ILIAS  release_8 Revision v8.25-1-g13de6a5eca6
class.ilLocalUserGUI.php
Go to the documentation of this file.
1<?php
2
19/* Copyright (c) 1998-2013 ILIAS open source, Extended GPL, see docs/LICENSE */
20
26class ilLocalUserGUI
27{
28 private ilObjectGUI $parentGui;
29 private ilTabsGUI $tabsGui;
30 private ilPropertyFormGUI $form;
31 private ilToolbarGUI $toolbar;
32 private ilCtrl $ctrl;
33 private ilGlobalTemplateInterface $tpl;
35 private $object;
36 private ilLanguage $lng;
37 private ilAccessHandler $access;
38 private ilRbacSystem $rbacSystem;
39 private ilRbacReview $rbacReview;
40 private ilRbacAdmin $rbacAdmin;
41 private ilObjUser $user;
42 private \ILIAS\DI\LoggingServices $logger;
43
44 public function __construct(ilObjectGUI $parentGui)
45 {
46 global $DIC;
47
48 $this->parentGui = $parentGui;
49 $this->object = $parentGui->getObject();
50 $this->tpl = $DIC->ui()->mainTemplate();
51 $this->ctrl = $DIC->ctrl();
52 $this->toolbar = $DIC->toolbar();
53 $this->lng = $DIC->language();
54 $this->rbacSystem = $DIC->rbac()->system();
55 $this->rbacReview = $DIC->rbac()->review();
56 $this->rbacAdmin = $DIC->rbac()->admin();
57 $this->user = $DIC->user();
58 $this->access = $DIC->access();
59 $this->tabsGui = $DIC->tabs();
60 $this->logger = $DIC->logger();
61
62 $this->lng->loadLanguageModule('user');
63 if (!$this->rbacSystem->checkAccess("cat_administrate_users", $this->parentGui->getObject()->getRefId())) {
64 $this->tpl->setOnScreenMessage('failure', $this->lng->txt("msg_no_perm_admin_users"), true);
65 }
66 }
67
68 public function executeCommand(): bool
69 {
70 $cmd = $this->ctrl->getCmd();
71 switch ($cmd) {
72 case "assignRoles":
73 case "assignSave":
74 $this->tabsGui->clearTargets();
75 $this->tabsGui->setBackTarget(
76 $this->lng->txt("back"),
77 $this->ctrl->getLinkTargetByClass("illocalusergui", 'index')
78 );
79 $this->$cmd();
80 break;
81 default:
82 $this->$cmd();
83 break;
84 }
85
86 return true;
87 }
88 public function getObject(): ilObjOrgUnit
89 {
90 return $this->object;
91 }
92
93 protected function resetFilter(): void
94 {
95 $table = new ilUserTableGUI($this, "index", ilUserTableGUI::MODE_LOCAL_USER);
96 $table->resetOffset();
97 $table->resetFilter();
98 $this->index();
99 }
100
101 protected function applyFilter(): void
102 {
103 $table = new ilUserTableGUI($this, "index", ilUserTableGUI::MODE_LOCAL_USER);
104 $table->resetOffset();
105 $table->writeFilterToSession();
106 $this->index();
107 }
108
109 public function index(bool $show_delete = false): bool
110 {
111 $this->tpl->addBlockfile(
112 'ADM_CONTENT',
113 'adm_content',
114 'tpl.cat_admin_users.html',
115 "Modules/Category"
116 );
117 if (count($this->rbacReview->getGlobalAssignableRoles())
118 or in_array(SYSTEM_ROLE_ID, $this->rbacReview->assignedRoles($this->user->getId()))
119 ) {
120 $this->toolbar->addButton(
121 $this->lng->txt('add_user'),
122 $this->ctrl->getLinkTargetByClass('ilobjusergui', 'create')
123 );
124 $this->toolbar->addButton(
125 $this->lng->txt('import_users'),
126 $this->ctrl->getLinkTargetByClass('ilobjuserfoldergui', 'importUserForm')
127 );
128 } else {
129 $this->tpl->setOnScreenMessage('info', $this->lng->txt('no_roles_user_can_be_assigned_to'));
130 }
131 if ($show_delete) {
132 $this->tpl->setCurrentBlock("confirm_delete");
133 $this->tpl->setVariable("CONFIRM_FORMACTION", $this->ctrl->getFormAction($this));
134 $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt('cancel'));
135 $this->tpl->setVariable("CONFIRM_CMD", 'performDeleteUsers');
136 $this->tpl->setVariable("TXT_CONFIRM", $this->lng->txt('delete'));
137 $this->tpl->parseCurrentBlock();
138 }
139 $table = new ilUserTableGUI($this, 'index', ilUserTableGUI::MODE_LOCAL_USER);
140 $this->tpl->setVariable('USERS_TABLE', $table->getHTML());
141
142 return true;
143 }
144
145 protected function addUserAutoCompleteObject(): void
146 {
147 $auto = new ilUserAutoComplete();
148 $auto->setSearchFields(array('login', 'firstname', 'lastname', 'email'));
149 $auto->enableFieldSearchableCheck(true);
150 $auto->setMoreLinkAvailable(true);
151
152 if (($_REQUEST['fetchall'])) {
153 $auto->setLimit(ilUserAutoComplete::MAX_ENTRIES);
154 }
155
156 echo $auto->getList($_REQUEST['term']);
157 exit();
158 }
159
160 public function performDeleteUsers(): bool
161 {
162 $this->checkPermission("cat_administrate_users");
163 foreach ($_POST['user_ids'] as $user_id) {
164 if (!in_array($user_id, ilLocalUser::_getAllUserIds($_GET['ref_id']))) {
165 $this->logger->write(__FILE__ . ":" . __LINE__ . " User with id $user_id could not be found.");
166 $this->tpl->setOnScreenMessage('failure', $this->lng->txt('user_not_found_to_delete'));
167 }
168 if (!$tmp_obj = ilObjectFactory::getInstanceByObjId($user_id, false)) {
169 continue;
170 }
171 $tmp_obj->delete();
172 }
173 $this->tpl->setOnScreenMessage('success', $this->lng->txt('deleted_users'), true);
174 $this->ctrl->redirect($this, 'index');
175
176 return true;
177 }
178
179 public function deleteUsers(): void
180 {
181 $this->checkPermission("cat_administrate_users");
182 if (!count($_POST['id'])) {
183 $this->tpl->setOnScreenMessage('failure', $this->lng->txt('no_users_selected'));
184 $this->index();
185 return;
186 }
187 $confirm = new ilConfirmationGUI();
188 $confirm->setFormAction($this->ctrl->getFormAction($this));
189 $confirm->setHeaderText($this->lng->txt('sure_delete_selected_users'));
190 $confirm->setConfirm($this->lng->txt('delete'), 'performDeleteUsers');
191 $confirm->setCancel($this->lng->txt('cancel'), 'index');
192 foreach ($_POST['id'] as $user) {
193 $name = ilObjUser::_lookupName($user);
194 $confirm->addItem(
195 'user_ids[]',
196 $user,
197 $name['lastname'] . ', ' . $name['firstname'] . ' [' . $name['login'] . ']'
198 );
199 }
200 $this->tpl->setContent($confirm->getHTML());
201 }
202
203
209 public function assignRoles(): void
210 {
211 if (!$this->access->checkAccess("cat_administrate_users", "", $_GET["ref_id"])) {
212 $this->tpl->setOnScreenMessage('failure', $this->lng->txt("permission_denied"), true);
213 $this->ctrl->redirect($this, "");
214 }
215 $offset = isset($_GET["offset"]) ? $_GET["offset"] : 0;
216 // init sort_by (unfortunatly sort_by is preset with 'title'
217 if (!isset($_GET["sort_by"]) || $_GET["sort_by"] == "title" || empty($_GET["sort_by"])) {
218 $order = "login";
219 } else {
220 $order = $_GET["sort_by"];
221 }
222
223 $direction = isset($_GET["sort_order"]) ? $_GET["sort_order"] : 'asc';
224 if (!isset($_GET['obj_id'])) {
225 $this->tpl->setOnScreenMessage('failure', 'no_user_selected');
226 $this->index();
227 return;
228 }
229 $roles = $this->getAssignableRoles();
230 $this->tpl->addBlockfile(
231 'ADM_CONTENT',
232 'adm_content',
233 'tpl.cat_role_assignment.html',
234 "Modules/Category"
235 );
236 $ass_roles = $this->rbacReview->assignedRoles($_GET['obj_id']);
237 $counter = 0;
238 foreach ($roles as $role) {
239 $role_obj = ilObjectFactory::getInstanceByObjId($role['obj_id']);
240 $disabled = false;
241 $f_result[$counter][] = ilLegacyFormElementsUtil::formCheckbox(
242 in_array($role['obj_id'], $ass_roles) ? 1 : 0,
243 'role_ids[]',
244 $role['obj_id'],
245 $disabled
246 );
247 $f_result[$counter][] = $role_obj->getTitle();
248 $f_result[$counter][] = $role_obj->getDescription() ? $role_obj->getDescription() : '';
249 $f_result[$counter][] = (isset($role['role_type']) && $role['role_type'] == 'global')
250 ?
