4include_once(
'./Services/Table/classes/class.ilTable2GUI.php');
 
    5include_once 
'./Services/AccessControl/classes/class.ilPermissionGUI.php';
 
    6require_once(
'./Services/Repository/classes/class.ilObjectPlugin.php');
 
   37    public function __construct($a_parent_obj, $a_parent_cmd, $a_ref_id)
 
   41        $ilCtrl = 
$DIC[
'ilCtrl'];
 
   42        $rbacreview = 
$DIC[
'rbacreview'];
 
   48        $this->lng->loadLanguageModule(
'rbac');
 
   50        $this->ref_id = $a_ref_id;
 
   51        $this->tree_path_ids = $tree->getPathId($this->ref_id);
 
   53        $this->
setId(
'objroleperm_' . $this->ref_id);
 
   55        $tpl->addJavaScript(
'./Services/AccessControl/js/ilPermSelect.js');
 
   57        $this->
setTitle($this->lng->txt(
'permission_settings'));
 
   60        $this->
setFormAction($ilCtrl->getFormAction($a_parent_obj, $a_parent_cmd));
 
   62        $this->
setRowTemplate(
"tpl.obj_role_perm_row.html", 
"Services/AccessControl");
 
  117        $this->activeOperations[] = $a_ops_id;
 
  136        $this->visible_roles = $a_ar;
 
  156        $tree = 
$DIC[
'tree'];
 
  164        if (!
$roles->getValue()) {
 
  165            if ($tree->checkForParentType($this->getRefId(), 
'crs') or
 
  166                $tree->checkForParentType($this->getRefId(), 
'grp')) {
 
  167                $roles->setValue(self::ROLE_FILTER_LOCAL);
 
  169                $roles->setValue(self::ROLE_FILTER_ALL);
 
  176                self::ROLE_FILTER_ALL => $this->lng->txt(
'filter_all_roles'),
 
  177                self::ROLE_FILTER_GLOBAL => $this->lng->txt(
'filter_global_roles'),
 
  178                self::ROLE_FILTER_LOCAL => $this->lng->txt(
'filter_local_roles'),
 
  179                self::ROLE_FILTER_LOCAL_POLICY => $this->lng->txt(
'filter_roles_local_policy'),
 
  180                self::ROLE_FILTER_LOCAL_OBJECT => $this->lng->txt(
'filter_local_roles_object')
 
  194        $objDefinition = 
$DIC[
'objDefinition'];
 
  198        if (isset($row[
'show_local_policy_row'])) {
 
  199            foreach ($row[
'roles'] as $role_id => $role_info) {
 
  200                $this->tpl->setCurrentBlock(
'role_option');
 
  201                $this->tpl->setVariable(
'INHERIT_ROLE_ID', $role_id);
 
  202                $this->tpl->setVariable(
'INHERIT_CHECKED', $role_info[
'local_policy'] ? 
'checked=checked' : 
'');
 
  203                $this->tpl->setVariable(
'INHERIT_DISABLED', ($role_info[
'protected'] or $role_info[
'isLocal'] or $role_info[
'blocked']) ? 
'disabled="disabled"' : 
'');
 
  204                $this->tpl->setVariable(
'TXT_INHERIT', $this->lng->txt(
'rbac_local_policy'));
 
  205                $this->tpl->setVariable(
'INHERIT_LONG', $this->lng->txt(
'perm_use_local_policy_desc'));
 
  206                $this->tpl->parseCurrentBlock();
 
  211        if (isset($row[
'show_protected_row'])) {
 
  212            foreach ($row[
'roles'] as $role_id => $role_info) {
 
  213                $this->tpl->setCurrentBlock(
'role_protect');
 
  214                $this->tpl->setVariable(
'PROTECT_ROLE_ID', $role_id);
 
  215                $this->tpl->setVariable(
'PROTECT_CHECKED', $role_info[
'protected_status'] ? 
'checked=checked' : 
'');
 
  216                $this->tpl->setVariable(
'PROTECT_DISABLED', $role_info[
'protected_allowed'] ? 
'' : 
'disabled="disabled"');
 
  217                $this->tpl->setVariable(
'TXT_PROTECT', $this->lng->txt(
'role_protect_permissions'));
 
  218                $this->tpl->setVariable(
'PROTECT_LONG', $this->lng->txt(
'role_protect_permissions_desc'));
 
  219                $this->tpl->parseCurrentBlock();
 
  225        if (isset($row[
'show_block_row'])) {
 
  227                $this->tpl->setCurrentBlock(
'role_block');
 
  228                $this->tpl->setVariable(
'BLOCK_ROLE_ID', $role_info[
'obj_id']);
 
  229                $this->tpl->setVariable(
'TXT_BLOCK', $this->lng->txt(
'role_block_role'));
 
  230                $this->tpl->setVariable(
'BLOCK_LONG', $this->lng->txt(
'role_block_role_desc'));
 
  231                if ($role_info[
'blocked']) {
 
  232                    $this->tpl->setVariable(
'BLOCK_CHECKED', 
'checked="checked"');
 
  235                    ($role_info[
'protected'] == 
'y') ||
 
  236                    ($role_info[
'assign'] == 
'y' and ($role_info[
'parent'] == $this->
getRefId()))
 
  238                    $this->tpl->setVariable(
'BLOCK_DISABLED', 
'disabled="disabled');
 
  241                $this->tpl->parseCurrentBlock();
 
  247        if (isset($row[
'show_select_all'])) {
 
  249                $this->tpl->setCurrentBlock(
'role_select_all');
 
  250                $this->tpl->setVariable(
'JS_ROLE_ID', $role[
'obj_id']);
 
  251                $this->tpl->setVariable(
'JS_SUBID', $row[
'subtype']);
 
  252                $this->tpl->setVariable(
'JS_ALL_PERMS', 
"['" . implode(
"','", $row[
'ops']) . 
"']");
 
  253                $this->tpl->setVariable(
'JS_FORM_NAME', $this->
getFormName());
 
  254                $this->tpl->setVariable(
'TXT_SEL_ALL', $this->lng->txt(
'select_all'));
 
  255                $this->tpl->parseCurrentBlock();
 
  261        if (isset($row[
'show_start_info'])) {
 
  262            $this->tpl->setCurrentBlock(
'section_info');
 
  263            $this->tpl->setVariable(
'SECTION_TITLE', $this->lng->txt(
'perm_class_object'));
 
  264            $this->tpl->setVariable(
'SECTION_DESC', $this->lng->txt(
'perm_class_object_desc'));
 
  265            $this->tpl->parseCurrentBlock();
 
  270        if (isset($row[
'show_create_info'])) {
 
  271            $this->tpl->setCurrentBlock(
'section_info');
 
  272            $this->tpl->setVariable(
'SECTION_TITLE', $this->lng->txt(
'perm_class_create'));
 
  273            $this->tpl->setVariable(
'SECTION_DESC', $this->lng->txt(
'perm_class_create_desc'));
 
  274            $this->tpl->parseCurrentBlock();
 
  279        foreach ((array) $row[
'roles'] as $role_id => $role_info) {
 
  281            $this->tpl->setCurrentBlock(
'role_td');
 
  282            $this->tpl->setVariable(
'PERM_ROLE_ID', $role_id);
 
  283            $this->tpl->setVariable(
'PERM_PERM_ID', $row[
'perm'][
'ops_id']);
 
  286            if (substr($row[
'perm'][
'operation'], 0, 6) == 
'create') {
 
  287                if ($objDefinition->isPlugin(substr($row[
'perm'][
'operation'], 7))) {
 
  289                        substr($row[
'perm'][
'operation'], 7),
 
  290                        "obj_" . substr($row[
'perm'][
'operation'], 7)
 
  293                    $perm = $this->lng->txt(
'obj_' . substr($row[
'perm'][
'operation'], 7));
 
  296                if ($objDefinition->isPlugin($this->getObjType())) {
 
  303                    if ($this->lng->exists($this->getObjType() . 
'_' . $row[
'perm'][
'operation'] . 
'_short')) {
 
  304                        $perm = $this->lng->txt($this->
getObjType() . 
'_' . $row[
'perm'][
'operation'] . 
'_short');
 
  306                        $perm = $this->lng->txt($row[
'perm'][
'operation']);
 
  311            $this->tpl->setVariable(
'TXT_PERM', $perm);
 
  313            if ($objDefinition->isPlugin($this->getObjType())) {
 
  316                    $this->
getObjType() . 
"_" . $row[
'perm'][
'operation']
 
  318            } elseif (substr($row[
'perm'][
'operation'], 0, 6) == 
'create') {
 
  319                if ($objDefinition->isPlugin(substr($row[
'perm'][
'operation'], 7))) {
 
  321                        substr($row[
'perm'][
'operation'], 7),
 
  322                        $this->
getObjType() . 
"_" . $row[
'perm'][
'operation']
 
  325                    $this->tpl->setVariable(
'PERM_LONG', $this->lng->txt(
'rbac_' . $row[
'perm'][
'operation']));
 
  328                $this->tpl->setVariable(
'PERM_LONG', $this->lng->txt($this->getObjType() . 
'_' . $row[
'perm'][
'operation']));
 
  331            if ($role_info[
'protected'] || $role_info[
'blocked']) {
 
  332                $this->tpl->setVariable(
'PERM_DISABLED', 
'disabled="disabled"');
 
  334            if ($role_info[
'permission_set']) {
 
  335                $this->tpl->setVariable(
'PERM_CHECKED', 
'checked="checked"');
 
  338            $this->tpl->parseCurrentBlock();
 
  351        $rbacreview = 
$DIC[
'rbacreview'];
 
  352        $objDefinition = 
$DIC[
'objDefinition'];
 
  360            return $this->
setData(array());
 
  364        $operations = array();
 
  366            $operations[$role_data[
'obj_id']] = $rbacreview->getActiveOperationsOfRole($this->
getRefId(), $role_data[
'obj_id']);
 
  374            $local_roles = $rbacreview->getRolesOfObject($this->
getRefId());
 
  376                $roles[$role_data[
'obj_id']] = array(
 
  377                    'blocked' => $role_data[
'blocked'],
 
  378                    'protected' => $role_data[
'protected'],
 
  379                    'local_policy' => in_array($role_data[
'obj_id'], $local_roles),
 
  380                    'isLocal' => ($this->
getRefId() == $role_data[
'parent']) && $role_data[
'assign'] == 
'y' 
  383            $perms[$counter][
'roles'] = 
$roles;
 
  384            $perms[$counter][
'show_local_policy_row'] = 1;
 
  393                $roles[$role_data[
'obj_id']] = array(
 
  394                    'blocked' => $role_data[
'blocked'],
 
  395                    'protected_allowed' => $rbacreview->isAssignable($role_data[
'obj_id'], $this->getRefId()),
 
  396                    'protected_status' => $rbacreview->isProtected($role_data[
'parent'], $role_data[
'obj_id']),
 
  397                    'isLocal' => ($this->getRefId() == $role_data[
'parent']) && $role_data[
'assign'] == 
'y' 
  400            $perms[$counter][
'roles'] = 
$roles;
 
  401            $perms[$counter][
'show_protected_row'] = 1;
 
  407            $perms[$counter++][
'show_block_row'] = 1;
 
  412            $perms[$counter++][
'show_start_info'] = 
true;
 
  416        $no_creation_operations = array();
 
  417        foreach ($rbacreview->getOperationsByTypeAndClass($this->getObjType(), 
'object') as $operation) {
 
  419            $no_creation_operations[] = $operation;
 
  423                $roles[$role_data[
'obj_id']] =
 
  425                        'blocked' => $role_data[
'blocked'],
 
  426                        'protected' => $role_data[
'protected'],
 
  427                        'permission_set' => in_array($operation, (array) $operations[$role_data[
'obj_id']]),
 
  428                        'isLocal' => ($this->
getRefId() == $role_data[
'parent']) && $role_data[
'assign'] == 
'y' 
  432            $op = $rbacreview->getOperation($operation);
 
  434            $perms[$counter][
'roles'] = 
$roles;
 
  435            $perms[$counter][
'perm'] = $op;
 
  442        if ($no_creation_operations) {
 
  443            $perms[$counter][
'show_select_all'] = 1;
 
  444            $perms[$counter][
'ops'] = $no_creation_operations;
 
  445            $perms[$counter][
'subtype'] = 
'nocreation';
 
  450        if ($objDefinition->isContainer($this->getObjType())) {
 
  451            $perms[$counter++][
'show_create_info'] = 
true;
 
  455        $objects = $objDefinition->getCreatableSubObjects($this->
getObjType());
 
  457        $creation_operations = array();
 
  458        foreach ($objects as 
$type => $info) {
 
  459            $ops_id = $ops_ids[
$type];
 
  466            $creation_operations[] = $ops_id;
 
  470                $roles[$role_data[
'obj_id']] =
 
  472                        'blocked' => $role_data[
'blocked'],
 
  473                        'protected' => $role_data[
'protected'],
 
  474                        'permission_set' => in_array($ops_id, (array) $operations[$role_data[
'obj_id']]),
 
  475                        'isLocal' => ($this->
getRefId() == $role_data[
'parent']) && $role_data[
'assign'] == 
'y' 
  480            $op = $rbacreview->getOperation($ops_id);
 
  482            $perms[$counter][
'roles'] = 
$roles;
 
  483            $perms[$counter][
'perm'] = $op;
 
  490        if (count($creation_operations)) {
 
  491            $perms[$counter][
'show_select_all'] = 1;
 
  492            $perms[$counter][
'ops'] = $creation_operations;
 
  493            $perms[$counter][
'subtype'] = 
'creation';
 
  508        $rbacreview = 
$DIC[
'rbacreview'];
 
  509        $ilCtrl = 
$DIC[
'ilCtrl'];
 
  517        $possible_roles = array();
 
  518        foreach (
$roles as $role) {
 
  519            if ($rbacreview->isBlockedInUpperContext($role[
'obj_id'], $this->getRefId())) {
 
  523            $possible_roles[] = $role;
 
  527        if (count($possible_roles)) {
 
  531            $column_widht = 
"0%";
 
  534        $all_roles = array();
 
  535        foreach ($possible_roles as $role) {
 
  540            $role[
'blocked'] = (bool) $rbacreview->isBlockedAtPosition($role[
'obj_id'], $this->getRefId());
 
  541            $role[
'role_type'] = $rbacreview->isGlobalRole($role[
'obj_id']) ? 
'global' : 
'local';
 
  552            $all_roles[] = $role;
 
  568        $rbacreview = 
$DIC[
'rbacreview'];
 
  569        $tree = 
$DIC[
'tree'];
 
  570        $objDefinition = 
$DIC[
'objDefinition'];
 
  573        $protected_status = $rbacreview->isProtected($role[
'parent'], $role[
'obj_id']) ? 
'protected_' : 
'';
 
  574        if ($role[
'role_type'] == 
'global') {
 
  575            $tp = $this->lng->txt(
'perm_' . $protected_status . 
'global_role');
 
  577            $tp = $this->lng->txt(
'perm_' . $protected_status . 
'local_role');
 
  580        $inheritance_seperator = 
': ';
 
  584            ($role[
'assign'] == 
'y' and $role[
'role_type'] != 
'global') or
 
  585            ($role[
'assign'] == 
'n' and $role[
'role_type'] != 
'global')
 
  589            $obj = $rbacreview->getObjectOfRole($role[
'obj_id']);
 
  592                if ($objDefinition->isPlugin(
$type)) {
 
  599                    $this->lng->txt(
'perm_role_path_info_created'),
 
  603                $inheritance_seperator = 
', ';
 
  607        $path_hierarchy = $rbacreview->getObjectsWithStopedInheritance(
 
  609            $tree->getPathId($this->getRefId())
 
  612        $reduced_path_hierarchy = (array) array_diff(
 
  616                $rbacreview->getObjectReferenceOfRole($role[
'obj_id'])
 
  622        if ($role[
'assign'] == 
'n' and count($reduced_path_hierarchy)) {
 
  623            $tp .= $inheritance_seperator;
 
  625            $parent = end($reduced_path_hierarchy);
 
  628            $tp .= sprintf($this->lng->txt(
'perm_role_path_info_inheritance'), $this->lng->txt(
'obj_' . $p_type), $p_title);
 
  643        $ilCtrl = 
$DIC[
'ilCtrl'];
 
  644        $objDefinition = 
$DIC[
'objDefinition'];
 
  646        include_once 
'./Services/AccessControl/classes/class.ilObjRole.php';
 
  650        if ($role[
'parent'] != $this->
getRefId()) {
 
  655        if ($objDefinition->isPlugin(
$type)) {
 
  656            if (preg_match(
"/^il_./", $role[
"title"])) {
 
  661        if ($role[
'blocked']) {
 
  664        $ilCtrl->setParameterByClass(
'ilobjrolegui', 
'obj_id', $role[
'obj_id']);
 
  666        return '<a class="tblheader" href="' . $ilCtrl->getLinkTargetByClass(
'ilobjrolegui', 
'') . 
'" >' . $role_title . 
'</a>';
 
An exception for terminatinating execution or to throw for unit testing.
static getLogger($a_component_id)
Get component logger.
static _getTranslation($a_role_title)
static _removeObjectId($a_role_title)
static lookupTxtById($plugin_id, $lang_var)
Table for object role permissions.
const ROLE_FILTER_LOCAL_OBJECT
getRefId()
Get ref id of current object.
fillRow($row)
Fill one permission row.
initColumns()
init Columns
setVisibleRoles($a_ar)
Set Visible roles.
getActiveOperations()
get active operations
__construct($a_parent_obj, $a_parent_cmd, $a_ref_id)
Constructor.
createTitle($role)
Create (linked) title.
addActiveOperation($a_ops_id)
Add active operation.
getVisibleRoles()
get visible roles
createTooltip($role)
Create a linked title for roles with local policy.
const ROLE_FILTER_LOCAL_POLICY
initFilter()
Init role filter.
getPathIds()
Get tree path ids.
static _lookupObjId($a_id)
static _lookupTitle($a_id)
lookup object title
static _lookupType($a_id, $a_reference=false)
lookup object type
static hasContainerCommands($a_type)
Check if container commands are possible for the current object type.
static langExitsById(string $pluginId, string $langVar)
Is searched lang var available in plugin lang files.
static lookupCreateOperationIds($a_type_arr)
Lookup operation ids.
getFormName()
Get Form name.
setEnableHeader($a_enableheader)
Set Enable Header.
setDisableFilterHiding($a_val=true)
Set disable filter hiding.
setShowRowsSelector($a_value)
Toggle rows-per-page selector.
getParentObject()
Get parent object.
setTitle($a_title, $a_icon=0, $a_icon_alt=0)
Set title and title icon.
setNoEntriesText($a_text)
Set text for an empty table.
setData($a_data)
set table data @access public
setRowTemplate($a_template, $a_template_dir="")
Set row template.
setLimit($a_limit=0, $a_default_limit=0)
set max.
getFilterItemByPostVar($a_post_var)
addColumn( $a_text, $a_sort_field="", $a_width="", $a_is_checkbox_action_column=false, $a_class="", $a_tooltip="", $a_tooltip_with_html=false)
Add a column to the header.
addFilterItemByMetaType($id, $type=self::FILTER_TEXT, $a_optional=false, $caption=null)
Add filter by standard type.
setFormAction($a_form_action, $a_multipart=false)
Set Form action parameter.
addCommandButton($a_cmd, $a_text, $a_onclick='', $a_id="", $a_class=null)
Add Command button.
disable($a_module_name)
diesables particular modules of table
__construct(Container $dic, ilPlugin $plugin)
@inheritDoc