ILIAS  release_9 Revision v9.13-25-g2c18ec4c24f
class.ilObjRoleFolderGUI.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
21 use ILIAS\HTTP\GlobalHttpState;
22 use ILIAS\Refinery\Factory;
23 use ILIAS\UI\Factory as UIFactory;
24 
32 class ilObjRoleFolderGUI extends ilObjectGUI
33 {
34  private const COPY_ADD_PERMISSIONS = 1;
35  private const COPY_CLONE_PERMISSIONS = 2;
36  private const COPY_REMOVE_PERMISSIONS = 3;
37  private const COPY_CHANGE_EXISTING_OBJECTS = 1;
38 
39  private ilLogger $logger;
40  protected ilRbacAdmin $rbacadmin;
41 
42  protected GlobalHttpState $http;
43  protected Factory $refinery;
44  protected UIFactory $ui_factory;
45 
50  public function __construct($a_data, int $a_id, bool $a_call_by_reference)
51  {
52  global $DIC;
53 
54  $this->logger = $DIC->logger()->ac();
55  $this->rbacadmin = $DIC['rbacadmin'];
56  $this->http = $DIC->http();
57  $this->refinery = $DIC->refinery();
58  $this->ui_factory = $DIC['ui.factory'];
59 
60  $this->type = "rolf";
61  parent::__construct($a_data, $a_id, $a_call_by_reference, false);
62  $this->lng->loadLanguageModule('rbac');
63  }
64 
65  public function executeCommand(): void
66  {
67  $next_class = $this->ctrl->getNextClass($this);
68  $cmd = $this->ctrl->getCmd();
69  $this->prepareOutput();
70 
71  switch ($next_class) {
72  case 'ilpermissiongui':
73  $perm_gui = new ilPermissionGUI($this);
74  $ret = $this->ctrl->forwardCommand($perm_gui);
75  break;
76 
77  default:
78  $this->ctrl->setReturn($this, "view");
79  if (!$cmd) {
80  $cmd = "view";
81  }
82  $cmd .= "Object";
83  $this->$cmd();
84 
85  break;
86  }
87  }
88 
89  protected function initCopySourceFromGET(): int
90  {
91  if ($this->http->wrapper()->query()->has('csource')) {
92  return $this->http->wrapper()->query()->retrieve(
93  'csource',
94  $this->refinery->kindlyTo()->int()
95  );
96  }
97  return 0;
98  }
99 
103  protected function initRolesFromPOST(): array
104  {
105  if ($this->http->wrapper()->post()->has('roles')) {
106  return $this->http->wrapper()->post()->retrieve(
107  'roles',
108  $this->refinery->byTrying([
109  $this->refinery->kindlyTo()->listOf(
110  $this->refinery->kindlyTo()->int()
111  ),
112  $this->refinery->in()->series([
113  $this->refinery->custom()->transformation(function ($v) {
114  return explode(',', $v);
115  }),
116  $this->refinery->kindlyTo()->listOf(
117  $this->refinery->kindlyTo()->int()
118  )
119  ])
120  ])
121  );
122  }
123  return [];
124  }
125 
126  protected function buildTargetNamesString(): string
127  {
128  $targets = $this->initRolesFromPOST();
129 
130  if ($targets === []) {
131  $this->tpl->setOnScreenMessage('failure', $this->lng->txt('rbac_copy_no_targets'), true);
132  $this->ctrl->redirect($this, 'roleSearchList');
133  }
134 
135  if (count($targets) > 3) {
136  return sprintf($this->lng->txt('rbac_copy_multi_targets'), '<strong>' . ilObject::_lookupTitle($targets[0]), ilObject::_lookupTitle($targets[1]) . '</strong>', '<strong>' . (string) count($targets) - 2, '</strong>');
137  }
138 
139  if (count($targets) > 1) {
140  $target_names = '<strong>' . ilObject::_lookupTitle(array_shift($targets));
141  foreach ($targets as $target) {
142  $target_names .= ', ' . ilObject::_lookupTitle($target);
143  }
144  return $target_names . '</strong>';
145  }
146 
147  // we have one single target
148  return '<strong>' . ilObject::_lookupTitle($targets[0]) . '</strong>';
149  }
150 
151  public function viewObject(): void
152  {
153  $this->tabs_gui->activateTab('view');
154 
155  if (!$this->rbac_system->checkAccess('visible,read', $this->object->getRefId())) {
156  $this->error->raiseError($this->lng->txt('permission_denied'), $this->error->MESSAGE);
157  }
158 
159  if ($this->rbac_system->checkAccess('create_role', $this->object->getRefId())) {
160  $this->ctrl->setParameter($this, 'new_type', 'role');
161  $this->toolbar->addComponent(
162  $this->ui_factory->link()->standard(
163  $this->lng->txt('rolf_create_role'),
164  $this->ctrl->getLinkTarget($this, 'create')
165  )
166  );
167  }
168  if ($this->rbac_system->checkAccess('create_rolt', $this->object->getRefId())) {
169  $this->ctrl->setParameter($this, 'new_type', 'rolt');
170  $this->toolbar->addComponent(
171  $this->ui_factory->link()->standard(
172  $this->lng->txt('rolf_create_rolt'),
173  $this->ctrl->getLinkTarget($this, 'create')
174  )
175  );
176  $this->ctrl->clearParameters($this);
177  }
178 
179  if (
180  $this->rbac_system->checkAccess('create_rolt', $this->object->getRefId()) ||
181  $this->rbac_system->checkAccess('create_rolt', $this->object->getRefId())
182  ) {
183  $this->toolbar->addComponent(
184  $this->ui_factory->link()->standard(
185  $this->lng->txt('rbac_import_role'),
186  $this->ctrl->getLinkTargetByClass('ilPermissionGUI', 'displayImportRoleForm')
187  )
188  );
189  }
190 
191  $table = new ilRoleTableGUI($this, 'view');
192  $table->init();
193  $table->parse($this->object->getId());
194 
195  $this->tpl->setContent($table->getHTML());
196  }
197 
201  protected function roleSearchObject(): void
202  {
203  $this->tabs_gui->clearTargets();
204  $this->tabs_gui->setBackTarget(
205  $this->lng->txt('rbac_back_to_overview'),
206  $this->ctrl->getLinkTarget($this, 'view')
207  );
208 
209  if (!$this->rbac_system->checkAccess('visible,read', $this->object->getRefId())) {
210  $this->error->raiseError($this->lng->txt('permission_denied'), $this->error->MESSAGE);
211  }
212 
213  $this->ctrl->setParameter($this, 'csource', $this->initCopySourceFromGET());
214  $this->tpl->setOnScreenMessage(
215  'info',
216  sprintf(
217  $this->lng->txt('rbac_choose_copy_targets'),
218  '<strong>' . ilObject::_lookupTitle($this->initCopySourceFromGET()) . '</strong>'
219  )
220  );
221 
222  $form = $this->initRoleSearchForm();
223  $this->tpl->setContent($form->getHTML());
224  }
225 
229  protected function initRoleSearchForm(): ilPropertyFormGUI
230  {
231  $form = new ilPropertyFormGUI();
232  $form->setTitle($this->lng->txt('rbac_role_title'));
233  $form->setFormAction($this->ctrl->getFormAction($this, 'view'));
234 
235  $search = new ilTextInputGUI($this->lng->txt('title'), 'title');
236  $search->setRequired(true);
237  $search->setSize(30);
238  $search->setMaxLength(255);
239  $form->addItem($search);
240 
241  $form->addCommandButton('roleSearchForm', $this->lng->txt('search'));
242  return $form;
243  }
244 
248  protected function roleSearchFormObject(): void
249  {
250  ilSession::set('rolf_search_query', '');
251  $this->ctrl->setParameter($this, 'csource', $this->initCopySourceFromGET());
252 
253  $form = $this->initRoleSearchForm();
254  if ($form->checkInput()) {
255  ilSession::set('rolf_search_query', $form->getInput('title'));
256  $this->roleSearchListObject();
257  return;
258  }
259 
260  $this->tpl->setOnScreenMessage('failure', $this->lng->txt('msg_no_search_string'), true);
261  $form->setValuesByPost();
262  $this->ctrl->redirect($this, 'roleSearch');
263  }
264 
268  protected function roleSearchListObject(): void
269  {
270  $this->tabs_gui->clearTargets();
271  $this->tabs_gui->setBackTarget(
272  $this->lng->txt('rbac_back_to_overview'),
273  $this->ctrl->getLinkTarget($this, 'view')
274  );
275 
276  $this->ctrl->setParameter($this, 'csource', $this->initCopySourceFromGET());
277 
278  if (strlen(ilSession::get('rolf_search_query'))) {
279  $this->tpl->setOnScreenMessage(
280  'info',
281  sprintf(
282  $this->lng->txt('rbac_select_copy_targets'),
283  '<strong>' . ilObject::_lookupTitle($this->initCopySourceFromGET()) . '</strong>'
284  )
285  );
286  $table = new ilRoleTableGUI($this, 'roleSearchList');
287  $table->setType(ilRoleTableGUI::TYPE_SEARCH);
288  $table->setRoleTitleFilter(ilSession::get('rolf_search_query'));
289  $table->init();
290  $table->parse($this->object->getId());
291  $this->tpl->setContent($table->getHTML());
292  return;
293  }
294 
295  $this->tpl->setOnScreenMessage('failure', $this->lng->txt('msg_no_search_string'), true);
296  $this->ctrl->redirect($this, 'roleSearch');
297  }
298 
302  protected function chooseCopyBehaviourObject(?ilPropertyFormGUI $form = null): void
303  {
304  $this->initCopySourceFromGET();
305 
306  $this->ctrl->saveParameter($this, 'csource');
307  $this->tabs_gui->clearTargets();
308  $this->tabs_gui->setBackTarget(
309  $this->lng->txt('rbac_back_to_overview'),
310  $this->ctrl->getLinkTarget($this, 'view')
311  );
312  if (!$form instanceof \ilPropertyFormGUI) {
313  $form = $this->initCopyBehaviourForm();
314  }
315  $this->tpl->setContent($form->getHTML());
316  }
317 
321  protected function initCopyBehaviourForm(): ilPropertyFormGUI
322  {
323  // not only for role templates; add/remove permissions is also applicable for roles
324  $full_featured = true;
325 
326  $this->tpl->setOnScreenMessage(
327  'info',
328  sprintf(
329  $this->lng->txt('rbac_copy_behaviour_info'),
330  '<strong>' . ilObject::_lookupTitle($this->initCopySourceFromGET()) . '</strong>',
331  $this->buildTargetNamesString()
332  ),
333  true
334  );
335 
336  $form = new ilPropertyFormGUI();
337  $form->setTitle($this->lng->txt('rbac_copy_behaviour'));
338  $form->setFormAction($this->ctrl->getFormAction($this, 'chooseCopyBehaviour'));
339 
340  $copy_type = new \ilRadioGroupInputGUI(
341  $this->lng->txt('rbac_form_copy_roles_adjust_type'),
342  'type'
343  );
344  $copy_type->setRequired(true);
345  $copy_type->setValue((string) self::COPY_CLONE_PERMISSIONS);
346 
347  if ($full_featured) {
348  $add = new \ilRadioOption(
349  $this->lng->txt('rbac_form_copy_roles_adjust_type_add'),
350  (string) self::COPY_ADD_PERMISSIONS,
351  $this->lng->txt('rbac_form_copy_roles_adjust_type_add_info')
352  );
353  $copy_type->addOption($add);
354 
355  $ce_type_add = new \ilRadioGroupInputGUI(
356  '',
357  'add_ce_type'
358  );
359  $ce_type_add->setRequired(true);
360  $ce_add_yes = new \ilRadioOption(
361  $this->lng->txt('rbac_form_copy_roles_ce_add_yes'),
362  (string) self::COPY_CHANGE_EXISTING_OBJECTS,
363  $this->lng->txt('rbac_form_copy_roles_ce_add_yes_info')
364  );
365  $ce_type_add->addOption($ce_add_yes);
366  $ce_add_no = new \ilRadioOption(
367  $this->lng->txt('rbac_form_copy_roles_ce_add_no'),
368  (string) 0,
369  $this->lng->txt('rbac_form_copy_roles_ce_add_no_info')
370  );
371  $ce_type_add->addOption($ce_add_no);
372  $add->addSubItem($ce_type_add);
373  }
374  $clone = new \ilRadioOption(
375  $this->lng->txt('rbac_form_copy_roles_adjust_type_clone'),
376  (string) self::COPY_CLONE_PERMISSIONS,
377  $this->lng->txt('rbac_form_copy_roles_adjust_type_clone_info')
378  );
379  $copy_type->addOption($clone);
380 
381  $ce_type_clone = new \ilRadioGroupInputGUI(
382  '',
383  'clone_ce_type'
384  );
385  $ce_type_clone->setRequired(true);
386  $ce_clone_yes = new \ilRadioOption(
387  $this->lng->txt('rbac_form_copy_roles_ce_clone_yes'),
388  (string) self::COPY_CHANGE_EXISTING_OBJECTS,
389  $this->lng->txt('rbac_form_copy_roles_ce_clone_yes_info')
390  );
391  $ce_type_clone->addOption($ce_clone_yes);
392  $ce_clone_no = new \ilRadioOption(
393  $this->lng->txt('rbac_form_copy_roles_ce_clone_no'),
394  (string) 0,
395  $this->lng->txt('rbac_form_copy_roles_ce_clone_no_info')
396  );
397  $ce_type_clone->addOption($ce_clone_no);
398  $clone->addSubItem($ce_type_clone);
399 
400  if ($full_featured) {
401  $remove = new \ilRadioOption(
402  $this->lng->txt('rbac_form_copy_roles_adjust_type_remove'),
403  (string) self::COPY_REMOVE_PERMISSIONS,
404  $this->lng->txt('rbac_form_copy_roles_adjust_type_remove_info')
405  );
406  $copy_type->addOption($remove);
407  $ce_type_remove = new \ilRadioGroupInputGUI(
408  '',
409  'remove_ce_type'
410  );
411  $ce_type_remove->setRequired(true);
412  $ce_remove_yes = new \ilRadioOption(
413  $this->lng->txt('rbac_form_copy_roles_ce_remove_yes'),
414  (string) self::COPY_CHANGE_EXISTING_OBJECTS,
415  $this->lng->txt('rbac_form_copy_roles_ce_remove_yes_info')
416  );
417  $ce_type_remove->addOption($ce_remove_yes);
418  $ce_remove_no = new \ilRadioOption(
419  $this->lng->txt('rbac_form_copy_roles_ce_remove_no'),
420  (string) 0,
421  $this->lng->txt('rbac_form_copy_roles_ce_remove_no_info')
422  );
423  $ce_type_remove->addOption($ce_remove_no);
424  $remove->addSubItem($ce_type_remove);
425  }
426 
427  $form->addItem($copy_type);
428 
429  $roles = new ilHiddenInputGUI('roles');
430  $roles->setValue(implode(',', $this->initRolesFromPOST()));
431  $form->addItem($roles);
432 
433  $form->addCommandButton('roleSearchList', $this->lng->txt('back'));
434  $form->addCommandButton('adjustRole', $this->lng->txt('rbac_form_copy_roles_adjust_button'));
435  return $form;
436  }
437 
441  protected function adjustRoleObject(): void
442  {
443  $this->checkPermission('write');
444 
445  $roles = $this->initRolesFromPOST();
446  $source = $this->initCopySourceFromGET();
447 
448  $form = $this->initCopyBehaviourForm();
449  if (!$form->checkInput()) {
450  $form->setValuesByPost();
451  $this->chooseCopyBehaviourObject($form);
452  return;
453  }
454 
455  $adjustment_type = $form->getInput('type');
456  foreach ((array) $roles as $role_id) {
457  if ($role_id !== $source) {
458  $start_obj = $this->rbac_review->getRoleFolderOfRole($role_id);
459  $this->logger->debug('Start object: ' . $start_obj);
460 
461  switch ($adjustment_type) {
462  case self::COPY_ADD_PERMISSIONS:
463  $change_existing = (bool) $form->getInput('add_ce_type');
464  $this->doAddRolePermissions(
465  $source,
466  $role_id
467  );
468  if ($change_existing) {
469  $this->doChangeExistingObjects(
470  $start_obj,
471  $role_id,
472  \ilObjRole::MODE_ADD_OPERATIONS,
473  $source
474  );
475  }
476  break;
477  case self::COPY_CLONE_PERMISSIONS:
478  $change_existing = (bool) $form->getInput('clone_ce_type');
479  $this->doCopyRole(
480  $source,
481  $role_id
482  );
483  if ($change_existing) {
484  $this->doChangeExistingObjects(
485  $start_obj,
486  $role_id,
487  \ilObjRole::MODE_READ_OPERATIONS,
488  $source
489  );
490  }
491  break;
492  case self::COPY_REMOVE_PERMISSIONS:
493  $change_existing = (bool) $form->getInput('remove_ce_type');
494  $this->doRemoveRolePermissions(
495  $source,
496  $role_id
497  );
498  if ($change_existing) {
499  $this->doChangeExistingObjects(
500  $start_obj,
501  $role_id,
502  \ilObjRole::MODE_REMOVE_OPERATIONS,
503  $source
504  );
505  }
506  break;
507  }
508  }
509 
510  $this->tpl->setOnScreenMessage('success', $this->lng->txt('rbac_copy_finished'), true);
511  $this->ctrl->redirect($this, 'view');
512  }
513  }
514 
518  protected function doAddRolePermissions(int $source, int $target): void
519  {
520  $source_definition = $this->rbac_review->getRoleFolderOfRole($source);
521  $this->rbacadmin->copyRolePermissionUnion(
522  $source,
523  $source_definition,
524  $target,
525  $this->rbac_review->getRoleFolderOfRole($target),
526  $target,
527  $this->rbac_review->getRoleFolderOfRole($target)
528  );
529  }
530 
534  protected function removeRolePermissionsObject(): void
535  {
536  // Finally copy role/rolt
537  $roles = $this->initRolesFromPOST();
538  $source = $this->initCopySourceFromGET();
539 
540  $form = $this->initCopyBehaviourForm();
541  if ($form->checkInput()) {
542  foreach ((array) $roles as $role_id) {
543  if ($role_id !== $source) {
544  $this->doRemoveRolePermissions($source, $role_id);
545  }
546  }
547  $this->tpl->setOnScreenMessage('success', $this->lng->txt('rbac_copy_finished'), true);
548  $this->ctrl->redirect($this, 'view');
549  }
550  }
551 
555  protected function doRemoveRolePermissions(int $source, int $target): void
556  {
557  $this->logger->debug('Remove permission source: ' . $source);
558  $this->logger->debug('Remove permission target: ' . $target);
559  $source_obj = $this->rbac_review->getRoleFolderOfRole($source);
560  $this->rbacadmin->copyRolePermissionSubtract(
561  $source,
562  $source_obj,
563  $target,
564  $this->rbac_review->getRoleFolderOfRole($target)
565  );
566  }
567 
571  protected function doCopyRole(int $source, int $target): void
572  {
573  $target_obj = $this->rbac_review->getRoleFolderOfRole($target);
574  $source_obj = $this->rbac_review->getRoleFolderOfRole($source);
575  // Copy role template permissions
576  $this->rbacadmin->copyRoleTemplatePermissions(
577  $source,
578  $source_obj,
579  $target_obj,
580  $target
581  );
582  }
583 
587  protected function doChangeExistingObjects(
588  int $a_start_obj,
589  int $a_target_role,
590  int $a_operation_mode,
591  int $a_source_role
592  ): void {
593  if (!$a_start_obj) {
594  $this->logger->warning('Missing parameter start object.');
595  $this->logger->logStack(\ilLogLevel::WARNING);
596  throw new InvalidArgumentException('Missing parameter: start object');
597  }
598  // the mode is unchanged and read out from the target object
599  $target_ref_id = $this->rbac_review->getRoleFolderOfRole($a_target_role);
600  if ($this->rbac_review->isProtected($target_ref_id, $a_target_role)) {
601  $mode = \ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES;
602  } else {
603  $mode = \ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES;
604  }
605  $operation_stack = [];
606  if ($a_operation_mode !== \ilObjRole::MODE_READ_OPERATIONS) {
607  $operation_stack[] = $this->rbac_review->getAllOperationsOfRole($a_source_role, $this->ref_id);
608  }
609  $this->logger->debug('Current operation stack');
610  $this->logger->dump($operation_stack, ilLogLevel::DEBUG);
611 
612  $role = new ilObjRole($a_target_role);
613  $role->changeExistingObjects(
614  $a_start_obj,
615  $mode,
616  ['all'],
617  [],
618  $a_operation_mode,
619  $operation_stack
620  );
621  }
622 
626  protected function applyFilterObject(): void
627  {
628  $table = new ilRoleTableGUI($this, 'view');
629  $table->init();
630  $table->resetOffset();
631  $table->writeFilterToSession();
632 
633  $this->viewObject();
634  }
635 
639  public function resetFilterObject(): void
640  {
641  $table = new ilRoleTableGUI($this, 'view');
642  $table->init();
643  $table->resetOffset();
644  $table->resetFilter();
645 
646  $this->viewObject();
647  }
648 
652  protected function confirmDeleteObject(): void
653  {
654  $roles = $this->initRolesFromPOST();
655  if ($roles === []) {
656  $this->tpl->setOnScreenMessage('failure', $this->lng->txt('select_one'), true);
657  $this->ctrl->redirect($this, 'view');
658  }
659 
660  $question = $this->lng->txt('rbac_role_delete_qst');
661 
662  $confirm = new ilConfirmationGUI();
663  $confirm->setHeaderText($question);
664  $confirm->setFormAction($this->ctrl->getFormAction($this));
665  $confirm->setHeaderText($this->lng->txt("info_delete_sure"));
666  $confirm->setConfirm($this->lng->txt('delete'), 'deleteRole');
667  $confirm->setCancel($this->lng->txt('cancel'), 'cancel');
668 
669  foreach ($roles as $role_id) {
670  $confirm->addItem(
671  'roles[]',
672  (string) $role_id,
673  ilObjRole::_getTranslation(ilObject::_lookupTitle($role_id))
674  );
675  }
676  $this->tpl->setContent($confirm->getHTML());
677  }
678 
682  protected function deleteRoleObject(): void
683  {
684  if (!$this->rbac_system->checkAccess('delete', $this->object->getRefId())) {
685  $this->error->raiseError(
686  $this->lng->txt('msg_no_perm_delete'),
687  $this->error->MESSAGE
688  );
689  }
690 
691  foreach ($this->initRolesFromPOST() as $id) {
692  // instatiate correct object class (role or rolt)
693  $obj = ilObjectFactory::getInstanceByObjId($id, false);
694 
695  if ($obj->getType() == "role") {
696  $rolf_arr = $this->rbac_review->getFoldersAssignedToRole($obj->getId(), true);
697  $obj->setParent($rolf_arr[0]);
698  }
699 
700  $obj->delete();
701  }
702 
703  // set correct return location if rolefolder is removed
704  $this->tpl->setOnScreenMessage('success', $this->lng->txt("msg_deleted_roles_rolts"), true);
705  $this->ctrl->redirect($this, 'view');
706  }
707 
714  public function getAdminTabs(): void
715  {
716  if ($this->checkPermissionBool("visible,read")) {
717  $this->tabs_gui->addTarget(
718  "view",
719  $this->ctrl->getLinkTarget($this, "view"),
720  ["", "view"],
721  get_class($this)
722  );
723 
724  $this->tabs_gui->addTarget(
725  "settings",
726  $this->ctrl->getLinkTarget($this, "editSettings"),
727  ["editSettings"],
728  get_class($this)
729  );
730  }
731 
732  if ($this->checkPermissionBool("edit_permission")) {
733  $this->tabs_gui->addTarget(
734  "perm_settings",
735  $this->ctrl->getLinkTargetByClass(
736  [get_class($this), 'ilpermissiongui'],
737  "perm"
738  ),
739  "",
740  "ilpermissiongui"
741  );
742  }
743  }
744 
745  public function editSettingsObject(ilPropertyFormGUI $a_form = null): void
746  {
747  if ($a_form === null) {
748  $a_form = $this->initSettingsForm();
749  }
750 
751  $this->tpl->setContent($a_form->getHTML());
752  }
753 
754  public function saveSettingsObject(): void
755  {
756  global $DIC;
757 
758  $user = $DIC->user();
759 
760  if (!$this->checkPermissionBool("write")) {
761  $this->error->raiseError($this->lng->txt('permission_denied'), $this->error->MESSAGE);
762  }
763 
764  $form = $this->initSettingsForm();
765  if ($form->checkInput()) {
766  $privacy = ilPrivacySettings::getInstance();
767  $privacy->enableRbacLog((bool) $form->getInput('rbac_log'));
768  $privacy->setRbacLogAge((int) $form->getInput('rbac_log_age'));
769  $privacy->save();
770 
771  if ($this->rbac_review->isAssigned($user->getId(), SYSTEM_ROLE_ID)) {
772  $security = ilSecuritySettings::_getInstance();
773  $security->protectedAdminRole((bool) $form->getInput('admin_role'));
774  $security->save();
775  }
776  $this->tpl->setOnScreenMessage('success', $this->lng->txt("settings_saved"), true);
777  $this->ctrl->redirect($this, "editSettings");
778  }
779 
780  $form->setValuesByPost();
781  $this->editSettingsObject($form);
782  }
783 
784  protected function initSettingsForm(): ilPropertyFormGUI
785  {
786  global $DIC;
787 
788  $user = $DIC->user();
789 
790  $this->lng->loadLanguageModule('ps');
791 
792  $privacy = ilPrivacySettings::getInstance();
793  $security = ilSecuritySettings::_getInstance();
794 
795  $form = new ilPropertyFormGUI();
796  $form->setFormAction($this->ctrl->getFormAction($this, "saveSettings"));
797  $form->setTitle($this->lng->txt('settings'));
798 
799  // protected admin
800  $admin = new ilCheckboxInputGUI($GLOBALS['DIC']['lng']->txt('adm_adm_role_protect'), 'admin_role');
801  $admin->setDisabled(!$this->rbac_review->isAssigned($user->getId(), SYSTEM_ROLE_ID));
802  $admin->setInfo($this->lng->txt('adm_adm_role_protect_info'));
803  $admin->setChecked($security->isAdminRoleProtected());
804  $admin->setValue((string) 1);
805  $form->addItem($admin);
806 
807  $check = new ilCheckboxInputGui($this->lng->txt('rbac_log'), 'rbac_log');
808  $check->setInfo($this->lng->txt('rbac_log_info'));
809  $check->setChecked($privacy->enabledRbacLog());
810  $form->addItem($check);
811 
812  $age = new ilNumberInputGUI($this->lng->txt('rbac_log_age'), 'rbac_log_age');
813  $age->setInfo($this->lng->txt('rbac_log_age_info'));
814  $age->setValue((string) $privacy->getRbacLogAge());
815  $age->setMinValue(1);
816  $age->setMaxValue(24);
817  $age->setSize(2);
818  $age->setMaxLength(2);
819  $check->addSubItem($age);
820 
821  $form->addCommandButton('saveSettings', $this->lng->txt('save'));
822 
823  return $form;
824  }
825 
826  public function addToExternalSettingsForm(int $a_form_id): array
827  {
828  switch ($a_form_id) {
829  case ilAdministrationSettingsFormHandler::FORM_SECURITY:
830 
831  $security = ilSecuritySettings::_getInstance();
832 
833  $fields = ['adm_adm_role_protect' => [$security->isAdminRoleProtected(),
834  ilAdministrationSettingsFormHandler::VALUE_BOOL
835  ]
836  ];
837 
838  return [["editSettings", $fields]];
839 
840  case ilAdministrationSettingsFormHandler::FORM_PRIVACY:
841 
842  $privacy = ilPrivacySettings::getInstance();
843 
844  $subitems = null;
845  if ($privacy->enabledRbacLog()) {
846  $subitems = ['rbac_log_age' => $privacy->getRbacLogAge()];
847  }
848  $fields = ['rbac_log' => [$privacy->enabledRbacLog(),
849  ilAdministrationSettingsFormHandler::VALUE_BOOL,
850  $subitems
851  ]
852  ];
853 
854  return [["editSettings", $fields]];
855  }
856  return [];
857  }
858 } // END class.ilObjRoleFolderGUI
ilObjRole
Class ilObjRole.
Definition: class.ilObjRole.php:26
ILIAS\HTTP\GlobalHttpState
Interface GlobalHttpState.
Definition: GlobalHttpState.php:42
ilSession\get
static get(string $a_var)
Definition: class.ilSession.php:465
ilObjRoleFolderGUI\editSettingsObject
editSettingsObject(ilPropertyFormGUI $a_form=null)
Definition: class.ilObjRoleFolderGUI.php:745
ilObjRoleFolderGUI\confirmDeleteObject
confirmDeleteObject()
Confirm deletion of roles.
Definition: class.ilObjRoleFolderGUI.php:652
ilObjectGUI\prepareOutput
prepareOutput(bool $show_sub_objects=true)
Definition: class.ilObjectGUI.php:297
SYSTEM_ROLE_ID
const SYSTEM_ROLE_ID
Definition: constants.php:29
ilObjRoleFolderGUI\getAdminTabs
getAdminTabs()
Add role folder tabs.
Definition: class.ilObjRoleFolderGUI.php:714
ilObjRoleFolderGUI\__construct
__construct($a_data, int $a_id, bool $a_call_by_reference)
Constructor public.
Definition: class.ilObjRoleFolderGUI.php:50
ilObjRoleFolderGUI\addToExternalSettingsForm
addToExternalSettingsForm(int $a_form_id)
Definition: class.ilObjRoleFolderGUI.php:826
ilObjRole\MODE_REMOVE_OPERATIONS
const MODE_REMOVE_OPERATIONS
Definition: class.ilObjRole.php:35
ilObjRoleFolderGUI
Class ilObjRoleFolderGUI.
Definition: class.ilObjRoleFolderGUI.php:32
ilRoleTableGUI
TableGUI for the presentation og roles and role templates.
Definition: class.ilRoleTableGUI.php:26
ilObjRole\MODE_PROTECTED_KEEP_LOCAL_POLICIES
const MODE_PROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:29
ilObjRole\MODE_READ_OPERATIONS
const MODE_READ_OPERATIONS
Definition: class.ilObjRole.php:34
$DIC
global $DIC
Definition: feed.php:28
ilObjRoleFolderGUI\doRemoveRolePermissions
doRemoveRolePermissions(int $source, int $target)
do add role permission
Definition: class.ilObjRoleFolderGUI.php:555
ilHiddenInputGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilHiddenInputGUI.php:26
ILIAS\FileDelivery\http
static http()
Fetches the global http state from ILIAS.
Definition: HttpServiceAware.php:54
ILIAS\MetaData\Repository\Validation\Data\__construct
__construct(VocabulariesInterface $vocabularies)
Definition: VocabularyBridge.php:31
ilObject\_lookupTitle
static _lookupTitle(int $obj_id)
Definition: class.ilObject.php:834
$GLOBALS
$GLOBALS["DIC"]
Definition: wac.php:31
ilObjRole\_getTranslation
static _getTranslation(string $a_role_title)
Definition: class.ilObjRole.php:364
ilObjectGUI
Class ilObjectGUI Basic methods of all Output classes.
Definition: class.ilObjectGUI.php:38
ilObjRoleFolderGUI\initRoleSearchForm
initRoleSearchForm()
Init role search form.
Definition: class.ilObjRoleFolderGUI.php:229
ilObjRoleFolderGUI\removeRolePermissionsObject
removeRolePermissionsObject()
Remove role permissions.
Definition: class.ilObjRoleFolderGUI.php:534
ilObjRoleFolderGUI\applyFilterObject
applyFilterObject()
Apply role filter.
Definition: class.ilObjRoleFolderGUI.php:626
ilObjRoleFolderGUI\doCopyRole
doCopyRole(int $source, int $target)
Perform copy of role.
Definition: class.ilObjRoleFolderGUI.php:571
ilObjectGUI\checkPermissionBool
checkPermissionBool(string $perm, string $cmd="", string $type="", ?int $ref_id=null)
Definition: class.ilObjectGUI.php:1713
ilObjRole\MODE_ADD_OPERATIONS
const MODE_ADD_OPERATIONS
Definition: class.ilObjRole.php:33
ilObjRoleFolderGUI\resetFilterObject
resetFilterObject()
Reset role filter.
Definition: class.ilObjRoleFolderGUI.php:639
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId(?int $obj_id, bool $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:84
ilObjRoleFolderGUI\chooseCopyBehaviourObject
chooseCopyBehaviourObject(?ilPropertyFormGUI $form=null)
Choose option for copying roles/role templates.
Definition: class.ilObjRoleFolderGUI.php:302
ilObjRole\MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:31
ilObjRoleFolderGUI\doAddRolePermissions
doAddRolePermissions(int $source, int $target)
do add role permission
Definition: class.ilObjRoleFolderGUI.php:518
$check
$check
Definition: buildRTE.php:81
ilPermissionGUI
New PermissionGUI (extends from old ilPermission2GUI) RBAC related output.
Definition: class.ilPermissionGUI.php:34
ilRbacAdmin
Class ilRbacAdmin Core functions for role based access control.
Definition: class.ilRbacAdmin.php:30
ilObjRoleFolderGUI\roleSearchFormObject
roleSearchFormObject()
Parse search query.
Definition: class.ilObjRoleFolderGUI.php:248
ilSecuritySettings\_getInstance
static _getInstance()
Get instance of ilSecuritySettings.
Definition: class.ilSecuritySettings.php:96
ilObjectGUI\checkPermission
checkPermission(string $perm, string $cmd="", string $type="", ?int $ref_id=null)
Definition: class.ilObjectGUI.php:1693
ilSession\set
static set(string $a_var, $a_val)
Set a value.
Definition: class.ilSession.php:457
ilObjRoleFolderGUI\doChangeExistingObjects
doChangeExistingObjects(int $a_start_obj, int $a_target_role, int $a_operation_mode, int $a_source_role)
Do change existing objects.
Definition: class.ilObjRoleFolderGUI.php:587
ilObjRoleFolderGUI\initCopyBehaviourForm
initCopyBehaviourForm()
Show copy behaviour form.
Definition: class.ilObjRoleFolderGUI.php:321
ilObjRoleFolderGUI\roleSearchObject
roleSearchObject()
Search target roles.
Definition: class.ilObjRoleFolderGUI.php:201