ILIAS Release_3_6_x_branch .rev 46809: survey/classes/class.ilObjSurveyAccess.php Source File

Go to the documentation of this file.
00001 <?php
00002 /*
00003         +-----------------------------------------------------------------------------+
00004         | ILIAS open source                                                           |
00005         +-----------------------------------------------------------------------------+
00006         | Copyright (c) 1998-2001 ILIAS open source, University of Cologne            |
00007         |                                                                             |
00008         | This program is free software; you can redistribute it and/or               |
00009         | modify it under the terms of the GNU General Public License                 |
00010         | as published by the Free Software Foundation; either version 2              |
00011         | of the License, or (at your option) any later version.                      |
00012         |                                                                             |
00013         | This program is distributed in the hope that it will be useful,             |
00014         | but WITHOUT ANY WARRANTY; without even the implied warranty of              |
00015         | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               |
00016         | GNU General Public License for more details.                                |
00017         |                                                                             |
00018         | You should have received a copy of the GNU General Public License           |
00019         | along with this program; if not, write to the Free Software                 |
00020         | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA. |
00021         +-----------------------------------------------------------------------------+
00022 */
00023 
00024 include_once "./classes/class.ilObjectAccess.php";
00025 include_once "./survey/classes/inc.SurveyConstants.php";
00026 
00037 class ilObjSurveyAccess extends ilObjectAccess
00038 {
00054         function _checkAccess($a_cmd, $a_permission, $a_ref_id, $a_obj_id, $a_user_id = "")
00055         {
00056                 global $ilUser, $lng, $rbacsystem, $ilAccess;
00057 
00058                 if ($a_user_id == "")
00059                 {
00060                         $a_user_id = $ilUser->getId();
00061                 }
00062 
00063                 switch ($a_permission)
00064                 {
00065                         case "visible":
00066                                 if (!ilObjSurveyAccess::_lookupCreationComplete($a_obj_id) &&
00067                                         (!$rbacsystem->checkAccess('write', $a_ref_id)))
00068                                 {
00069                                         $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("warning_survey_not_complete"));
00070                                         return false;
00071                                 }
00072                                 break;
00073                 }
00074 
00075                 switch ($a_cmd)
00076                 {
00077                         case "run":
00078                                 if (!ilObjSurveyAccess::_lookupCreationComplete($a_obj_id)
00079                                         || !(ilObjSurveyAccess::_lookupOnline($a_obj_id) == 1))
00080                                 {
00081                                         $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("warning_survey_not_complete"));
00082                                         return false;
00083                                 }
00084                                 break;
00085 
00086                         case "evaluation":
00087                                 if (!ilObjSurveyAccess::_lookupCreationComplete($a_obj_id))
00088                                 {
00089                                         $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("warning_survey_not_complete"));
00090                                         return false;
00091                                 }
00092                                 if ($rbacsystem->checkAccess("write",$a_ref_id) || ilObjSurveyAccess::_hasEvaluationAccess($a_obj_id, $a_user_id))
00093                                 {
00094                                         return true;
00095                                 }
00096                                 else
00097                                 {
00098                                         $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("no_permission"));
00099                                         return false;
00100                                 }
00101                                 break;
00102                 }
00103 
00104                 return true;
00105         }
00106         
00107         
00120         function _getCommands()
00121         {
00122                 $commands = array
00123                 (
00124                         array("permission" => "read", "cmd" => "run", "lang_var" => "svy_run",
00125                                 "default" => true),
00126                         array("permission" => "write", "cmd" => "properties", "lang_var" => "edit"),
00127                         array("permission" => "invite", "cmd" => "invite", "lang_var" => "invite"),
00128                         array("permission" => "read", "cmd" => "evaluation", "lang_var" => "svy_evaluation")
00129                 );
00130                 
00131                 return $commands;
00132         }
00133 
00134         //
00135         // object specific access related methods
00136         //
00137 
00141         function _lookupCreationComplete($a_obj_id)
00142         {
00143                 global $ilDB;
00144 
00145                 $q = sprintf("SELECT * FROM survey_survey WHERE obj_fi=%s",
00146                         $ilDB->quote($a_obj_id)
00147                 );
00148                 $result = $ilDB->query($q);
00149 
00150                 if ($result->numRows() == 1)
00151                 {
00152                         $row = $result->fetchRow(DB_FETCHMODE_OBJECT);
00153                 }
00154                 if (!$row->complete)
00155                 {
00156                         return false;
00157                 }
00158 
00159                 return true;
00160         }
00161 
00165         function _lookupEvaluationAccess($a_obj_id)
00166         {
00167                 global $ilDB;
00168 
00169                 $q = sprintf("SELECT * FROM survey_survey WHERE obj_fi=%s",
00170                         $ilDB->quote($a_obj_id)
00171                 );
00172                 $result = $ilDB->query($q);
00173                 if ($result->numRows() == 1)
