ILIAS  trunk Revision v11.0_alpha-3011-gc6b235a2e85
class.ilObjRoleFolderGUI.php
Go to the documentation of this file.
1<?php
2
19declare(strict_types=1);
20
21use ILIAS\Refinery\Factory;
22use ILIAS\UI\Factory as UIFactory;
23
31class ilObjRoleFolderGUI extends ilObjectGUI
32{
33 private const COPY_ADD_PERMISSIONS = 1;
34 private const COPY_CLONE_PERMISSIONS = 2;
35 private const COPY_REMOVE_PERMISSIONS = 3;
36 private const COPY_CHANGE_EXISTING_OBJECTS = 1;
37
38 private ilLogger $logger;
39 protected ilRbacAdmin $rbacadmin;
40 protected Factory $refinery;
41 protected UIFactory $ui_factory;
42
47 public function __construct($a_data, int $a_id, bool $a_call_by_reference)
48 {
49 global $DIC;
50
51 $this->logger = $DIC->logger()->ac();
52 $this->rbacadmin = $DIC['rbacadmin'];
53 $this->refinery = $DIC->refinery();
54 $this->ui_factory = $DIC['ui.factory'];
55
56 $this->type = "rolf";
57 parent::__construct($a_data, $a_id, $a_call_by_reference, false);
58 $this->lng->loadLanguageModule('rbac');
59 }
60
61 public function executeCommand(): void
62 {
63 $next_class = $this->ctrl->getNextClass($this);
64 $cmd = $this->ctrl->getCmd();
65 $this->prepareOutput();
66
67 switch ($next_class) {
68 case 'ilpermissiongui':
69 $perm_gui = new ilPermissionGUI($this);
70 $ret = $this->ctrl->forwardCommand($perm_gui);
71 break;
72
73 default:
74 $this->ctrl->setReturn($this, "view");
75 if (!$cmd) {
76 $cmd = "view";
77 }
78 $cmd .= "Object";
79 $this->$cmd();
80
81 break;
82 }
83 }
84
85 protected function initCopySourceFromGET(): int
86 {
87 if ($this->http->wrapper()->query()->has('csource')) {
88 return $this->http->wrapper()->query()->retrieve(
89 'csource',
90 $this->refinery->kindlyTo()->int()
91 );
92 }
93 return 0;
94 }
95
99 protected function initRolesFromPOST(): array
100 {
101 if ($this->http->wrapper()->post()->has('roles')) {
102 return $this->http->wrapper()->post()->retrieve(
103 'roles',
104 $this->refinery->byTrying([
105 $this->refinery->kindlyTo()->listOf(
106 $this->refinery->kindlyTo()->int()
107 ),
108 $this->refinery->in()->series([
109 $this->refinery->custom()->transformation(function ($v) {
110 return explode(',', $v);
111 }),
112 $this->refinery->kindlyTo()->listOf(
113 $this->refinery->kindlyTo()->int()
114 )
115 ])
116 ])
117 );
118 }
119 return [];
120 }
121
122 public function returnObject(): void
123 {
124 $this->viewObject();
125 }
126
127 protected function buildTargetNamesString(): string
128 {
129 $targets = $this->initRolesFromPOST();
130
131 if ($targets === []) {
132 $this->tpl->setOnScreenMessage('failure', $this->lng->txt('rbac_copy_no_targets'), true);
133 $this->ctrl->redirect($this, 'roleSearchList');
134 }
135
136 if (count($targets) > 3) {
137 return sprintf($this->lng->txt('rbac_copy_multi_targets'), '<strong>' . ilObject::_lookupTitle($targets[0]), ilObject::_lookupTitle($targets[1]) . '</strong>', '<strong>' . (string) count($targets) - 2, '</strong>');
138 }
139
140 if (count($targets) > 1) {
141 $target_names = '<strong>' . ilObject::_lookupTitle(array_shift($targets));
142 foreach ($targets as $target) {
143 $target_names .= ', ' . ilObject::_lookupTitle($target);
144 }
145 return $target_names . '</strong>';
146 }
147
148 // we have one single target
149 return '<strong>' . ilObject::_lookupTitle($targets[0]) . '</strong>';
150 }
151
152 public function viewObject(): void
153 {
154 $this->tabs_gui->activateTab('view');
155
156 if (!$this->rbac_system->checkAccess('visible,read', $this->object->getRefId())) {
157 $this->error->raiseError($this->lng->txt('permission_denied'), $this->error->MESSAGE);
158 }
159
160 if ($this->rbac_system->checkAccess('create_role', $this->object->getRefId())) {
161 $this->ctrl->setParameter($this, 'new_type', 'role');
162 $this->toolbar->addComponent(
163 $this->ui_factory->link()->standard(
164 $this->lng->txt('rolf_create_role'),
165 $this->ctrl->getLinkTargetByClass(ilObjRoleGUI::class, 'create')
166 )
167 );
168 }
169 if ($this->rbac_system->checkAccess('create_rolt', $this->object->getRefId())) {
170 $this->ctrl->setParameter($this, 'new_type', 'rolt');
171 $this->toolbar->addComponent(
172 $this->ui_factory->link()->standard(
173 $this->lng->txt('rolf_create_rolt'),
174 $this->ctrl->getLinkTargetByClass(ilObjRoleTemplateGUI::class, 'create')
175 )
176 );
177 $this->ctrl->clearParameters($this);
178 }
179
180 if (
181 $this->rbac_system->checkAccess('create_rolt', $this->object->getRefId()) ||
182 $this->rbac_system->checkAccess('create_rolt', $this->object->getRefId())
183 ) {
184 $this->toolbar->addComponent(
185 $this->ui_factory->link()->standard(
186 $this->lng->txt('rbac_import_role'),
187 $this->ctrl->getLinkTargetByClass('ilPermissionGUI', 'displayImportRoleForm')
188 )
189 );
190 }
191
192 $table = new ilRoleTableGUI($this, 'view');
193 $table->init();
194 $table->parse($this->object->getId());
195
196 $this->tpl->setContent($table->getHTML());
197 }
198
202 protected function roleSearchObject(): void
203 {
204 $this->tabs_gui->clearTargets();
205 $this->tabs_gui->setBackTarget(
206 $this->lng->txt('rbac_back_to_overview'),
207 $this->ctrl->getLinkTarget($this, 'view')
208 );
209
210 if (!$this->rbac_system->checkAccess('visible,read', $this->object->getRefId())) {
211 $this->error->raiseError($this->lng->txt('permission_denied'), $this->error->MESSAGE);
212 }
213
214 $this->ctrl->setParameter($this, 'csource', $this->initCopySourceFromGET());
215 $this->tpl->setOnScreenMessage(
216 'info',
217 sprintf(
218 $this->lng->txt('rbac_choose_copy_targets'),
219 '<strong>' . ilObject::_lookupTitle($this->initCopySourceFromGET()) . '</strong>'
220 )
221 );
222
223 $form = $this->initRoleSearchForm();
224 $this->tpl->setContent($form->getHTML());
225 }
226
230 protected function initRoleSearchForm(): ilPropertyFormGUI
231 {
232 $form = new ilPropertyFormGUI();
233 $form->setTitle($this->lng->txt('rbac_role_title'));
234 $form->setFormAction($this->ctrl->getFormAction($this, 'view'));
235
236 $search = new ilTextInputGUI($this->lng->txt('title'), 'title');
237 $search->setRequired(true);
238 $search->setSize(30);
239 $search->setMaxLength(255);
240 $form->addItem($search);
241
242 $form->addCommandButton('roleSearchForm', $this->lng->txt('search'));
243 return $form;
244 }
245
249 protected function roleSearchFormObject(): void
250 {
251 ilSession::set('rolf_search_query', '');
252 $this->ctrl->setParameter($this, 'csource', $this->initCopySourceFromGET());
253
254 $form = $this->initRoleSearchForm();
255 if ($form->checkInput()) {
256 ilSession::set('rolf_search_query', $form->getInput('title'));
257 $this->roleSearchListObject();
258 return;
259 }
260
261 $this->tpl->setOnScreenMessage('failure', $this->lng->txt('msg_no_search_string'), true);
262 $form->setValuesByPost();
263 $this->ctrl->redirect($this, 'roleSearch');
264 }
265
269 protected function roleSearchListObject(): void
270 {
271 $this->tabs_gui->clearTargets();
272 $this->tabs_gui->setBackTarget(
273 $this->lng->txt('rbac_back_to_overview'),
274 $this->ctrl->getLinkTarget($this, 'view')
275 );
276
277 $this->ctrl->setParameter($this, 'csource', $this->initCopySourceFromGET());
278
279 if (strlen(ilSession::get('rolf_search_query'))) {
280 $this->tpl->setOnScreenMessage(
281 'info',
282 sprintf(
283 $this->lng->txt('rbac_select_copy_targets'),
284 '<strong>' . ilObject::_lookupTitle($this->initCopySourceFromGET()) . '</strong>'
285 )
286 );
287 $table = new ilRoleTableGUI($this, 'roleSearchList');
288 $table->setType(ilRoleTableGUI::TYPE_SEARCH);
289 $table->setRoleTitleFilter(ilSession::get('rolf_search_query'));
290 $table->init();
291 $table->parse($this->object->getId());
292 $this->tpl->setContent($table->getHTML());
293 return;
294 }
295
296 $this->tpl->setOnScreenMessage('failure', $this->lng->txt('msg_no_search_string'), true);
297 $this->ctrl->redirect($this, 'roleSearch');
298 }
299
303 protected function chooseCopyBehaviourObject(?ilPropertyFormGUI $form = null): void
304 {
305 $this->initCopySourceFromGET();
306
307 $this->ctrl->saveParameter($this, 'csource');
308 $this->tabs_gui->clearTargets();
309 $this->tabs_gui->setBackTarget(
310 $this->lng->txt('rbac_back_to_overview'),
311 $this->ctrl->getLinkTarget($this, 'view')
312 );
313 if (!$form instanceof \ilPropertyFormGUI) {
314 $form = $this->initCopyBehaviourForm();
315 }
316 $this->tpl->setContent($form->getHTML());
317 }
318
322 protected function initCopyBehaviourForm(): ilPropertyFormGUI
323 {
324 // not only for role templates; add/remove permissions is also applicable for roles
325 $full_featured = true;
326
327 $this->tpl->setOnScreenMessage(
328 'info',
329 sprintf(
330 $this->lng->txt('rbac_copy_behaviour_info'),
331 '<strong>' . ilObject::_lookupTitle($this->initCopySourceFromGET()) . '</strong>',
332 $this->buildTargetNamesString()
333 ),
334 true
335 );
336
337 $form = new ilPropertyFormGUI();
338 $form->setTitle($this->lng->txt('rbac_copy_behaviour'));
339 $form->setFormAction($this->ctrl->getFormAction($this, 'chooseCopyBehaviour'));
340
341 $copy_type = new \ilRadioGroupInputGUI(
342 $this->lng->txt('rbac_form_copy_roles_adjust_type'),
343 'type'
344 );
345 $copy_type->setRequired(true);
346 $copy_type->setValue((string) self::COPY_CLONE_PERMISSIONS);
347
348 if ($full_featured) {
349 $add = new \ilRadioOption(
350 $this->lng->txt('rbac_form_copy_roles_adjust_type_add'),
351 (string) self::COPY_ADD_PERMISSIONS,
352 $this->lng->txt('rbac_form_copy_roles_adjust_type_add_info')
353 );
354 $copy_type->addOption($add);
355
356 $ce_type_add = new \ilRadioGroupInputGUI(
357 '',
358 'add_ce_type'
359 );
360 $ce_type_add->setRequired(true);
361 $ce_add_yes = new \ilRadioOption(
362 $this->lng->txt('rbac_form_copy_roles_ce_add_yes'),
363 (string) self::COPY_CHANGE_EXISTING_OBJECTS,
364 $this->lng->txt('rbac_form_copy_roles_ce_add_yes_info')
365 );
366 $ce_type_add->addOption($ce_add_yes);
367 $ce_add_no = new \ilRadioOption(
368 $this->lng->txt('rbac_form_copy_roles_ce_add_no'),
369 (string) 0,
370 $this->lng->txt('rbac_form_copy_roles_ce_add_no_info')
371 );
372 $ce_type_add->addOption($ce_add_no);
373 $add->addSubItem($ce_type_add);
374 }
375 $clone = new \ilRadioOption(
376 $this->lng->txt('rbac_form_copy_roles_adjust_type_clone'),
377 (string) self::COPY_CLONE_PERMISSIONS,
378 $this->lng->txt('rbac_form_copy_roles_adjust_type_clone_info')
379 );
380 $copy_type->addOption($clone);
381
382 $ce_type_clone = new \ilRadioGroupInputGUI(
383 '',
384 'clone_ce_type'
385 );
386 $ce_type_clone->setRequired(true);
387 $ce_clone_yes = new \ilRadioOption(
388 $this->lng->txt('rbac_form_copy_roles_ce_clone_yes'),
389 (string) self::COPY_CHANGE_EXISTING_OBJECTS,
390 $this->lng->txt('rbac_form_copy_roles_ce_clone_yes_info')
391 );
392 $ce_type_clone->addOption($ce_clone_yes);
393 $ce_clone_no = new \ilRadioOption(
394 $this->lng->txt('rbac_form_copy_roles_ce_clone_no'),
395 (string) 0,
396 $this->lng->txt('rbac_form_copy_roles_ce_clone_no_info')
397 );
398 $ce_type_clone->addOption($ce_clone_no);
399 $clone->addSubItem($ce_type_clone);
400
401 if ($full_featured) {
402 $remove = new \ilRadioOption(
403 $this->lng->txt('rbac_form_copy_roles_adjust_type_remove'),
404 (string) self::COPY_REMOVE_PERMISSIONS,
405 $this->lng->txt('rbac_form_copy_roles_adjust_type_remove_info')
406 );
407 $copy_type->addOption($remove);
408 $ce_type_remove = new \ilRadioGroupInputGUI(
409 '',
410 'remove_ce_type'
411 );
412 $ce_type_remove->setRequired(true);
413 $ce_remove_yes = new \ilRadioOption(
414 $this->lng->txt('rbac_form_copy_roles_ce_remove_yes'),
415 (string) self::COPY_CHANGE_EXISTING_OBJECTS,
416 $this->lng->txt('rbac_form_copy_roles_ce_remove_yes_info')
417 );
418 $ce_type_remove->addOption($ce_remove_yes);
419 $ce_remove_no = new \ilRadioOption(
420 $this->lng->txt('rbac_form_copy_roles_ce_remove_no'),
421 (string) 0,
422 $this->lng->txt('rbac_form_copy_roles_ce_remove_no_info')
423 );
424 $ce_type_remove->addOption($ce_remove_no);
425 $remove->addSubItem($ce_type_remove);
426 }
427
428 $form->addItem($copy_type);
429
430 $roles = new ilHiddenInputGUI('roles');
431 $roles->setValue(implode(',', $this->initRolesFromPOST()));
432 $form->addItem($roles);
433
434 $form->addCommandButton('roleSearchList', $this->lng->txt('back'));
435 $form->addCommandButton('adjustRole', $this->lng->txt('rbac_form_copy_roles_adjust_button'));
436 return $form;
437 }
438
442 protected function adjustRoleObject(): void
443 {
444 $this->checkPermission('write');
445
446 $roles = $this->initRolesFromPOST();
447 $source = $this->initCopySourceFromGET();
448
449 $form = $this->initCopyBehaviourForm();
450 if (!$form->checkInput()) {
451 $form->setValuesByPost();
452 $this->chooseCopyBehaviourObject($form);
453 return;
454 }
455
456 $adjustment_type = $form->getInput('type');
457 foreach ((array) $roles as $role_id) {
458 if ($role_id !== $source) {
459 $start_obj = $this->rbac_review->getRoleFolderOfRole($role_id);
460 $this->logger->debug('Start object: ' . $start_obj);
461
462 switch ($adjustment_type) {
463 case self::COPY_ADD_PERMISSIONS:
464 $change_existing = (bool) $form->getInput('add_ce_type');
465 $this->doAddRolePermissions(
466 $source,
467 $role_id
468 );
469 if ($change_existing) {
470 $this->doChangeExistingObjects(
471 $start_obj,
472 $role_id,
473 \ilObjRole::MODE_ADD_OPERATIONS,
474 $source
475 );
476 }
477 break;
478 case self::COPY_CLONE_PERMISSIONS:
479 $change_existing = (bool) $form->getInput('clone_ce_type');
480 $this->doCopyRole(
481 $source,
482 $role_id
483 );
484 if ($change_existing) {
485 $this->doChangeExistingObjects(
486 $start_obj,
487 $role_id,
488 \ilObjRole::MODE_READ_OPERATIONS,
489 $source
490 );
491 }
492 break;
493 case self::COPY_REMOVE_PERMISSIONS:
494 $change_existing = (bool) $form->getInput('remove_ce_type');
495 $this->doRemoveRolePermissions(
496 $source,
497 $role_id
498 );
499 if ($change_existing) {
500 $this->doChangeExistingObjects(
501 $start_obj,
502 $role_id,
503 \ilObjRole::MODE_REMOVE_OPERATIONS,
504 $source
505 );
506 }
507 break;
508 }
509 }
510 }
511
512 $this->tpl->setOnScreenMessage('success', $this->lng->txt('rbac_copy_finished'), true);
513 $this->ctrl->redirect($this, 'view');
514 }
515
519 protected function doAddRolePermissions(int $source, int $target): void
520 {
521 $source_definition = $this->rbac_review->getRoleFolderOfRole($source);
522 $this->rbacadmin->copyRolePermissionUnion(
523 $source,
524 $source_definition,
525 $target,
526 $this->rbac_review->getRoleFolderOfRole($target),
527 $target,
528 $this->rbac_review->getRoleFolderOfRole($target)
529 );
530 }
531
535 protected function removeRolePermissionsObject(): void
536 {
537 // Finally copy role/rolt
538 $roles = $this->initRolesFromPOST();
539 $source = $this->initCopySourceFromGET();
540
541 $form = $this->initCopyBehaviourForm();
542 if ($form->checkInput()) {
543 foreach ((array) $roles as $role_id) {
544 if ($role_id !== $source) {
545 $this->doRemoveRolePermissions($source, $role_id);
546 }
547 }
548 $this->tpl->setOnScreenMessage('success', $this->lng->txt('rbac_copy_finished'), true);
549 $this->ctrl->redirect($this, 'view');
550 }
551 }
552
556 protected function doRemoveRolePermissions(int $source, int $target): void
557 {
558 $this->logger->debug('Remove permission source: ' . $source);
559 $this->logger->debug('Remove permission target: ' . $target);
560 $source_obj = $this->rbac_review->getRoleFolderOfRole($source);
561 $this->rbacadmin->copyRolePermissionSubtract(
562 $source,
563 $source_obj,
564 $target,
565 $this->rbac_review->getRoleFolderOfRole($target)
566 );
567 }
568
572 protected function doCopyRole(int $source, int $target): void
573 {
574 $target_obj = $this->rbac_review->getRoleFolderOfRole($target);
575 $source_obj = $this->rbac_review->getRoleFolderOfRole($source);
576 // Copy role template permissions
577 $this->rbacadmin->copyRoleTemplatePermissions(
578 $source,
579 $source_obj,
580 $target_obj,
581 $target
582 );
583 }
584
588 protected function doChangeExistingObjects(
589 int $a_start_obj,
590 int $a_target_role,
591 int $a_operation_mode,
592 int $a_source_role
593 ): void {
594 if (!$a_start_obj) {
595 $this->logger->warning('Missing parameter start object.');
596 $this->logger->logStack(\ilLogLevel::WARNING);
597 throw new InvalidArgumentException('Missing parameter: start object');
598 }
599 // the mode is unchanged and read out from the target object
600 $target_ref_id = $this->rbac_review->getRoleFolderOfRole($a_target_role);
601 if ($this->rbac_review->isProtected($target_ref_id, $a_target_role)) {
602 $mode = \ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES;
603 } else {
604 $mode = \ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES;
605 }
606 $operation_stack = [];
607 if ($a_operation_mode !== \ilObjRole::MODE_READ_OPERATIONS) {
608 $operation_stack[] = $this->rbac_review->getAllOperationsOfRole($a_source_role, $this->ref_id);
609 }
610 $this->logger->debug('Current operation stack');
611 $this->logger->dump($operation_stack, ilLogLevel::DEBUG);
612
613 $role = new ilObjRole($a_target_role);
614 $role->changeExistingObjects(
615 $a_start_obj,
616 $mode,
617 ['all'],
618 [],
619 $a_operation_mode,
620 $operation_stack
621 );
622 }
623
627 protected function applyFilterObject(): void
628 {
629 $table = new ilRoleTableGUI($this, 'view');
630 $table->init();
631 $table->resetOffset();
632 $table->writeFilterToSession();
633
634 $this->viewObject();
635 }
636
640 public function resetFilterObject(): void
641 {
642 $table = new ilRoleTableGUI($this, 'view');
643 $table->init();
644 $table->resetOffset();
645 $table->resetFilter();
646
647 $this->viewObject();
648 }
649
653 protected function confirmDeleteObject(): void
654 {
655 $roles = $this->initRolesFromPOST();
656 if ($roles === []) {
657 $this->tpl->setOnScreenMessage('failure', $this->lng->txt('select_one'), true);
658 $this->ctrl->redirect($this, 'view');
659 }
660
661 $question = $this->lng->txt('rbac_role_delete_qst');
662
663 $confirm = new ilConfirmationGUI();
664 $confirm->setHeaderText($question);
665 $confirm->setFormAction($this->ctrl->getFormAction($this));
666 $confirm->setHeaderText($this->lng->txt("info_delete_sure"));
667 $confirm->setConfirm($this->lng->txt('delete'), 'deleteRole');
668 $confirm->setCancel($this->lng->txt('cancel'), 'cancel');
669
670 foreach ($roles as $role_id) {
671 $confirm->addItem(
672 'roles[]',
673 (string) $role_id,
674 ilObjRole::_getTranslation(ilObject::_lookupTitle($role_id))
675 );
676 }
677 $this->tpl->setContent($confirm->getHTML());
678 }
679
683 protected function deleteRoleObject(): void
684 {
685 if (!$this->rbac_system->checkAccess('delete', $this->object->getRefId())) {
686 $this->error->raiseError(
687 $this->lng->txt('msg_no_perm_delete'),
688 $this->error->MESSAGE
689 );
690 }
691
692 foreach ($this->initRolesFromPOST() as $id) {
693 // instatiate correct object class (role or rolt)
694 $obj = ilObjectFactory::getInstanceByObjId($id, false);
695
696 if ($obj->getType() == "role") {
697 $rolf_arr = $this->rbac_review->getFoldersAssignedToRole($obj->getId(), true);
698 $obj->setParent($rolf_arr[0]);
699 }
700
701 $obj->delete();
702 }
703
704 // set correct return location if rolefolder is removed
705 $this->tpl->setOnScreenMessage('success', $this->lng->txt("msg_deleted_roles_rolts"), true);
706 $this->ctrl->redirect($this, 'view');
707 }
708
715 public function getAdminTabs(): void
716 {
717 if ($this->checkPermissionBool("visible,read")) {
718 $this->tabs_gui->addTarget(
719 "view",
720 $this->ctrl->getLinkTarget($this, "view"),
721 ["", "view"],
722 get_class($this)
723 );
724
725 $this->tabs_gui->addTarget(
726 "settings",
727 $this->ctrl->getLinkTarget($this, "editSettings"),
728 ["editSettings"],
729 get_class($this)
730 );
731 }
732
733 if ($this->checkPermissionBool("edit_permission")) {
734 $this->tabs_gui->addTarget(
735 "perm_settings",
736 $this->ctrl->getLinkTargetByClass(
737 [get_class($this), 'ilpermissiongui'],
738 "perm"
739 ),
740 "",
741 "ilpermissiongui"
742 );
743 }
744 }
745
746 public function editSettingsObject(?ilPropertyFormGUI $a_form = null): void
747 {
748 if ($a_form === null) {
749 $a_form = $this->initSettingsForm();
750 }
751
752 $this->tpl->setContent($a_form->getHTML());
753 }
754
755 public function saveSettingsObject(): void
756 {
757 global $DIC;
758
759 $user = $DIC->user();
760
761 if (!$this->checkPermissionBool("write")) {
762 $this->error->raiseError($this->lng->txt('permission_denied'), $this->error->MESSAGE);
763 }
764
765 $form = $this->initSettingsForm();
766 if ($form->checkInput()) {
767 $privacy = ilPrivacySettings::getInstance();
768 $privacy->enableRbacLog((bool) $form->getInput('rbac_log'));
769 $privacy->setRbacLogAge((int) $form->getInput('rbac_log_age'));
770 $privacy->save();
771
772 if ($this->rbac_review->isAssigned($user->getId(), SYSTEM_ROLE_ID)) {
773 $security = ilSecuritySettings::_getInstance();
774 $security->protectedAdminRole((bool) $form->getInput('admin_role'));
775 $security->save();
776 }
777 $this->tpl->setOnScreenMessage('success', $this->lng->txt("settings_saved"), true);
778 $this->ctrl->redirect($this, "editSettings");
779 }
780
781 $form->setValuesByPost();
782 $this->editSettingsObject($form);
783 }
784
785 protected function initSettingsForm(): ilPropertyFormGUI
786 {
787 global $DIC;
788
789 $user = $DIC->user();
790
791 $this->lng->loadLanguageModule('ps');
792
793 $privacy = ilPrivacySettings::getInstance();
794 $security = ilSecuritySettings::_getInstance();
795
796 $form = new ilPropertyFormGUI();
797 $form->setFormAction($this->ctrl->getFormAction($this, "saveSettings"));
798 $form->setTitle($this->lng->txt('settings'));
799
800 // protected admin
801 $admin = new ilCheckboxInputGUI($GLOBALS['DIC']['lng']->txt('adm_adm_role_protect'), 'admin_role');
802 $admin->setDisabled(!$this->rbac_review->isAssigned($user->getId(), SYSTEM_ROLE_ID));
803 $admin->setInfo($this->lng->txt('adm_adm_role_protect_info'));
804 $admin->setChecked($security->isAdminRoleProtected());
805 $admin->setValue((string) 1);
806 $form->addItem($admin);
807
808 $check = new ilCheckboxInputGUI($this->lng->txt('rbac_log'), 'rbac_log');
809 $check->setInfo($this->lng->txt('rbac_log_info'));
810 $check->setChecked($privacy->enabledRbacLog());
811 $form->addItem($check);
812
813 $age = new ilNumberInputGUI($this->lng->txt('rbac_log_age'), 'rbac_log_age');
814 $age->setInfo($this->lng->txt('rbac_log_age_info'));
815 $age->setValue((string) $privacy->getRbacLogAge());
816 $age->setMinValue(1);
817 $age->setMaxValue(24);
818 $age->setSize(2);
819 $age->setMaxLength(2);
820 $check->addSubItem($age);
821
822 $form->addCommandButton('saveSettings', $this->lng->txt('save'));
823
824 return $form;
825 }
826
827 public function addToExternalSettingsForm(int $a_form_id): array
828 {
829 switch ($a_form_id) {
830 case ilAdministrationSettingsFormHandler::FORM_SECURITY:
831
832 $security = ilSecuritySettings::_getInstance();
833
834 $fields = ['adm_adm_role_protect' => [$security->isAdminRoleProtected(),
835 ilAdministrationSettingsFormHandler::VALUE_BOOL
836 ]
837 ];
838
839 return [["editSettings", $fields]];
840
841 case ilAdministrationSettingsFormHandler::FORM_PRIVACY:
842
843 $privacy = ilPrivacySettings::getInstance();
844
845 $subitems = null;
846 if ($privacy->enabledRbacLog()) {
847 $subitems = ['rbac_log_age' => $privacy->getRbacLogAge()];
848 }
849 $fields = ['rbac_log' => [$privacy->enabledRbacLog(),
850 ilAdministrationSettingsFormHandler::VALUE_BOOL,
851 $subitems
852 ]
853 ];
854
855 return [["editSettings", $fields]];
856 }
857 return [];
858 }
859} // END class.ilObjRoleFolderGUI
$id
$id
plugin.php for ilComponentBuildPluginInfoObjectiveTest::testAddPlugins
Definition: plugin.php:23
$check
$check
Definition: buildRTE.php:81
ILIAS\Data\Color\Factory
Builds a Color from either hex- or rgb values.
Definition: Factory.php:31
ILIAS\Data\Factory
Builds data types.
Definition: Factory.php:36
error
error(string $a_errmsg)
Definition: class.ilIniFile.php:309
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:28
ilConfirmationGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilConfirmationGUI.php:27
ilHiddenInputGUI
This class represents a hidden form property in a property form.
Definition: class.ilHiddenInputGUI.php:28
ilLogger
Component logger with individual log levels by component id.
Definition: class.ilLogger.php:29
ilNumberInputGUI
This class represents a number property in a property form.
Definition: class.ilNumberInputGUI.php:28
ilObjRoleFolderGUI
Class ilObjRoleFolderGUI.
Definition: class.ilObjRoleFolderGUI.php:32
ilObjRoleFolderGUI\initCopyBehaviourForm
initCopyBehaviourForm()
Show copy behaviour form.
Definition: class.ilObjRoleFolderGUI.php:322
ilObjRoleFolderGUI\doAddRolePermissions
doAddRolePermissions(int $source, int $target)
do add role permission
Definition: class.ilObjRoleFolderGUI.php:519
ilObjRoleFolderGUI\__construct
__construct($a_data, int $a_id, bool $a_call_by_reference)
Constructor @access public.
Definition: class.ilObjRoleFolderGUI.php:47
ilObjRoleFolderGUI\addToExternalSettingsForm
addToExternalSettingsForm(int $a_form_id)
Definition: class.ilObjRoleFolderGUI.php:827
ilObjRoleFolderGUI\initRoleSearchForm
initRoleSearchForm()
Init role search form.
Definition: class.ilObjRoleFolderGUI.php:230
ilObjRoleFolderGUI\doCopyRole
doCopyRole(int $source, int $target)
Perform copy of role.
Definition: class.ilObjRoleFolderGUI.php:572
ilObjRoleFolderGUI\doRemoveRolePermissions
doRemoveRolePermissions(int $source, int $target)
do add role permission
Definition: class.ilObjRoleFolderGUI.php:556
ilObjRoleFolderGUI\chooseCopyBehaviourObject
chooseCopyBehaviourObject(?ilPropertyFormGUI $form=null)
Choose option for copying roles/role templates.
Definition: class.ilObjRoleFolderGUI.php:303
ilObjRoleFolderGUI\roleSearchFormObject
roleSearchFormObject()
Parse search query.
Definition: class.ilObjRoleFolderGUI.php:249
ilObjRoleFolderGUI\resetFilterObject
resetFilterObject()
Reset role filter.
Definition: class.ilObjRoleFolderGUI.php:640
ilObjRoleFolderGUI\editSettingsObject
editSettingsObject(?ilPropertyFormGUI $a_form=null)
Definition: class.ilObjRoleFolderGUI.php:746
ilObjRoleFolderGUI\roleSearchObject
roleSearchObject()
Search target roles.
Definition: class.ilObjRoleFolderGUI.php:202
ilObjRoleFolderGUI\doChangeExistingObjects
doChangeExistingObjects(int $a_start_obj, int $a_target_role, int $a_operation_mode, int $a_source_role)
Do change existing objects.
Definition: class.ilObjRoleFolderGUI.php:588
ilObjRoleFolderGUI\getAdminTabs
getAdminTabs()
Add role folder tabs.
Definition: class.ilObjRoleFolderGUI.php:715
ilObjRoleFolderGUI\confirmDeleteObject
confirmDeleteObject()
Confirm deletion of roles.
Definition: class.ilObjRoleFolderGUI.php:653
ilObjRoleFolderGUI\removeRolePermissionsObject
removeRolePermissionsObject()
Remove role permissions.
Definition: class.ilObjRoleFolderGUI.php:535
ilObjRoleFolderGUI\viewObject
viewObject()
viewObject container presentation for "administration -> repository, trash, permissions"
Definition: class.ilObjRoleFolderGUI.php:152
ilObjRoleFolderGUI\applyFilterObject
applyFilterObject()
Apply role filter.
Definition: class.ilObjRoleFolderGUI.php:627
ilObjRole
Class ilObjRole.
Definition: class.ilObjRole.php:27
ilObjRole\MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:31
ilObjRole\MODE_REMOVE_OPERATIONS
const MODE_REMOVE_OPERATIONS
Definition: class.ilObjRole.php:35
ilObjRole\MODE_PROTECTED_KEEP_LOCAL_POLICIES
const MODE_PROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:29
ilObjRole\MODE_ADD_OPERATIONS
const MODE_ADD_OPERATIONS
Definition: class.ilObjRole.php:33
ilObjRole\MODE_READ_OPERATIONS
const MODE_READ_OPERATIONS
Definition: class.ilObjRole.php:34
ilObjRole\_getTranslation
static _getTranslation(string $a_role_title)
Definition: class.ilObjRole.php:364
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId(?int $obj_id, bool $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:84
ilObjectGUI
Class ilObjectGUI Basic methods of all Output classes.
Definition: class.ilObjectGUI.php:49
ilObjectGUI\checkPermission
checkPermission(string $perm, string $cmd="", string $type="", ?int $ref_id=null)
Definition: class.ilObjectGUI.php:1942
ilObjectGUI\prepareOutput
prepareOutput(bool $show_sub_objects=true)
Definition: class.ilObjectGUI.php:307
ilObject\_lookupTitle
static _lookupTitle(int $obj_id)
Definition: class.ilObject.php:847
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:32
ilRbacAdmin
Class ilRbacAdmin Core functions for role based access control.
Definition: class.ilRbacAdmin.php:32
ilRoleTableGUI
TableGUI for the presentation og roles and role templates.
Definition: class.ilRoleTableGUI.php:27
ilSecuritySettings\_getInstance
static _getInstance()
Get instance of ilSecuritySettings.
Definition: class.ilSecuritySettings.php:96
ilSession\get
static get(string $a_var)
Definition: class.ilSession.php:388
ilSession\set
static set(string $a_var, $a_val)
Set a value.
Definition: class.ilSession.php:380
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:28
SYSTEM_ROLE_ID
const SYSTEM_ROLE_ID
Definition: constants.php:29
ILIAS\FileDelivery\http
static http()
Fetches the global http state from ILIAS.
Definition: HttpServiceAware.php:55
ILIAS\GlobalScreen\Provider\__construct
__construct(Container $dic, ilPlugin $plugin)
@inheritDoc
Definition: PluginProviderHelper.php:38
if
if(!file_exists('../ilias.ini.php'))
Definition: sessioncheck.php:23
$DIC
global $DIC
Definition: shib_login.php:26
$GLOBALS
$GLOBALS["DIC"]
Definition: wac.php:54