ILIAS  release_7 Revision v7.30-3-g800a261c036
Public Member Functions | Static Public Member Functions | Data Fields | Protected Member Functions | Private Attributes
ilObjRole Class Reference

Class ilObjRole. More...

+ Inheritance diagram for ilObjRole:
+ Collaboration diagram for ilObjRole:

Public Member Functions

 __construct ($a_id=0, $a_call_by_reference=false)
 Constructor public. More...
 
 validate ()
 Validate role data. More...
 
 getPresentationTitle ()
 For autogenerated roles this returns 'Translated Title (untranslated title)'. More...
 
 toggleAssignUsersStatus ($a_assign_users)
 
 getAssignUsersStatus ()
 
 read ()
 loads "role" from database private More...
 
 assignData ($a_data)
 loads a record "role" from array public More...
 
 update ()
 updates a record "role" and write it into database public More...
 
 create ()
 create More...
 
 setAllowRegister ($a_allow_register)
 set allow_register of role More...
 
 getAllowRegister ()
 get allow_register More...
 
 setParent ($a_parent_ref)
 set reference id of parent object this is neccessary for non RBAC protected objects!!! More...
 
 getParent ()
 get reference id of parent object More...
 
 delete ()
 delete role and all related data More...
 
 getCountMembers ()
 
 __getPermissionDefinitions ()
 
 changeExistingObjects ($a_start_node, $a_mode, $a_filter, $a_exclusion_filter=array(), $a_operation_mode=self::MODE_READ_OPERATIONS, $a_operation_stack=[])
 Change existing objects. More...
 
- Public Member Functions inherited from ilObject
 __construct ($a_id=0, $a_reference=true)
 Constructor public. More...
 
 withReferences ()
 determines wehter objects are referenced or not (got ref ids or not) More...
 
 read ()
 read object data from db into object More...
 
 getId ()
 get object id public More...
 
 setId ($a_id)
 set object id public More...
 
 setRefId ($a_id)
 set reference id public More...
 
 getRefId ()
 get reference id public More...
 
 getType ()
 get object type public More...
 
 setType ($a_type)
 set object type public More...
 
 getPresentationTitle ()
 get presentation title Normally same as title Overwritten for sessions More...
 
 getTitle ()
 get object title public More...
 
 getUntranslatedTitle ()
 get untranslated object title public More...
 
 setTitle ($a_title)
 set object title More...
 
 getDescription ()
 get object description More...
 
 setDescription ($a_desc)
 set object description More...
 
 getLongDescription ()
 get object long description (stored in object_description) More...
 
 getImportId ()
 get import id More...
 
 setImportId ($a_import_id)
 set import id More...
 
 setOfflineStatus ($a_status)
 Set offline status. More...
 
 getOfflineStatus ()
 Get offline status. More...
 
 supportsOfflineHandling ()
 Check whether object supports offline handling. More...
 
 getOwner ()
 get object owner More...
 
 getOwnerName ()
 
 setOwner ($a_owner)
 set object owner More...
 
 getCreateDate ()
 get create date public More...
 
 getLastUpdateDate ()
 get last update date public More...
 
 getDiskUsage ()
 Gets the disk usage of the object in bytes. More...
 
 create ()
 create More...
 
 update ()
 update object in db More...
 
 MDUpdateListener ($a_element)
 Meta data update listener. More...
 
 createMetaData ()
 create meta data entry More...
 
 updateMetaData ()
 update meta data entry More...
 
 deleteMetaData ()
 delete meta data entry More...
 
 updateOwner ()
 update owner of object in db More...
 
 putInTree ($a_parent_ref)
 maybe this method should be in tree object!? More...
 
 setPermissions ($a_parent_ref)
 set permissions of object More...
 
 setParentRolePermissions ($a_parent_ref)
 Initialize the permissions of parent roles (local roles of categories, global roles...) This method is overwritten in e.g courses, groups for building permission intersections with non_member templates. More...
 
 createReference ()
 creates reference for object More...
 
 countReferences ()
 count references of object More...
 
 delete ()
 delete object or referenced object (in the case of a referenced object, object data is only deleted if last reference is deleted) This function removes an object entirely from system!! More...
 
 initDefaultRoles ()
 init default roles settings Purpose of this function is to create a local role folder and local roles, that are needed depending on the object type If you want to setup default local roles you MUST overwrite this method in derived object classes (see ilObjForum for an example) public More...
 
 applyDidacticTemplate ($a_tpl_id)
 Apply template. More...
 
 setRegisterMode ($a_bool)
 
 isUserRegistered ($a_user_id=0)
 
 requireRegistration ()
 
 getXMLZip ()
 
 getHTMLDirectory ()
 
 appendCopyInfo ($a_target_id, $a_copy_id)
 Prepend Copy info if object with same name exists in that container. More...
 
 cloneDependencies ($a_target_id, $a_copy_id)
 Clone object dependencies. More...
 
 cloneMetaData ($target_obj)
 Copy meta data. More...
 
 getPossibleSubObjects ($a_filter=true)
 get all possible subobjects of this type the object can decide which types of subobjects are possible jut in time overwrite if the decision distinguish from standard model More...
 

Static Public Member Functions

static createDefaultRole ($a_title, $a_description, $a_tpl_name, $a_ref_id)
 
static _getAssignUsersStatus ($a_role_id)
 
static _lookupRegisterAllowed ()
 get all roles that are activated in user registration More...
 
static _lookupAllowRegister ($a_role_id)
 check whether role is allowed in user registration or not More...
 
static _getTranslation ($a_role_title)
 
static _removeObjectId ($a_role_title)
 
static _updateAuthMode ($a_roles)
 
static _getAuthMode ($a_role_id)
 
static _getRolesByAuthMode ($a_auth_mode)
 Get roles by auth mode. More...
 
static _resetAuthMode ($a_auth_mode)
 Reset auth mode to default. More...
 
static isAutoGenerated ($a_role_id)
 
- Static Public Member Functions inherited from ilObject
static _lookupObjIdByImportId ($a_import_id)
 
static _lookupImportId ($a_obj_id)
 
static _lookupOwnerName ($a_owner_id)
 lookup owner name for owner id More...
 
static _getIdForImportId ($a_import_id)
 get current object id for import id (static) More...
 
static _getAllReferences ($a_id)
 get all reference ids of object More...
 
static _lookupTitle ($a_id)
 lookup object title More...
 
static lookupOfflineStatus ($a_obj_id)
 Lookup offline status using objectDataCache. More...
 
static _lookupOwner ($a_id)
 lookup object owner More...
 
static _getIdsForTitle ($title, $type='', $partialmatch=false)
 
static _lookupDescription ($a_id)
 lookup object description More...
 
static _lookupLastUpdate ($a_id, $a_as_string=false)
 lookup last update More...
 
static _getLastUpdateOfObjects ($a_objs)
 Get last update for a set of media objects. More...
 
static _lookupObjId ($a_id)
 
static _setDeletedDate ($a_ref_id, $a_deleted_by)
 
static setDeletedDates ($a_ref_ids, $a_user_id)
 Set deleted date. More...
 
static _resetDeletedDate ($a_ref_id)
 only called in ilObjectGUI::insertSavedNodes More...
 
static _lookupDeletedDate ($a_ref_id)
 only called in ilObjectGUI::insertSavedNodes More...
 
static _writeTitle ($a_obj_id, $a_title)
 write title to db (static) More...
 
static _writeDescription ($a_obj_id, $a_desc)
 write description to db (static) More...
 
static _writeImportId ($a_obj_id, $a_import_id)
 write import id to db (static) More...
 
static _lookupType ($a_id, $a_reference=false)
 lookup object type More...
 
static _isInTrash ($a_ref_id)
 checks wether object is in trash More...
 
static _hasUntrashedReference ($a_obj_id)
 checks wether an object has at least one reference that is not in trash More...
 
static _lookupObjectId ($a_ref_id)
 lookup object id More...
 
static _getObjectsDataForType ($a_type, $a_omit_trash=false)
 get all objects of a certain type More...
 
static _exists ($a_id, $a_reference=false, $a_type=null)
 checks if an object exists in object_data More...
 
static _getObjectsByType ($a_obj_type="", $a_owner="")
 Get objects by type. More...
 
static _prepareCloneSelection ($a_ref_ids, $new_type, $show_path=true)
 Prepare copy wizard object selection. More...
 
static _getIcon ( $a_obj_id="", $a_size="big", $a_type="", $a_offline=false)
 Get icon for repository item. More...
 
static collectDeletionDependencies (&$deps, $a_ref_id, $a_obj_id, $a_type, $a_depth=0)
 Collect deletion dependencies. More...
 
static getDeletionDependencies ($a_obj_id)
 Get deletion dependencies. More...
 
static getLongDescriptions (array $a_obj_ids)
 Get long description data. More...
 
static getAllOwnedRepositoryObjects ($a_user_id)
 Get all ids of objects user owns. More...
 
static fixMissingTitles ($a_type, array &$a_obj_title_map)
 Try to fix missing object titles. More...
 
static _lookupCreationDate ($a_id)
 Lookup creation date. More...
 
static hasAutoRating ($a_type, $a_ref_id)
 Check if auto rating is active for parent group/course. More...
 

