Public Member Functions |
Static Public Member Functions |
Data Fields |
Protected Member Functions |
Protected Attributes
ilPermissionGUI Class Reference
New PermissionGUI (extends from old ilPermission2GUI) RBAC related output. More...
Inheritance diagram for ilPermissionGUI:
Collaboration diagram for ilPermissionGUI:
Public Member Functions | |
| __construct ($a_gui_obj) | |
| Constructor. More... | |
| executeCommand () | |
| Execute command. More... | |
| getCurrentObject () | |
| Get current object. More... | |
| perm (ilTable2GUI $table=null) | |
| show permission table More... | |
| applyRoleFilter ($a_roles, $a_filter_id) | |
| Apply filter to roles. More... | |
| Public Member Functions inherited from ilPermission2GUI | |
| __construct ($a_gui_obj) | |
| owner () | |
| changeOwner () | |
| __initSubTabs ($a_cmd) | |
| log () | |
| applyLogFilter () | |
| resetLogFilter () | |
Static Public Member Functions | |
| static | hasContainerCommands ($a_type) |
| Check if container commands are possible for the current object type. More... | |
Data Fields | |
| const | CMD_PERM_POSITIONS = 'permPositions' |
| const | CMD_SAVE_POSITIONS_PERMISSIONS = 'savePositionsPermissions' |
| Data Fields inherited from ilPermission2GUI | |
| const | TAB_POSITION_PERMISSION_SETTINGS = "position_permission_settings" |
Protected Member Functions | |
| confirmTemplateSwitch () | |
| Called after toolbar action applyTemplateSwitch. More... | |
| isAdminRoleFolder () | |
| Check of current location is administration (main) role folder. More... | |
| isAdministrationObject () | |
| isInAdministration () | |
| Check if node is subobject of administration folder. More... | |
| applyFilter () | |
| Apply filter. More... | |
| resetFilter () | |
| Reset filter. More... | |
| savePermissions () | |
| Save permissions. More... | |
| showConfirmBlockRole ($a_blocked_info) | |
| Show block role confirmation screen. More... | |
| modifyBlockRoles () | |
| unblockRoles ($roles) | |
| blockRoles ($roles) | |
| Block role. More... | |
| displayImportRoleForm (ilPropertyFormGUI $form=null) | |
| Show import form. More... | |
| doImportRole () | |
| Perform import. More... | |
| initImportForm () | |
| init import form More... | |
| initRoleForm () | |
| Shoew add role @global type $rbacreview @global type $objDefinition. More... | |
| displayAddRoleForm () | |
| Show add role form. More... | |
| addRole () | |
| adds a local role This method is only called when choose the option 'you may add local roles'. More... | |
| getModifiedBlockedSettings () | |
| permPositions () | |
| savePositionsPermissions () | |
Protected Attributes | |
| $current_obj = null | |
| $recommended_content_manager | |
| Protected Attributes inherited from ilPermission2GUI | |
| $gui_obj = null | |
| $ilErr = null | |
| $ctrl = null | |
| $lng = null | |
| $tpl | |
Detailed Description
New PermissionGUI (extends from old ilPermission2GUI) RBAC related output.
- Version
- $Id$
@ilCtrl_Calls ilPermissionGUI: ilObjRoleGUI, ilRepositorySearchGUI, ilObjectPermissionStatusGUI
Definition at line 19 of file class.ilPermissionGUI.php.
Constructor & Destructor Documentation
◆ __construct()
| ilPermissionGUI::__construct | ( | $a_gui_obj | ) |
Constructor.
- Parameters
-
object $a_gui_obj
- Returns
Reimplemented from ilPermission2GUI.
Definition at line 36 of file class.ilPermissionGUI.php.
37 {
38 parent::__construct($a_gui_obj);
39
41 }
Recommended content manager (business logic)
Definition: class.ilRecommendedContentManager.php:12
References ILIAS\GlobalScreen\Provider\__construct().
Here is the call graph for this function:
Member Function Documentation
◆ addRole()
|
protected |
adds a local role This method is only called when choose the option 'you may add local roles'.
This option is displayed in the permission settings dialogue for an object TODO: this will be changed @access public
Definition at line 750 of file class.ilPermissionGUI.php.
