Ejemplo n.º 1
0
 /**
  * Get the number of users who may access the object but don't have yet a license
  *
  * @access   public
  * @return   int     number of potential accesses
  */
 function getPotentialAccesses()
 {
     global $ilDB;
     // get the operation id for read access
     $ops_ids = ilRbacReview::_getOperationIdsByName(array('read'));
     // first get all roles with read access
     $role_ids = array();
     $query = 'SELECT DISTINCT pa.rol_id' . ' FROM rbac_pa pa' . ' INNER JOIN object_reference ob ON ob.ref_id = pa.ref_id' . ' WHERE ' . $ilDB->like('pa.ops_id', 'text', '%%i:' . $ops_ids[0] . ';%%') . ' AND ob.obj_id = ' . $ilDB->quote($this->obj_id, 'integer');
     $result = $ilDB->query($query);
     while ($row = $ilDB->fetchObject($result)) {
         $role_ids[] = $row->rol_id;
     }
     if (!count($role_ids)) {
         return 0;
     }
     // then count all users of these roles without read events
     $query = 'SELECT COUNT(DISTINCT(usr_id)) accesses ' . ' FROM rbac_ua' . ' WHERE ' . $ilDB->in('rol_id', $role_ids, false, 'integer') . ' AND usr_id NOT IN' . ' (SELECT usr_id FROM read_event' . '  WHERE obj_id = ' . $ilDB->quote($this->obj_id, 'integer') . ')';
     $result = $ilDB->query($query);
     $row = $ilDB->fetchObject($result);
     return $row->accesses;
 }
 protected function handlePermissionUpdate(ilECSSetting $server)
 {
     if ($this->content_obj->getType() == 'crs') {
         $GLOBALS['ilLog']->write(__METHOD__ . ': Permission update');
         if ($this->content_obj->getType() == 'crs') {
             $GLOBALS['rbacadmin']->grantPermission($server->getGlobalRole(), ilRbacReview::_getOperationIdsByName(array('join', 'visible')), $this->content_obj->getRefId());
         }
     }
 }
Ejemplo n.º 3
0
 /**
  * Get all objects of a specific type and check access
  * This function is not recursive, instead it parses the serialized rbac_pa entries
  *
  * Get all objects of a specific type where access is granted for the given
  * operation. This function does a checkAccess call for all objects
  * in the object hierarchy and return only the objects of the given type.
  * Please note if access is not granted to any object in the hierarchy
  * the function skips all objects under it.
  * Example:
  * You want a list of all Courses that are visible and readable for the user.
  * The function call would be:
  * $your_list = IlUtil::getObjectsByOperation ("crs", "visible");
  * Lets say there is a course A where the user would have access to according to
  * his role assignments. Course A lies within a group object which is not readable
  * for the user. Therefore course A won't appear in the result list although
  * the queried operations 'read' would actually permit the user
  * to access course A.
  *
  * @access	public
  * @param	string/array	object type 'lm' or array('lm','sahs')
  * @param	string	permission to check e.g. 'visible' or 'read'
  * @param	int id of user in question
  * @param    int limit of results. if not given it defaults to search max hits.If limit is -1 limit is unlimited
  * @return	array of ref_ids
  * @static
  * 
  */
 public static function _getObjectsByOperations($a_obj_type, $a_operation, $a_usr_id = 0, $limit = 0)
 {
     global $ilDB, $rbacreview, $ilAccess, $ilUser, $ilias, $tree;
     if (!is_array($a_obj_type)) {
         $where = "WHERE type = " . $ilDB->quote($a_obj_type, "text") . " ";
     } else {
         $where = "WHERE " . $ilDB->in("type", $a_obj_type, false, "text") . " ";
     }
     // limit number of results default is search result limit
     if (!$limit) {
         $limit = $ilias->getSetting('search_max_hits', 100);
     }
     if ($limit == -1) {
         $limit = 10000;
     }
     // default to logged in usr
     $a_usr_id = $a_usr_id ? $a_usr_id : $ilUser->getId();
     $a_roles = $rbacreview->assignedRoles($a_usr_id);
     // Since no rbac_pa entries are available for the system role. This function returns !all! ref_ids in the case the user
     // is assigned to the system role
     if ($rbacreview->isAssigned($a_usr_id, SYSTEM_ROLE_ID)) {
         $query = "SELECT ref_id FROM object_reference obr LEFT JOIN object_data obd ON obr.obj_id = obd.obj_id " . "LEFT JOIN tree ON obr.ref_id = tree.child " . $where . "AND tree = 1";
         $res = $ilDB->query($query);
         $counter = 0;
         while ($row = $ilDB->fetchObject($res)) {
             // Filter recovery folder
             if ($tree->isGrandChild(RECOVERY_FOLDER_ID, $row->ref_id)) {
                 continue;
             }
             if ($counter++ >= $limit) {
                 break;
             }
             $ref_ids[] = $row->ref_id;
         }
         return $ref_ids ? $ref_ids : array();
     }
     // End Administrators
     // Check ownership if it is not asked for edit_permission or a create permission
     if ($a_operation == 'edit_permissions' or strpos($a_operation, 'create') !== false) {
         $check_owner = ") ";
     } else {
         $check_owner = "OR owner = " . $ilDB->quote($a_usr_id, "integer") . ") ";
     }
     $ops_ids = ilRbacReview::_getOperationIdsByName(array($a_operation));
     $ops_id = $ops_ids[0];
     $and = "AND ((" . $ilDB->in("rol_id", $a_roles, false, "integer") . " ";
     $query = "SELECT DISTINCT(obr.ref_id),obr.obj_id,type FROM object_reference obr " . "JOIN object_data obd ON obd.obj_id = obr.obj_id " . "LEFT JOIN rbac_pa  ON obr.ref_id = rbac_pa.ref_id " . $where . $and . "AND (" . $ilDB->like("ops_id", "text", "%i:" . $ops_id . "%") . " " . "OR " . $ilDB->like("ops_id", "text", "%:\"" . $ops_id . "\";%") . ")) " . $check_owner;
     $res = $ilDB->query($query);
     $counter = 0;
     while ($row = $res->fetchRow(DB_FETCHMODE_OBJECT)) {
         if ($counter >= $limit) {
             break;
         }
         // Filter objects in recovery folder
         if ($tree->isGrandChild(RECOVERY_FOLDER_ID, $row->ref_id)) {
             continue;
         }
         // Check deleted, hierarchical access ...
         if ($ilAccess->checkAccessOfUser($a_usr_id, $a_operation, '', $row->ref_id, $row->type, $row->obj_id)) {
             $counter++;
             $ref_ids[] = $row->ref_id;
         }
     }
     return $ref_ids ? $ref_ids : array();
 }
Ejemplo n.º 4
0
    $tree = new ilTree(ROOT_FOLDER_ID);
    $tree->insertNode($ref_id, $chatfolder_ref_id);
    $rolf_obj_id = $ilDB->nextId('object_data');
    // Create role folder
    $ilDB->manipulateF("INSERT INTO object_data (obj_id, type, title, description, owner, create_date, last_update) " . "VALUES (%s, %s, %s, %s, %s, %s, %s)", array("integer", "text", "text", "text", "integer", "timestamp", "timestamp"), array($rolf_obj_id, "rolf", $obj_id, "(ref_id " . $ref_id . ")", -1, ilUtil::now(), ilUtil::now()));
    $rolf_ref_id = $ilDB->nextId('object_reference');
    // Create reference
    $ilDB->manipulateF("INSERT INTO object_reference (ref_id, obj_id) VALUES (%s, %s)", array('integer', 'integer'), array($rolf_ref_id, $rolf_obj_id));
    // put in tree
    $tree->insertNode($rolf_ref_id, $ref_id);
    $role_obj_id = $ilDB->nextId('object_data');
    // Create role
    $ilDB->manipulateF("INSERT INTO object_data (obj_id, type, title, description, owner, create_date, last_update) " . "VALUES (%s, %s, %s, %s, %s, %s, %s)", array("integer", "text", "text", "text", "integer", "timestamp", "timestamp"), array($role_obj_id, "role", "il_chat_moderator_" . $ref_id, "Moderator of chat obj_no." . $obj_id, -1, ilUtil::now(), ilUtil::now()));
    // Insert role_data
    $ilDB->manipulateF('INSERT INTO role_data (role_id) VALUES (%s)', array('integer'), array($role_obj_id));
    $permissions = ilRbacReview::_getOperationIdsByName(array('visible', 'read', 'moderate'));
    $rbacadmin = new ilRbacAdmin();
    $rbacadmin->grantPermission($role_obj_id, $permissions, $ref_id);
    $rbacadmin->assignRoleToFolder($role_obj_id, $rolf_ref_id);
    $id = $ilDB->nextId('chatroom_settings');
    $ilDB->insert('chatroom_settings', array('room_id' => array('integer', $id), 'object_id' => array('integer', $obj_id), 'room_type' => array('text', 'default'), 'allow_anonymous' => array('integer', 0), 'allow_custom_usernames' => array('integer', 0), 'enable_history' => array('integer', 0), 'restrict_history' => array('integer', 0), 'autogen_usernames' => array('text', 'Anonymous #'), 'allow_private_rooms' => array('integer', 1)));
    $settings = new ilSetting('chatroom');
    $settings->set('public_room_ref', $ref_id);
}
?>
<#3461>
<?php 
$chat_modetator_tpl_id = $ilDB->nextId('object_data');
$ilDB->manipulateF("\n\t\tINSERT INTO object_data (obj_id, type, title, description, owner, create_date, last_update) " . "VALUES (%s, %s, %s, %s, %s, %s, %s)", array("integer", "text", "text", "text", "integer", "timestamp", "timestamp"), array($chat_modetator_tpl_id, "rolt", "il_chat_moderator", "Moderator template for chat moderators", -1, ilUtil::now(), ilUtil::now()));
$query = 'SELECT ops_id FROM rbac_operations WHERE operation = ' . $ilDB->quote('moderate', 'text');
$rset = $ilDB->query($query);
 /**
  * Update properties
  */
 public function updateProperties()
 {
     global $tpl, $lng, $ilCtrl, $ScormCloudService;
     if ($_FILES["scormcloudfile"]["name"]) {
         // First, process SCORM Cloud upload
         if ($_FILES["scormcloudfile"]["error"] > 0) {
             error_log("Error: " . $_FILES["scormcloudfile"]["error"]);
         } else {
             $id = $this->object->getId();
             if ($this->isPackageImportedInScormCloud()) {
                 $mode = "update";
             } else {
                 $mode = "new";
             }
             $courseService = $ScormCloudService->getCourseService();
             $uploadService = $ScormCloudService->getUploadService();
             $courseId = $id;
             // Where the file is going to be placed
             $target_path = "uploads/";
             $target_path = $_FILES["scormcloudfile"]["tmp_name"] . '.zip';
             $tempFile = $_FILES["scormcloudfile"]["tmp_name"];
             move_uploaded_file($_FILES['scormcloudfile']['tmp_name'], $target_path);
             $absoluteFilePathToZip = $target_path;
             try {
                 //now upload the file and save the resulting location
                 $location = $uploadService->UploadFile($absoluteFilePathToZip, null);
                 if ($mode == 'update') {
                     //version the uploaded course
                     $ir = $courseService->VersionUploadedCourse($courseId, $location, null);
                 } else {
                     //import the uploaded course
                     $ir = $courseService->ImportUploadedCourse($courseId, $location, null);
                 }
             } catch (Exception $e) {
                 // unlink deletes file
                 unlink($absoluteFilePathToZip);
                 throw $e;
             }
             // unlink deletes uploaded file
             unlink($absoluteFilePathToZip);
             //TODO: Expose and view import result object
             // if ($ir->getWasSuccessful())
             // {
             // 	$this->object->setTitle($ir->getTitle());
             // 	$this->object->update();
             //
             // }
             // Don't have $ir now... so by virtue of it existing in this next call we'll call it good
             if ($this->isPackageImportedInScormCloud()) {
                 $allResults = $courseService->GetCourseList();
                 $xmlstring = '';
                 $courseTitle = '';
                 foreach ($allResults as $course) {
                     if ($course->getCourseId() == $this->object->getId()) {
                         $courseTitle = $course->getTitle();
                         $versionCount = $course->getNumberOfVersions();
                         $xmlstring = $courseService->GetMetadata($courseId, $versionCount - 1, 0, 'xml');
                         error_log("xmlString : " . $xmlstring);
                         $this->object->setTitle($courseTitle);
                         $this->object->setExistsOnCloud(true);
                         $this->object->setVersion($versionCount);
                         $this->object->update();
                         //$this->object->refreshMetaData();
                         break;
                     }
                 }
                 // Here's where we set the default permissions.  Here's a spot where we have a good
                 // refId so use it to set the initial permissions.
                 if ($mode == "new") {
                     // Looks like a good spot to modify permissions since the object has been created
                     global $rbacadmin, $rbacreview;
                     $user_role_id = 4;
                     $guest_role_id = 5;
                     $ref_id = $this->object->getRefId();
                     $rbacadmin->grantPermission($guest_role_id, ilRbacReview::_getOperationIdsByName(array("visible")), $ref_id);
                     $rbacadmin->grantPermission($user_role_id, ilRbacReview::_getOperationIdsByName(array("visible", "read")), $ref_id);
                 }
             }
         }
     }
     $this->initPropertiesForm();
     if ($this->form->checkInput()) {
         //$this->object->setTitle($this->form->getInput("title"));
         $this->object->setDescription($this->form->getInput("desc"));
         $this->object->setOnline($this->form->getInput("online"));
         $this->object->setLearnersSeeRptDetails($this->form->getInput("learners_see_rpt_details"));
         $this->object->update();
         ilUtil::sendSuccess($lng->txt("msg_obj_modified"), true);
         $ilCtrl->redirect($this, "editProperties");
     }
     $this->form->setValuesByPost();
     $tpl->setContent($this->form->getHtml());
 }