ILIAS  trunk Revision v11.0_alpha-3011-gc6b235a2e85
Public Member Functions | Static Public Member Functions | Data Fields | Protected Member Functions | Protected Attributes | Private Attributes
ilObjRole Class Reference

Class ilObjRole. More...

+ Inheritance diagram for ilObjRole:
+ Collaboration diagram for ilObjRole:

Public Member Functions

 __construct (int $a_id=0, bool $a_call_by_reference=false)
 Constructor @access public. More...
 
 validate ()
 
 getPresentationTitle ()
 get presentation title Normally same as title Overwritten for sessions More...
 
 toggleAssignUsersStatus (bool $a_assign_users)
 
 getAssignUsersStatus ()
 
 read ()
 loads "role" from database @access private More...
 
 update ()
 
 create ()
 note: title, description and type should be set when this function is called More...
 
 setAllowRegister (bool $a_allow_register)
 
 getAllowRegister ()
 
 setParent (int $a_parent_ref)
 set reference id of parent object this is neccessary for non RBAC protected objects!!! More...
 
 getParent ()
 get reference id of parent object More...
 
 delete ()
 delete role and all related data @access public More...
 
 getCountMembers ()
 Get number of users assigned to role. More...
 
 __getPermissionDefinitions ()
 
 isAutoGenerated ()
 
 changeExistingObjects (int $a_start_node, int $a_mode, array $a_filter, array $a_exclusion_filter=[], int $a_operation_mode=self::MODE_READ_OPERATIONS, array $a_operation_stack=[])
 Change existing objects. More...
 
- Public Member Functions inherited from ilObject
 getObjectProperties ()
 
 flushObjectProperties ()
 
 withReferences ()
 determines whether objects are referenced or not (got ref ids or not) More...
 
 processAutoRating ()
 
 read ()
 
 getId ()
 
 setId (int $id)
 
 setRefId (int $ref_id)
 
 getRefId ()
 
 getType ()
 
 setType (string $type)
 
 getPresentationTitle ()
 get presentation title Normally same as title Overwritten for sessions More...
 
 getTitle ()
 
 getUntranslatedTitle ()
 Get untranslated object title WebDAV needs to access the untranslated title of an object. More...
 
 setTitle (string $title)
 
 getDescription ()
 
 setDescription (string $description)
 
 getLongDescription ()
 get object long description (stored in object_description) More...
 
 getImportId ()
 
 setImportId (string $import_id)
 
 setOfflineStatus (bool $status)
 
 getOfflineStatus ()
 
 supportsOfflineHandling ()
 
 getOwner ()
 
 getOwnerName ()
 get full name of object owner More...
 
 setOwner (int $usr_id)
 
 getCreateDate ()
 Get create date in YYYY-MM-DD HH-MM-SS format. More...
 
 getLastUpdateDate ()
 Get last update date in YYYY-MM-DD HH-MM-SS format. More...
 
 create ()
 note: title, description and type should be set when this function is called More...
 
 update ()
 
 MDUpdateListener (string $element)
 Metadata update listener. More...
 
 createMetaData ()
 
 updateMetaData ()
 
 deleteMetaData ()
 
 updateOwner ()
 update owner of object in db More...
 
 putInTree (int $parent_ref_id)
 maybe this method should be in tree object!? More...
 
 setPermissions (int $parent_ref_id)
 
 setParentRolePermissions (int $parent_ref_id)
 Initialize the permissions of parent roles (local roles of categories, global roles...) This method is overwritten in e.g. More...
 
 createReference ()
 creates reference for object More...
 
 countReferences ()
 
 delete ()
 delete object or referenced object (in the case of a referenced object, object data is only deleted if last reference is deleted) This function removes an object entirely from system!! More...
 
 initDefaultRoles ()
 init default roles settings Purpose of this function is to create a local role folder and local roles, that are needed depending on the object type. More...
 
 applyDidacticTemplate (int $tpl_id)
 
 getXMLZip ()
 
 getHTMLDirectory ()
 
 appendCopyInfo (int $target_id, int $copy_id, int $new_obj_id)
 Prepend Copy info if object with same name exists in that container. More...
 
 cloneDependencies (int $target_id, int $copy_id)
 Clone object dependencies. More...
 
 cloneMetaData (ilObject $target_obj)
 Copy meta data. More...
 
 selfOrParentWithRatingEnabled ()
 
 getPossibleSubObjects (bool $filter=true)
 get all possible sub objects of this type the object can decide which types of sub objects are possible jut in time overwrite if the decision distinguish from standard model More...
 

Static Public Member Functions

static createDefaultRole (string $a_title, string $a_description, string $a_tpl_name, int $a_ref_id)
 
static _getAssignUsersStatus (int $a_role_id)
 
static _lookupRegisterAllowed ()
 get all roles that are activated in user registration More...
 
static _lookupAllowRegister (int $a_role_id)
 check whether role is allowed in user registration or not More...
 
static _getTranslation (string $a_role_title)
 
static _removeObjectId (string $a_role_title)
 
static _updateAuthMode (array $a_roles)
 
static _getAuthMode (int $a_role_id)
 
static _getRolesByAuthMode (string $a_auth_mode)
 Get roles by auth mode @access public. More...
 
static _resetAuthMode (string $a_auth_mode)
 Reset auth mode to default. More...
 
- Static Public Member Functions inherited from ilObject
static _lookupObjIdByImportId (string $import_id)
 Get (latest) object id for an import id. More...
 
static _lookupImportId (int $obj_id)
 
static _lookupOwnerName (int $owner_id)
 Lookup owner name for owner id. More...
 
static _getIdForImportId (string $import_id)
 
static _getAllReferences (int $id)
 get all reference ids for object ID More...
 
static _lookupTitle (int $obj_id)
 
static lookupOfflineStatus (int $obj_id)
 Lookup offline status using objectDataCache. More...
 
static _lookupOwner (int $obj_id)
 Lookup owner user ID for object ID. More...
 
static _getIdsForTitle (string $title, string $type='', bool $partial_match=false)
 
static _lookupDescription (int $obj_id)
 
static _lookupLastUpdate (int $obj_id, bool $formatted=false)
 
static _getLastUpdateOfObjects (array $obj_ids)
 
static _lookupObjId (int $ref_id)
 
static _setDeletedDate (int $ref_id, int $deleted_by)
 
static setDeletedDates (array $ref_ids, int $user_id)
 
static _resetDeletedDate (int $ref_id)
 
static _lookupDeletedDate (int $ref_id)
 
static _writeTitle (int $obj_id, string $title)
 write title to db (static) More...
 
static _writeDescription (int $obj_id, string $desc)
 write description to db (static) More...
 
static _writeImportId (int $obj_id, string $import_id)
 write import id to db (static) More...
 
static _lookupType (int $id, bool $reference=false)
 
static _isInTrash (int $ref_id)
 
static _hasUntrashedReference (int $obj_id)
 checks whether an object has at least one reference that is not in trash More...
 
static _lookupObjectId (int $ref_id)
 
static _getObjectsDataForType (string $type, bool $omit_trash=false)
 get all objects of a certain type More...
 
static _exists (int $id, bool $reference=false, ?string $type=null)
 checks if an object exists in object_data More...
 
