ILIAS  release_7 Revision v7.30-3-g800a261c036
class.ilObjRoleFolderGUI.php
Go to the documentation of this file.
1<?php
2/*
3 +-----------------------------------------------------------------------------+
4 | ILIAS open source |
5 +-----------------------------------------------------------------------------+
6 | Copyright (c) 1998-2006 ILIAS open source, University of Cologne |
7 | |
8 | This program is free software; you can redistribute it and/or |
9 | modify it under the terms of the GNU General Public License |
10 | as published by the Free Software Foundation; either version 2 |
11 | of the License, or (at your option) any later version. |
12 | |
13 | This program is distributed in the hope that it will be useful, |
14 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | GNU General Public License for more details. |
17 | |
18 | You should have received a copy of the GNU General Public License |
19 | along with this program; if not, write to the Free Software |
20 | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21 +-----------------------------------------------------------------------------+
22*/
23
24require_once "./Services/Object/classes/class.ilObjectGUI.php";
25
38class ilObjRoleFolderGUI extends ilObjectGUI
39{
40 private const COPY_ADD_PERMISSIONS = 1;
41 private const COPY_CLONE_PERMISSIONS = 2;
42 private const COPY_REMOVE_PERMISSIONS = 3;
43 private const COPY_CHANGE_EXISTING_OBJECTS = 1;
44
48 private $logger = null;
49
50
56 public $type;
57
62 public function __construct($a_data, $a_id, $a_call_by_reference)
63 {
64 global $DIC;
65
66 $lng = $DIC['lng'];
67 $this->logger = $DIC->logger()->ac();
68
69 $this->type = "rolf";
70 parent::__construct($a_data, $a_id, $a_call_by_reference, false);
71 $lng->loadLanguageModule('rbac');
72 }
73
74 public function executeCommand()
75 {
76 global $DIC;
77
78 $ilTabs = $DIC['ilTabs'];
79
80 $next_class = $this->ctrl->getNextClass($this);
81 $cmd = $this->ctrl->getCmd();
82 $this->prepareOutput();
83
84 switch ($next_class) {
85
86 case 'ilpermissiongui':
87 include_once("Services/AccessControl/classes/class.ilPermissionGUI.php");
88 $perm_gui = new ilPermissionGUI($this);
89 $ret = &$this->ctrl->forwardCommand($perm_gui);
90 break;
91
92 default:
93 $this->ctrl->setReturn($this, "view");
94 if (!$cmd) {
95 $cmd = "view";
96 }
97 $cmd .= "Object";
98 $this->$cmd();
99
100 break;
101 }
102 return true;
103 }
104
111 public function viewObject()
112 {
113 global $DIC;
114
115 $ilErr = $DIC['ilErr'];
116 $rbacsystem = $DIC['rbacsystem'];
117 $ilToolbar = $DIC['ilToolbar'];
118 $rbacreview = $DIC['rbacreview'];
119 $ilTabs = $DIC['ilTabs'];
120
121 $ilTabs->activateTab('view');
122
123 if (!$rbacsystem->checkAccess('visible,read', $this->object->getRefId())) {
124 $ilErr->raiseError($this->lng->txt('permission_denied'), $ilErr->MESSAGE);
125 }
126
127
128 if ($rbacsystem->checkAccess('create_role', $this->object->getRefId())) {
129 $this->ctrl->setParameter($this, 'new_type', 'role');
130 $ilToolbar->addButton(
131 $this->lng->txt('rolf_create_role'),
132 $this->ctrl->getLinkTarget($this, 'create')
133 );
134 }
135 if ($rbacsystem->checkAccess('create_rolt', $this->object->getRefId())) {
136 $this->ctrl->setParameter($this, 'new_type', 'rolt');
137 $ilToolbar->addButton(
138 $this->lng->txt('rolf_create_rolt'),
139 $this->ctrl->getLinkTarget($this, 'create')
140 );
141 $this->ctrl->clearParameters($this);
142 }
143
144 if (
145 $rbacsystem->checkAccess('create_rolt', $this->object->getRefId()) ||
146 $rbacsystem->checkAccess('create_rolt', $this->object->getRefId())
147 ) {
148 $ilToolbar->addButton(
149 $this->lng->txt('rbac_import_role'),
150 $this->ctrl->getLinkTargetByClass('ilPermissionGUI', 'displayImportRoleForm')
151 );
152 }
153
154 include_once './Services/AccessControl/classes/class.ilRoleTableGUI.php';
155 $table = new ilRoleTableGUI($this, 'view');
156 $table->init();
157 $table->parse($this->object->getId());
158
159 $this->tpl->setContent($table->getHTML());
160 }
161
165 protected function roleSearchObject()
166 {
167 global $DIC;
168
169 $rbacsystem = $DIC['rbacsystem'];
170 $ilCtrl = $DIC['ilCtrl'];
171 $ilTabs = $DIC['ilTabs'];
172 $ilErr = $DIC['ilErr'];
173
174 $ilTabs->clearTargets();
175 $ilTabs->setBackTarget(
176 $this->lng->txt('rbac_back_to_overview'),
177 $this->ctrl->getLinkTarget($this, 'view')
178 );
179
180 if (!$rbacsystem->checkAccess('visible,read', $this->object->getRefId())) {
181 $ilErr->raiseError($this->lng->txt('permission_denied'), $ilErr->MESSAGE);
182 }
183
184 $ilCtrl->setParameter($this, 'csource', (int) $_REQUEST['csource']);
185 ilUtil::sendInfo($this->lng->txt('rbac_choose_copy_targets'));
186
187 $form = $this->initRoleSearchForm();
188 $this->tpl->setContent($form->getHTML());
189 }
190
194 protected function initRoleSearchForm()
195 {
196 global $DIC;
197
198 $ilCtrl = $DIC['ilCtrl'];
199
200 include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
201 $form = new ilPropertyFormGUI();
202 $form->setTitle($this->lng->txt('rbac_role_title'));
203 $form->setFormAction($ilCtrl->getFormAction($this, 'view'));
204
205 $search = new ilTextInputGUI($this->lng->txt('title'), 'title');
206 $search->setRequired(true);
207 $search->setSize(30);
208 $search->setMaxLength(255);
209 $form->addItem($search);
210
211 $form->addCommandButton('roleSearchForm', $this->lng->txt('search'));
212 return $form;
213 }
214
215
220 protected function roleSearchFormObject()
221 {
222 global $DIC;
223
224 $ilCtrl = $DIC['ilCtrl'];
225
226 $_SESSION['rolf_search_query'] = '';
227 $ilCtrl->setParameter($this, 'csource', (int) $_REQUEST['csource']);
228
229 $form = $this->initRoleSearchForm();
230 if ($form->checkInput()) {
231 $_SESSION['rolf_search_query'] = $form->getInput('title');
232 return $this->roleSearchListObject();
233 }
234
235 ilUtil::sendFailure($this->lng->txt('msg_no_search_string'), true);
236 $form->setValuesByPost();
237 $ilCtrl->redirect($this, 'roleSearch');
238 }
239
243 protected function roleSearchListObject()
244 {
245 global $DIC;
246
247 $ilTabs = $DIC['ilTabs'];
248 $ilCtrl = $DIC['ilCtrl'];
249
250 $ilTabs->clearTargets();
251 $ilTabs->setBackTarget(
252 $this->lng->txt('rbac_back_to_overview'),
253 $this->ctrl->getLinkTarget($this, 'view')
254 );
255
256 $ilCtrl->setParameter($this, 'csource', (int) $_REQUEST['csource']);
257
258 if (strlen($_SESSION['rolf_search_query'])) {
259 ilUtil::sendInfo($this->lng->txt('rbac_select_copy_targets'));
260
261 include_once './Services/AccessControl/classes/class.ilRoleTableGUI.php';
262 $table = new ilRoleTableGUI($this, 'roleSearchList');
263 $table->setType(ilRoleTableGUI::TYPE_SEARCH);
264 $table->setRoleTitleFilter($_SESSION['rolf_search_query']);
265 $table->init();
266 $table->parse($this->object->getId());
267 return $this->tpl->setContent($table->getHTML());
268 }
269
270 ilUtil::sendFailure($this->lng->txt('msg_no_search_string'), true);
271 $ilCtrl->redirect($this, 'roleSearch');
272 }
273
278 protected function chooseCopyBehaviourObject(\ilPropertyFormGUI $form = null)
279 {
280 global $DIC;
281
282 $copy_source = (int) $_REQUEST['csource'];
283
284 $this->ctrl->saveParameter($this, 'csource', $copy_source);
285 $this->tabs_gui->clearTargets();
286 $this->tabs_gui->setBackTarget(
287 $this->lng->txt('rbac_back_to_overview'),
288 $this->ctrl->getLinkTarget($this, 'view')
289 );
290 if (!$form instanceof \ilPropertyFormGUI) {
291 $form = $this->initCopyBehaviourForm($copy_source);
292 }
293 $this->tpl->setContent($form->getHTML());
294 }
295
299 protected function initCopyBehaviourForm(int $copy_source)
300 {
301 // not only for role templates; add/remove permissions is also applicable for roles
302 $full_featured = true;
303
304 $form = new ilPropertyFormGUI();
305 $form->setTitle($this->lng->txt('rbac_copy_behaviour'));
306 $form->setFormAction($this->ctrl->getFormAction($this, 'chooseCopyBehaviour'));
307
308 $copy_type = new \ilRadioGroupInputGUI(
309 $this->lng->txt('rbac_form_copy_roles_adjust_type'),
310 'type'
311 );
312 $copy_type->setRequired(true);
313 $copy_type->setValue(self::COPY_CLONE_PERMISSIONS);
314
315 if ($full_featured) {
316 $add = new \ilRadioOption(
317 $this->lng->txt('rbac_form_copy_roles_adjust_type_add'),
318 self::COPY_ADD_PERMISSIONS,
319 $this->lng->txt('rbac_form_copy_roles_adjust_type_add_info')
320 );
321 $copy_type->addOption($add);
322
323 $ce_type_add = new \ilRadioGroupInputGUI(
324 '',
325 'add_ce_type'
326 );
327 $ce_type_add->setRequired(true);
328 $ce_add_yes = new \ilRadioOption(
329 $this->lng->txt('rbac_form_copy_roles_ce_add_yes'),
330 self::COPY_CHANGE_EXISTING_OBJECTS,
331 $this->lng->txt('rbac_form_copy_roles_ce_add_yes_info')
332 );
333 $ce_type_add->addOption($ce_add_yes);
334 $ce_add_no = new \ilRadioOption(
335 $this->lng->txt('rbac_form_copy_roles_ce_add_no'),
336 0,
337 $this->lng->txt('rbac_form_copy_roles_ce_add_no_info')
338 );
339 $ce_type_add->addOption($ce_add_no);
340 $add->addSubItem($ce_type_add);
341 }
342 $clone = new \ilRadioOption(
343 $this->lng->txt('rbac_form_copy_roles_adjust_type_clone'),
344 self::COPY_CLONE_PERMISSIONS,
345 $this->lng->txt('rbac_form_copy_roles_adjust_type_clone_info')
346 );
347 $copy_type->addOption($clone);
348
349
350 $ce_type_clone = new \ilRadioGroupInputGUI(
351 '',
352 'clone_ce_type'
353 );
354 $ce_type_clone->setRequired(true);
355 $ce_clone_yes = new \ilRadioOption(
356 $this->lng->txt('rbac_form_copy_roles_ce_clone_yes'),
357 self::COPY_CHANGE_EXISTING_OBJECTS,
358 $this->lng->txt('rbac_form_copy_roles_ce_clone_yes_info')
359 );
360 $ce_type_clone->addOption($ce_clone_yes);
361 $ce_clone_no = new \ilRadioOption(
362 $this->lng->txt('rbac_form_copy_roles_ce_clone_no'),
363 0,
364 $this->lng->txt('rbac_form_copy_roles_ce_clone_no_info')
365 );
366 $ce_type_clone->addOption($ce_clone_no);
367 $clone->addSubItem($ce_type_clone);
368
369 if ($full_featured) {
370 $remove = new \ilRadioOption(
371 $this->lng->txt('rbac_form_copy_roles_adjust_type_remove'),
372 self::COPY_REMOVE_PERMISSIONS,
373 $this->lng->txt('rbac_form_copy_roles_adjust_type_remove_info')
374 );
375 $copy_type->addOption($remove);
376 $ce_type_remove = new \ilRadioGroupInputGUI(
377 '',
378 'remove_ce_type'
379 );
380 $ce_type_remove->setRequired(true);
381 $ce_remove_yes = new \ilRadioOption(
382 $this->lng->txt('rbac_form_copy_roles_ce_remove_yes'),
383 self::COPY_CHANGE_EXISTING_OBJECTS,
384 $this->lng->txt('rbac_form_copy_roles_ce_remove_yes_info')
385 );
386 $ce_type_remove->addOption($ce_remove_yes);
387 $ce_remove_no = new \ilRadioOption(
388 $this->lng->txt('rbac_form_copy_roles_ce_remove_no'),
389 0,
390 $this->lng->txt('rbac_form_copy_roles_ce_remove_no_info')
391 );
392 $ce_type_remove->addOption($ce_remove_no);
393 $remove->addSubItem($ce_type_remove);
394 }
395
396 $form->addItem($copy_type);
397
398 $roles = new ilHiddenInputGUI('roles');
399 $roles->setValue(implode(',', (array) $_POST['roles']));
400 $form->addItem($roles);
401
402 $form->addCommandButton('roleSearchList', $this->lng->txt('back'));
403 $form->addCommandButton('adjustRole',$this->lng->txt('rbac_form_copy_roles_adjust_button'));
404 return $form;
405 }
406
407
411 protected function adjustRoleObject()
412 {
413 global $DIC;
414
415 $this->checkPermission('write');
416 $review = $DIC->rbac()->review();
417
418 $roles = explode(',', $_POST['roles']);
419 $source = (int) $_REQUEST['csource'];
420
421 $form = $this->initCopyBehaviourForm($source);
422 if ($form->checkInput()) {
423
424 $adjustment_type = $form->getInput('type');
425 foreach ((array) $roles as $role_id) {
426 if ($role_id != $source) {
427
428 $start_obj = $review->getRoleFolderOfRole($role_id);
429 $this->logger->debug('Start object: ' . $start_obj);
430
431 switch ($adjustment_type) {
432 case self::COPY_ADD_PERMISSIONS:
433 $change_existing = (bool) $form->getInput('add_ce_type');
434 $this->doAddRolePermissions(
435 $source,
436 $role_id
437 );
438 if ($change_existing) {
439 $this->doChangeExistingObjects(
440 $start_obj,
441 $role_id,
442 \ilObjRole::MODE_ADD_OPERATIONS,
443 $source
444 );
445 }
446 break;
447 case self::COPY_CLONE_PERMISSIONS:
448 $change_existing = (bool) $form->getInput('clone_ce_type');
449 $this->doCopyRole(
450 $source,
451 $role_id
452 );
453 if ($change_existing) {
454 $this->doChangeExistingObjects(
455 $start_obj,
456 $role_id,
457 \ilObjRole::MODE_READ_OPERATIONS,
458 $source
459 );
460 }
461 break;
462 case self::COPY_REMOVE_PERMISSIONS:
463 $change_existing = (bool) $form->getInput('remove_ce_type');
464 $this->doRemoveRolePermissions(
465 $source,
466 $role_id
467 );
468 if ($change_existing) {
469 $this->doChangeExistingObjects(
470 $start_obj,
471 $role_id,
472 \ilObjRole::MODE_REMOVE_OPERATIONS,
473 $source
474 );
475 }
476 break;
477 }
478 }
479 }
480 ilUtil::sendSuccess($this->lng->txt('rbac_copy_finished'), true);
481 $this->ctrl->redirect($this, 'view');
482 }
483 }
484
485
489 protected function doAddRolePermissions($source, $target)
490 {
491 global $DIC;
492
493 $rbacadmin = $DIC->rbac()->admin();
494 $rbacreview = $DIC->rbac()->review();
495
496 $source_definition = $rbacreview->getRoleFolderOfRole($source);
497 $rbacadmin->copyRolePermissionUnion(
498 $source,
499 $source_definition,
500 $target,
501 $rbacreview->getRoleFolderOfRole($target),
502 $target,
503 $rbacreview->getRoleFolderOfRole($target)
504 );
505 }
506
510 protected function removeRolePermissionsObject()
511 {
512 global $DIC;
513
514 $ilCtrl = $DIC['ilCtrl'];
515
516 // Finally copy role/rolt
517 $roles = explode(',', $_POST['roles']);
518 $source = (int) $_REQUEST['csource'];
519
520 $form = $this->initCopyBehaviourForm();
521 if ($form->checkInput()) {
522 foreach ((array) $roles as $role_id) {
523 if ($role_id != $source) {
524 $this->doRemoveRolePermissions($source, $role_id, $form->getInput('change_existing'));
525 }
526 }
527
528 ilUtil::sendSuccess($this->lng->txt('rbac_copy_finished'), true);
529 $ilCtrl->redirect($this, 'view');
530 }
531 }
532
536 protected function doRemoveRolePermissions($source, $target)
537 {
538 global $DIC;
539
540 $rbacadmin = $DIC->rbac()->admin();
541 $rbacreview = $DIC->rbac()->review();
542
543 ilLoggerFactory::getLogger('ac')->debug('Remove permission source: ' . $source);
544 ilLoggerFactory::getLogger('ac')->debug('Remove permission target: ' . $target);
545
546 $source_obj = $rbacreview->getRoleFolderOfRole($source);
547 $rbacadmin->copyRolePermissionSubtract(
548 $source,
549 $source_obj,
550 $target,
551 $rbacreview->getRoleFolderOfRole($target)
552 );
553
554 }
555
556
557
561 protected function doCopyRole($source, $target)
562 {
563 global $DIC;
564
565 $rbacadmin = $DIC->rbac()->admin();
566 $rbacreview = $DIC->rbac()->review();
567
568 $target_obj = $rbacreview->getRoleFolderOfRole($target);
569 $source_obj = $rbacreview->getRoleFolderOfRole($source);
570 // Copy role template permissions
571 $rbacadmin->copyRoleTemplatePermissions(
572 $source,
573 $source_obj,
574 $target_obj,
575 $target
576 );
577 }
578
582 protected function doChangeExistingObjects($a_start_obj, $a_target_role, $a_operation_mode, $a_source_role)
583 {
584 global $DIC;
585
586 $review = $DIC->rbac()->review();
587
588 if (!$a_start_obj) {
589 $this->logger->warning('Missing parameter start object.');
590 $this->logger->logStack(\ilLogLevel::WARNING);
591 throw new InvalidArgumentException('Missing parameter: start object');
592 }
593 // the mode is unchanged and read out from the target object
594 $target_ref_id = $review->getRoleFolderOfRole($a_target_role);
595 if ($review->isProtected($target_ref_id, $a_target_role)) {
596 $mode = \ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES;
597 }
598 else {
599 $mode = \ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES;
600 }
601 if ($a_start_obj) {
602 $operation_stack = [];
603 if ($a_operation_mode !== \ilObjRole::MODE_READ_OPERATIONS) {
604 $operation_stack[] = $review->getAllOperationsOfRole($a_source_role, $this->ref_id);
605 }
606
607 $this->logger->debug('Current operation stack');
608 $this->logger->dump($operation_stack);
609
610 $role = new ilObjRole($a_target_role);
611 $role->changeExistingObjects(
612 $a_start_obj,
613 $mode,
614 array('all'),
615 [],
616 $a_operation_mode,
617 $operation_stack
618 );
619 }
620 }
621
622
626 protected function applyFilterObject()
627 {
628 include_once './Services/AccessControl/classes/class.ilRoleTableGUI.php';
629 $table = new ilRoleTableGUI($this, 'view');
630 $table->init();
631 $table->resetOffset();
632 $table->writeFilterToSession();
633
634 $this->viewObject();
635 }
636
640 public function resetFilterObject()
641 {
642 include_once './Services/AccessControl/classes/class.ilRoleTableGUI.php';
643 $table = new ilRoleTableGUI($this, 'view');
644 $table->init();
645 $table->resetOffset();
646 $table->resetFilter();
647
648 $this->viewObject();
649 }
650
654 protected function confirmDeleteObject()
655 {
656 global $DIC;
657
658 $ilCtrl = $DIC['ilCtrl'];
659
660 $roles = (array) ($_POST['roles'] ?? []);
661 if (!count($roles)) {
662 ilUtil::sendFailure($this->lng->txt('select_one'), true);
663 $ilCtrl->redirect($this, 'view');
664 }
665
666 $question = $this->lng->txt('rbac_role_delete_qst');
667
668 include_once './Services/Utilities/classes/class.ilConfirmationGUI.php';
669 $confirm = new ilConfirmationGUI();
670 $confirm->setHeaderText($question);
671 $confirm->setFormAction($ilCtrl->getFormAction($this));
672 $confirm->setHeaderText($this->lng->txt("info_delete_sure"));
673 $confirm->setConfirm($this->lng->txt('delete'), 'deleteRole');
674 $confirm->setCancel($this->lng->txt('cancel'), 'cancel');
675
676
677 include_once './Services/AccessControl/classes/class.ilObjRole.php';
678 foreach ($roles as $role_id) {
679 $confirm->addItem(
680 'roles[]',
681 $role_id,
682 ilObjRole::_getTranslation(ilObject::_lookupTitle($role_id))
683 );
684 }
685 $this->tpl->setContent($confirm->getHTML());
686 }
687
691 protected function deleteRoleObject()
692 {
693 global $DIC;
694
695 $rbacsystem = $DIC['rbacsystem'];
696 $ilErr = $DIC['ilErr'];
697 $rbacreview = $DIC['rbacreview'];
698 $ilCtrl = $DIC['ilCtrl'];
699
700 if (!$rbacsystem->checkAccess('delete', $this->object->getRefId())) {
701 $ilErr->raiseError(
702 $this->lng->txt('msg_no_perm_delete'),
703 $ilErr->MESSAGE
704 );
705 }
706
707 foreach ((array) $_POST['roles'] as $id) {
708 // instatiate correct object class (role or rolt)
709 $obj = ilObjectFactory::getInstanceByObjId($id, false);
710
711 if ($obj->getType() == "role") {
712 $rolf_arr = $rbacreview->getFoldersAssignedToRole($obj->getId(), true);
713 $obj->setParent($rolf_arr[0]);
714 }
715
716 $obj->delete();
717 }
718
719 // set correct return location if rolefolder is removed
720 ilUtil::sendSuccess($this->lng->txt("msg_deleted_roles_rolts"), true);
721 $ilCtrl->redirect($this, 'view');
722 }
723
724
725
726
727
733 public function createObject()
734 {
735 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
736
737 /*
738 $this->object->setTitle($this->lng->txt("obj_".$this->object->getType()."_local"));
739 $this->object->setDescription("obj_".$this->object->getType()."_local_desc");
740
741 $this->saveObject();
742 */
743 }
744
750 public function deleteObject($a_error = false)
751 {
752 $this->ilias->raiseError($this->lng->txt("permission_denied"), $this->ilias->error_obj->MESSAGE);
753 }
754
760 public function adoptPermSaveObject()
761 {
762 ilUtil::sendSuccess($this->lng->txt("saved_successfully"), true);
763
764 $this->ctrl->redirect($this, "view");
765 }
766
773 public function showPossibleSubObjects()
774 {
775 global $DIC;
776
777 $rbacsystem = $DIC['rbacsystem'];
778
779 $d = $this->objDefinition->getCreatableSubObjects($this->object->getType());
780
781 if ($this->object->getRefId() != ROLE_FOLDER_ID or !$rbacsystem->checkAccess('create_rolt', ROLE_FOLDER_ID)) {
782 unset($d["rolt"]);
783 }
784
785 if (!$rbacsystem->checkAccess('create_role', $this->object->getRefId())) {
786 unset($d["role"]);
787 }
788
789 if (count($d) > 0) {
790 foreach ($d as $row) {
791 $count = 0;
792 if ($row["max"] > 0) {
793 //how many elements are present?
794 for ($i = 0; $i < count($this->data["ctrl"]); $i++) {
795 if ($this->data["ctrl"][$i]["type"] == $row["name"]) {
796 $count++;
797 }
798 }
799 }
800 if ($row["max"] == "" || $count < $row["max"]) {
801 $subobj[] = $row["name"];
802 }
803 }
804 }
805
806 if (is_array($subobj)) {
807 //build form
808 $opts = ilUtil::formSelect(12, "new_type", $subobj);
809 $this->tpl->setCurrentBlock("add_object");
810 $this->tpl->setVariable("SELECT_OBJTYPE", $opts);
811 $this->tpl->setVariable("BTN_NAME", "create");
812 $this->tpl->setVariable("TXT_ADD", $this->lng->txt("add"));
813 $this->tpl->parseCurrentBlock();
814 }
815 }
816
821 public function saveObject()
822 {
823 global $DIC;
824
825 $rbacadmin = $DIC['rbacadmin'];
826
827 // role folders are created automatically
828 $_GET["new_type"] = $this->object->getType();
829 $_POST["Fobject"]["title"] = $this->object->getTitle();
830 $_POST["Fobject"]["desc"] = $this->object->getDescription();
831
832 // always call parent method first to create an object_data entry & a reference
833 $newObj = parent::saveObject();
834
835 // put here your object specific stuff
836
837 // always send a message
838 ilUtil::sendSuccess($this->lng->txt("rolf_added"), true);
839
840 $this->ctrl->redirect($this, "view");
841 }
842
849 public function getAdminTabs()
850 {
851 if ($this->checkPermissionBool("visible,read")) {
852 $this->tabs_gui->addTarget(
853 "view",
854 $this->ctrl->getLinkTarget($this, "view"),
855 array("", "view"),
856 get_class($this)
857 );
858
859 $this->tabs_gui->addTarget(
860 "settings",
861 $this->ctrl->getLinkTarget($this, "editSettings"),
862 array("editSettings"),
863 get_class($this)
864 );
865 }
866
867 if ($this->checkPermissionBool("edit_permission")) {
868 $this->tabs_gui->addTarget(
869 "perm_settings",
870 $this->ctrl->getLinkTargetByClass(
871 array(get_class($this),'ilpermissiongui'),
872 "perm"
873 ),
874 "",
875 "ilpermissiongui"
876 );
877 }
878 }
879
880 public function editSettingsObject(ilPropertyFormGUI $a_form = null)
881 {
882 if (!$a_form) {
883 $a_form = $this->initSettingsForm();
884 }
885
886 $this->tpl->setContent($a_form->getHTML());
887 }
888
889 public function saveSettingsObject()
890 {
891 global $DIC;
892
893 $ilErr = $DIC['ilErr'];
894 $rbacreview = $DIC['rbacreview'];
895 $ilUser = $DIC['ilUser'];
896
897 if (!$this->checkPermissionBool("write")) {
898 $ilErr->raiseError($this->lng->txt('permission_denied'), $ilErr->MESSAGE);
899 }
900
901 $form = $this->initSettingsForm();
902 if ($form->checkInput()) {
903 include_once('./Services/PrivacySecurity/classes/class.ilPrivacySettings.php');
904 $privacy = ilPrivacySettings::_getInstance();
905 $privacy->enableRbacLog((int) $_POST['rbac_log']);
906 $privacy->setRbacLogAge((int) $_POST['rbac_log_age']);
907 $privacy->save();
908
909 if ($rbacreview->isAssigned($ilUser->getId(), SYSTEM_ROLE_ID)) {
910 include_once('./Services/PrivacySecurity/classes/class.ilSecuritySettings.php');
911 $security = ilSecuritySettings::_getInstance();
912 $security->protectedAdminRole((int) $_POST['admin_role']);
913 $security->save();
914 }
915
916 ilUtil::sendSuccess($this->lng->txt("settings_saved"), true);
917 $this->ctrl->redirect($this, "editSettings");
918 }
919
920 $form->setValuesByPost();
921 $this->editSettingsObject($form);
922 }
923
924 protected function initSettingsForm()
925 {
926 global $DIC;
927
928 $rbacreview = $DIC['rbacreview'];
929 $ilUser = $DIC['ilUser'];
930
931 $this->lng->loadLanguageModule('ps');
932
933 include_once('./Services/PrivacySecurity/classes/class.ilPrivacySettings.php');
934 include_once('./Services/PrivacySecurity/classes/class.ilSecuritySettings.php');
935 $privacy = ilPrivacySettings::_getInstance();
936 $security = ilSecuritySettings::_getInstance();
937
938 include_once("./Services/Form/classes/class.ilPropertyFormGUI.php");
939 $form = new ilPropertyFormGUI();
940 $form->setFormAction($this->ctrl->getFormAction($this, "saveSettings"));
941 $form->setTitle($this->lng->txt('settings'));
942
943 // protected admin
944 $admin = new ilCheckboxInputGUI($GLOBALS['DIC']['lng']->txt('adm_adm_role_protect'), 'admin_role');
945 $admin->setDisabled(!$rbacreview->isAssigned($ilUser->getId(), SYSTEM_ROLE_ID));
946 $admin->setInfo($this->lng->txt('adm_adm_role_protect_info'));
947 $admin->setChecked((int) $security->isAdminRoleProtected());
948 $admin->setValue(1);
949 $form->addItem($admin);
950
951 $check = new ilCheckboxInputGui($this->lng->txt('rbac_log'), 'rbac_log');
952 $check->setInfo($this->lng->txt('rbac_log_info'));
953 $check->setChecked($privacy->enabledRbacLog());
954 $form->addItem($check);
955
956 $age = new ilNumberInputGUI($this->lng->txt('rbac_log_age'), 'rbac_log_age');
957 $age->setInfo($this->lng->txt('rbac_log_age_info'));
958 $age->setValue($privacy->getRbacLogAge());
959 $age->setMinValue(1);
960 $age->setMaxValue(24);
961 $age->setSize(2);
962 $age->setMaxLength(2);
963 $check->addSubItem($age);
964
965 $form->addCommandButton('saveSettings', $this->lng->txt('save'));
966
967 return $form;
968 }
969
970 public function addToExternalSettingsForm($a_form_id)
971 {
972 switch ($a_form_id) {
973 case ilAdministrationSettingsFormHandler::FORM_SECURITY:
974
975 include_once('./Services/PrivacySecurity/classes/class.ilSecuritySettings.php');
976 $security = ilSecuritySettings::_getInstance();
977
978 $fields = array('adm_adm_role_protect' => array($security->isAdminRoleProtected(), ilAdministrationSettingsFormHandler::VALUE_BOOL));
979
980 return array(array("editSettings", $fields));
981
982 case ilAdministrationSettingsFormHandler::FORM_PRIVACY:
983
984 include_once('./Services/PrivacySecurity/classes/class.ilPrivacySettings.php');
985 $privacy = ilPrivacySettings::_getInstance();
986
987 $subitems = null;
988 if ((bool) $privacy->enabledRbacLog()) {
989 $subitems = array('rbac_log_age' => $privacy->getRbacLogAge());
990 }
991 $fields = array('rbac_log' => array($privacy->enabledRbacLog(), ilAdministrationSettingsFormHandler::VALUE_BOOL, $subitems));
992
993 return array(array("editSettings", $fields));
994 }
995 }
996} // END class.ilObjRoleFolderGUI
$GLOBALS
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
Definition: PEAR.php:64
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
php
An exception for terminatinating execution or to throw for unit testing.
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:34
ilConfirmationGUI
Confirmation screen class.
Definition: class.ilConfirmationGUI.php:16
ilHiddenInputGUI
This class represents a hidden form property in a property form.
Definition: class.ilHiddenInputGUI.php:33
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:74
ilNumberInputGUI
This class represents a number property in a property form.
Definition: class.ilNumberInputGUI.php:15
ilObjRoleFolderGUI
Class ilObjRoleFolderGUI.
Definition: class.ilObjRoleFolderGUI.php:39
ilObjRoleFolderGUI\doAddRolePermissions
doAddRolePermissions($source, $target)
do add role permission
Definition: class.ilObjRoleFolderGUI.php:489
ilObjRoleFolderGUI\doRemoveRolePermissions
doRemoveRolePermissions($source, $target)
do add role permission
Definition: class.ilObjRoleFolderGUI.php:536
ilObjRoleFolderGUI\doChangeExistingObjects
doChangeExistingObjects($a_start_obj, $a_target_role, $a_operation_mode, $a_source_role)
Do change existing objects.
Definition: class.ilObjRoleFolderGUI.php:582
ilObjRoleFolderGUI\chooseCopyBehaviourObject
chooseCopyBehaviourObject(\ilPropertyFormGUI $form=null)
Choose option for copying roles/role templates.
Definition: class.ilObjRoleFolderGUI.php:278
ilObjRoleFolderGUI\showPossibleSubObjects
showPossibleSubObjects()
show possible subobjects (pulldown menu) overwritten to prevent displaying of role templates in local...
Definition: class.ilObjRoleFolderGUI.php:773
ilObjRoleFolderGUI\adoptPermSaveObject
adoptPermSaveObject()
??? TODO: what is the purpose of this function? @access public
Definition: class.ilObjRoleFolderGUI.php:760
ilObjRoleFolderGUI\executeCommand
executeCommand()
execute command
Definition: class.ilObjRoleFolderGUI.php:74
ilObjRoleFolderGUI\createObject
createObject()
role folders are created automatically DEPRECATED !!! @access public
Definition: class.ilObjRoleFolderGUI.php:733
ilObjRoleFolderGUI\initRoleSearchForm
initRoleSearchForm()
Init role search form.
Definition: class.ilObjRoleFolderGUI.php:194
ilObjRoleFolderGUI\saveObject
saveObject()
save object @access public
Definition: class.ilObjRoleFolderGUI.php:821
ilObjRoleFolderGUI\__construct
__construct($a_data, $a_id, $a_call_by_reference)
Constructor @access public.
Definition: class.ilObjRoleFolderGUI.php:62
ilObjRoleFolderGUI\roleSearchFormObject
roleSearchFormObject()
Parse search query @global \ilCtrl $ilCtrl.
Definition: class.ilObjRoleFolderGUI.php:220
ilObjRoleFolderGUI\deleteObject
deleteObject($a_error=false)
display deletion confirmation screen DEPRECATED !!! @access public
Definition: class.ilObjRoleFolderGUI.php:750
ilObjRoleFolderGUI\resetFilterObject
resetFilterObject()
Reset role filter.
Definition: class.ilObjRoleFolderGUI.php:640
ilObjRoleFolderGUI\editSettingsObject
editSettingsObject(ilPropertyFormGUI $a_form=null)
Definition: class.ilObjRoleFolderGUI.php:880
ilObjRoleFolderGUI\roleSearchObject
roleSearchObject()
Search target roles.
Definition: class.ilObjRoleFolderGUI.php:165
ilObjRoleFolderGUI\getAdminTabs
getAdminTabs()
Add role folder tabs @global ilTree $tree @global ilLanguage $lng.
Definition: class.ilObjRoleFolderGUI.php:849
ilObjRoleFolderGUI\confirmDeleteObject
confirmDeleteObject()
Confirm deletion of roles.
Definition: class.ilObjRoleFolderGUI.php:654
ilObjRoleFolderGUI\doCopyRole
doCopyRole($source, $target)
Perform copy of role.
Definition: class.ilObjRoleFolderGUI.php:561
ilObjRoleFolderGUI\removeRolePermissionsObject
removeRolePermissionsObject()
Remove role permissions.
Definition: class.ilObjRoleFolderGUI.php:510
ilObjRoleFolderGUI\viewObject
viewObject()
@global ilErrorHandler $ilErr @global ilRbacSystem $rbacsystem @global ilToolbarGUI $ilToolbar
Definition: class.ilObjRoleFolderGUI.php:111
ilObjRoleFolderGUI\applyFilterObject
applyFilterObject()
Apply role filter.
Definition: class.ilObjRoleFolderGUI.php:626
ilObjRoleFolderGUI\initCopyBehaviourForm
initCopyBehaviourForm(int $copy_source)
Show copy behaviour form.
Definition: class.ilObjRoleFolderGUI.php:299
ilObjRole
Class ilObjRole.
Definition: class.ilObjRole.php:17
ilObjRole\MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:21
ilObjRole\MODE_REMOVE_OPERATIONS
const MODE_REMOVE_OPERATIONS
Definition: class.ilObjRole.php:25
ilObjRole\_getTranslation
static _getTranslation($a_role_title)
Definition: class.ilObjRole.php:454
ilObjRole\MODE_PROTECTED_KEEP_LOCAL_POLICIES
const MODE_PROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:19
ilObjRole\MODE_ADD_OPERATIONS
const MODE_ADD_OPERATIONS
Definition: class.ilObjRole.php:23
ilObjRole\MODE_READ_OPERATIONS
const MODE_READ_OPERATIONS
Definition: class.ilObjRole.php:24
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:70
ilObjectGUI
Class ilObjectGUI Basic methods of all Output classes.
Definition: class.ilObjectGUI.php:17
ilObjectGUI\checkPermission
checkPermission($a_perm, $a_cmd="", $a_type="", $a_ref_id=null)
Check permission and redirect on error.
Definition: class.ilObjectGUI.php:1982
ilObjectGUI\prepareOutput
prepareOutput($a_show_subobjects=true)
prepare output
Definition: class.ilObjectGUI.php:334
ilObjectGUI\checkPermissionBool
checkPermissionBool($a_perm, $a_cmd="", $a_type="", $a_ref_id=null)
Check permission.
Definition: class.ilObjectGUI.php:2027
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:991
ilPermissionGUI
New PermissionGUI (extends from old ilPermission2GUI) RBAC related output.
Definition: class.ilPermissionGUI.php:20
ilPrivacySettings\_getInstance
static _getInstance()
Get instance of ilPrivacySettings.
Definition: class.ilPrivacySettings.php:94
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:48
ilRoleTableGUI
TableGUI for the presentation og roles and role templates.
Definition: class.ilRoleTableGUI.php:15
ilSecuritySettings\_getInstance
static _getInstance()
Get instance of ilSecuritySettings.
Definition: class.ilSecuritySettings.php:107
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:17
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4534
ilUtil\formSelect
static formSelect( $selected, $varname, $options, $multiple=false, $direct_text=false, $size="0", $style_class="", $attribs="", $disabled=false)
Builds a select form field with options and shows the selected option first.
Definition: class.ilUtil.php:335
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4518
SYSTEM_ROLE_ID
const SYSTEM_ROLE_ID
Definition: constants.php:27
ROLE_FOLDER_ID
const ROLE_FOLDER_ID
Definition: constants.php:32
$d
for( $i=6;$i< 13;$i++) for($i=1; $i< 13; $i++) $d
Definition: date.php:296
$DIC
global $DIC
Definition: goto.php:24
$ilUser
$ilUser
Definition: imgupload.php:18
$i
$i
Definition: metadata.php:24
$source
$source
Definition: metadata.php:76
ILIAS\GlobalScreen\Provider\__construct
__construct(Container $dic, ilPlugin $plugin)
@inheritDoc
Definition: PluginProviderHelper.php:40
ilias
redirection script todo: (a better solution should control the processing via a xml file)
$ret
$ret
Definition: parser.php:6