Data Fields

const MODE_PROTECTED_DELETE_LOCAL_POLICIES = 1
 
const MODE_PROTECTED_KEEP_LOCAL_POLICIES = 2
 
const MODE_UNPROTECTED_DELETE_LOCAL_POLICIES = 3
 
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES = 4
 
const MODE_ADD_OPERATIONS = 1
 
const MODE_READ_OPERATIONS = 2
 
const MODE_REMOVE_OPERATIONS = 3
 
 $parent
 
 $allow_register
 
 $assign_users
 
- Data Fields inherited from ilObject
const TITLE_LENGTH = 255
 max length of object title More...
 
const DESC_LENGTH = 128
 
 $lng
 
 $id
 
 $ref_id
 
 $type
 
 $title
 
 $untranslatedTitle
 
 $desc
 
 $long_desc
 
 $owner
 
 $create_date
 
 $last_update
 
 $import_id
 
 $register = false
 
 $referenced
 
 $objectList
 
 $max_title
 
 $max_desc
 
 $add_dots
 

Protected Member Functions

 deleteLocalPolicies ($a_start, $a_policies, $a_filter)
 Delete local policies. More...
 
 adjustPermissions ($a_mode, $a_nodes, $a_policies, $a_filter, $a_exclusion_filter=array(), $a_operation_mode=self::MODE_READ_OPERATIONS, $a_operation_stack=[])
 Adjust permissions. More...
 
 changeExistingObjectsGrantPermissions ($a_role_id, $a_permissions, $a_ref_id, $a_operation_mode)
 
 isHandledObjectType ($a_filter, $a_exclusion_filter, $a_type)
 Check if type is filterer. More...
 
 updateOperationStack (&$a_stack, $a_node, $a_init=false)
 Update operation stack. More...
 
 updatePolicyStack (&$a_stack, $a_node)
 Update policy stack. More...
 
 createPermissionIntersection ($policy_stack, $a_current_ops, $a_id, $a_type)
 Create course group permission intersection. More...
 

Private Attributes

 $logger = null
 

Additional Inherited Members

- Protected Attributes inherited from ilObject
 $objDefinition
 
 $db
 
 $log
 
 $error
 
 $tree
 
 $app_event_handler
 
 $rbacadmin
 
 $rbacreview
 

Detailed Description

Class ilObjRole.

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Version
$Id$

Definition at line 16 of file class.ilObjRole.php.

Constructor & Destructor Documentation

◆ __construct()

ilObjRole::__construct (   $a_id = 0,
  $a_call_by_reference = false 
)

Constructor public.

Parameters
integerreference_id or object_id
booleantreat the id as reference_id (true) or object_id (false)

Definition at line 50 of file class.ilObjRole.php.

References $DIC, and ILIAS\GlobalScreen\Provider\__construct().

51  {
52  global $DIC;
53 
54  $this->logger = $DIC->logger()->ac();
55  $this->type = "role";
56  parent::__construct($a_id, $a_call_by_reference);
57  }
$DIC
global $DIC
Definition: goto.php:24
ILIAS\GlobalScreen\Provider\__construct
__construct(Container $dic, ilPlugin $plugin)
Definition: PluginProviderHelper.php:40
+ Here is the call graph for this function:

Member Function Documentation

◆ __getPermissionDefinitions()

ilObjRole::__getPermissionDefinitions ( )

Definition at line 603 of file class.ilObjRole.php.

References $DIC, $ilDB, ilObject\$lng, ilObject\$objDefinition, ilObject\$rbacreview, $txt, and ilObjectPlugin\lookupTxtById().

604  {
605  global $DIC;
606 
607  $ilDB = $DIC['ilDB'];
608  $lng = $DIC['lng'];
609  $objDefinition = $DIC['objDefinition'];
610  $rbacreview = $DIC['rbacreview'];
611 
612  $operation_info = $rbacreview->getOperationAssignment();
613  foreach ($operation_info as $info) {
614  if ($objDefinition->getDevMode($info['type'])) {
615  continue;
616  }
617  $rbac_objects[$info['typ_id']] = array("obj_id" => $info['typ_id'],
618  "type" => $info['type']);
619 
620  // handle plugin permission texts
621  $txt = $objDefinition->isPlugin($info['type'])
622  ? ilObjectPlugin::lookupTxtById($info['type'], $info['type'] . "_" . $info['operation'])
623  : $lng->txt($info['type'] . "_" . $info['operation']);
624  if (substr($info['operation'], 0, 7) == "create_" &&
625  $objDefinition->isPlugin(substr($info['operation'], 7))) {
626  $txt = ilObjectPlugin::lookupTxtById(substr($info['operation'], 7), $info['type'] . "_" . $info['operation']);
627  }
628  $rbac_operations[$info['typ_id']][$info['ops_id']] = array(
629  "ops_id" => $info['ops_id'],
630  "title" => $info['operation'],
631  "name" => $txt);
632  }
633  return array($rbac_objects,$rbac_operations);
634  }
ilObjectPlugin\lookupTxtById
static lookupTxtById($plugin_id, $lang_var)
Definition: class.ilObjectPlugin.php:99
$DIC
global $DIC
Definition: goto.php:24
$txt
$txt
Definition: error.php:13
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ _getAssignUsersStatus()

static ilObjRole::_getAssignUsersStatus (   $a_role_id)
static

Definition at line 155 of file class.ilObjRole.php.

References $DIC, $ilDB, $query, and $res.

Referenced by ilRbacReview\getGlobalAssignableRoles(), ilSoapUserAdministration\importUsers(), ilObjUserFolderGUI\importUsersObject(), ilObjUserGUI\initCreate(), ilObjUserFolderGUI\initUserRoleAssignmentForm(), and ilSoapUserAdministration\isPermittedRole().

156  {
157  global $DIC;
158 
159  $ilDB = $DIC['ilDB'];
160 
161  $query = "SELECT assign_users FROM role_data WHERE role_id = " . $ilDB->quote($a_role_id, 'integer') . " ";
162  $res = $ilDB->query($query);
163  while ($row = $ilDB->fetchObject($res)) {
164  return $row->assign_users ? true : false;
165  }
166  return false;
167  }
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$DIC
global $DIC
Definition: goto.php:24
$query
$query
Definition: proxy_ylocal.php:13
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ _getAuthMode()

static ilObjRole::_getAuthMode (   $a_role_id)
static

Definition at line 546 of file class.ilObjRole.php.

References $DIC, $ilDB, $query, and $res.

547  {
548  global $DIC;
549 
550  $ilDB = $DIC['ilDB'];
551 
552  $query = "SELECT auth_mode FROM role_data " .
553  "WHERE role_id= " . $ilDB->quote($a_role_id, 'integer') . " ";
554  $res = $ilDB->query($query);
555  $row = $ilDB->fetchAssoc($res);
556 
557  return $row['auth_mode'];
558  }
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$DIC
global $DIC
Definition: goto.php:24
$query
$query
Definition: proxy_ylocal.php:13
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ _getRolesByAuthMode()

static ilObjRole::_getRolesByAuthMode (   $a_auth_mode)
static

Get roles by auth mode.

public

Parameters
stringauth mode

Definition at line 567 of file class.ilObjRole.php.

References $DIC, $ilDB, $query, and $res.

Referenced by ilRadiusSettings\read().

568  {
569  global $DIC;
570 
571  $ilDB = $DIC['ilDB'];
572 
573  $query = "SELECT * FROM role_data " .
574  "WHERE auth_mode = " . $ilDB->quote($a_auth_mode, 'text');
575  $res = $ilDB->query($query);
576  $roles = array();
577  while ($row = $ilDB->fetchObject($res)) {
578  $roles[] = $row->role_id;
579  }
580  return $roles;
581  }
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$DIC
global $DIC
Definition: goto.php:24
$query
$query
Definition: proxy_ylocal.php:13
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ _getTranslation()

static ilObjRole::_getTranslation (   $a_role_title)
static

Definition at line 454 of file class.ilObjRole.php.

References $DIC, ilObject\$lng, ilObject\$objDefinition, ilObject\$type, and ilObjectPlugin\lookupTxtById().

Referenced by ilRecommendedContentRoleTableGUI\__construct(), ilCourseEditParticipantsTableGUI\__construct(), ilObjRoleTemplateGUI\addAdminLocatorItems(), ilObjRoleGUI\addAdminLocatorItems(), ilObjRoleGUI\addLocatorItems(), ilObjRoleGUI\adoptPermObject(), ilObjRoleGUI\adoptPermSaveObject(), ilMailMemberSearchDataProvider\buildRoleTitle(), ilObjRoleFolderGUI\confirmDeleteObject(), ilObjRoleGUI\confirmDeleteRoleObject(), ilObjectRolePermissionTableGUI\createTitle(), ilRoleAssignmentTableGUI\fillRow(), ilObjBlog\getAllLocalRoles(), ilSkillProfile\getAssignedRoles(), ilObjectPermissionStatusGUI\getAssignedValidRoles(), ilObjectPermissionStatusGUI\getAvailableRolesTableData(), ilObjCourse\getLocalCourseRoles(), ilObjGroup\getLocalGroupRoles(), ilLearningSequenceRoles\getLocalLearningSequenceRoles(), ilObjLearningSequenceGUI\getLocalRoles(), ilObjGroupGUI\getLocalRoles(), ilObjCourseGUI\getLocalRoles(), ilSessionParticipantsTableGUI\getParentLocalRoles(), ilObjRoleTemplate\getPresentationTitle(), getPresentationTitle(), ilLTIProviderObjectSettingGUI\getRoleSelection(), ilObjBlog\getRolesWithContributeOrRedact(), ilDclTableViewEditFormGUI\initForm(), ilObjRoleTemplateGUI\initFormRoleTemplate(), ilSettingsPermissionGUI\initPermissionForm(), ilPermissionGUI\initRoleForm(), ilRoleSelectionTableGUI\parse(), ilRoleAssignmentTableGUI\parse(), ilRoleTableGUI\parse(), ilRbacLogTableGUI\parseChangesFaPa(), ilPermissionGUI\showConfirmBlockRole(), and ilSoapRoleObjectXMLWriter\start().

455  {
456  global $DIC;
457 
458  $lng = $DIC['lng'];
459  $objDefinition = $DIC['objDefinition'];
460 
461  $role_title = self::_removeObjectId($a_role_title);
462 
463  if (preg_match("/^il_([a-z]{1,4})_./", $role_title, $type)) {
464  //BT ID 0032909: language variables for roles from plugins were not resolved properly
465  if ($objDefinition->isPlugin($type[1])) {
466  return ilObjectPlugin::lookupTxtById($type[1], $role_title);
467  }
468 
469  return $lng->txt($role_title);
470  }
471 
472  return $a_role_title;
473  }
ilObjectPlugin\lookupTxtById
static lookupTxtById($plugin_id, $lang_var)
Definition: class.ilObjectPlugin.php:99
$DIC
global $DIC
Definition: goto.php:24
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ _lookupAllowRegister()

static ilObjRole::_lookupAllowRegister (   $a_role_id)
static

check whether role is allowed in user registration or not

Parameters
int$a_role_idrole id
Returns
boolean true if role is allowed in user registration

Definition at line 316 of file class.ilObjRole.php.

References $DIC, $ilDB, $query, and $res.

Referenced by ilRegistrationSettingsGUI\editRoles(), and ilAccountRegistrationGUI\saveForm().

317  {
318  global $DIC;
319 
320  $ilDB = $DIC['ilDB'];
321 
322  $query = "SELECT * FROM role_data " .
323  " WHERE role_id =" . $ilDB->quote($a_role_id, 'integer');
324 
325  $res = $ilDB->query($query);
326  if ($role_rec = $ilDB->fetchAssoc($res)) {
327  if ($role_rec["allow_register"]) {
328  return true;
329  }
330  }
331  return false;
332  }
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$DIC
global $DIC
Definition: goto.php:24
$query
$query
Definition: proxy_ylocal.php:13
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ _lookupRegisterAllowed()

static ilObjRole::_lookupRegisterAllowed ( )
static

get all roles that are activated in user registration

public

Returns
array array of int: role ids

Definition at line 289 of file class.ilObjRole.php.

References $DIC, $ilDB, $query, and $res.

Referenced by ilRegistrationSettingsGUI\__prepareAccessLimitationRoleList(), ilRegistrationSettingsGUI\__prepareRoleList(), ilUserProfile\addStandardFieldsToForm(), ilObjAuthSettingsGUI\authSettingsObject(), ilRegistrationSettingsGUI\initRoleAccessForm(), and ilRegistrationSettingsGUI\saveRoleAccessLimitations().

290  {
291  global $DIC;
292 
293  $ilDB = $DIC['ilDB'];
294 
295  $query = "SELECT * FROM role_data " .
296  "JOIN object_data ON object_data.obj_id = role_data.role_id " .
297  "WHERE allow_register = 1";
298  $res = $ilDB->query($query);
299 
300  $roles = array();
301  while ($role = $ilDB->fetchAssoc($res)) {
302  $roles[] = array("id" => $role["obj_id"],
303  "title" => $role["title"],
304  "auth_mode" => $role['auth_mode']);
305  }
306 
307  return $roles;
308  }
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$DIC
global $DIC
Definition: goto.php:24
$query
$query
Definition: proxy_ylocal.php:13
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ _removeObjectId()

static ilObjRole::_removeObjectId (   $a_role_title)
static

Definition at line 475 of file class.ilObjRole.php.

References $DIC, ilObject\$lng, ilObject\$objDefinition, ilECSSetting\ecsConfigured(), ilECSUtils\getPossibleRemoteTypes(), ilObjectPlugin\lookupTxtById(), and ilUtil\sortArray().

Referenced by ilObjectRolePermissionTableGUI\createTitle(), and ilObjectPermissionStatusGUI\getAvailableRolesTableData().

476  {
477  $role_title_parts = explode('_', $a_role_title);
478 
479  $test2 = (int) $role_title_parts[3];
480  if ($test2 > 0) {
481  unset($role_title_parts[3]);
482  }
483 
484  return implode('_', $role_title_parts);
485  }
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ _resetAuthMode()

static ilObjRole::_resetAuthMode (   $a_auth_mode)
static

Reset auth mode to default.

public

Parameters
stringauth mode

Definition at line 591 of file class.ilObjRole.php.

References $DIC, $ilDB, $query, and $res.

Referenced by ilRadiusSettings\save().

592  {
593  global $DIC;
594 
595  $ilDB = $DIC['ilDB'];
596 
597  $query = "UPDATE role_data SET auth_mode = 'default' WHERE auth_mode = " . $ilDB->quote($a_auth_mode, 'text');
598  $res = $ilDB->manipulate($query);
599  }
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$DIC
global $DIC
Definition: goto.php:24
$query
$query
Definition: proxy_ylocal.php:13
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ _updateAuthMode()

static ilObjRole::_updateAuthMode (   $a_roles)
static

Definition at line 532 of file class.ilObjRole.php.

References $DIC, $ilDB, $query, and $res.

Referenced by ilRadiusSettings\save(), and ilObjAuthSettingsGUI\updateAuthRolesObject().

533  {
534  global $DIC;
535 
536  $ilDB = $DIC['ilDB'];
537 
538  foreach ($a_roles as $role_id => $auth_mode) {
539  $query = "UPDATE role_data SET " .
540  "auth_mode= " . $ilDB->quote($auth_mode, 'text') . " " .
541  "WHERE role_id= " . $ilDB->quote($role_id, 'integer') . " ";
542  $res = $ilDB->manipulate($query);
543  }
544  }
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$DIC
global $DIC
Definition: goto.php:24
$query
$query
Definition: proxy_ylocal.php:13
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ adjustPermissions()

ilObjRole::adjustPermissions (   $a_mode,
  $a_nodes,
  $a_policies,
  $a_filter,
  $a_exclusion_filter = array(),
  $a_operation_mode = self::MODE_READ_OPERATIONS,
  $a_operation_stack = [] 
)
protected

Adjust permissions.

Parameters
int$a_mode
array$a_nodesarray of nodes
array$a_policiesarray of object ref ids
array$a_exclusion_filterof object types.
Returns

Definition at line 715 of file class.ilObjRole.php.

References $DIC, $logger, ilObject\$rbacadmin, ilObject\$rbacreview, ilObject\$tree, ilRbacLog\add(), changeExistingObjectsGrantPermissions(), createPermissionIntersection(), ilLogLevel\DEBUG, ilRbacLog\diffFaPa(), ilRbacLog\EDIT_TEMPLATE_EXISTING, ilRbacLog\gatherFaPa(), ilObject\getId(), ilRbacLog\isActive(), isHandledObjectType(), ilTree\RELATION_CHILD, ilTree\RELATION_EQUALS, ilTree\RELATION_NONE, ilTree\RELATION_PARENT, ilTree\RELATION_SIBLING, SYSTEM_FOLDER_ID, updateOperationStack(), and updatePolicyStack().

Referenced by changeExistingObjects().

716  {
717  global $DIC;
718 
719  $rbacadmin = $DIC['rbacadmin'];
720  $rbacreview = $DIC['rbacreview'];
721  $tree = $DIC['tree'];
722  $logger = $DIC->logger()->ac();
723 
724  $operation_stack = array();
725  $policy_stack = array();
726  $node_stack = array();
727 
728  $start_node = current($a_nodes);
729  array_push($node_stack, $start_node);
730  $this->updatePolicyStack($policy_stack, $start_node['child']);
731 
732  if ($a_operation_mode == self::MODE_READ_OPERATIONS) {
733  $this->updateOperationStack($operation_stack, $start_node['child'], true);
734  }
735  else {
736  $operation_stack = $a_operation_stack;
737  }
738 
739  $this->logger->debug('adjust permissions operation stack');
740  $this->logger->dump($operation_stack, ilLogLevel::DEBUG);
741 
742  include_once "Services/AccessControl/classes/class.ilRbacLog.php";
743  $rbac_log_active = ilRbacLog::isActive();
744 
745  $local_policy = false;
746  foreach ($a_nodes as $node) {
747  $cmp_node = end($node_stack);
748  while ($relation = $tree->getRelationOfNodes($node, $cmp_node)) {
749  switch ($relation) {
750  case ilTree::RELATION_NONE:
751  case ilTree::RELATION_SIBLING:
752  $logger->debug('Handling sibling/none relation.');
753  array_pop($operation_stack);
754  array_pop($policy_stack);
755  array_pop($node_stack);
756  $cmp_node = end($node_stack);
757  $local_policy = false;
758  break;
759 
760  case ilTree::RELATION_CHILD:
761  case ilTree::RELATION_EQUALS:
762  case ilTree::RELATION_PARENT:
763  default:
764  $logger->debug('Handling child/equals/parent ' . $relation);
765  break 2;
766  }
767  }
768 
769  if ($local_policy) {
770  continue;
771  }
772 
773  // Start node => set permissions and continue
774  if ($node['child'] == $start_node['child']) {
775  if ($this->isHandledObjectType($a_filter, $a_exclusion_filter, $node['type'])) {
776  if ($rbac_log_active) {
777  $rbac_log_roles = $rbacreview->getParentRoleIds($node['child'], false);
778  $rbac_log_old = ilRbacLog::gatherFaPa($node['child'], array_keys($rbac_log_roles));
779  }
780 
781  // Set permissions
782  $perms = end($operation_stack);
783  $this->changeExistingObjectsGrantPermissions(
784  $this->getId(),
785  (array) $perms[$node['type']],
786  $node['child'],
787  $a_operation_mode
788  );
789 
790  if ($rbac_log_active) {
791  $rbac_log_new = ilRbacLog::gatherFaPa($node['child'], array_keys($rbac_log_roles));
792  $rbac_log = ilRbacLog::diffFaPa($rbac_log_old, $rbac_log_new);
793  ilRbacLog::add(ilRbacLog::EDIT_TEMPLATE_EXISTING, $node['child'], $rbac_log);
794  }
795  }
796  continue;
797  }
798 
799  // Node has local policies => update permission stack and continue
800  if (in_array($node['child'], $a_policies) and ($node['child'] != SYSTEM_FOLDER_ID)) {
801  $local_policy = true;
802  $this->updatePolicyStack($policy_stack, $node['child']);
803  $this->updateOperationStack($operation_stack, $node['child']);
804  array_push($node_stack, $node);
805  continue;
806  }
807 
808  // Continue if this object type is not in filter
809  if (!$this->isHandledObjectType($a_filter, $a_exclusion_filter, $node['type'])) {
810  continue;
811  }
812 
813  if ($rbac_log_active) {
814  $rbac_log_roles = $rbacreview->getParentRoleIds($node['child'], false);
815  $rbac_log_old = ilRbacLog::gatherFaPa($node['child'], array_keys($rbac_log_roles));
816  }
817 
818  // Node is course or group => create permission intersection
819  if (
820  ($a_mode == self::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES || $a_mode == self::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES) &&
821  ($node['type'] == 'crs' || $node['type'] == 'grp')
822  ) {
823  // Copy role permission intersection
824  $perms = end($operation_stack);
825  $this->createPermissionIntersection($policy_stack, $perms[$node['type']], $node['child'], $node['type']);
826  if ($this->updateOperationStack($operation_stack, $node['child'])) {
827  $this->updatePolicyStack($policy_stack, $node['child']);
828  array_push($node_stack, $node);
829  }
830  }
831 
832  // Set permission
833  $perms = end($operation_stack);
834  $this->changeExistingObjectsGrantPermissions(
835  $this->getId(),
836  (array) $perms[$node['type']],
837  $node['child'],
838  $a_operation_mode
839  );
840  if ($rbac_log_active) {
841  $rbac_log_new = ilRbacLog::gatherFaPa($node['child'], array_keys($rbac_log_roles));
842  $rbac_log = ilRbacLog::diffFaPa($rbac_log_old, $rbac_log_new);
843  ilRbacLog::add(ilRbacLog::EDIT_TEMPLATE_EXISTING, $node['child'], $rbac_log);
844  }
845  }
846  }
ilObjRole\createPermissionIntersection
createPermissionIntersection($policy_stack, $a_current_ops, $a_id, $a_type)
Create course group permission intersection.
Definition: class.ilObjRole.php:1004
ilTree\RELATION_PARENT
const RELATION_PARENT
Definition: class.ilTree.php:34
ilRbacLog\isActive
static isActive()
Definition: class.ilRbacLog.php:25
ilObjRole\updatePolicyStack
updatePolicyStack(&$a_stack, $a_node)
Update policy stack.
Definition: class.ilObjRole.php:972
ilRbacLog\gatherFaPa
static gatherFaPa($a_ref_id, array $a_role_ids, $a_add_action=false)
Definition: class.ilRbacLog.php:35
SYSTEM_FOLDER_ID
const SYSTEM_FOLDER_ID
Definition: constants.php:33
ilRbacLog\diffFaPa
static diffFaPa(array $a_old, array $a_new)
Definition: class.ilRbacLog.php:69
ilObject\getId
getId()
get object id public
Definition: class.ilObject.php:319
ilObjRole\isHandledObjectType
isHandledObjectType($a_filter, $a_exclusion_filter, $a_type)
Check if type is filterer.
Definition: class.ilObjRole.php:910
$DIC
global $DIC
Definition: goto.php:24
ilTree\RELATION_EQUALS
const RELATION_EQUALS
Definition: class.ilTree.php:36
ilTree\RELATION_CHILD
const RELATION_CHILD
Definition: class.ilTree.php:33
ilTree\RELATION_NONE
const RELATION_NONE
Definition: class.ilTree.php:37
ilRbacLog\add
static add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id=false)
Definition: class.ilRbacLog.php:137
ilObjRole\changeExistingObjectsGrantPermissions
changeExistingObjectsGrantPermissions($a_role_id, $a_permissions, $a_ref_id, $a_operation_mode)
Definition: class.ilObjRole.php:854
ilRbacLog\EDIT_TEMPLATE_EXISTING
const EDIT_TEMPLATE_EXISTING
Definition: class.ilRbacLog.php:22
ilObjRole\updateOperationStack
updateOperationStack(&$a_stack, $a_node, $a_init=false)
Update operation stack.
Definition: class.ilObjRole.php:928
ilTree\RELATION_SIBLING
const RELATION_SIBLING
Definition: class.ilTree.php:35
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ assignData()

ilObjRole::assignData (   $a_data)

loads a record "role" from array public

Parameters
arrayroledata

Definition at line 199 of file class.ilObjRole.php.

References setAllowRegister(), ilObject\setDescription(), ilObject\setTitle(), ilUtil\stripSlashes(), and toggleAssignUsersStatus().

Referenced by read().

200  {
201  $this->setTitle(ilUtil::stripSlashes($a_data["title"]));
202  $this->setDescription(ilUtil::stripslashes($a_data["desc"]));
203  $this->setAllowRegister($a_data["allow_register"]);
204  $this->toggleAssignUsersStatus($a_data['assign_users']);
205  }
ilObjRole\toggleAssignUsersStatus
toggleAssignUsersStatus($a_assign_users)
Definition: class.ilObjRole.php:146
ilObjRole\setAllowRegister
setAllowRegister($a_allow_register)
set allow_register of role
Definition: class.ilObjRole.php:263
ilObject\setTitle
setTitle($a_title)
set object title
Definition: class.ilObject.php:417
ilUtil\stripSlashes
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
Definition: class.ilUtil.php:2406
ilObject\setDescription
setDescription($a_desc)
set object description
Definition: class.ilObject.php:442
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ changeExistingObjects()

ilObjRole::changeExistingObjects (   $a_start_node,
  $a_mode,
  $a_filter,
  $a_exclusion_filter = array(),
  $a_operation_mode = self::MODE_READ_OPERATIONS,
  $a_operation_stack = [] 
)

Change existing objects.

Parameters
int$a_start_node
int$a_mode
arrayfilter Filter of object types (array('all') => change all objects
Returns

Definition at line 649 of file class.ilObjRole.php.

References $DIC, ilObject\$rbacreview, ilObject\$tree, adjustPermissions(), deleteLocalPolicies(), and ilObject\getId().

650  {
651  global $DIC;
652 
653  $tree = $DIC->repositoryTree();
654  $rbacreview = $DIC->rbac()->review();
655 
656  // Get node info of subtree
657  $nodes = $tree->getRbacSubtreeInfo($a_start_node);
658 
659  // get local policies
660  $all_local_policies = $rbacreview->getObjectsWithStopedInheritance($this->getId());
661 
662  // filter relevant roles
663  $local_policies = array();
664  foreach ($all_local_policies as $lp) {
665  if (isset($nodes[$lp])) {
666  $local_policies[] = $lp;
667  }
668  }
669 
670  // Delete deprecated policies
671  switch ($a_mode) {
672  case self::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES:
673  case self::MODE_PROTECTED_DELETE_LOCAL_POLICIES:
674  $local_policies = $this->deleteLocalPolicies($a_start_node, $local_policies, $a_filter);
675  break;
676  }
677  $this->adjustPermissions($a_mode, $nodes, $local_policies, $a_filter, $a_exclusion_filter, $a_operation_mode, $a_operation_stack);
678  }
ilObjRole\deleteLocalPolicies
deleteLocalPolicies($a_start, $a_policies, $a_filter)
Delete local policies.
Definition: class.ilObjRole.php:685
ilObject\getId
getId()
get object id public
Definition: class.ilObject.php:319
$DIC
global $DIC
Definition: goto.php:24
ilObjRole\adjustPermissions
adjustPermissions($a_mode, $a_nodes, $a_policies, $a_filter, $a_exclusion_filter=array(), $a_operation_mode=self::MODE_READ_OPERATIONS, $a_operation_stack=[])
Adjust permissions.
Definition: class.ilObjRole.php:715
+ Here is the call graph for this function:

◆ changeExistingObjectsGrantPermissions()

ilObjRole::changeExistingObjectsGrantPermissions (   $a_role_id,
  $a_permissions,
  $a_ref_id,
  $a_operation_mode 
)
protected
Parameters
$a_role_id
$a_permissions
$a_ref_id
$a_operation_mode

Definition at line 854 of file class.ilObjRole.php.

References $DIC.

Referenced by adjustPermissions().

855  {
856  global $DIC;
857 
858  $admin = $DIC->rbac()->admin();
859  $review = $DIC->rbac()->review();
860  if ($a_operation_mode == self::MODE_READ_OPERATIONS) {
861  $admin->grantPermission(
862  $a_role_id,
863  $a_permissions,
864  $a_ref_id
865  );
866  }
867  elseif ($a_operation_mode == self::MODE_ADD_OPERATIONS) {
868  $current_operations = $review->getRoleOperationsOnObject(
869  $a_role_id,
870  $a_ref_id
871  );
872  $this->logger->debug('Current operations');
873  $this->logger->dump($current_operations);
874 
875  $new_ops = array_unique(array_merge($a_permissions, $current_operations));
876  $this->logger->debug('New operations');
877  $this->logger->dump($new_ops);
878 
879  $admin->grantPermission(
880  $a_role_id,
881  $new_ops,
882  $a_ref_id
883  );
884  }
885  elseif ($a_operation_mode == self::MODE_REMOVE_OPERATIONS) {
886  $current_operations = $review->getRoleOperationsOnObject(
887  $a_role_id,
888  $a_ref_id
889  );
890  $this->logger->debug('Current operations');
891  $this->logger->dump($current_operations);
892 
893  $new_ops = array_diff($current_operations, $a_permissions);
894 
895  $admin->grantPermission(
896  $a_role_id,
897  $new_ops,
898  $a_ref_id
899  );
900  }
901  }
$DIC
global $DIC
Definition: goto.php:24
+ Here is the caller graph for this function:

◆ create()

ilObjRole::create ( )

create

public

Returns
integer object id

Definition at line 237 of file class.ilObjRole.php.

References $DIC, ilObject\$id, $ilDB, $query, $res, getAllowRegister(), and getAssignUsersStatus().

238  {
239  global $DIC;
240 
241  $ilDB = $DIC['ilDB'];
242 
243  $this->id = parent::create();
244 
245  $query = "INSERT INTO role_data " .
246  "(role_id,allow_register,assign_users) " .
247  "VALUES " .
248  "(" . $ilDB->quote($this->id, 'integer') . "," .
249  $ilDB->quote($this->getAllowRegister(), 'integer') . "," .
250  $ilDB->quote($this->getAssignUsersStatus(), 'integer') . ")"
251  ;
252  $res = $ilDB->query($query);
253 
254  return $this->id;
255  }
ilObjRole\getAllowRegister
getAllowRegister()
get allow_register
Definition: class.ilObjRole.php:278
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$DIC
global $DIC
Definition: goto.php:24
$query
$query
Definition: proxy_ylocal.php:13
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ createDefaultRole()

static ilObjRole::createDefaultRole (   $a_title,
  $a_description,
  $a_tpl_name,
  $a_ref_id 
)
static
Parameters
type$a_title
type$a_description
type$a_tpl_name
type$a_ref_id
Returns
ilObjRole

Definition at line 67 of file class.ilObjRole.php.

References $DIC, $GLOBALS, $ilDB, $res, ilObject\_lookupType(), ilDBConstants\FETCHMODE_OBJECT, and ROLE_FOLDER_ID.

Referenced by ilObjChatroom\createDefaultRole(), ilLearningSequenceRoles\initDefaultRoles(), ilObjSession\initDefaultRoles(), ilObjForum\initDefaultRoles(), ilObjBlog\initDefaultRoles(), ilObjCourse\initDefaultRoles(), ilObjGroup\initDefaultRoles(), and ilIndividualAssessmentAccessHandler\initDefaultRolesForObject().

68  {
69  global $DIC;
70 
71  $ilDB = $DIC['ilDB'];
72 
73  // SET PERMISSION TEMPLATE OF NEW LOCAL CONTRIBUTOR ROLE
74  $res = $ilDB->query("SELECT obj_id FROM object_data " .
75  " WHERE type=" . $ilDB->quote("rolt", "text") .
76  " AND title=" . $ilDB->quote($a_tpl_name, "text"));
77  while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
78  $tpl_id = $row->obj_id;
79  }
80 
81  if (!$tpl_id) {
82  return null;
83  }
84 
85  include_once './Services/AccessControl/classes/class.ilObjRole.php';
86  $role = new ilObjRole();
87  $role->setTitle($a_title);
88  $role->setDescription($a_description);
89  $role->create();
90 
91  $GLOBALS['DIC']['rbacadmin']->assignRoleToFolder($role->getId(), $a_ref_id, 'y');
92 
93  $GLOBALS['DIC']['rbacadmin']->copyRoleTemplatePermissions(
94  $tpl_id,
95  ROLE_FOLDER_ID,
96  $a_ref_id,
97  $role->getId()
98  );
99 
100  $ops = $GLOBALS['DIC']['rbacreview']->getOperationsOfRole(
101  $role->getId(),
102  ilObject::_lookupType($a_ref_id, true),
103  $a_ref_id
104  );
105  $GLOBALS['DIC']['rbacadmin']->grantPermission(
106  $role->getId(),
107  $ops,
108  $a_ref_id
109  );
110  return $role;
111  }
ilObjRole
Class ilObjRole.
Definition: class.ilObjRole.php:16
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$DIC
global $DIC
Definition: goto.php:24
$GLOBALS
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
Definition: PEAR.php:64
ROLE_FOLDER_ID
const ROLE_FOLDER_ID
Definition: constants.php:32
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1281
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ createPermissionIntersection()

ilObjRole::createPermissionIntersection (   $policy_stack,
  $a_current_ops,
  $a_id,
  $a_type 
)
protected

Create course group permission intersection.