static _getObjectsByType (string $obj_type="", ?int $owner=null)
 
static _prepareCloneSelection (array $ref_ids, string $new_type, bool $show_path=true)
 Prepare copy wizard object selection. More...
 
static getIconForType (string $type)
 
static _getIcon (int $obj_id=0, string $size="big", string $type="", bool $offline=false)
 Get icon for repository item. More...
 
static collectDeletionDependencies (array &$deps, int $ref_id, int $obj_id, string $type, int $depth=0)
 Collect deletion dependencies. More...
 
static getDeletionDependencies (int $obj_id)
 Get deletion dependencies. More...
 
static getLongDescriptions (array $obj_ids)
 
static getAllOwnedRepositoryObjects (int $user_id)
 
static fixMissingTitles ($type, array &$obj_title_map)
 Try to fix missing object titles. More...
 
static _lookupCreationDate (int $obj_id)
 
static _getObjectTypeIdByTitle (string $type, ?\ilDBInterface $ilDB=null)
 

Data Fields

const MODE_PROTECTED_DELETE_LOCAL_POLICIES = 1
 
const MODE_PROTECTED_KEEP_LOCAL_POLICIES = 2
 
const MODE_UNPROTECTED_DELETE_LOCAL_POLICIES = 3
 
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES = 4
 
const MODE_ADD_OPERATIONS = 1
 
const MODE_READ_OPERATIONS = 2
 
const MODE_REMOVE_OPERATIONS = 3
 
int $parent = null
 
- Data Fields inherited from ilObject
const TITLE_LENGTH = 255
 
const DESC_LENGTH = 128
 
const LONG_DESC_LENGTH = 4000
 
const TABLE_OBJECT_DATA = "object_data"
 
array $objectList
 
string $untranslatedTitle
 

Protected Member Functions

 deleteLocalPolicies (int $a_start, array $a_policies, array $a_filter)
 
 adjustPermissions (int $a_mode, array $a_nodes, array $a_policies, array $a_filter, array $a_exclusion_filter=[], int $a_operation_mode=self::MODE_READ_OPERATIONS, array $a_operation_stack=[])
 
 changeExistingObjectsGrantPermissions (int $a_role_id, array $a_permissions, int $a_ref_id, int $a_operation_mode)
 
 isHandledObjectType (array $a_filter, array $a_exclusion_filter, string $a_type)
 
 updateOperationStack (array &$a_stack, int $a_node, bool $a_init=false)
 Update operation stack. More...
 
 updatePolicyStack (array &$a_stack, int $a_node)
 
 createPermissionIntersection (array $policy_stack, array $a_current_ops, int $a_id, string $a_type)
 Create permission intersection. More...
 
- Protected Member Functions inherited from ilObject
 doMDUpdateListener (string $a_element)
 
 beforeMDUpdateListener (string $a_element)
 
 doCreateMetaData ()
 
 beforeCreateMetaData ()
 
 doUpdateMetaData ()
 
 beforeUpdateMetaData ()
 
 doDeleteMetaData ()
 
 beforeDeleteMetaData ()
 
 handleAutoRating ()
 
 hasAutoRating ()
 

Protected Attributes

bool $allow_register = false
 
bool $assign_users = false
 
- Protected Attributes inherited from ilObject
ilLogger $obj_log
 
ILIAS $ilias
 
ilObjectDefinition $obj_definition
 
ilDBInterface $db
 
ilLogger $log
 
ilErrorHandling $error
 
ilTree $tree
 
ilAppEventHandler $app_event_handler
 
ilRbacAdmin $rbac_admin
 
ilRbacReview $rbac_review
 
ilObjUser $user
 
ilLanguage $lng
 
LOMServices $lom_services
 
bool $call_by_reference
 
int $max_title = self::TITLE_LENGTH
 
int $max_desc = self::DESC_LENGTH
 
bool $add_dots = true
 
int $ref_id = null
 
string $type = ""
 
string $title = ""
 
string $desc = ""
 
string $long_desc = ""
 
int $owner = 0
 
string $create_date = ""
 
string $last_update = ""
 
string $import_id = ""
 
bool $register = false
 

Private Attributes

ilLogger $logger
 

Detailed Description

Class ilObjRole.

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om

Definition at line 26 of file class.ilObjRole.php.

Constructor & Destructor Documentation

◆ __construct()

ilObjRole::__construct ( int  $a_id = 0,
bool  $a_call_by_reference = false 
)

Constructor @access public.

Parameters
intreference_id or object_id
booltreat the id as reference_id (true) or object_id (false)

Definition at line 50 of file class.ilObjRole.php.

51 {
52 global $DIC;
53
54 $this->logger = $DIC->logger()->ac();
55 $this->type = "role";
56 parent::__construct($a_id, $a_call_by_reference);
57 }
ILIAS\GlobalScreen\Provider\__construct
__construct(Container $dic, ilPlugin $plugin)
@inheritDoc
Definition: PluginProviderHelper.php:38
$DIC
global $DIC
Definition: shib_login.php:26

References $DIC, ILIAS\GlobalScreen\Provider\__construct(), and ILIAS\Repository\logger().

+ Here is the call graph for this function:

Member Function Documentation

◆ __getPermissionDefinitions()

ilObjRole::__getPermissionDefinitions ( )

Definition at line 501 of file class.ilObjRole.php.

501 : array
502 {
503 $operation_info = $this->rbac_review->getOperationAssignment();
504 $rbac_objects = $rbac_operations = [];
505 foreach ($operation_info as $info) {
506 if ($this->obj_definition->getDevMode($info['type'])) {
507 continue;
508 }
509 $rbac_objects[$info['typ_id']] = ["obj_id" => $info['typ_id'],
510 "type" => $info['type']
511 ];
512
513 // handle plugin permission texts
514 $txt = $this->obj_definition->isPlugin($info['type'])
515 ? ilObjectPlugin::lookupTxtById($info['type'], $info['type'] . "_" . $info['operation'])
516 : $this->lng->txt($info['type'] . "_" . $info['operation']);
517 if (substr($info['operation'], 0, 7) == "create_" &&
518 $this->obj_definition->isPlugin(substr($info['operation'], 7))) {
519 $txt = ilObjectPlugin::lookupTxtById(
520 substr($info['operation'], 7),
521 $info['type'] . "_" . $info['operation']
522 );
523 }
524 $rbac_operations[$info['typ_id']][$info['ops_id']] = [
525 "ops_id" => $info['ops_id'],
526 "title" => $info['operation'],
527 "name" => $txt
528 ];
529 }
530 return [$rbac_objects, $rbac_operations];
531 }
ilObjectPlugin\lookupTxtById
static lookupTxtById(string $plugin_id, string $lang_var)
Definition: class.ilObjectPlugin.php:55
$info
$info
Definition: entry_point.php:21
$txt
$txt
Definition: error.php:31

References $info, $txt, ILIAS\Repository\lng(), and ilObjectPlugin\lookupTxtById().

+ Here is the call graph for this function:

◆ _getAssignUsersStatus()

static ilObjRole::_getAssignUsersStatus ( int  $a_role_id)
static

Definition at line 141 of file class.ilObjRole.php.

141 : bool
142 {
143 global $DIC;
144
145 $ilDB = $DIC->database();
146 $query = "SELECT assign_users FROM role_data WHERE role_id = " . $ilDB->quote($a_role_id, 'integer') . " ";
147 $res = $ilDB->query($query);
148 while ($row = $ilDB->fetchObject($res)) {
149 return (bool) $row->assign_users;
150 }
151 return false;
152 }
$res
$res
Definition: ltiservices.php:69

References $DIC, $ilDB, and $res.

