ILIAS Release_3_9_x_branch .rev 46835: Modules/Survey/classes/class.ilObjSurveyAccess.php Source File

Go to the documentation of this file.
00001 <?php
00002 /*
00003         +-----------------------------------------------------------------------------+
00004         | ILIAS open source                                                           |
00005         +-----------------------------------------------------------------------------+
00006         | Copyright (c) 1998-2006 ILIAS open source, University of Cologne            |
00007         |                                                                             |
00008         | This program is free software; you can redistribute it and/or               |
00009         | modify it under the terms of the GNU General Public License                 |
00010         | as published by the Free Software Foundation; either version 2              |
00011         | of the License, or (at your option) any later version.                      |
00012         |                                                                             |
00013         | This program is distributed in the hope that it will be useful,             |
00014         | but WITHOUT ANY WARRANTY; without even the implied warranty of              |
00015         | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               |
00016         | GNU General Public License for more details.                                |
00017         |                                                                             |
00018         | You should have received a copy of the GNU General Public License           |
00019         | along with this program; if not, write to the Free Software                 |
00020         | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA. |
00021         +-----------------------------------------------------------------------------+
00022 */
00023 
00024 include_once "./classes/class.ilObjectAccess.php";
00025 include_once "./Modules/Survey/classes/inc.SurveyConstants.php";
00026 
00037 class ilObjSurveyAccess extends ilObjectAccess
00038 {
00054         function _checkAccess($a_cmd, $a_permission, $a_ref_id, $a_obj_id, $a_user_id = "")
00055         {
00056                 global $ilUser, $lng, $rbacsystem, $ilAccess;
00057 
00058                 if ($a_user_id == "")
00059                 {
00060                         $a_user_id = $ilUser->getId();
00061                 }
00062 
00063                 switch ($a_permission)
00064                 {
00065                         case "visible":
00066                                 if (!ilObjSurveyAccess::_lookupCreationComplete($a_obj_id) &&
00067                                         (!$rbacsystem->checkAccess('write', $a_ref_id)))
00068                                 {
00069                                         $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("warning_survey_not_complete"));
00070                                         return false;
00071                                 }
00072                                 break;
00073                 }
00074 
00075                 switch ($a_cmd)
00076                 {
00077                         case "run":
00078                                 if (!ilObjSurveyAccess::_lookupCreationComplete($a_obj_id)
00079                                         || !(ilObjSurveyAccess::_lookupOnline($a_obj_id) == 1))
00080                                 {
00081                                         $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("warning_survey_not_complete"));
00082                                         return false;
00083                                 }
00084                                 break;
00085 
00086                         case "evaluation":
00087                                 if (!ilObjSurveyAccess::_lookupCreationComplete($a_obj_id))
00088                                 {
00089                                         $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("warning_survey_not_complete"));
00090                                         return false;
00091                                 }
00092                                 if ($rbacsystem->checkAccess("write",$a_ref_id) || ilObjSurveyAccess::_hasEvaluationAccess($a_obj_id, $a_user_id))
00093                                 {
00094                                         return true;
00095                                 }
00096                                 else
00097                                 {
00098                                         $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("no_permission"));
00099                                         return false;
00100                                 }
00101                                 break;
00102                 }
00103 
00104                 return true;
00105         }
00106         
00107         
00120         function _getCommands()
00121         {
00122                 $commands = array
00123                 (
00124                         array("permission" => "read", "cmd" => "infoScreen", "lang_var" => "svy_run", "default" => true),
00125                         array("permission" => "write", "cmd" => "properties", "lang_var" => "edit"),
00126                         array("permission" => "read", "cmd" => "evaluation", "lang_var" => "svy_evaluation")
00127                 );
00128                 
00129                 return $commands;
00130         }
00131 
00132         //
00133         // object specific access related methods
00134         //
00135 
00139         function _lookupCreationComplete($a_obj_id)
00140         {
00141                 global $ilDB;
00142 
00143                 $q = sprintf("SELECT * FROM survey_survey WHERE obj_fi=%s",
00144                         $ilDB->quote($a_obj_id)
00145                 );
00146                 $result = $ilDB->query($q);
00147 
00148                 if ($result->numRows() == 1)
00149                 {
00150                         $row = $result->fetchRow(DB_FETCHMODE_OBJECT);
00151                 }
00152                 if (!$row->complete)
00153                 {
00154                         return false;
00155                 }
00156 
00157                 return true;
00158         }
00159 
00163         function _lookupEvaluationAccess($a_obj_id)
00164         {
00165                 global $ilDB;
00166 
00167                 $q = sprintf("SELECT * FROM survey_survey WHERE obj_fi=%s",
00168                         $ilDB->quote($a_obj_id)
00169                 );
00170                 $result = $ilDB->query($q);
00171                 if ($result->numRows() == 1)
00172                 {
00173                         $row = $result->fetchRow(DB_FETCHMODE_OBJECT);
00174                 }
00175 
00176                 return $row->evaluation_access;
00177         }
00178         
00179         function _isSurveyParticipant($user_id, $survey_id)
00180         {
00181                 global $ilDB;
00182 
00183                 $q = sprintf("SELECT finished_id FROM survey_finished WHERE user_fi = %s AND survey_fi = %s",
00184                         $ilDB->quote($user_id . ""),
00185                         $ilDB->quote($survey_id . "")
00186                 );
00187                 $result = $ilDB->query($q);
00188                 if ($result->numRows() == 1)
00189                 {
00190                         return true;
00191                 }
00192                 else
00193                 {
00194                         return false;
00195                 }
00196         }
00197         
00198         function _lookupAnonymize($a_obj_id)
00199         {
00200                 global $ilDB;
00201 
00202                 $q = sprintf("SELECT anonymize FROM survey_survey WHERE obj_fi = %s",
00203                         $ilDB->quote($a_obj_id . "")
00204                 );
00205                 $result = $ilDB->query($q);
00206                 if ($result->numRows() == 1)
00207                 {
00208                         $row = $result->fetchRow(DB_FETCHMODE_ASSOC);
00209                         return $row["anonymize"];
00210                 }
00211                 else
00212                 {
00213                         return 0;
00214                 }
00215         }
00216         
00217         function _hasEvaluationAccess($a_obj_id, $user_id)
00218         {
00219                 $evaluation_access = ilObjSurveyAccess::_lookupEvaluationAccess($a_obj_id);
00220                 switch ($evaluation_access)
00221                 {
00222                         case 0:
00223                                 // no evaluation access
00224                                 return false;
00225                                 break;
00226                         case 1:
00227                                 // evaluation access for all registered users
00228                                 if (($user_id > 0) && ($user_id != ANONYMOUS_USER_ID))
00229                                 {
00230                                         return true;
00231                                 }
00232                                 else
00233                                 {
00234                                         return false;
00235                                 }
00236                                 break;
00237                         case 2:
00238                                 // evaluation access for participants
00239                                 // check if the user with the given id is a survey participant
00240 
00241                                 // show the evaluation button for anonymized surveys for all users
00242                                 // access is only granted with the survey access code
00243                                 if (ilObjSurveyAccess::_lookupAnonymize($a_obj_id) == 1) return true;
00244                                 
00245                                 global $ilDB;
00246                                 $q = sprintf("SELECT survey_id FROM survey_survey WHERE obj_fi = %s",
00247                                         $ilDB->quote($a_obj_id . "")
00248                                 );
00249                                 $result = $ilDB->query($q);
00250                                 if ($result->numRows() == 1)
00251                                 {
00252                                         $row = $result->fetchRow(DB_FETCHMODE_ASSOC);
00253                                         if (ilObjSurveyAccess::_isSurveyParticipant($user_id, $row["survey_id"]))
00254                                         {
00255                                                 return true;
00256                                         }
00257                                 }
00258                                 return false;
00259                                 break;
00260                 }
00261         }
00262 
00266         function _lookupOnline($a_obj_id)
00267         {
00268                 global $ilDB;
00269 
00270                 $q = sprintf("SELECT * FROM survey_survey WHERE obj_fi=%s",
00271                         $ilDB->quote($a_obj_id)
00272                 );
00273                 $result = $ilDB->query($q);
00274                 if ($result->numRows() == 1) {
00275                         $row = $result->fetchRow(DB_FETCHMODE_OBJECT);
00276                 }
00277 
00278                 return $row->status;
00279         }
00280 
00286         function _lookupFinished($a_obj_id, $a_user_id = "")
00287         {
00288                 global $ilDB, $ilUser;
00289 
00290                 $finished = "";
00291                 if (!strlen($a_user_id)) $a_user_id = $ilUser->getId();
00292 
00293                 $q = sprintf("SELECT * FROM survey_survey WHERE obj_fi = %s",
00294                         $ilDB->quote($a_obj_id)
00295                 );
00296                 $result = $ilDB->query($q);
00297                 if ($result->numRows() == 1)
00298                 {
00299                         $row = $result->fetchRow(DB_FETCHMODE_OBJECT);
00300                         if ($row->anonymize == 1)
00301                         {
00302                                 $q = sprintf("SELECT * FROM survey_finished, survey_anonymous WHERE survey_finished.survey_fi = %s AND survey_finished.survey_fi = survey_anonymous.survey_fi AND survey_anonymous.user_key = %s AND survey_anonymous.survey_key = survey_finished.anonymous_id",
00303                                         $ilDB->quote($row->survey_id),
00304                                         $ilDB->quote(md5($a_user_id) . "")
00305                                 );
00306                         }
00307                         else
00308                         {
00309                                 $q = sprintf("SELECT * FROM survey_finished WHERE survey_fi = %s AND user_fi = %s",
00310                                         $ilDB->quote($row->survey_id),
00311                                         $ilDB->quote($a_user_id)
00312                                 );
00313                         }
00314                         $result = $ilDB->query($q);
00315                         if ($result->numRows() == 1)
00316                         {
00317                                 $row = $result->fetchRow(DB_FETCHMODE_OBJECT);
00318                                 $finished = (int)$row->state;
00319                         }
00320                 }
00321 
00322                 return $finished;
00323         }
00324         
00328         function _checkGoto($a_target)
00329         {
00330                 global $ilAccess;
00331                 
00332                 $t_arr = explode("_", $a_target);
00333 
00334                 if ($t_arr[0] != "svy" || ((int) $t_arr[1]) <= 0)
00335                 {
00336                         return false;
00337                 }
00338 
00339                 if ($ilAccess->checkAccess("read", "", $t_arr[1]))
00340                 {
00341                         return true;
00342                 }
00343                 return false;
00344         }
00345 
00346 
00347 }
00348 
00349 ?>