ILIAS  trunk Revision v11.0_alpha-1689-g66c127b4ae8
All Data Structures Namespaces Files Functions Variables Enumerations Enumerator Modules Pages
class.ilObjRoleFolderGUI.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
21 use ILIAS\HTTP\GlobalHttpState;
22 use ILIAS\Refinery\Factory;
23 use ILIAS\UI\Factory as UIFactory;
24 
32 class ilObjRoleFolderGUI extends ilObjectGUI
33 {
34  private const COPY_ADD_PERMISSIONS = 1;
35  private const COPY_CLONE_PERMISSIONS = 2;
36  private const COPY_REMOVE_PERMISSIONS = 3;
37  private const COPY_CHANGE_EXISTING_OBJECTS = 1;
38 
39  private ilLogger $logger;
40  protected ilRbacAdmin $rbacadmin;
41 
42  protected GlobalHttpState $http;
43  protected Factory $refinery;
44  protected UIFactory $ui_factory;
45 
50  public function __construct($a_data, int $a_id, bool $a_call_by_reference)
51  {
52  global $DIC;
53 
54  $this->logger = $DIC->logger()->ac();
55  $this->rbacadmin = $DIC['rbacadmin'];
56  $this->http = $DIC->http();
57  $this->refinery = $DIC->refinery();
58  $this->ui_factory = $DIC['ui.factory'];
59 
60  $this->type = "rolf";
61  parent::__construct($a_data, $a_id, $a_call_by_reference, false);
62  $this->lng->loadLanguageModule('rbac');
63  }
64 
65  public function executeCommand(): void
66  {
67  $next_class = $this->ctrl->getNextClass($this);
68  $cmd = $this->ctrl->getCmd();
69  $this->prepareOutput();
70 
71  switch ($next_class) {
72  case 'ilpermissiongui':
73  $perm_gui = new ilPermissionGUI($this);
74  $ret = $this->ctrl->forwardCommand($perm_gui);
75  break;
76 
77  default:
78  $this->ctrl->setReturn($this, "view");
79  if (!$cmd) {
80  $cmd = "view";
81  }
82  $cmd .= "Object";
83  $this->$cmd();
84 
85  break;
86  }
87  }
88 
89  protected function initCopySourceFromGET(): int
90  {
91  if ($this->http->wrapper()->query()->has('csource')) {
92  return $this->http->wrapper()->query()->retrieve(
93  'csource',
94  $this->refinery->kindlyTo()->int()
95  );
96  }
97  return 0;
98  }
99 
103  protected function initRolesFromPOST(): array
104  {
105  if ($this->http->wrapper()->post()->has('roles')) {
106  return $this->http->wrapper()->post()->retrieve(
107  'roles',
108  $this->refinery->byTrying([
109  $this->refinery->kindlyTo()->listOf(
110  $this->refinery->kindlyTo()->int()
111  ),
112  $this->refinery->in()->series([
113  $this->refinery->custom()->transformation(function ($v) {
114  return explode(',', $v);
115  }),
116  $this->refinery->kindlyTo()->listOf(
117  $this->refinery->kindlyTo()->int()
118  )
119  ])
120  ])
121  );
122  }
123  return [];
124  }
125 
126  public function returnObject(): void
127  {
128  $this->viewObject();
129  }
130 
131  public function viewObject(): void
132  {
133  $this->tabs_gui->activateTab('view');
134 
135  if (!$this->rbac_system->checkAccess('visible,read', $this->object->getRefId())) {
136  $this->error->raiseError($this->lng->txt('permission_denied'), $this->error->MESSAGE);
137  }
138 
139  if ($this->rbac_system->checkAccess('create_role', $this->object->getRefId())) {
140  $this->ctrl->setParameter($this, 'new_type', 'role');
141  $this->toolbar->addComponent(
142  $this->ui_factory->link()->standard(
143  $this->lng->txt('rolf_create_role'),
144  $this->ctrl->getLinkTargetByClass(ilObjRoleGUI::class, 'create')
145  )
146  );
147  }
148  if ($this->rbac_system->checkAccess('create_rolt', $this->object->getRefId())) {
149  $this->ctrl->setParameter($this, 'new_type', 'rolt');
150  $this->toolbar->addComponent(
151  $this->ui_factory->link()->standard(
152  $this->lng->txt('rolf_create_rolt'),
153  $this->ctrl->getLinkTargetByClass(ilObjRoleTemplateGUI::class, 'create')
154  )
155  );
156  $this->ctrl->clearParameters($this);
157  }
158 
159  if (
160  $this->rbac_system->checkAccess('create_rolt', $this->object->getRefId()) ||
161  $this->rbac_system->checkAccess('create_rolt', $this->object->getRefId())
162  ) {
163  $this->toolbar->addComponent(
164  $this->ui_factory->link()->standard(
165  $this->lng->txt('rbac_import_role'),
166  $this->ctrl->getLinkTargetByClass('ilPermissionGUI', 'displayImportRoleForm')
167  )
168  );
169  }
170 
171  $table = new ilRoleTableGUI($this, 'view');
172  $table->init();
173  $table->parse($this->object->getId());
174 
175  $this->tpl->setContent($table->getHTML());
176  }
177 
181  protected function roleSearchObject(): void
182  {
183  $this->tabs_gui->clearTargets();
184  $this->tabs_gui->setBackTarget(
185  $this->lng->txt('rbac_back_to_overview'),
186  $this->ctrl->getLinkTarget($this, 'view')
187  );
188 
189  if (!$this->rbac_system->checkAccess('visible,read', $this->object->getRefId())) {
190  $this->error->raiseError($this->lng->txt('permission_denied'), $this->error->MESSAGE);
191  }
192 
193  $this->ctrl->setParameter($this, 'csource', $this->initCopySourceFromGET());
194  $this->tpl->setOnScreenMessage('info', $this->lng->txt('rbac_choose_copy_targets'));
195 
196  $form = $this->initRoleSearchForm();
197  $this->tpl->setContent($form->getHTML());
198  }
199 
203  protected function initRoleSearchForm(): ilPropertyFormGUI
204  {
205  $form = new ilPropertyFormGUI();
206  $form->setTitle($this->lng->txt('rbac_role_title'));
207  $form->setFormAction($this->ctrl->getFormAction($this, 'view'));
208 
209  $search = new ilTextInputGUI($this->lng->txt('title'), 'title');
210  $search->setRequired(true);
211  $search->setSize(30);
212  $search->setMaxLength(255);
213  $form->addItem($search);
214 
215  $form->addCommandButton('roleSearchForm', $this->lng->txt('search'));
216  return $form;
217  }
218 
222  protected function roleSearchFormObject(): void
223  {
224  ilSession::set('rolf_search_query', '');
225  $this->ctrl->setParameter($this, 'csource', $this->initCopySourceFromGET());
226 
227  $form = $this->initRoleSearchForm();
228  if ($form->checkInput()) {
229  ilSession::set('rolf_search_query', $form->getInput('title'));
230  $this->roleSearchListObject();
231  return;
232  }
233 
234  $this->tpl->setOnScreenMessage('failure', $this->lng->txt('msg_no_search_string'), true);
235  $form->setValuesByPost();
236  $this->ctrl->redirect($this, 'roleSearch');
237  }
238 
242  protected function roleSearchListObject(): void
243  {
244  $this->tabs_gui->clearTargets();
245  $this->tabs_gui->setBackTarget(
246  $this->lng->txt('rbac_back_to_overview'),
247  $this->ctrl->getLinkTarget($this, 'view')
248  );
249 
250  $this->ctrl->setParameter($this, 'csource', $this->initCopySourceFromGET());
251 
252  if (strlen(ilSession::get('rolf_search_query'))) {
253  $this->tpl->setOnScreenMessage('info', $this->lng->txt('rbac_select_copy_targets'));
254  $table = new ilRoleTableGUI($this, 'roleSearchList');
255  $table->setType(ilRoleTableGUI::TYPE_SEARCH);
256  $table->setRoleTitleFilter(ilSession::get('rolf_search_query'));
257  $table->init();
258  $table->parse($this->object->getId());
259  $this->tpl->setContent($table->getHTML());
260  return;
261  }
262 
263  $this->tpl->setOnScreenMessage('failure', $this->lng->txt('msg_no_search_string'), true);
264  $this->ctrl->redirect($this, 'roleSearch');
265  }
266 
270  protected function chooseCopyBehaviourObject(?ilPropertyFormGUI $form = null): void
271  {
272  $this->initCopySourceFromGET();
273 
274  $this->ctrl->saveParameter($this, 'csource');
275  $this->tabs_gui->clearTargets();
276  $this->tabs_gui->setBackTarget(
277  $this->lng->txt('rbac_back_to_overview'),
278  $this->ctrl->getLinkTarget($this, 'view')
279  );
280  if (!$form instanceof \ilPropertyFormGUI) {
281  $form = $this->initCopyBehaviourForm();
282  }
283  $this->tpl->setContent($form->getHTML());
284  }
285 
289  protected function initCopyBehaviourForm(): ilPropertyFormGUI
290  {
291  // not only for role templates; add/remove permissions is also applicable for roles
292  $full_featured = true;
293 
294  $form = new ilPropertyFormGUI();
295  $form->setTitle($this->lng->txt('rbac_copy_behaviour'));
296  $form->setFormAction($this->ctrl->getFormAction($this, 'chooseCopyBehaviour'));
297 
298  $copy_type = new \ilRadioGroupInputGUI(
299  $this->lng->txt('rbac_form_copy_roles_adjust_type'),
300  'type'
301  );
302  $copy_type->setRequired(true);
303  $copy_type->setValue((string) self::COPY_CLONE_PERMISSIONS);
304 
305  if ($full_featured) {
306  $add = new \ilRadioOption(
307  $this->lng->txt('rbac_form_copy_roles_adjust_type_add'),
308  (string) self::COPY_ADD_PERMISSIONS,
309  $this->lng->txt('rbac_form_copy_roles_adjust_type_add_info')
310  );
311  $copy_type->addOption($add);
312 
313  $ce_type_add = new \ilRadioGroupInputGUI(
314  '',
315  'add_ce_type'
316  );
317  $ce_type_add->setRequired(true);
318  $ce_add_yes = new \ilRadioOption(
319  $this->lng->txt('rbac_form_copy_roles_ce_add_yes'),
320  (string) self::COPY_CHANGE_EXISTING_OBJECTS,
321  $this->lng->txt('rbac_form_copy_roles_ce_add_yes_info')
322  );
323  $ce_type_add->addOption($ce_add_yes);
324  $ce_add_no = new \ilRadioOption(
325  $this->lng->txt('rbac_form_copy_roles_ce_add_no'),
326  (string) 0,
327  $this->lng->txt('rbac_form_copy_roles_ce_add_no_info')
328  );
329  $ce_type_add->addOption($ce_add_no);
330  $add->addSubItem($ce_type_add);
331  }
332  $clone = new \ilRadioOption(
333  $this->lng->txt('rbac_form_copy_roles_adjust_type_clone'),
334  (string) self::COPY_CLONE_PERMISSIONS,
335  $this->lng->txt('rbac_form_copy_roles_adjust_type_clone_info')
336  );
337  $copy_type->addOption($clone);
338 
339  $ce_type_clone = new \ilRadioGroupInputGUI(
340  '',
341  'clone_ce_type'
342  );
343  $ce_type_clone->setRequired(true);
344  $ce_clone_yes = new \ilRadioOption(
345  $this->lng->txt('rbac_form_copy_roles_ce_clone_yes'),
346  (string) self::COPY_CHANGE_EXISTING_OBJECTS,
347  $this->lng->txt('rbac_form_copy_roles_ce_clone_yes_info')
348  );
349  $ce_type_clone->addOption($ce_clone_yes);
350  $ce_clone_no = new \ilRadioOption(
351  $this->lng->txt('rbac_form_copy_roles_ce_clone_no'),
352  (string) 0,
353  $this->lng->txt('rbac_form_copy_roles_ce_clone_no_info')
354  );
355  $ce_type_clone->addOption($ce_clone_no);
356  $clone->addSubItem($ce_type_clone);
357 
358  if ($full_featured) {
359  $remove = new \ilRadioOption(
360  $this->lng->txt('rbac_form_copy_roles_adjust_type_remove'),
361  (string) self::COPY_REMOVE_PERMISSIONS,
362  $this->lng->txt('rbac_form_copy_roles_adjust_type_remove_info')
363  );
364  $copy_type->addOption($remove);
365  $ce_type_remove = new \ilRadioGroupInputGUI(
366  '',
367  'remove_ce_type'
368  );
369  $ce_type_remove->setRequired(true);
370  $ce_remove_yes = new \ilRadioOption(
371  $this->lng->txt('rbac_form_copy_roles_ce_remove_yes'),
372  (string) self::COPY_CHANGE_EXISTING_OBJECTS,
373  $this->lng->txt('rbac_form_copy_roles_ce_remove_yes_info')
374  );
375  $ce_type_remove->addOption($ce_remove_yes);
376  $ce_remove_no = new \ilRadioOption(
377  $this->lng->txt('rbac_form_copy_roles_ce_remove_no'),
378  (string) 0,
379  $this->lng->txt('rbac_form_copy_roles_ce_remove_no_info')
380  );
381  $ce_type_remove->addOption($ce_remove_no);
382  $remove->addSubItem($ce_type_remove);
383  }
384 
385  $form->addItem($copy_type);
386 
387  $roles = new ilHiddenInputGUI('roles');
388  $roles->setValue(implode(',', $this->initRolesFromPOST()));
389  $form->addItem($roles);
390 
391  $form->addCommandButton('roleSearchList', $this->lng->txt('back'));
392  $form->addCommandButton('adjustRole', $this->lng->txt('rbac_form_copy_roles_adjust_button'));
393  return $form;
394  }
395 
399  protected function adjustRoleObject(): void
400  {
401  $this->checkPermission('write');
402 
403  $roles = $this->initRolesFromPOST();
404  $source = $this->initCopySourceFromGET();
405 
406  $form = $this->initCopyBehaviourForm();
407  if ($form->checkInput()) {
408  $adjustment_type = $form->getInput('type');
409  foreach ((array) $roles as $role_id) {
410  if ($role_id !== $source) {
411  $start_obj = $this->rbac_review->getRoleFolderOfRole($role_id);
412  $this->logger->debug('Start object: ' . $start_obj);
413 
414  switch ($adjustment_type) {
415  case self::COPY_ADD_PERMISSIONS:
416  $change_existing = (bool) $form->getInput('add_ce_type');
417  $this->doAddRolePermissions(
418  $source,
419  $role_id
420  );
421  if ($change_existing) {
422  $this->doChangeExistingObjects(
423  $start_obj,
424  $role_id,
425  \ilObjRole::MODE_ADD_OPERATIONS,
426  $source
427  );
428  }
429  break;
430  case self::COPY_CLONE_PERMISSIONS:
431  $change_existing = (bool) $form->getInput('clone_ce_type');
432  $this->doCopyRole(
433  $source,
434  $role_id
435  );
436  if ($change_existing) {
437  $this->doChangeExistingObjects(
438  $start_obj,
439  $role_id,
440  \ilObjRole::MODE_READ_OPERATIONS,
441  $source
442  );
443  }
444  break;
445  case self::COPY_REMOVE_PERMISSIONS:
446  $change_existing = (bool) $form->getInput('remove_ce_type');
447  $this->doRemoveRolePermissions(
448  $source,
449  $role_id
450  );
451  if ($change_existing) {
452  $this->doChangeExistingObjects(
453  $start_obj,
454  $role_id,
455  \ilObjRole::MODE_REMOVE_OPERATIONS,
456  $source
457  );
458  }
459  break;
460  }
461  }
462  }
463  $this->tpl->setOnScreenMessage('success', $this->lng->txt('rbac_copy_finished'), true);
464  $this->ctrl->redirect($this, 'view');
465  }
466  }
467 
471  protected function doAddRolePermissions(int $source, int $target): void
472  {
473  $source_definition = $this->rbac_review->getRoleFolderOfRole($source);
474  $this->rbacadmin->copyRolePermissionUnion(
475  $source,
476  $source_definition,
477  $target,
478  $this->rbac_review->getRoleFolderOfRole($target),
479  $target,
480  $this->rbac_review->getRoleFolderOfRole($target)
481  );
482  }
483 
487  protected function removeRolePermissionsObject(): void
488  {
489  // Finally copy role/rolt
490  $roles = $this->initRolesFromPOST();
491  $source = $this->initCopySourceFromGET();
492 
493  $form = $this->initCopyBehaviourForm();
494  if ($form->checkInput()) {
495  foreach ((array) $roles as $role_id) {
496  if ($role_id !== $source) {
497  $this->doRemoveRolePermissions($source, $role_id);
498  }
499  }
500  $this->tpl->setOnScreenMessage('success', $this->lng->txt('rbac_copy_finished'), true);
501  $this->ctrl->redirect($this, 'view');
502  }
503  }
504 
508  protected function doRemoveRolePermissions(int $source, int $target): void
509  {
510  $this->logger->debug('Remove permission source: ' . $source);
511  $this->logger->debug('Remove permission target: ' . $target);
512  $source_obj = $this->rbac_review->getRoleFolderOfRole($source);
513  $this->rbacadmin->copyRolePermissionSubtract(
514  $source,
515  $source_obj,
516  $target,
517  $this->rbac_review->getRoleFolderOfRole($target)
518  );
519  }
520 
524  protected function doCopyRole(int $source, int $target): void
525  {
526  $target_obj = $this->rbac_review->getRoleFolderOfRole($target);
527  $source_obj = $this->rbac_review->getRoleFolderOfRole($source);
528  // Copy role template permissions
529  $this->rbacadmin->copyRoleTemplatePermissions(
530  $source,
531  $source_obj,
532  $target_obj,
533  $target
534  );
535  }
536 
540  protected function doChangeExistingObjects(
541  int $a_start_obj,
542  int $a_target_role,
543  int $a_operation_mode,
544  int $a_source_role
545  ): void {
546  if (!$a_start_obj) {
547  $this->logger->warning('Missing parameter start object.');
548  $this->logger->logStack(\ilLogLevel::WARNING);
549  throw new InvalidArgumentException('Missing parameter: start object');
550  }
551  // the mode is unchanged and read out from the target object
552  $target_ref_id = $this->rbac_review->getRoleFolderOfRole($a_target_role);
553  if ($this->rbac_review->isProtected($target_ref_id, $a_target_role)) {
554  $mode = \ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES;
555  } else {
556  $mode = \ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES;
557  }
558  $operation_stack = [];
559  if ($a_operation_mode !== \ilObjRole::MODE_READ_OPERATIONS) {
560  $operation_stack[] = $this->rbac_review->getAllOperationsOfRole($a_source_role, $this->ref_id);
561  }
562  $this->logger->debug('Current operation stack');
563  $this->logger->dump($operation_stack, ilLogLevel::DEBUG);
564 
565  $role = new ilObjRole($a_target_role);
566  $role->changeExistingObjects(
567  $a_start_obj,
568  $mode,
569  ['all'],
570  [],
571  $a_operation_mode,
572  $operation_stack
573  );
574  }
575 
579  protected function applyFilterObject(): void
580  {
581  $table = new ilRoleTableGUI($this, 'view');
582  $table->init();
583  $table->resetOffset();
584  $table->writeFilterToSession();
585 
586  $this->viewObject();
587  }
588 
592  public function resetFilterObject(): void
593  {
594  $table = new ilRoleTableGUI($this, 'view');
595  $table->init();
596  $table->resetOffset();
597  $table->resetFilter();
598 
599  $this->viewObject();
600  }
601 
605  protected function confirmDeleteObject(): void
606  {
607  $roles = $this->initRolesFromPOST();
608  if ($roles === []) {
609  $this->tpl->setOnScreenMessage('failure', $this->lng->txt('select_one'), true);
610  $this->ctrl->redirect($this, 'view');
611  }
612 
613  $question = $this->lng->txt('rbac_role_delete_qst');
614 
615  $confirm = new ilConfirmationGUI();
616  $confirm->setHeaderText($question);
617  $confirm->setFormAction($this->ctrl->getFormAction($this));
618  $confirm->setHeaderText($this->lng->txt("info_delete_sure"));
619  $confirm->setConfirm($this->lng->txt('delete'), 'deleteRole');
620  $confirm->setCancel($this->lng->txt('cancel'), 'cancel');
621 
622  foreach ($roles as $role_id) {
623  $confirm->addItem(
624  'roles[]',
625  (string) $role_id,
626  ilObjRole::_getTranslation(ilObject::_lookupTitle($role_id))
627  );
628  }
629  $this->tpl->setContent($confirm->getHTML());
630  }
631 
635  protected function deleteRoleObject(): void
636  {
637  if (!$this->rbac_system->checkAccess('delete', $this->object->getRefId())) {
638  $this->error->raiseError(
639  $this->lng->txt('msg_no_perm_delete'),
640  $this->error->MESSAGE
641  );
642  }
643 
644  foreach ($this->initRolesFromPOST() as $id) {
645  // instatiate correct object class (role or rolt)
646  $obj = ilObjectFactory::getInstanceByObjId($id, false);
647 
648  if ($obj->getType() == "role") {
649  $rolf_arr = $this->rbac_review->getFoldersAssignedToRole($obj->getId(), true);
650  $obj->setParent($rolf_arr[0]);
651  }
652 
653  $obj->delete();
654  }
655 
656  // set correct return location if rolefolder is removed
657  $this->tpl->setOnScreenMessage('success', $this->lng->txt("msg_deleted_roles_rolts"), true);
658  $this->ctrl->redirect($this, 'view');
659  }
660 
667  public function getAdminTabs(): void
668  {
669  if ($this->checkPermissionBool("visible,read")) {
670  $this->tabs_gui->addTarget(
671  "view",
672  $this->ctrl->getLinkTarget($this, "view"),
673  ["", "view"],
674  get_class($this)
675  );
676 
677  $this->tabs_gui->addTarget(
678  "settings",
679  $this->ctrl->getLinkTarget($this, "editSettings"),
680  ["editSettings"],
681  get_class($this)
682  );
683  }
684 
685  if ($this->checkPermissionBool("edit_permission")) {
686  $this->tabs_gui->addTarget(
687  "perm_settings",
688  $this->ctrl->getLinkTargetByClass(
689  [get_class($this), 'ilpermissiongui'],
690  "perm"
691  ),
692  "",
693  "ilpermissiongui"
694  );
695  }
696  }
697 
698  public function editSettingsObject(?ilPropertyFormGUI $a_form = null): void
699  {
700  if ($a_form === null) {
701  $a_form = $this->initSettingsForm();
702  }
703 
704  $this->tpl->setContent($a_form->getHTML());
705  }
706 
707  public function saveSettingsObject(): void
708  {
709  global $DIC;
710 
711  $user = $DIC->user();
712 
713  if (!$this->checkPermissionBool("write")) {
714  $this->error->raiseError($this->lng->txt('permission_denied'), $this->error->MESSAGE);
715  }
716 
717  $form = $this->initSettingsForm();
718  if ($form->checkInput()) {
719  $privacy = ilPrivacySettings::getInstance();
720  $privacy->enableRbacLog((bool) $form->getInput('rbac_log'));
721  $privacy->setRbacLogAge((int) $form->getInput('rbac_log_age'));
722  $privacy->save();
723 
724  if ($this->rbac_review->isAssigned($user->getId(), SYSTEM_ROLE_ID)) {
725  $security = ilSecuritySettings::_getInstance();
726  $security->protectedAdminRole((bool) $form->getInput('admin_role'));
727  $security->save();
728  }
729  $this->tpl->setOnScreenMessage('success', $this->lng->txt("settings_saved"), true);
730  $this->ctrl->redirect($this, "editSettings");
731  }
732 
733  $form->setValuesByPost();
734  $this->editSettingsObject($form);
735  }
736 
737  protected function initSettingsForm(): ilPropertyFormGUI
738  {
739  global $DIC;
740 
741  $user = $DIC->user();
742 
743  $this->lng->loadLanguageModule('ps');
744 
745  $privacy = ilPrivacySettings::getInstance();
746  $security = ilSecuritySettings::_getInstance();
747 
748  $form = new ilPropertyFormGUI();
749  $form->setFormAction($this->ctrl->getFormAction($this, "saveSettings"));
750  $form->setTitle($this->lng->txt('settings'));
751 
752  // protected admin
753  $admin = new ilCheckboxInputGUI($GLOBALS['DIC']['lng']->txt('adm_adm_role_protect'), 'admin_role');
754  $admin->setDisabled(!$this->rbac_review->isAssigned($user->getId(), SYSTEM_ROLE_ID));
755  $admin->setInfo($this->lng->txt('adm_adm_role_protect_info'));
756  $admin->setChecked($security->isAdminRoleProtected());
757  $admin->setValue((string) 1);
758  $form->addItem($admin);
759 
760  $check = new ilCheckboxInputGUI($this->lng->txt('rbac_log'), 'rbac_log');
761  $check->setInfo($this->lng->txt('rbac_log_info'));
762  $check->setChecked($privacy->enabledRbacLog());
763  $form->addItem($check);
764 
765  $age = new ilNumberInputGUI($this->lng->txt('rbac_log_age'), 'rbac_log_age');
766  $age->setInfo($this->lng->txt('rbac_log_age_info'));
767  $age->setValue((string) $privacy->getRbacLogAge());
768  $age->setMinValue(1);
769  $age->setMaxValue(24);
770  $age->setSize(2);
771  $age->setMaxLength(2);
772  $check->addSubItem($age);
773 
774  $form->addCommandButton('saveSettings', $this->lng->txt('save'));
775 
776  return $form;
777  }
778 
779  public function addToExternalSettingsForm(int $a_form_id): array
780  {
781  switch ($a_form_id) {
782  case ilAdministrationSettingsFormHandler::FORM_SECURITY:
783 
784  $security = ilSecuritySettings::_getInstance();
785 
786  $fields = ['adm_adm_role_protect' => [$security->isAdminRoleProtected(),
787  ilAdministrationSettingsFormHandler::VALUE_BOOL
788  ]
789  ];
790 
791  return [["editSettings", $fields]];
792 
793  case ilAdministrationSettingsFormHandler::FORM_PRIVACY:
794 
795  $privacy = ilPrivacySettings::getInstance();
796 
797  $subitems = null;
798  if ($privacy->enabledRbacLog()) {
799  $subitems = ['rbac_log_age' => $privacy->getRbacLogAge()];
800  }
801  $fields = ['rbac_log' => [$privacy->enabledRbacLog(),
802  ilAdministrationSettingsFormHandler::VALUE_BOOL,
803  $subitems
804  ]
805  ];
806 
807  return [["editSettings", $fields]];
808  }
809  return [];
810  }
811 } // END class.ilObjRoleFolderGUI
ilObjRole
Class ilObjRole.
Definition: class.ilObjRole.php:26
ilSession\get
static get(string $a_var)
Definition: class.ilSession.php:401
ilObjRoleFolderGUI\confirmDeleteObject
confirmDeleteObject()
Confirm deletion of roles.
Definition: class.ilObjRoleFolderGUI.php:605
ilObjectGUI\prepareOutput
prepareOutput(bool $show_sub_objects=true)
Definition: class.ilObjectGUI.php:301
SYSTEM_ROLE_ID
const SYSTEM_ROLE_ID
Definition: constants.php:29
ilObjRoleFolderGUI\getAdminTabs
getAdminTabs()
Add role folder tabs.
Definition: class.ilObjRoleFolderGUI.php:667
ilObjRoleFolderGUI\__construct
__construct($a_data, int $a_id, bool $a_call_by_reference)
Constructor public.
Definition: class.ilObjRoleFolderGUI.php:50
ilObjRoleFolderGUI\addToExternalSettingsForm
addToExternalSettingsForm(int $a_form_id)
Definition: class.ilObjRoleFolderGUI.php:779
ilObjRoleFolderGUI\editSettingsObject
editSettingsObject(?ilPropertyFormGUI $a_form=null)
Definition: class.ilObjRoleFolderGUI.php:698
ilObjRole\MODE_REMOVE_OPERATIONS
const MODE_REMOVE_OPERATIONS
Definition: class.ilObjRole.php:35
ilObjRoleFolderGUI
Class ilObjRoleFolderGUI.
Definition: class.ilObjRoleFolderGUI.php:32
ilRoleTableGUI
TableGUI for the presentation og roles and role templates.
Definition: class.ilRoleTableGUI.php:26
ilObjRole\MODE_PROTECTED_KEEP_LOCAL_POLICIES
const MODE_PROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:29
ilObjRole\MODE_READ_OPERATIONS
const MODE_READ_OPERATIONS
Definition: class.ilObjRole.php:34
null
while($session_entry=$r->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) return null
Definition: shib_logout.php:142
ilObjRoleFolderGUI\doRemoveRolePermissions
doRemoveRolePermissions(int $source, int $target)
do add role permission
Definition: class.ilObjRoleFolderGUI.php:508
ilHiddenInputGUI
This class represents a hidden form property in a property form.
Definition: class.ilHiddenInputGUI.php:26
ILIAS\FileDelivery\http
static http()
Fetches the global http state from ILIAS.
Definition: HttpServiceAware.php:55
ilObject\_lookupTitle
static _lookupTitle(int $obj_id)
Definition: class.ilObject.php:830
$GLOBALS
$GLOBALS["DIC"]
Definition: wac.php:53
ilNumberInputGUI
This class represents a number property in a property form.
Definition: class.ilNumberInputGUI.php:26
ilObjRole\_getTranslation
static _getTranslation(string $a_role_title)
Definition: class.ilObjRole.php:364
ilObjectGUI
Class ilObjectGUI Basic methods of all Output classes.
Definition: class.ilObjectGUI.php:46
$DIC
global $DIC
Definition: shib_login.php:22
ilObjRoleFolderGUI\initRoleSearchForm
initRoleSearchForm()
Init role search form.
Definition: class.ilObjRoleFolderGUI.php:203
ilObjRoleFolderGUI\removeRolePermissionsObject
removeRolePermissionsObject()
Remove role permissions.
Definition: class.ilObjRoleFolderGUI.php:487
ilObjRoleFolderGUI\applyFilterObject
applyFilterObject()
Apply role filter.
Definition: class.ilObjRoleFolderGUI.php:579
ilObjRoleFolderGUI\doCopyRole
doCopyRole(int $source, int $target)
Perform copy of role.
Definition: class.ilObjRoleFolderGUI.php:524
ilObjectGUI\checkPermissionBool
checkPermissionBool(string $perm, string $cmd="", string $type="", ?int $ref_id=null)
Definition: class.ilObjectGUI.php:1960
ilObjRole\MODE_ADD_OPERATIONS
const MODE_ADD_OPERATIONS
Definition: class.ilObjRole.php:33
ilObjRoleFolderGUI\resetFilterObject
resetFilterObject()
Reset role filter.
Definition: class.ilObjRoleFolderGUI.php:592
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId(?int $obj_id, bool $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:84
ILIAS\GlobalScreen\Provider\__construct
__construct(Container $dic, ilPlugin $plugin)
Definition: PluginProviderHelper.php:37
ilObjRoleFolderGUI\chooseCopyBehaviourObject
chooseCopyBehaviourObject(?ilPropertyFormGUI $form=null)
Choose option for copying roles/role templates.
Definition: class.ilObjRoleFolderGUI.php:270
ilObjRole\MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:31
ilObjRoleFolderGUI\doAddRolePermissions
doAddRolePermissions(int $source, int $target)
do add role permission
Definition: class.ilObjRoleFolderGUI.php:471
$check
$check
Definition: buildRTE.php:81
ilRbacAdmin
Class ilRbacAdmin Core functions for role based access control.
Definition: class.ilRbacAdmin.php:31
ilObjRoleFolderGUI\roleSearchFormObject
roleSearchFormObject()
Parse search query.
Definition: class.ilObjRoleFolderGUI.php:222
ilSecuritySettings\_getInstance
static _getInstance()
Get instance of ilSecuritySettings.
Definition: class.ilSecuritySettings.php:96
ilObjectGUI\checkPermission
checkPermission(string $perm, string $cmd="", string $type="", ?int $ref_id=null)
Definition: class.ilObjectGUI.php:1936
ilSession\set
static set(string $a_var, $a_val)
Set a value.
Definition: class.ilSession.php:393
ilObjRoleFolderGUI\doChangeExistingObjects
doChangeExistingObjects(int $a_start_obj, int $a_target_role, int $a_operation_mode, int $a_source_role)
Do change existing objects.
Definition: class.ilObjRoleFolderGUI.php:540
ilObjRoleFolderGUI\initCopyBehaviourForm
initCopyBehaviourForm()
Show copy behaviour form.
Definition: class.ilObjRoleFolderGUI.php:289
ilObjRoleFolderGUI\roleSearchObject
roleSearchObject()
Search target roles.
Definition: class.ilObjRoleFolderGUI.php:181