Referenced by ilRbacReview\getGlobalAssignableRoles(), ilSoapUserAdministration\importUsers(), ilObjUserGUI\initCreate(), ilObjUserFolderGUI\initUserRoleAssignmentForm(), ilSoapUserAdministration\isPermittedRole(), and ilObjUserFolderGUI\redirectOnRoleWithMissingWrite().

+ Here is the caller graph for this function:

◆ _getAuthMode()

static ilObjRole::_getAuthMode ( int  $a_role_id)
static

Definition at line 452 of file class.ilObjRole.php.

452 : string
453 {
454 global $DIC;
455
456 $ilDB = $DIC['ilDB'];
457
458 $query = "SELECT auth_mode FROM role_data " .
459 "WHERE role_id= " . $ilDB->quote($a_role_id, 'integer') . " ";
460 $res = $ilDB->query($query);
461 $row = $ilDB->fetchAssoc($res);
462
463 return $row['auth_mode'];
464 }

References $DIC, $ilDB, and $res.

◆ _getRolesByAuthMode()

static ilObjRole::_getRolesByAuthMode ( string  $a_auth_mode)
static

Get roles by auth mode @access public.

Parameters
stringauth mode
Returns
int[]

Definition at line 472 of file class.ilObjRole.php.

472 : array
473 {
474 global $DIC;
475
476 $ilDB = $DIC['ilDB'];
477
478 $query = "SELECT * FROM role_data " .
479 "WHERE auth_mode = " . $ilDB->quote($a_auth_mode, 'text');
480 $res = $ilDB->query($query);
481 $roles = [];
482 while ($row = $ilDB->fetchObject($res)) {
483 $roles[] = $row->role_id;
484 }
485 return $roles;
486 }

References $DIC, $ilDB, and $res.

◆ _getTranslation()

static ilObjRole::_getTranslation ( string  $a_role_title)
static

Definition at line 364 of file class.ilObjRole.php.

364 : string
365 {
366 global $DIC;
367
368 $lng = $DIC->language();
369 $objDefinition = $DIC['objDefinition'];
370
371 $role_title = self::_removeObjectId($a_role_title);
372
373 if (preg_match("/^il_([a-z]{1,4})_./", $role_title, $type)) {
374 //BT ID 0032909: language variables for roles from plugins were not resolved properly
375 if ($objDefinition->isPlugin($type[1])) {
376 return ilObjectPlugin::lookupTxtById($type[1], $role_title);
377 }
378 return $lng->txt($role_title);
379 }
380 return $a_role_title;
381 }
ilLanguage\txt
txt(string $a_topic, string $a_default_lang_fallback_mod="")
gets the text for a given topic if the topic is not in the list, the topic itself with "-" will be re...
Definition: class.ilLanguage.php:170
ilObjRole\_removeObjectId
static _removeObjectId(string $a_role_title)
Definition: class.ilObjRole.php:386
ilObject\$lng
ilLanguage $lng
Definition: class.ilObject.php:58
ilObject\$type
string $type
Definition: class.ilObject.php:68

References $DIC, $lng, and ilObjectPlugin\lookupTxtById().

Referenced by ilDclTableViewEditGUI\__construct(), ilRecommendedContentRoleTableGUI\__construct(), ilCourseEditParticipantsTableGUI\__construct(), ilObjRoleGUI\addAdminLocatorItems(), ilObjRoleTemplateGUI\addAdminLocatorItems(), ilObjRoleGUI\addLocatorItems(), ilObjRoleGUI\adoptPermObject(), ilObjRoleGUI\adoptPermSaveObject(), ilMailMemberSearchDataProvider\buildRoleTitle(), ilObjRoleFolderGUI\confirmDeleteObject(), ilObjRoleGUI\confirmDeleteRoleObject(), ilObjectRolePermissionTableGUI\createTitle(), ilRoleAssignmentTableGUI\fillRow(), ilObjBlog\getAllLocalRoles(), ilObjectPermissionStatusGUI\getAssignedValidRoles(), ilObjectPermissionStatusGUI\getAvailableRolesTableData(), ilObjCourse\getLocalCourseRoles(), ilObjGroup\getLocalGroupRoles(), ilLearningSequenceRoles\getLocalLearningSequenceRoles(), ilObjGroupGUI\getLocalRoles(), ilObjLearningSequenceGUI\getLocalRoles(), ilObjCourseGUI\getLocalRoles(), ilSessionParticipantsTableGUI\getParentLocalRoles(), getPresentationTitle(), ilObjRoleTemplate\getPresentationTitle(), ilLTIProviderObjectSettingGUI\getRoleSelection(), ilObjBlog\getRolesWithContributeOrRedact(), ilObjRoleTemplateGUI\getRoleTemplateForm(), ilSettingsPermissionGUI\initPermissionForm(), ilPermissionGUI\initRoleForm(), ilRoleTableGUI\parse(), ilRoleAssignmentTableGUI\parse(), ILIAS\AccessControl\Log\Table\parseChangesFaPa(), ilPermissionGUI\showConfirmBlockRole(), and ilSoapRoleObjectXMLWriter\start().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ _lookupAllowRegister()

static ilObjRole::_lookupAllowRegister ( int  $a_role_id)
static

check whether role is allowed in user registration or not

Definition at line 240 of file class.ilObjRole.php.

240 : bool
241 {
242 global $DIC;
243
244 $ilDB = $DIC['ilDB'];
245
246 $query = "SELECT * FROM role_data " .
247 " WHERE role_id =" . $ilDB->quote($a_role_id, 'integer');
248
249 $res = $ilDB->query($query);
250 if ($role_rec = $ilDB->fetchAssoc($res)) {
251 if ($role_rec["allow_register"]) {
252 return true;
253 }
254 }
255 return false;
256 }

References $DIC, $ilDB, and $res.

Referenced by ilRegistrationSettingsGUI\initRolesForm(), and ilAccountRegistrationGUI\saveForm().

+ Here is the caller graph for this function:

◆ _lookupRegisterAllowed()

static ilObjRole::_lookupRegisterAllowed ( )
static

get all roles that are activated in user registration

Definition at line 217 of file class.ilObjRole.php.

217 : array
218 {
219 global $DIC;
220
221 $ilDB = $DIC->database();
222 $query = "SELECT * FROM role_data " .
223 "JOIN object_data ON object_data.obj_id = role_data.role_id " .
224 "WHERE allow_register = 1";
225 $res = $ilDB->query($query);
226
227 $roles = [];
228 while ($role = $ilDB->fetchAssoc($res)) {
229 $roles[] = ["id" => (int) $role["obj_id"],
230 "title" => (string) $role["title"],
231 "auth_mode" => (string) $role['auth_mode']
232 ];
233 }
234 return $roles;
235 }

References $DIC, $ilDB, $res, and ILIAS\Repository\int().

