ILIAS  release_6 Revision v6.24-5-g0c8bfefb3b8
class.ilSoapRBACAdministration.php
Go to the documentation of this file.
1<?php
2/*
3 +-----------------------------------------------------------------------------+
4 | ILIAS open source |
5 +-----------------------------------------------------------------------------+
6 | Copyright (c) 1998-2001 ILIAS open source, University of Cologne |
7 | |
8 | This program is free software; you can redistribute it and/or |
9 | modify it under the terms of the GNU General Public License |
10 | as published by the Free Software Foundation; either version 2 |
11 | of the License, or (at your option) any later version. |
12 | |
13 | This program is distributed in the hope that it will be useful, |
14 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | GNU General Public License for more details. |
17 | |
18 | You should have received a copy of the GNU General Public License |
19 | along with this program; if not, write to the Free Software |
20 | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21 +-----------------------------------------------------------------------------+
22 */
23
24
33include_once './webservice/soap/classes/class.ilSoapAdministration.php';
34
36{
37 public function deleteRole($sid, $role_id)
38 {
39 $this->initAuth($sid);
40 $this->initIlias();
41
42 if (!$this->__checkSession($sid)) {
43 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
44 }
45
46 global $DIC;
47
48 $rbacreview = $DIC['rbacreview'];
49 $rbacsystem = $DIC['rbacsystem'];
50 $ilAccess = $DIC['ilAccess'];
51
52 if (!$tmp_role =&ilObjectFactory::getInstanceByObjId($role_id, false) or $tmp_role->getType() != 'role') {
53 return $this->__raiseError(
54 'No valid role id given. Please choose an existing id of an ILIAS role',
55 'Client'
56 );
57 }
58
59
60 $obj_ref = $rbacreview->getObjectReferenceOfRole($role_id);
61 if (!$ilAccess->checkAccess('edit_permission', '', $obj_ref)) {
62 return $this->__raiseError('Check access failed. No permission to delete role', 'Server');
63 }
64
65 // if it's last role of an user
66 foreach ($assigned_users = $rbacreview->assignedUsers($role_id) as $user_id) {
67 if (count($rbacreview->assignedRoles($user_id)) == 1) {
68 return $this->__raiseError(
69 'Cannot deassign last role of users',
70 'Client'
71 );
72 }
73 }
74
75 // set parent id (role folder id) of role
76 $rolf_id = end($rolf_ids = $rbacreview->getFoldersAssignedToRole($role_id, true));
77 $tmp_role->setParent($rolf_id);
78 $tmp_role->delete();
79
80 return true;
81 }
82
83 public function addUserRoleEntry($sid, $user_id, $role_id)
84 {
85 $this->initAuth($sid);
86 $this->initIlias();
87
88 if (!$this->__checkSession($sid)) {
89 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
90 }
91
92 global $DIC;
93
94 $rbacadmin = $DIC['rbacadmin'];
95 $rbacreview = $DIC['rbacreview'];
96 $ilAccess = $DIC['ilAccess'];
97
98 $tmp_user = ilObjectFactory::getInstanceByObjId($user_id, false);
99 if (!$tmp_user instanceof ilObjUser) {
100 return $this->__raiseError(
101 'No valid user id given. Please choose an existing id of an ILIAS user',
102 'Client'
103 );
104 }
105 $tmp_role = ilObjectFactory::getInstanceByObjId($role_id, false);
106 if (!$tmp_role instanceof ilObjRole) {
107 return $this->__raiseError(
108 'No valid role id given. Please choose an existing id of an ILIAS role',
109 'Client'
110 );
111 }
112
113 $obj_ref = $rbacreview->getObjectReferenceOfRole($role_id);
114 if (!$ilAccess->checkAccess('edit_permission', '', $obj_ref)) {
115 return $this->__raiseError('Check access failed. No permission to assign users', 'Server');
116 }
117
118 if (!$rbacadmin->assignUser($role_id, $user_id)) {
119 return $this->__raiseError(
120 'Error rbacadmin->assignUser()',
121 'Server'
122 );
123 }
124 return true;
125 }
126 public function deleteUserRoleEntry($sid, $user_id, $role_id)
127 {
128 $this->initAuth($sid);
129 $this->initIlias();
130
131 if (!$this->__checkSession($sid)) {
132 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
133 }
134
135 global $DIC;
136
137 $rbacadmin = $DIC['rbacadmin'];
138 $ilAccess = $DIC['ilAccess'];
139 $rbacreview = $DIC['rbacreview'];
140
141 if ($tmp_user =&ilObjectFactory::getInstanceByObjId($user_id, false) and $tmp_user->getType() != 'usr') {
142 return $this->__raiseError(
143 'No valid user id given. Please choose an existing id of an ILIAS user',
144 'Client'
145 );
146 }
147 if ($tmp_role =&ilObjectFactory::getInstanceByObjId($role_id, false) and $tmp_role->getType() != 'role') {
148 return $this->__raiseError(
149 'No valid role id given. Please choose an existing id of an ILIAS role',
150 'Client'
151 );
152 }
153
154 $obj_ref = $rbacreview->getObjectReferenceOfRole($role_id);
155 if (!$ilAccess->checkAccess('edit_permission', '', $obj_ref)) {
156 return $this->__raiseError('Check access failed. No permission to deassign users', 'Server');
157 }
158
159 if (!$rbacadmin->deassignUser($role_id, $user_id)) {
160 return $this->__raiseError(
161 'Error rbacadmin->deassignUser()',
162 'Server'
163 );
164 }
165 return true;
166 }
167
168 public function getOperations($sid)
169 {
170 $this->initAuth($sid);
171 $this->initIlias();
172
173 if (!$this->__checkSession($sid)) {
174 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
175 }
176
177 global $DIC;
178
179 $rbacreview = $DIC['rbacreview'];
180
181 if (is_array($ops = $rbacreview->getOperations())) {
182 return $ops;
183 } else {
184 return $this->__raiseError('Unknown error', 'Server');
185 }
186 }
187
188 public function revokePermissions($sid, $ref_id, $role_id)
189 {
190 $this->initAuth($sid);
191 $this->initIlias();
192
193 if (!$this->__checkSession($sid)) {
194 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
195 }
196
197 global $DIC;
198
199 $rbacadmin = $DIC['rbacadmin'];
200 $ilAccess = $DIC['ilAccess'];
201
202 if (!$tmp_obj =&ilObjectFactory::getInstanceByRefId($ref_id, false)) {
203 return $this->__raiseError(
204 'No valid ref id given. Please choose an existing reference id of an ILIAS object',
205 'Client'
206 );
207 }
208 if ($tmp_role =&ilObjectFactory::getInstanceByObjId($role_id, false) and $tmp_role->getType() != 'role') {
209 return $this->__raiseError(
210 'No valid role id given. Please choose an existing id of an ILIAS role',
211 'Client'
212 );
213 }
214 if ($role_id == SYSTEM_ROLE_ID) {
215 return $this->__raiseError(
216 'Cannot revoke permissions of system role',
217 'Client'
218 );
219 }
220
221 if (!$ilAccess->checkAccess('edit_permission', '', $ref_id)) {
222 return $this->__raiseError('Check access failed. No permission to revoke permissions', 'Server');
223 }
224
225 $rbacadmin->revokePermission($ref_id, $role_id);
226
227 return true;
228 }
229 public function grantPermissions($sid, $ref_id, $role_id, $permissions)
230 {
231 $this->initAuth($sid);
232 $this->initIlias();
233
234 if (!$this->__checkSession($sid)) {
235 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
236 }
237
238 global $DIC;
239
240 $rbacadmin = $DIC['rbacadmin'];
241 $ilAccess = $DIC['ilAccess'];
242
243 if (!$tmp_obj =&ilObjectFactory::getInstanceByRefId($ref_id, false)) {
244 return $this->__raiseError(
245 'No valid ref id given. Please choose an existing reference id of an ILIAS object',
246 'Client'
247 );
248 }
249 if ($tmp_role =&ilObjectFactory::getInstanceByObjId($role_id, false) and $tmp_role->getType() != 'role') {
250 return $this->__raiseError(
251 'No valid role id given. Please choose an existing id of an ILIAS role',
252 'Client'
253 );
254 }
255
256 if (!$ilAccess->checkAccess('edit_permission', '', $ref_id)) {
257 return $this->__raiseError('Check access failed. No permission to grant permissions', 'Server');
258 }
259
260
261 // mjansen@databay.de: dirty fix
262 if (isset($permissions['item'])) {
263 $permissions = $permissions['item'];
264 }
265
266 if (!is_array($permissions)) {
267 return $this->__raiseError(
268 'No valid permissions given.' . print_r($permissions),
269 'Client'
270 );
271 }
272
273 $rbacadmin->revokePermission($ref_id, $role_id);
274 $rbacadmin->grantPermission($role_id, $permissions, $ref_id);
275
276 return true;
277 }
278
279 public function getLocalRoles($sid, $ref_id)
280 {
281 $this->initAuth($sid);
282 $this->initIlias();
283
284 if (!$this->__checkSession($sid)) {
285 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
286 }
287
288 global $DIC;
289
290 $rbacreview = $DIC['rbacreview'];
291 $ilAccess = $DIC['ilAccess'];
292
293 if (!$tmp_obj =&ilObjectFactory::getInstanceByRefId($ref_id, false)) {
294 return $this->__raiseError(
295 'No valid ref id given. Please choose an existing reference id of an ILIAS object',
296 'Client'
297 );
298 }
299
300 if (!$ilAccess->checkAccess('edit_permission', '', $ref_id)) {
301 return $this->__raiseError('Check access failed. No permission to access role information', 'Server');
302 }
303
304
305 foreach ($rbacreview->getRolesOfRoleFolder($ref_id, false) as $role_id) {
306 if ($tmp_obj = ilObjectFactory::getInstanceByObjId($role_id, false)) {
307 $objs[] = $tmp_obj;
308 }
309 }
310 if (count($objs)) {
311 include_once './webservice/soap/classes/class.ilObjectXMLWriter.php';
312
313 $xml_writer = new ilObjectXMLWriter();
314 $xml_writer->setObjects($objs);
315 if ($xml_writer->start()) {
316 return $xml_writer->getXML();
317 }
318 }
319 return '';
320 }
321
322 public function getUserRoles($sid, $user_id)
323 {
324 $this->initAuth($sid);
325 $this->initIlias();
326
327 if (!$this->__checkSession($sid)) {
328 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
329 }
330
331 global $DIC;
332
333 $rbacreview = $DIC['rbacreview'];
334
335 if (!$tmp_user =&ilObjectFactory::getInstanceByObjId($user_id, false)) {
336 return $this->__raiseError(
337 'No valid user id given. Please choose an existing id of an ILIAS user',
338 'Client'
339 );
340 }
341
342 foreach ($rbacreview->assignedRoles($user_id) as $role_id) {
343 if ($tmp_obj = ilObjectFactory::getInstanceByObjId($role_id, false)) {
344 $objs[] = $tmp_obj;
345 }
346 }
347 if (count($objs)) {
348 include_once './webservice/soap/classes/class.ilObjectXMLWriter.php';
349
350 $xml_writer = new ilObjectXMLWriter();
351 $xml_writer->setObjects($objs);
352 if ($xml_writer->start()) {
353 return $xml_writer->getXML();
354 }
355 }
356 return '';
357 }
358
359 public function addRole($sid, $target_id, $role_xml)
360 {
361 $this->initAuth($sid);
362 $this->initIlias();
363
364 if (!$this->__checkSession($sid)) {
365 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
366 }
367
368 global $DIC;
369
370 $rbacreview = $DIC['rbacreview'];
371 $objDefinition = $DIC['objDefinition'];
372 $rbacsystem = $DIC['rbacsystem'];
373 $ilAccess = $DIC['ilAccess'];
374
375 if (!$tmp_obj =&ilObjectFactory::getInstanceByRefId($target_id, false)) {
376 return $this->__raiseError(
377 'No valid ref id given. Please choose an existing reference id of an ILIAS object',
378 'Client'
379 );
380 }
381
383 return $this->__raiseError("Parent with ID $target_id has been deleted.", 'CLIENT_TARGET_DELETED');
384 }
385
386 if (!$ilAccess->checkAccess('edit_permission', '', $target_id)) {
387 return $this->__raiseError('Check access failed. No permission to create roles', 'Server');
388 }
389
390 include_once 'webservice/soap/classes/class.ilObjectXMLParser.php';
391
392 $xml_parser = new ilObjectXMLParser($role_xml);
393 $xml_parser->startParsing();
394
395 foreach ($xml_parser->getObjectData() as $object_data) {
396
397 // check if role title has il_ prefix
398 if (substr($object_data['title'], 0, 3) == "il_") {
399 return $this->__raiseError(
400 'Rolenames are not allowed to start with "il_" ',
401 'Client'
402 );
403 }
404
405 include_once './Services/AccessControl/classes/class.ilObjRole.php';
406 $role = new ilObjRole();
407 $role->setTitle($object_data['title']);
408 $role->setDescription($object_data['description']);
409 $role->setImportId($object_data['import_id']);
410 $role->create();
411
412 $GLOBALS['DIC']['rbacadmin']->assignRoleToFolder($role->getId(), $target_id);
413 $new_roles[] = $role->getId();
414 }
415
416 return $new_roles ? $new_roles : array();
417 }
418
419 public function addRoleFromTemplate($sid, $target_id, $role_xml, $template_id)
420 {
421 $this->initAuth($sid);
422 $this->initIlias();
423
424 if (!$this->__checkSession($sid)) {
425 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
426 }
427
428 global $DIC;
429
430 $rbacreview = $DIC['rbacreview'];
431 $objDefinition = $DIC['objDefinition'];
432 $rbacsystem = $DIC['rbacsystem'];
433 $rbacadmin = $DIC['rbacadmin'];
434 $ilAccess = $DIC['ilAccess'];
435
436 if (!$tmp_obj =&ilObjectFactory::getInstanceByRefId($target_id, false)) {
437 return $this->__raiseError(
438 'No valid ref id given. Please choose an existing reference id of an ILIAS object',
439 'Client'
440 );
441 }
442 if (ilObject::_lookupType($template_id) != 'rolt') {
443 return $this->__raiseError(
444 'No valid template id given. Please choose an existing object id of an ILIAS role template',
445 'Client'
446 );
447 }
448
449
451 return $this->__raiseError("Parent with ID $target_id has been deleted.", 'CLIENT_TARGET_DELETED');
452 }
453
454 if (!$ilAccess->checkAccess('edit_permission', '', $target_id)) {
455 return $this->__raiseError('Check access failed. No permission to create roles', 'Server');
456 }
457
458
459 include_once 'webservice/soap/classes/class.ilObjectXMLParser.php';
460
461 $xml_parser = new ilObjectXMLParser($role_xml);
462 $xml_parser->startParsing();
463
464 foreach ($xml_parser->getObjectData() as $object_data) {
465
466 // check if role title has il_ prefix
467 if (substr($object_data['title'], 0, 3) == "il_") {
468 return $this->__raiseError(
469 'Rolenames are not allowed to start with "il_" ',
470 'Client'
471 );
472 }
473
474 include_once './Services/AccessControl/classes/class.ilObjRole.php';
475 $role = new ilObjRole();
476 $role->setTitle($object_data['title']);
477 $role->setDescription($object_data['description']);
478 $role->setImportId($object_data['import_id']);
