58    public function __construct($a_data, $a_id, $a_call_by_reference = 
false, $a_prepare_output = 
true)
 
   65        $lng->loadLanguageModule(
'rbac');
 
   68        define(
"USER_FOLDER_ID", 7);
 
   72        $this->obj_ref_id = (int) $_REQUEST[
'rolf_ref_id']
 
   73            ? (
int) $_REQUEST[
'rolf_ref_id']
 
   74            : (int) $_REQUEST[
'ref_id'];
 
   83        $this->ctrl->saveParameter($this, [
'obj_id', 
'rolf_ref_id']);
 
   95        $next_class = $this->ctrl->getNextClass($this);
 
   96        $cmd = $this->ctrl->getCmd();
 
  100        switch ($next_class) {
 
  101            case 'ilrepositorysearchgui':
 
  104                    $GLOBALS[
'DIC'][
'ilErr']->raiseError(
$GLOBALS[
'DIC'][
'lng']->txt(
'permission_denied'), 
$GLOBALS[
'DIC'][
'ilErr']->WARNING);
 
  106                include_once(
'./Services/Search/classes/class.ilRepositorySearchGUI.php');
 
  108                $rep_search->setTitle($this->lng->txt(
'role_add_user'));
 
  109                $rep_search->setCallback($this, 
'addUserObject');
 
  112                $this->tabs_gui->setTabActive(
'user_assignment');
 
  113                $this->ctrl->setReturn($this, 
'userassignment');
 
  114                $ret = &$this->ctrl->forwardCommand($rep_search);
 
  119                $this->tabs_gui->setTabActive(
'export');
 
  121                include_once 
'./Services/Export/classes/class.ilExportOptions.php';
 
  125                include_once 
'./Services/Export/classes/class.ilExportGUI.php';
 
  127                $exp->addFormat(
'xml');
 
  128                $this->ctrl->forwardCommand($exp);
 
  131            case 'ilrecommendedcontentroleconfiggui':
 
  132                $this->tabs_gui->setTabActive(
'rep_recommended_content');
 
  134                $this->ctrl->forwardCommand($ui);
 
  142                        $cmd = 
'userassignment';
 
  186        $this->back_target = array(
"text" => $a_text,
 
  192        return $this->back_target ? $this->back_target : array();
 
  235        include_once 
'./Services/Form/classes/class.ilPropertyFormGUI.php';
 
  238        if ($this->creation_mode) {
 
  239            $this->ctrl->setParameter($this, 
"new_type", 
'role');
 
  241        $this->form->setFormAction($this->ctrl->getFormAction($this));
 
  245                $this->form->setTitle($this->lng->txt(
'role_new'));
 
  246                $this->form->addCommandButton(
'save', $this->lng->txt(
'role_new'));
 
  250                $this->form->setTitle($this->lng->txt(
'role_edit'));
 
  251                $this->form->addCommandButton(
'update', $this->lng->txt(
'save'));
 
  258        $this->form->addCommandButton(
'cancel', $this->lng->txt(
'cancel'));
 
  262            $title->setDisabled(
true);
 
  265            $title->setValidationRegexp(
'/^(?!il_).*$/');
 
  266            $title->setValidationFailureMessage($this->lng->txt(
'msg_role_reserved_prefix'));
 
  270        $title->setMaxLength(70);
 
  271        $title->setRequired(
true);
 
  272        $this->form->addItem($title);
 
  276            $desc->setDisabled(
true);
 
  280        $this->form->addItem($desc);
 
  282        if ($a_mode != self::MODE_LOCAL_CREATE && $a_mode != self::MODE_GLOBAL_CREATE) {
 
  284            $this->form->addItem($ilias_id);
 
  290            #$reg->setInfo($this->lng->txt('rbac_new_acc_reg_info')); 
  291            $this->form->addItem($reg);
 
  295            #$la->setInfo($this->lng->txt('rbac_local_admin_info')); 
  296            $this->form->addItem($la);
 
  301        #$pro->setInfo($this->lng->txt('role_protext_permission_info')); 
  302        $this->form->addItem($pro);
 
  315        if (!$this->form->getItemByPostVar(
'title')->getDisabled()) {
 
  316            $role->
setTitle($this->form->getInput(
'title'));
 
  318        if (!$this->form->getItemByPostVar(
'desc')->getDisabled()) {
 
  344        $this->form->setValuesByArray(
$data);
 
  361        if (!
$rbacsystem->checkAccess(
'create_role', $this->obj_ref_id)) {
 
  362            $this->tpl->setOnScreenMessage(
'failure', $this->lng->txt(
'permission_denied'), 
true);
 
  363            $this->ctrl->redirectByClass(ilRepositoryGUI::class);
 
  367        $this->tpl->setContent($this->form->getHTML());
 
  379        $ilToolbar = 
$DIC[
'ilToolbar'];
 
  381        if (!$this->
checkAccess(
'write', 
'edit_permission')) {
 
  382            $this->tpl->setOnScreenMessage(
'msg_no_perm_write', $this->lng->txt(
'permission_denied'), 
true);
 
  383            $this->ctrl->redirectByClass(ilRepositoryGUI::class);
 
  386        $this->tabs_gui->activateTab(
'edit_properties');
 
  390            $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
 
  391            if (
$rbacreview->isDeleteable($this->object->getId(), $this->obj_ref_id)) {
 
  392                $ilToolbar->addButton(
 
  393                    $this->lng->txt(
'rbac_delete_role'),
 
  394                    $this->ctrl->getLinkTarget($this, 
'confirmDeleteRole')
 
  401        $this->tpl->setContent($this->form->getHTML());
 
  413        $rbacadmin = 
$DIC[
'rbacadmin'];
 
  417        if ($this->form->checkInput() and !$this->checkDuplicate()) {
 
  418            include_once 
'./Services/AccessControl/classes/class.ilObjRole.php';
 
  420            $this->role->create();
 
  421            $rbacadmin->assignRoleToFolder($this->role->getId(), $this->obj_ref_id, 
'y');
 
  422            $rbacadmin->setProtected(
 
  424                $this->role->getId(),
 
  425                $this->form->getInput(
'pro') ? 
'y' : 
'n' 
  427            ilUtil::sendSuccess($this->lng->txt(
"role_added"), 
true);
 
  428            $this->ctrl->setParameter($this, 
'obj_id', $this->role->getId());
 
  429            $this->ctrl->redirect($this, 
'perm');
 
  433        $this->form->setValuesByPost();
 
  434        $this->tpl->setContent($this->form->getHTML());
 
  456        $rbacadmin = 
$DIC[
'rbacadmin'];
 
  459        if ($this->form->checkInput() and !$this->checkDuplicate($this->object->getId())) {
 
  460            include_once 
'./Services/AccessControl/classes/class.ilObjRole.php';
 
  462            $this->
object->update();
 
  463            $rbacadmin->setProtected(
 
  465                $this->object->getId(),
 
  466                $this->form->getInput(
'pro') ? 
'y' : 
'n' 
  468            ilUtil::sendSuccess($this->lng->txt(
"saved_successfully"), 
true);
 
  469            $this->ctrl->redirect($this, 
'edit');
 
  473        $this->form->setValuesByPost();
 
  474        $this->tpl->setContent($this->form->getHTML());
 
  482    protected function permObject($a_show_admin_permissions = 
false)
 
  486        $ilTabs = 
$DIC[
'ilTabs'];
 
  488        $ilToolbar = 
$DIC[
'ilToolbar'];
 
  492        $ilTabs->setTabActive(
'default_perm_settings');
 
  496        if ($a_show_admin_permissions) {
 
  497            $ilTabs->setSubTabActive(
'rbac_admin_permissions');
 
  499            $ilTabs->setSubTabActive(
'rbac_repository_permissions');
 
  502        if (!$this->
checkAccess(
'write', 
'edit_permission')) {
 
  503            $this->tpl->setOnScreenMessage(
'msg_no_perm_write', $this->lng->txt(
'permission_denied'), 
true);
 
  504            $this->ctrl->redirectByClass(ilRepositoryGUI::class);
 
  509            $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
 
  510            $ilToolbar->addButton(
 
  511                $this->lng->txt(
"adopt_perm_from_template"),
 
  512                $this->ctrl->getLinkTarget($this, 
'adoptPerm')
 
  514            if (
$rbacreview->isDeleteable($this->object->getId(), $this->obj_ref_id)) {
 
  515                $ilToolbar->addButton(
 
  516                    $this->lng->txt(
'rbac_delete_role'),
 
  517                    $this->ctrl->getLinkTarget($this, 
'confirmDeleteRole')
 
  522        $this->tpl->addBlockFile(
 
  525            'tpl.rbac_template_permissions.html',
 
  526            'Services/AccessControl' 
  529        $this->tpl->setVariable(
'PERM_ACTION', $this->ctrl->getFormAction($this));
 
  531        include_once 
'./Services/Accordion/classes/class.ilAccordionGUI.php';
 
  537            if ($a_show_admin_permissions) {
 
  538                $subs = ilObjRole::getSubObjects(
'adm', 
true);
 
  540                $subs = ilObjRole::getSubObjects(
'root', 
false);
 