Referenced by ilObjAuthSettingsGUI\buildRegistrationRoleMappingForm(), ilAccountRegistrationGUI\buildRolesInput(), ilRegistrationSettingsGUI\initRoleAccessForm(), ilRegistrationSettingsGUI\prepareAccessLimitationRoleList(), ilRegistrationSettingsGUI\prepareRoleList(), and ilRegistrationSettingsGUI\saveRoleAccessLimitations().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ _removeObjectId()

static ilObjRole::_removeObjectId ( string  $a_role_title)
static
Todo:
rename of remove method

Definition at line 386 of file class.ilObjRole.php.

386 : string
387 {
388 $role_title_parts = explode('_', $a_role_title);
389
390 $test2 = (int) ($role_title_parts[3] ?? 0);
391 if ($test2 > 0) {
392 unset($role_title_parts[3]);
393 }
394
395 return implode('_', $role_title_parts);
396 }

References ILIAS\Repository\int().

Referenced by ilObjectRolePermissionTableGUI\createTitle(), and ilObjectPermissionStatusGUI\getAvailableRolesTableData().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ _resetAuthMode()

static ilObjRole::_resetAuthMode ( string  $a_auth_mode)
static

Reset auth mode to default.

Definition at line 491 of file class.ilObjRole.php.

491 : void
492 {
493 global $DIC;
494
495 $ilDB = $DIC['ilDB'];
496
497 $query = "UPDATE role_data SET auth_mode = 'default' WHERE auth_mode = " . $ilDB->quote($a_auth_mode, 'text');
498 $res = $ilDB->manipulate($query);
499 }

References $DIC, $ilDB, and $res.

◆ _updateAuthMode()

static ilObjRole::_updateAuthMode ( array  $a_roles)
static

Definition at line 439 of file class.ilObjRole.php.

439 : void
440 {
441 global $DIC;
442
443 $ilDB = $DIC->database();
444 foreach ($a_roles as $role_id => $auth_mode) {
445 $query = "UPDATE role_data SET " .
446 "auth_mode= " . $ilDB->quote($auth_mode, 'text') . " " .
447 "WHERE role_id= " . $ilDB->quote($role_id, 'integer') . " ";
448 $res = $ilDB->manipulate($query);
449 }
450 }

References $DIC, $ilDB, and $res.

Referenced by ilObjAuthSettingsGUI\updateRegistrationRoleMappingObject().

+ Here is the caller graph for this function:

◆ adjustPermissions()

ilObjRole::adjustPermissions ( int  $a_mode,
array  $a_nodes,
array  $a_policies,
array  $a_filter,
array  $a_exclusion_filter = [],
int  $a_operation_mode = self::MODE_READ_OPERATIONS,
array  $a_operation_stack = [] 
)
protected

Definition at line 607 of file class.ilObjRole.php.

615 : void {
616 $operation_stack = [];
617 $policy_stack = [];
618 $node_stack = [];
619
620 $start_node = current($a_nodes);
621 $node_stack[] = $start_node;
622 $this->updatePolicyStack($policy_stack, $start_node['child']);
623
624 if ($a_operation_mode == self::MODE_READ_OPERATIONS) {
625 $this->updateOperationStack($operation_stack, $start_node['child'], true);
626 } else {
627 $operation_stack = $a_operation_stack;
628 }
629
630 $this->logger->debug('adjust permissions operation stack');
631 $this->logger->dump($operation_stack, ilLogLevel::DEBUG);
632
633 $rbac_log_active = ilRbacLog::isActive();
634
635 $local_policy = false;
636 foreach ($a_nodes as $node) {
637 $cmp_node = end($node_stack);
638 while ($relation = $this->tree->getRelationOfNodes($node, $cmp_node)) {
639 switch ($relation) {
640 case ilTree::RELATION_NONE:
641 case ilTree::RELATION_SIBLING:
642 $this->logger->debug('Handling sibling/none relation.');
643 array_pop($operation_stack);
644 array_pop($policy_stack);
645 array_pop($node_stack);
646 $cmp_node = end($node_stack);
647 $local_policy = false;
648 break;
649
650 case ilTree::RELATION_CHILD:
651 case ilTree::RELATION_EQUALS:
652 case ilTree::RELATION_PARENT:
653 default:
654 $this->logger->debug('Handling child/equals/parent ' . $relation);
655 break 2;
656 }
657 }
658
659 if ($local_policy) {
660 continue;
661 }
662
663 // Start node => set permissions and continue
664 if ($node['child'] == $start_node['child']) {
665 if ($this->isHandledObjectType($a_filter, $a_exclusion_filter, $node['type'])) {
666 if ($rbac_log_active) {
667 $rbac_log_roles = $this->rbac_review->getParentRoleIds($node['child'], false);
668 $rbac_log_old = ilRbacLog::gatherFaPa((int) $node['child'], array_keys($rbac_log_roles));
669 }
670
671 // Set permissions
672 $perms = end($operation_stack);
673 $this->changeExistingObjectsGrantPermissions(
674 $this->getId(),
675 (array) ($perms[$node['type']] ?? []),
676 $node['child'],
677 $a_operation_mode
678 );
679
680 if ($rbac_log_active) {
681 $rbac_log_new = ilRbacLog::gatherFaPa((int) $node['child'], array_keys($rbac_log_roles));
682 $rbac_log = ilRbacLog::diffFaPa($rbac_log_old, $rbac_log_new);
683 ilRbacLog::add(ilRbacLog::EDIT_TEMPLATE_EXISTING, $node['child'], $rbac_log);
684 }
685 }
686 continue;
687 }
688
689 // Node has local policies => update permission stack and continue
690 if (in_array($node['child'], $a_policies) && $node['child'] != SYSTEM_FOLDER_ID) {
691 $local_policy = true;
692 $this->updatePolicyStack($policy_stack, $node['child']);
693 $this->updateOperationStack($operation_stack, $node['child']);
694 $node_stack[] = $node;
695 continue;
696 }
697
698 // Continue if this object type is not in filter
699 if (!$this->isHandledObjectType($a_filter, $a_exclusion_filter, $node['type'])) {
700 continue;
701 }
702
703 if ($rbac_log_active) {
704 $rbac_log_roles = $this->rbac_review->getParentRoleIds($node['child'], false);
705 $rbac_log_old = ilRbacLog::gatherFaPa((int) $node['child'], array_keys($rbac_log_roles));
706 }
707
708 // Node is course or group => create permission intersection
709 if (
710 ($a_mode == self::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES || $a_mode == self::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES) &&
711 ($node['type'] == 'crs' || $node['type'] == 'grp')
712 ) {
713 // Copy role permission intersection
714 $perms = end($operation_stack);
715 $this->createPermissionIntersection(
716 $policy_stack,
717 $perms[$node['type']] ?? [],
718 $node['child'],
719 $node['type']
720 );
721 if ($this->updateOperationStack($operation_stack, $node['child'])) {
722 $this->updatePolicyStack($policy_stack, $node['child']);
723 $node_stack[] = $node;
724 }
725 }
726
727 // Set permission
728 $perms = end($operation_stack);
729 $this->changeExistingObjectsGrantPermissions(
730 $this->getId(),
731 (array) ($perms[$node['type']] ?? []),
732 $node['child'],
733 $a_operation_mode
734 );
735 if ($rbac_log_active) {
736 $rbac_log_new = ilRbacLog::gatherFaPa((int) $node['child'], array_keys($rbac_log_roles));
737 $rbac_log = ilRbacLog::diffFaPa($rbac_log_old, $rbac_log_new);
738 ilRbacLog::add(ilRbacLog::EDIT_TEMPLATE_EXISTING, $node['child'], $rbac_log);
739 }
740 }
741 }
$relation
$relation
Definition: LOMStructure.php:417
ilObjRole\isHandledObjectType
isHandledObjectType(array $a_filter, array $a_exclusion_filter, string $a_type)
Definition: class.ilObjRole.php:794
ilObjRole\updatePolicyStack
updatePolicyStack(array &$a_stack, int $a_node)
Definition: class.ilObjRole.php:846
ilObjRole\createPermissionIntersection
createPermissionIntersection(array $policy_stack, array $a_current_ops, int $a_id, string $a_type)
Create permission intersection.
Definition: class.ilObjRole.php:869
ilObjRole\changeExistingObjectsGrantPermissions
changeExistingObjectsGrantPermissions(int $a_role_id, array $a_permissions, int $a_ref_id, int $a_operation_mode)
Definition: class.ilObjRole.php:743
ilObjRole\updateOperationStack
updateOperationStack(array &$a_stack, int $a_node, bool $a_init=false)
Update operation stack.
Definition: class.ilObjRole.php:809
ilRbacLog\add
static add(int $action, int $ref_id, array $diff, bool $source_ref_id=false)
Definition: class.ilRbacLog.php:226
ilRbacLog\EDIT_TEMPLATE_EXISTING
const EDIT_TEMPLATE_EXISTING
Definition: class.ilRbacLog.php:39
ilRbacLog\gatherFaPa
static gatherFaPa(int $ref_id, array $role_ids, bool $add_action=false)
Definition: class.ilRbacLog.php:127
ilRbacLog\diffFaPa
static diffFaPa(array $old, array $new)
Definition: class.ilRbacLog.php:160
ilRbacLog\isActive
static isActive()
Definition: class.ilRbacLog.php:122
ilTree\RELATION_EQUALS
const RELATION_EQUALS
Definition: class.ilTree.php:40
ilTree\RELATION_PARENT
const RELATION_PARENT
Definition: class.ilTree.php:38
ilTree\RELATION_NONE
const RELATION_NONE
Definition: class.ilTree.php:41
ilTree\RELATION_SIBLING
const RELATION_SIBLING
Definition: class.ilTree.php:39
ilTree\RELATION_CHILD
const RELATION_CHILD
Definition: class.ilTree.php:37
SYSTEM_FOLDER_ID
const SYSTEM_FOLDER_ID
Definition: constants.php:35

◆ changeExistingObjects()

ilObjRole::changeExistingObjects ( int  $a_start_node,
int  $a_mode,
array  $a_filter,
array  $a_exclusion_filter = [],
int  $a_operation_mode = self::MODE_READ_OPERATIONS,
array  $a_operation_stack = [] 
)

Change existing objects.

Parameters
arrayfilter Filter of object types (array('all') => change all objects

Definition at line 542 of file class.ilObjRole.php.

549 : void {
550 // Get node info of subtree
551 $nodes = $this->tree->getRbacSubtreeInfo($a_start_node);
552
553 // get local policies
554 $all_local_policies = $this->rbac_review->getObjectsWithStopedInheritance($this->getId());
555
556 // filter relevant roles
557 $local_policies = [];
558 foreach ($all_local_policies as $lp) {
559 if (isset($nodes[$lp])) {
560 $local_policies[] = $lp;
561 }
562 }
563
564 // Delete deprecated policies
565 switch ($a_mode) {
566 case self::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES:
567 case self::MODE_PROTECTED_DELETE_LOCAL_POLICIES:
568 $local_policies = $this->deleteLocalPolicies($a_start_node, $local_policies, $a_filter);
569 break;
570 }
571 $this->adjustPermissions(
572 $a_mode,
573 $nodes,
574 $local_policies,
575 $a_filter,
576 $a_exclusion_filter,
577 $a_operation_mode,
578 $a_operation_stack
579 );
580 }
ilObjRole\MODE_PROTECTED_DELETE_LOCAL_POLICIES
const MODE_PROTECTED_DELETE_LOCAL_POLICIES
Definition: class.ilObjRole.php:28
ilObjRole\MODE_UNPROTECTED_DELETE_LOCAL_POLICIES
const MODE_UNPROTECTED_DELETE_LOCAL_POLICIES
Definition: class.ilObjRole.php:30
ilObjRole\deleteLocalPolicies
deleteLocalPolicies(int $a_start, array $a_policies, array $a_filter)
Definition: class.ilObjRole.php:582
ilObjRole\adjustPermissions
adjustPermissions(int $a_mode, array $a_nodes, array $a_policies, array $a_filter, array $a_exclusion_filter=[], int $a_operation_mode=self::MODE_READ_OPERATIONS, array $a_operation_stack=[])
Definition: class.ilObjRole.php:607

◆ changeExistingObjectsGrantPermissions()

ilObjRole::changeExistingObjectsGrantPermissions ( int  $a_role_id,
array  $a_permissions,
int  $a_ref_id,
int  $a_operation_mode 
)
protected

Definition at line 743 of file class.ilObjRole.php.

748 : void {
749 global $DIC;
750
751 $admin = $DIC->rbac()->admin();
752 $review = $DIC->rbac()->review();
753 if ($a_operation_mode == self::MODE_READ_OPERATIONS) {
754 $admin->grantPermission(
755 $a_role_id,
756 $a_permissions,
757 $a_ref_id
758 );
759 } elseif ($a_operation_mode == self::MODE_ADD_OPERATIONS) {
760 $current_operations = $review->getRoleOperationsOnObject(
761 $a_role_id,
762 $a_ref_id
763 );
764 $this->logger->debug('Current operations');
765 $this->logger->dump($current_operations);
766
767 $new_ops = array_unique(array_merge($a_permissions, $current_operations));
768 $this->logger->debug('New operations');
769 $this->logger->dump($new_ops);
770
771 $admin->grantPermission(
772 $a_role_id,
773 $new_ops,
774 $a_ref_id
775 );
776 } elseif ($a_operation_mode == self::MODE_REMOVE_OPERATIONS) {
777 $current_operations = $review->getRoleOperationsOnObject(
778 $a_role_id,
779 $a_ref_id
780 );
781 $this->logger->debug('Current operations');
782 $this->logger->dump($current_operations);
783
784 $new_ops = array_diff($current_operations, $a_permissions);
785
786 $admin->grantPermission(
787 $a_role_id,
788 $new_ops,
789 $a_ref_id
790 );
791 }
792 }

◆ create()

ilObjRole::create ( )

note: title, description and type should be set when this function is called

Reimplemented from ilObject.

Definition at line 188 of file class.ilObjRole.php.

188 : int
189 {
190 global $DIC;
191
192 $this->id = parent::create();
193 $query = "INSERT INTO role_data " .
194 "(role_id,allow_register,assign_users) " .
195 "VALUES " .
196 "(" . $this->db->quote($this->id, 'integer') . "," .
197 $this->db->quote($this->getAllowRegister(), 'integer') . "," .
198 $this->db->quote($this->getAssignUsersStatus(), 'integer') . ")";
199 $res = $this->db->query($query);
200
201 return $this->id;
202 }
$id
$id
plugin.php for ilComponentBuildPluginInfoObjectiveTest::testAddPlugins
Definition: plugin.php:23

References $DIC, $id, and $res.

◆ createDefaultRole()

static ilObjRole::createDefaultRole ( string  $a_title,
string  $a_description,
string  $a_tpl_name,
int  $a_ref_id 
)
static

Definition at line 59 of file class.ilObjRole.php.

64 : ?ilObjRole {
65 global $DIC;
66
67 $ilDB = $DIC->database();
68
69 // SET PERMISSION TEMPLATE OF NEW LOCAL CONTRIBUTOR ROLE
70 $res = $ilDB->query("SELECT obj_id FROM object_data " .
71 " WHERE type=" . $ilDB->quote("rolt", "text") .
72 " AND title=" . $ilDB->quote($a_tpl_name, "text"));
73 $tpl_id = 0;
74 while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
75 $tpl_id = (int) $row->obj_id;
76 }
77 if (!$tpl_id) {
78 return null;
79 }
80
81 $role = new ilObjRole();
82 $role->setTitle($a_title);
83 $role->setDescription($a_description);
84 $role->create();
85
86 $GLOBALS['DIC']['rbacadmin']->assignRoleToFolder($role->getId(), $a_ref_id, 'y');
87 $GLOBALS['DIC']['rbacadmin']->copyRoleTemplatePermissions(
88 $tpl_id,
89 ROLE_FOLDER_ID,
90 $a_ref_id,
91 $role->getId()
92 );
93
94 $ops = $GLOBALS['DIC']['rbacreview']->getOperationsOfRole(
95 $role->getId(),
96 ilObject::_lookupType($a_ref_id, true),
97 $a_ref_id
98 );
99 $GLOBALS['DIC']['rbacadmin']->grantPermission(
100 $role->getId(),
101 $ops,
102 $a_ref_id
103 );
104 return $role;
105 }
ilObjRole
Class ilObjRole.
Definition: class.ilObjRole.php:27
ilObject\_lookupType
static _lookupType(int $id, bool $reference=false)
Definition: class.ilObject.php:1101
ROLE_FOLDER_ID
const ROLE_FOLDER_ID
Definition: constants.php:34
$GLOBALS
$GLOBALS["DIC"]
Definition: wac.php:54

References ILIAS\Repository\int().

Referenced by ilObjChatroom\createDefaultRole(), ilObjBlog\initDefaultRoles(), ilObjCourse\initDefaultRoles(), ilObjForum\initDefaultRoles(), ilObjGroup\initDefaultRoles(), ilLearningSequenceRoles\initDefaultRoles(), ilObjSession\initDefaultRoles(), and ilIndividualAssessmentAccessHandler\initDefaultRolesForObject().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ createPermissionIntersection()

ilObjRole::createPermissionIntersection ( array  $policy_stack,
array  $a_current_ops,
int  $a_id,
string  $a_type 
)
protected

Create permission intersection.

Definition at line 869 of file class.ilObjRole.php.

874 : void {
875 static $course_non_member_id = null;
876 static $group_non_member_id = null;
877 static $group_open_id = null;
878 static $group_closed_id = null;
879
880 $template_id = 0;
881 // Get template id
882 switch ($a_type) {
883 case 'grp':
884 $type = ilObjGroup::lookupGroupTye(ilObject::_lookupObjId($a_id));
885 switch ($type) {
886 case ilGroupConstants::GRP_TYPE_CLOSED:
887 if (!$group_closed_id) {
888 $query = "SELECT obj_id FROM object_data WHERE type='rolt' AND title='il_grp_status_closed'";
889 $res = $this->db->query($query);
890 while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
891 $group_closed_id = (int) $row->obj_id;
892 }
893 }
894 $template_id = $group_closed_id;
895 #var_dump("GROUP CLOSED id:" . $template_id);
896 break;
897
898 case ilGroupConstants::GRP_TYPE_OPEN:
899 default:
900 if (!$group_open_id) {
901 $query = "SELECT obj_id FROM object_data WHERE type='rolt' AND title='il_grp_status_open'";
902 $res = $this->db->query($query);
903 while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
904 $group_open_id = (int) $row->obj_id;
905 }
906 }
907 $template_id = $group_open_id;
908 break;
909 }
910 break;
911
912 case 'crs':
913 if (!$course_non_member_id) {
914 $query = "SELECT obj_id FROM object_data WHERE type='rolt' AND title='il_crs_non_member'";
915 $res = $this->db->query($query);
916 while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
917 $course_non_member_id = (int) $row->obj_id;
918 }
919 }
920 $template_id = $course_non_member_id;
921 break;
922 }
923
924 // Create intersection template permissions
925 if ($template_id && $policy_stack !== []) {
926 $this->rbac_admin->copyRolePermissionIntersection(
927 $template_id,
928 ROLE_FOLDER_ID,
929 $this->getId(),
930 end($policy_stack),
931 $a_id,
932 $this->getId()
933 );
934 } else {
935 }
936 if ($a_id && !$GLOBALS['DIC']['rbacreview']->isRoleAssignedToObject($this->getId(), $a_id)) {
937 $this->rbac_admin->assignRoleToFolder($this->getId(), $a_id, "n");
938 }
939 }
ilObjGroup\lookupGroupTye
static lookupGroupTye(int $a_id)
Definition: class.ilObjGroup.php:118
ilObject\_lookupObjId
static _lookupObjId(int $ref_id)
Definition: class.ilObject.php:940

References $res, ilObject\_lookupObjId(), ilDBConstants\FETCHMODE_OBJECT, ilGroupConstants\GRP_TYPE_CLOSED, ilGroupConstants\GRP_TYPE_OPEN, ILIAS\Repository\int(), and ilObjGroup\lookupGroupTye().

+ Here is the call graph for this function:

◆ delete()

ilObjRole::delete ( )

delete role and all related data @access public

Returns
bool true if all object data were removed; false if only a references were removed

Reimplemented from ilObject.

Definition at line 280 of file class.ilObjRole.php.

280 : bool
281 {
282 global $DIC;
283
284 // Temporary bugfix
285 if ($this->rbac_review->hasMultipleAssignments($this->getId())) {
286 $this->logger->warning('Found role with multiple assignments: role_id: ' . $this->getId());
287 $this->logger->warning('Aborted deletion of role.');
288 return false;
289 }
290
291 if ($this->rbac_review->isAssignable($this->getId(), $this->getParent())) {
292 $this->logger->debug('Handling assignable role...');
293 // do not delete a global role, if the role is the last
294 // role a user is assigned to.
295 //
296 // Performance improvement: In the code section below, we
297 // only need to consider _global_ roles. We don't need
298 // to check for _local_ roles, because a user who has
299 // a local role _always_ has a global role too.
300 $last_role_user_ids = [];
301 if ($this->getParent() == ROLE_FOLDER_ID) {
302 ilLoggerFactory::getLogger('ac')->debug('Handling global role...');
303 // The role is a global role: check if
304 // we find users who aren't assigned to any
305 // other global role than this one.
306 $user_ids = $this->rbac_review->assignedUsers($this->getId());
307
308 foreach ($user_ids as $user_id) {
309 // get all roles each user has
310 $role_ids = $this->rbac_review->assignedRoles($user_id);
311
312 // is last role?
313 if (count($role_ids) == 1) {
314 $last_role_user_ids[] = $user_id;
315 }
316 }
317 }
318
319 // users with last role found?
320 if ($last_role_user_ids !== []) {
321 $user_names = [];
322 foreach ($last_role_user_ids as $user_id) {
323 // GET OBJECT TITLE
324 $user_names[] = ilObjUser::_lookupLogin($user_id);
325 }
326
327 // TODO: This check must be done in rolefolder object because if multiple
328 // roles were selected the other roles are still deleted and the system does not
329 // give any feedback about this.
330 $users = implode(', ', $user_names);
331 $this->logger->info('Cannot delete last global role of users.');
332 $this->ilias->raiseError($this->lng->txt("msg_user_last_role1") . " " .
333 $users . "<br/>" . $this->lng->txt("msg_user_last_role2"), $this->ilias->error_obj->WARNING);
334 } else {
335 $this->logger->debug('Starting deletion of assignable role: role_id: ' . $this->getId());
336 $this->rbac_admin->deleteRole($this->getId(), $this->getParent());
337
338 // Delete ldap role group mappings
339 ilLDAPRoleGroupMappingSettings::_deleteByRole($this->getId());
340
341 // delete object_data entry
342 parent::delete();
343
344 // delete role_data entry
345 $query = "DELETE FROM role_data WHERE role_id = " . $this->db->quote($this->getId(), 'integer');
346 $res = $this->db->manipulate($query);
347 }
348 } else {
349 $this->logger->debug('Starting deletion of linked role: role_id ' . $this->getId());
350 // linked local role: INHERITANCE WAS STOPPED, SO DELETE ONLY THIS LOCAL ROLE
351 $this->rbac_admin->deleteLocalRole($this->getId(), $this->getParent());
352 }
353 return true;
354 }
ilLoggerFactory\getLogger
static getLogger(string $a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:89
ilObjRole\getParent
getParent()
get reference id of parent object
Definition: class.ilObjRole.php:270
ilObjUser\_lookupLogin
static _lookupLogin(int $a_user_id)
Definition: class.ilObjUser.php:2729
ilias
Class ilObjForumAdministration.

References $DIC, $res, $user_id, ilLDAPRoleGroupMappingSettings\_deleteByRole(), ilObjUser\_lookupLogin(), ILIAS\Survey\Mode\getId(), ilLoggerFactory\getLogger(), ILIAS\Repository\lng(), ILIAS\Repository\logger(), and ROLE_FOLDER_ID.

+ Here is the call graph for this function:

◆ deleteLocalPolicies()

ilObjRole::deleteLocalPolicies ( int  $a_start,
array  $a_policies,
array  $a_filter 
)
protected

Definition at line 582 of file class.ilObjRole.php.

582 : array
583 {
584 global $DIC;
585 $rbacadmin = $DIC['rbacadmin'];
586
587 $local_policies = [];
588 foreach ($a_policies as $policy) {
589 if ($policy == $a_start || $policy == SYSTEM_FOLDER_ID) {
590 $local_policies[] = $policy;
591 continue;
592 }
593 if (!in_array('all', $a_filter) && !in_array(
594 ilObject::_lookupType(ilObject::_lookupObjId($policy)),
595 $a_filter
596 )) {
597 $local_policies[] = $policy;
598 continue;
599 }
600 $rbacadmin->deleteLocalRole($this->getId(), $policy);
601 }
602 return $local_policies;
603 }

References $DIC, ilObject\_lookupObjId(), ilObject\_lookupType(), ILIAS\Survey\Mode\getId(), and SYSTEM_FOLDER_ID.

+ Here is the call graph for this function:

◆ getAllowRegister()

ilObjRole::getAllowRegister ( )

Definition at line 209 of file class.ilObjRole.php.

209 : bool
210 {
211 return $this->allow_register;
212 }
ilObjRole\$allow_register
bool $allow_register
Definition: class.ilObjRole.php:41

◆ getAssignUsersStatus()

ilObjRole::getAssignUsersStatus ( )

Definition at line 136 of file class.ilObjRole.php.

136 : bool
137 {
138 return $this->assign_users;
139 }
ilObjRole\$assign_users
bool $assign_users
Definition: class.ilObjRole.php:42

◆ getCountMembers()

ilObjRole::getCountMembers ( )

Get number of users assigned to role.

Definition at line 359 of file class.ilObjRole.php.

359 : int
360 {
361 return count($this->rbac_review->assignedUsers($this->getId()));
362 }

◆ getParent()

ilObjRole::getParent ( )

get reference id of parent object

Definition at line 270 of file class.ilObjRole.php.

270 : ?int
271 {
272 return $this->parent;
273 }

◆ getPresentationTitle()

ilObjRole::getPresentationTitle ( )

get presentation title Normally same as title Overwritten for sessions

Reimplemented from ilObject.

Definition at line 120 of file class.ilObjRole.php.

120 : string
121 {
122 $r = ilObjRole::_getTranslation($this->getTitle());
123
124 if ($r === $this->getUntranslatedTitle()) {
125 return $r;
126 }
127
128 return $r . ' (' . $this->getUntranslatedTitle() . ')';
129 }
ilObjRole\_getTranslation
static _getTranslation(string $a_role_title)
Definition: class.ilObjRole.php:364
ilObject\getUntranslatedTitle
getUntranslatedTitle()
Get untranslated object title WebDAV needs to access the untranslated title of an object.
Definition: class.ilObject.php:354

References _getTranslation(), and ILIAS\GlobalScreen\Scope\Footer\Factory\getTitle().

+ Here is the call graph for this function:

◆ isAutoGenerated()

ilObjRole::isAutoGenerated ( )

Definition at line 533 of file class.ilObjRole.php.

533 : bool
534 {
535 return substr($this->title, 0, 3) == 'il_';
536 }

◆ isHandledObjectType()

ilObjRole::isHandledObjectType ( array  $a_filter,
array  $a_exclusion_filter,
string  $a_type 
)
protected

Definition at line 794 of file class.ilObjRole.php.

794 : bool
795 {
796 if (in_array($a_type, $a_exclusion_filter)) {
797 return false;
798 }
799
800 if (in_array('all', $a_filter)) {
801 return true;
802 }
803 return in_array($a_type, $a_filter);
804 }

◆ read()

ilObjRole::read ( )

loads "role" from database @access private

Reimplemented from ilObject.

Definition at line 158 of file class.ilObjRole.php.

158 : void
159 {
160 $query = "SELECT * FROM role_data WHERE role_id= " . $this->db->quote($this->id, 'integer') . " ";
161 $res = $this->db->query($query);
162 if ($res->numRows() > 0) {
163 $row = $this->db->fetchAssoc($res);
164 $this->setAllowRegister((bool) $row['allow_register']);
165 $this->toggleAssignUsersStatus((bool) ($row['assign_users'] ?? false));
166 } else {
167 $this->logger->logStack(ilLogLevel::ERROR);
168 throw new ilObjectException('There is no dataset with id: ' . $this->id);
169 }
170 parent::read();
171 }
ilObjRole\toggleAssignUsersStatus
toggleAssignUsersStatus(bool $a_assign_users)
Definition: class.ilObjRole.php:131
ilObjRole\setAllowRegister
setAllowRegister(bool $a_allow_register)
Definition: class.ilObjRole.php:204
ilObjectException
Base exception class for object service.
Definition: class.ilObjectException.php:27

References $res, ilLogLevel\ERROR, and ILIAS\Repository\logger().

+ Here is the call graph for this function:

◆ setAllowRegister()

ilObjRole::setAllowRegister ( bool  $a_allow_register)

Definition at line 204 of file class.ilObjRole.php.

204 : void
205 {
206 $this->allow_register = $a_allow_register;
207 }

◆ setParent()

ilObjRole::setParent ( int  $a_parent_ref)

set reference id of parent object this is neccessary for non RBAC protected objects!!!

Definition at line 262 of file class.ilObjRole.php.

262 : void
263 {
264 $this->parent = $a_parent_ref;
265 }

◆ toggleAssignUsersStatus()

ilObjRole::toggleAssignUsersStatus ( bool  $a_assign_users)

Definition at line 131 of file class.ilObjRole.php.

131 : void
132 {
133 $this->assign_users = $a_assign_users;
134 }

◆ update()

ilObjRole::update ( )

Reimplemented from ilObject.

Definition at line 173 of file class.ilObjRole.php.

173 : bool
174 {
175 $query = "UPDATE role_data SET " .
176 "allow_register= " . $this->db->quote($this->allow_register, 'integer') . ", " .
177 "assign_users = " . $this->db->quote($this->getAssignUsersStatus(), 'integer') . " " .
178 "WHERE role_id= " . $this->db->quote($this->id, 'integer') . " ";
179 $res = $this->db->manipulate($query);
180
181 parent::update();
182
183 $this->read();
184
185 return true;
186 }
ilObjRole\read
read()
loads "role" from database @access private
Definition: class.ilObjRole.php:158

References $res.

◆ updateOperationStack()

ilObjRole::updateOperationStack ( array &  $a_stack,
int  $a_node,
bool  $a_init = false 
)
protected

Update operation stack.

Definition at line 809 of file class.ilObjRole.php.

813 : bool {
814 $has_policies = null;
815
816 if ($a_node == ROOT_FOLDER_ID) {
817 $has_policies = true;
818 $policy_origin = ROLE_FOLDER_ID;
819 } else {
820 $has_policies = $this->rbac_review->getLocalPolicies($a_node);
821 $policy_origin = $a_node;
822
823 if ($a_init) {
824 $parent_roles = $this->rbac_review->getParentRoleIds($a_node, false);
825 if ($parent_roles[$this->getId()]) {
826 $a_stack[] = $this->rbac_review->getAllOperationsOfRole(
827 $this->getId(),
828 $parent_roles[$this->getId()]['parent']
829 );
830 }
831 return true;
832 }
833 }
834
835 if (!$has_policies) {
836 return false;
837 }
838
839 $a_stack[] = $this->rbac_review->getAllOperationsOfRole(
840 $this->getId(),
841 $policy_origin
842 );
843 return true;
844 }
ROOT_FOLDER_ID
const ROOT_FOLDER_ID
Definition: constants.php:32

References ROLE_FOLDER_ID.

◆ updatePolicyStack()

ilObjRole::updatePolicyStack ( array &  $a_stack,
int  $a_node 
)
protected

Definition at line 846 of file class.ilObjRole.php.

846 : bool
847 {
848 $has_policies = null;
849
850 if ($a_node == ROOT_FOLDER_ID) {
851 $has_policies = true;
852 $policy_origin = ROLE_FOLDER_ID;
853 } else {
854 $has_policies = $this->rbac_review->getLocalPolicies($a_node);
855 $policy_origin = $a_node;
856 }
857
858 if (!$has_policies) {
859 return false;
860 }
861
862 $a_stack[] = $policy_origin;
863 return true;
864 }

References ROLE_FOLDER_ID, and ROOT_FOLDER_ID.

◆ validate()

ilObjRole::validate ( )

Definition at line 107 of file class.ilObjRole.php.

107 : bool
108 {
109 global $DIC;
110
111 $ilErr = $DIC['ilErr'];
112
113 if (substr($this->getTitle(), 0, 3) == 'il_') {
114 $ilErr->setMessage('msg_role_reserved_prefix');
115 return false;
116 }
117 return true;
118 }
$ilErr
$ilErr
Definition: raiseError.php:33

References $DIC, $ilErr, and ILIAS\GlobalScreen\Scope\Footer\Factory\getTitle().

+ Here is the call graph for this function:

Field Documentation

◆ $allow_register

bool ilObjRole::$allow_register = false
protected

Definition at line 41 of file class.ilObjRole.php.

◆ $assign_users

bool ilObjRole::$assign_users = false
protected

Definition at line 42 of file class.ilObjRole.php.

◆ $logger

ilLogger ilObjRole::$logger
private

Definition at line 37 of file class.ilObjRole.php.

◆ $parent

int ilObjRole::$parent = null

Definition at line 39 of file class.ilObjRole.php.

◆ MODE_ADD_OPERATIONS

const ilObjRole::MODE_ADD_OPERATIONS = 1

Definition at line 33 of file class.ilObjRole.php.

Referenced by ilObjRoleFolderGUI\adjustRoleObject().

◆ MODE_PROTECTED_DELETE_LOCAL_POLICIES

const ilObjRole::MODE_PROTECTED_DELETE_LOCAL_POLICIES = 1

Definition at line 28 of file class.ilObjRole.php.

Referenced by ilDidacticTemplateLocalPolicyAction\createLocalPolicy(), ilDidacticTemplateLocalPolicyAction\revert(), ilDidacticTemplateLocalPolicyAction\revertLocalPolicy(), and ilObjRoleGUI\showChangeExistingObjectsConfirmation().

◆ MODE_PROTECTED_KEEP_LOCAL_POLICIES

const ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES = 2

Definition at line 29 of file class.ilObjRole.php.

Referenced by ilPermissionGUI\addRole(), ilObjRoleGUI\permSaveObject(), and ilObjRoleGUI\showChangeExistingObjectsConfirmation().

◆ MODE_READ_OPERATIONS

const ilObjRole::MODE_READ_OPERATIONS = 2

Definition at line 34 of file class.ilObjRole.php.

Referenced by ilObjRoleFolderGUI\adjustRoleObject().

◆ MODE_REMOVE_OPERATIONS

const ilObjRole::MODE_REMOVE_OPERATIONS = 3

Definition at line 35 of file class.ilObjRole.php.

Referenced by ilObjRoleFolderGUI\adjustRoleObject().

◆ MODE_UNPROTECTED_DELETE_LOCAL_POLICIES

const ilObjRole::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES = 3

Definition at line 30 of file class.ilObjRole.php.

Referenced by ilDidacticTemplateLocalPolicyAction\createLocalPolicy(), ilDidacticTemplateBlockRoleAction\deleteLocalPolicy(), ilDidacticTemplateLocalPolicyAction\revert(), ilDidacticTemplateLocalPolicyAction\revertLocalPolicy(), and ilObjRoleGUI\showChangeExistingObjectsConfirmation().

◆ MODE_UNPROTECTED_KEEP_LOCAL_POLICIES

const ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES = 4

Definition at line 31 of file class.ilObjRole.php.

Referenced by ilPermissionGUI\addRole(), ilObjLTIAdministrationGUI\createLtiUserRole(), ilObjRoleGUI\permSaveObject(), ilObjRoleGUI\showChangeExistingObjectsConfirmation(), and ilPermissionGUI\unblockRoles().

The documentation for this class was generated from the following file: