ILIAS  release_8 Revision v8.19
All Data Structures Namespaces Files Functions Variables Modules Pages
Public Member Functions | Static Public Member Functions | Protected Member Functions | Protected Attributes | Static Protected Attributes | Private Member Functions | Private Attributes | Static Private Attributes
ilRbacSystem Class Reference

class ilRbacSystem system function like checkAccess, addActiveRole ... More...

+ Collaboration diagram for ilRbacSystem:

Public Member Functions

 checkAccess (string $a_operations, int $a_ref_id, string $a_type="")
 checkAccess represents the main method of the RBAC-system in ILIAS3 developers want to use With this method you check the permissions a use may have due to its roles on an specific object. More...
 
 checkAccessOfUser (int $a_user_id, string $a_operations, int $a_ref_id, string $a_type="")
 
 preloadRbacPaCache (array $a_ref_ids, int $a_user_id)
 
 checkPermission (int $a_ref_id, int $a_rol_id, string $a_operation)
 check if a specific role has the permission '$a_operation' of an object More...
 
 initMemberView ()
 
 addTemporaryRole (int $a_usr_id, int $a_role_id)
 
 resetPACache (int $a_usr_id, int $a_ref_id)
 

Static Public Member Functions

static getInstance ()
 
static resetCaches ()
 Reset internal caches. More...
 

Protected Member Functions

 __construct ()
 Constructor. More...
 
 filterOwnerPermissions (int $a_user_id, string $a_operations, int $a_ref_id)
 

Protected Attributes

array $mem_view = []
 
ilObjUser $user
 
ilDBInterface $db
 
ilRbacReview $review
 
ilObjectDataCache $objectDataCache
 
ilTree $tree
 
GlobalHttpState $http
 
Factory $refinery
 

Static Protected Attributes

static ilRbacSystem $instance = null
 
static array $user_role_cache = []
 

Private Member Functions

 fetchAssignedRoles (int $a_usr_id, int $a_ref_id)
 Fetch assigned roles This method caches the assigned roles per user. More...
 

Private Attributes

const MAX_CACHE_ENTRIES = 1000
 

Static Private Attributes

static array $_paCache = []
 
static array $_checkAccessOfUserCache = []
 

Detailed Description

class ilRbacSystem system function like checkAccess, addActiveRole ...

Supporting system functions are required for session management and in making access control decisions. This class depends on the session since we offer the possiblility to add or delete active roles during one session.

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Version
$Id$

Definition at line 33 of file class.ilRbacSystem.php.

Constructor & Destructor Documentation

◆ __construct()

ilRbacSystem::__construct ( )
protected

Constructor.

Definition at line 60 of file class.ilRbacSystem.php.

References $DIC, ILIAS\FileDelivery\http(), ILIAS\Repository\refinery(), and ILIAS\Repository\user().

61  {
62  global $DIC;
63 
64  $this->user = $DIC->user();
65  $this->db = $DIC->database();
66  $this->review = $DIC->rbac()->review();
67  $this->objectDataCache = $DIC['ilObjDataCache'];
68  $this->tree = $DIC->repositoryTree();
69  $this->http = $DIC->http();
70  $this->refinery = $DIC->refinery();
71  }
$DIC
global $DIC
Definition: feed.php:28
ILIAS\FileDelivery\http
static http()
Fetches the global http state from ILIAS.
Definition: HttpServiceAware.php:54
+ Here is the call graph for this function:

Member Function Documentation

◆ addTemporaryRole()

ilRbacSystem::addTemporaryRole ( int  $a_usr_id,
int  $a_role_id 
)

Definition at line 363 of file class.ilRbacSystem.php.

363  : void
364  {
365  if (!in_array($a_role_id, self::$user_role_cache[$a_usr_id])) {
366  self::$user_role_cache[$a_usr_id][] = $a_role_id;
367  }
368  }

◆ checkAccess()

ilRbacSystem::checkAccess ( string  $a_operations,
int  $a_ref_id,
string  $a_type = "" 
)

checkAccess represents the main method of the RBAC-system in ILIAS3 developers want to use With this method you check the permissions a use may have due to its roles on an specific object.

The first parameter are the operation(s) the user must have The second & third parameter specifies the object where the operation(s) may apply to The last parameter is only required, if you ask for the 'create' operation. Here you specify the object type which you want to create. example: $rbacSystem->checkAccess("visible,read",23); Here you ask if the user is allowed to see ('visible') and access the object by reading it ('read'). The reference_id is 23 in the tree structure. public

Parameters
stringone or more operations, separated by commas (i.e.: visible,read,join)
intthe child_id in tree (usually a reference_id, no object_id !!)
stringthe type definition abbreviation (i.e.: frm,grp,crs)
Returns
bool returns true if ALL passed operations are given, otherwise false

Definition at line 108 of file class.ilRbacSystem.php.

References checkAccessOfUser(), and ILIAS\Repository\user().

Referenced by ilHTLMEditorGUI\__construct(), ilLMPresentationGUI\__construct(), ilObjSurveyAccess\_checkAccess(), ilSurveyExecutionGUI\checkAuth(), ilRecommendedContentRoleConfigGUI\checkPushPermission(), ilContainerGUI\cloneAllObject(), ilContainerGUI\copyObject(), ilContainerGUI\cutObject(), ilContainerContentGUI\determineAdminCommands(), ilObjLearningHistorySettingsGUI\executeCommand(), ilObjCommentsSettingsGUI\executeCommand(), ilObjNotesSettingsGUI\executeCommand(), ilSurveyPageEditGUI\executeCommand(), ilRepositoryGUI\executeCommand(), ilAdministrationGUI\executeCommand(), ilObjTaxonomyAdministrationGUI\getAdminTabs(), ilObjLearningResourcesSettingsGUI\getAdminTabs(), ilObjMediaCastSettingsGUI\getAdminTabs(), ilObjBadgeAdministrationGUI\getAdminTabs(), ilObjLearningHistorySettingsGUI\getAdminTabs(), ilObjTaggingSettingsGUI\getAdminTabs(), ilObjRepositorySettingsGUI\getAdminTabs(), ilObjCommentsSettingsGUI\getAdminTabs(), ilObjNotesSettingsGUI\getAdminTabs(), ilAdministrationExplorerGUI\getChildsOfNode(), ilRepositoryExplorerGUI\getChildsOfNode(), ilAdminSubItemsTableGUI\getItems(), ilObjSurveyListGUI\getProperties(), ilObjFileBasedLMListGUI\getProperties(), ilObjSAHSLearningModuleListGUI\getProperties(), ilObjLearningModuleListGUI\getProperties(), ilObjRootFolderGUI\getTabs(), ilObjExternalToolsSettingsGUI\getTabs(), ilObjCategoryGUI\getTabs(), ilObjFolderGUI\getTabs(), ilContainerGUI\getTabs(), ilLMPresentationGUI\ilLMSubMenu(), ilPortfolioPageConfig\init(), initMemberView(), ilLocationInputGUI\insert(), ilRepositoryExplorer\isClickable(), ilRepositoryExplorerGUI\isNodeClickable(), ilAdministrationExplorerGUI\isNodeVisible(), ilExplorer\isVisible(), ilContainerGUI\linkObject(), ilRecommendedContentRoleConfigGUI\listItems(), ilObjCategoryGUI\listUsersObject(), SurveyQuestionGUI\material(), ilContainerGUI\pasteObject(), ilContainerGUI\performPasteIntoMultipleObjectsObject(), ilSurveyPhrasesGUI\phrases(), ilSurveyPageEditGUI\renderPage(), SurveySearch\search(), SurveyQuestionGUI\setQuestionTabsForClass(), ilSolutionExplorer\showChilds(), ilRepositoryExplorer\showChilds(), and ilInfoScreenGUI\showLearningProgress().

108  : bool
109  {
110  return $this->checkAccessOfUser($this->user->getId(), $a_operations, $a_ref_id, $a_type);
111  }
ilRbacSystem\checkAccessOfUser
checkAccessOfUser(int $a_user_id, string $a_operations, int $a_ref_id, string $a_type="")
Definition: class.ilRbacSystem.php:113
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ checkAccessOfUser()

ilRbacSystem::checkAccessOfUser ( int  $a_user_id,
string  $a_operations,
int  $a_ref_id,
string  $a_type = "" 
)

Definition at line 113 of file class.ilRbacSystem.php.

References ilRbacReview\_getOperationIdByName(), fetchAssignedRoles(), ilDBConstants\FETCHMODE_OBJECT, filterOwnerPermissions(), and SYSTEM_ROLE_ID.

Referenced by ilObjGlossaryAccess\_checkAccess(), ilObjMediaCastAccess\_checkAccess(), ilObjWikiAccess\_checkAccess(), ilObjPortfolioTemplateAccess\_checkAccess(), ilObjBookingPoolAccess\_checkAccess(), ilObjSurveyAccess\_checkAccess(), checkAccess(), and ILIAS\Style\Content\Access\StyleAccessManager\checkWrite().

113  : bool
114  {
115  // Create the user cache key
116  $cacheKey = $a_user_id . ':' . $a_operations . ':' . $a_ref_id . ':' . $a_type;
117 
118  // Create the cache if it does not yet exist
119  if (!is_array(self::$_checkAccessOfUserCache)) {
120  self::$_checkAccessOfUserCache = [];
121  }
122  // Try to return result from cache
123  if (array_key_exists($cacheKey, self::$_checkAccessOfUserCache)) {
124  return self::$_checkAccessOfUserCache[$cacheKey];
125  }
126 
127  // Check For owner
128  // Owners do always have full access to their objects
129  // Excluded are some of the permissions like create, perm, learning progress.
130  // This method call return all operations that are NOT granted by the owner status
131  if (!$a_operations = $this->filterOwnerPermissions($a_user_id, $a_operations, $a_ref_id)) {
132  // Store positive outcome in cache.
133  // Note: we only cache up to 1000 results to avoid memory overflows
134  if (count(self::$_checkAccessOfUserCache) < self::MAX_CACHE_ENTRIES) {
135  self::$_checkAccessOfUserCache[$cacheKey] = true;
136  }
137  return true;
138  }
139 
140  // get roles using role cache
141  $roles = $this->fetchAssignedRoles($a_user_id, $a_ref_id);
142 
143  // exclude system role from rbac
144  if (in_array(SYSTEM_ROLE_ID, $roles)) {
145  // Store positive outcome in cache.
146  // Note: we only cache up to 1000 results to avoid memory overflows
147  if (count(self::$_checkAccessOfUserCache) < self::MAX_CACHE_ENTRIES) {
148  self::$_checkAccessOfUserCache[$cacheKey] = true;
149  }
150  return true;
151  }
152 
153  // Create the PA cache if it does not exist yet
154  $paCacheKey = $a_user_id . ':' . $a_ref_id;
155  if (!is_array(self::$_paCache)) {
156  self::$_paCache = array();
157  }
158 
159  if (array_key_exists($paCacheKey, self::$_paCache)) {
160  // Return result from PA cache
161  $ops = self::$_paCache[$paCacheKey];
162  } else {
163  // Data is not in PA cache, perform database query
164  $q = "SELECT * FROM rbac_pa " .
165  "WHERE ref_id = " . $this->db->quote($a_ref_id, 'integer');
166 
167  $r = $this->db->query($q);
168 
169  $ops = [];
170  while ($row = $r->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
171  if (in_array((int) $row->rol_id, $roles)) {
172  $ops = array_merge($ops, unserialize(stripslashes($row->ops_id)));
173  }
174  }
175  // Cache up to 1000 entries in the PA cache
176  if (count(self::$_paCache) < self::MAX_CACHE_ENTRIES) {
177  self::$_paCache[$paCacheKey] = $ops;
178  }
179  }
180 
181  $operations = explode(",", $a_operations);
182  foreach ($operations as $operation) {
183  if ($operation == "create") {
184  if (empty($a_type)) {
185  throw new DomainException(
186  'checkAccess(): ' . "Expect a type definition for checking a 'create' permission"
187  );
188  }
189  $ops_id = ilRbacReview::_getOperationIdByName($operation . "_" . $a_type);
190  } else {
191  $ops_id = ilRbacReview::_getOperationIdByName($operation);
192  }
193  if (!in_array($ops_id, (array) $ops)) {
194  if (count(self::$_checkAccessOfUserCache) < self::MAX_CACHE_ENTRIES) {
195  self::$_checkAccessOfUserCache[$cacheKey] = false;
196  }
197  return false;
198  }
199  }
200 
201  // Store positive outcome in cache.
202  // Note: we only cache up to 1000 results to avoid memory overflows
203  if (count(self::$_checkAccessOfUserCache) < self::MAX_CACHE_ENTRIES) {
204  //$ilLog->write('PERMISSION: '.$a_ref_id.' -> '.$ops_id.' granted');
205  self::$_checkAccessOfUserCache[$cacheKey] = true;
206  }
207  return true;
208  }
ilRbacSystem\filterOwnerPermissions
filterOwnerPermissions(int $a_user_id, string $a_operations, int $a_ref_id)
Definition: class.ilRbacSystem.php:271
SYSTEM_ROLE_ID
const SYSTEM_ROLE_ID
Definition: constants.php:29
ilRbacReview\_getOperationIdByName
static _getOperationIdByName(string $a_operation)
get operation id by name of operation
Definition: class.ilRbacReview.php:968
ilRbacSystem\fetchAssignedRoles
fetchAssignedRoles(int $a_usr_id, int $a_ref_id)
Fetch assigned roles This method caches the assigned roles per user.
Definition: class.ilRbacSystem.php:308
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ checkPermission()