  543            $subs = ilObjRole::getSubObjects($this->
getParentType(), $a_show_admin_permissions);
 
  546        foreach ($subs as $subtype => $def) {
 
  547            include_once 
'Services/AccessControl/classes/class.ilObjectRoleTemplatePermissionTableGUI.php';
 
  552                $this->object->getId(),
 
  554                $a_show_admin_permissions
 
  558            $acc->addItem($def[
'translation'], $tbl->getHTML());
 
  561        $this->tpl->setVariable(
'ACCORDION', $acc->getHTML());
 
  564        include_once 
'./Services/AccessControl/classes/class.ilObjectRoleTemplateOptionsTableGUI.php';
 
  569            $this->object->getId(),
 
  570            $a_show_admin_permissions
 
  573            $options->addMultiCommand(
 
  574                $a_show_admin_permissions ? 
'adminPermSave' : 
'permSave',
 
  575                $this->lng->txt(
'save')
 
  580        $this->tpl->setVariable(
'OPTIONS_TABLE', $options->getHTML());
 
  608        $this->tabs_gui->clearTargets();
 
  610        $parent_role_ids = 
$rbacreview->getParentRoleIds($this->obj_ref_id, 
true);
 
  612        foreach ($parent_role_ids as $id => $tmp) {
 
  616        $sorted_ids = 
ilUtil::_sortIds($ids, 
'object_data', 
'type,title', 
'obj_id');
 
  618        foreach ($sorted_ids as $id) {
 
  619            $par = $parent_role_ids[$id];
 
  620            if ($par[
"obj_id"] != 
SYSTEM_ROLE_ID && $this->object->getId() != $par[
"obj_id"]) {
 
  621                $output[$key][
"role_id"] = $par[
"obj_id"];
 
  622                $output[$key][
"type"] = ($par[
"type"] == 
'role' ? $this->lng->txt(
'obj_role') : $this->lng->txt(
'obj_rolt'));
 
  624                $output[$key][
"role_desc"] = $par[
"desc"];
 
  630        include_once(
'./Services/AccessControl/classes/class.ilRoleAdoptPermissionTableGUI.php');
 
  633        $tbl->setTitle($this->lng->txt(
"adopt_perm_from_template"));
 
  634        $tbl->setData($output);
 
  636        $this->tpl->setContent($tbl->getHTML());
 
  650        $this->tabs_gui->clearTargets();
 
  652        if (!$this->
checkAccess(
'visible,write', 
'edit_permission')) {
 
  653            $this->tpl->setOnScreenMessage(
'msg_no_perm_perm', $this->lng->txt(
'permission_denied'), 
true);
 
  654            $this->ctrl->redirectByClass(ilRepositoryGUI::class);
 
  657        $question = $this->lng->txt(
'rbac_role_delete_qst');
 
  659            $question .= (
'<br />' . $this->lng->txt(
'rbac_role_delete_self'));
 
  663        include_once 
'./Services/Utilities/classes/class.ilConfirmationGUI.php';
 
  666        $confirm->setFormAction($this->ctrl->getFormAction($this));
 
  667        $confirm->setHeaderText($question);
 
  668        $confirm->setCancel($this->lng->txt(
'cancel'), 
'perm');
 
  669        $confirm->setConfirm($this->lng->txt(
'rbac_delete_role'), 
'performDeleteRole');
 
  673            $this->object->getId(),
 
  678        $this->tpl->setContent($confirm->getHTML());
 
  691            $this->tpl->setOnScreenMessage(
'msg_no_perm_perm', $this->lng->txt(
'permission_denied'), 
true);
 
  692            $this->ctrl->redirectByClass(ilRepositoryGUI::class);
 
  695        $this->
object->setParent((
int) $this->obj_ref_id);
 
  696        $this->
object->delete();
 
  697        ilUtil::sendSuccess($this->lng->txt(
'msg_deleted_role'), 
true);
 
  699        $this->ctrl->returnToParent($this);
 
  712        $rbacadmin = 
$DIC[
'rbacadmin'];
 
  717        if (!$this->
checkAccess(
'visible,write', 
'edit_permission')) {
 
  718            $this->tpl->setOnScreenMessage(
'msg_no_perm_perm', $this->lng->txt(
'permission_denied'), 
true);
 
  719            $this->ctrl->redirectByClass(ilRepositoryGUI::class);
 
  723        include_once 
"Services/AccessControl/classes/class.ilRbacLog.php";
 
  725        if ($rbac_log_active) {
 
  731            if ($a_show_admin_permissions) {
 
  732                $subs = ilObjRole::getSubObjects(
'adm', 
true);
 
  734                $subs = ilObjRole::getSubObjects(
'root', 
false);
 
  737            $subs = ilObjRole::getSubObjects($this->
getParentType(), $a_show_admin_permissions);
 
  740        foreach ($subs as $subtype => $def) {
 
  742            $rbacadmin->deleteRolePermission($this->object->getId(), $this->obj_ref_id, $subtype);
 
  745        if (empty(
$_POST[
"template_perm"])) {
 
  746            $_POST[
"template_perm"] = array();
 
  749        foreach (
$_POST[
"template_perm"] as $key => $ops_array) {
 
  751            $rbacadmin->setRolePermission($this->object->getId(), $key, $ops_array, $this->obj_ref_id);
 
  754        if ($rbac_log_active) {
 
  761        $this->
object->update();
 
  765            $rbacadmin->setProtected($this->obj_ref_id, $this->object->getId(), 
ilUtil::tf2yn(
$_POST[
'protected']));
 
  768        if ($a_show_admin_permissions) {
 
  769            $_POST[
'recursive'] = 
true;
 
  773        if (!
$_POST[
'recursive'] and !is_array(
$_POST[
'recursive_list'])) {
 
  774            ilUtil::sendSuccess($this->lng->txt(
"saved_successfully"), 
true);
 
  775            if ($a_show_admin_permissions) {
 
  776                $this->ctrl->redirect($this, 
'adminPerm');
 
  778                $this->ctrl->redirect($this, 
'perm');
 
  788        if ($a_show_admin_permissions) {
 
  789            $start = 
$tree->getParentId($this->obj_ref_id);
 
  792        if (
$_POST[
'protected']) {
 
  793            $this->
object->changeExistingObjects(
 
  800            $this->
object->changeExistingObjects(
 
  807        ilUtil::sendSuccess($this->lng->txt(
"saved_successfully"), 
true);
 
  809        if ($a_show_admin_permissions) {
 
  810            $this->ctrl->redirect($this, 
'adminPerm');
 
  812            $this->ctrl->redirect($this, 
'perm');
 
  827        $rbacadmin = 
$DIC[
'rbacadmin'];
 
  840            $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_perm"), $this->ilias->error_obj->MESSAGE);
 
  843        if ($this->object->getId() == 
$_POST[
"adopt"]) {
 
  846            $rbacadmin->deleteRolePermission($this->object->getId(), $this->obj_ref_id);
 
  847            $parentRoles = 
$rbacreview->getParentRoleIds($this->obj_ref_id, 
true);
 
  848            $rbacadmin->copyRoleTemplatePermissions(
 
  850                $parentRoles[
$_POST[
"adopt"]][
"parent"],
 
  852                $this->object->getId(),
 
  857            $this->
object->update();
 
  860            $obj_data = &$this->
ilias->obj_factory->getInstanceByObjId($_POST[
"adopt"]);
 
  861            ilUtil::sendSuccess($this->lng->txt(
"msg_perm_adopted_from1") . 
" '" .
 
  863                     $this->lng->txt(
"msg_perm_adopted_from2"), 
true);
 
  866        $this->ctrl->redirect($this, 
"perm");
 
  876        $this->assignUserObject();
 
  891        $rbacadmin = 
$DIC[
'rbacadmin'];
 
  893        if (!$this->
checkAccess(
'edit_userassignment', 
'edit_permission')) {
 
  897        if (!
$rbacreview->isAssignable($this->object->getId(), $this->obj_ref_id) &&
 
  903            $GLOBALS[
'DIC'][
'lng']->loadLanguageModule(
'search');
 
  908        $assigned_users_all = 
$rbacreview->assignedUsers($this->object->getId());
 
  911        $assigned_users_new = array_diff($a_user_ids, array_intersect($a_user_ids, $assigned_users_all));
 
  914        if (count($assigned_users_new) == 0) {
 
  916            $this->ctrl->redirect($this, 
'userassignment');
 
  920        foreach ($assigned_users_new as $user_id) {
 
  922                $this->tpl->setOnScreenMessage(
'failure', $this->lng->txt(
'msg_anonymous_cannot_be_assigned'), 
true);
 
  925            $rbacadmin->assignUser($this->object->getId(), $user_id, 
false);
 
  929        $this->
object->update();
 
  931        ilUtil::sendSuccess($this->lng->txt(
"msg_userassignment_changed"), 
true);
 
  932        $this->ctrl->redirect($this, 
'userassignment');
 
  945        $rbacadmin = 
$DIC[
'rbacadmin'];
 
  948        if (!$this->
checkAccess(
'edit_userassignment', 
'edit_permission')) {
 
  949            $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_assign_user_to_role"), $this->ilias->error_obj->MESSAGE);
 
  952        $selected_users = (
$_POST[
"user_id"]) ? 
$_POST[
"user_id"] : array(
$_GET[
"user_id"]);
 
  954        if ($selected_users[0] === 
null) {
 
  955            $this->
ilias->raiseError($this->lng->txt(
"no_checkbox"), $this->
ilias->error_obj->MESSAGE);
 
  960            if ($admin = array_search(
SYSTEM_USER_ID, $selected_users) !== 
false) {
 
  961                unset($selected_users[$admin]);
 
  969        foreach ($selected_users as 
$user) {
 
  971            $assigned_global_roles = array_intersect($assigned_roles, $global_roles);
 
  973            if (count($assigned_roles) == 1 or (count($assigned_global_roles) == 1 and in_array($this->object->getId(), $assigned_global_roles))) {
 
  974                $userObj = $this->
ilias->obj_factory->getInstanceByObjId($user);
 
  975                $last_role[
$user] = $userObj->getFullName();
 
  982        foreach ($selected_users as 
$user) {
 
  983            if (!isset($last_role[
$user])) {
 
  984                $rbacadmin->deassignUser($this->object->getId(), 
$user);
 
  989        $this->
object->update();
 
  992        if (count($last_role)) {
 
  993            $user_list = implode(
", ", $last_role);
 
  994            ilUtil::sendFailure($this->lng->txt(
'msg_is_last_role') . 
': ' . $user_list . 
'<br />' . $this->lng->txt(
'msg_min_one_role'), 
true);
 
  996            ilUtil::sendSuccess($this->lng->txt(
"msg_userassignment_changed"), 
true);
 
  998        $this->ctrl->redirect($this, 
'userassignment');
 
 1014        if (!$this->
checkAccess(
'edit_userassignment', 
'edit_permission')) {
 
 1015            $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_assign_user_to_role"), $this->ilias->error_obj->MESSAGE);
 
 1018        $this->tabs_gui->setTabActive(
'user_assignment');
 
 1020        $this->tpl->addBlockFile(
'ADM_CONTENT', 
'adm_content', 
'tpl.rbac_ua.html', 
'Services/AccessControl');
 
 1022        include_once 
'./Services/UIComponent/Toolbar/classes/class.ilToolbarGUI.php';
 
 1026        include_once 
'./Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
 
 1037            include_once 
'./Services/Search/classes/class.ilRepositorySearchGUI.php';
 
 1042                    'auto_complete_name' => 
$lng->txt(
'user'),
 
 1043                    'submit_name' => 
$lng->txt(
'add')
 
 1050                $this->lng->txt(
'search_user'),
 
 1051                $this->ctrl->getLinkTargetByClass(
'ilRepositorySearchGUI', 
'start')
 
 1057            $this->lng->txt(
'role_mailto'),
 
 1058            $this->ctrl->getLinkTarget($this, 
'mailToRole')
 
 1060        $this->tpl->setVariable(
'BUTTONS_UA', $tb->getHTML());
 
 1063        include_once 
'./Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
 
 1064        $role_assignment_editable = 
true;
 
 1068            $role_assignment_editable = 
false;
 
 1071        include_once 
'./Services/AccessControl/classes/class.ilAssignedUsersTableGUI.php';
 
 1072        $ut = 
new ilAssignedUsersTableGUI($this, 
'userassignment', $this->object->getId(), $role_assignment_editable);
 
 1074        $this->tpl->setVariable(
'TABLE_UA', $ut->getHTML());
 
 1086        if (
$_GET[
"new_type"] != 
"role") {
 
 1087            $this->ctrl->redirect($this, 
"userassignment");
 
 1089            $this->ctrl->redirectByClass(
"ilobjrolefoldergui", 
"view");
 
 1103        if (!is_array(
$_POST[
"role"])) {
 
 1105            $this->searchObject();
 
 1110        $this->tpl->addBlockFile(
"ADM_CONTENT", 
"adm_content", 
"tpl.role_usr_selection.html", 
"Services/AccessControl");
 
 1111        $this->
__showButton(
"searchUserForm", $this->lng->txt(
"role_new_search"));
 
 1116        foreach (
$_POST[
"role"] as $role_id) {
 
 1117            $members = array_merge(
$rbacreview->assignedUsers($role_id), $members);
 
 1120        $members = array_unique($members);
 
 1124        $f_result = array();
 
 1126        foreach ($members as 
$user) {
 
 1131            $user_ids[$counter] = 
$user;
 
 1135            $f_result[$counter][] = $tmp_obj->getLogin();
 
 1136            $f_result[$counter][] = $tmp_obj->getFirstname();
 
 1137            $f_result[$counter][] = $tmp_obj->getLastname();
 
 1143        $this->__showSearchUserTable($f_result, $user_ids, 
"listUsersRole");
 
 1151        $this->tpl->addBlockFile(
"CONTENT", 
"content", 
"tpl.adm_content.html");
 
 1152        $this->tpl->addBlockFile(
"STATUSLINE", 
"statusline", 
"tpl.statusline.html");
 
 1155        if ($this->message) {
 
 1168        $this->tpl->setTitle($this->lng->txt(
'role'));
 
 1169        $this->tpl->setDescription($this->object->getTitle());
 
 1172        $this->
getTabs($this->tabs_gui);
 
 1183        $ilLocator = 
$DIC[
'ilLocator'];
 
 1186            $_GET[
"admin_mode"] == 
"settings" 
 1188            parent::addAdminLocatorItems(
true);
 
 1190            $ilLocator->addItem(
 
 1192                $this->ctrl->getLinkTargetByClass(
"ilobjrolefoldergui", 
'view')
 
 1195            if (
$_GET[
"obj_id"] > 0) {
 
 1196                $ilLocator->addItem(
 
 1198                    $this->ctrl->getLinkTarget($this, 
'perm')
 
 1202            parent::addAdminLocatorItems($a_do_not_add_object);
 
 1214        $ilHelp = 
$DIC[
'ilHelp'];
 
 1216        $base_role_container = 
$rbacreview->getFoldersAssignedToRole($this->object->getId(), 
true);
 
 1218        $activate_role_edit = 
false;
 
 1222        if (in_array($this->obj_ref_id, $base_role_container) ||
 
 1223            (strtolower(
$_GET[
"baseClass"]) == 
"iladministrationgui" &&
 
 1224            $_GET[
"admin_mode"] == 
"settings")) {
 
 1225            $activate_role_edit = 
true;
 
 1229        $this->tabs_gui->clearTargets();
 
 1231        $ilHelp->setScreenIdComponent(
"role");
 
 1233        if ($this->back_target != 
"") {
 
 1234            $this->tabs_gui->setBackTarget(
 
 1235                $this->back_target[
"text"],
 
 1236                $this->back_target[
"link"]
 
 1239            $this->tabs_gui->setBackTarget($this->lng->txt(
'btn_back'), $this->ctrl->getParentReturn($this));
 
 1242        if ($this->
checkAccess(
'write', 
'edit_permission') && $activate_role_edit) {
 
 1243            $this->tabs_gui->addTarget(
 
 1245                $this->ctrl->getLinkTarget($this, 
"edit"),
 
 1251            $this->tabs_gui->addTarget(
 
 1252                "default_perm_settings",
 
 1253                $this->ctrl->getLinkTarget($this, 
"perm"),
 
 1260            $this->tabs_gui->addTarget(
 
 1262                $this->ctrl->getLinkTarget($this, 
"userassignment"),
 
 1263                [
"deassignUser", 
"userassignment", 
"assignUser", 
"searchUserForm", 
"search"],
 
 1269            $this->lng->loadLanguageModule(
"rep");
 
 1270            $this->tabs_gui->addTarget(
 
 1271                "rep_recommended_content",
 
 1272                $this->ctrl->getLinkTargetByClass(
"ilrecommendedcontentroleconfiggui", 
"")
 
 1275        if ($this->
checkAccess(
'write', 
'edit_permission')) {
 
 1276            $this->tabs_gui->addTarget(
 
 1278                $this->ctrl->getLinkTargetByClass(
'ilExportGUI'),
 
 1287        if (count($obj_ids) > 1) {
 
 1288            $_SESSION[
'mail_roles'][] = 
'#il_role_' . $this->
object->getId();
 
 1290            $_SESSION[
'mail_roles'][] = (new \ilRoleMailboxAddress($this->object->getId()))->value();
 
 1293        require_once 
'Services/Mail/classes/class.ilMailFormCall.php';
 
 1303        $ilAccess = 
$DIC[
'ilAccess'];
 
 1305        $a_perm_obj = $a_perm_obj ? $a_perm_obj : $a_perm_global;
 
 1308            return $rbacsystem->checkAccess($a_perm_global, $this->obj_ref_id);
 
 1310            return $ilAccess->checkAccess($a_perm_obj, 
'', $this->obj_ref_id);
 
 1324        if (!(
int) 
$_POST[
'recursive'] and !is_array(
$_POST[
'recursive_list'])) {
 
 1329        if (
$rbacreview->isProtected($this->obj_ref_id, $this->object->getId())) {
 
 1332            return count(
$rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
 
 1336            return count(
$rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
 
 1346        $protected = 
$_POST[
'protected'];
 
 1348        include_once 
'./Services/Form/classes/class.ilPropertyFormGUI.php';
 
 1350        $form->setFormAction($this->ctrl->getFormAction($this, 
'changeExistingObjects'));
 
 1351        $form->setTitle($this->lng->txt(
'rbac_change_existing_confirm_tbl'));
 
 1353        $form->addCommandButton(
'changeExistingObjects', $this->lng->txt(
'change_existing_objects'));
 
 1354        $form->addCommandButton(
'perm', $this->lng->txt(
'cancel'));
 
 1357        $hidden->setValue(
$_POST[
'recursive'] ? json_encode([
'all']) : json_encode(
$_POST[
'recursive_list']));
 
 1358        $form->addItem($hidden);
 
 1365                $this->lng->txt(
'rbac_keep_local_policies'),
 
 1367                $this->lng->txt(
'rbac_keep_local_policies_info')
 
 1372                $this->lng->txt(
'rbac_keep_local_policies'),
 
 1374                $this->lng->txt(
'rbac_unprotected_keep_local_policies_info')
 
 1377        $rad->addOption($keep);
 
 1381                $this->lng->txt(
'rbac_delete_local_policies'),
 
 1383                $this->lng->txt(
'rbac_delete_local_policies_info')
 
 1387                $this->lng->txt(
'rbac_delete_local_policies'),
 
 1389                $this->lng->txt(
'rbac_unprotected_delete_local_policies_info')
 
 1392        $rad->addOption($del);
 
 1394        $form->addItem($rad);
 
 1395        $this->tpl->setContent($form->getHTML());
 
 1404        $mode = (int) 
$_POST[
'mode'];
 
 1406        $this->
object->changeExistingObjects(
 
 1414        ilUtil::sendSuccess($this->lng->txt(
'settings_saved'), 
true);
 
 1415        $this->ctrl->redirect($this, 
'perm');
 
 1427        $ilTabs = 
$DIC[
'ilTabs'];
 
 1430            case 'default_perm_settings':
 
 1434                $ilTabs->addSubTabTarget(
 
 1435                    'rbac_repository_permissions',
 
 1436                    $this->ctrl->getLinkTarget($this, 
'perm')
 
 1438                $ilTabs->addSubTabTarget(
 
 1439                    'rbac_admin_permissions',
 
 1440                    $this->ctrl->getLinkTarget($this, 
'adminPerm')
 
 1454        $ilCtrl = 
$DIC[
'ilCtrl'];
 
 1456        $users = (array) 
$_POST[
'user_id'];
 
 1457        if (!count($users)) {
 
 1459            $ilCtrl->redirect($this, 
'userassignment');
 
 1461        include_once 
'./Services/User/classes/class.ilUserClipboard.php';
 
 1466        $lng->loadLanguageModule(
'user');
 
 1467        ilUtil::sendSuccess($this->lng->txt(
'clipboard_user_added'), 
true);
 
 1468        $ilCtrl->redirect($this, 
'userassignment');
 
 1478        $ilLocator = 
$DIC[
'ilLocator'];
 
 1480        if (
$_GET[
"admin_mode"] == 
"") {
 
 1481            $this->ctrl->setParameterByClass(
 
 1484                (
int) 
$_GET[
"obj_id"]
 
 1486            $ilLocator->addItem(
 
 1488                $this->ctrl->getLinkTargetByClass(
 
 1507        $review = 
$DIC->rbac()->review();
 
 1508        $logger = 
$DIC->logger()->ac();
 
 1512            !$this->object->getId() ||
 
 1519        $possible_roles = [];
 
 1521            $possible_roles = $review->getRolesOfObject(
 
 1525        } 
catch (\InvalidArgumentException 
$e) {
 
 1526            $logger->warning(
'Role access check failed: ' . 
$e);
 
 1528            include_once 
"Services/Object/exceptions/class.ilObjectException.php";
 
 1529            throw new \ilObjectException($this->lng->txt(
'permission_denied'));
 
 1532        if (!in_array($this->object->getId(), $possible_roles)) {
 
 1533            $logger->warning(
'Object id: ' . $this->object->getId() . 
' is not accessible for ref_id: ' . $this->obj_ref_id);
 
 1534            include_once 
"Services/Object/exceptions/class.ilObjectException.php";
 
 1535            throw new \ilObjectException($this->lng->txt(
'permission_denied'));
 
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
An exception for terminatinating execution or to throw for unit testing.
return true
Flag indicating whether or not HTTP headers will be sent when outputting captcha image/audio.
Accordion user interface class.
TableGUI class for role administration.
Confirmation screen class.
Export User Interface Class.
static newInstance($a_export_id)
Create new instance.
static allocateExportId()
Allocate a new export id.
This class represents a non editable value in a property form.
getAdminTabs()
admin and normal tabs are equal for roles
editObject()
Edit role properties.
getTabs()
get tabs abstract method.
performDeleteRoleObject()
Delete role.
saveObject()
Save new role.
updateObject()
Save role settings.
initFormRoleProperties($a_mode)
Create role prperty form.
userassignmentObject()
display user assignment panel
showChangeExistingObjectsConfirmation()
Show confirmation screen.
ensureRoleAccessForContext()
__construct($a_data, $a_id, $a_call_by_reference=false, $a_prepare_output=true)
Constructor @access public.
setBackTarget($a_text, $a_link)
set back tab target
readRoleProperties(ilObjRole $role)
Read role properties and write them to form.
addLocatorItems()
should be overwritten to add object specific items (repository items are preloaded)
deassignUserObject()
de-assign users from role
permObject($a_show_admin_permissions=false)
Show template permissions.
loadRoleProperties(ilObjRole $role)
Store form input in role object.
assignSaveObject()
wrapper for renamed function
permSaveObject($a_show_admin_permissions=false)
save permissions
getParentType()
get type of current object (not role folder)
getContainerType()
Get type of role container.
addAdminLocatorItems($a_do_not_add_object=false)
should be overwritten to add object specific items (repository items are preloaded)
addUserObject($a_user_ids)
Assign user (callback from ilRepositorySearchGUI)
checkAccess($a_perm_global, $a_perm_obj='')
cancelObject()
cancelObject is called when an operation is canceled, method links back @access public
showDefaultPermissionSettings()
check if default permissions are shown or not
adminPermObject()
Show administration permissions.
executeCommand()
execute command
adminPermSaveObject()
Save admin permissions.
checkDuplicate($a_role_id=0)
Check if role with same name already exists in this folder.
confirmDeleteRoleObject()
Show delete confirmation screen.
createObject()
Only called from administration -> role folder ? Otherwise this check access is wrong.
getParentRefId()
Get ref id of current object (not role folder id)
isChangeExistingObjectsConfirmationRequired()
Check if a confirmation about further settings is required or not.
adoptPermSaveObject()
copy permissions from role
getParentObjId()
Get obj_id of current object.
setSubTabs($a_tab)
Set sub tabs.
addToClipboardObject()
Add selected users to user clipboard.
changeExistingObjectsObject()
Change existing objects.
setAllowRegister($a_allow_register)
set allow_register of role
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
const MODE_PROTECTED_DELETE_LOCAL_POLICIES
const MODE_UNPROTECTED_DELETE_LOCAL_POLICIES
getAllowRegister()
get allow_register
static _getTranslation($a_role_title)
const MODE_PROTECTED_KEEP_LOCAL_POLICIES
static isAutoGenerated($a_role_id)
toggleAssignUsersStatus($a_assign_users)
getPresentationTitle()
For autogenerated roles this returns 'Translated Title (untranslated title)'.
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Class ilObjectGUI Basic methods of all Output classes.
__showButton($a_cmd, $a_text, $a_target='')
prepareOutput($a_show_subobjects=true)
prepare output
Table for object role permissions.
Table for object role permissions.
static _lookupObjId($a_id)
setTitle($a_title)
set object title
setDescription($a_desc)
set object description
getDescription()
get object description
getId()
get object id @access public
static _lookupType($a_id, $a_reference=false)
lookup object type
static _getIdsForTitle($title, $type='', $partialmatch=false)
This class represents an option in a radio group.
static diffTemplate(array $a_old, array $a_new)
static add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id=false)
static gatherTemplate($a_role_ref_id, $a_role_id)
Recommended content configuration for roles.
static fillAutoCompleteToolbar($parent_object, ilToolbarGUI $toolbar=null, $a_options=array(), $a_sticky=false)
fill toolbar with
Copyright (c) 1998-2015 ILIAS open source, Extended GPL, see docs/LICENSE Date: 07....
static _getInstance()
Get instance of ilSecuritySettings.
This class represents a text area property in a property form.
This class represents a text property in a property form.
static getInstance($a_usr_id)
Get singelton instance.
static formCheckbox($checked, $varname, $value, $disabled=false)
??? @access public
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,...
static sendQuestion($a_info="", $a_keep=false)
Send Question to Screen.
static tf2yn($a_tf)
convert true/false to "y"/"n"
static redirect($a_script)
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
static infoPanel($a_keep=true)
const SYSTEM_USER_ID
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Interface GlobalHttpState.
__construct(Container $dic, ilPlugin $plugin)
@inheritDoc
redirection script todo: (a better solution should control the processing via a xml file)