251 $this->lng->txt('global')
252 :
253 $this->lng->txt('local');
254 unset($role_obj);
255 ++$counter;
256 }
257 $this->showRolesTable($f_result, "assignRolesObject");
258 }
259
260 public function assignSave(): bool
261 {
262 if (!$this->access->checkAccess("cat_administrate_users", "", $_GET["ref_id"])) {
263 $this->tpl->setOnScreenMessage('failure', $this->lng->txt("permission_denied"), true);
264 $this->ctrl->redirect($this, "");
265 }
266 // check hack
267 if (!isset($_GET['obj_id']) or !in_array($_REQUEST['obj_id'], ilLocalUser::_getAllUserIds())) {
268 $this->tpl->setOnScreenMessage('failure', 'no_user_selected');
269 $this->index();
270
271 return true;
272 }
273 $roles = $this->getAssignableRoles();
274 // check minimum one global role
275 if (!$this->checkGlobalRoles($_POST['role_ids'])) {
276 $this->tpl->setOnScreenMessage('failure', $this->lng->txt('no_global_role_left'));
277 $this->assignRolesObject();
278
279 return false;
280 }
281 $new_role_ids = $_POST['role_ids'] ? $_POST['role_ids'] : array();
282 $assigned_roles = $this->rbacReview->assignedRoles((int) $_REQUEST['obj_id']);
283 foreach ($roles as $role) {
284 if (in_array($role['obj_id'], $new_role_ids) and !in_array($role['obj_id'], $assigned_roles)) {
285 $this->rbacAdmin->assignUser($role['obj_id'], (int) $_REQUEST['obj_id']);
286 }
287 if (in_array($role['obj_id'], $assigned_roles) and !in_array($role['obj_id'], $new_role_ids)) {
288 $this->rbacAdmin->deassignUser($role['obj_id'], (int) $_REQUEST['obj_id']);
289 }
290 }
291 $this->tpl->setOnScreenMessage('success', $this->lng->txt('role_assignment_updated'));
292 $this->assignRoles();
293
294 return true;
295 }
296
297 public function checkGlobalRoles($new_assigned): bool
298 {
299 if (!$this->access->checkAccess("cat_administrate_users", "", $_GET["ref_id"])) {
300 $this->tpl->setOnScreenMessage('failure', $this->lng->txt("permission_denied"), true);
301 $this->ctrl->redirect($this, "");
302 }
303 // return true if it's not a local user
304 $tmp_obj = ilObjectFactory::getInstanceByObjId($_REQUEST['obj_id']);
305 if ($tmp_obj->getTimeLimitOwner() != $this->object->getRefId() and
306 !in_array(SYSTEM_ROLE_ID, $this->rbacReview->assignedRoles($this->user->getId()))
307 ) {
308 return true;
309 }
310 // new assignment by form
311 $new_assigned = $new_assigned ? $new_assigned : array();
312 $assigned = $this->rbacReview->assignedRoles((int) $_GET['obj_id']);
313 // all assignable globals
314 if (!in_array(SYSTEM_ROLE_ID, $this->rbacReview->assignedRoles($this->user->getId()))) {
315 $ga = $this->rbacReview->getGlobalAssignableRoles();
316 } else {
317 $ga = $this->rbacReview->getGlobalRolesArray();
318 }
319 $global_assignable = array();
320 foreach ($ga as $role) {
321 $global_assignable[] = $role['obj_id'];
322 }
323 $new_visible_assigned_roles = array_intersect($new_assigned, $global_assignable);
324 $all_assigned_roles = array_intersect($assigned, $this->rbacReview->getGlobalRoles());
325 $main_assigned_roles = array_diff($all_assigned_roles, $global_assignable);
326 if (!count($new_visible_assigned_roles) and !count($main_assigned_roles)) {
327 return false;
328 }
329
330 return true;
331 }
332
333
338 public function getAssignableRoles(): array
339 {
340 // check local user
341 $tmp_obj = ilObjectFactory::getInstanceByObjId($_REQUEST['obj_id']);
342 // Admin => all roles
343 if (in_array(SYSTEM_ROLE_ID, $this->rbacReview->assignedRoles($this->user->getId())) === true) {
344 $global_roles = $this->rbacReview->getGlobalRolesArray();
345 } elseif ($tmp_obj->getTimeLimitOwner() == $this->object->getRefId()) {
346 $global_roles = $this->rbacReview->getGlobalAssignableRoles();
347 } else {
348 $global_roles = array();
349 }
350
351 return array_merge($global_roles, $this->rbacReview->getAssignableChildRoles($this->object->getRefId()));
352 }
353
354
361 public function showRolesTable($a_result_set, $a_from = ""): bool
362 {
363 if ($this->access->checkAccess("cat_administrate_users", "", $_GET["ref_id"]) === false) {
364 $this->tpl->setOnScreenMessage('failure', $this->lng->txt("permission_denied"), true);
365 $this->ctrl->redirect($this, "");
366 }
367 $tbl = $this->initTableGUI();
368 $tpl = $tbl->getTemplateObject();
369 // SET FORMAACTION
370 $tpl->setCurrentBlock("tbl_form_header");
371 $this->ctrl->setParameter($this, 'obj_id', $_GET['obj_id']);
372 $tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
373 $tpl->parseCurrentBlock();
374 // SET FOOTER BUTTONS
375 $tpl->setVariable("IMG_ARROW", ilUtil::getImagePath("arrow_downright.svg"));
376 $tpl->setVariable("BTN_NAME", "assignSave");
377 $tpl->setVariable("BTN_VALUE", $this->lng->txt("change_assignment"));
378 $tpl->setCurrentBlock("tbl_action_row");
379 $tpl->parseCurrentBlock();
380 $tmp_obj = ilObjectFactory::getInstanceByObjId($_GET['obj_id']);
381 $title = $this->lng->txt('role_assignment') . ' (' . $tmp_obj->getFullname() . ')';
382 $tbl->setTitle($title, "icon_role.svg", $this->lng->txt("role_assignment"));
383 $tbl->setHeaderNames(array(
384 '',
385 $this->lng->txt("title"),
386 $this->lng->txt('description'),
387 $this->lng->txt("type"),
388 ));
389 $tbl->setHeaderVars(array(
390 "",
391 "title",
392 "description",
393 "type",
394 ), (get_class($this->parentGui) == 'ilObjOrgUnitGUI')
395 ? array(
396 "ref_id" => $this->object->getRefId(),
397 "cmd" => "assignRoles",
398 "obj_id" => $_GET['obj_id'],
399 "cmdNode" => $_GET["cmdNode"],
400 "baseClass" => 'ilAdministrationGUI',
401 "admin_mode" => "settings",
402 )
403 : array(
404 "ref_id" => $this->object->getRefId(),
405 "cmd" => "assignRoles",
406 "obj_id" => $_GET['obj_id'],
407 "cmdClass" => "ilobjcategorygui",
408 "baseClass" => 'ilRepositoryGUI',
409 "cmdNode" => $_GET["cmdNode"],
410 ));
411 $tbl->setColumnWidth(array("4%", "35%", "45%", "16%"));
412 $this->set_unlimited = true;
413 $this->setTableGUIBasicData($tbl, $a_result_set, $a_from);
414 $tbl->render();
415 $this->tpl->setVariable('OBJECTS', $tbl->getTemplateObject()->get());
416
417 return true;
418 }
419
420 protected function initTableGUI(): ilTableGUI
421 {
422 return new ilTableGUI([], false);
423 }
424
425 protected function setTableGUIBasicData($tbl, &$result_set, string $a_from = ""): void
426 {
427 $order = isset($_GET["sort_by"]) ? $_GET["sort_by"] : 'title';
428 $direction = isset($_GET["sort_order"]) ? $_GET["sort_order"] : 'asc';
429 $offset = isset($_GET["offset"]) ? $_GET["offset"] : 0;
430 $limit = isset($_GET["limit"]) ? $_GET["limit"] : 0;
431
432 if ($a_from == 'clipboardObject') $tbl->disable("footer");
433 $tbl->disable("linkbar");
434
435 $tbl->setOrderColumn((string) $order);
436 $tbl->setOrderDirection((string) $direction);
437 $tbl->setOffset((int) $offset);
438 $tbl->setLimit((int) $limit);
439 $tbl->setFooter("tblfooter", $this->lng->txt("previous"), $this->lng->txt("next"));
440 $tbl->setData($result_set);
441 }
442
443 protected function checkPermission(string $permission): void
444 {
445 if (!$this->access->checkAccess($permission, "", $_GET["ref_id"])) {
446 $this->tpl->setOnScreenMessage('failure', $this->lng->txt("permission_denied"), true);
447 $this->ctrl->redirect($this, "");
448 }
449 }
450}
ilConfirmationGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilConfirmationGUI.php:25
ilCtrl
Class ilCtrl provides processing control methods.
Definition: class.ilCtrl.php:35
ilLanguage
language handling
Definition: class.ilLanguage.php:44
ilLegacyFormElementsUtil\formCheckbox
static formCheckbox(bool $checked, string $varname, string $value, bool $disabled=false)
Definition: class.ilLegacyFormElementsUtil.php:261
ilLocalUserGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilLocalUserGUI.php:27
ilLocalUserGUI\setTableGUIBasicData
setTableGUIBasicData($tbl, &$result_set, string $a_from="")
Definition: class.ilLocalUserGUI.php:425
ilLocalUserGUI\showRolesTable
showRolesTable($a_result_set, $a_from="")
Definition: class.ilLocalUserGUI.php:361
ilLocalUserGUI\$logger
ILIAS DI LoggingServices $logger
Definition: class.ilLocalUserGUI.php:42
ilLocalUserGUI\$rbacReview
ilRbacReview $rbacReview
Definition: class.ilLocalUserGUI.php:39
ilLocalUserGUI\$tpl
ilGlobalTemplateInterface $tpl
Definition: class.ilLocalUserGUI.php:33
ilLocalUserGUI\$form
ilPropertyFormGUI $form
Definition: class.ilLocalUserGUI.php:30
ilLocalUserGUI\$rbacSystem
ilRbacSystem $rbacSystem
Definition: class.ilLocalUserGUI.php:38
ilLocalUserGUI\index
index(bool $show_delete=false)
Definition: class.ilLocalUserGUI.php:109
ilLocalUserGUI\__construct
__construct(ilObjectGUI $parentGui)
Definition: class.ilLocalUserGUI.php:44
ilLocalUserGUI\$access
ilAccessHandler $access
Definition: class.ilLocalUserGUI.php:37
ilLocalUserGUI\checkPermission
checkPermission(string $permission)
Definition: class.ilLocalUserGUI.php:443
ilLocalUserGUI\checkGlobalRoles
checkGlobalRoles($new_assigned)
Definition: class.ilLocalUserGUI.php:297
ilLocalUser\_getAllUserIds
static _getAllUserIds(int $a_filter=0)
Definition: class.ilLocalUser.php:92
ilObjOrgUnit
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilObjOrgUnit.php:28
ilObjUser
User class.
Definition: class.ilObjUser.php:28
ilObjUser\_lookupName
static _lookupName(int $a_user_id)
lookup user name
Definition: class.ilObjUser.php:614
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId(?int $obj_id, bool $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:84
ilObjectGUI
Class ilObjectGUI Basic methods of all Output classes.
Definition: class.ilObjectGUI.php:35
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:31
ilRbacAdmin
Class ilRbacAdmin Core functions for role based access control.
Definition: class.ilRbacAdmin.php:31
ilRbacReview
class ilRbacReview Contains Review functions of core Rbac.
Definition: class.ilRbacReview.php:34
ilRbacSystem
class ilRbacSystem system function like checkAccess, addActiveRole ... Supporting system functions ar...
Definition: class.ilRbacSystem.php:34
ilTableGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilTableGUI.php:24
ilTabsGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilTabsGUI.php:24
ilToolbarGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilToolbarGUI.php:26
ilUserAutoComplete
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilUserAutoComplete.php:23
ilUserTableGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilUserTableGUI.php:25
ilUtil\getImagePath
static getImagePath(string $img, string $module_path="", string $mode="output", bool $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:67
SYSTEM_ROLE_ID
const SYSTEM_ROLE_ID
Definition: constants.php:29
$DIC
global $DIC
Definition: feed.php:28
ilAccessHandler
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: interface.ilAccessHandler.php:27
ilGlobalTemplateInterface
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: interface.ilGlobalTemplateInterface.php:25
ilGlobalTemplateInterface\setCurrentBlock
setCurrentBlock(string $part=self::DEFAULT_BLOCK)
Sets the template to the given block.
ilGlobalTemplateInterface\parseCurrentBlock
parseCurrentBlock(string $block_name=self::DEFAULT_BLOCK)
Parses the given block.
ilGlobalTemplateInterface\setVariable
setVariable(string $variable, $value='')
Sets the given variable to the given value.
exit
exit
Definition: login.php:28
$name
if($format !==null) $name
Definition: metadata.php:247
$_GET
$_GET['client_id']
Definition: saml1-acs.php:21