751 {
752 global $DIC;
753
759
760 $form = $this->initRoleForm();
761 if ($form->checkInput()) {
762 $new_title = $form->getInput("title");
763
764 include_once './Services/AccessControl/classes/class.ilObjRole.php';
766 $role->setTitle($new_title);
767 $role->setDescription($form->getInput('desc'));
768 $role->create();
769
770 $GLOBALS['DIC']['rbacadmin']->assignRoleToFolder($role->getId(), $this->getCurrentObject()->getRefId());
771
772 // protect
773 $rbacadmin->setProtected(
774 $this->getCurrentObject()->getRefId(),
775 $role->getId(),
776 $form->getInput('pro') ? 'y' : 'n'
777 );
778
779 // copy rights
780 $right_id_to_copy = $form->getInput("rights");
781 if ($right_id_to_copy) {
783 $rbacadmin->copyRoleTemplatePermissions(
784 $right_id_to_copy,
785 $parentRoles[$right_id_to_copy]["parent"],
786 $this->getCurrentObject()->getRefId(),
787 $role->getId(),
788 false
789 );
790
791 if ($form->getInput('existing')) {
792 if ($form->getInput('pro')) {
793 $role->changeExistingObjects(
794 $this->getCurrentObject()->getRefId(),
796 array('all')
797 );
798 } else {
799 $role->changeExistingObjects(
800 $this->getCurrentObject()->getRefId(),
802 array('all')
803 );
804 }
805 }
806 }
807
808 // add to desktop items
809 if ($form->getInput("desktop")) {
810 $this->recommended_content_manager->addRoleRecommendation($role->getId(), $this->getCurrentObject()->getRefId());
811 }
812
813 ilUtil::sendSuccess($this->lng->txt("role_added"), true);
814 $this->ctrl->redirect($this, 'perm');
815 } else {
816 $form->setValuesByPost();
817 $this->tpl->setContent($form->getHTML());
818 }
819 }
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:21
const MODE_PROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:19
initRoleForm()
Shoew add role @global type $rbacreview @global type $objDefinition.
Definition: class.ilPermissionGUI.php:649
References $DIC, $GLOBALS, ilPermission2GUI\$ilErr, getCurrentObject(), initRoleForm(), ilObjRole\MODE_PROTECTED_KEEP_LOCAL_POLICIES, and ilObjRole\MODE_UNPROTECTED_KEEP_LOCAL_POLICIES.
Here is the call graph for this function:
◆ applyFilter()
|
protected |
Apply filter.
- Returns
Definition at line 194 of file class.ilPermissionGUI.php.
195 {
196 include_once './Services/AccessControl/classes/class.ilObjectRolePermissionTableGUI.php';
197 $table = new ilObjectRolePermissionTableGUI($this, 'perm', $this->getCurrentObject()->getRefId());
198 $table->resetOffset();
199 $table->writeFilterToSession();
201 }
Table for object role permissions.
Definition: class.ilObjectRolePermissionTableGUI.php:18
References getCurrentObject(), and perm().
Here is the call graph for this function:
◆ applyRoleFilter()
| ilPermissionGUI::applyRoleFilter | ( | $a_roles, | |
| $a_filter_id | |||
| ) |
Apply filter to roles.
- Parameters
-
int $a_filter_id
- Returns
Definition at line 222 of file class.ilPermissionGUI.php.
223 {
224 global $DIC;
225
227
228 // Always delete administrator role from view
230 unset($a_roles[SYSTEM_ROLE_ID]);
231 }
232
233 switch ($a_filter_id) {
234 // all roles in context
236
237 return $a_roles;
238
239 // only global roles
241
242 $arr_global_roles = $rbacreview->getGlobalRoles();
243 $arr_remove_roles = array_diff(array_keys($a_roles), $arr_global_roles);
244
245 foreach ($arr_remove_roles as $role_id) {
246 unset($a_roles[$role_id]);
247 }
248 return $a_roles;
249
250 // only local roles (all local roles in context that are not defined at ROLE_FOLDER_ID)
252 $arr_global_roles = $rbacreview->getGlobalRoles();
253
254 foreach ($arr_global_roles as $role_id) {
255 unset($a_roles[$role_id]);
256 }
257
258 return $a_roles;
259 break;
260
261 // only roles which use a local policy
263
264 $arr_local_roles = $GLOBALS['DIC']['rbacreview']->getRolesOfObject($this->getCurrentObject()->getRefId());
265 $arr_remove_roles = array_diff(array_keys($a_roles), $arr_local_roles);
266
267 foreach ($arr_remove_roles as $role_id) {
268 unset($a_roles[$role_id]);
269 }
270
271 return $a_roles;
272
273 // only true local role defined at current position
275
276 $arr_local_roles = $GLOBALS['DIC']['rbacreview']->getRolesOfObject($this->getCurrentObject()->getRefId(), true);
277 $arr_remove_roles = array_diff(array_keys($a_roles), $arr_local_roles);
278
279 foreach ($arr_remove_roles as $role_id) {
280 unset($a_roles[$role_id]);
281 }
282
283 return $a_roles;
284
285 default:
286 return $a_roles;
287 }
288 }
const ROLE_FILTER_LOCAL_OBJECT
Definition: class.ilObjectRolePermissionTableGUI.php:23
const ROLE_FILTER_LOCAL
Definition: class.ilObjectRolePermissionTableGUI.php:21
const ROLE_FILTER_GLOBAL
Definition: class.ilObjectRolePermissionTableGUI.php:20
const ROLE_FILTER_ALL
Definition: class.ilObjectRolePermissionTableGUI.php:19
const ROLE_FILTER_LOCAL_POLICY
Definition: class.ilObjectRolePermissionTableGUI.php:22
References $DIC, $GLOBALS, getCurrentObject(), ilObjectRolePermissionTableGUI\ROLE_FILTER_ALL, ilObjectRolePermissionTableGUI\ROLE_FILTER_GLOBAL, ilObjectRolePermissionTableGUI\ROLE_FILTER_LOCAL, ilObjectRolePermissionTableGUI\ROLE_FILTER_LOCAL_OBJECT, ilObjectRolePermissionTableGUI\ROLE_FILTER_LOCAL_POLICY, and SYSTEM_ROLE_ID.
Referenced by savePermissions().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ blockRoles()
|
protected |
Block role.
- Returns
- void
Definition at line 518 of file class.ilPermissionGUI.php.
519 {
520 global $DIC;
521
524
525 foreach ($roles as $role) {
526 // Set assign to 'y' only if it is a local role
528
529 // Delete permissions
530 $rbacadmin->revokeSubtreePermissions($this->getCurrentObject()->getRefId(), $role);
531
532 // Delete template permissions
533 $rbacadmin->deleteSubtreeTemplates($this->getCurrentObject()->getRefId(), $role);
534
535
536 $rbacadmin->assignRoleToFolder(
537 $role,
538 $this->getCurrentObject()->getRefId(),
539 $assign
540 );
541
542 // finally set blocked status
543 $rbacadmin->setBlockedStatus(
544 $role,
545 $this->getCurrentObject()->getRefId(),
546 true
547 );
548 }
549 }
References $DIC, and getCurrentObject().
Referenced by modifyBlockRoles().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ confirmTemplateSwitch()
|
protected |
Called after toolbar action applyTemplateSwitch.
Definition at line 112 of file class.ilPermissionGUI.php.
113 {
114 include_once './Services/DidacticTemplate/classes/class.ilDidacticTemplateGUI.php';
115 $this->ctrl->setReturn($this, 'perm');
116 $this->ctrl->setCmdClass('ildidactictemplategui');
118 $this->ctrl->forwardCommand($dtpl_gui, 'confirmTemplateSwitch');
119 }
GUI class for didactic template settings inside repository objects.
Definition: class.ilDidacticTemplateGUI.php:14
◆ displayAddRoleForm()
|
protected |
Show add role form.
Definition at line 734 of file class.ilPermissionGUI.php.
References $GLOBALS, and initRoleForm().
Here is the call graph for this function:
◆ displayImportRoleForm()
|
protected |
Show import form.
- Parameters
-
ilPropertyFormGUI $form
Definition at line 570 of file class.ilPermissionGUI.php.
571 {
573
574 if (!$form) {
575 $form = $this->initImportForm();
576 }
578 }
References $GLOBALS, and initImportForm().
Referenced by doImportRole().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ doImportRole()
|
protected |
Perform import.
Definition at line 583 of file class.ilPermissionGUI.php.
584 {
585 global $DIC;
586
588
589 $form = $this->initImportForm();
590 if ($form->checkInput()) {
591 try {
592 include_once './Services/Export/classes/class.ilImport.php';
593
594 // For global roles set import id to parent of current ref_id (adm)
596 $imp->getMapping()->addMapping(
597 'Services/AccessControl',
598 'rolf',
599 0,
600 $this->getCurrentObject()->getRefId()
601 );
602
603 $imp->importObject(
604 null,
605 $_FILES["importfile"]["tmp_name"],
606 $_FILES["importfile"]["name"],
607 'role'
608 );
609 ilUtil::sendSuccess($this->lng->txt('rbac_role_imported'), true);
610 $this->ctrl->redirect($this, 'perm');
611 return;
614 $form->setValuesByPost();
615 $this->displayImportRoleForm($form);
616 return;
617 }
618 }
619 $form->setValuesByPost();
621 $this->displayImportRoleForm($form);
622 }
displayImportRoleForm(ilPropertyFormGUI $form=null)
Show import form.
Definition: class.ilPermissionGUI.php:570
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4534
References $DIC, Vendor\Package\$e, displayImportRoleForm(), getCurrentObject(), initImportForm(), and ilUtil\sendFailure().
Here is the call graph for this function:
◆ executeCommand()
| ilPermissionGUI::executeCommand | ( | ) |
Execute command.
- Returns
Definition at line 47 of file class.ilPermissionGUI.php.
48 {
49 global $DIC;
50
52
53 // access to all functions in this class are only allowed if edit_permission is granted
54 if (!$rbacsystem->checkAccess("edit_permission", $this->gui_obj->object->getRefId())) {
55 $this->tpl->setOnScreenMessage('failure', $this->lng->txt('permission_denied'), true);
56 $this->ctrl->redirect($this->gui_obj);
57 }
58
59 $next_class = $this->ctrl->getNextClass($this);
60
61 switch ($next_class) {
62 case "ilobjrolegui":
63 $this->ctrl->setReturn($this, 'perm');
64 include_once("Services/AccessControl/classes/class.ilObjRoleGUI.php");
66 $ret = $this->ctrl->forwardCommand($this->gui_obj);
67 break;
68
69 case 'ildidactictemplategui':
70 $this->ctrl->setReturn($this, 'perm');
71 include_once './Services/DidacticTemplate/classes/class.ilDidacticTemplateGUI.php';
73 $this->ctrl->forwardCommand($did);
74 break;
75
76 case 'ilrepositorysearchgui':
77 // used for owner autocomplete
78 include_once('./Services/Search/classes/class.ilRepositorySearchGUI.php');
80 $this->ctrl->forwardCommand($rep_search);
81 break;
82
83 case 'ilobjectpermissionstatusgui':
85 include_once('./Services/AccessControl/classes/class.ilObjectPermissionStatusGUI.php');
87 $this->ctrl->forwardCommand($perm_stat);
88 break;
89
90 default:
91 $cmd = $this->ctrl->getCmd();
92 $this->$cmd();
93 break;
94 }
95
96 return true;
97 }
This class displays the permission status of a user concerning a specific object.
Definition: class.ilObjectPermissionStatusGUI.php:17
References $_GET, $DIC, $ret, and ilPermission2GUI\__initSubTabs().
Here is the call graph for this function:
◆ getCurrentObject()
| ilPermissionGUI::getCurrentObject | ( | ) |
Get current object.
- Returns
- ilObject
Definition at line 104 of file class.ilPermissionGUI.php.
105 {
106 return $this->gui_obj->object;
107 }
Referenced by addRole(), applyFilter(), applyRoleFilter(), blockRoles(), doImportRole(), getModifiedBlockedSettings(), initRoleForm(), isAdministrationObject(), isAdminRoleFolder(), isInAdministration(), perm(), permPositions(), resetFilter(), savePermissions(), savePositionsPermissions(), and unblockRoles().
Here is the caller graph for this function:
◆ getModifiedBlockedSettings()
|
protected |
- Parameters
-
type $a_blocked_info
Definition at line 825 of file class.ilPermissionGUI.php.
826 {
827 global $DIC;
828
830
831 $blocked_info['new_blocked'] = array();
832 $blocked_info['new_unblocked'] = array();
833 $blocked_info['num'] = 0;
835 $blocked = $rbacreview->isBlockedAtPosition($role, $this->getCurrentObject()->getRefId());
837 $blocked_info['new_blocked'][] = $role;
838 $blocked_info['num']++;
839 }
841 $blocked_info['new_unblocked'][] = $role;
842 $blocked_info['num']++;
843 }
844 }
845 return $blocked_info;
846 }
References $_POST, $DIC, and getCurrentObject().
Referenced by savePermissions().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ hasContainerCommands()
|
static |
Check if container commands are possible for the current object type.
- Parameters
-
object $a_type
- Returns
Definition at line 557 of file class.ilPermissionGUI.php.
558 {
559 global $DIC;
560
562
563 return $objDefinition->isContainer($a_type) and $a_type != 'root' and $a_type != 'adm' and $a_type != 'rolf';
564 }
References $DIC.
Referenced by ilObjectRolePermissionTableGUI\parse(), and savePermissions().
Here is the caller graph for this function:
◆ initImportForm()
|
protected |
init import form
Definition at line 627 of file class.ilPermissionGUI.php.
628 {
629 include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
631 $form->setFormAction($this->ctrl->getFormAction($this));
632 $form->setTitle($this->lng->txt('rbac_import_role'));
633 $form->addCommandButton('doImportRole', $this->lng->txt('import'));
634 $form->addCommandButton('perm', $this->lng->txt('cancel'));
635
637 $zip->setSuffixes(array('zip'));
638 $form->addItem($zip);
639
640 return $form;
641 }
This class represents a file property in a property form.
Definition: class.ilFileInputGUI.php:15
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:48
Referenced by displayImportRoleForm(), and doImportRole().
Here is the caller graph for this function:
◆ initRoleForm()
|
protected |
Shoew add role @global type $rbacreview @global type $objDefinition.
- Returns
- ilPropertyFormGUI
Definition at line 649 of file class.ilPermissionGUI.php.
650 {
651 global $DIC;
652
655
656 include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
658 $form->setFormAction($this->ctrl->getFormAction($this));
659 $form->setTitle($this->lng->txt('role_new'));
660 $form->addCommandButton('addrole', $this->lng->txt('role_new'));
661 $form->addCommandButton('perm', $this->lng->txt('cancel'));
662
664 $title->setValidationRegexp('/^(?!il_).*$/');
665 $title->setValidationFailureMessage($this->lng->txt('msg_role_reserved_prefix'));
666 $title->setSize(40);
667 $title->setMaxLength(70);
668 $title->setRequired(true);
669 $form->addItem($title);
670
672 $desc->setCols(40);
673 $desc->setRows(3);
674 $form->addItem($desc);
675
677 $pro->setInfo($this->lng->txt('role_protect_permissions_desc'));
678 $pro->setValue(1);
679 $form->addItem($pro);
680
682 $pd->setInfo(
683 str_replace(
684 "%1",
685 $this->getCurrentObject()->getTitle(),
686 $this->lng->txt('rbac_add_recommended_content_info')
687 )
688 );
689 $pd->setValue(1);
690 $form->addItem($pd);
691
692
696 $rights->addOption($option);
697
698 $parent_role_ids = $rbacreview->getParentRoleIds($this->gui_obj->object->getRefId(), true);
699 $ids = array();
700 foreach ($parent_role_ids as $id => $tmp) {
701 $ids[] = $id;
702 }
703
704 // Sort ids
706
707 $key = 0;
708 foreach ($sorted_ids as $id) {
709 $par = $parent_role_ids[$id];
711 include_once './Services/AccessControl/classes/class.ilObjRole.php';
712 $option = new ilRadioOption(($par["type"] == 'role' ? $this->lng->txt('obj_role') : $this->lng->txt('obj_rolt')) . ": " . ilObjRole::_getTranslation($par["title"]), $par["obj_id"]);
713 $option->setInfo($par["desc"]);
714 $rights->addOption($option);
715 }
716 $key++;
717 }
718 $form->addItem($rights);
719 }
720
721 // Local policy only for containers
722 if ($objDefinition->isContainer($this->getCurrentObject()->getType())) {
723 $check = new ilCheckboxInputGui($this->lng->txt("rbac_role_rights_copy_change_existing"), 'existing');
724 $check->setInfo($this->lng->txt('rbac_change_existing_objects_desc_new_role'));
725 $form->addItem($check);
726 }
727
728 return $form;
729 }
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:34
isInAdministration()
Check if node is subobject of administration folder.
Definition: class.ilPermissionGUI.php:184
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:34
This class represents an option in a radio group.
Definition: class.ilRadioOption.php:32
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:35
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:17
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,...
Definition: class.ilUtil.php:4422
References $DIC, ilObjRole\_getTranslation(), ilUtil\_sortIds(), getCurrentObject(), isInAdministration(), and SYSTEM_ROLE_ID.
Referenced by addRole(), and displayAddRoleForm().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ isAdministrationObject()
|
protected |
Definition at line 175 of file class.ilPermissionGUI.php.
References getCurrentObject().
Here is the call graph for this function:
◆ isAdminRoleFolder()
|
protected |
Check of current location is administration (main) role folder.
- Returns
Definition at line 170 of file class.ilPermissionGUI.php.
171 {
173 }
References getCurrentObject(), and ROLE_FOLDER_ID.
Referenced by perm().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ isInAdministration()
|
protected |
Check if node is subobject of administration folder.
- Returns
- type
Definition at line 184 of file class.ilPermissionGUI.php.
185 {
186 return (bool) $GLOBALS['DIC']['tree']->isGrandChild(SYSTEM_FOLDER_ID, $this->getCurrentObject()->getRefId());
187 }
References $GLOBALS, getCurrentObject(), and SYSTEM_FOLDER_ID.
Referenced by initRoleForm().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ modifyBlockRoles()
|
protected |
Definition at line 474 of file class.ilPermissionGUI.php.
475 {
478
480 $this->ctrl->redirect($this, 'perm');
481 }
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4518
References $_POST, blockRoles(), ilUtil\sendInfo(), and unblockRoles().
Here is the call graph for this function:
◆ perm()
| ilPermissionGUI::perm | ( | ilTable2GUI | $table = null | ) |
show permission table
- Returns
Definition at line 126 of file class.ilPermissionGUI.php.
127 {
128 global $DIC;
129
132
133 include_once './Services/DidacticTemplate/classes/class.ilDidacticTemplateGUI.php';
135 if ($dtpl->appendToolbarSwitch(
136 $ilToolbar,
137 $this->getCurrentObject()->getType(),
138 $this->getCurrentObject()->getRefId()
139 )) {
140 $ilToolbar->addSeparator();
141 }
142
143 if ($objDefinition->hasLocalRoles($this->getCurrentObject()->getType()) and
144 !$this->isAdministrationObject()
145 ) {
146 $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
147
149 $ilToolbar->addButton($this->lng->txt('rbac_add_new_local_role'), $this->ctrl->getLinkTarget($this, 'displayAddRoleForm'));
150 }
151 $ilToolbar->addButton($this->lng->txt('rbac_import_role'), $this->ctrl->getLinkTarget($this, 'displayImportRoleForm'));
152 }
153
155
157 include_once './Services/AccessControl/classes/class.ilObjectRolePermissionTableGUI.php';
158 $table = new ilObjectRolePermissionTableGUI($this, 'perm', $this->getCurrentObject()->getRefId());
159 }
160 $table->parse();
161 $this->tpl->setContent($table->getHTML());
162 }
isAdminRoleFolder()
Check of current location is administration (main) role folder.
Definition: class.ilPermissionGUI.php:170
References $DIC, ilPermission2GUI\__initSubTabs(), getCurrentObject(), and isAdminRoleFolder().
Referenced by applyFilter(), and resetFilter().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ permPositions()
|
protected |
Definition at line 853 of file class.ilPermissionGUI.php.
854 {
855 $perm = self::CMD_PERM_POSITIONS;
856 $this->__initSubTabs($perm);
857
858 $ref_id = $this->getCurrentObject()->getRefId();
860 $table->collectData();
861 $this->tpl->setContent($table->getHTML());
862 }
Class ilOrgUnitPermissionTableGUI.
Definition: class.ilOrgUnitPermissionTableGUI.php:9
References ilPermission2GUI\__initSubTabs(), CMD_PERM_POSITIONS, and getCurrentObject().
Here is the call graph for this function:
◆ resetFilter()
|
protected |
Reset filter.
- Returns
Definition at line 207 of file class.ilPermissionGUI.php.
208 {
209 include_once './Services/AccessControl/classes/class.ilObjectRolePermissionTableGUI.php';
210 $table = new ilObjectRolePermissionTableGUI($this, 'perm', $this->getCurrentObject()->getRefId());
211 $table->resetOffset();
212 $table->resetFilter();
213
215 }
References getCurrentObject(), and perm().
Here is the call graph for this function:
◆ savePermissions()
|
protected |
Save permissions.
- Returns
Definition at line 294 of file class.ilPermissionGUI.php.
295 {
296 global $DIC;
297
301
302 include_once './Services/AccessControl/classes/class.ilObjectRolePermissionTableGUI.php';
303 $table = new ilObjectRolePermissionTableGUI($this, 'perm', $this->getCurrentObject()->getRefId());
304
305 $roles = $this->applyRoleFilter(
306 $rbacreview->getParentRoleIds($this->getCurrentObject()->getRefId()),
307 $table->getFilterItemByPostVar('role')->getValue()
308 );
309
310 // Log history
311 include_once "Services/AccessControl/classes/class.ilRbacLog.php";
312 $log_old = ilRbacLog::gatherFaPa($this->getCurrentObject()->getRefId(), array_keys((array) $roles));
313
314
315 # all possible create permissions
316 $possible_ops_ids = $rbacreview->getOperationsByTypeAndClass(
317 $this->getCurrentObject()->getType(),
318 'create'
319 );
320
321 # createable (activated) create permissions
322 $create_types = $objDefinition->getCreatableSubObjects(
323 $this->getCurrentObject()->getType()
324 );
325 $createable_ops_ids = ilRbacReview::lookupCreateOperationIds(array_keys((array) $create_types));
326
327 foreach ((array) $roles as $role => $role_data) {
328 if ($role_data['protected']) {
329 continue;
330 }
331
333 $old_ops = $rbacreview->getRoleOperationsOnObject(
334 $role,
335 $this->getCurrentObject()->getRefId()
336 );
337
338 // Add operations which were enabled and are not activated.
339 foreach ($possible_ops_ids as $create_ops_id) {
340 if (in_array($create_ops_id, $createable_ops_ids)) {
341 continue;
342 }
343 if (in_array($create_ops_id, $old_ops)) {
344 $new_ops[] = $create_ops_id;
345 }
346 }
347
348 $rbacadmin->revokePermission(
349 $this->getCurrentObject()->getRefId(),
350 $role
351 );
352
353 $rbacadmin->grantPermission(
354 $role,
355 array_unique($new_ops),
356 $this->getCurrentObject()->getRefId()
357 );
358 }
359
361 foreach ($roles as $role) {
362 // No action for local roles
364 continue;
365 }
366 // Nothing for protected roles
367 if ($role['protected']) {
368 continue;
369 }
370 // Stop local policy
371 if (
374 !$rbacreview->isBlockedAtPosition($role['obj_id'], $this->getCurrentObject()->getRefId())
375 ) {
378 $role_obj->setParent($this->getCurrentObject()->getRefId());
379 $role_obj->delete();
380 continue;
381 }
382 // Add local policy
383 if ($role['parent'] != $this->getCurrentObject()->getRefId() and isset($_POST['inherit'][$role['obj_id']])) {
385 $rbacadmin->copyRoleTemplatePermissions(
386 $role['obj_id'],
387 $role['parent'],
388 $this->getCurrentObject()->getRefId(),
389 $role['obj_id']
390 );
393 }
394 }
395 }
396
397 // Protect permissions
399 foreach ($roles as $role) {
400 if ($rbacreview->isAssignable($role['obj_id'], $this->getCurrentObject()->getRefId())) {
402 !$rbacreview->isProtected($this->getCurrentObject()->getRefId(), $role['obj_id'])) {
405 $rbacreview->isProtected($this->getCurrentObject()->getRefId(), $role['obj_id'])) {
407 }
408 }
409 }
410 }
411
412 $log_new = ilRbacLog::gatherFaPa($this->getCurrentObject()->getRefId(), array_keys((array) $roles));
415
416 $blocked_info = $this->getModifiedBlockedSettings();
418 if ($blocked_info['num'] > 0) {
420 }
421
422
423 ilUtil::sendSuccess($this->lng->txt('settings_saved'), true);
424 $this->ctrl->redirect($this, 'perm');
425 #$this->perm();
426 }
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:70
getModifiedBlockedSettings()
Definition: class.ilPermissionGUI.php:825
static hasContainerCommands($a_type)
Check if container commands are possible for the current object type.
Definition: class.ilPermissionGUI.php:557
applyRoleFilter($a_roles, $a_filter_id)
Apply filter to roles.
Definition: class.ilPermissionGUI.php:222
showConfirmBlockRole($a_blocked_info)
Show block role confirmation screen.
Definition: class.ilPermissionGUI.php:433
static add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id=false)
Definition: class.ilRbacLog.php:137
static gatherFaPa($a_ref_id, array $a_role_ids, $a_add_action=false)
Definition: class.ilRbacLog.php:35
static lookupCreateOperationIds($a_type_arr)
Lookup operation ids.
Definition: class.ilRbacReview.php:1346
References $_POST, $DIC, $log, ilRbacLog\add(), applyRoleFilter(), ilRbacLog\diffFaPa(), ilRbacLog\EDIT_PERMISSIONS, ilRbacLog\gatherFaPa(), getCurrentObject(), ilObjectFactory\getInstanceByObjId(), ilLoggerFactory\getLogger(), getModifiedBlockedSettings(), hasContainerCommands(), ilRbacReview\lookupCreateOperationIds(), and showConfirmBlockRole().
Here is the call graph for this function:
◆ savePositionsPermissions()
|
protected |
Definition at line 865 of file class.ilPermissionGUI.php.
866 {
867 $this->__initSubTabs(self::CMD_PERM_POSITIONS);
868
870 $ref_id = $this->getCurrentObject()->getRefId();
871
872 // handle local sets
873 foreach ($positions as $position_id) {
875 ilOrgUnitPermissionQueries::findOrCreateSetForRefId($ref_id, $position_id);
876 } else {
877 ilOrgUnitPermissionQueries::removeLocalSetForRefId($ref_id, $position_id);
878 }
879 }
880
884 continue;
885 }
886 $ilOrgUnitPermission = ilOrgUnitPermissionQueries::getSetForRefId($ref_id, $position_id);
887 $new_ops = [];
888 foreach ($ops as $op_id => $op) {
889 $new_ops[] = ilOrgUnitOperationQueries::findById($op_id);
890 }
891 $ilOrgUnitPermission->setOperations($new_ops);
892 $ilOrgUnitPermission->save();
893 }
894 }
895 ilUtil::sendSuccess($this->lng->txt('settings_saved'), true);
896 $this->ctrl->redirect($this, self::CMD_PERM_POSITIONS);
897 }
static findById($operation_id)
Definition: class.ilOrgUnitOperationQueries.php:104
References $_POST, ilPermission2GUI\__initSubTabs(), ilOrgUnitOperationQueries\findById(), ActiveRecord\getArray(), and getCurrentObject().
Here is the call graph for this function:
◆ showConfirmBlockRole()
|
protected |
Show block role confirmation screen.
- Parameters
-
array $a_roles
- Returns
Definition at line 433 of file class.ilPermissionGUI.php.
434 {
435 $info = '';
436 if ($a_blocked_info['new_blocked']) {
437 $info .= $this->lng->txt('role_confirm_block_role_info');
438 if ($a_blocked_info['new_unblocked']) {
439 $info .= '<br /><br />';
440 }
441 }
442 if ($a_blocked_info['new_unblocked']) {
443 $info .= ('<br />' . $this->lng->txt('role_confirm_unblock_role_info'));
444 }
445
446 ilUtil::sendInfo($info);
447
448 include_once './Services/Utilities/classes/class.ilConfirmationGUI.php';
450 $confirm->setFormAction($this->ctrl->getFormAction($this));
451 $confirm->setHeaderText($this->lng->txt('role_confirm_block_role_header'));
452 $confirm->setConfirm($this->lng->txt('role_confirm_block_role'), 'modifyBlockRoles');
453 $confirm->setCancel($this->lng->txt('cancel'), 'perm');
454
455 foreach ($a_blocked_info['new_blocked'] as $role_id) {
456 include_once './Services/AccessControl/classes/class.ilObjRole.php';
457 $confirm->addItem(
458 'new_block[]',
459 $role_id,
460 ilObjRole::_getTranslation(ilObject::_lookupTitle($role_id)) . ' ' . $this->lng->txt('role_blocked')
461 );
462 }
463 foreach ($a_blocked_info['new_unblocked'] as $role_id) {
464 include_once './Services/AccessControl/classes/class.ilObjRole.php';
465 $confirm->addItem(
466 'new_unblock[]',
467 $role_id,
468 ilObjRole::_getTranslation(ilObject::_lookupTitle($role_id)) . ' ' . $this->lng->txt('role_unblocked')
469 );
470 }
471 $this->tpl->setContent($confirm->getHTML());
472 }
References ilObjRole\_getTranslation(), ilObject\_lookupTitle(), and ilUtil\sendInfo().
Referenced by savePermissions().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ unblockRoles()
|
protected |
Definition at line 486 of file class.ilPermissionGUI.php.
487 {
488 global $DIC;
489
491
492 foreach ($roles as $role) {
493 // delete local policy
495 $role_obj = ilObjectFactory::getInstanceByObjId($role);
496 $role_obj->setParent($this->getCurrentObject()->getRefId());
497 $role_obj->delete();
498
499 $role_obj->changeExistingObjects(
500 $this->getCurrentObject()->getRefId(),
502 array('all')
503 );
504
505 // finally set blocked status
506 $rbacadmin->setBlockedStatus(
507 $role,
508 $this->getCurrentObject()->getRefId(),
509 false
510 );
511 }
512 }
References $DIC, getCurrentObject(), ilObjectFactory\getInstanceByObjId(), ilLoggerFactory\getLogger(), and ilObjRole\MODE_UNPROTECTED_KEEP_LOCAL_POLICIES.
Referenced by modifyBlockRoles().
Here is the call graph for this function:
Here is the caller graph for this function:
Field Documentation
◆ $current_obj
|
protected |
Definition at line 24 of file class.ilPermissionGUI.php.
◆ $recommended_content_manager
|
protected |
Definition at line 29 of file class.ilPermissionGUI.php.
◆ CMD_PERM_POSITIONS
| const ilPermissionGUI::CMD_PERM_POSITIONS = 'permPositions' |
Definition at line 21 of file class.ilPermissionGUI.php.
Referenced by ilPermission2GUI\__initSubTabs(), and permPositions().
◆ CMD_SAVE_POSITIONS_PERMISSIONS
| const ilPermissionGUI::CMD_SAVE_POSITIONS_PERMISSIONS = 'savePositionsPermissions' |
Definition at line 22 of file class.ilPermissionGUI.php.
Referenced by ilOrgUnitPermissionTableGUI\__construct().
The documentation for this class was generated from the following file:
- Services/AccessControl/classes/class.ilPermissionGUI.php