Parameters
arrayoperation stack
int$a_id
string$a_type
Returns

Definition at line 1004 of file class.ilObjRole.php.

References $DIC, $GLOBALS, $ilDB, $query, ilObject\$rbacadmin, ilObject\$rbacreview, $res, ilObject\$type, ilObject\_lookupObjId(), ilDBConstants\FETCHMODE_OBJECT, ilObject\getId(), GRP_TYPE_CLOSED, GRP_TYPE_OPEN, ilObjGroup\lookupGroupTye(), and ROLE_FOLDER_ID.

Referenced by adjustPermissions().

1005  {
1006  global $DIC;
1007 
1008  $ilDB = $DIC['ilDB'];
1009  $rbacreview = $DIC['rbacreview'];
1010  $rbacadmin = $DIC['rbacadmin'];
1011 
1012  static $course_non_member_id = null;
1013  static $group_non_member_id = null;
1014  static $group_open_id = null;
1015  static $group_closed_id = null;
1016 
1017  // Get template id
1018  switch ($a_type) {
1019  case 'grp':
1020 
1021  include_once './Modules/Group/classes/class.ilObjGroup.php';
1022  $type = ilObjGroup::lookupGroupTye(ilObject::_lookupObjId($a_id));
1023  #var_dump("GROUP TYPE",$type);
1024  switch ($type) {
1025  case GRP_TYPE_CLOSED:
1026  if (!$group_closed_id) {
1027  $query = "SELECT obj_id FROM object_data WHERE type='rolt' AND title='il_grp_status_closed'";
1028  $res = $ilDB->query($query);
1029  while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
1030  $group_closed_id = $row->obj_id;
1031  }
1032  }
1033  $template_id = $group_closed_id;
1034  #var_dump("GROUP CLOSED id:" . $template_id);
1035  break;
1036 
1037  case GRP_TYPE_OPEN:
1038  default:
1039  if (!$group_open_id) {
1040  $query = "SELECT obj_id FROM object_data WHERE type='rolt' AND title='il_grp_status_open'";
1041  $res = $ilDB->query($query);
1042  while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
1043  $group_open_id = $row->obj_id;
1044  }
1045  }
1046  $template_id = $group_open_id;
1047  #var_dump("GROUP OPEN id:" . $template_id);
1048  break;
1049  }
1050  break;
1051 
1052  case 'crs':
1053  if (!$course_non_member_id) {
1054  $query = "SELECT obj_id FROM object_data WHERE type='rolt' AND title='il_crs_non_member'";
1055  $res = $ilDB->query($query);
1056  while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
1057  $course_non_member_id = $row->obj_id;
1058  }
1059  }
1060  $template_id = $course_non_member_id;
1061  break;
1062  }
1063 
1064  $current_ops = $a_current_ops[$a_type];
1065 
1066  // Create intersection template permissions
1067  if ($template_id) {
1068  //$rolf = $rbacreview->getRoleFolderIdOfObject($a_id);
1069 
1070  $rbacadmin->copyRolePermissionIntersection(
1071  $template_id,
1072  ROLE_FOLDER_ID,
1073  $this->getId(),
1074  end($policy_stack),
1075  $a_id,
1076  $this->getId()
1077  );
1078  } else {
1079  #echo "No template id for ".$a_id.' of type'.$a_type.'<br>';
1080  }
1081  #echo "ROLE ASSIGN: ".$rolf.' AID'.$a_id;
1082  if ($a_id and !$GLOBALS['DIC']['rbacreview']->isRoleAssignedToObject($this->getId(), $a_id)) {
1083  $rbacadmin->assignRoleToFolder($this->getId(), $a_id, "n");
1084  }
1085  return true;
1086  }
GRP_TYPE_OPEN
const GRP_TYPE_OPEN
Definition: class.ilObjGroup.php:20
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
ilObject\getId
getId()
get object id public
Definition: class.ilObject.php:319
GRP_TYPE_CLOSED
const GRP_TYPE_CLOSED
Definition: class.ilObjGroup.php:19
ilObject\_lookupObjId
static _lookupObjId($a_id)
Definition: class.ilObject.php:1110
$DIC
global $DIC
Definition: goto.php:24
$GLOBALS
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
Definition: PEAR.php:64
$query
$query
Definition: proxy_ylocal.php:13
ROLE_FOLDER_ID
const ROLE_FOLDER_ID
Definition: constants.php:32
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilObjGroup\lookupGroupTye
static lookupGroupTye($a_id)
Lookup group type.
Definition: class.ilObjGroup.php:155
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ delete()

ilObjRole::delete ( )

delete role and all related data

public

Returns
boolean true if all object data were removed; false if only a references were removed

Definition at line 364 of file class.ilObjRole.php.

References $DIC, $ilDB, $query, ilObject\$rbacadmin, ilObject\$rbacreview, $res, ilLDAPRoleGroupMappingSettings\_deleteByRole(), ilObjUser\_lookupLogin(), ilObject\getId(), ilLoggerFactory\getLogger(), getParent(), and ROLE_FOLDER_ID.

365  {
366  global $DIC;
367 
368  $rbacadmin = $DIC['rbacadmin'];
369  $rbacreview = $DIC['rbacreview'];
370  $ilDB = $DIC['ilDB'];
371 
372  // Temporary bugfix
373  if ($rbacreview->hasMultipleAssignments($this->getId())) {
374  ilLoggerFactory::getLogger('ac')->warning('Found role with multiple assignments: role_id: ' . $this->getId());
375  ilLoggerFactory::getLogger('ac')->warning('Aborted deletion of role.');
376  return false;
377  }
378 
379  if ($rbacreview->isAssignable($this->getId(), $this->getParent())) {
380  ilLoggerFactory::getLogger('ac')->debug('Handling assignable role...');
381  // do not delete a global role, if the role is the last
382  // role a user is assigned to.
383  //
384  // Performance improvement: In the code section below, we
385  // only need to consider _global_ roles. We don't need
386  // to check for _local_ roles, because a user who has
387  // a local role _always_ has a global role too.
388  $last_role_user_ids = array();
389  if ($this->getParent() == ROLE_FOLDER_ID) {
390  ilLoggerFactory::getLogger('ac')->debug('Handling global role...');
391  // The role is a global role: check if
392  // we find users who aren't assigned to any
393  // other global role than this one.
394  $user_ids = $rbacreview->assignedUsers($this->getId());
395 
396  foreach ($user_ids as $user_id) {
397  // get all roles each user has
398  $role_ids = $rbacreview->assignedRoles($user_id);
399 
400  // is last role?
401  if (count($role_ids) == 1) {
402  $last_role_user_ids[] = $user_id;
403  }
404  }
405  }
406 
407  // users with last role found?
408  if (count($last_role_user_ids) > 0) {
409  $user_names = array();
410  foreach ($last_role_user_ids as $user_id) {
411  // GET OBJECT TITLE
412  $user_names[] = ilObjUser::_lookupLogin($user_id);
413  }
414 
415  // TODO: This check must be done in rolefolder object because if multiple
416  // roles were selected the other roles are still deleted and the system does not
417  // give any feedback about this.
418  $users = implode(', ', $user_names);
419  ilLoggerFactory::getLogger('ac')->info('Cannot delete last global role of users.');
420  $this->ilias->raiseError($this->lng->txt("msg_user_last_role1") . " " .
421  $users . "<br/>" . $this->lng->txt("msg_user_last_role2"), $this->ilias->error_obj->WARNING);
422  } else {
423  ilLoggerFactory::getLogger('ac')->debug('Starting deletion of assignable role: role_id: ' . $this->getId());
424  $rbacadmin->deleteRole($this->getId(), $this->getParent());
425 
426  // Delete ldap role group mappings
427  include_once('./Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php');
428  ilLDAPRoleGroupMappingSettings::_deleteByRole($this->getId());
429 
430  // delete object_data entry
431  parent::delete();
432 
433  // delete role_data entry
434  $query = "DELETE FROM role_data WHERE role_id = " . $ilDB->quote($this->getId(), 'integer');
435  $res = $ilDB->manipulate($query);
436  }
437  } else {
438  ilLoggerFactory::getLogger('ac')->debug('Starting deletion of linked role: role_id ' . $this->getId());
439  // linked local role: INHERITANCE WAS STOPPED, SO DELETE ONLY THIS LOCAL ROLE
440  $rbacadmin->deleteLocalRole($this->getId(), $this->getParent());
441  }
442  return true;
443  }
ilObjUser\_lookupLogin
static _lookupLogin($a_user_id)
lookup login
Definition: class.ilObjUser.php:816
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
ilObject\getId
getId()
get object id public
Definition: class.ilObject.php:319
$DIC
global $DIC
Definition: goto.php:24
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
$query
$query
Definition: proxy_ylocal.php:13
ROLE_FOLDER_ID
const ROLE_FOLDER_ID
Definition: constants.php:32
ilObjRole\getParent
getParent()
get reference id of parent object
Definition: class.ilObjRole.php:352
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:74
+ Here is the call graph for this function:

◆ deleteLocalPolicies()

ilObjRole::deleteLocalPolicies (   $a_start,
  $a_policies,
  $a_filter 
)
protected

Delete local policies.

Parameters
array$a_policiesarray of object ref ids that define local policies
Returns

Definition at line 685 of file class.ilObjRole.php.

References $DIC, ilObject\$rbacadmin, ilObject\$rbacreview, ilObject\_lookupObjId(), ilObject\_lookupType(), ilObject\getId(), and SYSTEM_FOLDER_ID.

Referenced by changeExistingObjects().

686  {
687  global $DIC;
688 
689  $rbacreview = $DIC['rbacreview'];
690  $rbacadmin = $DIC['rbacadmin'];
691 
692  $local_policies = array();
693  foreach ($a_policies as $policy) {
694  if ($policy == $a_start or $policy == SYSTEM_FOLDER_ID) {
695  $local_policies[] = $policy;
696  continue;
697  }
698  if (!in_array('all', $a_filter) and !in_array(ilObject::_lookupType(ilObject::_lookupObjId($policy)), $a_filter)) {
699  $local_policies[] = $policy;
700  continue;
701  }
702  $rbacadmin->deleteLocalRole($this->getId(), $policy);
703  }
704  return $local_policies;
705  }
SYSTEM_FOLDER_ID
const SYSTEM_FOLDER_ID
Definition: constants.php:33
ilObject\getId
getId()
get object id public
Definition: class.ilObject.php:319
ilObject\_lookupObjId
static _lookupObjId($a_id)
Definition: class.ilObject.php:1110
$DIC
global $DIC
Definition: goto.php:24
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1281
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getAllowRegister()

ilObjRole::getAllowRegister ( )

get allow_register

public

Returns
integer

Definition at line 278 of file class.ilObjRole.php.

Referenced by create(), and ilObjRoleGUI\readRoleProperties().

279  {
280  return $this->allow_register ? $this->allow_register : false;
281  }
+ Here is the caller graph for this function:

◆ getAssignUsersStatus()

ilObjRole::getAssignUsersStatus ( )

Definition at line 150 of file class.ilObjRole.php.

Referenced by create(), ilObjRoleGUI\readRoleProperties(), and update().

151  {
152  return $this->assign_users ? $this->assign_users : 0;
153  }
+ Here is the caller graph for this function:

◆ getCountMembers()

ilObjRole::getCountMembers ( )

Definition at line 445 of file class.ilObjRole.php.

References $DIC, and ilObject\$rbacreview.

446  {
447  global $DIC;
448 
449  $rbacreview = $DIC['rbacreview'];
450 
451  return count($rbacreview->assignedUsers($this->getId()));
452  }
$DIC
global $DIC
Definition: goto.php:24

◆ getParent()

ilObjRole::getParent ( )

get reference id of parent object

public

Returns
integer ref_id of parent object

Definition at line 352 of file class.ilObjRole.php.

References $parent.

Referenced by delete().

353  {
354  return $this->parent;
355  }
+ Here is the caller graph for this function:

◆ getPresentationTitle()

ilObjRole::getPresentationTitle ( )

For autogenerated roles this returns 'Translated Title (untranslated title)'.

If you only want the translated title, use getShortPresentationTitle.

Definition at line 135 of file class.ilObjRole.php.

References _getTranslation(), ilObject\getTitle(), and ilObject\getUntranslatedTitle().

Referenced by ilObjRoleGUI\readRoleProperties().

135  : string
136  {
137  $r = ilObjRole::_getTranslation($this->getTitle());
138 
139  if ($r === $this->getUntranslatedTitle()) {
140  return $r;
141  }
142 
143  return $r . ' (' . $this->getUntranslatedTitle() . ')';
144  }
ilObject\getTitle
getTitle()
get object title public
Definition: class.ilObject.php:395
ilObjRole\_getTranslation
static _getTranslation($a_role_title)
Definition: class.ilObjRole.php:454
ilObject\getUntranslatedTitle
getUntranslatedTitle()
get untranslated object title public
Definition: class.ilObject.php:405
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isAutoGenerated()

static ilObjRole::isAutoGenerated (   $a_role_id)
static

Definition at line 637 of file class.ilObjRole.php.

References ilObject\_lookupTitle().

Referenced by ilObjRoleGUI\initFormRoleProperties().

638  {
639  return substr(ilObject::_lookupTitle($a_role_id), 0, 3) == 'il_';
640  }
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:991
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isHandledObjectType()

ilObjRole::isHandledObjectType (   $a_filter,
  $a_exclusion_filter,
  $a_type 
)
protected

Check if type is filterer.

Parameters
array$a_filter
string$a_type
Returns

Definition at line 910 of file class.ilObjRole.php.

Referenced by adjustPermissions().

911  {
912  if (in_array($a_type, $a_exclusion_filter)) {
913  return false;
914  }
915 
916  if (in_array('all', $a_filter)) {
917  return true;
918  }
919  return in_array($a_type, $a_filter);
920  }
+ Here is the caller graph for this function:

◆ read()

ilObjRole::read ( )

loads "role" from database private

Definition at line 173 of file class.ilObjRole.php.

References $data, $DIC, $ilDB, $query, $res, and assignData().

Referenced by update().

174  {
175  global $DIC;
176 
177  $ilDB = $DIC['ilDB'];
178 
179  $query = "SELECT * FROM role_data WHERE role_id= " . $ilDB->quote($this->id, 'integer') . " ";
180 
181  $res = $ilDB->query($query);
182  if ($res->numRows() > 0) {
183  $data = $ilDB->fetchAssoc($res);
184 
185  // fill member vars in one shot
186  $this->assignData($data);
187  } else {
188  $this->ilias->raiseError("<b>Error: There is no dataset with id " . $this->id . "!</b><br />class: " . get_class($this) . "<br />Script: " . __FILE__ . "<br />Line: " . __LINE__, $this->ilias->FATAL);
189  }
190 
191  parent::read();
192  }
$data
$data
Definition: storeScorm.php:23
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$DIC
global $DIC
Definition: goto.php:24
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
$query
$query
Definition: proxy_ylocal.php:13
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilObjRole\assignData
assignData($a_data)
loads a record "role" from array public
Definition: class.ilObjRole.php:199
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ setAllowRegister()

ilObjRole::setAllowRegister (   $a_allow_register)

set allow_register of role

public

Parameters
integer

Definition at line 263 of file class.ilObjRole.php.

Referenced by assignData(), and ilObjRoleGUI\loadRoleProperties().

264  {
265  if (empty($a_allow_register)) {
266  $a_allow_register == 0;
267  }
268 
269  $this->allow_register = (int) $a_allow_register;
270  }
+ Here is the caller graph for this function:

◆ setParent()

ilObjRole::setParent (   $a_parent_ref)

set reference id of parent object this is neccessary for non RBAC protected objects!!!

public

Parameters
integerref_id of parent object

Definition at line 341 of file class.ilObjRole.php.

