/**
* creates a local role in current rolefolder (this object)
*
* @access public
* @param string title
* @param string description
* @return object role object
*/
function createRole($a_title, $a_desc, $a_import_id = 0)
{
global $rbacadmin, $rbacreview;
include_once "./Services/AccessControl/classes/class.ilObjRole.php";
$roleObj = new ilObjRole();
$roleObj->setTitle($a_title);
$roleObj->setDescription($a_desc);
//echo "aaa-1-";
if ($a_import_id != "") {
//echo "aaa-2-".$a_import_id."-";
$roleObj->setImportId($a_import_id);
}
$roleObj->create();
// ...and put the role into local role folder...
$rbacadmin->assignRoleToFolder($roleObj->getId(), $this->getRefId(), "y");
return $roleObj;
}
/**
* Copy local roles
* This method creates a copy of all local role.
* Note: auto generated roles are excluded
*
* @access public
* @param int source id of object (not role folder)
* @param int target id of object
*
*/
public function copyLocalRoles($a_source_id, $a_target_id)
{
global $rbacreview, $ilLog, $ilObjDataCache;
$real_local = array();
foreach ($rbacreview->getRolesOfRoleFolder($a_source_id, false) as $role_data) {
$title = $ilObjDataCache->lookupTitle($role_data);
if (substr($title, 0, 3) == 'il_') {
continue;
}
$real_local[] = $role_data;
}
if (!count($real_local)) {
return true;
}
// Create role folder
foreach ($real_local as $role) {
include_once "./Services/AccessControl/classes/class.ilObjRole.php";
$orig = new ilObjRole($role);
$orig->read();
$ilLog->write(__METHOD__ . ': Start copying of role ' . $orig->getTitle());
$roleObj = new ilObjRole();
$roleObj->setTitle($orig->getTitle());
$roleObj->setDescription($orig->getDescription());
$roleObj->setImportId($orig->getImportId());
$roleObj->create();
$this->assignRoleToFolder($roleObj->getId(), $a_target_id, "y");
$this->copyRolePermissions($role, $a_source_id, $a_target_id, $roleObj->getId(), true);
$ilLog->write(__METHOD__ . ': Added new local role, id ' . $roleObj->getId());
}
}
function addRoleFromTemplate($sid, $target_id, $role_xml, $template_id)
{
$this->initAuth($sid);
$this->initIlias();
if (!$this->__checkSession($sid)) {
return $this->__raiseError($this->__getMessage(), $this->__getMessageCode());
}
global $rbacreview, $objDefinition, $rbacsystem, $rbacadmin, $ilAccess;
if (!($tmp_obj =& ilObjectFactory::getInstanceByRefId($target_id, false))) {
return $this->__raiseError('No valid ref id given. Please choose an existing reference id of an ILIAS object', 'Client');
}
if (ilObject::_lookupType($template_id) != 'rolt') {
return $this->__raiseError('No valid template id given. Please choose an existing object id of an ILIAS role template', 'Client');
}
if (ilObject::_isInTrash($target_id)) {
return $this->__raiseError("Parent with ID {$target_id} has been deleted.", 'CLIENT_TARGET_DELETED');
}
if (!$ilAccess->checkAccess('edit_permission', '', $target_id)) {
return $this->__raiseError('Check access failed. No permission to create roles', 'Server');
}
include_once 'webservice/soap/classes/class.ilObjectXMLParser.php';
$xml_parser =& new ilObjectXMLParser($role_xml);
$xml_parser->startParsing();
foreach ($xml_parser->getObjectData() as $object_data) {
// check if role title has il_ prefix
if (substr($object_data['title'], 0, 3) == "il_") {
return $this->__raiseError('Rolenames are not allowed to start with "il_" ', 'Client');
}
include_once './Services/AccessControl/classes/class.ilObjRole.php';
$role = new ilObjRole();
$role->setTitle($object_data['title']);
$role->setDescription($object_data['description']);
$role->setImportId($object_data['import_id']);
$role->create();
$GLOBALS['rbacadmin']->assignRoleToFolder($role->getId(), $target_id);
// Copy permssions
$rbacadmin->copyRoleTemplatePermissions($template_id, ROLE_FOLDER_ID, $target_id, $role->getId());
// Set object permissions according to role template
$ops = $rbacreview->getOperationsOfRole($role->getId(), $tmp_obj->getType(), $target_id);
$rbacadmin->grantPermission($role->getId(), $ops, $target_id);
$new_roles[] = $role->getId();
}
// CREATE ADMIN ROLE
return $new_roles ? $new_roles : array();
}
