ILIAS  trunk Revision v11.0_alpha-3011-gc6b235a2e85
class.ilLocalUserGUI.php
Go to the documentation of this file.
1<?php
2
19declare(strict_types=1);
20
27{
32 private ilCtrl $ctrl;
35 private $object;
42 private \ILIAS\DI\LoggingServices $logger;
43 protected \ILIAS\UI\Factory $ui_factory;
44 protected \ILIAS\HTTP\Wrapper\RequestWrapper $query_wrapper;
45 protected \ILIAS\Refinery\Factory $refinery;
46 private bool $set_unlimited;
47
49 {
50 global $DIC;
51
52 $this->parentGui = $parentGui;
53 $this->object = $parentGui->getObject();
54 $this->tpl = $DIC->ui()->mainTemplate();
55 $this->ctrl = $DIC->ctrl();
56 $this->toolbar = $DIC->toolbar();
57 $this->lng = $DIC->language();
58 $this->rbacSystem = $DIC->rbac()->system();
59 $this->rbacReview = $DIC->rbac()->review();
60 $this->rbacAdmin = $DIC->rbac()->admin();
61 $this->user = $DIC->user();
62 $this->access = $DIC->access();
63 $this->tabsGui = $DIC->tabs();
64 $this->logger = $DIC->logger();
65 $this->ui_factory = $DIC['ui.factory'];
66 $this->refinery = $DIC['refinery'];
67 $this->query_wrapper = $DIC['http']->wrapper()->query();
68
69 $this->lng->loadLanguageModule('user');
70 if (!$this->rbacSystem->checkAccess("cat_administrate_users", $this->parentGui->getObject()->getRefId())) {
71 $this->tpl->setOnScreenMessage('failure', $this->lng->txt("msg_no_perm_admin_users"), true);
72 }
73 }
74
75 public function getRefId()
76 {
77 return $this->getIntFromQuery('ref_id');
78 }
79 protected function getObjId()
80 {
81 return $this->getIntFromQuery('obj_id');
82 }
83
84 protected function getIntFromQuery(string $var): ?int
85 {
86 return $this->query_wrapper->retrieve(
87 $var,
88 $this->refinery->kindlyTo()->int()
89 );
90 }
91
92 public function executeCommand(): bool
93 {
94 $cmd = $this->ctrl->getCmd();
95 switch ($cmd) {
96 case "assignRoles":
97 case "assignSave":
98 $this->tabsGui->clearTargets();
99 $this->tabsGui->setBackTarget(
100 $this->lng->txt("back"),
101 $this->ctrl->getLinkTargetByClass("illocalusergui", 'index')
102 );
103 $this->$cmd();
104 break;
105 default:
106 $this->$cmd();
107 break;
108 }
109
110 return true;
111 }
112 public function getObject(): ilObjOrgUnit
113 {
114 return $this->object;
115 }
116
117 protected function resetFilter(): void
118 {
119 $table = new ilUserTableGUI($this, "index", ilUserTableGUI::MODE_LOCAL_USER);
120 $table->resetOffset();
121 $table->resetFilter();
122 $this->index();
123 }
124
125 protected function applyFilter(): void
126 {
127 $table = new ilUserTableGUI($this, "index", ilUserTableGUI::MODE_LOCAL_USER);
128 $table->resetOffset();
129 $table->writeFilterToSession();
130 $this->index();
131 }
132
133 public function index(bool $show_delete = false): bool
134 {
135 $this->tpl->addBlockfile(
136 'ADM_CONTENT',
137 'adm_content',
138 'tpl.cat_admin_users.html',
139 "components/ILIAS/Category"
140 );
141 if (count($this->rbacReview->getGlobalAssignableRoles())
142 or in_array(SYSTEM_ROLE_ID, $this->rbacReview->assignedRoles($this->user->getId()))
143 ) {
144 $this->toolbar->addComponent(
145 $this->ui_factory->link()->standard(
146 $this->lng->txt('add_user'),
147 $this->ctrl->getLinkTargetByClass("ilobjusergui", "create")
148 )
149 );
150 $this->toolbar->addComponent(
151 $this->ui_factory->link()->standard(
152 $this->lng->txt('import_users'),
153 $this->ctrl->getLinkTargetByClass("ilobjuserfoldergui", "importUserForm")
154 )
155 );
156 } else {
157 $this->tpl->setOnScreenMessage('info', $this->lng->txt('no_roles_user_can_be_assigned_to'));
158 }
159 if ($show_delete) {
160 $this->tpl->setCurrentBlock("confirm_delete");
161 $this->tpl->setVariable("CONFIRM_FORMACTION", $this->ctrl->getFormAction($this));
