/** * creates a local role in current rolefolder (this object) * * @access public * @param string title * @param string description * @return object role object */ function createRole($a_title, $a_desc, $a_import_id = 0) { global $rbacadmin, $rbacreview; include_once "./Services/AccessControl/classes/class.ilObjRole.php"; $roleObj = new ilObjRole(); $roleObj->setTitle($a_title); $roleObj->setDescription($a_desc); //echo "aaa-1-"; if ($a_import_id != "") { //echo "aaa-2-".$a_import_id."-"; $roleObj->setImportId($a_import_id); } $roleObj->create(); // ...and put the role into local role folder... $rbacadmin->assignRoleToFolder($roleObj->getId(), $this->getRefId(), "y"); return $roleObj; }
/** * Copy local roles * This method creates a copy of all local role. * Note: auto generated roles are excluded * * @access public * @param int source id of object (not role folder) * @param int target id of object * */ public function copyLocalRoles($a_source_id, $a_target_id) { global $rbacreview, $ilLog, $ilObjDataCache; $real_local = array(); foreach ($rbacreview->getRolesOfRoleFolder($a_source_id, false) as $role_data) { $title = $ilObjDataCache->lookupTitle($role_data); if (substr($title, 0, 3) == 'il_') { continue; } $real_local[] = $role_data; } if (!count($real_local)) { return true; } // Create role folder foreach ($real_local as $role) { include_once "./Services/AccessControl/classes/class.ilObjRole.php"; $orig = new ilObjRole($role); $orig->read(); $ilLog->write(__METHOD__ . ': Start copying of role ' . $orig->getTitle()); $roleObj = new ilObjRole(); $roleObj->setTitle($orig->getTitle()); $roleObj->setDescription($orig->getDescription()); $roleObj->setImportId($orig->getImportId()); $roleObj->create(); $this->assignRoleToFolder($roleObj->getId(), $a_target_id, "y"); $this->copyRolePermissions($role, $a_source_id, $a_target_id, $roleObj->getId(), true); $ilLog->write(__METHOD__ . ': Added new local role, id ' . $roleObj->getId()); } }
function addRoleFromTemplate($sid, $target_id, $role_xml, $template_id) { $this->initAuth($sid); $this->initIlias(); if (!$this->__checkSession($sid)) { return $this->__raiseError($this->__getMessage(), $this->__getMessageCode()); } global $rbacreview, $objDefinition, $rbacsystem, $rbacadmin, $ilAccess; if (!($tmp_obj =& ilObjectFactory::getInstanceByRefId($target_id, false))) { return $this->__raiseError('No valid ref id given. Please choose an existing reference id of an ILIAS object', 'Client'); } if (ilObject::_lookupType($template_id) != 'rolt') { return $this->__raiseError('No valid template id given. Please choose an existing object id of an ILIAS role template', 'Client'); } if (ilObject::_isInTrash($target_id)) { return $this->__raiseError("Parent with ID {$target_id} has been deleted.", 'CLIENT_TARGET_DELETED'); } if (!$ilAccess->checkAccess('edit_permission', '', $target_id)) { return $this->__raiseError('Check access failed. No permission to create roles', 'Server'); } include_once 'webservice/soap/classes/class.ilObjectXMLParser.php'; $xml_parser =& new ilObjectXMLParser($role_xml); $xml_parser->startParsing(); foreach ($xml_parser->getObjectData() as $object_data) { // check if role title has il_ prefix if (substr($object_data['title'], 0, 3) == "il_") { return $this->__raiseError('Rolenames are not allowed to start with "il_" ', 'Client'); } include_once './Services/AccessControl/classes/class.ilObjRole.php'; $role = new ilObjRole(); $role->setTitle($object_data['title']); $role->setDescription($object_data['description']); $role->setImportId($object_data['import_id']); $role->create(); $GLOBALS['rbacadmin']->assignRoleToFolder($role->getId(), $target_id); // Copy permssions $rbacadmin->copyRoleTemplatePermissions($template_id, ROLE_FOLDER_ID, $target_id, $role->getId()); // Set object permissions according to role template $ops = $rbacreview->getOperationsOfRole($role->getId(), $tmp_obj->getType(), $target_id); $rbacadmin->grantPermission($role->getId(), $ops, $target_id); $new_roles[] = $role->getId(); } // CREATE ADMIN ROLE return $new_roles ? $new_roles : array(); }