00174                 {
00175                         $row = $result->fetchRow(DB_FETCHMODE_OBJECT);
00176                 }
00177 
00178                 return $row->evaluation_access;
00179         }
00180         
00181         function _isSurveyParticipant($user_id, $survey_id)
00182         {
00183                 global $ilDB;
00184 
00185                 $q = sprintf("SELECT finished_id FROM survey_finished WHERE user_fi = %s AND survey_fi = %s",
00186                         $ilDB->quote($user_id . ""),
00187                         $ilDB->quote($survey_id . "")
00188                 );
00189                 $result = $ilDB->query($q);
00190                 if ($result->numRows() == 1)
00191                 {
00192                         return true;
00193                 }
00194                 else
00195                 {
00196                         return false;
00197                 }
00198         }
00199         
00200         function _lookupAnonymize($a_obj_id)
00201         {
00202                 global $ilDB;
00203 
00204                 $q = sprintf("SELECT anonymize FROM survey_survey WHERE obj_fi = %s",
00205                         $ilDB->quote($a_obj_id . "")
00206                 );
00207                 $result = $ilDB->query($q);
00208                 if ($result->numRows() == 1)
00209                 {
00210                         $row = $result->fetchRow(DB_FETCHMODE_ASSOC);
00211                         return $row["anonymize"];
00212                 }
00213                 else
00214                 {
00215                         return 0;
00216                 }
00217         }
00218         
00219         function _hasEvaluationAccess($a_obj_id, $user_id)
00220         {
00221                 $evaluation_access = ilObjSurveyAccess::_lookupEvaluationAccess($a_obj_id);
00222                 switch ($evaluation_access)
00223                 {
00224                         case 0:
00225                                 // no evaluation access
00226                                 return false;
00227                                 break;
00228                         case 1:
00229                                 // evaluation access for all users
00230                                 return true;
00231                                 break;
00232                         case 2:
00233                                 // evaluation access for participants
00234                                 // check if the user with the given id is a survey participant
00235 
00236                                 // show the evaluation button for anonymized surveys for all users
00237                                 // access is only granted with the survey access code
00238                                 if (ilObjSurveyAccess::_lookupAnonymize($a_obj_id) == 1) return true;
00239                                 
00240                                 global $ilDB;
00241                                 $q = sprintf("SELECT survey_id FROM survey_survey WHERE obj_fi = %s",
00242                                         $ilDB->quote($a_obj_id . "")
00243                                 );
00244                                 $result = $ilDB->query($q);
00245                                 if ($result->numRows() == 1)
00246                                 {
00247                                         $row = $result->fetchRow(DB_FETCHMODE_ASSOC);
00248                                         if (ilObjSurveyAccess::_isSurveyParticipant($user_id, $row["survey_id"]))
00249                                         {
00250                                                 return true;
00251                                         }
00252                                 }
00253                                 // TODO: add an additional check for anonymous users who could have and survey access code
00254                                 //       on the other hand: if someone publishes a survey with anonymous access and evaluation access
00255                                 //       he or she should grant evaluation access for all users...
00256                                 return false;
00257                                 break;
00258                 }
00259         }
00260 
00264         function _lookupOnline($a_obj_id)
00265         {
00266                 global $ilDB;
00267 
00268                 $q = sprintf("SELECT * FROM survey_survey WHERE obj_fi=%s",
00269                         $ilDB->quote($a_obj_id)
00270                 );
00271                 $result = $ilDB->query($q);
00272                 if ($result->numRows() == 1) {
00273                         $row = $result->fetchRow(DB_FETCHMODE_OBJECT);
00274                 }
00275 
00276                 return $row->status;
00277         }
00278 
00284         function _lookupFinished($a_obj_id, $a_user_id = "")
00285         {
00286                 global $ilDB, $ilUser;
00287 
00288                 $finished = "";
00289                 if (!strlen($a_user_id))
00290                         $a_user_id = $ilUser->id;
00291 
00292                 $q = sprintf("SELECT * FROM survey_survey WHERE obj_fi=%s",
00293                                 $ilDB->quote($a_obj_id)
00294                         );
00295                 $result = $ilDB->query($q);
00296                 if ($result->numRows() == 1)
00297                 {
00298                         $row = $result->fetchRow(DB_FETCHMODE_OBJECT);
00299                         if ($row->anonymize == 1)
00300                         {
00301                                 $q = sprintf("SELECT * FROM survey_finished WHERE survey_fi = %s AND anonymous_id = %s",
00302                                         $ilDB->quote($row->survey_id),
00303                                         $ilDB->quote(md5($a_user_id . $row->survey_id) . "")
00304                                 );
00305                         }
00306                         else
00307                         {
00308                                 $q = sprintf("SELECT * FROM survey_finished WHERE survey_fi = %s AND user_fi = %s",
00309                                         $ilDB->quote($row->survey_id),
00310                                         $ilDB->quote($a_user_id)
00311                                 );
00312                         }
00313                         $result = $ilDB->query($q);
00314                         if ($result->numRows() == 1)
00315                         {
00316                                 $row = $result->fetchRow(DB_FETCHMODE_OBJECT);
00317                                 $finished = (int)$row->state;
00318                         }
00319                 }
00320 
00321                 return $finished;
00322         }
00323 
00324 }
00325 
00326 ?>