ilRbacSystem::checkPermission ( int  $a_ref_id,
int  $a_rol_id,
string  $a_operation 
)

check if a specific role has the permission '$a_operation' of an object

Definition at line 249 of file class.ilRbacSystem.php.

References $query, $res, and ILIAS\Repository\int().

249  : bool
250  {
251  $ops = [];
252  $query = 'SELECT ops_id FROM rbac_operations ' .
253  'WHERE operation = ' . $this->db->quote($a_operation, 'text');
254  $res = $this->db->query($query);
255  $ops_id = 0;
256  while ($row = $this->db->fetchObject($res)) {
257  $ops_id = (int) $row->ops_id;
258  }
259 
260  $query = "SELECT * FROM rbac_pa " .
261  "WHERE rol_id = " . $this->db->quote($a_rol_id, 'integer') . " " .
262  "AND ref_id = " . $this->db->quote($a_ref_id, 'integer') . " ";
263  $res = $this->db->query($query);
264 
265  while ($row = $this->db->fetchObject($res)) {
266  $ops = array_merge($ops, unserialize($row->ops_id));
267  }
268  return in_array($ops_id, $ops);
269  }
$res
$res
Definition: ltiservices.php:69
$query
$query
Definition: proxy_ylocal.php:13
+ Here is the call graph for this function:

◆ fetchAssignedRoles()

ilRbacSystem::fetchAssignedRoles ( int  $a_usr_id,
int  $a_ref_id 
)
private

Fetch assigned roles This method caches the assigned roles per user.

Definition at line 308 of file class.ilRbacSystem.php.

References ILIAS\Repository\user().

Referenced by checkAccessOfUser(), and preloadRbacPaCache().

308  : array
309  {
310  // Member view constraints
311  if (isset($this->mem_view['active']) && $this->mem_view['active'] && $a_usr_id == $this->user->getId()) {
312  // check if current ref_id is subitem of active container
313  if (in_array($a_ref_id, $this->mem_view['items']) && $this->mem_view['role']) {
314  // Return default member role
315  return [$this->mem_view['role']];
316  }
317  }
318 
319  if (isset(self::$user_role_cache[$a_usr_id]) and is_array(self::$user_role_cache)) {
320  return self::$user_role_cache[$a_usr_id];
321  }
322  return self::$user_role_cache[$a_usr_id] = $this->review->assignedRoles($a_usr_id);
323  }
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ filterOwnerPermissions()

ilRbacSystem::filterOwnerPermissions ( int  $a_user_id,
string  $a_operations,
int  $a_ref_id 
)
protected

Definition at line 271 of file class.ilRbacSystem.php.

References ILIAS\Repository\user().

Referenced by checkAccessOfUser().

271  : string
272  {
273  // member view constraints
274  if (($this->mem_view['active'] ?? null) and $a_user_id == $this->user->getId()) {
275  if (in_array($a_ref_id, $this->mem_view['items'])) {
276  return $a_operations;
277  }
278  }
279 
280  if ($a_user_id != $this->objectDataCache->lookupOwner($this->objectDataCache->lookupObjId($a_ref_id))) {
281  return $a_operations;
282  }
283  // Is owner
284  $new_ops = '';
285  foreach (explode(",", $a_operations) as $operation) {
286  if ($operation != 'cat_administrate_users' &&
287  $operation != 'edit_permission' &&
288  $operation != 'edit_learning_progress' &&
289  $operation != 'read_learning_progress' &&
290  !preg_match('/^create/', $operation) &&
291  $operation != 'read_outcomes'
292  ) {
293  continue;
294  }
295  if (!strlen($new_ops)) {
296  $new_ops = $operation;
297  } else {
298  $new_ops .= (',' . $operation);
299  }
300  }
301  return $new_ops;
302  }
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getInstance()

static ilRbacSystem::getInstance ( )
static

Definition at line 73 of file class.ilRbacSystem.php.

Referenced by ilInitialisation\initAccessHandling(), and ilRBACTest\testConstruct().

73  : ilRbacSystem
74  {
75  if (self::$instance === null) {
76  self::$instance = new self();
77  }
78  return self::$instance;
79  }
+ Here is the caller graph for this function:

◆ initMemberView()

ilRbacSystem::initMemberView ( )

Definition at line 325 of file class.ilRbacSystem.php.

References $ref_id, ILIAS\LTI\ToolProvider\$settings, checkAccess(), ilParticipants\getDefaultMemberRole(), ilMemberViewSettings\getInstance(), ILIAS\FileDelivery\http(), and ILIAS\Repository\refinery().

325  : void
326  {
327  $settings = ilMemberViewSettings::getInstance();
328  $member_view_activation = null;
329  if ($this->http->wrapper()->query()->has('mv')) {
330  $member_view_activation = $this->http->wrapper()->query()->retrieve(
331  'mv',
332  $this->refinery->kindlyTo()->bool()
333  );
334  }
335  $ref_id = 0;
336  if ($this->http->wrapper()->query()->has('ref_id')) {
337  $ref_id = $this->http->wrapper()->query()->retrieve(
338  'ref_id',
339  $this->refinery->kindlyTo()->int()
340  );
341  }
342  if ($member_view_activation === true) {
343  if ($this->checkAccess('write', $ref_id)) {
344  $settings->toggleActivation($ref_id, true);
345  self::resetCaches();
346  }
347  }
348  if ($member_view_activation === false) {
349  $settings->toggleActivation($ref_id, false);
350  }
351  if (!$settings->isActive()) {
352  $this->mem_view['active'] = false;
353  $this->mem_view['items'] = [];
354  $this->mem_view['role'] = 0;
355  } else {
356  $this->mem_view['active'] = true;
357  $this->mem_view['items'] = $this->tree->getSubTreeIds($settings->getContainer());
358  $this->mem_view['items'] = array_merge($this->mem_view['items'], array($settings->getContainer()));
359  $this->mem_view['role'] = ilParticipants::getDefaultMemberRole($settings->getContainer());
360  }
361  }
ILIAS\LTI\ToolProvider\$settings
array $settings
Setting values (LTI parameters, custom parameters and local parameters).
Definition: System.php:200
ilParticipants\getDefaultMemberRole
static getDefaultMemberRole(int $a_ref_id)
Definition: class.ilParticipants.php:477
ilRbacSystem\checkAccess
checkAccess(string $a_operations, int $a_ref_id, string $a_type="")
checkAccess represents the main method of the RBAC-system in ILIAS3 developers want to use With this ...
Definition: class.ilRbacSystem.php:108
$ref_id
$ref_id
Definition: ltiauth.php:67
ILIAS\FileDelivery\http
static http()
Fetches the global http state from ILIAS.
Definition: HttpServiceAware.php:54
+ Here is the call graph for this function:

◆ preloadRbacPaCache()

ilRbacSystem::preloadRbacPaCache ( array  $a_ref_ids,
int  $a_user_id 
)

Definition at line 210 of file class.ilRbacSystem.php.

References $ref_id, fetchAssignedRoles(), ilDBConstants\FETCHMODE_OBJECT, and ILIAS\Repository\int().

210  : void
211  {
212  $ref_ids = [];
213  $roles = $ops = [];
214  foreach ($a_ref_ids as $ref_id) {
215  if (!isset(self::$_paCache[$a_user_id . ":" . $ref_id])) {
216  $roles[$ref_id] = $this->fetchAssignedRoles($a_user_id, $ref_id);
217  $ops[$ref_id] = [];
218  $ref_ids[] = $ref_id;
219  }
220  }
221 
222  if ($ref_ids !== []) {
223  // Data is not in PA cache, perform database query
224  $q = "SELECT * FROM rbac_pa " .
225  "WHERE " . $this->db->in("ref_id", $ref_ids, false, "integer");
226 
227  $r = $this->db->query($q);
228 
229  while ($row = $r->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
230  if (in_array($row->rol_id, $roles[(int) $row->ref_id])) {
231  $ops[(int) $row->ref_id] = array_merge(
232  $ops[(int) $row->ref_id],
233  unserialize(stripslashes($row->ops_id))
234  );
235  }
236  }
237  foreach ($a_ref_ids as $ref_id) {
238  // #11313
239  if (!isset(self::$_paCache[$a_user_id . ":" . $ref_id])) {
240  self::$_paCache[$a_user_id . ":" . $ref_id] = $ops[$ref_id];
241  }
242  }
243  }
244  }
$ref_id
$ref_id
Definition: ltiauth.php:67
ilRbacSystem\fetchAssignedRoles
fetchAssignedRoles(int $a_usr_id, int $a_ref_id)
Fetch assigned roles This method caches the assigned roles per user.
Definition: class.ilRbacSystem.php:308
+ Here is the call graph for this function:

◆ resetCaches()

static ilRbacSystem::resetCaches ( )
static

Reset internal caches.

Definition at line 84 of file class.ilRbacSystem.php.

Referenced by ilObjSessionGUI\unregisterObject().

84  : void
85  {
86  self::$user_role_cache = [];
87  self::$_paCache = [];
88  self::$_checkAccessOfUserCache = [];
89  }
+ Here is the caller graph for this function:

◆ resetPACache()

ilRbacSystem::resetPACache ( int  $a_usr_id,
int  $a_ref_id 
)

Definition at line 370 of file class.ilRbacSystem.php.

370  : void
371  {
372  $paCacheKey = $a_usr_id . ':' . $a_ref_id;
373  unset(self::$_paCache[$paCacheKey]);
374  }

Field Documentation

◆ $_checkAccessOfUserCache

array ilRbacSystem::$_checkAccessOfUserCache = []
staticprivate

Definition at line 47 of file class.ilRbacSystem.php.

◆ $_paCache

array ilRbacSystem::$_paCache = []
staticprivate

Definition at line 44 of file class.ilRbacSystem.php.

◆ $db

ilDBInterface ilRbacSystem::$db
protected

Definition at line 50 of file class.ilRbacSystem.php.

◆ $http

GlobalHttpState ilRbacSystem::$http
protected

Definition at line 54 of file class.ilRbacSystem.php.

◆ $instance

ilRbacSystem ilRbacSystem::$instance = null
staticprotected

Definition at line 37 of file class.ilRbacSystem.php.

◆ $mem_view

array ilRbacSystem::$mem_view = []
protected

Definition at line 39 of file class.ilRbacSystem.php.

◆ $objectDataCache

ilObjectDataCache ilRbacSystem::$objectDataCache
protected

Definition at line 52 of file class.ilRbacSystem.php.

◆ $refinery

Factory ilRbacSystem::$refinery
protected

Definition at line 55 of file class.ilRbacSystem.php.

◆ $review

ilRbacReview ilRbacSystem::$review
protected

Definition at line 51 of file class.ilRbacSystem.php.

◆ $tree

ilTree ilRbacSystem::$tree
protected

Definition at line 53 of file class.ilRbacSystem.php.

◆ $user

ilObjUser ilRbacSystem::$user
protected

Definition at line 49 of file class.ilRbacSystem.php.

◆ $user_role_cache

array ilRbacSystem::$user_role_cache = []
staticprotected

Definition at line 41 of file class.ilRbacSystem.php.

◆ MAX_CACHE_ENTRIES

const ilRbacSystem::MAX_CACHE_ENTRIES = 1000
private

Definition at line 35 of file class.ilRbacSystem.php.

The documentation for this class was generated from the following file: