ILIAS  release_7 Revision v7.30-3-g800a261c036
Public Member Functions | Static Public Member Functions | Data Fields | Protected Member Functions | Protected Attributes
ilPermissionGUI Class Reference

New PermissionGUI (extends from old ilPermission2GUI) RBAC related output. More...

+ Inheritance diagram for ilPermissionGUI:
+ Collaboration diagram for ilPermissionGUI:

Public Member Functions

 __construct ($a_gui_obj)
 Constructor. More...
 
 executeCommand ()
 Execute command. More...
 
 getCurrentObject ()
 Get current object. More...
 
 perm (ilTable2GUI $table=null)
 show permission table More...
 
 applyRoleFilter ($a_roles, $a_filter_id)
 Apply filter to roles. More...
 
- Public Member Functions inherited from ilPermission2GUI
 __construct ($a_gui_obj)
 
 owner ()
 
 changeOwner ()
 
 __initSubTabs ($a_cmd)
 
 log ()
 
 applyLogFilter ()
 
 resetLogFilter ()
 

Static Public Member Functions

static hasContainerCommands ($a_type)
 Check if container commands are possible for the current object type. More...
 

Data Fields

const CMD_PERM_POSITIONS = 'permPositions'
 
const CMD_SAVE_POSITIONS_PERMISSIONS = 'savePositionsPermissions'
 
- Data Fields inherited from ilPermission2GUI
const TAB_POSITION_PERMISSION_SETTINGS = "position_permission_settings"
 

Protected Member Functions

 confirmTemplateSwitch ()
 Called after toolbar action applyTemplateSwitch. More...
 
 isAdminRoleFolder ()
 Check of current location is administration (main) role folder. More...
 
 isAdministrationObject ()
 
 isInAdministration ()
 Check if node is subobject of administration folder. More...
 
 applyFilter ()
 Apply filter. More...
 
 resetFilter ()
 Reset filter. More...
 
 savePermissions ()
 Save permissions. More...
 
 showConfirmBlockRole ($a_blocked_info)
 Show block role confirmation screen. More...
 
 modifyBlockRoles ()
 
 unblockRoles ($roles)
 
 blockRoles ($roles)
 Block role. More...
 
 displayImportRoleForm (ilPropertyFormGUI $form=null)
 Show import form. More...
 
 doImportRole ()
 Perform import. More...
 
 initImportForm ()
 init import form More...
 
 initRoleForm ()
 Shoew add role type $rbacreview type $objDefinition. More...
 
 displayAddRoleForm ()
 Show add role form. More...
 
 addRole ()
 adds a local role This method is only called when choose the option 'you may add local roles'. More...
 
 getModifiedBlockedSettings ()
 
 permPositions ()
 
 savePositionsPermissions ()
 

Protected Attributes

 $current_obj = null
 
 $recommended_content_manager
 
- Protected Attributes inherited from ilPermission2GUI
 $gui_obj = null
 
 $ilErr = null
 
 $ctrl = null
 
 $lng = null
 
 $tpl
 

Detailed Description

New PermissionGUI (extends from old ilPermission2GUI) RBAC related output.

Author
Stefan Meyer smeye.nosp@m.r.il.nosp@m.ias@g.nosp@m.mx.d.nosp@m.e
Sascha Hofmann sasch.nosp@m.ahof.nosp@m.mann@.nosp@m.gmx..nosp@m.de
Version
$Id$

ilPermissionGUI: ilObjRoleGUI, ilRepositorySearchGUI, ilObjectPermissionStatusGUI

Definition at line 19 of file class.ilPermissionGUI.php.

Constructor & Destructor Documentation

◆ __construct()

ilPermissionGUI::__construct (   $a_gui_obj)

Constructor.

Parameters
object$a_gui_obj
Returns

Definition at line 36 of file class.ilPermissionGUI.php.

References ILIAS\GlobalScreen\Provider\__construct().

37  {
38  parent::__construct($a_gui_obj);
39 
40  $this->recommended_content_manager = new ilRecommendedContentManager();
41  }
ILIAS\GlobalScreen\Provider\__construct
__construct(Container $dic, ilPlugin $plugin)
Definition: PluginProviderHelper.php:40
ilRecommendedContentManager
Recommended content manager (business logic)
Definition: class.ilRecommendedContentManager.php:11
+ Here is the call graph for this function:

Member Function Documentation

◆ addRole()

ilPermissionGUI::addRole ( )
protected

adds a local role This method is only called when choose the option 'you may add local roles'.

This option is displayed in the permission settings dialogue for an object TODO: this will be changed public

Definition at line 750 of file class.ilPermissionGUI.php.

References $DIC, $GLOBALS, ilPermission2GUI\$ilErr, getCurrentObject(), initRoleForm(), ilObjRole\MODE_PROTECTED_KEEP_LOCAL_POLICIES, and ilObjRole\MODE_UNPROTECTED_KEEP_LOCAL_POLICIES.

751  {
752  global $DIC;
753 
754  $rbacadmin = $DIC['rbacadmin'];
755  $rbacreview = $DIC['rbacreview'];
756  $rbacsystem = $DIC['rbacsystem'];
757  $ilErr = $DIC['ilErr'];
758  $ilCtrl = $DIC['ilCtrl'];
759 
760  $form = $this->initRoleForm();
761  if ($form->checkInput()) {
762  $new_title = $form->getInput("title");
763 
764  include_once './Services/AccessControl/classes/class.ilObjRole.php';
765  $role = new ilObjRole();
766  $role->setTitle($new_title);
767  $role->setDescription($form->getInput('desc'));
768  $role->create();
769 
770  $GLOBALS['DIC']['rbacadmin']->assignRoleToFolder($role->getId(), $this->getCurrentObject()->getRefId());
771 
772  // protect
773  $rbacadmin->setProtected(
774  $this->getCurrentObject()->getRefId(),
775  $role->getId(),
776  $form->getInput('pro') ? 'y' : 'n'
777  );
778 
779  // copy rights
780  $right_id_to_copy = $form->getInput("rights");
781  if ($right_id_to_copy) {
782  $parentRoles = $rbacreview->getParentRoleIds($this->getCurrentObject()->getRefId(), true);
783  $rbacadmin->copyRoleTemplatePermissions(
784  $right_id_to_copy,
785  $parentRoles[$right_id_to_copy]["parent"],
786  $this->getCurrentObject()->getRefId(),
787  $role->getId(),
788  false
789  );
790 
791  if ($form->getInput('existing')) {
792  if ($form->getInput('pro')) {
793  $role->changeExistingObjects(
794  $this->getCurrentObject()->getRefId(),
795  ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES,
796  array('all')
797  );
798  } else {
799  $role->changeExistingObjects(
800  $this->getCurrentObject()->getRefId(),
801  ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES,
802  array('all')
803  );
804  }
805  }
806  }
807 
808  // add to desktop items
809  if ($form->getInput("desktop")) {
810  $this->recommended_content_manager->addRoleRecommendation($role->getId(), $this->getCurrentObject()->getRefId());
811  }
812 
813  ilUtil::sendSuccess($this->lng->txt("role_added"), true);
814  $this->ctrl->redirect($this, 'perm');
815  } else {
816  $form->setValuesByPost();
817  $this->tpl->setContent($form->getHTML());
818  }
819  }
ilObjRole
Class ilObjRole.
Definition: class.ilObjRole.php:16
ilPermissionGUI\initRoleForm
initRoleForm()
Shoew add role type $rbacreview type $objDefinition.
Definition: class.ilPermissionGUI.php:649
ilObjRole\MODE_PROTECTED_KEEP_LOCAL_POLICIES
const MODE_PROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:19
$DIC
global $DIC
Definition: goto.php:24
$GLOBALS
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
Definition: PEAR.php:64
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:104
ilObjRole\MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:21
+ Here is the call graph for this function:

◆ applyFilter()

ilPermissionGUI::applyFilter ( )
protected

Apply filter.

Returns

Definition at line 194 of file class.ilPermissionGUI.php.

References getCurrentObject(), and perm().

195  {
196  include_once './Services/AccessControl/classes/class.ilObjectRolePermissionTableGUI.php';
197  $table = new ilObjectRolePermissionTableGUI($this, 'perm', $this->getCurrentObject()->getRefId());
198  $table->resetOffset();
199  $table->writeFilterToSession();
200  return $this->perm($table);
201  }
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:104
ilPermissionGUI\perm
perm(ilTable2GUI $table=null)
show permission table
Definition: class.ilPermissionGUI.php:126
+ Here is the call graph for this function:

◆ applyRoleFilter()

ilPermissionGUI::applyRoleFilter (   $a_roles,
  $a_filter_id 
)

Apply filter to roles.

Parameters
int$a_filter_id
Returns

Definition at line 222 of file class.ilPermissionGUI.php.

References $DIC, $GLOBALS, getCurrentObject(), ilObjectRolePermissionTableGUI\ROLE_FILTER_ALL, ilObjectRolePermissionTableGUI\ROLE_FILTER_GLOBAL, ilObjectRolePermissionTableGUI\ROLE_FILTER_LOCAL, ilObjectRolePermissionTableGUI\ROLE_FILTER_LOCAL_OBJECT, ilObjectRolePermissionTableGUI\ROLE_FILTER_LOCAL_POLICY, and SYSTEM_ROLE_ID.

Referenced by savePermissions().

223  {
224  global $DIC;
225 
226  $rbacreview = $DIC['rbacreview'];
227 
228  // Always delete administrator role from view
229  if (isset($a_roles[SYSTEM_ROLE_ID])) {
230  unset($a_roles[SYSTEM_ROLE_ID]);
231  }
232 
233  switch ($a_filter_id) {
234  // all roles in context
235  case ilObjectRolePermissionTableGUI::ROLE_FILTER_ALL:
236 
237  return $a_roles;
238 
239  // only global roles
240  case ilObjectRolePermissionTableGUI::ROLE_FILTER_GLOBAL:
241 
242  $arr_global_roles = $rbacreview->getGlobalRoles();
243  $arr_remove_roles = array_diff(array_keys($a_roles), $arr_global_roles);
244 
245  foreach ($arr_remove_roles as $role_id) {
246  unset($a_roles[$role_id]);
247  }
248  return $a_roles;
249 
250  // only local roles (all local roles in context that are not defined at ROLE_FOLDER_ID)
251  case ilObjectRolePermissionTableGUI::ROLE_FILTER_LOCAL:
252  $arr_global_roles = $rbacreview->getGlobalRoles();
253 
254  foreach ($arr_global_roles as $role_id) {
255  unset($a_roles[$role_id]);
256  }
257 
258  return $a_roles;
259  break;
260 
261  // only roles which use a local policy
262  case ilObjectRolePermissionTableGUI::ROLE_FILTER_LOCAL_POLICY:
263 
264  $arr_local_roles = $GLOBALS['DIC']['rbacreview']->getRolesOfObject($this->getCurrentObject()->getRefId());
265  $arr_remove_roles = array_diff(array_keys($a_roles), $arr_local_roles);
266 
267  foreach ($arr_remove_roles as $role_id) {
268  unset($a_roles[$role_id]);
269  }
270 
271  return $a_roles;
272 
273  // only true local role defined at current position
274  case ilObjectRolePermissionTableGUI::ROLE_FILTER_LOCAL_OBJECT:
275 
276  $arr_local_roles = $GLOBALS['DIC']['rbacreview']->getRolesOfObject($this->getCurrentObject()->getRefId(), true);
277  $arr_remove_roles = array_diff(array_keys($a_roles), $arr_local_roles);
278 
279  foreach ($arr_remove_roles as $role_id) {
280  unset($a_roles[$role_id]);
281  }
282 
283  return $a_roles;
284 
285  default:
286  return $a_roles;
287  }
288  }
SYSTEM_ROLE_ID
const SYSTEM_ROLE_ID
Definition: constants.php:27
$DIC
global $DIC
Definition: goto.php:24
$GLOBALS
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
Definition: PEAR.php:64
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:104
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ blockRoles()

ilPermissionGUI::blockRoles (   $roles)
protected

Block role.

Returns
void

Definition at line 518 of file class.ilPermissionGUI.php.

References $DIC, and getCurrentObject().

Referenced by modifyBlockRoles().

519  {
520  global $DIC;
521 
522  $rbacadmin = $DIC['rbacadmin'];
523  $rbacreview = $DIC['rbacreview'];
524 
525  foreach ($roles as $role) {
526  // Set assign to 'y' only if it is a local role
527  $assign = $rbacreview->isAssignable($role, $this->getCurrentObject()->getRefId()) ? 'y' : 'n';
528 
529  // Delete permissions
530  $rbacadmin->revokeSubtreePermissions($this->getCurrentObject()->getRefId(), $role);
531 
532  // Delete template permissions
533  $rbacadmin->deleteSubtreeTemplates($this->getCurrentObject()->getRefId(), $role);
534 
535 
536  $rbacadmin->assignRoleToFolder(
537  $role,
538  $this->getCurrentObject()->getRefId(),
539  $assign
540  );
541 
542  // finally set blocked status
543  $rbacadmin->setBlockedStatus(
544  $role,
545  $this->getCurrentObject()->getRefId(),
546  true
547  );
548  }
549  }
$DIC
global $DIC
Definition: goto.php:24
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:104
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ confirmTemplateSwitch()

ilPermissionGUI::confirmTemplateSwitch ( )
protected

Called after toolbar action applyTemplateSwitch.

Definition at line 112 of file class.ilPermissionGUI.php.

113  {
114  include_once './Services/DidacticTemplate/classes/class.ilDidacticTemplateGUI.php';
115  $this->ctrl->setReturn($this, 'perm');
116  $this->ctrl->setCmdClass('ildidactictemplategui');
117  $dtpl_gui = new ilDidacticTemplateGUI($this->gui_obj);
118  $this->ctrl->forwardCommand($dtpl_gui, 'confirmTemplateSwitch');
119  }
ilDidacticTemplateGUI
GUI class for didactic template settings inside repository objects.
Definition: class.ilDidacticTemplateGUI.php:13

◆ displayAddRoleForm()

ilPermissionGUI::displayAddRoleForm ( )
protected

Show add role form.

Definition at line 734 of file class.ilPermissionGUI.php.

References $GLOBALS, and initRoleForm().

735  {
736  $GLOBALS['DIC']['ilTabs']->clearTargets();
737 
738  $form = $this->initRoleForm();
739  $this->tpl->setContent($form->getHTML());
740  }
ilPermissionGUI\initRoleForm
initRoleForm()
Shoew add role type $rbacreview type $objDefinition.
Definition: class.ilPermissionGUI.php:649
$GLOBALS
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
Definition: PEAR.php:64
+ Here is the call graph for this function:

◆ displayImportRoleForm()

ilPermissionGUI::displayImportRoleForm ( ilPropertyFormGUI  $form = null)
protected

Show import form.

Parameters
ilPropertyFormGUI$form

Definition at line 570 of file class.ilPermissionGUI.php.

References $GLOBALS, and initImportForm().

Referenced by doImportRole().

571  {
572  $GLOBALS['DIC']['ilTabs']->clearTargets();
573 
574  if (!$form) {
575  $form = $this->initImportForm();
576  }
577  $GLOBALS['DIC']['tpl']->setContent($form->getHTML());
578  }
$GLOBALS
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
Definition: PEAR.php:64
ilPermissionGUI\initImportForm
initImportForm()
init import form
Definition: class.ilPermissionGUI.php:627
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ doImportRole()

ilPermissionGUI::doImportRole ( )
protected

Perform import.

Definition at line 583 of file class.ilPermissionGUI.php.

References $DIC, Vendor\Package\$e, displayImportRoleForm(), getCurrentObject(), initImportForm(), and ilUtil\sendFailure().

584  {
585  global $DIC;
586 
587  $rbacreview = $DIC['rbacreview'];
588 
589  $form = $this->initImportForm();
590  if ($form->checkInput()) {
591  try {
592  include_once './Services/Export/classes/class.ilImport.php';
593 
594  // For global roles set import id to parent of current ref_id (adm)
595  $imp = new ilImport($this->getCurrentObject()->getRefId());
596  $imp->getMapping()->addMapping(
597  'Services/AccessControl',
598  'rolf',
599  0,
600  $this->getCurrentObject()->getRefId()
601  );
602 
603  $imp->importObject(
604  null,
605  $_FILES["importfile"]["tmp_name"],
606  $_FILES["importfile"]["name"],
607  'role'
608  );
609  ilUtil::sendSuccess($this->lng->txt('rbac_role_imported'), true);
610  $this->ctrl->redirect($this, 'perm');
611  return;
612  } catch (Exception $e) {
613  ilUtil::sendFailure($e->getMessage());
614  $form->setValuesByPost();
615  $this->displayImportRoleForm($form);
616  return;
617  }
618  }
619  $form->setValuesByPost();
620  ilUtil::sendFailure($this->lng->txt('err_check_input'));
621  $this->displayImportRoleForm($form);
622  }
ilImport
Import class.
Definition: class.ilImport.php:11
ilPermissionGUI\displayImportRoleForm
displayImportRoleForm(ilPropertyFormGUI $form=null)
Show import form.
Definition: class.ilPermissionGUI.php:570
$DIC
global $DIC
Definition: goto.php:24
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:104
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4534
ilPermissionGUI\initImportForm
initImportForm()
init import form
Definition: class.ilPermissionGUI.php:627
+ Here is the call graph for this function:

◆ executeCommand()

ilPermissionGUI::executeCommand ( )

Execute command.

Returns

Definition at line 47 of file class.ilPermissionGUI.php.

References $_GET, $DIC, $ret, and ilPermission2GUI\__initSubTabs().

48  {
49  global $DIC;
50 
51  $rbacsystem = $DIC['rbacsystem'];
52 
53  // access to all functions in this class are only allowed if edit_permission is granted
54  if (!$rbacsystem->checkAccess("edit_permission", $this->gui_obj->object->getRefId())) {
55  $this->tpl->setOnScreenMessage('failure', $this->lng->txt('permission_denied'), true);
56  $this->ctrl->redirect($this->gui_obj);
57  }
58 
59  $next_class = $this->ctrl->getNextClass($this);
60 
61  switch ($next_class) {
62  case "ilobjrolegui":
63  $this->ctrl->setReturn($this, 'perm');
64  include_once("Services/AccessControl/classes/class.ilObjRoleGUI.php");
65  $this->gui_obj = new ilObjRoleGUI("", (int) $_GET["obj_id"], false, false);
66  $ret = $this->ctrl->forwardCommand($this->gui_obj);
67  break;
68 
69  case 'ildidactictemplategui':
70  $this->ctrl->setReturn($this, 'perm');
71  include_once './Services/DidacticTemplate/classes/class.ilDidacticTemplateGUI.php';
72  $did = new ilDidacticTemplateGUI($this->gui_obj);
73  $this->ctrl->forwardCommand($did);
74  break;
75 
76  case 'ilrepositorysearchgui':
77  // used for owner autocomplete
78  include_once('./Services/Search/classes/class.ilRepositorySearchGUI.php');
79  $rep_search = new ilRepositorySearchGUI();
80  $this->ctrl->forwardCommand($rep_search);
81  break;
82 
83  case 'ilobjectpermissionstatusgui':
84  $this->__initSubTabs("perminfo");
85  include_once('./Services/AccessControl/classes/class.ilObjectPermissionStatusGUI.php');
86  $perm_stat = new ilObjectPermissionStatusGUI($this->gui_obj->object);
87  $this->ctrl->forwardCommand($perm_stat);
88  break;
89 
90  default:
91  $cmd = $this->ctrl->getCmd();
92  $this->$cmd();
93  break;
94  }
95 
96  return true;
97  }
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
ilDidacticTemplateGUI
GUI class for didactic template settings inside repository objects.
Definition: class.ilDidacticTemplateGUI.php:13
$DIC
global $DIC
Definition: goto.php:24
$ret
$ret
Definition: parser.php:6
ilObjectPermissionStatusGUI
This class displays the permission status of a user concerning a specific object. ...
Definition: class.ilObjectPermissionStatusGUI.php:16
ilObjRoleGUI
Class ilObjRoleGUI.
Definition: class.ilObjRoleGUI.php:31
+ Here is the call graph for this function:

◆ getCurrentObject()

ilPermissionGUI::getCurrentObject ( )

Get current object.

Returns
ilObject

Definition at line 104 of file class.ilPermissionGUI.php.

Referenced by addRole(), applyFilter(), applyRoleFilter(), blockRoles(), doImportRole(), getModifiedBlockedSettings(), initRoleForm(), isAdministrationObject(), isAdminRoleFolder(), isInAdministration(), perm(), permPositions(), resetFilter(), savePermissions(), savePositionsPermissions(), and unblockRoles().

105  {
106  return $this->gui_obj->object;
107  }
+ Here is the caller graph for this function:

◆ getModifiedBlockedSettings()

ilPermissionGUI::getModifiedBlockedSettings ( )
protected
Parameters
type$a_blocked_info

Definition at line 825 of file class.ilPermissionGUI.php.

References $_POST, $DIC, and getCurrentObject().

Referenced by savePermissions().

826  {
827  global $DIC;
828 
829  $rbacreview = $DIC['rbacreview'];
830 
831  $blocked_info['new_blocked'] = array();
832  $blocked_info['new_unblocked'] = array();
833  $blocked_info['num'] = 0;
834  foreach ((array) $_POST['visible_block'] as $role => $one) {
835  $blocked = $rbacreview->isBlockedAtPosition($role, $this->getCurrentObject()->getRefId());
836  if (isset($_POST['block'][$role]) && !$blocked) {
837  $blocked_info['new_blocked'][] = $role;
838  $blocked_info['num']++;
839  }
840  if (!isset($_POST['block'][$role]) && $blocked) {
841  $blocked_info['new_unblocked'][] = $role;
842  $blocked_info['num']++;
843  }
844  }
845  return $blocked_info;
846  }
$DIC
global $DIC
Definition: goto.php:24
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:104
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ hasContainerCommands()

static ilPermissionGUI::hasContainerCommands (   $a_type)
static

Check if container commands are possible for the current object type.

Parameters
object$a_type
Returns

Definition at line 557 of file class.ilPermissionGUI.php.

References $DIC.

Referenced by ilObjectRolePermissionTableGUI\parse(), and savePermissions().

558  {
559  global $DIC;
560 
561  $objDefinition = $DIC['objDefinition'];
562 
563  return $objDefinition->isContainer($a_type) and $a_type != 'root' and $a_type != 'adm' and $a_type != 'rolf';
564  }
$DIC
global $DIC
Definition: goto.php:24
+ Here is the caller graph for this function:

◆ initImportForm()

ilPermissionGUI::initImportForm ( )
protected

init import form

Definition at line 627 of file class.ilPermissionGUI.php.

References ilFileInputGUI\setSuffixes().

Referenced by displayImportRoleForm(), and doImportRole().

628  {
629  include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
630  $form = new ilPropertyFormGUI();
631  $form->setFormAction($this->ctrl->getFormAction($this));
632  $form->setTitle($this->lng->txt('rbac_import_role'));
633  $form->addCommandButton('doImportRole', $this->lng->txt('import'));
634  $form->addCommandButton('perm', $this->lng->txt('cancel'));
635 
636  $zip = new ilFileInputGUI($this->lng->txt('import_file'), 'importfile');
637  $zip->setSuffixes(array('zip'));
638  $form->addItem($zip);
639 
640  return $form;
641  }
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
ilFileInputGUI
This class represents a file property in a property form.
Definition: class.ilFileInputGUI.php:14
ilFileInputGUI\setSuffixes
setSuffixes($a_suffixes)
Set Accepted Suffixes.
Definition: class.ilFileInputGUI.php:132
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ initRoleForm()

ilPermissionGUI::initRoleForm ( )
protected

Shoew add role type $rbacreview type $objDefinition.

Returns
ilPropertyFormGUI

Definition at line 649 of file class.ilPermissionGUI.php.

References $DIC, ilObjRole\_getTranslation(), ilUtil\_sortIds(), getCurrentObject(), isInAdministration(), ilTextAreaInputGUI\setCols(), ilFormPropertyGUI\setInfo(), and SYSTEM_ROLE_ID.

Referenced by addRole(), and displayAddRoleForm().

650  {
651  global $DIC;
652 
653  $rbacreview = $DIC['rbacreview'];
654  $objDefinition = $DIC['objDefinition'];
655 
656  include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
657  $form = new ilPropertyFormGUI();
658  $form->setFormAction($this->ctrl->getFormAction($this));
659  $form->setTitle($this->lng->txt('role_new'));
660  $form->addCommandButton('addrole', $this->lng->txt('role_new'));
661  $form->addCommandButton('perm', $this->lng->txt('cancel'));
662 
663  $title = new ilTextInputGUI($this->lng->txt('title'), 'title');
664  $title->setValidationRegexp('/^(?!il_).*$/');
665  $title->setValidationFailureMessage($this->lng->txt('msg_role_reserved_prefix'));
666  $title->setSize(40);
667  $title->setMaxLength(70);
668  $title->setRequired(true);
669  $form->addItem($title);
670 
671  $desc = new ilTextAreaInputGUI($this->lng->txt('description'), 'desc');
672  $desc->setCols(40);
673  $desc->setRows(3);
674  $form->addItem($desc);
675 
676  $pro = new ilCheckboxInputGUI($this->lng->txt('role_protect_permissions'), 'pro');
677  $pro->setInfo($this->lng->txt('role_protect_permissions_desc'));
678  $pro->setValue(1);
679  $form->addItem($pro);
680 
681  $pd = new ilCheckboxInputGUI($this->lng->txt('rbac_add_recommended_content'), 'desktop');
682  $pd->setInfo(
683  str_replace(
684  "%1",
685  $this->getCurrentObject()->getTitle(),
686  $this->lng->txt('rbac_add_recommended_content_info')
687  )
688  );
689  $pd->setValue(1);
690  $form->addItem($pd);
691 
692 
693  if (!$this->isInAdministration()) {
694  $rights = new ilRadioGroupInputGUI($this->lng->txt("rbac_role_rights_copy"), 'rights');
695  $option = new ilRadioOption($this->lng->txt("rbac_role_rights_copy_empty"), 0);
696  $rights->addOption($option);
697 
698  $parent_role_ids = $rbacreview->getParentRoleIds($this->gui_obj->object->getRefId(), true);
699  $ids = array();
700  foreach ($parent_role_ids as $id => $tmp) {
701  $ids[] = $id;
702  }
703 
704  // Sort ids
705  $sorted_ids = ilUtil::_sortIds($ids, 'object_data', 'type DESC,title', 'obj_id');
706 
707  $key = 0;
708  foreach ($sorted_ids as $id) {
709  $par = $parent_role_ids[$id];
710  if ($par["obj_id"] != SYSTEM_ROLE_ID) {
711  include_once './Services/AccessControl/classes/class.ilObjRole.php';
712  $option = new ilRadioOption(($par["type"] == 'role' ? $this->lng->txt('obj_role') : $this->lng->txt('obj_rolt')) . ": " . ilObjRole::_getTranslation($par["title"]), $par["obj_id"]);
713  $option->setInfo($par["desc"]);
714  $rights->addOption($option);
715  }
716  $key++;
717  }
718  $form->addItem($rights);
719  }
720 
721  // Local policy only for containers
722  if ($objDefinition->isContainer($this->getCurrentObject()->getType())) {
723  $check = new ilCheckboxInputGui($this->lng->txt("rbac_role_rights_copy_change_existing"), 'existing');
724  $check->setInfo($this->lng->txt('rbac_change_existing_objects_desc_new_role'));
725  $form->addItem($check);
726  }
727 
728  return $form;
729  }
ilRadioOption
This class represents an option in a radio group.
Definition: class.ilRadioOption.php:31
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
SYSTEM_ROLE_ID
const SYSTEM_ROLE_ID
Definition: constants.php:27
ilPermissionGUI\isInAdministration
isInAdministration()
Check if node is subobject of administration folder.
Definition: class.ilPermissionGUI.php:184
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:33
ilFormPropertyGUI\setInfo
setInfo($a_info)
Set Information Text.
Definition: class.ilFormPropertyGUI.php:145
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:33
ilUtil\_sortIds
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,7),'usr_data','lastname','usr_id') => sorts by lastname.
Definition: class.ilUtil.php:4422
$DIC
global $DIC
Definition: goto.php:24
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:104
ilObjRole\_getTranslation
static _getTranslation($a_role_title)
Definition: class.ilObjRole.php:454
ilTextAreaInputGUI
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:34
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isAdministrationObject()

ilPermissionGUI::isAdministrationObject ( )
protected

Definition at line 175 of file class.ilPermissionGUI.php.

References getCurrentObject().

Referenced by perm().

176  {
177  return $this->getCurrentObject()->getType() == 'adm';
178  }
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:104
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isAdminRoleFolder()

ilPermissionGUI::isAdminRoleFolder ( )
protected

Check of current location is administration (main) role folder.

Returns

Definition at line 170 of file class.ilPermissionGUI.php.

References getCurrentObject(), and ROLE_FOLDER_ID.

Referenced by perm().

171  {
172  return $this->getCurrentObject()->getRefId() == ROLE_FOLDER_ID;
173  }
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:104
ROLE_FOLDER_ID
const ROLE_FOLDER_ID
Definition: constants.php:32
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isInAdministration()

ilPermissionGUI::isInAdministration ( )
protected

Check if node is subobject of administration folder.

Returns
type

Definition at line 184 of file class.ilPermissionGUI.php.

References $GLOBALS, getCurrentObject(), and SYSTEM_FOLDER_ID.

Referenced by initRoleForm().

185  {
186  return (bool) $GLOBALS['DIC']['tree']->isGrandChild(SYSTEM_FOLDER_ID, $this->getCurrentObject()->getRefId());
187  }
SYSTEM_FOLDER_ID
const SYSTEM_FOLDER_ID
Definition: constants.php:33
$GLOBALS
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
Definition: PEAR.php:64
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:104
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ modifyBlockRoles()

ilPermissionGUI::modifyBlockRoles ( )
protected

Definition at line 474 of file class.ilPermissionGUI.php.

References $_POST, blockRoles(), ilUtil\sendInfo(), and unblockRoles().

475  {
476  $this->blockRoles((array) $_POST['new_block']);
477  $this->unblockRoles((array) $_POST['new_unblock']);
478 
479  ilUtil::sendInfo($this->lng->txt('settings_saved'));
480  $this->ctrl->redirect($this, 'perm');
481  }
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4518
ilPermissionGUI\blockRoles
blockRoles($roles)
Block role.
Definition: class.ilPermissionGUI.php:518
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
+ Here is the call graph for this function:

◆ perm()

ilPermissionGUI::perm ( ilTable2GUI  $table = null)

show permission table

Returns

Definition at line 126 of file class.ilPermissionGUI.php.

References $DIC, ilPermission2GUI\__initSubTabs(), getCurrentObject(), isAdministrationObject(), and isAdminRoleFolder().

Referenced by applyFilter(), and resetFilter().

127  {
128  global $DIC;
129 
130  $objDefinition = $DIC['objDefinition'];
131  $ilToolbar = $DIC['ilToolbar'];
132 
133  include_once './Services/DidacticTemplate/classes/class.ilDidacticTemplateGUI.php';
134  $dtpl = new ilDidacticTemplateGUI($this->gui_obj);
135  if ($dtpl->appendToolbarSwitch(
136  $ilToolbar,
137  $this->getCurrentObject()->getType(),
138  $this->getCurrentObject()->getRefId()
139  )) {
140  $ilToolbar->addSeparator();
141  }
142 
143  if ($objDefinition->hasLocalRoles($this->getCurrentObject()->getType()) and
144  !$this->isAdministrationObject()
145  ) {
146  $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
147 
148  if (!$this->isAdminRoleFolder()) {
149  $ilToolbar->addButton($this->lng->txt('rbac_add_new_local_role'), $this->ctrl->getLinkTarget($this, 'displayAddRoleForm'));
150  }
151  $ilToolbar->addButton($this->lng->txt('rbac_import_role'), $this->ctrl->getLinkTarget($this, 'displayImportRoleForm'));
152  }
153 
154  $this->__initSubTabs("perm");
155 
156  if (!$table instanceof ilTable2GUI) {
157  include_once './Services/AccessControl/classes/class.ilObjectRolePermissionTableGUI.php';
158  $table = new ilObjectRolePermissionTableGUI($this, 'perm', $this->getCurrentObject()->getRefId());
159  }
160  $table->parse();
161  $this->tpl->setContent($table->getHTML());
162  }
ilPermissionGUI\isAdminRoleFolder
isAdminRoleFolder()
Check of current location is administration (main) role folder.
Definition: class.ilPermissionGUI.php:170
ilTable2GUI\getHTML
getHTML()
Get HTML.
Definition: class.ilTable2GUI.php:1618
ilDidacticTemplateGUI
GUI class for didactic template settings inside repository objects.
Definition: class.ilDidacticTemplateGUI.php:13
$DIC
global $DIC
Definition: goto.php:24
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:104
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ permPositions()

ilPermissionGUI::permPositions ( )
protected

Definition at line 853 of file class.ilPermissionGUI.php.

References ilPermission2GUI\__initSubTabs(), and getCurrentObject().

854  {
855  $perm = self::CMD_PERM_POSITIONS;
856  $this->__initSubTabs($perm);
857 
858  $ref_id = $this->getCurrentObject()->getRefId();
859  $table = new ilOrgUnitPermissionTableGUI($this, $perm, $ref_id);
860  $table->collectData();
861  $this->tpl->setContent($table->getHTML());
862  }
ilOrgUnitPermissionTableGUI
Class ilOrgUnitPermissionTableGUI.
Definition: class.ilOrgUnitPermissionTableGUI.php:8
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:104
+ Here is the call graph for this function:

◆ resetFilter()

ilPermissionGUI::resetFilter ( )
protected

Reset filter.

Returns

Definition at line 207 of file class.ilPermissionGUI.php.

References getCurrentObject(), and perm().

208  {
209  include_once './Services/AccessControl/classes/class.ilObjectRolePermissionTableGUI.php';
210  $table = new ilObjectRolePermissionTableGUI($this, 'perm', $this->getCurrentObject()->getRefId());
211  $table->resetOffset();
212  $table->resetFilter();
213 
214  return $this->perm($table);
215  }
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:104
ilPermissionGUI\perm
perm(ilTable2GUI $table=null)
show permission table
Definition: class.ilPermissionGUI.php:126
+ Here is the call graph for this function:

◆ savePermissions()

ilPermissionGUI::savePermissions ( )
protected

Save permissions.

Returns

Definition at line 294 of file class.ilPermissionGUI.php.

References $_POST, $DIC, $log, ilRbacLog\add(), applyRoleFilter(), ilRbacLog\diffFaPa(), ilRbacLog\EDIT_PERMISSIONS, ilRbacLog\gatherFaPa(), getCurrentObject(), ilObjectFactory\getInstanceByObjId(), ilLoggerFactory\getLogger(), getModifiedBlockedSettings(), hasContainerCommands(), ilRbacReview\lookupCreateOperationIds(), and showConfirmBlockRole().

