj_id"] != SYSTEM_ROLE_ID && $this->object->getId() != $par[
"obj_id"]) {
636 $output[$key][
"role_id"] = $par[
"obj_id"];
637 $output[$key][
"type"] = ($par[
"type"] ==
'role' ? $this->lng->txt(
'obj_role') : $this->lng->txt(
'obj_rolt'));
639 $output[$key][
"role_desc"] = $par[
"desc"];
645 include_once(
'./Services/AccessControl/classes/class.ilRoleAdoptPermissionTableGUI.php');
648 $tbl->setTitle($this->lng->txt(
"adopt_perm_from_template"));
649 $tbl->setData($output);
651 $this->tpl->setContent($tbl->getHTML());
668 $ilErr->raiseError($this->lng->txt(
'msg_no_perm_perm'),
$ilErr->WARNING);
671 $question = $this->lng->txt(
'rbac_role_delete_qst');
673 $question .= (
'<br />' . $this->lng->txt(
'rbac_role_delete_self'));
677 include_once
'./Services/Utilities/classes/class.ilConfirmationGUI.php';
680 $confirm->setFormAction($this->ctrl->getFormAction($this));
681 $confirm->setHeaderText($question);
682 $confirm->setCancel($this->lng->txt(
'cancel'),
'perm');
683 $confirm->setConfirm($this->lng->txt(
'rbac_delete_role'),
'performDeleteRole');
687 $this->object->getId(),
692 $this->tpl->setContent($confirm->getHTML());
709 $ilErr->raiseError($this->lng->txt(
'msg_no_perm_perm'),
$ilErr->WARNING);
712 $this->
object->setParent((
int) $this->obj_ref_id);
713 $this->
object->delete();
714 ilUtil::sendSuccess($this->lng->txt(
'msg_deleted_role'),
true);
716 $this->ctrl->returnToParent($this);
729 $rbacadmin = $DIC[
'rbacadmin'];
732 $tree = $DIC[
'tree'];
738 $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_perm"), $this->
ilias->error_obj->MESSAGE);
742 include_once
"Services/AccessControl/classes/class.ilRbacLog.php";
744 if ($rbac_log_active) {
749 if ($this->obj_ref_id == ROLE_FOLDER_ID) {
750 if ($a_show_admin_permissions) {
751 $subs = ilObjRole::getSubObjects(
'adm',
true);
753 $subs = ilObjRole::getSubObjects(
'root',
false);
756 $subs = ilObjRole::getSubObjects($this->
getParentType(), $a_show_admin_permissions);
759 foreach ($subs as $subtype => $def) {
761 $rbacadmin->deleteRolePermission($this->object->getId(),
$this->obj_ref_id, $subtype);
764 if (empty(
$_POST[
"template_perm"])) {
765 $_POST[
"template_perm"] = array();
768 foreach (
$_POST[
"template_perm"] as $key => $ops_array) {
770 $rbacadmin->setRolePermission($this->object->getId(), $key, $ops_array,
$this->obj_ref_id);
773 if ($rbac_log_active) {
780 $this->
object->update();
784 $rbacadmin->setProtected($this->obj_ref_id, $this->object->getId(),
ilUtil::tf2yn(
$_POST[
'protected']));
787 if ($a_show_admin_permissions) {
788 $_POST[
'recursive'] =
true;
792 if (!
$_POST[
'recursive'] and !is_array(
$_POST[
'recursive_list'])) {
793 ilUtil::sendSuccess($this->lng->txt(
"saved_successfully"),
true);
794 if ($a_show_admin_permissions) {
795 $this->ctrl->redirect($this,
'adminPerm');
797 $this->ctrl->redirect($this,
'perm');
806 $start = ($this->obj_ref_id == ROLE_FOLDER_ID ? ROOT_FOLDER_ID :
$this->obj_ref_id);
807 if ($a_show_admin_permissions) {
808 $start =
$tree->getParentId($this->obj_ref_id);
811 if (
$_POST[
'protected']) {
812 $this->
object->changeExistingObjects(
817 #$a_show_admin_permissions ? array(
'adm') : array()
820 $this->
object->changeExistingObjects(
825 #$a_show_admin_permissions ? array(
'adm') : array()
828 ilUtil::sendSuccess($this->lng->txt(
"saved_successfully"),
true);
830 if ($a_show_admin_permissions) {
831 $this->ctrl->redirect($this,
'adminPerm');
833 $this->ctrl->redirect($this,
'perm');
848 $rbacadmin = $DIC[
'rbacadmin'];
851 $tree = $DIC[
'tree'];
861 $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_perm"), $this->
ilias->error_obj->MESSAGE);
864 if ($this->object->getId() ==
$_POST[
"adopt"]) {
868 $parentRoles =
$rbacreview->getParentRoleIds($this->obj_ref_id,
true);
869 $rbacadmin->copyRoleTemplatePermissions(
871 $parentRoles[
$_POST[
"adopt"]][
"parent"],
873 $this->object->getId(),
878 $this->
object->update();
881 $obj_data = &$this->
ilias->obj_factory->getInstanceByObjId($_POST[
"adopt"]);
882 ilUtil::sendSuccess($this->lng->txt(
"msg_perm_adopted_from1") .
" '" .
884 $this->lng->txt(
"msg_perm_adopted_from2"),
true);
887 $this->ctrl->redirect($this,
"perm");
897 $this->assignUserObject();
912 $rbacadmin = $DIC[
'rbacadmin'];
914 if (!$this->
checkAccess(
'edit_userassignment',
'edit_permission')) {
919 $this->obj_ref_id != ROLE_FOLDER_ID) {
924 $GLOBALS[
'DIC'][
'lng']->loadLanguageModule(
'search');
929 $assigned_users_all =
$rbacreview->assignedUsers($this->object->getId());
932 $assigned_users_new = array_diff($a_user_ids, array_intersect($a_user_ids, $assigned_users_all));
935 if (count($assigned_users_new) == 0) {
937 $this->ctrl->redirect($this,
'userassignment');
941 foreach ($assigned_users_new as
$user) {
942 $rbacadmin->assignUser($this->object->getId(),
$user,
false);
946 $this->
object->update();
948 ilUtil::sendSuccess($this->lng->txt(
"msg_userassignment_changed"),
true);
949 $this->ctrl->redirect($this,
'userassignment');
962 $rbacadmin = $DIC[
'rbacadmin'];
965 if (!$this->
checkAccess(
'edit_userassignment',
'edit_permission')) {
966 $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_assign_user_to_role"), $this->
ilias->error_obj->MESSAGE);
969 $selected_users = (
$_POST[
"user_id"]) ?
$_POST[
"user_id"] : array(
$_GET[
"user_id"]);
971 if ($selected_users[0] === null) {
972 $this->
ilias->raiseError($this->lng->txt(
"no_checkbox"), $this->
ilias->error_obj->MESSAGE);
976 if ($this->object->getId() == SYSTEM_ROLE_ID) {
977 if ($admin = array_search(SYSTEM_USER_ID, $selected_users) !==
false) {
978 unset($selected_users[$admin]);
983 $last_role = array();
986 foreach ($selected_users as
$user) {
987 $assigned_roles =
$rbacreview->assignedRoles($user);
988 $assigned_global_roles = array_intersect($assigned_roles, $global_roles);
990 if (count($assigned_roles) == 1 or (count($assigned_global_roles) == 1 and in_array($this->object->getId(), $assigned_global_roles))) {
991 $userObj = $this->
ilias->obj_factory->getInstanceByObjId($user);
992 $last_role[
$user] = $userObj->getFullName();
999 foreach ($selected_users as $user) {
1000 if (!isset($last_role[$user])) {
1001 $rbacadmin->deassignUser($this->object->getId(),
$user);
1006 $this->
object->update();
1009 if (count($last_role)) {
1010 $user_list = implode(
", ", $last_role);
1011 ilUtil::sendFailure($this->lng->txt(
'msg_is_last_role') .
': ' . $user_list .
'<br />' . $this->lng->txt(
'msg_min_one_role'),
true);
1013 ilUtil::sendSuccess($this->lng->txt(
"msg_userassignment_changed"),
true);
1015 $this->ctrl->redirect($this,
'userassignment');
1031 if (!$this->
checkAccess(
'edit_userassignment',
'edit_permission')) {
1032 $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_assign_user_to_role"), $this->
ilias->error_obj->MESSAGE);
1035 $this->tabs_gui->setTabActive(
'user_assignment');
1037 $this->tpl->addBlockFile(
'ADM_CONTENT',
'adm_content',
'tpl.rbac_ua.html',
'Services/AccessControl');
1039 include_once
'./Services/UIComponent/Toolbar/classes/class.ilToolbarGUI.php';
1043 include_once
'./Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
1045 $this->object->getId() != SYSTEM_ROLE_ID ||
1054 include_once
'./Services/Search/classes/class.ilRepositorySearchGUI.php';
1059 'auto_complete_name' =>
$lng->txt(
'user'),
1060 'submit_name' =>
$lng->txt(
'add')
1071 $this->lng->txt(
'search_user'),
1072 $this->ctrl->getLinkTargetByClass(
'ilRepositorySearchGUI',
'start')
1078 $this->lng->txt(
'role_mailto'),
1079 $this->ctrl->getLinkTarget($this,
'mailToRole')
1081 $this->tpl->setVariable(
'BUTTONS_UA', $tb->getHTML());
1084 include_once
'./Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
1085 $role_assignment_editable =
true;
1087 $this->object->getId() == SYSTEM_ROLE_ID &&
1089 $role_assignment_editable =
false;
1092 include_once
'./Services/AccessControl/classes/class.ilAssignedUsersTableGUI.php';
1093 $ut =
new ilAssignedUsersTableGUI($this,
'userassignment', $this->object->getId(), $role_assignment_editable);
1095 $this->tpl->setVariable(
'TABLE_UA', $ut->getHTML());
1107 if (
$_GET[
"new_type"] !=
"role") {
1108 $this->ctrl->redirect($this,
"userassignment");
1110 $this->ctrl->redirectByClass(
"ilobjrolefoldergui",
"view");
1124 if (!is_array(
$_POST[
"role"])) {
1126 $this->searchObject();
1131 $this->tpl->addBlockFile(
"ADM_CONTENT",
"adm_content",
"tpl.role_usr_selection.html",
"Services/AccessControl");
1132 $this->
__showButton(
"searchUserForm", $this->lng->txt(
"role_new_search"));
1137 foreach (
$_POST[
"role"] as $role_id) {
1138 $members = array_merge(
$rbacreview->assignedUsers($role_id), $members);
1141 $members = array_unique($members);
1145 $f_result = array();
1147 foreach ($members as
$user) {
1152 $user_ids[$counter] =
$user;
1156 $f_result[$counter][] = $tmp_obj->getLogin();
1157 $f_result[$counter][] = $tmp_obj->getFirstname();
1158 $f_result[$counter][] = $tmp_obj->getLastname();
1164 $this->__showSearchUserTable($f_result, $user_ids,
"listUsersRole");
1172 $this->tpl->addBlockFile(
"CONTENT",
"content",
"tpl.adm_content.html");
1173 $this->tpl->addBlockFile(
"STATUSLINE",
"statusline",
"tpl.statusline.html");
1176 if ($this->message) {
1189 $this->tpl->setTitle($this->lng->txt(
'role'));
1190 $this->tpl->setDescription($this->object->getTitle());
1193 $this->
getTabs($this->tabs_gui);
1204 $ilLocator = $DIC[
'ilLocator'];
1207 $_GET[
"admin_mode"] ==
"settings" 1208 &&
$_GET[
"ref_id"] == ROLE_FOLDER_ID) {
1209 parent::addAdminLocatorItems(
true);
1211 $ilLocator->addItem(
1213 $this->ctrl->getLinkTargetByClass(
"ilobjrolefoldergui",
'view')
1216 if (
$_GET[
"obj_id"] > 0) {
1217 $ilLocator->addItem(
1219 $this->ctrl->getLinkTarget($this,
'perm')
1223 parent::addAdminLocatorItems($a_do_not_add_object);
1235 $ilHelp = $DIC[
'ilHelp'];
1237 $base_role_container =
$rbacreview->getFoldersAssignedToRole($this->object->getId(),
true);
1240 $activate_role_edit =
false;
1244 if (in_array($this->obj_ref_id, $base_role_container) ||
1245 (strtolower(
$_GET[
"baseClass"]) ==
"iladministrationgui" &&
1246 $_GET[
"admin_mode"] ==
"settings")) {
1247 $activate_role_edit =
true;
1251 $this->tabs_gui->clearTargets();
1253 $ilHelp->setScreenIdComponent(
"role");
1255 if ($this->back_target !=
"") {
1256 $this->tabs_gui->setBackTarget(
1257 $this->back_target[
"text"],
1258 $this->back_target[
"link"]
1261 $this->tabs_gui->setBackTarget($this->lng->txt(
'btn_back'), $this->ctrl->getParentReturn($this));
1264 if ($this->
checkAccess(
'write',
'edit_permission') && $activate_role_edit) {
1265 $this->tabs_gui->addTarget(
1267 $this->ctrl->getLinkTarget($this,
"edit"),
1268 array(
"edit",
"update"),
1273 $this->tabs_gui->addTarget(
1274 "default_perm_settings",
1275 $this->ctrl->getLinkTarget($this,
"perm"),
1281 if ($this->
checkAccess(
'write',
'edit_permission') && $activate_role_edit && $this->
object->getId() != ANONYMOUS_ROLE_ID) {
1282 $this->tabs_gui->addTarget(
1284 $this->ctrl->getLinkTarget($this,
"userassignment"),
1285 array(
"deassignUser",
"userassignment",
"assignUser",
"searchUserForm",
"search"),
1290 if ($this->
checkAccess(
'write',
'edit_permission') && $activate_role_edit && $this->
object->getId() != ANONYMOUS_ROLE_ID) {
1291 $this->lng->loadLanguageModule(
"rep");
1292 $this->tabs_gui->addTarget(
1293 "rep_recommended_content",
1294 $this->ctrl->getLinkTargetByClass(
"ilrecommendedcontentroleconfiggui",
"")
1297 if ($this->
checkAccess(
'write',
'edit_permission')) {
1298 $this->tabs_gui->addTarget(
1300 $this->ctrl->getLinkTargetByClass(
'ilExportGUI'),
1309 if (count($obj_ids) > 1) {
1310 $_SESSION[
'mail_roles'][] =
'#il_role_' . $this->
object->getId();
1312 $_SESSION[
'mail_roles'][] = (new \ilRoleMailboxAddress($this->object->getId()))->value();
1315 require_once
'Services/Mail/classes/class.ilMailFormCall.php';
1325 $ilAccess = $DIC[
'ilAccess'];
1327 $a_perm_obj = $a_perm_obj ? $a_perm_obj : $a_perm_global;
1329 if ($this->obj_ref_id == ROLE_FOLDER_ID) {
1330 return $rbacsystem->checkAccess($a_perm_global, $this->obj_ref_id);
1332 return $ilAccess->checkAccess($a_perm_obj,
'', $this->obj_ref_id);
1346 if (!(
int)
$_POST[
'recursive'] and !is_array(
$_POST[
'recursive_list'])) {
1351 if (
$rbacreview->isProtected($this->obj_ref_id, $this->object->getId())) {
1354 return count(
$rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
1358 return count(
$rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
1368 $protected =
$_POST[
'protected'];
1370 include_once
'./Services/Form/classes/class.ilPropertyFormGUI.php';
1372 $form->setFormAction($this->ctrl->getFormAction($this,
'changeExistingObjects'));
1373 $form->setTitle($this->lng->txt(
'rbac_change_existing_confirm_tbl'));
1375 $form->addCommandButton(
'changeExistingObjects', $this->lng->txt(
'change_existing_objects'));
1376 $form->addCommandButton(
'perm', $this->lng->txt(
'cancel'));
1381 serialize(array(
'all')) :
1382 serialize(
$_POST[
'recursive_list'])
1384 $form->addItem($hidden);
1391 $this->lng->txt(
'rbac_keep_local_policies'),
1393 $this->lng->txt(
'rbac_keep_local_policies_info')
1398 $this->lng->txt(
'rbac_keep_local_policies'),
1400 $this->lng->txt(
'rbac_unprotected_keep_local_policies_info')
1403 $rad->addOption($keep);
1407 $this->lng->txt(
'rbac_delete_local_policies'),
1409 $this->lng->txt(
'rbac_delete_local_policies_info')
1413 $this->lng->txt(
'rbac_delete_local_policies'),
1415 $this->lng->txt(
'rbac_unprotected_delete_local_policies_info')
1418 $rad->addOption($del);
1420 $form->addItem($rad);
1421 $this->tpl->setContent($form->getHTML());
1432 $tree = $DIC[
'tree'];
1434 $rbacadmin = $DIC[
'rbacadmin'];
1436 $mode = (int)
$_POST[
'mode'];
1437 $start = ($this->obj_ref_id == ROLE_FOLDER_ID ? ROOT_FOLDER_ID :
$this->obj_ref_id);
1441 ilUtil::sendSuccess($this->lng->txt(
'settings_saved'),
true);
1442 $this->ctrl->redirect($this,
'perm');
1454 $ilTabs = $DIC[
'ilTabs'];
1457 case 'default_perm_settings':
1458 if ($this->obj_ref_id != ROLE_FOLDER_ID) {
1461 $ilTabs->addSubTabTarget(
1462 'rbac_repository_permissions',
1463 $this->ctrl->getLinkTarget($this,
'perm')
1465 $ilTabs->addSubTabTarget(
1466 'rbac_admin_permissions',
1467 $this->ctrl->getLinkTarget($this,
'adminPerm')
1483 $users = (array)
$_POST[
'user_id'];
1484 if (!count($users)) {
1486 $ilCtrl->redirect($this,
'userassignment');
1488 include_once
'./Services/User/classes/class.ilUserClipboard.php';
1493 $lng->loadLanguageModule(
'user');
1494 ilUtil::sendSuccess($this->lng->txt(
'clipboard_user_added'),
true);
1495 $ilCtrl->redirect($this,
'userassignment');
1505 $ilLocator = $DIC[
'ilLocator'];
1507 if (
$_GET[
"admin_mode"] ==
"") {
1508 $this->ctrl->setParameterByClass(
1511 (
int)
$_GET[
"obj_id"]
1513 $ilLocator->addItem(
1515 $this->ctrl->getLinkTargetByClass(
1533 $review = $DIC->rbac()->review();
1534 $logger = $DIC->logger()->ac();
1538 !$this->object->getId() ||
1539 $this->
object->getId() == ROLE_FOLDER_ID
1545 $possible_roles = [];
1547 $possible_roles = $review->getRolesOfObject(
1552 $logger->warning(
'Role access check failed: ' . $e);
1554 include_once
"Services/Object/exceptions/class.ilObjectException.php";
1555 throw new \ilObjectException($this->lng->txt(
'permission_denied'));
1558 if (!in_array($this->object->getId(), $possible_roles)) {
1559 $logger->warning(
'Object id: ' . $this->object->getId() .
' is not accessible for ref_id: ' .
$this->obj_ref_id);
1560 include_once
"Services/Object/exceptions/class.ilObjectException.php";
1561 throw new \ilObjectException($this->lng->txt(
'permission_denied'));
adoptPermSaveObject()
copy permissions from role
This class represents an option in a radio group.
static tf2yn($a_tf)
convert true/false to "y"/"n"
createObject()
Only called from administration -> role folder ? Otherwise this check access is wrong.
setSubTabs($a_tab)
Set sub tabs.
setBackTarget($a_text, $a_link)
set back tab target
static getInstance($a_usr_id)
Get singelton instance.
Copyright (c) 1998-2015 ILIAS open source, Extended GPL, see docs/LICENSE Date: 07.01.15 Time: 11:43.
getPersonalWorkspaceDiskQuota()
Gets the minimal personal workspace disk quota imposed by this role.
checkDuplicate($a_role_id=0)
Check if role with same name already exists in this folder.
addToClipboardObject()
Add selected users to user clipboard.
Table for object role permissions.
adminPermObject()
Show administration permissions.
static _isActive()
Static getter.
const MODE_PROTECTED_DELETE_LOCAL_POLICIES
__showButton($a_cmd, $a_text, $a_target='')
static MB2Bytes($a_value)
deassignUserObject()
de-assign users from role
assignSaveObject()
wrapper for renamed function
toggleAssignUsersStatus($a_assign_users)
permObject($a_show_admin_permissions=false)
Show template permissions.
adminPermSaveObject()
Save admin permissions.
ensureRoleAccessForContext()
setAllowRegister($a_allow_register)
set allow_register of role
static _isPersonalWorkspaceActive()
Static getter.
cancelObject()
cancelObject is called when an operation is canceled, method links back public
parse()
Parse permissions.
Table for object role permissions.
getAllowRegister()
get allow_register
getDiskQuota()
Gets the minimal disk quota imposed by this role.
addUserObject($a_user_ids)
Assign user (callback from ilRepositorySearchGUI)
setTitle($a_title)
set object title
const MODE_PROTECTED_KEEP_LOCAL_POLICIES
saveObject()
Save new role.
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Export User Interface Class.
static newInstance($a_export_id)
Create new instance.
prepareOutput($a_show_subobjects=true)
prepare output
static isAutoGenerated($a_role_id)
setValue($a_value)
Set Value.
permSaveObject($a_show_admin_permissions=false)
save permissions
loadRoleProperties(ilObjRole $role)
Store form input in role object.
confirmDeleteRoleObject()
Show delete confirmation screen.
getId()
get object id public
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,7),'usr_data','lastname','usr_id') => sorts by lastname.
isChangeExistingObjectsConfirmationRequired()
Check if a confirmation about further settings is required or not.
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
getParentObjId()
Get obj_id of current object.
performDeleteRoleObject()
Delete role.
Class ilObjectGUI Basic methods of all Output classes.
static _lookupObjId($a_id)
initFormRoleProperties($a_mode)
Create role prperty form.
static Bytes2MB($a_value)
getParentType()
get type of current object (not role folder)
editObject()
Edit role properties.
addMultiCommand($a_cmd, $a_text)
Add Command button.
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
getTitle()
get object title public
static infoPanel($a_keep=true)
getDescription()
get object description
redirection script todo: (a better solution should control the processing via a xml file) ...
readRoleProperties(ilObjRole $role)
Read role properties and write them to form.
showDefaultPermissionSettings()
check if default permissions are shown or not
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
static sendQuestion($a_info="", $a_keep=false)
Send Question to Screen.
setPersonalWorkspaceDiskQuota($a_disk_quota)
Sets the minimal personal workspace disk quota imposed by this role.
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
static _getTranslation($a_role_title)
static _lookupType($a_id, $a_reference=false)
lookup object type
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
__construct($a_data, $a_id, $a_call_by_reference=false, $a_prepare_output=true)
Constructor public.
showChangeExistingObjectsConfirmation()
Show confirmation screen.
static gatherTemplate($a_role_ref_id, $a_role_id)
checkAccess($a_perm_global, $a_perm_obj='')
getParentRefId()
Get ref id of current object (not role folder id)
changeExistingObjectsObject()
Change existing objects.
userassignmentObject()
display user assignment panel
This class represents a non editable value in a property form.
const MODE_UNPROTECTED_DELETE_LOCAL_POLICIES
__construct(Container $dic, ilPlugin $plugin)
This class represents a text area property in a property form.
static add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id=false)
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
static diffTemplate(array $a_old, array $a_new)
static _getIdsForTitle($title, $type='', $partialmatch=false)
TableGUI class for role administration.
setDescription($a_desc)
set object description
addAdminLocatorItems($a_do_not_add_object=false)
static fillAutoCompleteToolbar($parent_object, ilToolbarGUI $toolbar=null, $a_options=array(), $a_sticky=false)
fill toolbar with
getAdminTabs()
admin and normal tabs are equal for roles
Recommended content configuration for roles.
static allocateExportId()
Allocate a new export id.
static redirect($a_script)
Accordion user interface class.
updateObject()
Save role settings.
static _getInstance()
Get instance of ilSecuritySettings.
getContainerType()
Get type of role container.
setDiskQuota($a_disk_quota)
Sets the minimal disk quota imposed by this role.
static formCheckbox($checked, $varname, $value, $disabled=false)
??? public
Confirmation screen class.
1.8.13 (using Doxyfile)