479 $role->create();
480
481 $GLOBALS['DIC']['rbacadmin']->assignRoleToFolder($role->getId(), $target_id);
482
483 // Copy permssions
484 $rbacadmin->copyRoleTemplatePermissions($template_id, ROLE_FOLDER_ID, $target_id, $role->getId());
485
486 // Set object permissions according to role template
487 $ops = $rbacreview->getOperationsOfRole($role->getId(), $tmp_obj->getType(), $target_id);
488 $rbacadmin->grantPermission($role->getId(), $ops, $target_id);
489 $new_roles[] = $role->getId();
490 }
491
492
493 // CREATE ADMIN ROLE
494
495
496
497
498
499 return $new_roles ? $new_roles : array();
500 }
501
502 public function getObjectTreeOperations($sid, $ref_id, $user_id)
503 {
504 $this->initAuth($sid);
505 $this->initIlias();
506
507 if (!$this->__checkSession($sid)) {
508 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
509 }
510
511 global $DIC;
512
513 $rbacsystem = $DIC['rbacsystem'];
514 $rbacreview = $DIC['rbacreview'];
515 $ilAccess = $DIC['ilAccess'];
516
517
518 if (!$tmp_obj =&ilObjectFactory::getInstanceByRefId($ref_id, false)) {
519 return $this->__raiseError(
520 'No valid ref id given. Please choose an existing reference id of an ILIAS object',
521 'Client'
522 );
523 }
524
525 if (!$tmp_user =&ilObjectFactory::getInstanceByObjId($user_id, false)) {
526 return $this->__raiseError(
527 'No valid user id given.',
528 'Client'
529 );
530 }
531
532 if (ilObject::_isInTrash($ref_id)) {
533 return $this->__raiseError("Parent with ID $target_id has been deleted.", 'CLIENT_TARGET_DELETED');
534 }
535
536
537
538 // check visible for all upper tree entries
539 if (!$ilAccess->checkAccessOfUser($tmp_user->getId(), 'visible', '', $tmp_obj->getRefId())) {
540 return array();
541 }
542 $op_data = $rbacreview->getOperation(2);
543 $ops_data[] = $op_data;
544
545 if (!$ilAccess->checkAccessOfUser($tmp_user->getId(), 'read', '', $tmp_obj->getRefId())) {
546 return $ops_data;
547 }
548
549
550 $ops_data = array();
551 $ops = $rbacreview->getOperationsOnTypeString($tmp_obj->getType());
552 foreach ($ops as $ops_id) {
553 $op_data = $rbacreview->getOperation($ops_id);
554
555 if ($rbacsystem->checkAccessOfUser($user_id, $op_data['operation'], $tmp_obj->getRefId())) {
556 $ops_data[$ops_id] = $op_data;
557 }
558 }
559
560 foreach ($ops_data as $data) {
561 $ret_data[] = $data;
562 }
563 return $ret_data ? $ret_data : array();
564 }
565
574 public function getRoles($sid, $role_type, $id)
575 {
576 $this->initAuth($sid);
577 $this->initIlias();
578
579 if (!$this->__checkSession($sid)) {
580 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
581 }
582
583 global $DIC;
584
585 $rbacsystem = $DIC['rbacsystem'];
586 $rbacreview = $DIC['rbacreview'];
587 $ilUser = $DIC['ilUser'];
588 $ilDB = $DIC['ilDB'];
589
590 if (strcasecmp($role_type, "") != 0 &&
591 strcasecmp($role_type, "local") != 0 &&
592 strcasecmp($role_type, "global") != 0 &&
593 strcasecmp($role_type, "user") != 0 &&
594 strcasecmp($role_type, "user_login") != 0 &&
595 strcasecmp($role_type, "template") != 0) {
596 return $this->__raiseError('Called service with wrong role_type parameter \'' . $role_type . '\'', 'Client');
597 }
598
599 $roles = array();
600
601
602 if (strcasecmp($role_type, "template") == 0) {
603 // get templates
604 $roles = $rbacreview->getRolesByFilter(6, $ilUser->getId());
605 } elseif (strcasecmp($role_type, "user")==0 || strcasecmp($role_type, "user_login")==0) {
606 // handle user roles
607 $user_id = $this->parseUserID($id, $role_type);
608 if ($user_id != $ilUser->getId()) {
609 // check access for user folder
610 $tmpUser = new ilObjUser($user_id);
611 $timelimitOwner = $tmpUser->getTimeLimitOwner();
612 if (!$rbacsystem->checkAccess('read', $timelimitOwner)) {
613 return $this->__raiseError('Check access for time limit owner failed.', 'Server');
614 }
615 }
616 $role_type = ""; // local and global roles for user
617
618 $query = sprintf(
619 "SELECT object_data.title, rbac_fa.* FROM object_data, rbac_ua, rbac_fa WHERE rbac_ua.rol_id IN ('%s') AND rbac_ua.rol_id = rbac_fa.rol_id AND object_data.obj_id = rbac_fa.rol_id AND rbac_ua.usr_id=" . $user_id,
620 join("','", $rbacreview->assignedRoles($user_id))
621 );
622
623 $rbacresult = $ilDB->query($query);
624 while ($rbacrow = $rbacresult->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) {
625 if ($rbacrow["assign"] != "y") {
626 continue;
627 }
628
629 $type = "";
630
631 if ($rbacrow["parent"] == ROLE_FOLDER_ID) {
632 $type = "Global";
633 } else {
634 $type = "Local";
635 }
636 if (strlen($type) && $tmp_obj = ilObjectFactory::getInstanceByObjId($rbacrow["rol_id"], false)) {
637 /* @var $tmp_obj IlObjRole */
638 $roles[] = array(
639 "obj_id" =>$rbacrow["rol_id"],
640 "title" => $tmp_obj->getTitle(),
641 "description" => $tmp_obj->getDescription(),
642 "role_type" => $type);
643 }
644 }
645 } elseif ($id == "-1") {
646 // get all roles of system role folder
647 if (!$rbacsystem->checkAccess('read', ROLE_FOLDER_ID)) {
648 return $this->__raiseError('Check access failed.', 'Server');
649 }
650
651 $roles = $rbacreview->getAssignableRoles(false, true);
652 } else {
653 // get local roles for a specific repository object
654 // needs permission to read permissions of this object
655 if (!$rbacsystem->checkAccess('edit_permission', $id)) {
656 return $this->__raiseError('Check access for local roles failed.', 'Server');
657 }
658
659 if (!is_numeric($id)) {
660 return $this->__raiseError('Id must be numeric to process roles of a repository object.', 'Client');
661 }
662
663 $role_type = "local";
664
665 foreach ($rbacreview->getRolesOfRoleFolder($id, false) as $role_id) {
666 if ($tmp_obj = ilObjectFactory::getInstanceByObjId($role_id, false)) {
667 $roles[] = array("obj_id" => $role_id, "title" => $tmp_obj->getTitle(), "description" => $tmp_obj->getDescription(), "role_type" => $role_type);
668 }
669 }
670 }
671
672
673 include_once './webservice/soap/classes/class.ilSoapRoleObjectXMLWriter.php';
674
675 $xml_writer = new ilSoapRoleObjectXMLWriter();
676 $xml_writer->setObjects($roles);
677 $xml_writer->setType($role_type);
678 if ($xml_writer->start()) {
679 return $xml_writer->getXML();
680 }
681 }
682
693 public function searchRoles($sid, $key, $combination, $role_type)
694 {
695 $this->initAuth($sid);
696 $this->initIlias();
697
698 if (!$this->__checkSession($sid)) {
699 return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
700 }
701
702 global $DIC;
703
704 $rbacsystem = $DIC['rbacsystem'];
705 $rbacreview = $DIC['rbacreview'];
706 $ilUser = $DIC['ilUser'];
707 $ilDB = $DIC['ilDB'];
708
709
710 if (strcasecmp($role_type, "") != 0 &&
711 strcasecmp($role_type, "local") != 0 &&
712 strcasecmp($role_type, "global") != 0 &&
713 strcasecmp($role_type, "template") != 0) {
714 return $this->__raiseError('Called service with wrong role_type parameter \'' . $role_type . '\'', 'Client');
715 }
716
717 if ($combination != 'and' and $combination != 'or') {
718 return $this->__raiseError(
719 'No valid combination given. Must be "and" or "or".',
720 'Client'
721 );
722 }
723
724 include_once './Services/Search/classes/class.ilQueryParser.php';
725
726 $query_parser = new ilQueryParser($key);
727 $query_parser->setMinWordLength(3);
728 $query_parser->setCombination($combination == 'and' ? QP_COMBINATION_AND : QP_COMBINATION_OR);
729 $query_parser->parse();
730 if (!$query_parser->validate()) {
731 return $this->__raiseError($query_parser->getMessage(), 'Client');
732 }
733
734 include_once './Services/Search/classes/class.ilObjectSearchFactory.php';
735
736 $object_search = ilObjectSearchFactory::_getObjectSearchInstance($query_parser);
737 $object_search->setFilter(array("role","rolt"));
738
739 $res = $object_search->performSearch();
740 $res->filter(ROOT_FOLDER_ID, $combination == 'and' ? true : false);
741
742 $obj_ids = array();
743 foreach ($res->getUniqueResults() as $entry) {
744 $obj_ids [] = $entry['obj_id'];
745 }
746
747 $roles = array();
748 if (count($obj_ids)> 0) {
749 #print_r($obj_ids);
750 $roles = $rbacreview->getRolesForIDs($obj_ids, $role_type == "template");
751 }
752 #print_r($roles);
753 include_once './webservice/soap/classes/class.ilSoapRoleObjectXMLWriter.php';
754 $xml_writer = new ilSoapRoleObjectXMLWriter();
755 $xml_writer->setObjects($roles);
756 $xml_writer->setType($role_type);
757 if ($xml_writer->start()) {
758 return $xml_writer->getXML();
759 }
760 }
761
762
763 private function parseUserID($id, $role_type)
764 {
765 if (strcasecmp($role_type, "user")==0) {
766 // get user roles for user id, which can be numeric or ilias id
767 $user_id = !is_numeric($id) ? ilUtil::__extractId($id, IL_INST_ID) : $id;
768 if (!is_numeric($user_id)) {
769 return $this->__raiseError('ID must be either numeric or ILIAS conform id for type \'user\'', 'Client');
770 }
771 } elseif (strcasecmp($role_type, "user_login") == 0) {
772 // check for login
773 $user_id = ilObjUser::_lookupId($id);
774 if (!$user_id) {
775 // could not find a valid user
776 return $this->__raiseError('User with login \'' . $id . '\' does not exist!', 'Client');
777 }
778 }
779 return $user_id;
780 }
781}
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
Definition: PEAR.php:64
An exception for terminatinating execution or to throw for unit testing.
const QP_COMBINATION_OR
const QP_COMBINATION_AND
Class ilObjRole.
static _lookupId($a_user_str)
Lookup id by login.
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
static getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
static _getObjectSearchInstance($query_parser)
get reference of ilFulltext/LikeObjectSearch.
static _isInTrash($a_ref_id)
checks wether object is in trash
static _lookupType($a_id, $a_reference=false)
lookup object type
initAuth($sid)
Init authentication.
__raiseError($a_message, $a_code)
addUserRoleEntry($sid, $user_id, $role_id)
revokePermissions($sid, $ref_id, $role_id)
addRoleFromTemplate($sid, $target_id, $role_xml, $template_id)
grantPermissions($sid, $ref_id, $role_id, $permissions)
deleteUserRoleEntry($sid, $user_id, $role_id)
getRoles($sid, $role_type, $id)
get roles for a specific type and id
addRole($sid, $target_id, $role_xml)
searchRoles($sid, $key, $combination, $role_type)
search for roles.
getObjectTreeOperations($sid, $ref_id, $user_id)
static __extractId($ilias_id, $inst_id)
extract ref id from role title, e.g.
$target_id
Definition: goto.php:49
$query
$type
foreach($_POST as $key=> $value) $res
global $ilDB
$data
Definition: storeScorm.php:23
$ilUser
Definition: imgupload.php:18
$DIC
Definition: xapitoken.php:46