162 $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt('cancel'));
163 $this->tpl->setVariable("CONFIRM_CMD", 'performDeleteUsers');
164 $this->tpl->setVariable("TXT_CONFIRM", $this->lng->txt('delete'));
165 $this->tpl->parseCurrentBlock();
166 }
167 $table = new ilUserTableGUI($this, 'index', ilUserTableGUI::MODE_LOCAL_USER);
168 $this->tpl->setVariable('USERS_TABLE', $table->getHTML());
169
170 return true;
171 }
172
173 protected function addUserAutoCompleteObject(): void
174 {
175 $auto = new ilUserAutoComplete();
176 $auto->setSearchFields(array('login', 'firstname', 'lastname', 'email'));
177 $auto->enableFieldSearchableCheck(true);
178 $auto->setMoreLinkAvailable(true);
179
180 if (($_REQUEST['fetchall'])) {
181 $auto->setLimit(ilUserAutoComplete::MAX_ENTRIES);
182 }
183
184 echo $auto->getList($_REQUEST['term']);
185 exit();
186 }
187
188 public function performDeleteUsers(): bool
189 {
190 $this->checkPermission("cat_administrate_users");
191 foreach ($_POST['user_ids'] as $user_id) {
192 if (!in_array($user_id, ilLocalUser::_getAllUserIds($this->getRefId()))) {
193 $this->logger->write(__FILE__ . ":" . __LINE__ . " User with id $user_id could not be found.");
194 $this->tpl->setOnScreenMessage('failure', $this->lng->txt('user_not_found_to_delete'));
195 }
196 if (!$tmp_obj = ilObjectFactory::getInstanceByObjId((int) $user_id, false)) {
197 continue;
198 }
199 $tmp_obj->delete();
200 }
201 $this->tpl->setOnScreenMessage('success', $this->lng->txt('deleted_users'), true);
202 $this->ctrl->redirect($this, 'index');
203
204 return true;
205 }
206
207 public function deleteUsers(): void
208 {
209 $this->checkPermission("cat_administrate_users");
210 if (!count($_POST['id'])) {
211 $this->tpl->setOnScreenMessage('failure', $this->lng->txt('no_users_selected'));
212 $this->index();
213 return;
214 }
215 $confirm = new ilConfirmationGUI();
216 $confirm->setFormAction($this->ctrl->getFormAction($this));
217 $confirm->setHeaderText($this->lng->txt('sure_delete_selected_users'));
218 $confirm->setConfirm($this->lng->txt('delete'), 'performDeleteUsers');
219 $confirm->setCancel($this->lng->txt('cancel'), 'index');
220 foreach ($_POST['id'] as $user) {
221 $name = ilObjUser::_lookupName((int) $user);
222 $confirm->addItem(
223 'user_ids[]',
224 $user,
225 $name['lastname'] . ', ' . $name['firstname'] . ' [' . $name['login'] . ']'
226 );
227 }
228 $this->tpl->setContent($confirm->getHTML());
229 }
230
231
237 public function assignRoles(): void
238 {
239 if (!$this->access->checkAccess("cat_administrate_users", "", $this->getRefId())) {
240 $this->tpl->setOnScreenMessage('failure', $this->lng->txt("permission_denied"), true);
241 $this->ctrl->redirect($this, "");
242 }
243
244 if (!$this->getObjId()) {
245 $this->tpl->setOnScreenMessage('failure', 'no_user_selected');
246 $this->index();
247 return;
248 }
249 $roles = $this->getAssignableRoles();
250 $this->tpl->addBlockfile(
251 'ADM_CONTENT',
252 'adm_content',
253 'tpl.cat_role_assignment.html',
254 "components/ILIAS/Category"
255 );
256 $ass_roles = $this->rbacReview->assignedRoles($this->getObjId());
257 $counter = 0;
258 $f_result = [];
259 foreach ($roles as $role) {
260 $role_obj = ilObjectFactory::getInstanceByObjId($role['obj_id']);
261 $disabled = false;
263 in_array($role['obj_id'], $ass_roles) ? true : false,
264 'role_ids[]',
265 (string) $role['obj_id'],
266 $disabled
267 );
268 $f_result[$counter][] = $role_obj->getTitle();
269 $f_result[$counter][] = $role_obj->getDescription() ? $role_obj->getDescription() : '';
270 $f_result[$counter][] = (isset($role['role_type']) && $role['role_type'] == 'global')
271 ?
272 $this->lng->txt('global')
273 :
274 $this->lng->txt('local');
275 unset($role_obj);
276 ++$counter;
277 }
278 $this->showRolesTable($f_result, "assignRolesObject");
279 }
280
281 public function assignSave(): bool
282 {
283 if (!$this->access->checkAccess("cat_administrate_users", "", $this->getRefId())) {
284 $this->tpl->setOnScreenMessage('failure', $this->lng->txt("permission_denied"), true);
285 $this->ctrl->redirect($this, "");
286 }
287 // check hack
288 if (!$this->getObjId() or !in_array($this->getObjId(), ilLocalUser::_getAllUserIds())) {
289 $this->tpl->setOnScreenMessage('failure', 'no_user_selected');
290 $this->index();
291
292 return true;
293 }
294 $roles = $this->getAssignableRoles();
295 // check minimum one global role
296 if (!$this->checkGlobalRoles($_POST['role_ids'])) {
297 $this->tpl->setOnScreenMessage('failure', $this->lng->txt('no_global_role_left'));
298 $this->assignRoles();
299
300 return false;
301 }
302 $new_role_ids = $_POST['role_ids'] ? $_POST['role_ids'] : array();
303 $assigned_roles = $this->rbacReview->assignedRoles($this->getObjId());
304 foreach ($roles as $role) {
305 if (in_array($role['obj_id'], $new_role_ids) and !in_array($role['obj_id'], $assigned_roles)) {
306 $this->rbacAdmin->assignUser($role['obj_id'], $this->getObjId());
307 }
308 if (in_array($role['obj_id'], $assigned_roles) and !in_array($role['obj_id'], $new_role_ids)) {
309 $this->rbacAdmin->deassignUser($role['obj_id'], $this->getObjId());
310 }
311 }
312 $this->tpl->setOnScreenMessage('success', $this->lng->txt('role_assignment_updated'));
313 $this->assignRoles();
314
315 return true;
316 }
317
318 public function checkGlobalRoles($new_assigned): bool
319 {
320 if (!$this->access->checkAccess("cat_administrate_users", "", $this->getRefId())) {
321 $this->tpl->setOnScreenMessage('failure', $this->lng->txt("permission_denied"), true);
322 $this->ctrl->redirect($this, "");
323 }
324 // return true if it's not a local user
326 if ($tmp_obj->getTimeLimitOwner() != $this->object->getRefId() and
327 !in_array(SYSTEM_ROLE_ID, $this->rbacReview->assignedRoles($this->user->getId()))
328 ) {
329 return true;
330 }
331 // new assignment by form
332 $new_assigned = $new_assigned ? $new_assigned : array();
333 $assigned = $this->rbacReview->assignedRoles((int) $this->getObjId());
334 // all assignable globals
335 if (!in_array(SYSTEM_ROLE_ID, $this->rbacReview->assignedRoles($this->user->getId()))) {
336 $ga = $this->rbacReview->getGlobalAssignableRoles();
337 } else {
338 $ga = $this->rbacReview->getGlobalRolesArray();
339 }
340 $global_assignable = array();
341 foreach ($ga as $role) {
342 $global_assignable[] = $role['obj_id'];
343 }
344 $new_visible_assigned_roles = array_intersect($new_assigned, $global_assignable);
345 $all_assigned_roles = array_intersect($assigned, $this->rbacReview->getGlobalRoles());
346 $main_assigned_roles = array_diff($all_assigned_roles, $global_assignable);
347 if (!count($new_visible_assigned_roles) and !count($main_assigned_roles)) {
348 return false;
349 }
350
351 return true;
352 }
353
354
359 public function getAssignableRoles(): array
360 {
361 // check local user
363 // Admin => all roles
364 if (in_array(SYSTEM_ROLE_ID, $this->rbacReview->assignedRoles($this->user->getId())) === true) {
365 $global_roles = $this->rbacReview->getGlobalRolesArray();
366 } elseif ($tmp_obj->getTimeLimitOwner() == $this->object->getRefId()) {
367 $global_roles = $this->rbacReview->getGlobalAssignableRoles();
368 } else {
369 $global_roles = array();
370 }
371
372 return array_merge($global_roles, $this->rbacReview->getAssignableChildRoles($this->object->getRefId()));
373 }
374
375
382 public function showRolesTable($a_result_set, $a_from = ""): bool
383 {
384 if ($this->access->checkAccess("cat_administrate_users", "", $this->getRefId()) === false) {
385 $this->tpl->setOnScreenMessage('failure', $this->lng->txt("permission_denied"), true);
386 $this->ctrl->redirect($this, "");
387 }
388 $tbl = $this->initTableGUI();
389 $tpl = $tbl->getTemplateObject();
390 // SET FORMAACTION
391 $tpl->setCurrentBlock("tbl_form_header");
392 $this->ctrl->setParameter($this, 'obj_id', $this->getObjId());
393 $tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
395 // SET FOOTER BUTTONS
396 $tpl->setVariable("IMG_ARROW", ilUtil::getImagePath("nav/arrow_downright.svg"));
397 $tpl->setVariable("BTN_NAME", "assignSave");
398 $tpl->setVariable("BTN_VALUE", $this->lng->txt("change_assignment"));
399 $tpl->setCurrentBlock("tbl_action_row");
402 $title = $this->lng->txt('role_assignment') . ' (' . $tmp_obj->getFullname() . ')';
403 $tbl->setTitle($title, "standard/icon_role.svg", $this->lng->txt("role_assignment"));
404 $tbl->setHeaderNames(array(
405 '',
406 $this->lng->txt("title"),
407 $this->lng->txt('description'),
408 $this->lng->txt("type"),
409 ));
410 $tbl->setHeaderVars(array(
411 "",
412 "title",
413 "description",
414 "type",
415 ), (get_class($this->parentGui) == 'ilObjOrgUnitGUI')
416 ? array(
417 "ref_id" => $this->object->getRefId(),
418 "cmd" => "assignRoles",
419 "obj_id" => $this->getObjId(),
420 "cmdNode" => $_GET["cmdNode"],
421 "baseClass" => 'ilAdministrationGUI',
422 "admin_mode" => "settings",
423 )
424 : array(
425 "ref_id" => $this->object->getRefId(),
426 "cmd" => "assignRoles",
427 "obj_id" => $this->getObjId(),
428 "cmdClass" => "ilobjcategorygui",
429 "baseClass" => 'ilRepositoryGUI',
430 "cmdNode" => $_GET["cmdNode"],
431 ));
432 $tbl->setColumnWidth(array("4%", "35%", "45%", "16%"));
433 $this->set_unlimited = true;
434 $this->setTableGUIBasicData($tbl, $a_result_set, $a_from);
435 $tbl->render();
436 $this->tpl->setVariable('OBJECTS', $tbl->getTemplateObject()->get());
437
438 return true;
439 }
440
441 protected function initTableGUI(): ilTableGUI
442 {
443 return new ilTableGUI([], false);
444 }
445
446 protected function setTableGUIBasicData($tbl, &$result_set, string $a_from = ""): void
447 {
448 $r = $this->refinery;
449 $order = $this->query_wrapper->retrieve("sort_by", $r->byTrying([
450 $r->kindlyTo()->string(),
451 $r->always('title')
452 ]));
453 $direction = $this->query_wrapper->retrieve("sort_order", $r->byTrying([
454 $r->kindlyTo()->string(),
455 $r->always('asc')
456 ]));
457 $offset = $this->query_wrapper->retrieve("offset", $r->byTrying([
458 $r->kindlyTo()->int(),
459 $r->always(0)
460 ]));
461 $limit = $this->query_wrapper->retrieve("limit", $r->byTrying([
462 $r->kindlyTo()->int(),
463 $r->always(0)
464 ]));
465
466 if ($a_from == 'clipboardObject') {
467 $tbl->disable("footer");
468 }
469 $tbl->disable("linkbar");
470
471 $tbl->setOrderColumn((string) $order);
472 $tbl->setOrderDirection((string) $direction);
473 $tbl->setOffset((int) $offset);
474 $tbl->setLimit((int) $limit);
475 $tbl->setFooter("tblfooter", $this->lng->txt("previous"), $this->lng->txt("next"));
476 $tbl->setData($result_set);
477 }
478
479 protected function checkPermission(string $permission): void
480 {
481 if (!$this->access->checkAccess($permission, "", $this->getRefId())) {
482 $this->tpl->setOnScreenMessage('failure', $this->lng->txt("permission_denied"), true);
483 $this->ctrl->redirect($this, "");
484 }
485 }
486}
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Class ilCtrl provides processing control methods.
language handling
static formCheckbox(bool $checked, string $varname, string $value, bool $disabled=false)
Class ilLocalUserGUI.
getIntFromQuery(string $var)
setTableGUIBasicData($tbl, &$result_set, string $a_from="")
showRolesTable($a_result_set, $a_from="")
ILIAS DI LoggingServices $logger
ilRbacReview $rbacReview
ilGlobalTemplateInterface $tpl
ilPropertyFormGUI $form
ilRbacSystem $rbacSystem
ILIAS Refinery Factory $refinery
index(bool $show_delete=false)
ILIAS HTTP Wrapper RequestWrapper $query_wrapper
__construct(ilObjectGUI $parentGui)
ilAccessHandler $access
checkPermission(string $permission)
checkGlobalRoles($new_assigned)
ILIAS UI Factory $ui_factory
static _getAllUserIds(int $a_filter=0)
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
User class.
static _lookupName(int $a_user_id)
static getInstanceByObjId(?int $obj_id, bool $stop_on_error=true)
get an instance of an Ilias object by object id
Class ilObjectGUI Basic methods of all Output classes.
This class represents a property form user interface.
Class ilRbacAdmin Core functions for role based access control.
class ilRbacReview Contains Review functions of core Rbac.
class ilRbacSystem system function like checkAccess, addActiveRole ... Supporting system functions ar...
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
TableGUI class for user administration.
static getImagePath(string $image_name, string $module_path="", string $mode="output", bool $offline=false)
get image path (for images located in a template directory)
const SYSTEM_ROLE_ID
Definition: constants.php:29
exit
setVariable(string $variable, $value='')
Sets the given variable to the given value.
parseCurrentBlock(string $block_name=self::DEFAULT_BLOCK)
Parses the given block.
setCurrentBlock(string $part=self::DEFAULT_BLOCK)
Sets the template to the given block.
Interface ilAccessHandler This interface combines all available interfaces which can be called via gl...
$_GET['cmd']
Definition: lti.php:26
$_POST['cmd']
Definition: lti.php:27
global $DIC
Definition: shib_login.php:26
$counter