ILIAS  release_8 Revision v8.24
class.ilRbacLog.php
Go to the documentation of this file.
1<?php
2
3declare(strict_types=1);
26class ilRbacLog
27{
28 public const EDIT_PERMISSIONS = 1;
29 public const MOVE_OBJECT = 2;
30 public const LINK_OBJECT = 3;
31 public const COPY_OBJECT = 4;
32 public const CREATE_OBJECT = 5;
33 public const EDIT_TEMPLATE = 6;
34 public const EDIT_TEMPLATE_EXISTING = 7;
35 public const CHANGE_OWNER = 8;
36
37 public static function isActive(): bool
38 {
39 return ilPrivacySettings::getInstance()->enabledRbacLog();
40 }
41
42 public static function gatherFaPa(int $a_ref_id, array $a_role_ids, bool $a_add_action = false): array
43 {
44 global $DIC;
45
46 $rbacreview = $DIC->rbac()->review();
47 $result = array();
48
49 // #10946 - if result is written to log directly we need to add an "action" dimension
50 // if result is used as input to diffFaPa() we need "raw" data
51
52 // roles
53 foreach ($a_role_ids as $role_id) {
54 if ($role_id != SYSTEM_ROLE_ID) {
55 if ($a_add_action) {
56 $result["ops"][$role_id]["add"] = $rbacreview->getRoleOperationsOnObject($role_id, $a_ref_id);
57 } else {
58 $result["ops"][$role_id] = $rbacreview->getRoleOperationsOnObject($role_id, $a_ref_id);
59 }
60 }
61 }
62
63 // inheritance
64 if ($a_ref_id && $a_ref_id != ROLE_FOLDER_ID) {
65 if ($a_add_action) {
66 $result["inht"]["add"] = $rbacreview->getRolesOfRoleFolder($a_ref_id);
67 } else {
68 $result["inht"] = $rbacreview->getRolesOfRoleFolder($a_ref_id);
69 }
70 }
71
72 return $result;
73 }
74
75 public static function diffFaPa(array $a_old, array $a_new): array
76 {
77 $result = array();
78
79 // roles
80 foreach ((array) $a_old["ops"] as $role_id => $ops) {
81 $diff = array_diff($ops, $a_new["ops"][$role_id]);
82 if ($diff !== []) {
83 $result["ops"][$role_id]["rmv"] = array_values($diff);
84 }
85 $diff = array_diff($a_new["ops"][$role_id], $ops);
86 if ($diff !== []) {
87 $result["ops"][$role_id]["add"] = array_values($diff);
88 }
89 }
90
91 if (isset($a_old["inht"]) || isset($a_new["inht"])) {
92 if (isset($a_old["inht"]) && !isset($a_new["inht"])) {
93 $result["inht"]["rmv"] = $a_old["inht"];
94 } elseif (!isset($a_old["inht"]) && isset($a_new["inht"])) {
95 $result["inht"]["add"] = $a_new["inht"];
96 } else {
97 $diff = array_diff($a_old["inht"], $a_new["inht"]);
98 if ($diff !== []) {
99 $result["inht"]["rmv"] = array_values($diff);
100 }
101 $diff = array_diff($a_new["inht"], $a_old["inht"]);
102 if ($diff !== []) {
103 $result["inht"]["add"] = array_values($diff);
104 }
105 }
106 }
107 return $result;
108 }
109
110 public static function gatherTemplate(int $a_role_ref_id, int $a_role_id): array
111 {
112 global $DIC;
113
114 $rbacreview = $DIC->rbac()->review();
115 return $rbacreview->getAllOperationsOfRole($a_role_id, $a_role_ref_id);
116 }
117
118 public static function diffTemplate(array $a_old, array $a_new): array
119 {
120 $result = array();
121 $types = array_unique(array_merge(array_keys($a_old), array_keys($a_new)));
122 foreach ($types as $type) {
123 if (!isset($a_old[$type])) {
124 $result[$type]["add"] = $a_new[$type];
125 } elseif (!isset($a_new[$type])) {
126 $result[$type]["rmv"] = $a_old[$type];
127 } else {
128 $diff = array_diff($a_old[$type], $a_new[$type]);
129 if ($diff !== []) {
130 $result[$type]["rmv"] = array_values($diff);
131 }
132 $diff = array_diff($a_new[$type], $a_old[$type]);
133 if ($diff !== []) {
134 $result[$type]["add"] = array_values($diff);
135 }
136 }
137 }
138 return $result;
139 }
140
141 public static function add(int $a_action, int $a_ref_id, array $a_diff, bool $a_source_ref_id = false): bool
142 {
143 global $DIC;
144
145 $ilUser = $DIC->user();
146 $ilDB = $DIC->database();
147
148 if (self::isValidAction($a_action) && count($a_diff)) {
149 if ($a_source_ref_id) {
150 $a_diff["src"] = $a_source_ref_id;
151 }
152 $id = $ilDB->nextId('rbac_log');
153
154 $ilDB->query("INSERT INTO rbac_log (log_id, user_id, created, ref_id, action, data)" .
155 " VALUES (" . $ilDB->quote($id, "integer") . "," . $ilDB->quote($ilUser->getId(), "integer") .
156 "," . $ilDB->quote(time(), "integer") .
157 "," . $ilDB->quote($a_ref_id, "integer") . "," . $ilDB->quote($a_action, "integer") .
158 "," . $ilDB->quote(serialize($a_diff), "text") . ")");
159 return true;
160 }
161 return false;
162 }
163
164 protected static function isValidAction(int $a_action): bool
165 {
166 if (in_array(
167 $a_action,
168 [
169 self::EDIT_PERMISSIONS,
170 self::MOVE_OBJECT,
171 self::LINK_OBJECT,
172 self::COPY_OBJECT,
173 self::CREATE_OBJECT,
174 self::EDIT_TEMPLATE,
175 self::EDIT_TEMPLATE_EXISTING,
176 self::CHANGE_OWNER
177 ]
178 )) {
179 return true;
180 }
181 return false;
182 }
183
184 public static function getLogItems(int $a_ref_id, int $a_limit, int $a_offset, array $a_filter = null): array
185 {
186 global $DIC;
187
188 $ilDB = $DIC->database();
189 $rbacreview = $DIC->rbac()->review();
190
191 $where = [];
192 if ($a_filter) {
193 if ($a_filter["action"]) {
194 $where[] = "action = " . $ilDB->quote($a_filter["action"], "integer");
195 }
196 if ($a_filter["date"]["from"]) {
197 $from = $a_filter["date"]["from"]->get(IL_CAL_UNIX);
198 $from = strtotime("00:00:00", $from);
199 $where[] = "created >= " . $ilDB->quote($from, "integer");
200 }
201 if ($a_filter["date"]["to"]) {
202 $to = $a_filter["date"]["to"]->get(IL_CAL_UNIX);
203 $to = strtotime("23:59:59", $to);
204 $where[] = "created <= " . $ilDB->quote($to, "integer");
205 }
206
207 if (count($where) > 0) {
208 $where = array_merge([' AND '], [implode(' AND ', $where)]);
209 }
210 }
211
212 $set = $ilDB->query("SELECT COUNT(*) FROM rbac_log WHERE ref_id = " . $ilDB->quote(
213 $a_ref_id,
214 "integer"
215 ) . implode('', $where));
216 $res = $ilDB->fetchAssoc($set);
217 $count = array_pop($res);
218
219 $ilDB->setLimit($a_limit, $a_offset);
220 $set = $ilDB->query("SELECT * FROM rbac_log WHERE ref_id = " . $ilDB->quote($a_ref_id, "integer") .
221 implode('', $where) . " ORDER BY created DESC");
222 $result = array();
223 while ($row = $ilDB->fetchAssoc($set)) {
224 $row["data"] = unserialize($row["data"]);
225 $result[] = $row;
226 }
227 return ["cnt" => $count, "set" => $result];
228 }
229
230 public static function delete(int $a_ref_id): void
231 {
232 global $DIC;
233
234 $ilDB = $DIC->database();
235 $ilDB->query("DELETE FROM rbac_log WHERE ref_id = " . $ilDB->quote($a_ref_id, "integer"));
236 self::garbageCollection();
237 }
238
239 public static function garbageCollection(): void
240 {
241 global $DIC;
242
243 $ilDB = $DIC->database();
244
245 $settings = ilPrivacySettings::getInstance();
246 $max = $settings->getRbacLogAge();
247
248 $ilDB->query("DELETE FROM rbac_log WHERE created < " . $ilDB->quote(
249 strtotime("-" . $max . "months"),
250 "integer"
251 ));
252 }
253}
$id
$id
plugin.php for ilComponentBuildPluginInfoObjectiveTest::testAddPlugins
Definition: plugin.php:23
IL_CAL_UNIX
const IL_CAL_UNIX
Definition: class.ilDateTime.php:9
ilRbacLog
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilRbacLog.php:27
ilRbacLog\EDIT_PERMISSIONS
const EDIT_PERMISSIONS
Definition: class.ilRbacLog.php:28
ilRbacLog\diffTemplate
static diffTemplate(array $a_old, array $a_new)
Definition: class.ilRbacLog.php:118
ilRbacLog\COPY_OBJECT
const COPY_OBJECT
Definition: class.ilRbacLog.php:31
ilRbacLog\gatherTemplate
static gatherTemplate(int $a_role_ref_id, int $a_role_id)
Definition: class.ilRbacLog.php:110
ilRbacLog\getLogItems
static getLogItems(int $a_ref_id, int $a_limit, int $a_offset, array $a_filter=null)
Definition: class.ilRbacLog.php:184
ilRbacLog\MOVE_OBJECT
const MOVE_OBJECT
Definition: class.ilRbacLog.php:29
ilRbacLog\diffFaPa
static diffFaPa(array $a_old, array $a_new)
Definition: class.ilRbacLog.php:75
ilRbacLog\add
static add(int $a_action, int $a_ref_id, array $a_diff, bool $a_source_ref_id=false)
Definition: class.ilRbacLog.php:141
ilRbacLog\EDIT_TEMPLATE_EXISTING
const EDIT_TEMPLATE_EXISTING
Definition: class.ilRbacLog.php:34
ilRbacLog\gatherFaPa
static gatherFaPa(int $a_ref_id, array $a_role_ids, bool $a_add_action=false)
Definition: class.ilRbacLog.php:42
ilRbacLog\CHANGE_OWNER
const CHANGE_OWNER
Definition: class.ilRbacLog.php:35
ilRbacLog\garbageCollection
static garbageCollection()
Definition: class.ilRbacLog.php:239
ilRbacLog\LINK_OBJECT
const LINK_OBJECT
Definition: class.ilRbacLog.php:30
ilRbacLog\EDIT_TEMPLATE
const EDIT_TEMPLATE
Definition: class.ilRbacLog.php:33
ilRbacLog\isValidAction
static isValidAction(int $a_action)
Definition: class.ilRbacLog.php:164
ilRbacLog\isActive
static isActive()
Definition: class.ilRbacLog.php:37
ilRbacLog\CREATE_OBJECT
const CREATE_OBJECT
Definition: class.ilRbacLog.php:32
SYSTEM_ROLE_ID
const SYSTEM_ROLE_ID
Definition: constants.php:29
ROLE_FOLDER_ID
const ROLE_FOLDER_ID
Definition: constants.php:34
$DIC
global $DIC
Definition: feed.php:28
$ilUser
$ilUser
Definition: imgupload.php:34
$res
$res
Definition: ltiservices.php:69
ILIAS\LTI\ToolProvider\$settings
array $settings
Setting values (LTI parameters, custom parameters and local parameters).
Definition: System.php:200
$type
$type
Definition: proxy_ylocal.php:10