295  {
296  global $DIC;
297 
298  $rbacreview = $DIC['rbacreview'];
299  $objDefinition = $DIC['objDefinition'];
300  $rbacadmin = $DIC['rbacadmin'];
301 
302  include_once './Services/AccessControl/classes/class.ilObjectRolePermissionTableGUI.php';
303  $table = new ilObjectRolePermissionTableGUI($this, 'perm', $this->getCurrentObject()->getRefId());
304 
305  $roles = $this->applyRoleFilter(
306  $rbacreview->getParentRoleIds($this->getCurrentObject()->getRefId()),
307  $table->getFilterItemByPostVar('role')->getValue()
308  );
309 
310  // Log history
311  include_once "Services/AccessControl/classes/class.ilRbacLog.php";
312  $log_old = ilRbacLog::gatherFaPa($this->getCurrentObject()->getRefId(), array_keys((array) $roles));
313 
314 
315  # all possible create permissions
316  $possible_ops_ids = $rbacreview->getOperationsByTypeAndClass(
317  $this->getCurrentObject()->getType(),
318  'create'
319  );
320 
321  # createable (activated) create permissions
322  $create_types = $objDefinition->getCreatableSubObjects(
323  $this->getCurrentObject()->getType()
324  );
325  $createable_ops_ids = ilRbacReview::lookupCreateOperationIds(array_keys((array) $create_types));
326 
327  foreach ((array) $roles as $role => $role_data) {
328  if ($role_data['protected']) {
329  continue;
330  }
331 
332  $new_ops = array_keys((array) $_POST['perm'][$role]);
333  $old_ops = $rbacreview->getRoleOperationsOnObject(
334  $role,
335  $this->getCurrentObject()->getRefId()
336  );
337 
338  // Add operations which were enabled and are not activated.
339  foreach ($possible_ops_ids as $create_ops_id) {
340  if (in_array($create_ops_id, $createable_ops_ids)) {
341  continue;
342  }
343  if (in_array($create_ops_id, $old_ops)) {
344  $new_ops[] = $create_ops_id;
345  }
346  }
347 
348  $rbacadmin->revokePermission(
349  $this->getCurrentObject()->getRefId(),
350  $role
351  );
352 
353  $rbacadmin->grantPermission(
354  $role,
355  array_unique($new_ops),
356  $this->getCurrentObject()->getRefId()
357  );
358  }
359 
360  if (ilPermissionGUI::hasContainerCommands($this->getCurrentObject()->getType())) {
361  foreach ($roles as $role) {
362  // No action for local roles
363  if ($role['parent'] == $this->getCurrentObject()->getRefId() and $role['assign'] == 'y') {
364  continue;
365  }
366  // Nothing for protected roles
367  if ($role['protected']) {
368  continue;
369  }
370  // Stop local policy
371  if (
372  $role['parent'] == $this->getCurrentObject()->getRefId() and
373  !isset($_POST['inherit'][$role['obj_id']]) and
374  !$rbacreview->isBlockedAtPosition($role['obj_id'], $this->getCurrentObject()->getRefId())
375  ) {
376  ilLoggerFactory::getLogger('ac')->debug('Stop local policy for: ' . $role['obj_id']);
377  $role_obj = ilObjectFactory::getInstanceByObjId($role['obj_id']);
378  $role_obj->setParent($this->getCurrentObject()->getRefId());
379  $role_obj->delete();
380  continue;
381  }
382  // Add local policy
383  if ($role['parent'] != $this->getCurrentObject()->getRefId() and isset($_POST['inherit'][$role['obj_id']])) {
384  ilLoggerFactory::getLogger('ac')->debug('Create local policy');
385  $rbacadmin->copyRoleTemplatePermissions(
386  $role['obj_id'],
387  $role['parent'],
388  $this->getCurrentObject()->getRefId(),
389  $role['obj_id']
390  );
391  ilLoggerFactory::getLogger('ac')->debug('Assign role to folder');
392  $rbacadmin->assignRoleToFolder($role['obj_id'], $this->getCurrentObject()->getRefId(), 'n');
393  }
394  }
395  }
396 
397  // Protect permissions
398  if (ilPermissionGUI::hasContainerCommands($this->getCurrentObject()->getType())) {
399  foreach ($roles as $role) {
400  if ($rbacreview->isAssignable($role['obj_id'], $this->getCurrentObject()->getRefId())) {
401  if (isset($_POST['protect'][$role['obj_id']]) and
402  !$rbacreview->isProtected($this->getCurrentObject()->getRefId(), $role['obj_id'])) {
403  $rbacadmin->setProtected($this->getCurrentObject()->getRefId(), $role['obj_id'], 'y');
404  } elseif (!isset($_POST['protect'][$role['obj_id']]) and
405  $rbacreview->isProtected($this->getCurrentObject()->getRefId(), $role['obj_id'])) {
406  $rbacadmin->setProtected($this->getCurrentObject()->getRefId(), $role['obj_id'], 'n');
407  }
408  }
409  }
410  }
411 
412  $log_new = ilRbacLog::gatherFaPa($this->getCurrentObject()->getRefId(), array_keys((array) $roles));
413  $log = ilRbacLog::diffFaPa($log_old, $log_new);
414  ilRbacLog::add(ilRbacLog::EDIT_PERMISSIONS, $this->getCurrentObject()->getRefId(), $log);
415 
416  $blocked_info = $this->getModifiedBlockedSettings();
417  ilLoggerFactory::getLogger('ac')->debug('Blocked settings: ' . print_r($blocked_info, true));
418  if ($blocked_info['num'] > 0) {
419  return $this->showConfirmBlockRole($blocked_info);
420  }
421 
422 
423  ilUtil::sendSuccess($this->lng->txt('settings_saved'), true);
424  $this->ctrl->redirect($this, 'perm');
425  #$this->perm();
426  }
ilPermissionGUI\applyRoleFilter
applyRoleFilter($a_roles, $a_filter_id)
Apply filter to roles.
Definition: class.ilPermissionGUI.php:222
ilPermissionGUI\hasContainerCommands
static hasContainerCommands($a_type)
Check if container commands are possible for the current object type.
Definition: class.ilPermissionGUI.php:557
ilRbacLog\gatherFaPa
static gatherFaPa($a_ref_id, array $a_role_ids, $a_add_action=false)
Definition: class.ilRbacLog.php:35
ilRbacLog\diffFaPa
static diffFaPa(array $a_old, array $a_new)
Definition: class.ilRbacLog.php:69
ilRbacReview\lookupCreateOperationIds
static lookupCreateOperationIds($a_type_arr)
Lookup operation ids.
Definition: class.ilRbacReview.php:1346
ilRbacLog\EDIT_PERMISSIONS
const EDIT_PERMISSIONS
Definition: class.ilRbacLog.php:16
ilPermissionGUI\showConfirmBlockRole
showConfirmBlockRole($a_blocked_info)
Show block role confirmation screen.
Definition: class.ilPermissionGUI.php:433
$log
$log
Definition: result.php:15
$DIC
global $DIC
Definition: goto.php:24
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:104
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:70
ilRbacLog\add
static add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id=false)
Definition: class.ilRbacLog.php:137
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:74
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
+ Here is the call graph for this function:

◆ savePositionsPermissions()

ilPermissionGUI::savePositionsPermissions ( )
protected

Definition at line 865 of file class.ilPermissionGUI.php.

References $_POST, ilPermission2GUI\__initSubTabs(), ilOrgUnitOperationQueries\findById(), ActiveRecord\getArray(), and getCurrentObject().

866  {
867  $this->__initSubTabs(self::CMD_PERM_POSITIONS);
868 
869  $positions = ilOrgUnitPosition::getArray(null, 'id');
870  $ref_id = $this->getCurrentObject()->getRefId();
871 
872  // handle local sets
873  foreach ($positions as $position_id) {
874  if (isset($_POST['local'][$position_id])) {
875  ilOrgUnitPermissionQueries::findOrCreateSetForRefId($ref_id, $position_id);
876  } else {
877  ilOrgUnitPermissionQueries::removeLocalSetForRefId($ref_id, $position_id);
878  }
879  }
880 
881  if ($_POST['position_perm']) {
882  foreach ($_POST['position_perm'] as $position_id => $ops) {
883  if (!isset($_POST['local'][$position_id])) {
884  continue;
885  }
886  $ilOrgUnitPermission = ilOrgUnitPermissionQueries::getSetForRefId($ref_id, $position_id);
887  $new_ops = [];
888  foreach ($ops as $op_id => $op) {
889  $new_ops[] = ilOrgUnitOperationQueries::findById($op_id);
890  }
891  $ilOrgUnitPermission->setOperations($new_ops);
892  $ilOrgUnitPermission->save();
893  }
894  }
895  ilUtil::sendSuccess($this->lng->txt('settings_saved'), true);
896  $this->ctrl->redirect($this, self::CMD_PERM_POSITIONS);
897  }
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:104
ActiveRecord\getArray
static getArray($key=null, $values=null)
Definition: class.ActiveRecord.php:908
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
+ Here is the call graph for this function:

◆ showConfirmBlockRole()

ilPermissionGUI::showConfirmBlockRole (   $a_blocked_info)
protected

Show block role confirmation screen.

Parameters
array$a_roles
Returns

Definition at line 433 of file class.ilPermissionGUI.php.

References ilObjRole\_getTranslation(), ilObject\_lookupTitle(), and ilUtil\sendInfo().

Referenced by savePermissions().

434  {
435  $info = '';
436  if ($a_blocked_info['new_blocked']) {
437  $info .= $this->lng->txt('role_confirm_block_role_info');
438  if ($a_blocked_info['new_unblocked']) {
439  $info .= '<br /><br />';
440  }
441  }
442  if ($a_blocked_info['new_unblocked']) {
443  $info .= ('<br />' . $this->lng->txt('role_confirm_unblock_role_info'));
444  }
445 
446  ilUtil::sendInfo($info);
447 
448  include_once './Services/Utilities/classes/class.ilConfirmationGUI.php';
449  $confirm = new ilConfirmationGUI();
450  $confirm->setFormAction($this->ctrl->getFormAction($this));
451  $confirm->setHeaderText($this->lng->txt('role_confirm_block_role_header'));
452  $confirm->setConfirm($this->lng->txt('role_confirm_block_role'), 'modifyBlockRoles');
453  $confirm->setCancel($this->lng->txt('cancel'), 'perm');
454 
455  foreach ($a_blocked_info['new_blocked'] as $role_id) {
456  include_once './Services/AccessControl/classes/class.ilObjRole.php';
457  $confirm->addItem(
458  'new_block[]',
459  $role_id,
460  ilObjRole::_getTranslation(ilObject::_lookupTitle($role_id)) . ' ' . $this->lng->txt('role_blocked')
461  );
462  }
463  foreach ($a_blocked_info['new_unblocked'] as $role_id) {
464  include_once './Services/AccessControl/classes/class.ilObjRole.php';
465  $confirm->addItem(
466  'new_unblock[]',
467  $role_id,
468  ilObjRole::_getTranslation(ilObject::_lookupTitle($role_id)) . ' ' . $this->lng->txt('role_unblocked')
469  );
470  }
471  $this->tpl->setContent($confirm->getHTML());
472  }
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:991
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4518
ilObjRole\_getTranslation
static _getTranslation($a_role_title)
Definition: class.ilObjRole.php:454
ilConfirmationGUI
Confirmation screen class.
Definition: class.ilConfirmationGUI.php:15
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ unblockRoles()

ilPermissionGUI::unblockRoles (   $roles)
protected

Definition at line 486 of file class.ilPermissionGUI.php.

References $DIC, getCurrentObject(), ilObjectFactory\getInstanceByObjId(), ilLoggerFactory\getLogger(), and ilObjRole\MODE_UNPROTECTED_KEEP_LOCAL_POLICIES.

Referenced by modifyBlockRoles().

487  {
488  global $DIC;
489 
490  $rbacadmin = $DIC['rbacadmin'];
491 
492  foreach ($roles as $role) {
493  // delete local policy
494  ilLoggerFactory::getLogger('ac')->debug('Stop local policy for: ' . $role);
495  $role_obj = ilObjectFactory::getInstanceByObjId($role);
496  $role_obj->setParent($this->getCurrentObject()->getRefId());
497  $role_obj->delete();
498 
499  $role_obj->changeExistingObjects(
500  $this->getCurrentObject()->getRefId(),
501  ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES,
502  array('all')
503  );
504 
505  // finally set blocked status
506  $rbacadmin->setBlockedStatus(
507  $role,
508  $this->getCurrentObject()->getRefId(),
509  false
510  );
511  }
512  }
$DIC
global $DIC
Definition: goto.php:24
ilPermissionGUI\getCurrentObject
getCurrentObject()
Get current object.
Definition: class.ilPermissionGUI.php:104
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:70
ilObjRole\MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:21
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:74
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

Field Documentation

◆ $current_obj

ilPermissionGUI::$current_obj = null
protected

Definition at line 24 of file class.ilPermissionGUI.php.

◆ $recommended_content_manager

ilPermissionGUI::$recommended_content_manager
protected

Definition at line 29 of file class.ilPermissionGUI.php.

◆ CMD_PERM_POSITIONS

const ilPermissionGUI::CMD_PERM_POSITIONS = 'permPositions'

Definition at line 21 of file class.ilPermissionGUI.php.

Referenced by ilPermission2GUI\__initSubTabs().

◆ CMD_SAVE_POSITIONS_PERMISSIONS

const ilPermissionGUI::CMD_SAVE_POSITIONS_PERMISSIONS = 'savePositionsPermissions'

Definition at line 22 of file class.ilPermissionGUI.php.

Referenced by ilOrgUnitPermissionTableGUI\__construct().

The documentation for this class was generated from the following file: