ILIAS  trunk Revision v11.0_alpha-3011-gc6b235a2e85
class.ilLocalUserGUI.php
Go to the documentation of this file.
1<?php
2
19declare(strict_types=1);
20
26class ilLocalUserGUI
27{
28 private ilObjectGUI $parentGui;
29 private ilTabsGUI $tabsGui;
30 private ilPropertyFormGUI $form;
31 private ilToolbarGUI $toolbar;
32 private ilCtrl $ctrl;
33 private ilGlobalTemplateInterface $tpl;
35 private $object;
36 private ilLanguage $lng;
37 private ilAccessHandler $access;
38 private ilRbacSystem $rbacSystem;
39 private ilRbacReview $rbacReview;
40 private ilRbacAdmin $rbacAdmin;
41 private ilObjUser $user;
42 private \ILIAS\DI\LoggingServices $logger;
43 protected \ILIAS\UI\Factory $ui_factory;
44 protected \ILIAS\HTTP\Wrapper\RequestWrapper $query_wrapper;
45 protected \ILIAS\Refinery\Factory $refinery;
46 private bool $set_unlimited;
47
48 public function __construct(ilObjectGUI $parentGui)
49 {
50 global $DIC;
51
52 $this->parentGui = $parentGui;
53 $this->object = $parentGui->getObject();
54 $this->tpl = $DIC->ui()->mainTemplate();
55 $this->ctrl = $DIC->ctrl();
56 $this->toolbar = $DIC->toolbar();
57 $this->lng = $DIC->language();
58 $this->rbacSystem = $DIC->rbac()->system();
59 $this->rbacReview = $DIC->rbac()->review();
60 $this->rbacAdmin = $DIC->rbac()->admin();
61 $this->user = $DIC->user();
62 $this->access = $DIC->access();
63 $this->tabsGui = $DIC->tabs();
64 $this->logger = $DIC->logger();
65 $this->ui_factory = $DIC['ui.factory'];
66 $this->refinery = $DIC['refinery'];
67 $this->query_wrapper = $DIC['http']->wrapper()->query();
68
69 $this->lng->loadLanguageModule('user');
70 if (!$this->rbacSystem->checkAccess("cat_administrate_users", $this->parentGui->getObject()->getRefId())) {
71 $this->tpl->setOnScreenMessage('failure', $this->lng->txt("msg_no_perm_admin_users"), true);
72 }
73 }
74
75 public function getRefId()
76 {
77 return $this->getIntFromQuery('ref_id');
78 }
79 protected function getObjId()
80 {
81 return $this->getIntFromQuery('obj_id');
82 }
83
84 protected function getIntFromQuery(string $var): ?int
85 {
86 return $this->query_wrapper->retrieve(
87 $var,
88 $this->refinery->kindlyTo()->int()
89 );
90 }
91
92 public function executeCommand(): bool
93 {
94 $cmd = $this->ctrl->getCmd();
95 switch ($cmd) {
96 case "assignRoles":
97 case "assignSave":
98 $this->tabsGui->clearTargets();
99 $this->tabsGui->setBackTarget(
100 $this->lng->txt("back"),
101 $this->ctrl->getLinkTargetByClass("illocalusergui", 'index')
102 );
103 $this->$cmd();
104 break;
105 default:
106 $this->$cmd();
107 break;
108 }
109
110 return true;
111 }
112 public function getObject(): ilObjOrgUnit
113 {
114 return $this->object;
115 }
116
117 protected function resetFilter(): void
118 {
119 $table = new ilUserTableGUI($this, "index", ilUserTableGUI::MODE_LOCAL_USER);
120 $table->resetOffset();
121 $table->resetFilter();
122 $this->index();
123 }
124
125 protected function applyFilter(): void
126 {
127 $table = new ilUserTableGUI($this, "index", ilUserTableGUI::MODE_LOCAL_USER);
128 $table->resetOffset();
129 $table->writeFilterToSession();
130 $this->index();
131 }
132
133 public function index(bool $show_delete = false): bool
134 {
135 $this->tpl->addBlockfile(
136 'ADM_CONTENT',
137 'adm_content',
138 'tpl.cat_admin_users.html',
139 "components/ILIAS/Category"
140 );
141 if (count($this->rbacReview->getGlobalAssignableRoles())
142 or in_array(SYSTEM_ROLE_ID, $this->rbacReview->assignedRoles($this->user->getId()))
143 ) {
144 $this->toolbar->addComponent(
145 $this->ui_factory->link()->standard(
146 $this->lng->txt('add_user'),
147 $this->ctrl->getLinkTargetByClass("ilobjusergui", "create")
148 )
149 );
150 $this->toolbar->addComponent(
151 $this->ui_factory->link()->standard(
152 $this->lng->txt('import_users'),
153 $this->ctrl->getLinkTargetByClass("ilobjuserfoldergui", "importUserForm")
154 )
155 );
156 } else {
157 $this->tpl->setOnScreenMessage('info', $this->lng->txt('no_roles_user_can_be_assigned_to'));
158 }
159 if ($show_delete) {
160 $this->tpl->setCurrentBlock("confirm_delete");
161 $this->tpl->setVariable("CONFIRM_FORMACTION", $this->ctrl->getFormAction($this));
162 $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt('cancel'));
163 $this->tpl->setVariable("CONFIRM_CMD", 'performDeleteUsers');
164 $this->tpl->setVariable("TXT_CONFIRM", $this->lng->txt('delete'));
165 $this->tpl->parseCurrentBlock();
166 }
167 $table = new ilUserTableGUI($this, 'index', ilUserTableGUI::MODE_LOCAL_USER);
168 $this->tpl->setVariable('USERS_TABLE', $table->getHTML());
169
170 return true;
171 }
172
173 protected function addUserAutoCompleteObject(): void
174 {
175 $auto = new ilUserAutoComplete();
176 $auto->setSearchFields(array('login', 'firstname', 'lastname', 'email'));
177 $auto->enableFieldSearchableCheck(true);
178 $auto->setMoreLinkAvailable(true);
179
180 if (($_REQUEST['fetchall'])) {
181 $auto->setLimit(ilUserAutoComplete::MAX_ENTRIES);
182 }
183
184 echo $auto->getList($_REQUEST['term']);
185 exit();
186 }
187
188 public function performDeleteUsers(): bool
189 {
190 $this->checkPermission("cat_administrate_users");
191 foreach ($_POST['user_ids'] as $user_id) {
192 if (!in_array($user_id, ilLocalUser::_getAllUserIds($this->getRefId()))) {
193 $this->logger->write(__FILE__ . ":" . __LINE__ . " User with id $user_id could not be found.");
194 $this->tpl->setOnScreenMessage('failure', $this->lng->txt('user_not_found_to_delete'));
195 }
196 if (!$tmp_obj = ilObjectFactory::getInstanceByObjId((int) $user_id, false)) {
197 continue;
198 }
199 $tmp_obj->delete();
200 }
201 $this->tpl->setOnScreenMessage('success', $this->lng->txt('deleted_users'), true);
202 $this->ctrl->redirect($this, 'index');
203
204 return true;
205 }
206
207 public function deleteUsers(): void
208 {
209 $this->checkPermission("cat_administrate_users");
210 if (!count($_POST['id'])) {
211 $this->tpl->setOnScreenMessage('failure', $this->lng->txt('no_users_selected'));
212 $this->index();
213 return;
214 }
215 $confirm = new ilConfirmationGUI();
216 $confirm->setFormAction($this->ctrl->getFormAction($this));
217 $confirm->setHeaderText($this->lng->txt('sure_delete_selected_users'));
218 $confirm->setConfirm($this->lng->txt('delete'), 'performDeleteUsers');
219 $confirm->setCancel($this->lng->txt('cancel'), 'index');
220 foreach ($_POST['id'] as $user) {
221 $name = ilObjUser::_lookupName((int) $user);
222 $confirm->addItem(
223 'user_ids[]',
224 $user,
225 $name['lastname'] . ', ' . $name['firstname'] . ' [' . $name['login'] . ']'
226 );
227 }
228 $this->tpl->setContent($confirm->getHTML());
229 }
230
231
237 public function assignRoles(): void
238 {
239 if (!$this->access->checkAccess("cat_administrate_users", "", $this->getRefId())) {
240 $this->tpl->setOnScreenMessage('failure', $this->lng->txt("permission_denied"), true);
241 $this->ctrl->redirect($this, "");
242 }
243
244 if (!$this->getObjId()) {
245 $this->tpl->setOnScreenMessage('failure', 'no_user_selected');
246 $this->index();
247 return;
248 }
249 $roles = $this->getAssignableRoles();
250 $this->tpl->addBlockfile(
251 'ADM_CONTENT',
252 'adm_content',
253 'tpl.cat_role_assignment.html',
254 "components/ILIAS/Category"
255 );
256 $ass_roles = $this->rbacReview->assignedRoles($this->getObjId());
257 $counter = 0;
258 $f_result = [];
259 foreach ($roles as $role) {
260 $role_obj = ilObjectFactory::getInstanceByObjId($role['obj_id']);
261 $disabled = false;
262 $f_result[$counter][] = ilLegacyFormElementsUtil::formCheckbox(
263 in_array($role['obj_id'], $ass_roles) ? true : false,
264 'role_ids[]',
265 (string) $role['obj_id'],
266 $disabled
267 );
268 $f_result[$counter][] = $role_obj->getTitle();
269 $f_result[$counter][] = $role_obj->getDescription() ? $role_obj->getDescription() : '';
270 $f_result[$counter][] = (isset($role['role_type']) && $role['role_type'] == 'global')
271 ?
272 $this->lng->txt('global')
273 :
274 $this->lng->txt('local');
275 unset($role_obj);
276 ++$counter;
277 }
278 $this->showRolesTable($f_result, "assignRolesObject");
279 }
280
281 public function assignSave(): bool
282 {
283 if (!$this->access->checkAccess("cat_administrate_users", "", $this->getRefId())) {
284 $this->tpl->setOnScreenMessage('failure', $this->lng->txt("permission_denied"), true);
285 $this->ctrl->redirect($this, "");
286 }
287 // check hack
288 if (!$this->getObjId() or !in_array($this->getObjId(), ilLocalUser::_getAllUserIds())) {
289 $this->tpl->setOnScreenMessage('failure', 'no_user_selected');
290 $this->index();
291
292 return true;
293 }
294 $roles = $this->getAssignableRoles();
295 // check minimum one global role
296 if (!$this->checkGlobalRoles($_POST['role_ids'])) {
297 $this->tpl->setOnScreenMessage('failure', $this->lng->txt('no_global_role_left'));
298 $this->assignRoles();
299
300 return false;
301 }
302 $new_role_ids = $_POST['role_ids'] ? $_POST['role_ids'] : array();
303 $assigned_roles = $this->rbacReview->assignedRoles($this->getObjId());
304 foreach ($roles as $role) {
305 if (in_array($role['obj_id'], $new_role_ids) and !in_array($role['obj_id'], $assigned_roles)) {
306 $this->rbacAdmin->assignUser($role['obj_id'], $this->getObjId());
307 }
308 if (in_array($role['obj_id'], $assigned_roles) and !in_array($role['obj_id'], $new_role_ids)) {
309 $this->rbacAdmin->deassignUser($role['obj_id'], $this->getObjId());
310 }
311 }
312 $this->tpl->setOnScreenMessage('success', $this->lng->txt('role_assignment_updated'));
313 $this->assignRoles();
314
315 return true;
316 }
317
318 public function checkGlobalRoles($new_assigned): bool
319 {
320 if (!$this->access->checkAccess("cat_administrate_users", "", $this->getRefId())) {
321 $this->tpl->setOnScreenMessage('failure', $this->lng->txt("permission_denied"), true);
322 $this->ctrl->redirect($this, "");
323 }
324 // return true if it's not a local user
325 $tmp_obj = ilObjectFactory::getInstanceByObjId($this->getObjId());
326 if ($tmp_obj->getTimeLimitOwner() != $this->object->getRefId() and
327 !in_array(SYSTEM_ROLE_ID, $this->rbacReview->assignedRoles($this->user->getId()))
328 ) {
329 return true;
330 }
331 // new assignment by form
332 $new_assigned = $new_assigned ? $new_assigned : array();
333 $assigned = $this->rbacReview->assignedRoles((int) $this->getObjId());
334 // all assignable globals
335 if (!in_array(SYSTEM_ROLE_ID, $this->rbacReview->assignedRoles($this->user->getId()))) {
336 $ga = $this->rbacReview->getGlobalAssignableRoles();
337 } else {
338 $ga = $this->rbacReview->getGlobalRolesArray();
339 }
340 $global_assignable = array();
341 foreach ($ga as $role) {
342 $global_assignable[] = $role['obj_id'];
343 }
344 $new_visible_assigned_roles = array_intersect($new_assigned, $global_assignable);
345 $all_assigned_roles = array_intersect($assigned, $this->rbacReview->getGlobalRoles());
346 $main_assigned_roles = array_diff($all_assigned_roles, $global_assignable);
347 if (!count($new_visible_assigned_roles) and !count($main_assigned_roles)) {
348 return false;
349 }
350
351 return true;
352 }
353
354
359 public function getAssignableRoles(): array
360 {
361 // check local user
362 $tmp_obj = ilObjectFactory::getInstanceByObjId($this->getObjId());
363 // Admin => all roles
364 if (in_array(SYSTEM_ROLE_ID, $this->rbacReview->assignedRoles($this->user->getId())) === true) {
365 $global_roles = $this->rbacReview->getGlobalRolesArray();
366 } elseif ($tmp_obj->getTimeLimitOwner() == $this->object->getRefId()) {
367 $global_roles = $this->rbacReview->getGlobalAssignableRoles();
368 } else {
369 $global_roles = array();
370 }
371
372 return array_merge($global_roles, $this->rbacReview->getAssignableChildRoles($this->object->getRefId()));
373 }
374
375
382 public function showRolesTable($a_result_set, $a_from = ""): bool
383 {
384 if ($this->access->checkAccess("cat_administrate_users", "", $this->getRefId()) === false) {
385 $this->tpl->setOnScreenMessage('failure', $this->lng->txt("permission_denied"), true);
386 $this->ctrl->redirect($this, "");
387 }
388 $tbl = $this->initTableGUI();
389 $tpl = $tbl->getTemplateObject();
390 // SET FORMAACTION
391 $tpl->setCurrentBlock("tbl_form_header");
392 $this->ctrl->setParameter($this, 'obj_id', $this->getObjId());
393 $tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
394 $tpl->parseCurrentBlock();
395 // SET FOOTER BUTTONS
396 $tpl->setVariable("IMG_ARROW", ilUtil::getImagePath("nav/arrow_downright.svg"));
397 $tpl->setVariable("BTN_NAME", "assignSave");
398 $tpl->setVariable("BTN_VALUE", $this->lng->txt("change_assignment"));
399 $tpl->setCurrentBlock("tbl_action_row");
400 $tpl->parseCurrentBlock();
401 $tmp_obj = ilObjectFactory::getInstanceByObjId($this->getObjId());
402 $title = $this->lng->txt('role_assignment') . ' (' . $tmp_obj->getFullname() . ')';
403 $tbl->setTitle($title, "standard/icon_role.svg", $this->lng->txt("role_assignment"));
404 $tbl->setHeaderNames(array(
405 '',
406 $this->lng->txt("title"),
407 $this->lng->txt('description'),
408 $this->lng->txt("type"),
409 ));
410 $tbl->setHeaderVars(array(
411 "",
412 "title",
413 "description",
414 "type",
415 ), (get_class($this->parentGui) == 'ilObjOrgUnitGUI')
416 ? array(
417 "ref_id" => $this->object->getRefId(),
418 "cmd" => "assignRoles",
419 "obj_id" => $this->getObjId(),
420 "cmdNode" => $_GET["cmdNode"],
421 "baseClass" => 'ilAdministrationGUI',
422 "admin_mode" => "settings",
423 )
424 : array(
425 "ref_id" => $this->object->getRefId(),
426 "cmd" => "assignRoles",
427 "obj_id" => $this->getObjId(),
428 "cmdClass" => "ilobjcategorygui",
429 "baseClass" => 'ilRepositoryGUI',
430 "cmdNode" => $_GET["cmdNode"],
431 ));
432 $tbl->setColumnWidth(array("4%", "35%", "45%", "16%"));
433 $this->set_unlimited = true;
434 $this->setTableGUIBasicData($tbl, $a_result_set, $a_from);
435 $tbl->render();
436 $this->tpl->setVariable('OBJECTS', $tbl->getTemplateObject()->get());
437
438 return true;
439 }
440
441 protected function initTableGUI(): ilTableGUI
442 {
443 return new ilTableGUI([], false);
444 }
445
446 protected function setTableGUIBasicData($tbl, &$result_set, string $a_from = ""): void
447 {
448 $r = $this->refinery;
449 $order = $this->query_wrapper->retrieve("sort_by", $r->byTrying([
450 $r->kindlyTo()->string(),
451 $r->always('title')
452 ]));
453 $direction = $this->query_wrapper->retrieve("sort_order", $r->byTrying([
454 $r->kindlyTo()->string(),
455 $r->always('asc')
456 ]));
457 $offset = $this->query_wrapper->retrieve("offset", $r->byTrying([
458 $r->kindlyTo()->int(),
459 $r->always(0)
460 ]));
461 $limit = $this->query_wrapper->retrieve("limit", $r->byTrying([
462 $r->kindlyTo()->int(),
463 $r->always(0)
464 ]));
465
466 if ($a_from == 'clipboardObject') {
467 $tbl->disable("footer");
468 }
469 $tbl->disable("linkbar");
470
471 $tbl->setOrderColumn((string) $order);
472 $tbl->setOrderDirection((string) $direction);
473 $tbl->setOffset((int) $offset);
474 $tbl->setLimit((int) $limit);
475 $tbl->setFooter("tblfooter", $this->lng->txt("previous"), $this->lng->txt("next"));
476 $tbl->setData($result_set);
477 }
478
479 protected function checkPermission(string $permission): void
480 {
481 if (!$this->access->checkAccess($permission, "", $this->getRefId())) {
482 $this->tpl->setOnScreenMessage('failure', $this->lng->txt("permission_denied"), true);
483 $this->ctrl->redirect($this, "");
484 }
485 }
486}
ilConfirmationGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilConfirmationGUI.php:27
ilCtrl
Class ilCtrl provides processing control methods.
Definition: class.ilCtrl.php:36
ilLanguage
language handling
Definition: class.ilLanguage.php:43
ilLegacyFormElementsUtil\formCheckbox
static formCheckbox(bool $checked, string $varname, string $value, bool $disabled=false)
Definition: class.ilLegacyFormElementsUtil.php:255
ilLocalUserGUI
Class ilLocalUserGUI.
Definition: class.ilLocalUserGUI.php:27
ilLocalUserGUI\getIntFromQuery
getIntFromQuery(string $var)
Definition: class.ilLocalUserGUI.php:84
ilLocalUserGUI\setTableGUIBasicData
setTableGUIBasicData($tbl, &$result_set, string $a_from="")
Definition: class.ilLocalUserGUI.php:446
ilLocalUserGUI\showRolesTable
showRolesTable($a_result_set, $a_from="")
Definition: class.ilLocalUserGUI.php:382
ilLocalUserGUI\$logger
ILIAS DI LoggingServices $logger
Definition: class.ilLocalUserGUI.php:42
ilLocalUserGUI\$rbacReview
ilRbacReview $rbacReview
Definition: class.ilLocalUserGUI.php:39
ilLocalUserGUI\$tpl
ilGlobalTemplateInterface $tpl
Definition: class.ilLocalUserGUI.php:33
ilLocalUserGUI\$form
ilPropertyFormGUI $form
Definition: class.ilLocalUserGUI.php:30
ilLocalUserGUI\$rbacSystem
ilRbacSystem $rbacSystem
Definition: class.ilLocalUserGUI.php:38
ilLocalUserGUI\$refinery
ILIAS Refinery Factory $refinery
Definition: class.ilLocalUserGUI.php:45
ilLocalUserGUI\index
index(bool $show_delete=false)
Definition: class.ilLocalUserGUI.php:133
ilLocalUserGUI\$query_wrapper
ILIAS HTTP Wrapper RequestWrapper $query_wrapper
Definition: class.ilLocalUserGUI.php:44
ilLocalUserGUI\__construct
__construct(ilObjectGUI $parentGui)
Definition: class.ilLocalUserGUI.php:48
ilLocalUserGUI\$access
ilAccessHandler $access
Definition: class.ilLocalUserGUI.php:37
ilLocalUserGUI\checkPermission
checkPermission(string $permission)
Definition: class.ilLocalUserGUI.php:479
ilLocalUserGUI\checkGlobalRoles
checkGlobalRoles($new_assigned)
Definition: class.ilLocalUserGUI.php:318
ilLocalUserGUI\$ui_factory
ILIAS UI Factory $ui_factory
Definition: class.ilLocalUserGUI.php:43
ilLocalUser\_getAllUserIds
static _getAllUserIds(int $a_filter=0)
Definition: class.ilLocalUser.php:92
ilObjOrgUnit
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilObjOrgUnit.php:28
ilObjUser
User class.
Definition: class.ilObjUser.php:46
ilObjUser\_lookupName
static _lookupName(int $a_user_id)
Definition: class.ilObjUser.php:2623
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId(?int $obj_id, bool $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:84
ilObjectGUI
Class ilObjectGUI Basic methods of all Output classes.
Definition: class.ilObjectGUI.php:49
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:32
ilRbacAdmin
Class ilRbacAdmin Core functions for role based access control.
Definition: class.ilRbacAdmin.php:32
ilRbacReview
class ilRbacReview Contains Review functions of core Rbac.
Definition: class.ilRbacReview.php:34
ilRbacSystem
class ilRbacSystem system function like checkAccess, addActiveRole ... Supporting system functions ar...
Definition: class.ilRbacSystem.php:34
ilTableGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilTableGUI.php:26
ilTabsGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilTabsGUI.php:26
ilToolbarGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilToolbarGUI.php:28
ilUserAutoComplete
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilUserAutoComplete.php:23
ilUserTableGUI
TableGUI class for user administration.
Definition: class.ilUserTableGUI.php:32
ilUtil\getImagePath
static getImagePath(string $image_name, string $module_path="", string $mode="output", bool $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:68
SYSTEM_ROLE_ID
const SYSTEM_ROLE_ID
Definition: constants.php:29
exit
exit
Definition: dummy_client.php:21
ILIAS\UICore\GlobalTemplate\setVariable
setVariable(string $variable, $value='')
Sets the given variable to the given value.
ILIAS\UICore\GlobalTemplate\parseCurrentBlock
parseCurrentBlock(string $block_name=self::DEFAULT_BLOCK)
Parses the given block.
ILIAS\UICore\GlobalTemplate\setCurrentBlock
setCurrentBlock(string $part=self::DEFAULT_BLOCK)
Sets the template to the given block.
ilAccessHandler
Interface ilAccessHandler This interface combines all available interfaces which can be called via gl...
Definition: interface.ilAccessHandler.php:27
$_GET
$_GET['cmd']
Definition: lti.php:26
$_POST
$_POST['cmd']
Definition: lti.php:27
$DIC
global $DIC
Definition: shib_login.php:26
$counter
$counter
Definition: shib_logout.php:170