19 declare(strict_types=1);
37 'ignore_for_authoring_objects' =>
true,
39 self::RBAC_OP_VISIBLE,
47 self::RBAC_OP_VISIBLE,
52 self::RBAC_OP_EDIT_PERMISSIONS,
63 self::RBAC_OP_VISIBLE,
74 'ignore_for_authoring_objects' =>
true,
76 self::RBAC_OP_VISIBLE,
82 self::RBAC_OP_VISIBLE,
87 self::RBAC_OP_EDIT_PERMISSIONS,
96 'ignore_for_authoring_objects' =>
true,
98 self::RBAC_OP_VISIBLE,
104 self::RBAC_OP_VISIBLE,
107 self::RBAC_OP_DELETE,
109 self::RBAC_OP_EDIT_PERMISSIONS,
119 'Local Administrator' => [
121 self::RBAC_OP_VISIBLE,
122 self::RBAC_OP_DELETE,
123 self::RBAC_OP_EDIT_PERMISSIONS,
138 bool $has_learning_progress =
false,
139 bool $used_for_authoring =
false 148 return hash(
"sha256", self::class);
153 return "Apply initial permission guideline";
171 $client_ini = $environment->
getResource(
Setup\Environment::RESOURCE_CLIENT_INI);
172 $db = $environment->
getResource(Environment::RESOURCE_DATABASE);
174 $role_folder_id = (
int) $client_ini->readVariable(
"system",
"ROLE_FOLDER_ID");
176 $learning_progress_permissions = [];
177 if ($this->has_learning_progress) {
178 $learning_progress_permissions = array_filter([
185 foreach ($this->initial_permission_definition as $role_type => $roles) {
186 foreach ($roles as $role_title => $definition) {
188 $this->used_for_authoring &&
189 array_key_exists(
'ignore_for_authoring_objects', $definition) &&
190 $definition[
'ignore_for_authoring_objects']
195 if (array_key_exists(
'id', $definition) && is_numeric($definition[
'id'])) {
197 $query =
"SELECT obj_id FROM object_data WHERE type = %s AND obj_id = %s";
198 $query_types = [
'text',
'integer'];
199 $query_values = [$role_type, $definition[
'id']];
201 $query =
"SELECT obj_id FROM object_data WHERE type = %s AND title = %s";
202 $query_types = [
'text',
'text'];
203 $query_values = [$role_type, $role_title];
206 $res = $db->queryF($query, $query_types, $query_values);
207 if (1 == $db->numRows(
$res)) {
208 $row = $db->fetchAssoc(
$res);
209 $role_id = (
int) $row[
'obj_id'];
213 if (array_key_exists(
'object', $definition) && is_array($definition[
'object'])) {
214 $operation_ids = array_merge($operation_ids, $definition[
'object']);
217 if (array_key_exists(
'lp', $definition) && $definition[
'lp']) {
218 $operation_ids = array_merge($operation_ids, $learning_progress_permissions);
221 foreach (array_filter(
array_map(
'intval', $operation_ids)) as $ops_id) {
222 if ($ops_id == self::RBAC_OP_COPY) {
229 'rol_id' => [
'integer', $role_id],
230 'type' => [
'text', $this->object_type],
231 'ops_id' => [
'integer', $ops_id],
232 'parent' => [
'integer', $role_folder_id]
238 if (array_key_exists(
'create', $definition) && is_array($definition[
'create'])) {
239 foreach ($definition[
'create'] as $container_object_type) {
241 if ($ops_id == self::RBAC_OP_COPY) {
248 'rol_id' => [
'integer', $role_id],
249 'type' => [
'text', $container_object_type],
250 'ops_id' => [
'integer', $ops_id],
251 'parent' => [
'integer', $role_folder_id]
269 throw new Exception(
"Something went wrong, there MUST be valid id for object_type " . $this->object_type);
274 "Something went wrong, missing CREATE operation id for object type " . $this->object_type
bool $has_learning_progress
static _getCustomRBACOperationId(string $operation, ?\ilDBInterface $ilDB=null)
__construct(string $object_type, bool $has_learning_progress=false, bool $used_for_authoring=false)
isApplicable(Environment $environment)
const RBAC_OP_EDIT_PERMISSIONS
array string $object_type
getPreconditions(Environment $environment)
achieve(Environment $environment)
getResource(string $id)
Consumers of this method should check if the result is what they expect, e.g.
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
array $initial_permission_definition
An environment holds resources to be used in the setup process.
static _getObjectTypeIdByTitle(string $type, ?\ilDBInterface $ilDB=null)
1.8.13 (using Doxyfile)
