ILIAS  release_7 Revision v7.30-3-g800a261c036
class.ilObjRoleGUI.php
Go to the documentation of this file.
1<?php
2
21
32{
37
43 public $type;
44
45
46 protected $obj_ref_id = 0;
47 protected $obj_obj_id = 0;
48 protected $obj_obj_type = '';
49 protected $container_type = '';
50
51
52 public $ctrl;
53
58 public function __construct($a_data, $a_id, $a_call_by_reference = false, $a_prepare_output = true)
59 {
60 global $DIC;
61
62 $tree = $DIC['tree'];
63 $lng = $DIC['lng'];
64
65 $lng->loadLanguageModule('rbac');
66
67 //TODO: move this to class.ilias.php
68 define("USER_FOLDER_ID", 7);
69
70 // Add ref_id of object that contains this role folder
71
72 $this->obj_ref_id = (int) $_REQUEST['rolf_ref_id']
73 ? (int) $_REQUEST['rolf_ref_id']
74 : (int) $_REQUEST['ref_id'];
75
76 $this->obj_obj_id = ilObject::_lookupObjId($this->getParentRefId());
77 $this->obj_obj_type = ilObject::_lookupType($this->getParentObjId());
78
79 $this->container_type = ilObject::_lookupType(ilObject::_lookupObjId($this->obj_ref_id));
80
81 $this->type = "role";
82 parent::__construct($a_data, $a_id, $a_call_by_reference, false);
83 $this->ctrl->saveParameter($this, ['obj_id', 'rolf_ref_id']);
84 }
85
86
87 public function executeCommand()
88 {
89 global $DIC;
90
91 $rbacsystem = $DIC['rbacsystem'];
92
93 $this->prepareOutput();
94
95 $next_class = $this->ctrl->getNextClass($this);
96 $cmd = $this->ctrl->getCmd();
97
99
100 switch ($next_class) {
101 case 'ilrepositorysearchgui':
102
103 if (!$GLOBALS['DIC']['ilAccess']->checkAccess('edit_permission', '', $this->obj_ref_id)) {
104 $GLOBALS['DIC']['ilErr']->raiseError($GLOBALS['DIC']['lng']->txt('permission_denied'), $GLOBALS['DIC']['ilErr']->WARNING);
105 }
106 include_once('./Services/Search/classes/class.ilRepositorySearchGUI.php');
107 $rep_search = new ilRepositorySearchGUI();
108 $rep_search->setTitle($this->lng->txt('role_add_user'));
109 $rep_search->setCallback($this, 'addUserObject');
110
111 // Set tabs
112 $this->tabs_gui->setTabActive('user_assignment');
113 $this->ctrl->setReturn($this, 'userassignment');
114 $ret = &$this->ctrl->forwardCommand($rep_search);
115 break;
116
117 case 'ilexportgui':
118
119 $this->tabs_gui->setTabActive('export');
120
121 include_once './Services/Export/classes/class.ilExportOptions.php';
123 $eo->addOption(ilExportOptions::KEY_ROOT, 0, $this->object->getId(), $this->obj_ref_id);
124
125 include_once './Services/Export/classes/class.ilExportGUI.php';
126 $exp = new ilExportGUI($this, new ilObjRole($this->object->getId()));
127 $exp->addFormat('xml');
128 $this->ctrl->forwardCommand($exp);
129 break;
130
131 case 'ilrecommendedcontentroleconfiggui':
132 $this->tabs_gui->setTabActive('rep_recommended_content');
133 $ui = new ilRecommendedContentRoleConfigGUI($this->object->getId(), $this->obj_ref_id);
134 $this->ctrl->forwardCommand($ui);
135 break;
136
137 default:
138 if (!$cmd) {
139 if ($this->showDefaultPermissionSettings()) {
140 $cmd = "perm";
141 } else {
142 $cmd = 'userassignment';
143 }
144 }
145 $cmd .= "Object";
146 $this->$cmd();
147
148 break;
149 }
150
151 return true;
152 }
153
158 public function getParentRefId()
159 {
160 return $this->obj_ref_id;
161 }
162
167 public function getParentObjId()
168 {
169 return $this->obj_obj_id;
170 }
171
176 public function getParentType()
177 {
178 return $this->obj_obj_type;
179 }
180
184 public function setBackTarget($a_text, $a_link)
185 {
186 $this->back_target = array("text" => $a_text,
187 "link" => $a_link);
188 }
189
190 public function getBackTarget()
191 {
192 return $this->back_target ? $this->back_target : array();
193 }
194
198 public function getAdminTabs()
199 {
200 $this->getTabs();
201 }
202
207 protected function getContainerType()
208 {
210 }
211
216 protected function showDefaultPermissionSettings()
217 {
218 global $DIC;
219
220 $objDefinition = $DIC['objDefinition'];
221
222 return $objDefinition->isContainer($this->getContainerType())
223 || $objDefinition->isAdministrationObject($this->getContainerType());
224 }
225
226
227
233 protected function initFormRoleProperties($a_mode)
234 {
235 include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
236 $this->form = new ilPropertyFormGUI();
237
238 if ($this->creation_mode) {
239 $this->ctrl->setParameter($this, "new_type", 'role');
240 }
241 $this->form->setFormAction($this->ctrl->getFormAction($this));
242
243 switch ($a_mode) {
245 $this->form->setTitle($this->lng->txt('role_new'));
246 $this->form->addCommandButton('save', $this->lng->txt('role_new'));
247 break;
248
250 $this->form->setTitle($this->lng->txt('role_edit'));
251 $this->form->addCommandButton('update', $this->lng->txt('save'));
252 break;
253
256 }
257 // Fix cancel
258 $this->form->addCommandButton('cancel', $this->lng->txt('cancel'));
259
260 $title = new ilTextInputGUI($this->lng->txt('title'), 'title');
261 if (ilObjRole::isAutoGenerated($this->object->getId())) {
262 $title->setDisabled(true);
263 } else {
264 //#17111 No validation for disabled fields
265 $title->setValidationRegexp('/^(?!il_).*$/');
266 $title->setValidationFailureMessage($this->lng->txt('msg_role_reserved_prefix'));
267 }
268
269 $title->setSize(40);
270 $title->setMaxLength(70);
271 $title->setRequired(true);
272 $this->form->addItem($title);
273
274 $desc = new ilTextAreaInputGUI($this->lng->txt('description'), 'desc');
275 if (ilObjRole::isAutoGenerated($this->object->getId())) {
276 $desc->setDisabled(true);
277 }
278 $desc->setCols(40);
279 $desc->setRows(3);
280 $this->form->addItem($desc);
281
282 if ($a_mode != self::MODE_LOCAL_CREATE && $a_mode != self::MODE_GLOBAL_CREATE) {
283 $ilias_id = new ilNonEditableValueGUI($this->lng->txt("ilias_id"), "ilias_id");
284 $this->form->addItem($ilias_id);
285 }
286
287 if ($this->obj_ref_id == ROLE_FOLDER_ID) {
288 $reg = new ilCheckboxInputGUI($this->lng->txt('allow_register'), 'reg');
289 $reg->setValue(1);
290 #$reg->setInfo($this->lng->txt('rbac_new_acc_reg_info'));
291 $this->form->addItem($reg);
292
293 $la = new ilCheckboxInputGUI($this->lng->txt('allow_assign_users'), 'la');
294 $la->setValue(1);
295 #$la->setInfo($this->lng->txt('rbac_local_admin_info'));
296 $this->form->addItem($la);
297 }
298
299 $pro = new ilCheckboxInputGUI($this->lng->txt('role_protect_permissions'), 'pro');
300 $pro->setValue(1);
301 #$pro->setInfo($this->lng->txt('role_protext_permission_info'));
302 $this->form->addItem($pro);
303
304 return true;
305 }
306
312 protected function loadRoleProperties(ilObjRole $role)
313 {
314 //Don't set if fields are disabled to prevent html manipulation.
315 if (!$this->form->getItemByPostVar('title')->getDisabled()) {
316 $role->setTitle($this->form->getInput('title'));
317 }
318 if (!$this->form->getItemByPostVar('desc')->getDisabled()) {
319 $role->setDescription($this->form->getInput('desc'));
320 }
321 $role->setAllowRegister($this->form->getInput('reg'));
322 $role->toggleAssignUsersStatus($this->form->getInput('la'));
323 return true;
324 }
325
331 protected function readRoleProperties(ilObjRole $role)
332 {
333 global $DIC;
334
335 $rbacreview = $DIC['rbacreview'];
336
337 $data['title'] = $role->getPresentationTitle();
338 $data['desc'] = $role->getDescription();
339 $data['ilias_id'] = 'il_' . IL_INST_ID . '_' . ilObject::_lookupType($role->getId()) . '_' . $role->getId();
340 $data['reg'] = $role->getAllowRegister();
341 $data['la'] = $role->getAssignUsersStatus();
342 $data['pro'] = $rbacreview->isProtected($this->obj_ref_id, $role->getId());
343
344 $this->form->setValuesByArray($data);
345 }
346
347
348
349
355 public function createObject()
356 {
357 global $DIC;
358
359 $rbacsystem = $DIC['rbacsystem'];
360
361 if (!$rbacsystem->checkAccess('create_role', $this->obj_ref_id)) {
362 $this->tpl->setOnScreenMessage('failure', $this->lng->txt('permission_denied'), true);
363 $this->ctrl->redirectByClass(ilRepositoryGUI::class);
364 }
365
366 $this->initFormRoleProperties(self::MODE_GLOBAL_CREATE);
367 $this->tpl->setContent($this->form->getHTML());
368 }
369
374 public function editObject()
375 {
376 global $DIC;
377
378 $rbacreview = $DIC['rbacreview'];
379 $ilToolbar = $DIC['ilToolbar'];
380
381 if (!$this->checkAccess('write', 'edit_permission')) {
382 $this->tpl->setOnScreenMessage('msg_no_perm_write', $this->lng->txt('permission_denied'), true);
383 $this->ctrl->redirectByClass(ilRepositoryGUI::class);
384 }
385
386 $this->tabs_gui->activateTab('edit_properties');
387
388 // Show copy role button
389 if ($this->object->getId() != SYSTEM_ROLE_ID) {
390 $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
391 if ($rbacreview->isDeleteable($this->object->getId(), $this->obj_ref_id)) {
392 $ilToolbar->addButton(
393 $this->lng->txt('rbac_delete_role'),
394 $this->ctrl->getLinkTarget($this, 'confirmDeleteRole')
395 );
396 }
397 }
398
399 $this->initFormRoleProperties(self::MODE_GLOBAL_UPDATE);
400 $this->readRoleProperties($this->object);
401 $this->tpl->setContent($this->form->getHTML());
402 }
403
404
409 public function saveObject()
410 {
411 global $DIC;
412
413 $rbacadmin = $DIC['rbacadmin'];
414 $rbacreview = $DIC['rbacreview'];
415
416 $this->initFormRoleProperties(self::MODE_GLOBAL_CREATE);
417 if ($this->form->checkInput() and !$this->checkDuplicate()) {
418 include_once './Services/AccessControl/classes/class.ilObjRole.php';
419 $this->loadRoleProperties($this->role = new ilObjRole());
420 $this->role->create();
421 $rbacadmin->assignRoleToFolder($this->role->getId(), $this->obj_ref_id, 'y');
422 $rbacadmin->setProtected(
423 $this->obj_ref_id,
424 $this->role->getId(),
425 $this->form->getInput('pro') ? 'y' : 'n'
426 );
427 ilUtil::sendSuccess($this->lng->txt("role_added"), true);
428 $this->ctrl->setParameter($this, 'obj_id', $this->role->getId());
429 $this->ctrl->redirect($this, 'perm');
430 }
431
432 ilUtil::sendFailure($this->lng->txt('err_check_input'));
433 $this->form->setValuesByPost();
434 $this->tpl->setContent($this->form->getHTML());
435 return false;
436 }
437
442 protected function checkDuplicate($a_role_id = 0)
443 {
444 // disabled due to mantis #0013742: Renaming global roles: ILIAS denies if title fits other role title partially
445 return false;
446 }
447
452 public function updateObject()
453 {
454 global $DIC;
455
456 $rbacadmin = $DIC['rbacadmin'];
457
458 $this->initFormRoleProperties(self::MODE_GLOBAL_UPDATE);
459 if ($this->form->checkInput() and !$this->checkDuplicate($this->object->getId())) {
460 include_once './Services/AccessControl/classes/class.ilObjRole.php';
461 $this->loadRoleProperties($this->object);
462 $this->object->update();
463 $rbacadmin->setProtected(
464 $this->obj_ref_id,
465 $this->object->getId(),
466 $this->form->getInput('pro') ? 'y' : 'n'
467 );
468 ilUtil::sendSuccess($this->lng->txt("saved_successfully"), true);
469 $this->ctrl->redirect($this, 'edit');
470 }
471
472 ilUtil::sendFailure($this->lng->txt('err_check_input'));
473 $this->form->setValuesByPost();
474 $this->tpl->setContent($this->form->getHTML());
475 return false;
476 }
477
482 protected function permObject($a_show_admin_permissions = false)
483 {
484 global $DIC;
485
486 $ilTabs = $DIC['ilTabs'];
487 $ilErr = $DIC['ilErr'];
488 $ilToolbar = $DIC['ilToolbar'];
489 $objDefinition = $DIC['objDefinition'];
490 $rbacreview = $DIC['rbacreview'];
491
492 $ilTabs->setTabActive('default_perm_settings');
493
494 $this->setSubTabs('default_perm_settings');
495
496 if ($a_show_admin_permissions) {
497 $ilTabs->setSubTabActive('rbac_admin_permissions');
498 } else {
499 $ilTabs->setSubTabActive('rbac_repository_permissions');
500 }
501
502 if (!$this->checkAccess('write', 'edit_permission')) {
503 $this->tpl->setOnScreenMessage('msg_no_perm_write', $this->lng->txt('permission_denied'), true);
504 $this->ctrl->redirectByClass(ilRepositoryGUI::class);
505 }
506
507 // Show copy role button
508 if ($this->object->getId() != SYSTEM_ROLE_ID) {
509 $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
510 $ilToolbar->addButton(
511 $this->lng->txt("adopt_perm_from_template"),
512 $this->ctrl->getLinkTarget($this, 'adoptPerm')
513 );
514 if ($rbacreview->isDeleteable($this->object->getId(), $this->obj_ref_id)) {
515 $ilToolbar->addButton(
516 $this->lng->txt('rbac_delete_role'),
517 $this->ctrl->getLinkTarget($this, 'confirmDeleteRole')
518 );
519 }
520 }
521
522 $this->tpl->addBlockFile(
523 'ADM_CONTENT',
524 'adm_content',
525 'tpl.rbac_template_permissions.html',
526 'Services/AccessControl'
527 );
528
529 $this->tpl->setVariable('PERM_ACTION', $this->ctrl->getFormAction($this));
530
531 include_once './Services/Accordion/classes/class.ilAccordionGUI.php';
532 $acc = new ilAccordionGUI();
533 $acc->setBehaviour(ilAccordionGUI::FORCE_ALL_OPEN);
534 $acc->setId('template_perm_' . $this->getParentRefId());
535
536 if ($this->obj_ref_id == ROLE_FOLDER_ID) {
537 if ($a_show_admin_permissions) {
538 $subs = ilObjRole::getSubObjects('adm', true);
539 } else {
540 $subs = ilObjRole::getSubObjects('root', false);
541 }
542 } else {
543 $subs = ilObjRole::getSubObjects($this->getParentType(), $a_show_admin_permissions);
544 }
545
546 foreach ($subs as $subtype => $def) {
547 include_once 'Services/AccessControl/classes/class.ilObjectRoleTemplatePermissionTableGUI.php';
549 $this,
550 'perm',
551 $this->getParentRefId(),
552 $this->object->getId(),
553 $subtype,
554 $a_show_admin_permissions
555 );
556 $tbl->parse();
557
558 $acc->addItem($def['translation'], $tbl->getHTML());
559 }
560
561 $this->tpl->setVariable('ACCORDION', $acc->getHTML());
562
563 // Add options table
564 include_once './Services/AccessControl/classes/class.ilObjectRoleTemplateOptionsTableGUI.php';
566 $this,
567 'perm',
568 $this->obj_ref_id,
569 $this->object->getId(),
570 $a_show_admin_permissions
571 );
572 if ($this->object->getId() != SYSTEM_ROLE_ID) {
573 $options->addMultiCommand(
574 $a_show_admin_permissions ? 'adminPermSave' : 'permSave',
575 $this->lng->txt('save')
576 );
577 }
578
579 $options->parse();
580 $this->tpl->setVariable('OPTIONS_TABLE', $options->getHTML());
581 }
582
587 protected function adminPermObject()
588 {
589 return $this->permObject(true);
590 }
591
596 protected function adminPermSaveObject()
597 {
598 return $this->permSaveObject(true);
599 }
600
601 protected function adoptPermObject()
602 {
603 global $DIC;
604
605 $rbacreview = $DIC['rbacreview'];
606 $output = [];
607
608 $this->tabs_gui->clearTargets();
609
610 $parent_role_ids = $rbacreview->getParentRoleIds($this->obj_ref_id, true);
611 $ids = [];
612 foreach ($parent_role_ids as $id => $tmp) {
613 $ids[] = $id;
614 }
615 // Sort ids
616 $sorted_ids = ilUtil::_sortIds($ids, 'object_data', 'type,title', 'obj_id');
617 $key = 0;
618 foreach ($sorted_ids as $id) {
619 $par = $parent_role_ids[$id];
620 if ($par["obj_id"] != SYSTEM_ROLE_ID && $this->object->getId() != $par["obj_id"]) {
621 $output[$key]["role_id"] = $par["obj_id"];
622 $output[$key]["type"] = ($par["type"] == 'role' ? $this->lng->txt('obj_role') : $this->lng->txt('obj_rolt'));
623 $output[$key]["role_name"] = ilObjRole::_getTranslation($par["title"]);
624 $output[$key]["role_desc"] = $par["desc"];
625 $key++;
626 }
627 }
628
629
630 include_once('./Services/AccessControl/classes/class.ilRoleAdoptPermissionTableGUI.php');
631
632 $tbl = new ilRoleAdoptPermissionTableGUI($this, "adoptPerm");
633 $tbl->setTitle($this->lng->txt("adopt_perm_from_template"));
634 $tbl->setData($output);
635
636 $this->tpl->setContent($tbl->getHTML());
637 }
638
643 protected function confirmDeleteRoleObject()
644 {
645 global $DIC;
646
647 $rbacreview = $DIC['rbacreview'];
648 $ilUser = $DIC['ilUser'];
649
650 $this->tabs_gui->clearTargets();
651
652 if (!$this->checkAccess('visible,write', 'edit_permission')) {
653 $this->tpl->setOnScreenMessage('msg_no_perm_perm', $this->lng->txt('permission_denied'), true);
654 $this->ctrl->redirectByClass(ilRepositoryGUI::class);
655 }
656
657 $question = $this->lng->txt('rbac_role_delete_qst');
658 if ($rbacreview->isAssigned($ilUser->getId(), $this->object->getId())) {
659 $question .= ('<br />' . $this->lng->txt('rbac_role_delete_self'));
660 }
661 ilUtil::sendQuestion($question);
662
663 include_once './Services/Utilities/classes/class.ilConfirmationGUI.php';
664
665 $confirm = new ilConfirmationGUI();
666 $confirm->setFormAction($this->ctrl->getFormAction($this));
667 $confirm->setHeaderText($question);
668 $confirm->setCancel($this->lng->txt('cancel'), 'perm');
669 $confirm->setConfirm($this->lng->txt('rbac_delete_role'), 'performDeleteRole');
670
671 $confirm->addItem(
672 'role',
673 $this->object->getId(),
674 ilObjRole::_getTranslation($this->object->getTitle()),
675 ilUtil::getImagePath('icon_role.svg')
676 );
677
678 $this->tpl->setContent($confirm->getHTML());
679 return true;
680 }
681
682
687 protected function performDeleteRoleObject()
688 {
689 $access = $this->checkAccess('visible,write', 'edit_permission');
690 if (!$access) {
691 $this->tpl->setOnScreenMessage('msg_no_perm_perm', $this->lng->txt('permission_denied'), true);
692 $this->ctrl->redirectByClass(ilRepositoryGUI::class);
693 }
694
695 $this->object->setParent((int) $this->obj_ref_id);
696 $this->object->delete();
697 ilUtil::sendSuccess($this->lng->txt('msg_deleted_role'), true);
698
699 $this->ctrl->returnToParent($this);
700 }
701
707 public function permSaveObject($a_show_admin_permissions = false)
708 {
709 global $DIC;
710
711 $rbacsystem = $DIC['rbacsystem'];
712 $rbacadmin = $DIC['rbacadmin'];
713 $rbacreview = $DIC['rbacreview'];
714 $objDefinition = $DIC['objDefinition'];
715 $tree = $DIC['tree'];
716
717 if (!$this->checkAccess('visible,write', 'edit_permission')) {
718 $this->tpl->setOnScreenMessage('msg_no_perm_perm', $this->lng->txt('permission_denied'), true);
719 $this->ctrl->redirectByClass(ilRepositoryGUI::class);
720 }
721
722 // rbac log
723 include_once "Services/AccessControl/classes/class.ilRbacLog.php";
724 $rbac_log_active = ilRbacLog::isActive();
725 if ($rbac_log_active) {
726 $rbac_log_old = ilRbacLog::gatherTemplate($this->obj_ref_id, $this->object->getId());
727 }
728
729 // delete all template entries of enabled types
730 if ($this->obj_ref_id == ROLE_FOLDER_ID) {
731 if ($a_show_admin_permissions) {
732 $subs = ilObjRole::getSubObjects('adm', true);
733 } else {
734 $subs = ilObjRole::getSubObjects('root', false);
735 }
736 } else {
737 $subs = ilObjRole::getSubObjects($this->getParentType(), $a_show_admin_permissions);
738 }
739
740 foreach ($subs as $subtype => $def) {
741 // Delete per object type
742 $rbacadmin->deleteRolePermission($this->object->getId(), $this->obj_ref_id, $subtype);
743 }
744
745 if (empty($_POST["template_perm"])) {
746 $_POST["template_perm"] = array();
747 }
748
749 foreach ($_POST["template_perm"] as $key => $ops_array) {
750 // sets new template permissions
751 $rbacadmin->setRolePermission($this->object->getId(), $key, $ops_array, $this->obj_ref_id);
752 }
753
754 if ($rbac_log_active) {
755 $rbac_log_new = ilRbacLog::gatherTemplate($this->obj_ref_id, $this->object->getId());
756 $rbac_log_diff = ilRbacLog::diffTemplate($rbac_log_old, $rbac_log_new);
757 ilRbacLog::add(ilRbacLog::EDIT_TEMPLATE, $this->obj_ref_id, $rbac_log_diff);
758 }
759
760 // update object data entry (to update last modification date)
761 $this->object->update();
762
763 // set protected flag
764 if ($this->obj_ref_id == ROLE_FOLDER_ID or $rbacreview->isAssignable($this->object->getId(), $this->obj_ref_id)) {
765 $rbacadmin->setProtected($this->obj_ref_id, $this->object->getId(), ilUtil::tf2yn($_POST['protected']));
766 }
767
768 if ($a_show_admin_permissions) {
769 $_POST['recursive'] = true;
770 }
771
772 // Redirect if Change existing objects is not chosen
773 if (!$_POST['recursive'] and !is_array($_POST['recursive_list'])) {
774 ilUtil::sendSuccess($this->lng->txt("saved_successfully"), true);
775 if ($a_show_admin_permissions) {
776 $this->ctrl->redirect($this, 'adminPerm');
777 } else {
778 $this->ctrl->redirect($this, 'perm');
779 }
780 }
781 // New implementation
782 if ($this->isChangeExistingObjectsConfirmationRequired() and !$a_show_admin_permissions) {
784 return true;
785 }
786
787 $start = ($this->obj_ref_id == ROLE_FOLDER_ID ? ROOT_FOLDER_ID : $this->obj_ref_id);
788 if ($a_show_admin_permissions) {
789 $start = $tree->getParentId($this->obj_ref_id);
790 }
791
792 if ($_POST['protected']) {
793 $this->object->changeExistingObjects(
794 $start,
796 ['all'],
797 []
798 );
799 } else {
800 $this->object->changeExistingObjects(
801 $start,
803 ['all'],
804 []
805 );
806 }
807 ilUtil::sendSuccess($this->lng->txt("saved_successfully"), true);
808
809 if ($a_show_admin_permissions) {
810 $this->ctrl->redirect($this, 'adminPerm');
811 } else {
812 $this->ctrl->redirect($this, 'perm');
813 }
814 return true;
815 }
816
817
823 public function adoptPermSaveObject()
824 {
825 global $DIC;
826
827 $rbacadmin = $DIC['rbacadmin'];
828 $rbacsystem = $DIC['rbacsystem'];
829 $rbacreview = $DIC['rbacreview'];
830 $tree = $DIC['tree'];
831
832 if (!$_POST['adopt']) {
833 ilUtil::sendFailure($this->lng->txt('select_one'));
834 $this->adoptPermObject();
835 return false;
836 }
837
838 $access = $this->checkAccess('visible,write', 'edit_permission');
839 if (!$access) {
840 $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"), $this->ilias->error_obj->MESSAGE);
841 }
842
843 if ($this->object->getId() == $_POST["adopt"]) {
844 ilUtil::sendFailure($this->lng->txt("msg_perm_adopted_from_itself"), true);
845 } else {
846 $rbacadmin->deleteRolePermission($this->object->getId(), $this->obj_ref_id);
847 $parentRoles = $rbacreview->getParentRoleIds($this->obj_ref_id, true);
848 $rbacadmin->copyRoleTemplatePermissions(
849 $_POST["adopt"],
850 $parentRoles[$_POST["adopt"]]["parent"],
851 $this->obj_ref_id,
852 $this->object->getId(),
853 false
854 );
855
856 // update object data entry (to update last modification date)
857 $this->object->update();
858
859 // send info
860 $obj_data = &$this->ilias->obj_factory->getInstanceByObjId($_POST["adopt"]);
861 ilUtil::sendSuccess($this->lng->txt("msg_perm_adopted_from1") . " '" .
862 ilObjRole::_getTranslation($obj_data->getTitle()) . "'.<br/>" .
863 $this->lng->txt("msg_perm_adopted_from2"), true);
864 }
865
866 $this->ctrl->redirect($this, "perm");
867 }
868
874 public function assignSaveObject()
875 {
876 $this->assignUserObject();
877 }
878
879
880
886 public function addUserObject($a_user_ids)
887 {
888 global $DIC;
889
890 $rbacreview = $DIC['rbacreview'];
891 $rbacadmin = $DIC['rbacadmin'];
892
893 if (!$this->checkAccess('edit_userassignment', 'edit_permission')) {
894 ilUtil::sendFailure($this->lng->txt('msg_no_perm_assign_user_to_role'), true);
895 return false;
896 }
897 if (!$rbacreview->isAssignable($this->object->getId(), $this->obj_ref_id) &&
898 $this->obj_ref_id != ROLE_FOLDER_ID) {
899 ilUtil::sendFailure($this->lng->txt('err_role_not_assignable'), true);
900 return false;
901 }
902 if (!$a_user_ids) {
903 $GLOBALS['DIC']['lng']->loadLanguageModule('search');
904 ilUtil::sendFailure($this->lng->txt('search_err_user_not_exist'), true);
905 return false;
906 }
907
908 $assigned_users_all = $rbacreview->assignedUsers($this->object->getId());
909
910 // users to assign
911 $assigned_users_new = array_diff($a_user_ids, array_intersect($a_user_ids, $assigned_users_all));
912
913 // selected users all already assigned. stop
914 if (count($assigned_users_new) == 0) {
915 ilUtil::sendInfo($this->lng->txt("rbac_msg_user_already_assigned"), true);
916 $this->ctrl->redirect($this, 'userassignment');
917 }
918
919 // assign new users
920 foreach ($assigned_users_new as $user_id) {
921 if ($user_id === ANONYMOUS_USER_ID) {
922 $this->tpl->setOnScreenMessage('failure', $this->lng->txt('msg_anonymous_cannot_be_assigned'), true);
923 return;
924 }
925 $rbacadmin->assignUser($this->object->getId(), $user_id, false);
926 }
927
928 // update object data entry (to update last modification date)
929 $this->object->update();
930
931 ilUtil::sendSuccess($this->lng->txt("msg_userassignment_changed"), true);
932 $this->ctrl->redirect($this, 'userassignment');
933 }
934
940 public function deassignUserObject()
941 {
942 global $DIC;
943
944 $rbacsystem = $DIC['rbacsystem'];
945 $rbacadmin = $DIC['rbacadmin'];
946 $rbacreview = $DIC['rbacreview'];
947
948 if (!$this->checkAccess('edit_userassignment', 'edit_permission')) {
949 $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"), $this->ilias->error_obj->MESSAGE);
950 }
951
952 $selected_users = ($_POST["user_id"]) ? $_POST["user_id"] : array($_GET["user_id"]);
953
954 if ($selected_users[0] === null) {
955 $this->ilias->raiseError($this->lng->txt("no_checkbox"), $this->ilias->error_obj->MESSAGE);
956 }
957
958 // prevent unassignment of system user from system role
959 if ($this->object->getId() == SYSTEM_ROLE_ID) {
960 if ($admin = array_search(SYSTEM_USER_ID, $selected_users) !== false) {
961 unset($selected_users[$admin]);
962 }
963 }
964
965 // check for each user if the current role is his last global role before deassigning him
966 $last_role = [];
967 $global_roles = $rbacreview->getGlobalRoles();
968
969 foreach ($selected_users as $user) {
970 $assigned_roles = $rbacreview->assignedRoles($user);
971 $assigned_global_roles = array_intersect($assigned_roles, $global_roles);
972
973 if (count($assigned_roles) == 1 or (count($assigned_global_roles) == 1 and in_array($this->object->getId(), $assigned_global_roles))) {
974 $userObj = $this->ilias->obj_factory->getInstanceByObjId($user);
975 $last_role[$user] = $userObj->getFullName();
976 unset($userObj);
977 }
978 }
979
980
981 // ... else perform deassignment
982 foreach ($selected_users as $user) {
983 if (!isset($last_role[$user])) {
984 $rbacadmin->deassignUser($this->object->getId(), $user);
985 }
986 }
987
988 // update object data entry (to update last modification date)
989 $this->object->update();
990
991 // raise error if last role was taken from a user...
992 if (count($last_role)) {
993 $user_list = implode(", ", $last_role);
994 ilUtil::sendFailure($this->lng->txt('msg_is_last_role') . ': ' . $user_list . '<br />' . $this->lng->txt('msg_min_one_role'), true);
995 } else {
996 ilUtil::sendSuccess($this->lng->txt("msg_userassignment_changed"), true);
997 }
998 $this->ctrl->redirect($this, 'userassignment');
999 }
1000
1001
1005 public function userassignmentObject()
1006 {
1007 global $DIC;
1008
1009 $rbacreview = $DIC['rbacreview'];
1010 $rbacsystem = $DIC['rbacsystem'];
1011 $lng = $DIC['lng'];
1012 $ilUser = $DIC['ilUser'];
1013
1014 if (!$this->checkAccess('edit_userassignment', 'edit_permission')) {
1015 $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"), $this->ilias->error_obj->MESSAGE);
1016 }
1017
1018 $this->tabs_gui->setTabActive('user_assignment');
1019
1020 $this->tpl->addBlockFile('ADM_CONTENT', 'adm_content', 'tpl.rbac_ua.html', 'Services/AccessControl');
1021
1022 include_once './Services/UIComponent/Toolbar/classes/class.ilToolbarGUI.php';
1023 $tb = new ilToolbarGUI();
1024
1025 // protected admin role
1026 include_once './Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
1027 if (
1028 $this->object->getId() != SYSTEM_ROLE_ID ||
1029 (
1030 $rbacreview->isAssigned($ilUser->getId(), SYSTEM_ROLE_ID) ||
1031 !ilSecuritySettings::_getInstance()->isAdminRoleProtected()
1032 )
1033 ) {
1034
1035
1036 // add member
1037 include_once './Services/Search/classes/class.ilRepositorySearchGUI.php';
1039 $this,
1040 $tb,
1041 [
1042 'auto_complete_name' => $lng->txt('user'),
1043 'submit_name' => $lng->txt('add')
1044 ]
1045 );
1046
1047 $tb->addSpacer();
1048
1049 $tb->addButton(
1050 $this->lng->txt('search_user'),
1051 $this->ctrl->getLinkTargetByClass('ilRepositorySearchGUI', 'start')
1052 );
1053 $tb->addSpacer();
1054 }
1055
1056 $tb->addButton(
1057 $this->lng->txt('role_mailto'),
1058 $this->ctrl->getLinkTarget($this, 'mailToRole')
1059 );
1060 $this->tpl->setVariable('BUTTONS_UA', $tb->getHTML());
1061
1062
1063 include_once './Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
1064 $role_assignment_editable = true;
1065 if (
1066 $this->object->getId() == SYSTEM_ROLE_ID &&
1067 !ilSecuritySettings::_getInstance()->checkAdminRoleAccessible($ilUser->getId())) {
1068 $role_assignment_editable = false;
1069 }
1070
1071 include_once './Services/AccessControl/classes/class.ilAssignedUsersTableGUI.php';
1072 $ut = new ilAssignedUsersTableGUI($this, 'userassignment', $this->object->getId(), $role_assignment_editable);
1073
1074 $this->tpl->setVariable('TABLE_UA', $ut->getHTML());
1075
1076 return true;
1077 }
1078
1079
1084 public function cancelObject()
1085 {
1086 if ($_GET["new_type"] != "role") {
1087 $this->ctrl->redirect($this, "userassignment");
1088 } else {
1089 $this->ctrl->redirectByClass("ilobjrolefoldergui", "view");
1090 }
1091 }
1092
1093
1094 public function listUsersRoleObject()
1095 {
1096 global $DIC;
1097
1098 $rbacsystem = $DIC['rbacsystem'];
1099 $rbacreview = $DIC['rbacreview'];
1100
1101 $_SESSION["role_role"] = $_POST["role"] = $_POST["role"] ? $_POST["role"] : $_SESSION["role_role"];
1102
1103 if (!is_array($_POST["role"])) {
1104 ilUtil::sendFailure($this->lng->txt("role_no_roles_selected"));
1105 $this->searchObject();
1106
1107 return false;
1108 }
1109
1110 $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_usr_selection.html", "Services/AccessControl");
1111 $this->__showButton("searchUserForm", $this->lng->txt("role_new_search"));
1112
1113 // GET ALL MEMBERS
1114 $members = array();
1115
1116 foreach ($_POST["role"] as $role_id) {
1117 $members = array_merge($rbacreview->assignedUsers($role_id), $members);
1118 }
1119
1120 $members = array_unique($members);
1121
1122 // FORMAT USER DATA
1123 $counter = 0;
1124 $f_result = array();
1125
1126 foreach ($members as $user) {
1127 if (!$tmp_obj = ilObjectFactory::getInstanceByObjId($user, false)) {
1128 continue;
1129 }
1130
1131 $user_ids[$counter] = $user;
1132
1133 // TODO: exclude anonymous user
1134 $f_result[$counter][] = ilUtil::formCheckbox(0, "user[]", $user);
1135 $f_result[$counter][] = $tmp_obj->getLogin();
1136 $f_result[$counter][] = $tmp_obj->getFirstname();
1137 $f_result[$counter][] = $tmp_obj->getLastname();
1138
1139 unset($tmp_obj);
1140 ++$counter;
1141 }
1142
1143 $this->__showSearchUserTable($f_result, $user_ids, "listUsersRole");
1144
1145 return true;
1146 }
1147
1148 public function __prepareOutput()
1149 {
1150 // output objects
1151 $this->tpl->addBlockFile("CONTENT", "content", "tpl.adm_content.html");
1152 $this->tpl->addBlockFile("STATUSLINE", "statusline", "tpl.statusline.html");
1153
1154 // output message
1155 if ($this->message) {
1156 ilUtil::sendInfo($this->message);
1157 }
1158
1159 // display infopanel if something happened
1161
1162 // set header
1163 $this->__setHeader();
1164 }
1165
1166 public function __setHeader()
1167 {
1168 $this->tpl->setTitle($this->lng->txt('role'));
1169 $this->tpl->setDescription($this->object->getTitle());
1170 $this->tpl->setTitleIcon(ilUtil::getImagePath("icon_role.svg"));
1171
1172 $this->getTabs($this->tabs_gui);
1173 }
1174
1175
1179 protected function addAdminLocatorItems($a_do_not_add_object = false)
1180 {
1181 global $DIC;
1182
1183 $ilLocator = $DIC['ilLocator'];
1184
1185 if (
1186 $_GET["admin_mode"] == "settings"
1187 && $_GET["ref_id"] == ROLE_FOLDER_ID) { // system settings
1188 parent::addAdminLocatorItems(true);
1189
1190 $ilLocator->addItem(
1191 $this->lng->txt("obj_" . ilObject::_lookupType(ilObject::_lookupObjId($_GET["ref_id"]))),
1192 $this->ctrl->getLinkTargetByClass("ilobjrolefoldergui", 'view')
1193 );
1194
1195 if ($_GET["obj_id"] > 0) {
1196 $ilLocator->addItem(
1197 ilObjRole::_getTranslation($this->object->getTitle()),
1198 $this->ctrl->getLinkTarget($this, 'perm')
1199 );
1200 }
1201 } else {
1202 parent::addAdminLocatorItems($a_do_not_add_object);
1203 }
1204 }
1205
1206
1207
1208
1209 public function getTabs()
1210 {
1211 global $DIC;
1212
1213 $rbacreview = $DIC['rbacreview'];
1214 $ilHelp = $DIC['ilHelp'];
1215
1216 $base_role_container = $rbacreview->getFoldersAssignedToRole($this->object->getId(), true);
1217
1218 $activate_role_edit = false;
1219
1220 // todo: activate the following (allow editing of local roles in
1221 // roles administration)
1222 if (in_array($this->obj_ref_id, $base_role_container) ||
1223 (strtolower($_GET["baseClass"]) == "iladministrationgui" &&
1224 $_GET["admin_mode"] == "settings")) {
1225 $activate_role_edit = true;
1226 }
1227
1228 // not so nice (workaround for using tabs in repository)
1229 $this->tabs_gui->clearTargets();
1230
1231 $ilHelp->setScreenIdComponent("role");
1232
1233 if ($this->back_target != "") {
1234 $this->tabs_gui->setBackTarget(
1235 $this->back_target["text"],
1236 $this->back_target["link"]
1237 );
1238 } else {
1239 $this->tabs_gui->setBackTarget($this->lng->txt('btn_back'), $this->ctrl->getParentReturn($this));
1240 }
1241
1242 if ($this->checkAccess('write', 'edit_permission') && $activate_role_edit) {
1243 $this->tabs_gui->addTarget(
1244 "edit_properties",
1245 $this->ctrl->getLinkTarget($this, "edit"),
1246 ["edit", "update"],
1247 get_class($this)
1248 );
1249 }
1250 if ($this->checkAccess('write', 'edit_permission') && $this->showDefaultPermissionSettings()) {
1251 $this->tabs_gui->addTarget(
1252 "default_perm_settings",
1253 $this->ctrl->getLinkTarget($this, "perm"),
1254 [],
1255 get_class($this)
1256 );
1257 }
1258
1259 if ($this->checkAccess('write', 'edit_permission') && $activate_role_edit && $this->object->getId() != ANONYMOUS_ROLE_ID) {
1260 $this->tabs_gui->addTarget(
1261 "user_assignment",
1262 $this->ctrl->getLinkTarget($this, "userassignment"),
1263 ["deassignUser", "userassignment", "assignUser", "searchUserForm", "search"],
1264 get_class($this)
1265 );
1266 }
1267
1268 if ($this->checkAccess('write', 'edit_permission') && $activate_role_edit && $this->object->getId() != ANONYMOUS_ROLE_ID) {
1269 $this->lng->loadLanguageModule("rep");
1270 $this->tabs_gui->addTarget(
1271 "rep_recommended_content",
1272 $this->ctrl->getLinkTargetByClass("ilrecommendedcontentroleconfiggui", "")
1273 );
1274 }
1275 if ($this->checkAccess('write', 'edit_permission')) {
1276 $this->tabs_gui->addTarget(
1277 'export',
1278 $this->ctrl->getLinkTargetByClass('ilExportGUI'),
1279 []
1280 );
1281 }
1282 }
1283
1284 public function mailToRoleObject()
1285 {
1286 $obj_ids = ilObject::_getIdsForTitle($this->object->getTitle(), $this->object->getType());
1287 if (count($obj_ids) > 1) {
1288 $_SESSION['mail_roles'][] = '#il_role_' . $this->object->getId();
1289 } else {
1290 $_SESSION['mail_roles'][] = (new \ilRoleMailboxAddress($this->object->getId()))->value();
1291 }
1292
1293 require_once 'Services/Mail/classes/class.ilMailFormCall.php';
1294 $script = ilMailFormCall::getRedirectTarget($this, 'userassignment', [], ['type' => 'role']);
1295 ilUtil::redirect($script);
1296 }
1297
1298 public function checkAccess($a_perm_global, $a_perm_obj = '')
1299 {
1300 global $DIC;
1301
1302 $rbacsystem = $DIC['rbacsystem'];
1303 $ilAccess = $DIC['ilAccess'];
1304
1305 $a_perm_obj = $a_perm_obj ? $a_perm_obj : $a_perm_global;
1306
1307 if ($this->obj_ref_id == ROLE_FOLDER_ID) {
1308 return $rbacsystem->checkAccess($a_perm_global, $this->obj_ref_id);
1309 } else {
1310 return $ilAccess->checkAccess($a_perm_obj, '', $this->obj_ref_id);
1311 }
1312 }
1313
1319 {
1320 global $DIC;
1321
1322 $rbacreview = $DIC['rbacreview'];
1323
1324 if (!(int) $_POST['recursive'] and !is_array($_POST['recursive_list'])) {
1325 return false;
1326 }
1327
1328 // Role is protected
1329 if ($rbacreview->isProtected($this->obj_ref_id, $this->object->getId())) {
1330 // TODO: check if recursive_list is enabled
1331 // and if yes: check if inheritance is broken for the relevant object types
1332 return count($rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
1333 } else {
1334 // TODO: check if recursive_list is enabled
1335 // and if yes: check if inheritance is broken for the relevant object types
1336 return count($rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
1337 }
1338 }
1339
1345 {
1346 $protected = $_POST['protected'];
1347
1348 include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
1349 $form = new ilPropertyFormGUI();
1350 $form->setFormAction($this->ctrl->getFormAction($this, 'changeExistingObjects'));
1351 $form->setTitle($this->lng->txt('rbac_change_existing_confirm_tbl'));
1352
1353 $form->addCommandButton('changeExistingObjects', $this->lng->txt('change_existing_objects'));
1354 $form->addCommandButton('perm', $this->lng->txt('cancel'));
1355
1356 $hidden = new ilHiddenInputGUI('type_filter');
1357 $hidden->setValue($_POST['recursive'] ? json_encode(['all']) : json_encode($_POST['recursive_list']));
1358 $form->addItem($hidden);
1359
1360 $rad = new ilRadioGroupInputGUI($this->lng->txt('rbac_local_policies'), 'mode');
1361
1362 if ($protected) {
1364 $keep = new ilRadioOption(
1365 $this->lng->txt('rbac_keep_local_policies'),
1367 $this->lng->txt('rbac_keep_local_policies_info')
1368 );
1369 } else {
1371 $keep = new ilRadioOption(
1372 $this->lng->txt('rbac_keep_local_policies'),
1374 $this->lng->txt('rbac_unprotected_keep_local_policies_info')
1375 );
1376 }
1377 $rad->addOption($keep);
1378
1379 if ($protected) {
1380 $del = new ilRadioOption(
1381 $this->lng->txt('rbac_delete_local_policies'),
1383 $this->lng->txt('rbac_delete_local_policies_info')
1384 );
1385 } else {
1386 $del = new ilRadioOption(
1387 $this->lng->txt('rbac_delete_local_policies'),
1389 $this->lng->txt('rbac_unprotected_delete_local_policies_info')
1390 );
1391 }
1392 $rad->addOption($del);
1393
1394 $form->addItem($rad);
1395 $this->tpl->setContent($form->getHTML());
1396 }
1397
1402 protected function changeExistingObjectsObject()
1403 {
1404 $mode = (int) $_POST['mode'];
1405 $start = ($this->obj_ref_id == ROLE_FOLDER_ID ? ROOT_FOLDER_ID : $this->obj_ref_id);
1406 $this->object->changeExistingObjects(
1407 $start,
1408 $mode,
1409 json_decode(
1410 ilUtil::stripSlashes($_POST['type_filter']),
1411 true
1412 )
1413 );
1414 ilUtil::sendSuccess($this->lng->txt('settings_saved'), true);
1415 $this->ctrl->redirect($this, 'perm');
1416 }
1417
1423 protected function setSubTabs($a_tab)
1424 {
1425 global $DIC;
1426
1427 $ilTabs = $DIC['ilTabs'];
1428
1429 switch ($a_tab) {
1430 case 'default_perm_settings':
1431 if ($this->obj_ref_id != ROLE_FOLDER_ID) {
1432 return true;
1433 }
1434 $ilTabs->addSubTabTarget(
1435 'rbac_repository_permissions',
1436 $this->ctrl->getLinkTarget($this, 'perm')
1437 );
1438 $ilTabs->addSubTabTarget(
1439 'rbac_admin_permissions',
1440 $this->ctrl->getLinkTarget($this, 'adminPerm')
1441 );
1442 }
1443 return true;
1444 }
1445
1449 protected function addToClipboardObject()
1450 {
1451 global $DIC;
1452
1453 $lng = $DIC['lng'];
1454 $ilCtrl = $DIC['ilCtrl'];
1455
1456 $users = (array) $_POST['user_id'];
1457 if (!count($users)) {
1458 ilUtil::sendFailure($this->lng->txt('select_one'), true);
1459 $ilCtrl->redirect($this, 'userassignment');
1460 }
1461 include_once './Services/User/classes/class.ilUserClipboard.php';
1462 $clip = ilUserClipboard::getInstance($GLOBALS['DIC']['ilUser']->getId());
1463 $clip->add($users);
1464 $clip->save();
1465
1466 $lng->loadLanguageModule('user');
1467 ilUtil::sendSuccess($this->lng->txt('clipboard_user_added'), true);
1468 $ilCtrl->redirect($this, 'userassignment');
1469 }
1470
1474 protected function addLocatorItems()
1475 {
1476 global $DIC;
1477
1478 $ilLocator = $DIC['ilLocator'];
1479
1480 if ($_GET["admin_mode"] == "") {
1481 $this->ctrl->setParameterByClass(
1482 "ilobjrolegui",
1483 "obj_id",
1484 (int) $_GET["obj_id"]
1485 );
1486 $ilLocator->addItem(
1487 ilObjRole::_getTranslation($this->object->getTitle()),
1488 $this->ctrl->getLinkTargetByClass(
1489 [
1490 "ilpermissiongui",
1491 "ilobjrolegui"
1492 ],
1493 "perm"
1494 )
1495 );
1496 }
1497 }
1498
1499 /*
1500 * Ensure access to role for ref_id
1501 * @throws ilObjectException
1502 */
1503 protected function ensureRoleAccessForContext()
1504 {
1505 global $DIC;
1506
1507 $review = $DIC->rbac()->review();
1508 $logger = $DIC->logger()->ac();
1509
1510 // creation of roles
1511 if (
1512 !$this->object->getId() ||
1513 $this->object->getId() == ROLE_FOLDER_ID
1514 ) {
1515 return true;
1516 }
1517
1518
1519 $possible_roles = [];
1520 try {
1521 $possible_roles = $review->getRolesOfObject(
1522 $this->obj_ref_id,
1523 false
1524 );
1525 } catch (\InvalidArgumentException $e) {
1526 $logger->warning('Role access check failed: ' . $e);
1527
1528 include_once "Services/Object/exceptions/class.ilObjectException.php";
1529 throw new \ilObjectException($this->lng->txt('permission_denied'));
1530 }
1531
1532 if (!in_array($this->object->getId(), $possible_roles)) {
1533 $logger->warning('Object id: ' . $this->object->getId() . ' is not accessible for ref_id: ' . $this->obj_ref_id);
1534 include_once "Services/Object/exceptions/class.ilObjectException.php";
1535 throw new \ilObjectException($this->lng->txt('permission_denied'));
1536 }
1537 return true;
1538 }
1539} // END class.ilObjRoleGUI
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
Definition: PEAR.php:64
$_GET["client_id"]
$_POST["username"]
$_SESSION["AccountId"]
An exception for terminatinating execution or to throw for unit testing.
Builds data types.
Definition: Factory.php:20
return true
Flag indicating whether or not HTTP headers will be sent when outputting captcha image/audio.
Accordion user interface class.
TableGUI class for role administration.
This class represents a checkbox property in a property form.
Confirmation screen class.
Export User Interface Class.
static newInstance($a_export_id)
Create new instance.
static allocateExportId()
Allocate a new export id.
This class represents a hidden form property in a property form.
static getRedirectTarget( $gui, string $cmd, array $gui_params=[], array $mail_params=[], array $context_params=[])
This class represents a non editable value in a property form.
Class ilObjRoleGUI.
getAdminTabs()
admin and normal tabs are equal for roles
editObject()
Edit role properties.
getTabs()
get tabs abstract method.
performDeleteRoleObject()
Delete role.
saveObject()
Save new role.
updateObject()
Save role settings.
initFormRoleProperties($a_mode)
Create role prperty form.
userassignmentObject()
display user assignment panel
showChangeExistingObjectsConfirmation()
Show confirmation screen.
__construct($a_data, $a_id, $a_call_by_reference=false, $a_prepare_output=true)
Constructor @access public.
setBackTarget($a_text, $a_link)
set back tab target
readRoleProperties(ilObjRole $role)
Read role properties and write them to form.
addLocatorItems()
should be overwritten to add object specific items (repository items are preloaded)
deassignUserObject()
de-assign users from role
permObject($a_show_admin_permissions=false)
Show template permissions.
loadRoleProperties(ilObjRole $role)
Store form input in role object.
assignSaveObject()
wrapper for renamed function
permSaveObject($a_show_admin_permissions=false)
save permissions
getParentType()
get type of current object (not role folder)
getContainerType()
Get type of role container.
addAdminLocatorItems($a_do_not_add_object=false)
should be overwritten to add object specific items (repository items are preloaded)
addUserObject($a_user_ids)
Assign user (callback from ilRepositorySearchGUI)
checkAccess($a_perm_global, $a_perm_obj='')
cancelObject()
cancelObject is called when an operation is canceled, method links back @access public
showDefaultPermissionSettings()
check if default permissions are shown or not
adminPermObject()
Show administration permissions.
executeCommand()
execute command
adminPermSaveObject()
Save admin permissions.
checkDuplicate($a_role_id=0)
Check if role with same name already exists in this folder.
confirmDeleteRoleObject()
Show delete confirmation screen.
createObject()
Only called from administration -> role folder ? Otherwise this check access is wrong.
getParentRefId()
Get ref id of current object (not role folder id)
isChangeExistingObjectsConfirmationRequired()
Check if a confirmation about further settings is required or not.
adoptPermSaveObject()
copy permissions from role
getParentObjId()
Get obj_id of current object.
setSubTabs($a_tab)
Set sub tabs.
addToClipboardObject()
Add selected users to user clipboard.
changeExistingObjectsObject()
Change existing objects.
Class ilObjRole.
setAllowRegister($a_allow_register)
set allow_register of role
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
const MODE_PROTECTED_DELETE_LOCAL_POLICIES
const MODE_UNPROTECTED_DELETE_LOCAL_POLICIES
getAllowRegister()
get allow_register
static _getTranslation($a_role_title)
const MODE_PROTECTED_KEEP_LOCAL_POLICIES
static isAutoGenerated($a_role_id)
toggleAssignUsersStatus($a_assign_users)
getPresentationTitle()
For autogenerated roles this returns 'Translated Title (untranslated title)'.
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Class ilObjectGUI Basic methods of all Output classes.
__showButton($a_cmd, $a_text, $a_target='')
prepareOutput($a_show_subobjects=true)
prepare output
static _lookupObjId($a_id)
setTitle($a_title)
set object title
setDescription($a_desc)
set object description
getDescription()
get object description
getId()
get object id @access public
static _lookupType($a_id, $a_reference=false)
lookup object type
static _getIdsForTitle($title, $type='', $partialmatch=false)
This class represents a property form user interface.
This class represents a property in a property form.
This class represents an option in a radio group.
static diffTemplate(array $a_old, array $a_new)
static add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id=false)
static gatherTemplate($a_role_ref_id, $a_role_id)
const EDIT_TEMPLATE
static isActive()
Recommended content configuration for roles.
static fillAutoCompleteToolbar($parent_object, ilToolbarGUI $toolbar=null, $a_options=array(), $a_sticky=false)
fill toolbar with
Copyright (c) 1998-2015 ILIAS open source, Extended GPL, see docs/LICENSE Date: 07....
static _getInstance()
Get instance of ilSecuritySettings.
This class represents a text area property in a property form.
This class represents a text property in a property form.
static getInstance($a_usr_id)
Get singelton instance.
static formCheckbox($checked, $varname, $value, $disabled=false)
??? @access public
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,...
static sendQuestion($a_info="", $a_keep=false)
Send Question to Screen.
static tf2yn($a_tf)
convert true/false to "y"/"n"
static redirect($a_script)
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
static infoPanel($a_keep=true)
const SYSTEM_ROLE_ID
Definition: constants.php:27
const ANONYMOUS_ROLE_ID
Definition: constants.php:26
const SYSTEM_USER_ID
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: constants.php:24
const IL_INST_ID
Definition: constants.php:38
const ANONYMOUS_USER_ID
Definition: constants.php:25
const ROLE_FOLDER_ID
Definition: constants.php:32
const ROOT_FOLDER_ID
Definition: constants.php:30
global $DIC
Definition: goto.php:24
$ilUser
Definition: imgupload.php:18
Interface GlobalHttpState.
__construct(Container $dic, ilPlugin $plugin)
@inheritDoc
redirection script todo: (a better solution should control the processing via a xml file)
$ret
Definition: parser.php:6