ilObjRole Class Reference

Class ilObjRole. More...

Inheritance diagram for ilObjRole:

Collaboration diagram for ilObjRole:

Public Member Functions
	__construct ($a_id=0, $a_call_by_reference=false)
	Constructor @access public. More...
	validate ()
	Validate role data. More...
	getPresentationTitle ()
	For autogenerated roles this returns 'Translated Title (untranslated title)'. More...
	toggleAssignUsersStatus ($a_assign_users)
	getAssignUsersStatus ()
	read ()
	loads "role" from database @access private More...
	assignData ($a_data)
	loads a record "role" from array @access public More...
	update ()
	updates a record "role" and write it into database @access public More...
	create ()
	create More...
	setAllowRegister ($a_allow_register)
	set allow_register of role More...
	getAllowRegister ()
	get allow_register More...
	setParent ($a_parent_ref)
	set reference id of parent object this is neccessary for non RBAC protected objects!!! More...
	getParent ()
	get reference id of parent object More...
	delete ()
	delete role and all related data More...
	getCountMembers ()
	__getPermissionDefinitions ()
	changeExistingObjects ($a_start_node, $a_mode, $a_filter, $a_exclusion_filter=array(), $a_operation_mode=self::MODE_READ_OPERATIONS, $a_operation_stack=[])
	Change existing objects. More...
Public Member Functions inherited from ilObject
	__construct ($a_id=0, $a_reference=true)
	Constructor @access public. More...
	withReferences ()
	determines wehter objects are referenced or not (got ref ids or not) More...
	read ()
	read object data from db into object More...
	getId ()
	get object id @access public More...
	setId ($a_id)
	set object id @access public More...
	setRefId ($a_id)
	set reference id @access public More...
	getRefId ()
	get reference id @access public More...
	getType ()
	get object type @access public More...
	setType ($a_type)
	set object type @access public More...
	getPresentationTitle ()
	get presentation title Normally same as title Overwritten for sessions More...
	getTitle ()
	get object title @access public More...
	getUntranslatedTitle ()
	get untranslated object title @access public More...
	setTitle ($a_title)
	set object title More...
	getDescription ()
	get object description More...
	setDescription ($a_desc)
	set object description More...
	getLongDescription ()
	get object long description (stored in object_description) More...
	getImportId ()
	get import id More...
	setImportId ($a_import_id)
	set import id More...
	setOfflineStatus ($a_status)
	Set offline status. More...
	getOfflineStatus ()
	Get offline status. More...
	supportsOfflineHandling ()
	Check whether object supports offline handling. More...
	getOwner ()
	get object owner More...
	getOwnerName ()
	setOwner ($a_owner)
	set object owner More...
	getCreateDate ()
	get create date @access public More...
	getLastUpdateDate ()
	get last update date @access public More...
	getDiskUsage ()
	Gets the disk usage of the object in bytes. More...
	create ()
	create More...
	update ()
	update object in db More...
	MDUpdateListener ($a_element)
	Meta data update listener. More...
	createMetaData ()
	create meta data entry More...
	updateMetaData ()
	update meta data entry More...
	deleteMetaData ()
	delete meta data entry More...
	updateOwner ()
	update owner of object in db More...
	putInTree ($a_parent_ref)
	maybe this method should be in tree object!? More...
	setPermissions ($a_parent_ref)
	set permissions of object More...
	setParentRolePermissions ($a_parent_ref)
	Initialize the permissions of parent roles (local roles of categories, global roles...) This method is overwritten in e.g courses, groups for building permission intersections with non_member templates. More...
	createReference ()
	creates reference for object More...
	countReferences ()
	count references of object More...
	delete ()
	delete object or referenced object (in the case of a referenced object, object data is only deleted if last reference is deleted) This function removes an object entirely from system!! More...
	initDefaultRoles ()
	init default roles settings Purpose of this function is to create a local role folder and local roles, that are needed depending on the object type If you want to setup default local roles you MUST overwrite this method in derived object classes (see ilObjForum for an example) @access public More...
	applyDidacticTemplate ($a_tpl_id)
	Apply template. More...
	setRegisterMode ($a_bool)
	isUserRegistered ($a_user_id=0)
	requireRegistration ()
	getXMLZip ()
	getHTMLDirectory ()
	appendCopyInfo ($a_target_id, $a_copy_id)
	Prepend Copy info if object with same name exists in that container. More...
	cloneDependencies ($a_target_id, $a_copy_id)
	Clone object dependencies. More...
	cloneMetaData ($target_obj)
	Copy meta data. More...
	getPossibleSubObjects ($a_filter=true)
	get all possible subobjects of this type the object can decide which types of subobjects are possible jut in time overwrite if the decision distinguish from standard model More...

Static Public Member Functions
static	createDefaultRole ($a_title, $a_description, $a_tpl_name, $a_ref_id)
static	_getAssignUsersStatus ($a_role_id)
static	_lookupRegisterAllowed ()
	get all roles that are activated in user registration More...
static	_lookupAllowRegister ($a_role_id)
	check whether role is allowed in user registration or not More...
static	_getTranslation ($a_role_title)
static	_removeObjectId ($a_role_title)
static	_updateAuthMode ($a_roles)
static	_getAuthMode ($a_role_id)
static	_getRolesByAuthMode ($a_auth_mode)
	Get roles by auth mode. More...
static	_resetAuthMode ($a_auth_mode)
	Reset auth mode to default. More...
static	isAutoGenerated ($a_role_id)
Static Public Member Functions inherited from ilObject
static	_lookupObjIdByImportId ($a_import_id)
static	_lookupImportId ($a_obj_id)
static	_lookupOwnerName ($a_owner_id)
	lookup owner name for owner id More...
static	_getIdForImportId ($a_import_id)
	get current object id for import id (static) More...
static	_getAllReferences ($a_id)
	get all reference ids of object More...
static	_lookupTitle ($a_id)
	lookup object title More...
static	lookupOfflineStatus ($a_obj_id)
	Lookup offline status using objectDataCache. More...
static	_lookupOwner ($a_id)
	lookup object owner More...
static	_getIdsForTitle ($title, $type='', $partialmatch=false)
static	_lookupDescription ($a_id)
	lookup object description More...
static	_lookupLastUpdate ($a_id, $a_as_string=false)
	lookup last update More...
static	_getLastUpdateOfObjects ($a_objs)
	Get last update for a set of media objects. More...
static	_lookupObjId ($a_id)
static	_setDeletedDate ($a_ref_id, $a_deleted_by)
static	setDeletedDates ($a_ref_ids, $a_user_id)
	Set deleted date. More...
static	_resetDeletedDate ($a_ref_id)
	only called in ilObjectGUI::insertSavedNodes More...
static	_lookupDeletedDate ($a_ref_id)
	only called in ilObjectGUI::insertSavedNodes More...
static	_writeTitle ($a_obj_id, $a_title)
	write title to db (static) More...
static	_writeDescription ($a_obj_id, $a_desc)
	write description to db (static) More...
static	_writeImportId ($a_obj_id, $a_import_id)
	write import id to db (static) More...
static	_lookupType ($a_id, $a_reference=false)
	lookup object type More...
static	_isInTrash ($a_ref_id)
	checks wether object is in trash More...
static	_hasUntrashedReference ($a_obj_id)
	checks wether an object has at least one reference that is not in trash More...
static	_lookupObjectId ($a_ref_id)
	lookup object id More...
static	_getObjectsDataForType ($a_type, $a_omit_trash=false)
	get all objects of a certain type More...
static	_exists ($a_id, $a_reference=false, $a_type=null)
	checks if an object exists in object_data@access public More...
static	_getObjectsByType ($a_obj_type="", $a_owner="")
	Get objects by type. More...
static	_prepareCloneSelection ($a_ref_ids, $new_type, $show_path=true)
	Prepare copy wizard object selection. More...
static	_getIcon ( $a_obj_id="", $a_size="big", $a_type="", $a_offline=false)
	Get icon for repository item. More...
static	collectDeletionDependencies (&$deps, $a_ref_id, $a_obj_id, $a_type, $a_depth=0)
	Collect deletion dependencies. More...
static	getDeletionDependencies ($a_obj_id)
	Get deletion dependencies. More...
static	getLongDescriptions (array $a_obj_ids)
	Get long description data. More...
static	getAllOwnedRepositoryObjects ($a_user_id)
	Get all ids of objects user owns. More...
static	fixMissingTitles ($a_type, array &$a_obj_title_map)
	Try to fix missing object titles. More...
static	_lookupCreationDate ($a_id)
	Lookup creation date. More...
static	hasAutoRating ($a_type, $a_ref_id)
	Check if auto rating is active for parent group/course. More...

Data Fields
const	MODE_PROTECTED_DELETE_LOCAL_POLICIES = 1
const	MODE_PROTECTED_KEEP_LOCAL_POLICIES = 2
const	MODE_UNPROTECTED_DELETE_LOCAL_POLICIES = 3
const	MODE_UNPROTECTED_KEEP_LOCAL_POLICIES = 4
const	MODE_ADD_OPERATIONS = 1
const	MODE_READ_OPERATIONS = 2
const	MODE_REMOVE_OPERATIONS = 3
	$parent
	$allow_register
	$assign_users
Data Fields inherited from ilObject
const	TITLE_LENGTH = 255
	max length of object title More...
const	DESC_LENGTH = 128
	$lng
	$id
	$ref_id
	$type
	$title
	$untranslatedTitle
	$desc
	$long_desc
	$owner
	$create_date
	$last_update
	$import_id
	$register = false
	$referenced
	$objectList
	$max_title
	$max_desc
	$add_dots

Protected Member Functions
	deleteLocalPolicies ($a_start, $a_policies, $a_filter)
	Delete local policies. More...
	adjustPermissions ($a_mode, $a_nodes, $a_policies, $a_filter, $a_exclusion_filter=array(), $a_operation_mode=self::MODE_READ_OPERATIONS, $a_operation_stack=[])
	Adjust permissions. More...
	changeExistingObjectsGrantPermissions ($a_role_id, $a_permissions, $a_ref_id, $a_operation_mode)
	isHandledObjectType ($a_filter, $a_exclusion_filter, $a_type)
	Check if type is filterer. More...
	updateOperationStack (&$a_stack, $a_node, $a_init=false)
	Update operation stack. More...
	updatePolicyStack (&$a_stack, $a_node)
	Update policy stack. More...
	createPermissionIntersection ($policy_stack, $a_current_ops, $a_id, $a_type)
	Create course group permission intersection. More...

Private Attributes
	$logger = null

Additional Inherited Members
Protected Attributes inherited from ilObject
	$objDefinition
	$db
	$log
	$error
	$tree
	$app_event_handler
	$rbacadmin
	$rbacreview

Detailed Description

Class ilObjRole.

Author

Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om

Version

$Id$

Definition at line 16 of file class.ilObjRole.php.

Constructor & Destructor Documentation

__construct()

ilObjRole::__construct	(		$a_id = 0,
			$a_call_by_reference = false
	)

Constructor @access public.

Parameters

integer	reference_id or object_id
boolean	treat the id as reference_id (true) or object_id (false)

Reimplemented from ilObject.

Definition at line 50 of file class.ilObjRole.php.

    {
        global $DIC;
 
        $this->logger = $DIC->logger()->ac();
        $this->type = "role";
        parent::__construct($a_id, $a_call_by_reference);
    }

References $DIC, and ILIAS\GlobalScreen\Provider\__construct().

Here is the call graph for this function:

Member Function Documentation

__getPermissionDefinitions()

ilObjRole::__getPermissionDefinitions

(

)

Definition at line 603 of file class.ilObjRole.php.

    {
        global $DIC;
 
        $ilDB = $DIC['ilDB'];
        $lng = $DIC['lng'];
        $objDefinition = $DIC['objDefinition'];
        $rbacreview = $DIC['rbacreview'];
 
        $operation_info = $rbacreview->getOperationAssignment();
        foreach ($operation_info as $info) {
            if ($objDefinition->getDevMode($info['type'])) {
                continue;
            }
            $rbac_objects[$info['typ_id']] = array("obj_id" => $info['typ_id'],
                                                   "type" => $info['type']);
            
            // handle plugin permission texts
            $txt = $objDefinition->isPlugin($info['type'])
                ? ilObjectPlugin::lookupTxtById($info['type'], $info['type'] . "_" . $info['operation'])
                : $lng->txt($info['type'] . "_" . $info['operation']);
            if (substr($info['operation'], 0, 7) == "create_" &&
                $objDefinition->isPlugin(substr($info['operation'], 7))) {
                $txt = ilObjectPlugin::lookupTxtById(substr($info['operation'], 7), $info['type'] . "_" . $info['operation']);
            }
            $rbac_operations[$info['typ_id']][$info['ops_id']] = array(
                                                                "ops_id" => $info['ops_id'],
                                                                "title" => $info['operation'],
                                                                "name" => $txt);
        }
        return array($rbac_objects,$rbac_operations);
    }

References $DIC, $ilDB, ilObject\$lng, ilObject\$objDefinition, ilObject\$rbacreview, $txt, and ilObjectPlugin\lookupTxtById().

Here is the call graph for this function:

_getAssignUsersStatus()

static ilObjRole::_getAssignUsersStatus (   $a_role_id )

static

Definition at line 155 of file class.ilObjRole.php.

    {
        global $DIC;
 
        $ilDB = $DIC['ilDB'];
 
        $query = "SELECT assign_users FROM role_data WHERE role_id = " . $ilDB->quote($a_role_id, 'integer') . " ";
        $res = $ilDB->query($query);
        while ($row = $ilDB->fetchObject($res)) {
            return $row->assign_users ? true : false;
        }
        return false;
    }

References $DIC, $ilDB, $query, $res, and true.

Referenced by ilRbacReview\getGlobalAssignableRoles(), ilSoapUserAdministration\importUsers(), ilObjUserFolderGUI\importUsersObject(), ilObjUserGUI\initCreate(), ilObjUserFolderGUI\initUserRoleAssignmentForm(), and ilSoapUserAdministration\isPermittedRole().

Here is the caller graph for this function:

_getAuthMode()

static ilObjRole::_getAuthMode (   $a_role_id )

static

Definition at line 546 of file class.ilObjRole.php.

    {
        global $DIC;
 
        $ilDB = $DIC['ilDB'];
 
        $query = "SELECT auth_mode FROM role_data " .
             "WHERE role_id= " . $ilDB->quote($a_role_id, 'integer') . " ";
        $res = $ilDB->query($query);
        $row = $ilDB->fetchAssoc($res);
        
        return $row['auth_mode'];
    }

References $DIC, $ilDB, $query, and $res.

_getRolesByAuthMode()

static ilObjRole::_getRolesByAuthMode (   $a_auth_mode )

static

Get roles by auth mode.

@access public

Parameters

string

auth mode

Definition at line 567 of file class.ilObjRole.php.

    {
        global $DIC;
 
        $ilDB = $DIC['ilDB'];
        
        $query = "SELECT * FROM role_data " .
            "WHERE auth_mode = " . $ilDB->quote($a_auth_mode, 'text');
        $res = $ilDB->query($query);
        $roles = array();
        while ($row = $ilDB->fetchObject($res)) {
            $roles[] = $row->role_id;
        }
        return $roles;
    }

References $DIC, $ilDB, $query, and $res.

Referenced by ilRadiusSettings\read().

Here is the caller graph for this function:

_getTranslation()

static ilObjRole::_getTranslation (   $a_role_title )

static

Definition at line 454 of file class.ilObjRole.php.

    {
        global $DIC;
 
        $lng = $DIC['lng'];
        $objDefinition = $DIC['objDefinition'];
 
        $role_title = self::_removeObjectId($a_role_title);
 
        if (preg_match("/^il_([a-z]{1,4})_./", $role_title, $type)) {
            //BT ID 0032909: language variables for roles from plugins were not resolved properly
            if ($objDefinition->isPlugin($type[1])) {
                return ilObjectPlugin::lookupTxtById($type[1], $role_title);
            }
 
            return $lng->txt($role_title);
        }
        
        return $a_role_title;
    }

References $DIC, ilObject\$lng, ilObject\$objDefinition, ilObject\$type, _removeObjectId(), and ilObjectPlugin\lookupTxtById().

Referenced by ilCourseEditParticipantsTableGUI\__construct(), ilRecommendedContentRoleTableGUI\__construct(), ilObjRoleGUI\addAdminLocatorItems(), ilObjRoleTemplateGUI\addAdminLocatorItems(), ilObjRoleGUI\addLocatorItems(), ilObjRoleGUI\adoptPermObject(), ilObjRoleGUI\adoptPermSaveObject(), ilMailMemberSearchDataProvider\buildRoleTitle(), ilObjRoleFolderGUI\confirmDeleteObject(), ilObjRoleGUI\confirmDeleteRoleObject(), ilObjectRolePermissionTableGUI\createTitle(), ilRoleAssignmentTableGUI\fillRow(), ilObjBlog\getAllLocalRoles(), ilSkillProfile\getAssignedRoles(), ilObjectPermissionStatusGUI\getAssignedValidRoles(), ilObjectPermissionStatusGUI\getAvailableRolesTableData(), ilObjCourse\getLocalCourseRoles(), ilObjGroup\getLocalGroupRoles(), ilLearningSequenceRoles\getLocalLearningSequenceRoles(), ilObjCourseGUI\getLocalRoles(), ilObjGroupGUI\getLocalRoles(), ilObjLearningSequenceGUI\getLocalRoles(), ilSessionParticipantsTableGUI\getParentLocalRoles(), getPresentationTitle(), ilObjRoleTemplate\getPresentationTitle(), ilLTIProviderObjectSettingGUI\getRoleSelection(), ilObjBlog\getRolesWithContributeOrRedact(), ilDclTableViewEditFormGUI\initForm(), ilObjRoleTemplateGUI\initFormRoleTemplate(), ilSettingsPermissionGUI\initPermissionForm(), ilPermissionGUI\initRoleForm(), ilRoleSelectionTableGUI\parse(), ilRoleTableGUI\parse(), ilRoleAssignmentTableGUI\parse(), ilRbacLogTableGUI\parseChangesFaPa(), ilPermissionGUI\showConfirmBlockRole(), and ilSoapRoleObjectXMLWriter\start().

Here is the call graph for this function:

Here is the caller graph for this function:

_lookupAllowRegister()

static ilObjRole::_lookupAllowRegister (   $a_role_id )

static

check whether role is allowed in user registration or not

Parameters

int

$a_role_id

role id

Returns

boolean true if role is allowed in user registration

Definition at line 316 of file class.ilObjRole.php.

    {
        global $DIC;
 
        $ilDB = $DIC['ilDB'];
        
        $query = "SELECT * FROM role_data " .
            " WHERE role_id =" . $ilDB->quote($a_role_id, 'integer');
            
        $res = $ilDB->query($query);
        if ($role_rec = $ilDB->fetchAssoc($res)) {
            if ($role_rec["allow_register"]) {
                return true;
            }
        }
        return false;
    }

References $DIC, $ilDB, $query, and $res.

Referenced by ilRegistrationSettingsGUI\editRoles(), and ilAccountRegistrationGUI\saveForm().

Here is the caller graph for this function:

_lookupRegisterAllowed()

static ilObjRole::_lookupRegisterAllowed ( )

static

get all roles that are activated in user registration

@access public

Returns

array array of int: role ids

Definition at line 289 of file class.ilObjRole.php.

    {
        global $DIC;
 
        $ilDB = $DIC['ilDB'];
        
        $query = "SELECT * FROM role_data " .
            "JOIN object_data ON object_data.obj_id = role_data.role_id " .
            "WHERE allow_register = 1";
        $res = $ilDB->query($query);
    
        $roles = array();
        while ($role = $ilDB->fetchAssoc($res)) {
            $roles[] = array("id" => $role["obj_id"],
                             "title" => $role["title"],
                             "auth_mode" => $role['auth_mode']);
        }
        
        return $roles;
    }

References $DIC, $ilDB, $query, and $res.

Referenced by ilRegistrationSettingsGUI\__prepareAccessLimitationRoleList(), ilRegistrationSettingsGUI\__prepareRoleList(), ilUserProfile\addStandardFieldsToForm(), ilObjAuthSettingsGUI\authSettingsObject(), ilRegistrationSettingsGUI\initRoleAccessForm(), and ilRegistrationSettingsGUI\saveRoleAccessLimitations().

Here is the caller graph for this function:

_removeObjectId()

static ilObjRole::_removeObjectId (   $a_role_title )

static

Definition at line 475 of file class.ilObjRole.php.

    {
        $role_title_parts = explode('_', $a_role_title);
 
        $test2 = (int) $role_title_parts[3];
        if ($test2 > 0) {
            unset($role_title_parts[3]);
        }
 
        return implode('_', $role_title_parts);
    }

Referenced by _getTranslation(), ilObjectRolePermissionTableGUI\createTitle(), and ilObjectPermissionStatusGUI\getAvailableRolesTableData().

Here is the caller graph for this function:

_resetAuthMode()

static ilObjRole::_resetAuthMode (   $a_auth_mode )

static

Reset auth mode to default.

@access public

Parameters

string

auth mode

Definition at line 591 of file class.ilObjRole.php.

    {
        global $DIC;
 
        $ilDB = $DIC['ilDB'];
        
        $query = "UPDATE role_data SET auth_mode = 'default' WHERE auth_mode = " . $ilDB->quote($a_auth_mode, 'text');
        $res = $ilDB->manipulate($query);
    }

References $DIC, $ilDB, $query, and $res.

Referenced by ilRadiusSettings\save().

Here is the caller graph for this function:

_updateAuthMode()

static ilObjRole::_updateAuthMode (   $a_roles )

static

Definition at line 532 of file class.ilObjRole.php.

    {
        global $DIC;
 
        $ilDB = $DIC['ilDB'];
 
        foreach ($a_roles as $role_id => $auth_mode) {
            $query = "UPDATE role_data SET " .
                 "auth_mode= " . $ilDB->quote($auth_mode, 'text') . " " .
                 "WHERE role_id= " . $ilDB->quote($role_id, 'integer') . " ";
            $res = $ilDB->manipulate($query);
        }
    }

References $DIC, $ilDB, $query, and $res.

Referenced by ilRadiusSettings\save(), and ilObjAuthSettingsGUI\updateAuthRolesObject().

Here is the caller graph for this function:

adjustPermissions()

ilObjRole::adjustPermissions (   $a_mode,   $a_nodes,   $a_policies,   $a_filter,   $a_exclusion_filter = array(),   $a_operation_mode = self::MODE_READ_OPERATIONS,   $a_operation_stack = []  )

protected

Adjust permissions.

Parameters

int	$a_mode
array	$a_nodes	array of nodes
array	$a_policies	array of object ref ids
array	$a_exclusion_filter	of object types.

Returns

Definition at line 715 of file class.ilObjRole.php.

    {
        global $DIC;
 
        $rbacadmin = $DIC['rbacadmin'];
        $rbacreview = $DIC['rbacreview'];
        $tree = $DIC['tree'];
        $logger = $DIC->logger()->ac();
        
        $operation_stack = array();
        $policy_stack = array();
        $node_stack = array();
        
        $start_node = current($a_nodes);
        array_push($node_stack, $start_node);
        $this->updatePolicyStack($policy_stack, $start_node['child']);
 
        if ($a_operation_mode == self::MODE_READ_OPERATIONS) {
            $this->updateOperationStack($operation_stack, $start_node['child'], true);
        }
        else {
            $operation_stack = $a_operation_stack;
        }
 
        $this->logger->debug('adjust permissions operation stack');
        $this->logger->dump($operation_stack, ilLogLevel::DEBUG);
 
        include_once "Services/AccessControl/classes/class.ilRbacLog.php";
        $rbac_log_active = ilRbacLog::isActive();
        
        $local_policy = false;
        foreach ($a_nodes as $node) {
            $cmp_node = end($node_stack);
            while ($relation = $tree->getRelationOfNodes($node, $cmp_node)) {
                switch ($relation) {
                    case ilTree::RELATION_NONE:
                    case ilTree::RELATION_SIBLING:
                        $logger->debug('Handling sibling/none relation.');
                        array_pop($operation_stack);
                        array_pop($policy_stack);
                        array_pop($node_stack);
                        $cmp_node = end($node_stack);
                        $local_policy = false;
                        break;
 
                    case ilTree::RELATION_CHILD:
                    case ilTree::RELATION_EQUALS:
                    case ilTree::RELATION_PARENT:
                    default:
                        $logger->debug('Handling child/equals/parent ' . $relation);
                        break 2;
                }
            }
 
            if ($local_policy) {
                continue;
            }
 
            // Start node => set permissions and continue
            if ($node['child'] == $start_node['child']) {
                if ($this->isHandledObjectType($a_filter, $a_exclusion_filter, $node['type'])) {
                    if ($rbac_log_active) {
                        $rbac_log_roles = $rbacreview->getParentRoleIds($node['child'], false);
                        $rbac_log_old = ilRbacLog::gatherFaPa($node['child'], array_keys($rbac_log_roles));
                    }
 
                    // Set permissions
                    $perms = end($operation_stack);
                    $this->changeExistingObjectsGrantPermissions(
                        $this->getId(),
                        (array) $perms[$node['type']],
                        $node['child'],
                        $a_operation_mode
                    );
 
                    if ($rbac_log_active) {
                        $rbac_log_new = ilRbacLog::gatherFaPa($node['child'], array_keys($rbac_log_roles));
                        $rbac_log = ilRbacLog::diffFaPa($rbac_log_old, $rbac_log_new);
                        ilRbacLog::add(ilRbacLog::EDIT_TEMPLATE_EXISTING, $node['child'], $rbac_log);
                    }
                }
                continue;
            }
            
            // Node has local policies => update permission stack and continue
            if (in_array($node['child'], $a_policies) and ($node['child'] != SYSTEM_FOLDER_ID)) {
                $local_policy = true;
                $this->updatePolicyStack($policy_stack, $node['child']);
                $this->updateOperationStack($operation_stack, $node['child']);
                array_push($node_stack, $node);
                continue;
            }
            
            // Continue if this object type is not in filter
            if (!$this->isHandledObjectType($a_filter, $a_exclusion_filter, $node['type'])) {
                continue;
            }
 
            if ($rbac_log_active) {
                $rbac_log_roles = $rbacreview->getParentRoleIds($node['child'], false);
                $rbac_log_old = ilRbacLog::gatherFaPa($node['child'], array_keys($rbac_log_roles));
            }
        
            // Node is course or group => create permission intersection
            if (
                ($a_mode == self::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES || $a_mode == self::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES) &&
                ($node['type'] == 'crs' || $node['type'] == 'grp')
            ) {
                // Copy role permission intersection
                $perms = end($operation_stack);
                $this->createPermissionIntersection($policy_stack, $perms[$node['type']], $node['child'], $node['type']);
                if ($this->updateOperationStack($operation_stack, $node['child'])) {
                    $this->updatePolicyStack($policy_stack, $node['child']);
                    array_push($node_stack, $node);
                }
            }
 
            // Set permission
            $perms = end($operation_stack);
            $this->changeExistingObjectsGrantPermissions(
                $this->getId(),
                (array) $perms[$node['type']],
                $node['child'],
                $a_operation_mode
            );
            if ($rbac_log_active) {
                $rbac_log_new = ilRbacLog::gatherFaPa($node['child'], array_keys($rbac_log_roles));
                $rbac_log = ilRbacLog::diffFaPa($rbac_log_old, $rbac_log_new);
                ilRbacLog::add(ilRbacLog::EDIT_TEMPLATE_EXISTING, $node['child'], $rbac_log);
            }
        }
    }

References $DIC, $logger, ilObject\$rbacadmin, ilObject\$rbacreview, ilObject\$tree, ilRbacLog\add(), changeExistingObjectsGrantPermissions(), createPermissionIntersection(), ilLogLevel\DEBUG, ilRbacLog\diffFaPa(), ilRbacLog\EDIT_TEMPLATE_EXISTING, ilRbacLog\gatherFaPa(), ilObject\getId(), ilRbacLog\isActive(), isHandledObjectType(), ilTree\RELATION_CHILD, ilTree\RELATION_EQUALS, ilTree\RELATION_NONE, ilTree\RELATION_PARENT, ilTree\RELATION_SIBLING, SYSTEM_FOLDER_ID, updateOperationStack(), and updatePolicyStack().

Referenced by changeExistingObjects().

Here is the call graph for this function:

Here is the caller graph for this function:

assignData()

ilObjRole::assignData

(

$a_data

)

loads a record "role" from array @access public

Parameters

array

roledata

Definition at line 199 of file class.ilObjRole.php.

    {
        $this->setTitle(ilUtil::stripSlashes($a_data["title"]));
        $this->setDescription(ilUtil::stripslashes($a_data["desc"]));
        $this->setAllowRegister($a_data["allow_register"]);
        $this->toggleAssignUsersStatus($a_data['assign_users']);
    }

References setAllowRegister(), ilObject\setDescription(), ilObject\setTitle(), ilUtil\stripSlashes(), and toggleAssignUsersStatus().

Referenced by read().

Here is the call graph for this function:

Here is the caller graph for this function:

changeExistingObjects()

ilObjRole::changeExistingObjects	(		$a_start_node,
			$a_mode,
			$a_filter,
			$a_exclusion_filter = array(),
			$a_operation_mode = self::MODE_READ_OPERATIONS,
			$a_operation_stack = []
	)

Change existing objects.

Parameters

int	$a_start_node
int	$a_mode
	array	filter Filter of object types (array('all') => change all objects

Returns

Definition at line 649 of file class.ilObjRole.php.

    {
        global $DIC;
 
        $tree = $DIC->repositoryTree();
        $rbacreview = $DIC->rbac()->review();
        
        // Get node info of subtree
        $nodes = $tree->getRbacSubtreeInfo($a_start_node);
        
        // get local policies
        $all_local_policies = $rbacreview->getObjectsWithStopedInheritance($this->getId());
        
        // filter relevant roles
        $local_policies = array();
        foreach ($all_local_policies as $lp) {
            if (isset($nodes[$lp])) {
                $local_policies[] = $lp;
            }
        }
        
        // Delete deprecated policies
        switch ($a_mode) {
            case self::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES:
            case self::MODE_PROTECTED_DELETE_LOCAL_POLICIES:
                $local_policies = $this->deleteLocalPolicies($a_start_node, $local_policies, $a_filter);
                break;
        }
        $this->adjustPermissions($a_mode, $nodes, $local_policies, $a_filter, $a_exclusion_filter, $a_operation_mode, $a_operation_stack);
    }

References $DIC, ilObject\$rbacreview, ilObject\$tree, adjustPermissions(), deleteLocalPolicies(), ilObject\getId(), MODE_PROTECTED_DELETE_LOCAL_POLICIES, and MODE_UNPROTECTED_DELETE_LOCAL_POLICIES.

Here is the call graph for this function:

changeExistingObjectsGrantPermissions()

ilObjRole::changeExistingObjectsGrantPermissions (   $a_role_id,   $a_permissions,   $a_ref_id,   $a_operation_mode  )

protected

Parameters

$a_role_id
$a_permissions
$a_ref_id
$a_operation_mode

Definition at line 854 of file class.ilObjRole.php.

    {
        global $DIC;
 
        $admin = $DIC->rbac()->admin();
        $review = $DIC->rbac()->review();
        if ($a_operation_mode == self::MODE_READ_OPERATIONS) {
            $admin->grantPermission(
                $a_role_id,
                $a_permissions,
                $a_ref_id
            );
        }
        elseif ($a_operation_mode == self::MODE_ADD_OPERATIONS) {
            $current_operations = $review->getRoleOperationsOnObject(
                $a_role_id,
                $a_ref_id
            );
            $this->logger->debug('Current operations');
            $this->logger->dump($current_operations);
 
            $new_ops = array_unique(array_merge($a_permissions, $current_operations));
            $this->logger->debug('New operations');
            $this->logger->dump($new_ops);
 
            $admin->grantPermission(
                $a_role_id,
                $new_ops,
                $a_ref_id
            );
        }
        elseif ($a_operation_mode == self::MODE_REMOVE_OPERATIONS) {
            $current_operations = $review->getRoleOperationsOnObject(
                $a_role_id,
                $a_ref_id
            );
            $this->logger->debug('Current operations');
            $this->logger->dump($current_operations);
 
            $new_ops = array_diff($current_operations, $a_permissions);
 
            $admin->grantPermission(
                $a_role_id,
                $new_ops,
                $a_ref_id
            );
        }
    }

References $DIC.

Referenced by adjustPermissions().

Here is the caller graph for this function:

create()

ilObjRole::create

(

)

create

@access public

Returns

integer object id

Reimplemented from ilObject.

Definition at line 237 of file class.ilObjRole.php.

    {
        global $DIC;
 
        $ilDB = $DIC['ilDB'];
        
        $this->id = parent::create();
 
        $query = "INSERT INTO role_data " .
            "(role_id,allow_register,assign_users) " .
            "VALUES " .
            "(" . $ilDB->quote($this->id, 'integer') . "," .
            $ilDB->quote($this->getAllowRegister(), 'integer') . "," .
            $ilDB->quote($this->getAssignUsersStatus(), 'integer') . ")"
            ;
        $res = $ilDB->query($query);
 
        return $this->id;
    }

References $DIC, ilObject\$id, $ilDB, $query, $res, getAllowRegister(), and getAssignUsersStatus().

Here is the call graph for this function:

createDefaultRole()

static ilObjRole::createDefaultRole (   $a_title,   $a_description,   $a_tpl_name,   $a_ref_id  )

static

Parameters

type	$a_title
type	$a_description
type	$a_tpl_name
type	$a_ref_id

Returns

ilObjRole

Definition at line 67 of file class.ilObjRole.php.

    {
        global $DIC;
 
        $ilDB = $DIC['ilDB'];
        
        // SET PERMISSION TEMPLATE OF NEW LOCAL CONTRIBUTOR ROLE
        $res = $ilDB->query("SELECT obj_id FROM object_data " .
            " WHERE type=" . $ilDB->quote("rolt", "text") .
            " AND title=" . $ilDB->quote($a_tpl_name, "text"));
        while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
            $tpl_id = $row->obj_id;
        }
        
        if (!$tpl_id) {
            return null;
        }
        
        include_once './Services/AccessControl/classes/class.ilObjRole.php';
        $role = new ilObjRole();
        $role->setTitle($a_title);
        $role->setDescription($a_description);
        $role->create();
        
        $GLOBALS['DIC']['rbacadmin']->assignRoleToFolder($role->getId(), $a_ref_id, 'y');
        
        $GLOBALS['DIC']['rbacadmin']->copyRoleTemplatePermissions(
            $tpl_id,
            ROLE_FOLDER_ID,
            $a_ref_id,
            $role->getId()
        );
 
        $ops = $GLOBALS['DIC']['rbacreview']->getOperationsOfRole(
            $role->getId(),
            ilObject::_lookupType($a_ref_id, true),
            $a_ref_id
        );
        $GLOBALS['DIC']['rbacadmin']->grantPermission(
            $role->getId(),
            $ops,
            $a_ref_id
        );
        return $role;
    }

References $DIC, $GLOBALS, $ilDB, $res, ilObject\_lookupType(), ilDBConstants\FETCHMODE_OBJECT, and ROLE_FOLDER_ID.

Referenced by ilObjChatroom\createDefaultRole(), ilObjBlog\initDefaultRoles(), ilObjCourse\initDefaultRoles(), ilObjForum\initDefaultRoles(), ilObjGroup\initDefaultRoles(), ilLearningSequenceRoles\initDefaultRoles(), ilObjSession\initDefaultRoles(), and ilIndividualAssessmentAccessHandler\initDefaultRolesForObject().

Here is the call graph for this function:

Here is the caller graph for this function:

createPermissionIntersection()

ilObjRole::createPermissionIntersection (   $policy_stack,   $a_current_ops,   $a_id,   $a_type  )

protected

Create course group permission intersection.

Parameters

	array	operation stack
int	$a_id
string	$a_type

Returns

Definition at line 1004 of file class.ilObjRole.php.

    {
        global $DIC;
 
        $ilDB = $DIC['ilDB'];
        $rbacreview = $DIC['rbacreview'];
        $rbacadmin = $DIC['rbacadmin'];
            
        static $course_non_member_id = null;
        static $group_non_member_id = null;
        static $group_open_id = null;
        static $group_closed_id = null;
            
        // Get template id
        switch ($a_type) {
                case 'grp':
                    
                    include_once './Modules/Group/classes/class.ilObjGroup.php';
                    $type = ilObjGroup::lookupGroupTye(ilObject::_lookupObjId($a_id));
                    #var_dump("GROUP TYPE",$type);
                    switch ($type) {
                        case GRP_TYPE_CLOSED:
                            if (!$group_closed_id) {
                                $query = "SELECT obj_id FROM object_data WHERE type='rolt' AND title='il_grp_status_closed'";
                                $res = $ilDB->query($query);
                                while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
                                    $group_closed_id = $row->obj_id;
                                }
                            }
                            $template_id = $group_closed_id;
                            #var_dump("GROUP CLOSED id:" . $template_id);
                            break;
 
                        case GRP_TYPE_OPEN:
                        default:
                            if (!$group_open_id) {
                                $query = "SELECT obj_id FROM object_data WHERE type='rolt' AND title='il_grp_status_open'";
                                $res = $ilDB->query($query);
                                while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
                                    $group_open_id = $row->obj_id;
                                }
                            }
                            $template_id = $group_open_id;
                            #var_dump("GROUP OPEN id:" . $template_id);
                            break;
                    }
                    break;
                    
                case 'crs':
                    if (!$course_non_member_id) {
                        $query = "SELECT obj_id FROM object_data WHERE type='rolt' AND title='il_crs_non_member'";
                        $res = $ilDB->query($query);
                        while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
                            $course_non_member_id = $row->obj_id;
                        }
                    }
                    $template_id = $course_non_member_id;
                    break;
            }
 
        $current_ops = $a_current_ops[$a_type];
            
        // Create intersection template permissions
        if ($template_id) {
            //$rolf = $rbacreview->getRoleFolderIdOfObject($a_id);
                
            $rbacadmin->copyRolePermissionIntersection(
                $template_id,
                ROLE_FOLDER_ID,
                $this->getId(),
                end($policy_stack),
                $a_id,
                $this->getId()
                );
        } else {
            #echo "No template id for ".$a_id.' of type'.$a_type.'<br>';
        }
        #echo "ROLE ASSIGN: ".$rolf.' AID'.$a_id;
        if ($a_id and !$GLOBALS['DIC']['rbacreview']->isRoleAssignedToObject($this->getId(), $a_id)) {
            $rbacadmin->assignRoleToFolder($this->getId(), $a_id, "n");
        }
        return true;
    }

References $DIC, $GLOBALS, $ilDB, $query, ilObject\$rbacadmin, ilObject\$rbacreview, $res, ilObject\$type, ilObject\_lookupObjId(), ilDBConstants\FETCHMODE_OBJECT, ilObject\getId(), GRP_TYPE_CLOSED, GRP_TYPE_OPEN, ilObjGroup\lookupGroupTye(), and ROLE_FOLDER_ID.

Referenced by adjustPermissions().

Here is the call graph for this function:

Here is the caller graph for this function:

delete()

ilObjRole::delete

(

)

delete role and all related data

@access public

Returns

boolean true if all object data were removed; false if only a references were removed

Reimplemented from ilObject.

Definition at line 364 of file class.ilObjRole.php.

    {
        global $DIC;
 
        $rbacadmin = $DIC['rbacadmin'];
        $rbacreview = $DIC['rbacreview'];
        $ilDB = $DIC['ilDB'];
        
        // Temporary bugfix
        if ($rbacreview->hasMultipleAssignments($this->getId())) {
            ilLoggerFactory::getLogger('ac')->warning('Found role with multiple assignments: role_id: ' . $this->getId());
            ilLoggerFactory::getLogger('ac')->warning('Aborted deletion of role.');
            return false;
        }
        
        if ($rbacreview->isAssignable($this->getId(), $this->getParent())) {
            ilLoggerFactory::getLogger('ac')->debug('Handling assignable role...');
            // do not delete a global role, if the role is the last
            // role a user is assigned to.
            //
            // Performance improvement: In the code section below, we
            // only need to consider _global_ roles. We don't need
            // to check for _local_ roles, because a user who has
            // a local role _always_ has a global role too.
            $last_role_user_ids = array();
            if ($this->getParent() == ROLE_FOLDER_ID) {
                ilLoggerFactory::getLogger('ac')->debug('Handling global role...');
                // The role is a global role: check if
                // we find users who aren't assigned to any
                // other global role than this one.
                $user_ids = $rbacreview->assignedUsers($this->getId());
 
                foreach ($user_ids as $user_id) {
                    // get all roles each user has
                    $role_ids = $rbacreview->assignedRoles($user_id);
                
                    // is last role?
                    if (count($role_ids) == 1) {
                        $last_role_user_ids[] = $user_id;
                    }
                }
            }
            
            // users with last role found?
            if (count($last_role_user_ids) > 0) {
                $user_names = array();
                foreach ($last_role_user_ids as $user_id) {
                    // GET OBJECT TITLE
                    $user_names[] = ilObjUser::_lookupLogin($user_id);
                }
                
                // TODO: This check must be done in rolefolder object because if multiple
                // roles were selected the other roles are still deleted and the system does not
                // give any feedback about this.
                $users = implode(', ', $user_names);
                ilLoggerFactory::getLogger('ac')->info('Cannot delete last global role of users.');
                $this->ilias->raiseError($this->lng->txt("msg_user_last_role1") . " " .
                                     $users . "<br/>" . $this->lng->txt("msg_user_last_role2"), $this->ilias->error_obj->WARNING);
            } else {
                ilLoggerFactory::getLogger('ac')->debug('Starting deletion of assignable role: role_id: ' . $this->getId());
                $rbacadmin->deleteRole($this->getId(), $this->getParent());
 
                // Delete ldap role group mappings
                include_once('./Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php');
                ilLDAPRoleGroupMappingSettings::_deleteByRole($this->getId());
 
                // delete object_data entry
                parent::delete();
                    
                // delete role_data entry
                $query = "DELETE FROM role_data WHERE role_id = " . $ilDB->quote($this->getId(), 'integer');
                $res = $ilDB->manipulate($query);
            }
        } else {
            ilLoggerFactory::getLogger('ac')->debug('Starting deletion of linked role: role_id ' . $this->getId());
            // linked local role: INHERITANCE WAS STOPPED, SO DELETE ONLY THIS LOCAL ROLE
            $rbacadmin->deleteLocalRole($this->getId(), $this->getParent());
        }
        return true;
    }

References $DIC, $ilDB, $query, ilObject\$rbacadmin, ilObject\$rbacreview, $res, ilLDAPRoleGroupMappingSettings\_deleteByRole(), ilObjUser\_lookupLogin(), ilObject\getId(), ilLoggerFactory\getLogger(), getParent(), and ROLE_FOLDER_ID.

Here is the call graph for this function:

deleteLocalPolicies()

ilObjRole::deleteLocalPolicies (   $a_start,   $a_policies,   $a_filter  )

protected

Delete local policies.

Parameters

array

$a_policies

array of object ref ids that define local policies

Returns

Definition at line 685 of file class.ilObjRole.php.

    {
        global $DIC;
 
        $rbacreview = $DIC['rbacreview'];
        $rbacadmin = $DIC['rbacadmin'];
        
        $local_policies = array();
        foreach ($a_policies as $policy) {
            if ($policy == $a_start or $policy == SYSTEM_FOLDER_ID) {
                $local_policies[] = $policy;
                continue;
            }
            if (!in_array('all', $a_filter) and !in_array(ilObject::_lookupType(ilObject::_lookupObjId($policy)), $a_filter)) {
                $local_policies[] = $policy;
                continue;
            }
            $rbacadmin->deleteLocalRole($this->getId(), $policy);
        }
        return $local_policies;
    }

References $DIC, ilObject\$rbacadmin, ilObject\$rbacreview, ilObject\_lookupObjId(), ilObject\_lookupType(), ilObject\getId(), and SYSTEM_FOLDER_ID.

Referenced by changeExistingObjects().

Here is the call graph for this function:

Here is the caller graph for this function:

getAllowRegister()

ilObjRole::getAllowRegister

(

)

get allow_register

@access public

Returns

integer

Definition at line 278 of file class.ilObjRole.php.

    {
        return $this->allow_register ? $this->allow_register : false;
    }

Referenced by create(), and ilObjRoleGUI\readRoleProperties().

Here is the caller graph for this function:

getAssignUsersStatus()

ilObjRole::getAssignUsersStatus

(

)

Definition at line 150 of file class.ilObjRole.php.

    {
        return $this->assign_users ? $this->assign_users : 0;
    }

Referenced by create(), ilObjRoleGUI\readRoleProperties(), and update().

Here is the caller graph for this function:

getCountMembers()

ilObjRole::getCountMembers

(

)

Definition at line 445 of file class.ilObjRole.php.

    {
        global $DIC;
 
        $rbacreview = $DIC['rbacreview'];
        
        return count($rbacreview->assignedUsers($this->getId()));
    }

References $DIC, and ilObject\$rbacreview.

getParent()

ilObjRole::getParent

(

)

get reference id of parent object

@access public

Returns

integer ref_id of parent object

Definition at line 352 of file class.ilObjRole.php.

    {
        return $this->parent;
    }

References $parent.

Referenced by delete().

Here is the caller graph for this function:

getPresentationTitle()

ilObjRole::getPresentationTitle

(

)

For autogenerated roles this returns 'Translated Title (untranslated title)'.

If you only want the translated title, use getShortPresentationTitle.

Reimplemented from ilObject.

Definition at line 135 of file class.ilObjRole.php.

                                           : string
    {
        $r = ilObjRole::_getTranslation($this->getTitle());
 
        if ($r === $this->getUntranslatedTitle()) {
            return $r;
        }
 
        return $r . ' (' . $this->getUntranslatedTitle() . ')';
    }

References _getTranslation(), ilObject\getTitle(), and ilObject\getUntranslatedTitle().

Referenced by ilObjRoleGUI\readRoleProperties().

Here is the call graph for this function:

Here is the caller graph for this function:

isAutoGenerated()

static ilObjRole::isAutoGenerated (   $a_role_id )

static

Definition at line 637 of file class.ilObjRole.php.

    {
        return substr(ilObject::_lookupTitle($a_role_id), 0, 3) == 'il_';
    }

References ilObject\_lookupTitle().

Referenced by ilObjRoleGUI\initFormRoleProperties().

Here is the call graph for this function:

Here is the caller graph for this function:

isHandledObjectType()

ilObjRole::isHandledObjectType (   $a_filter,   $a_exclusion_filter,   $a_type  )

protected

Check if type is filterer.

Parameters

array	$a_filter
string	$a_type

Returns

Definition at line 910 of file class.ilObjRole.php.

    {
        if (in_array($a_type, $a_exclusion_filter)) {
            return false;
        }
        
        if (in_array('all', $a_filter)) {
            return true;
        }
        return in_array($a_type, $a_filter);
    }

Referenced by adjustPermissions().

Here is the caller graph for this function:

read()

ilObjRole::read

(

)

loads "role" from database @access private

Reimplemented from ilObject.

Definition at line 173 of file class.ilObjRole.php.

    {
        global $DIC;
 
        $ilDB = $DIC['ilDB'];
        
        $query = "SELECT * FROM role_data WHERE role_id= " . $ilDB->quote($this->id, 'integer') . " ";
 
        $res = $ilDB->query($query);
        if ($res->numRows() > 0) {
            $data = $ilDB->fetchAssoc($res);
 
            // fill member vars in one shot
            $this->assignData($data);
        } else {
            $this->ilias->raiseError("<b>Error: There is no dataset with id " . $this->id . "!</b><br />class: " . get_class($this) . "<br />Script: " . __FILE__ . "<br />Line: " . __LINE__, $this->ilias->FATAL);
        }
 
        parent::read();
    }

References $data, $DIC, $ilDB, $query, $res, and assignData().

Referenced by update().

Here is the call graph for this function:

Here is the caller graph for this function:

setAllowRegister()

ilObjRole::setAllowRegister

(

$a_allow_register

)

set allow_register of role

@access public

Parameters

integer

Definition at line 263 of file class.ilObjRole.php.

    {
        if (empty($a_allow_register)) {
            $a_allow_register == 0;
        }
        
        $this->allow_register = (int) $a_allow_register;
    }

Referenced by assignData(), and ilObjRoleGUI\loadRoleProperties().

Here is the caller graph for this function:

setParent()

ilObjRole::setParent

(

$a_parent_ref

)

set reference id of parent object this is neccessary for non RBAC protected objects!!!

@access public

Parameters

integer

ref_id of parent object

Definition at line 341 of file class.ilObjRole.php.

    {
        $this->parent = $a_parent_ref;
    }

toggleAssignUsersStatus()

ilObjRole::toggleAssignUsersStatus

(

$a_assign_users

)

Definition at line 146 of file class.ilObjRole.php.

    {
        $this->assign_users = (int) $a_assign_users;
    }

Referenced by assignData(), and ilObjRoleGUI\loadRoleProperties().

Here is the caller graph for this function:

update()

ilObjRole::update

(

)

updates a record "role" and write it into database @access public

Reimplemented from ilObject.

Definition at line 211 of file class.ilObjRole.php.

    {
        global $DIC;
 
        $ilDB = $DIC['ilDB'];
        
        $query = "UPDATE role_data SET " .
            "allow_register= " . $ilDB->quote($this->allow_register, 'integer') . ", " .
            "assign_users = " . $ilDB->quote($this->getAssignUsersStatus(), 'integer') . " " .
            "WHERE role_id= " . $ilDB->quote($this->id, 'integer') . " ";
        $res = $ilDB->manipulate($query);
 
        parent::update();
 
        $this->read();
 
        return true;
    }

References $DIC, $ilDB, $query, $res, getAssignUsersStatus(), and read().

Here is the call graph for this function:

updateOperationStack()

ilObjRole::updateOperationStack ( &  $a_stack,   $a_node,   $a_init = false  )

protected

Update operation stack.

Parameters

array	$a_stack
int	$a_node

Returns

Definition at line 928 of file class.ilObjRole.php.

    {
        global $DIC;
 
        $rbacreview = $DIC['rbacreview'];
        
        $has_policies = null;
        $policy_origin = null;
        
        if ($a_node == ROOT_FOLDER_ID) {
            $has_policies = true;
            $policy_origin = ROLE_FOLDER_ID;
        } else {
            $has_policies = $rbacreview->getLocalPolicies($a_node);
            $policy_origin = $a_node;
            
            if ($a_init) {
                $parent_roles = $rbacreview->getParentRoleIds($a_node, false);
                if ($parent_roles[$this->getId()]) {
                    $a_stack[] = $rbacreview->getAllOperationsOfRole(
                        $this->getId(),
                        $parent_roles[$this->getId()]['parent']
                    );
                }
                return true;
            }
        }
        
        if (!$has_policies) {
            return false;
        }
        
        $a_stack[] = $rbacreview->getAllOperationsOfRole(
            $this->getId(),
            $policy_origin
        );
        return true;
    }

References $DIC, ilObject\$rbacreview, ilObject\getId(), ROLE_FOLDER_ID, and ROOT_FOLDER_ID.

Referenced by adjustPermissions().

Here is the call graph for this function:

Here is the caller graph for this function:

updatePolicyStack()

ilObjRole::updatePolicyStack ( &  $a_stack,   $a_node  )

protected

Update policy stack.

Parameters

object

$a_node

Returns

Definition at line 972 of file class.ilObjRole.php.

    {
        global $DIC;
 
        $rbacreview = $DIC['rbacreview'];
 
        $has_policies = null;
        $policy_origin = null;
        
        if ($a_node == ROOT_FOLDER_ID) {
            $has_policies = true;
            $policy_origin = ROLE_FOLDER_ID;
        } else {
            $has_policies = $rbacreview->getLocalPolicies($a_node);
            $policy_origin = $a_node;
        }
        
        if (!$has_policies) {
            return false;
        }
        
        $a_stack[] = $policy_origin;
        return true;
    }

References $DIC, ilObject\$rbacreview, ROLE_FOLDER_ID, and ROOT_FOLDER_ID.

Referenced by adjustPermissions().

Here is the caller graph for this function:

validate()

ilObjRole::validate

(

)

Validate role data.

Returns

bool

Definition at line 118 of file class.ilObjRole.php.

    {
        global $DIC;
 
        $ilErr = $DIC['ilErr'];
        
        if (substr($this->getTitle(), 0, 3) == 'il_') {
            $ilErr->setMessage('msg_role_reserved_prefix');
            return false;
        }
        return true;
    }

References $DIC, $ilErr, and ilObject\getTitle().

Here is the call graph for this function:

Field Documentation

$allow_register

ilObjRole::$allow_register

Definition at line 41 of file class.ilObjRole.php.

$assign_users

ilObjRole::$assign_users

Definition at line 42 of file class.ilObjRole.php.

$logger

ilObjRole::$logger = null

private

Definition at line 30 of file class.ilObjRole.php.

Referenced by adjustPermissions().

$parent

ilObjRole::$parent

Definition at line 39 of file class.ilObjRole.php.

Referenced by getParent().

MODE_ADD_OPERATIONS

const ilObjRole::MODE_ADD_OPERATIONS = 1

Definition at line 23 of file class.ilObjRole.php.

Referenced by ilObjRoleFolderGUI\adjustRoleObject().

MODE_PROTECTED_DELETE_LOCAL_POLICIES

const ilObjRole::MODE_PROTECTED_DELETE_LOCAL_POLICIES = 1

Definition at line 18 of file class.ilObjRole.php.

Referenced by changeExistingObjects(), ilDidacticTemplateLocalPolicyAction\createLocalPolicy(), ilDidacticTemplateLocalPolicyAction\revert(), ilDidacticTemplateLocalPolicyAction\revertLocalPolicy(), and ilObjRoleGUI\showChangeExistingObjectsConfirmation().

MODE_PROTECTED_KEEP_LOCAL_POLICIES

const ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES = 2

Definition at line 19 of file class.ilObjRole.php.

Referenced by ilPermissionGUI\addRole(), ilObjRoleFolderGUI\doChangeExistingObjects(), ilObjRoleGUI\permSaveObject(), and ilObjRoleGUI\showChangeExistingObjectsConfirmation().

MODE_READ_OPERATIONS

const ilObjRole::MODE_READ_OPERATIONS = 2

Definition at line 24 of file class.ilObjRole.php.

Referenced by ilObjRoleFolderGUI\adjustRoleObject(), and ilObjRoleFolderGUI\doChangeExistingObjects().

MODE_REMOVE_OPERATIONS

const ilObjRole::MODE_REMOVE_OPERATIONS = 3

Definition at line 25 of file class.ilObjRole.php.

Referenced by ilObjRoleFolderGUI\adjustRoleObject().

MODE_UNPROTECTED_DELETE_LOCAL_POLICIES

const ilObjRole::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES = 3

Definition at line 20 of file class.ilObjRole.php.

Referenced by changeExistingObjects(), ilDidacticTemplateLocalPolicyAction\createLocalPolicy(), ilDidacticTemplateBlockRoleAction\deleteLocalPolicy(), ilDidacticTemplateLocalPolicyAction\revert(), ilDidacticTemplateLocalPolicyAction\revertLocalPolicy(), and ilObjRoleGUI\showChangeExistingObjectsConfirmation().

MODE_UNPROTECTED_KEEP_LOCAL_POLICIES

const ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES = 4

Definition at line 21 of file class.ilObjRole.php.

Referenced by ilPermissionGUI\addRole(), ilObjLTIAdministrationGUI\createLtiUserRole(), ilObjRoleFolderGUI\doChangeExistingObjects(), ilObjRoleGUI\permSaveObject(), ilObjRoleGUI\showChangeExistingObjectsConfirmation(), and ilPermissionGUI\unblockRoles().

---

The documentation for this class was generated from the following file:

• Services/AccessControl/classes/class.ilObjRole.php