342  {
343  $this->parent = $a_parent_ref;
344  }

◆ toggleAssignUsersStatus()

ilObjRole::toggleAssignUsersStatus (   $a_assign_users)

Definition at line 146 of file class.ilObjRole.php.

Referenced by assignData(), and ilObjRoleGUI\loadRoleProperties().

147  {
148  $this->assign_users = (int) $a_assign_users;
149  }
+ Here is the caller graph for this function:

◆ update()

ilObjRole::update ( )

updates a record "role" and write it into database public

Definition at line 211 of file class.ilObjRole.php.

References $DIC, $ilDB, $query, $res, getAssignUsersStatus(), and read().

212  {
213  global $DIC;
214 
215  $ilDB = $DIC['ilDB'];
216 
217  $query = "UPDATE role_data SET " .
218  "allow_register= " . $ilDB->quote($this->allow_register, 'integer') . ", " .
219  "assign_users = " . $ilDB->quote($this->getAssignUsersStatus(), 'integer') . " " .
220  "WHERE role_id= " . $ilDB->quote($this->id, 'integer') . " ";
221  $res = $ilDB->manipulate($query);
222 
223  parent::update();
224 
225  $this->read();
226 
227  return true;
228  }
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$DIC
global $DIC
Definition: goto.php:24
$query
$query
Definition: proxy_ylocal.php:13
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilObjRole\read
read()
loads "role" from database private
Definition: class.ilObjRole.php:173
+ Here is the call graph for this function:

◆ updateOperationStack()

ilObjRole::updateOperationStack ( $a_stack,
  $a_node,
  $a_init = false 
)
protected

Update operation stack.

Parameters
array$a_stack
int$a_node
Returns

Definition at line 928 of file class.ilObjRole.php.

References $DIC, ilObject\$rbacreview, ilObject\getId(), ROLE_FOLDER_ID, and ROOT_FOLDER_ID.

Referenced by adjustPermissions().

929  {
930  global $DIC;
931 
932  $rbacreview = $DIC['rbacreview'];
933 
934  $has_policies = null;
935  $policy_origin = null;
936 
937  if ($a_node == ROOT_FOLDER_ID) {
938  $has_policies = true;
939  $policy_origin = ROLE_FOLDER_ID;
940  } else {
941  $has_policies = $rbacreview->getLocalPolicies($a_node);
942  $policy_origin = $a_node;
943 
944  if ($a_init) {
945  $parent_roles = $rbacreview->getParentRoleIds($a_node, false);
946  if ($parent_roles[$this->getId()]) {
947  $a_stack[] = $rbacreview->getAllOperationsOfRole(
948  $this->getId(),
949  $parent_roles[$this->getId()]['parent']
950  );
951  }
952  return true;
953  }
954  }
955 
956  if (!$has_policies) {
957  return false;
958  }
959 
960  $a_stack[] = $rbacreview->getAllOperationsOfRole(
961  $this->getId(),
962  $policy_origin
963  );
964  return true;
965  }
ROOT_FOLDER_ID
const ROOT_FOLDER_ID
Definition: constants.php:30
ilObject\getId
getId()
get object id public
Definition: class.ilObject.php:319
$DIC
global $DIC
Definition: goto.php:24
ROLE_FOLDER_ID
const ROLE_FOLDER_ID
Definition: constants.php:32
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ updatePolicyStack()

ilObjRole::updatePolicyStack ( $a_stack,
  $a_node 
)
protected

Update policy stack.

Parameters
object$a_node
Returns

Definition at line 972 of file class.ilObjRole.php.

References $DIC, ilObject\$rbacreview, ROLE_FOLDER_ID, and ROOT_FOLDER_ID.

Referenced by adjustPermissions().

973  {
974  global $DIC;
975 
976  $rbacreview = $DIC['rbacreview'];
977 
978  $has_policies = null;
979  $policy_origin = null;
980 
981  if ($a_node == ROOT_FOLDER_ID) {
982  $has_policies = true;
983  $policy_origin = ROLE_FOLDER_ID;
984  } else {
985  $has_policies = $rbacreview->getLocalPolicies($a_node);
986  $policy_origin = $a_node;
987  }
988 
989  if (!$has_policies) {
990  return false;
991  }
992 
993  $a_stack[] = $policy_origin;
994  return true;
995  }
ROOT_FOLDER_ID
const ROOT_FOLDER_ID
Definition: constants.php:30
$DIC
global $DIC
Definition: goto.php:24
ROLE_FOLDER_ID
const ROLE_FOLDER_ID
Definition: constants.php:32
+ Here is the caller graph for this function:

◆ validate()

ilObjRole::validate ( )

Validate role data.

Returns
bool

Definition at line 118 of file class.ilObjRole.php.

References $DIC, $ilErr, and ilObject\getTitle().

119  {
120  global $DIC;
121 
122  $ilErr = $DIC['ilErr'];
123 
124  if (substr($this->getTitle(), 0, 3) == 'il_') {
125  $ilErr->setMessage('msg_role_reserved_prefix');
126  return false;
127  }
128  return true;
129  }
$ilErr
$ilErr
Definition: raiseError.php:18
$DIC
global $DIC
Definition: goto.php:24
ilObject\getTitle
getTitle()
get object title public
Definition: class.ilObject.php:395
+ Here is the call graph for this function:

Field Documentation

◆ $allow_register

ilObjRole::$allow_register

Definition at line 41 of file class.ilObjRole.php.

◆ $assign_users

ilObjRole::$assign_users

Definition at line 42 of file class.ilObjRole.php.

◆ $logger

ilObjRole::$logger = null
private

Definition at line 30 of file class.ilObjRole.php.

Referenced by adjustPermissions().

◆ $parent

ilObjRole::$parent

Definition at line 39 of file class.ilObjRole.php.

Referenced by getParent().

◆ MODE_ADD_OPERATIONS

const ilObjRole::MODE_ADD_OPERATIONS = 1

Definition at line 23 of file class.ilObjRole.php.

Referenced by ilObjRoleFolderGUI\adjustRoleObject().

◆ MODE_PROTECTED_DELETE_LOCAL_POLICIES

const ilObjRole::MODE_PROTECTED_DELETE_LOCAL_POLICIES = 1

Definition at line 18 of file class.ilObjRole.php.

Referenced by ilDidacticTemplateLocalPolicyAction\createLocalPolicy(), ilDidacticTemplateLocalPolicyAction\revert(), ilDidacticTemplateLocalPolicyAction\revertLocalPolicy(), and ilObjRoleGUI\showChangeExistingObjectsConfirmation().

◆ MODE_PROTECTED_KEEP_LOCAL_POLICIES

const ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES = 2

Definition at line 19 of file class.ilObjRole.php.

Referenced by ilPermissionGUI\addRole(), ilObjRoleFolderGUI\doChangeExistingObjects(), ilObjRoleGUI\permSaveObject(), and ilObjRoleGUI\showChangeExistingObjectsConfirmation().

◆ MODE_READ_OPERATIONS

const ilObjRole::MODE_READ_OPERATIONS = 2

Definition at line 24 of file class.ilObjRole.php.

Referenced by ilObjRoleFolderGUI\adjustRoleObject(), and ilObjRoleFolderGUI\doChangeExistingObjects().

◆ MODE_REMOVE_OPERATIONS

const ilObjRole::MODE_REMOVE_OPERATIONS = 3

Definition at line 25 of file class.ilObjRole.php.

Referenced by ilObjRoleFolderGUI\adjustRoleObject().

◆ MODE_UNPROTECTED_DELETE_LOCAL_POLICIES

const ilObjRole::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES = 3

Definition at line 20 of file class.ilObjRole.php.

Referenced by ilDidacticTemplateLocalPolicyAction\createLocalPolicy(), ilDidacticTemplateBlockRoleAction\deleteLocalPolicy(), ilDidacticTemplateLocalPolicyAction\revert(), ilDidacticTemplateLocalPolicyAction\revertLocalPolicy(), and ilObjRoleGUI\showChangeExistingObjectsConfirmation().

◆ MODE_UNPROTECTED_KEEP_LOCAL_POLICIES

const ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES = 4

Definition at line 21 of file class.ilObjRole.php.

Referenced by ilPermissionGUI\addRole(), ilObjLTIAdministrationGUI\createLtiUserRole(), ilObjRoleFolderGUI\doChangeExistingObjects(), ilObjRoleGUI\permSaveObject(), ilObjRoleGUI\showChangeExistingObjectsConfirmation(), and ilPermissionGUI\unblockRoles().

The documentation for this class was generated from the following file: