56        $ilias = 
$DIC[
'ilias'];
 
   61        (isset(
$ilDB)) ? $this->ilDB = &
$ilDB : $this->ilDB = &$ilias->db;
 
   85        if (empty($a_title)) {
 
   86            $message = get_class($this) . 
"::roleExists(): No title given!";
 
   87            $this->ilErr->raiseError(
$message, $this->ilErr->WARNING);
 
   90        $clause = ($a_id) ? 
" AND obj_id != " . 
$ilDB->quote($a_id) . 
" " : 
"";
 
   92        $q = 
"SELECT DISTINCT(obj_id) obj_id FROM object_data " .
 
   93             "WHERE title =" . 
$ilDB->quote($a_title) . 
" " .
 
   94             "AND type IN('role','rolt')" .
 
   96        $r = $this->ilDB->query($q);
 
  119        if (!isset($a_path) or !is_array($a_path)) {
 
  120            $message = get_class($this) . 
"::getParentRoles(): No path given or wrong datatype!";
 
  121            $this->ilErr->raiseError(
$message, $this->ilErr->WARNING);
 
  125        $role_hierarchy = [];
 
  127        foreach ($a_path as $ref_id) {
 
  129            foreach ($roles as $role) {
 
  130                $id = $role[
"obj_id"];
 
  131                $role[
"parent"] = $ref_id;
 
  132                $parent_roles[$id] = $role;
 
  134                if (!array_key_exists($role[
'obj_id'], $role_hierarchy)) {
 
  135                    $role_hierarchy[$id] = $ref_id;
 
  155        $tree = 
$DIC[
'tree'];
 
  157        if (!isset($a_endnode_id)) {
 
  158            $GLOBALS[
'DIC'][
'ilLog']->logStack();
 
  159            $message = get_class($this) . 
"::getParentRoleIds(): No node_id (ref_id) given!";
 
  160            $this->ilErr->raiseError(
$message, $this->ilErr->WARNING);
 
  163        $pathIds = $tree->getPathId($a_endnode_id);
 
  184        if (!isset($a_ref_id) or !isset($a_templates)) {
 
  185            $message = get_class($this) . 
"::getRoleListByObject(): Missing parameter!" .
 
  186                       "ref_id: " . $a_ref_id .
 
  187                       "tpl_flag: " . $a_templates;
 
  188            $this->ilErr->raiseError(
$message, $this->ilErr->WARNING);
 
  195        $query = 
"SELECT * FROM object_data " .
 
  196             "JOIN rbac_fa ON obj_id = rol_id " .
 
  198             "AND object_data.obj_id = rbac_fa.rol_id " .
 
  199             "AND rbac_fa.parent = " . 
$ilDB->quote($a_ref_id, 
'integer') . 
" ";
 
  203            $row[
"desc"] = $row[
"description"];
 
  204            $row[
"user_id"] = $row[
"owner"];
 
  220    public function getAssignableRoles($a_templates = 
false, $a_internal_roles = 
false, $title_filter = 
'')
 
  230        $query = 
"SELECT * FROM object_data " .
 
  231             "JOIN rbac_fa ON obj_id = rol_id " .
 
  233             "AND rbac_fa.assign = 'y' ";
 
  235        if (strlen($title_filter)) {
 
  245            $row[
"desc"] = $row[
"description"];
 
  246            $row[
"user_id"] = $row[
"owner"];
 
  268        $query = 
'SELECT rol_id FROM rbac_fa fa ' .
 
  269                'JOIN tree t1 ON t1.child = fa.parent ' .
 
  270                'JOIN object_data obd ON fa.rol_id = obd.obj_id ' .
 
  271                'WHERE assign = ' . 
$ilDB->quote(
'y', 
'text') . 
' ' .
 
  272                'AND obd.type = ' . 
$ilDB->quote(
'role', 
'text') . 
' ' .
 
  273                'AND t1.child IN (' .
 
  274                $GLOBALS[
'DIC'][
'tree']->getSubTreeQuery($ref_id, array(
'child')) . 
' ' .
 
  282            $role_list[] = $row->rol_id;
 
  300        $query = 
"SELECT fa.*, rd.* " .
 
  301             "FROM object_data rd " .
 
  302             "JOIN rbac_fa fa ON rd.obj_id = fa.rol_id " .
 
  303             "WHERE fa.assign = 'y' " .
 
  304             "AND fa.parent = " . $this->ilDB->quote($a_ref_id, 
'integer') . 
" " 
  309            $roles_data[] = $row;
 
  311        return $roles_data ? $roles_data : [];
 
  327        if ($a_templates === 
true) {
 
  328            $where = 
"WHERE " . 
$ilDB->in(
'object_data.type', array(
'role',
'rolt'), 
false, 
'text') . 
" ";
 
  330            $where = 
"WHERE " . 
$ilDB->in(
'object_data.type', array(
'role'), 
false, 
'text') . 
" ";
 
  350        foreach ($a_role_list as $key => $val) {
 
  352            if ($val[
"type"] == 
"rolt") {
 
  353                $a_role_list[$key][
"role_type"] = 
"template";
 
  355                if ($val[
"assign"] == 
"y") {
 
  357                        $a_role_list[$key][
"role_type"] = 
"global";
 
  359                        $a_role_list[$key][
"role_type"] = 
"local";
 
  362                    $a_role_list[$key][
"role_type"] = 
"linked";
 
  366            if ($val[
"protected"] == 
"y") {
 
  367                $a_role_list[$key][
"protected"] = 
true;
 
  369                $a_role_list[$key][
"protected"] = 
false;
 
  388        $query = 
'select count(distinct(ua.usr_id)) as num from rbac_ua ua ' .
 
  389            'join object_data on ua.usr_id = obj_id ' .
 
  390            'join usr_data ud on ua.usr_id = ud.usr_id ' .
 
  391            'where ' . 
$ilDB->in(
'rol_id', $a_roles, 
false, 
'integer');
 
  394        if (
$res->numRows()) {
 
  415        if (!isset($a_rol_id)) {
 
  416            $message = get_class($this) . 
"::assignedUsers(): No role_id given!";
 
  417            $this->ilErr->raiseError(
$message, $this->ilErr->WARNING);
 
  419        if (isset(self::$assigned_users_cache[$a_rol_id])) {
 
  420            return self::$assigned_users_cache[$a_rol_id];
 
  425        $query = 
"SELECT usr_id FROM rbac_ua WHERE rol_id= " . 
$ilDB->quote($a_rol_id, 
'integer');
 
  428            array_push($result_arr, $row[
"usr_id"]);
 
  431        self::$assigned_users_cache[$a_rol_id] = $result_arr;
 
  447        if (isset(self::$is_assigned_cache[$a_role_id][$a_usr_id])) {
 
  448            return self::$is_assigned_cache[$a_role_id][$a_usr_id];
 
  455        $ilDB->setLimit(1, 0);
 
  456        $query = 
"SELECT usr_id FROM rbac_ua WHERE " .
 
  457                    "rol_id= " . 
$ilDB->quote($a_role_id, 
'integer') . 
" " .
 
  458                    "AND usr_id= " . 
$ilDB->quote($a_usr_id);
 
  461        $is_assigned = 
$res->numRows() == 1;
 
  462        self::$is_assigned_cache[$a_role_id][$a_usr_id] = $is_assigned;
 
  485        $ilDB->setLimit(1, 0);
 
  486        $query = 
"SELECT usr_id FROM rbac_ua WHERE " .
 
  487                    $ilDB->in(
'rol_id', $a_role_ids, 
false, 
'integer') .
 
  488                    " AND usr_id= " . 
$ilDB->quote($a_usr_id);
 
  508        $query = 
"SELECT rol_id FROM rbac_ua WHERE usr_id = " . 
$ilDB->quote($a_usr_id, 
'integer');
 
  511        while ($row = 
$ilDB->fetchObject(
$res)) {
 
  512            $role_arr[] = $row->rol_id;
 
  528        $query = 
"SELECT ua.rol_id FROM rbac_ua ua " .
 
  529            "JOIN rbac_fa fa ON ua.rol_id = fa.rol_id " .
 
  530            "WHERE usr_id = " . 
$ilDB->quote($a_usr_id, 
'integer') . 
' ' .
 
  535        while ($row = 
$ilDB->fetchObject(
$res)) {
 
  536            $role_arr[] = $row->rol_id;
 
  538        return $role_arr ? $role_arr : [];
 
  556        $ilBench->start(
"RBAC", 
"review_isAssignable");
 
  560            $ilBench->stop(
"RBAC", 
"review_isAssignable");
 
  564        if (!isset($a_rol_id) or !isset($a_ref_id)) {
 
  565            $message = get_class($this) . 
"::isAssignable(): Missing parameter!" .
 
  566                       " role_id: " . $a_rol_id . 
" ,ref_id: " . $a_ref_id;
 
  567            $this->ilErr->raiseError(
$message, $this->ilErr->WARNING);
 
  569        $query = 
"SELECT * FROM rbac_fa " .
 
  570             "WHERE rol_id = " . 
$ilDB->quote($a_rol_id, 
'integer') . 
" " .
 
  571             "AND parent = " . 
$ilDB->quote($a_ref_id, 
'integer') . 
" ";
 
  575        $ilBench->stop(
"RBAC", 
"review_isAssignable");
 
  576        return $row->assign == 
'y' ? 
true : 
false;
 
  590        $query = 
"SELECT * FROM rbac_fa WHERE rol_id = " . 
$ilDB->quote($a_role_id, 
'integer') . 
' ' .
 
  591            "AND assign = " . 
$ilDB->quote(
'y', 
'text');
 
  593        return $res->numRows() > 1;
 
  613        if (!isset($a_rol_id)) {
 
  614            $message = get_class($this) . 
"::getFoldersAssignedToRole(): No role_id given!";
 
  615            $this->ilErr->raiseError(
$message, $this->ilErr->WARNING);
 
  619            $where = 
" AND assign ='y'";
 
  622        $query = 
"SELECT DISTINCT parent FROM rbac_fa " .
 
  623             "WHERE rol_id = " . 
$ilDB->quote($a_rol_id, 
'integer') . 
" " . $where . 
" ";
 
  627        while ($row = 
$ilDB->fetchObject(
$res)) {
 
  628            $folders[] = $row->parent;
 
  646        if (!isset($a_ref_id)) {
 
  647            $GLOBALS[
'DIC'][
'ilLog']->logStack();
 
  648            throw new InvalidArgumentException(__METHOD__ . 
': No ref_id given!');
 
  650        if ($a_assignable_only === 
true) {
 
  651            $and = 
'AND assign = ' . 
$ilDB->quote(
'y', 
'text');
 
  653        $query = 
"SELECT rol_id FROM rbac_fa " .
 
  654             "WHERE parent = " . 
$ilDB->quote($a_ref_id, 
'integer') . 
" " .
 
  660        while ($row = 
$ilDB->fetchObject(
$res)) {
 
  661            $role_ids[] = $row->rol_id;
 
  685        $ilLog = 
$DIC[
'ilLog'];
 
  687        $ilBench->start(
"RBAC", 
"review_getRolesOfRoleFolder");
 
  689        if (!isset($a_ref_id)) {
 
  690            $message = get_class($this) . 
"::getRolesOfRoleFolder(): No ref_id given!";
 
  692            $this->ilErr->raiseError(
$message, $this->ilErr->WARNING);
 
  695        if ($a_nonassignable === 
false) {
 
  696            $and = 
" AND assign='y'";
 
  699        $query = 
"SELECT rol_id FROM rbac_fa " .
 
  700             "WHERE parent = " . 
$ilDB->quote($a_ref_id, 
'integer') . 
" " .
 
  704        while ($row = 
$ilDB->fetchObject(
$res)) {
 
  705            $rol_id[] = $row->rol_id;
 
  708        $ilBench->stop(
"RBAC", 
"review_getRolesOfRoleFolder");
 
  710        return $rol_id ? $rol_id : [];
 
  738                $lroles[] = $role_id;
 
  753            $lroles[] = $role_id;
 
  767            $ga[] = array(
'obj_id' => $role_id,
 
  768                          'role_type' => 
'global');
 
  770        return $ga ? $ga : [];
 
  781        include_once 
'./Services/AccessControl/classes/class.ilObjRole.php';
 
  785                $ga[] = array(
'obj_id' => $role_id,
 
  786                              'role_type' => 
'global');
 
  789        return $ga ? $ga : [];
 
  801        $rbacreview = 
$DIC[
'rbacreview'];
 
  804        $query = 
'SELECT * FROM rbac_fa ' .
 
  805            'WHERE rol_id = ' . 
$ilDB->quote($a_role_id, 
'integer') . 
' ' .
 
  806            'AND parent = ' . 
$ilDB->quote($a_parent_id, 
'integer');
 
  808        return $res->numRows() ? 
true : 
false;
 
  823        $query = 
'SELECT * FROM rbac_operations ORDER BY ops_id ';
 
  825        while ($row = 
$ilDB->fetchObject(
$res)) {
 
  826            $ops[] = array(
'ops_id' => $row->ops_id,
 
  827                           'operation' => $row->operation,
 
  828                           'description' => $row->description);
 
  831        return $ops ? $ops : [];
 
  846        $query = 
'SELECT * FROM rbac_operations WHERE ops_id = ' . 
$ilDB->quote($ops_id, 
'integer');
 
  848        while ($row = 
$ilDB->fetchObject(
$res)) {
 
  849            $ops = array(
'ops_id' => $row->ops_id,
 
  850                         'operation' => $row->operation,
 
  851                         'description' => $row->description);
 
  854        return $ops ? $ops : [];
 
  876        $query = 
"SELECT ops_id,type FROM rbac_templates " .
 
  877            "WHERE rol_id = " . 
$ilDB->quote($a_rol_id, 
'integer') . 
" " .
 
  878            "AND parent = " . 
$ilDB->quote($a_parent, 
'integer');
 
  882        while ($row = 
$ilDB->fetchObject(
$res)) {
 
  883            $ops_arr[$row->type][] = $row->ops_id;
 
  885        return (array) $ops_arr;
 
  901        $query = 
'SELECT * FROM rbac_pa ' .
 
  902            'WHERE ref_id = ' . 
$ilDB->quote($a_ref_id, 
'integer') . 
' ' .
 
  903            'AND rol_id = ' . 
$ilDB->quote($a_role_id, 
'integer') . 
' ';
 
  907            return unserialize($row[
'ops_id']);
 
  928        $ilLog = 
$DIC[
'ilLog'];
 
  930        if (!isset($a_rol_id) or !isset($a_type)) {
 
  931            $message = get_class($this) . 
"::getOperationsOfRole(): Missing Parameter!" .
 
  932                       "role_id: " . $a_rol_id .
 
  934                       "parent_id: " . $a_parent;
 
  935            $ilLog->logStack(
"Missing parameter! ");
 
  936            $this->ilErr->raiseError(
$message, $this->ilErr->WARNING);
 
  942        if ($a_parent == 0) {
 
  946        $query = 
"SELECT ops_id FROM rbac_templates " .
 
  947             "WHERE type =" . 
$ilDB->quote($a_type, 
'text') . 
" " .
 
  948             "AND rol_id = " . 
$ilDB->quote($a_rol_id, 
'integer') . 
" " .
 
  949             "AND parent = " . 
$ilDB->quote($a_parent, 
'integer');
 
  951        while ($row = 
$ilDB->fetchObject(
$res)) {
 
  952            $ops_arr[] = $row->ops_id;
 
  971        $query = 
"SELECT * FROM rbac_pa " .
 
  972            "WHERE rol_id = " . 
$ilDB->quote($a_role_id, 
'integer') . 
" " .
 
  973            "AND ref_id = " . 
$ilDB->quote($a_ref_id, 
'integer') . 
" ";
 
  976        while ($row = 
$ilDB->fetchObject(
$res)) {
 
  977            $ops = unserialize($row->ops_id);
 
  980        return $ops ? $ops : [];
 
  996        if (!isset($a_typ_id)) {
 
  997            $message = get_class($this) . 
"::getOperationsOnType(): No type_id given!";
 
  998            $this->ilErr->raiseError(
$message, $this->ilErr->WARNING);
 
 1001        #$query = "SELECT * FROM rbac_ta WHERE typ_id = ".$ilDB->quote($a_typ_id,'integer');
 
 1003        $query = 
'SELECT * FROM rbac_ta ta JOIN rbac_operations o ON ta.ops_id = o.ops_id ' .
 
 1004            'WHERE typ_id = ' . 
$ilDB->quote($a_typ_id, 
'integer') . 
' ' .
 
 1005            'ORDER BY op_order';
 
 1009        while ($row = 
$ilDB->fetchObject(
$res)) {
 
 1010            $ops_id[] = $row->ops_id;
 
 1013        return $ops_id ? $ops_id : [];
 
 1030        $query = 
"SELECT * FROM object_data WHERE type = 'typ' AND title = " . 
$ilDB->quote($a_type, 
'text') . 
" ";
 
 1053        if ($a_class != 
'create') {
 
 1054            $condition = 
"AND class != " . 
$ilDB->quote(
'create', 
'text');
 
 1056            $condition = 
"AND class = " . 
$ilDB->quote(
'create', 
'text');
 
 1059        $query = 
"SELECT ro.ops_id FROM rbac_operations ro " .
 
 1060            "JOIN rbac_ta rt ON  ro.ops_id = rt.ops_id " .
 
 1061            "JOIN object_data od ON rt.typ_id = od.obj_id " .
 
 1062            "WHERE type = " . 
$ilDB->quote(
'typ', 
'text') . 
" " .
 
 1063            "AND title = " . 
$ilDB->quote($a_type, 
'text') . 
" " .
 
 1065            "ORDER BY op_order ";
 
 1071            $ops[] = $row->ops_id;
 
 1092        #$query = 'SELECT t.parent p FROM tree t JOIN rbac_fa fa ON fa.parent = child '. 
 1093        #       'WHERE assign = '.$ilDB->quote('n','text').' '. 
 1094        #       'AND rol_id = '.$ilDB->quote($a_rol_id,'integer').' '; 
 1096        $query = 
'SELECT parent p FROM rbac_fa ' .
 
 1097                'WHERE assign = ' . 
$ilDB->quote(
'n', 
'text') . 
' ' .
 
 1098                'AND rol_id = ' . 
$ilDB->quote($a_rol_id, 
'integer') . 
' ';
 
 1101            $query .= (
'AND ' . 
$ilDB->in(
'parent', (array) $a_filter, 
false, 
'integer'));
 
 1107            $parent[] = $row->p;
 
 1125        $q = 
"SELECT tree FROM tree WHERE child =" . 
$ilDB->quote($a_node_id) . 
" ";
 
 1126        $r = $this->ilDB->query($q);
 
 1132                '%s::isDeleted(): Role folder with ref_id %s not found!',
 
 1136            $this->log->write(
$message, $this->log->FATAL);
 
 1142        if ($row->tree < 0) {
 
 1177        switch ($a_filter) {
 
 1185                $where = 
'WHERE ' . 
$ilDB->in(
'rbac_fa.rol_id', $this->
getGlobalRoles(), 
false, 
'integer') . 
' ';
 
 1192                $where = 
'WHERE ' . 
$ilDB->in(
'rbac_fa.rol_id', $this->
getGlobalRoles(), 
true, 
'integer');
 
 1197                $where = 
"WHERE object_data.type = 'rolt'";
 
 1208                $where = 
'WHERE ' . 
$ilDB->in(
'rbac_fa.rol_id', $this->
assignedRoles($a_user_id), 
false, 
'integer') . 
' ';
 
 1214        $query = 
"SELECT * FROM object_data " .
 
 1215             "JOIN rbac_fa ON obj_id = rol_id " .
 
 1217             "AND rbac_fa.assign = " . 
$ilDB->quote($assign, 
'text') . 
" ";
 
 1219        if (strlen($title_filter)) {
 
 1223                '%' . $title_filter . 
'%' 
 1228        while ($row = 
$ilDB->fetchAssoc(
$res)) {
 
 1229            $prefix = (substr($row[
"title"], 0, 3) == 
"il_") ? 
true : 
false;
 
 1232            if ($a_filter == 4 and !$prefix) {
 
 1237            if ($a_filter == 5 and $prefix) {
 
 1241            $row[
"desc"] = $row[
"description"];
 
 1242            $row[
"user_id"] = $row[
"owner"];
 
 1248        return $roles ? $roles : [];
 
 1264        $q = 
"SELECT obj_id FROM object_data " .
 
 1265             "WHERE title=" . 
$ilDB->quote($a_type, 
'text') . 
" AND type='typ'";
 
 1266        $r = 
$ilDB->query($q);
 
 1269        return $row->obj_id;
 
 1288        if (!count($operations)) {
 
 1292        $query = 
'SELECT ops_id FROM rbac_operations ' .
 
 1293            'WHERE ' . 
$ilDB->in(
'operation', $operations, 
false, 
'text');
 
 1296        while ($row = 
$ilDB->fetchObject(
$res)) {
 
 1297            $ops_ids[] = $row->ops_id;
 
 1299        return $ops_ids ? $ops_ids : [];
 
 1317        if (!isset($a_operation)) {
 
 1318            $message = 
"perm::getOperationId(): No operation given!";
 
 1323        if (!is_array(self::$_opsCache)) {
 
 1324            self::$_opsCache = [];
 
 1326            $q = 
"SELECT ops_id, operation FROM rbac_operations";
 
 1327            $r = 
$ilDB->query($q);
 
 1329                self::$_opsCache[$row->operation] = $row->ops_id;
 
 1334        if (array_key_exists($a_operation, self::$_opsCache)) {
 
 1335            return self::$_opsCache[$a_operation];
 
 1353        foreach ($a_type_arr as 
$type) {
 
 1354            $operations[] = (
'create_' . 
$type);
 
 1357        if (!count($operations)) {
 
 1361        $query = 
'SELECT ops_id, operation FROM rbac_operations ' .
 
 1362            'WHERE ' . 
$ilDB->in(
'operation', $operations, 
false, 
'text');
 
 1367        while ($row = 
$ilDB->fetchObject(
$res)) {
 
 1368            $type_arr = explode(
'_', $row->operation);
 
 1369            $type = $type_arr[1];
 
 1371            $ops_ids[
$type] = $row->ops_id;
 
 1393        $query = 
"SELECT protected FROM rbac_fa " .
 
 1394             "WHERE rol_id = " . 
$ilDB->quote($a_role_id, 
'integer') . 
" ";
 
 1414        $query = 
'SELECT blocked from rbac_fa ' .
 
 1415                'WHERE rol_id = ' . 
$ilDB->quote($a_role_id, 
'integer') . 
' ' .
 
 1416                'AND parent = ' . 
$ilDB->quote($a_ref_id, 
'integer');
 
 1419            return (
bool) $row->blocked;
 
 1434        $tree = 
$DIC[
'tree'];
 
 1439        $query = 
'SELECT parent from rbac_fa ' .
 
 1440                'WHERE rol_id = ' . 
$ilDB->quote($a_role_id, 
'integer') . 
' ' .
 
 1441                'AND blocked = ' . 
$ilDB->quote(1, 
'integer');
 
 1446            $parent_ids[] = $row->parent;
 
 1449        foreach ($parent_ids as $parent_id) {
 
 1450            if ($tree->isGrandChild($parent_id, $a_ref_id)) {
 
 1475        $rbacsystem = 
$DIC[
'rbacsystem'];
 
 1482            $leveladmin = 
false;
 
 1485        foreach ($a_role_hierarchy as $role_id => $rolf_id) {
 
 1486            if ($leveladmin == 
true) {
 
 1487                $a_parent_roles[$role_id][
'protected'] = 
false;
 
 1491            if ($a_parent_roles[$role_id][
'protected'] == 
true) {
 
 1492                $arr_lvl_roles_user = array_intersect($this->
assignedRoles(
$ilUser->getId()), array_keys($a_role_hierarchy, $rolf_id));
 
 1494                foreach ($arr_lvl_roles_user as $lvl_role_id) {
 
 1496                    $rolf = $a_parent_roles[$role_id][
'parent'];
 
 1497                    if ($rbacsystem->checkPermission($rolf, $lvl_role_id, 
'edit_permission')) {
 
 1499                        $a_parent_roles[$role_id][
'protected'] = 
false;
 
 1504        return $a_parent_roles;
 
 1527                'SELECT * FROM rbac_operations ' .
 
 1528                'JOIN rbac_ta ON rbac_operations.ops_id = rbac_ta.ops_id ' .
 
 1529                'JOIN object_data ON rbac_ta.typ_id = object_data.obj_id ' .
 
 1530                'WHERE object_data.title = %s ' .
 
 1531                'AND object_data.type = %s ' .
 
 1532                'ORDER BY op_order ASC',
 
 1533                $ilDB->quote($a_type, 
'text'),
 
 1534                $ilDB->quote(
'typ', 
'text')
 
 1537            $query = 
'SELECT * FROM rbac_operations ORDER BY op_order ASC';
 
 1540        while ($row = 
$ilDB->fetchAssoc(
$res)) {
 
 1542                        "ops_id" => $row[
'ops_id'],
 
 1543                        "operation" => $row[
'operation'],
 
 1544                        "desc" => $row[
'description'],
 
 1545                        "class" => $row[
'class'],
 
 1546                        "order" => $row[
'op_order']
 
 1562        foreach ($a_ops_arr as $ops) {
 
 1563            $arr[$ops[
'class']][] = array(
'ops_id' => $ops[
'ops_id'],
 
 1564                                           'name' => $ops[
'operation']
 
 1582        static $obj_cache = [];
 
 1589        if (isset($obj_cache[$a_role_id]) and $obj_cache[$a_role_id]) {
 
 1590            return $obj_cache[$a_role_id];
 
 1593        $query = 
'SELECT obr.obj_id FROM rbac_fa rfa ' .
 
 1594                'JOIN object_reference obr ON rfa.parent = obr.ref_id ' .
 
 1595                'WHERE assign = ' . 
$ilDB->quote(
'y', 
'text') . 
' ' .
 
 1596                'AND rol_id = ' . 
$ilDB->quote($a_role_id, 
'integer') . 
' ' .
 
 1597                'AND deleted IS NULL';
 
 1599        #$query = "SELECT obr.obj_id FROM rbac_fa rfa ".
 
 1600        #       "JOIN tree ON rfa.parent = tree.child ".
 
 1601        #       "JOIN object_reference obr ON tree.parent = obr.ref_id ".
 
 1602        #       "WHERE tree.tree = 1 ".
 
 1603        #       "AND assign = 'y' ".
 
 1604        #       "AND rol_id = ".$ilDB->quote($a_role_id,'integer')." ";
 
 1607        $obj_cache[$a_role_id] = 0;
 
 1608        while ($row = 
$ilDB->fetchObject(
$res)) {
 
 1609            $obj_cache[$a_role_id] = $row->obj_id;
 
 1611        return $obj_cache[$a_role_id];
 
 1626        $query = 
'SELECT parent p_ref FROM rbac_fa ' .
 
 1627                'WHERE rol_id = ' . 
$ilDB->quote($a_role_id, 
'integer') . 
' ' .
 
 1628                'AND assign = ' . 
$ilDB->quote(
'y', 
'text');
 
 1648        if (count($rolf_list)) {
 
 1649            foreach ($rolf_list as $rolf) {
 
 1678        $query = 
"SELECT * FROM object_data " .
 
 1679             "JOIN rbac_fa ON object_data.obj_id = rbac_fa.rol_id " .
 
 1681             "AND rbac_fa.assign = 'y' " .
 
 1682             'AND ' . 
$ilDB->in(
'object_data.obj_id', $role_ids, 
false, 
'integer');
 
 1685        while ($row = 
$ilDB->fetchAssoc(
$res)) {
 
 1686            $row[
"desc"] = $row[
"description"];
 
 1687            $row[
"user_id"] = $row[
"owner"];
 
 1688            $role_list[] = $row;
 
 1706        $query = 
'SELECT ta.typ_id, obj.title, ops.ops_id, ops.operation FROM rbac_ta ta ' .
 
 1707             'JOIN object_data obj ON obj.obj_id = ta.typ_id ' .
 
 1708             'JOIN rbac_operations ops ON ops.ops_id = ta.ops_id ';
 
 1712        while ($row = 
$ilDB->fetchObject(
$res)) {
 
 1713            $info[$counter][
'typ_id'] = $row->typ_id;
 
 1714            $info[$counter][
'type'] = $row->title;
 
 1715            $info[$counter][
'ops_id'] = $row->ops_id;
 
 1716            $info[$counter][
'operation'] = $row->operation;
 
 1719        return $info ? $info : [];
 
 1752        return substr($title, 0, 3) == 
'il_' ? 
true : 
false;
 
 1756    public function getParentOfRole(
int $role_id, ?
int $object_ref = 
null) : ?int
 
 1760        $tree = 
$DIC[
'tree'];
 
 1767        $path_ids = $tree->getPathId($object_ref);
 
 1770        while ($ref_id = array_pop($path_ids)) {
 
 1772            foreach ($roles as $role) {
 
 1773                if ((
int) $role[
'obj_id'] === $role_id) {
 
 1797            $and = (
'AND assign = ' . 
$ilDB->quote(
'y', 
'text'));
 
 1802        $query = 
'SELECT * FROM rbac_fa ' .
 
 1803            'WHERE rol_id = ' . 
$ilDB->quote($a_role_id, 
'integer') . 
' ' .
 
 1807            return $row->parent;
 
 1825        $query = 
"SELECT ops_id FROM rbac_pa JOIN rbac_ua " .
 
 1826            "ON (rbac_pa.rol_id = rbac_ua.rol_id) " .
 
 1827            "WHERE rbac_ua.usr_id = " . 
$ilDB->quote($a_user_id, 
'integer') . 
" " .
 
 1828            "AND rbac_pa.ref_id = " . 
$ilDB->quote($a_ref_id, 
'integer') . 
" ";
 
 1832        while ($row = 
$ilDB->fetchObject(
$res)) {
 
 1833            $ops = unserialize($row->ops_id);
 
 1834            $all_ops = array_merge($all_ops, $ops);
 
 1836        $all_ops = array_unique($all_ops);
 
 1838        $set = 
$ilDB->query(
"SELECT operation FROM rbac_operations " .
 
 1839            " WHERE " . 
$ilDB->in(
"ops_id", $all_ops, 
false, 
"integer"));
 
 1841        while ($rec = 
$ilDB->fetchAssoc($set)) {
 
 1842            $perms[] = $rec[
"operation"];
 
 1856        self::$is_assigned_cache[$a_role_id][$a_user_id] = $a_value;
 
 1867        return self::$is_assigned_cache[$a_role_id][$a_user_id];
 
 1875        self::$is_assigned_cache = [];
 
 1876        self::$assigned_users_cache = [];
 
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
const PEAR_ERROR_CALLBACK
An exception for terminatinating execution or to throw for unit testing.
return true
Flag indicating whether or not HTTP headers will be sent when outputting captcha image/audio.
static getLogger($a_component_id)
Get component logger.
static _getAssignUsersStatus($a_role_id)
static _lookupTitle($a_id)
lookup object title
static _lookupType($a_id, $a_reference=false)
lookup object type
class ilRbacReview Contains Review functions of core Rbac.
getAssignableChildRoles($a_ref_id)
Get all assignable roles directly under a specific node @access public.
getRolesByFilter($a_filter=0, $a_user_id=0, $title_filter='')
@global ilDB $ilDB
getTypeId($a_type)
Get type id of object @global ilDB $ilDB.
static _groupOperationsByClass($a_ops_arr)
getLocalPolicies($a_ref_id)
Get all roles with local policies.
assignedRoles($a_usr_id)
get all assigned roles to a given user @access public
getOperationsOfRole($a_rol_id, $a_type, $a_parent=0)
get all possible operations of a specific role The ref_id of the role folder (parent object) is neces...
assignedUsers($a_rol_id)
get all assigned users to a given role @access public
getLocalRoles($a_ref_id)
Get local roles of object.
static _getOperationIdByName($a_operation)
get operation id by name of operation @access public @access static
isDeleted($a_node_id)
Checks if a rolefolder is set as deleted (negative tree_id) @access public.
roleExists($a_title, $a_id=0)
Checks if a role already exists.
getOperationsByTypeAndClass($a_type, $a_class)
Get operations by type and class.
__setRoleType($a_role_list)
computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in oth...
__setProtectedStatus($a_parent_roles, $a_role_hierarchy, $a_ref_id)
Set protected status @global type $rbacsystem @global type $ilUser @global type $log.
getRolesOfRoleFolder($a_ref_id, $a_nonassignable=true)
get all roles of a role folder including linked local roles that are created due to stopped inheritan...
getActiveOperationsOfRole($a_ref_id, $a_role_id)
Get active operations for a role.
getGlobalRoles()
get only 'global' roles @access public
const FILTER_NOT_INTERNAL
isGlobalRole($a_role_id)
Check if role is a global role.
getRolesOfObject($a_ref_id, $a_assignable_only=false)
Get roles of object.
isRoleAssignedToObject($a_role_id, $a_parent_id)
Check if role is assigned to an object.
getFoldersAssignedToRole($a_rol_id, $a_assignable=false)
Returns an array of objects assigned to a role.
getRoleOperationsOnObject($a_role_id, $a_ref_id)
@global ilDB $ilDB
isBlockedAtPosition($a_role_id, $a_ref_id)
Check if role is blocked at position @global ilDB $ilDB.
hasMultipleAssignments($a_role_id)
Temporary bugfix.
getObjectsWithStopedInheritance($a_rol_id, $a_filter=[])
get all objects in which the inheritance of role with role_id was stopped the function returns all re...
getParentRoleIds($a_endnode_id, $a_templates=false)
get an array of parent role ids of all parent roles, if last parameter is set true you get also all p...
clearCaches()
Clear assigned users caches.
isProtected($a_ref_id, $a_role_id)
assignedGlobalRoles($a_usr_id)
Get assigned global roles for an user.
getOperationsOnType($a_typ_id)
all possible operations of a type @access public
static $assigned_users_cache
static _getOperationList($a_type=null)
get operation list by object type @access public @access static
isSystemGeneratedRole($a_role_id)
Check if the role is system generate role or role template.
getRoleListByObject($a_ref_id, $a_templates=false)
Returns a list of roles in an container @access public.
getGlobalAssignableRoles()
get only 'global' roles (with flag 'assign_users') @access public
isRoleDeleted($a_role_id)
return if role is only attached to deleted role folders
getNumberOfAssignedUsers(array $a_roles)
Get the number of assigned users to roles (not properly deleted user accounts are not counted)
isBlockedInUpperContext($a_role_id, $a_ref_id)
Check if role is blocked in upper context.
__getParentRoles($a_path, $a_templates)
Note: This function performs faster than the new getParentRoles function, because it uses database in...
getRoleFolderOfRole($a_role_id)
Get role folder of role @global ilDB $ilDB.
isAssigned($a_usr_id, $a_role_id)
check if a specific user is assigned to specific role @access public
static _getOperationIdsByName($operations)
get ops_id's by name.
isAssignable($a_rol_id, $a_ref_id)
Check if its possible to assign users @access public.
getAssignedCacheEntry($a_role_id, $a_user_id)
get entry of assigned_chache
getObjectReferenceOfRole($a_role_id)
Get reference of role.
static lookupCreateOperationIds($a_type_arr)
Lookup operation ids.
setAssignedCacheEntry($a_role_id, $a_user_id, $a_value)
set entry of assigned_chache
getGlobalRolesArray()
get only 'global' roles @access public
getOperationsOnTypeString($a_type)
all possible operations of a type @access public
getUserPermissionsOnObject($a_user_id, $a_ref_id)
Get all user permissions on an object.
getRolesForIDs($role_ids, $use_templates)
@global ilDB $ilDB
getAssignableRolesInSubtree($ref_id)
Returns a list of assignable roles in a subtree of the repository @access public.
getOperationAssignment()
get operation assignments
getOperation($ops_id)
get one operation by operation id @access public
__construct()
Constructor @access public.
getObjectOfRole($a_role_id)
Get object id of objects a role is assigned to.
__setTemplateFilter($a_templates)
get roles and templates or only roles; returns string for where clause @access private
getOperations()
get all possible operations @access public
getAssignableRoles($a_templates=false, $a_internal_roles=false, $title_filter='')
Returns a list of all assignable roles @access public.
isDeleteable($a_role_id, $a_rolf_id)
Check if role is deleteable at a specific position.
isAssignedToAtLeastOneGivenRole($a_usr_id, $a_role_ids)
check if a specific user is assigned to at least one of the given role ids.
getAllOperationsOfRole($a_rol_id, $a_parent=0)
get all possible operations of a specific role The ref_id of the role folder (parent object) is neces...
static $is_assigned_cache
static yn2tf($a_yn)
convert "y"/"n" to true/false
if(!file_exists(getcwd() . '/ilias.ini.php'))
registration confirmation script for ilias
foreach($_POST as $key=> $value) $res