ILIAS  Release_4_0_x_branch Revision 61816
 All Data Structures Namespaces Files Functions Variables Groups Pages
Public Member Functions | Data Fields | Private Member Functions
ilWebAccessChecker Class Reference

Class ilWebAccessChecker. More...

+ Collaboration diagram for ilWebAccessChecker:

Public Member Functions

 ilWebAccessChecker ()
 Constructor public.
 checkAccess ()
 Check access rights of the requested file public.
 setDisposition ($a_disposition="inline")
 Set the delivery mode for the file.
 getDisposition ()
 Get the delivery mode for the file.
 sendFile ()
 Send the requested file as if directly delivered from the web server public.
 sendError ()
 Send an error response for the requested file public.
 getMimeType ($default= 'application/octet-stream')

Data Fields

 $lng
 $ilAccess
 $checked_list
 $subpath
 $file
 $params
 $disposition = "inline"
 $mimetype
 $errorcode
 $errortext

Private Member Functions

 checkAccessLM ($obj_id, $obj_type, $page=0)
 checkAccessUserImage ($usr_id)
 Check access rights for user images.

Detailed Description

Class ilWebAccessChecker.

Checks the access rights of a directly requested content file. Called from a redirection script or from an include to a content page.

  • determines the related learning module and checks the permission
  • either delivers the accessed file (without redirect)
  • or redirects to the login screen (if not logged in)
  • or prints an error message (if too less rights)
Author
Fred Neumann fred..nosp@m.neum.nosp@m.ann@f.nosp@m.im.u.nosp@m.ni-er.nosp@m.lang.nosp@m.en.de
Version
Id:
class.ilWebAccessChecker.php 26695 2010-11-23 15:33:18Z fneumann

Definition at line 44 of file class.ilWebAccessChecker.php.

Member Function Documentation

ilWebAccessChecker::checkAccess ( )

Check access rights of the requested file public.

Definition at line 169 of file class.ilWebAccessChecker.php.

References $ilLog, $ref_id, $type, ilObject\_getAllReferences(), ilObjMediaCastAccess\_lookupPublicFiles(), ilObject\_lookupType(), ilNewsItem\_lookupVisibility(), checkAccessLM(), checkAccessUserImage(), elseif(), ilObjMediaObject\getParentObjectIdForUsage(), ilObjMediaObject\lookupUsages(), and NEWS_PUBLIC.

{
global $ilLog, $ilUser, $ilObjDataCache;
$pos1 = strpos($this->subpath, "lm_data/lm_") + 11;
$pos2 = strpos($this->subpath, "mobs/mm_") + 8;
$pos3 = strpos($this->subpath, "usr_images/") + 11;
$obj_id = 0;
$type = 'none';
// trying to access data within a learning module folder
if ($pos1 > 11)
{
$type = 'lm';
$seperator = strpos($this->subpath, '/', $pos1);
$obj_id = substr($this->subpath, $pos1, ($seperator > 0 ? $seperator : strlen($this->subpath))-$pos1);
}
//trying to access media data
else if ($pos2 > 8)
{
$type = 'mob';
$seperator = strpos($this->subpath, '/', $pos2);
$obj_id = substr($this->subpath, $pos2, ($seperator > 0 ? $seperator : strlen($this->subpath))-$pos2);
}
// trying to access a user image
elseif ($pos3 > 11)
{
$type = 'user_image';
// user images may be:
// upload_123pic, upload_123
// usr_123.jpg, usr_123_small.jpg, usr_123_xsmall.jpg, usr_123_xxsmall.jpg
$seperator = strpos($this->subpath, '_', $pos3);
$obj_id = (int) substr($this->subpath, $seperator + 1);
}
if (!$obj_id || $type == 'none')
return false;
switch($type)
{
case 'lm':
return $this->checkAccessLM($obj_id, 'lm');
break;
case 'mob':
$usages = ilObjMediaObject::lookupUsages($obj_id);
foreach($usages as $usage)
{
$oid = ilObjMediaObject::getParentObjectIdForUsage($usage, true);
switch($usage['type'])
{
case 'lm:pg':
if ($oid > 0)
{
if ($this->checkAccessLM($oid, 'lm', $usage['id']))
return true;
}
break;
case 'news':
// media objects in news (media casts)
include_once("./Modules/MediaCast/classes/class.ilObjMediaCastAccess.php");
include_once("./Services/News/classes/class.ilNewsItem.php");
if (ilObjMediaCastAccess::_lookupPublicFiles($oid) && ilNewsItem::_lookupVisibility($usage["id"]) == NEWS_PUBLIC)
{
return true;
}
break;
case 'frm~:html':
// $oid = userid
if ($ilObjDataCache->lookupType($oid) == 'usr' && $oid == $ilUser->getId())
{
return true;
}
break;
default:
$ref_ids = ilObject::_getAllReferences($oid);
$obj_type = ilObject::_lookupType($oid);
foreach($ref_ids as $ref_id)
{
if ($this->ilAccess->checkAccess("read", "view", $ref_id, $obj_type, $oid))
return true;
}
break;
}
}
break;
case 'user_image':
if ($this->checkAccessUserImage($obj_id))
{
return true;
}
break;
}
}

+ Here is the call graph for this function:

ilWebAccessChecker::checkAccessLM (   $obj_id,
  $obj_type,
  $page = 0 
)
private

Definition at line 265 of file class.ilWebAccessChecker.php.

References $ref_id, and ilObject\_getAllReferences().

Referenced by checkAccess().

{
//if (!$page)
//{
$ref_ids = ilObject::_getAllReferences($obj_id);
foreach($ref_ids as $ref_id)
{
if ($this->ilAccess->checkAccess("read", "", $ref_id))
return true;
}
return false;
//}
//else
//{
// $ref_ids = ilObject::_getAllReferences($obj_id);
// foreach($ref_ids as $ref_id)
// {
// if ($this->ilAccess->checkAccess("read", "", $ref_id))
// {
// require_once 'Modules/LearningModule/classes/class.ilObjLearningModule.php';
// $lm = new ilObjLearningModule($obj_id,false);
// if ($lm->_checkPreconditionsOfPage($ref_id, $obj_id, $page))
// return true;
// }
// }
// return false;
//}
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilWebAccessChecker::checkAccessUserImage (   $usr_id)
private

Check access rights for user images.

Parameters
intusr_id
Returns
boolean access given (true/false)

Definition at line 301 of file class.ilWebAccessChecker.php.

References $ilSetting, $usr_id, ilObjUser\_lookupPref(), and elseif().

Referenced by checkAccess().

{
global $ilUser, $ilSetting;
// check if own image is viewed
if ($usr_id == $ilUser->getId())
{
return true;
}
// check if image is in the public profile
$public_upload = ilObjUser::_lookupPref($usr_id, 'public_upload');
if ($public_upload != 'y')
{
return false;
}
// check the publication status of the profile
$public_profile = ilObjUser::_lookupPref($usr_id, 'public_profile');
if ($public_profile == 'g'
and $ilSetting->get('enable_global_profiles')
and $ilSetting->get('pub_section'))
{
// globally public
return true;
}
elseif (($public_profile == 'y' or $public_profile == 'g')
and $ilUser->getId() != ANONYMOUS_USER_ID)
{
// public for logged in users
return true;
}
else
{
// not public
return false;
}
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilWebAccessChecker::getDisposition ( )

Get the delivery mode for the file.

Returns
string "inline" or "attachment" public

Definition at line 357 of file class.ilWebAccessChecker.php.

References $disposition.

Referenced by sendFile().

{
return $this->disposition;
}

+ Here is the caller graph for this function:

ilWebAccessChecker::getMimeType (   $default = 'application/octet-stream')

Definition at line 443 of file class.ilWebAccessChecker.php.

Referenced by ilWebAccessChecker().

{
$mime = '';
if (extension_loaded('Fileinfo'))
{
$finfo = finfo_open(FILEINFO_MIME);
$mime = finfo_file($finfo, $this->file);
finfo_close($finfo);
if ($pos = strpos($mime, ' '))
{
$mime = substr($mime, 0, $pos);
}
}
else
$mime = ilObjMediaObject::getMimeType($this->file);
$this->mimetype = $mime ? $mime : $default;
}

+ Here is the caller graph for this function:

ilWebAccessChecker::ilWebAccessChecker ( )

Constructor public.

Definition at line 107 of file class.ilWebAccessChecker.php.

References $_SESSION, $ilAccess, $ilLog, $lng, getMimeType(), ILIAS_ABSOLUTE_PATH, and ILIAS_WEB_DIR.

{
global $ilAccess, $lng, $ilLog;
$this->lng =& $lng;
$this->ilAccess =& $ilAccess;
$this->checked_list = & $_SESSION["WebAccessChecked"];
$this->params = array();
// set the anonymous user if no user is set
if (!$_SESSION["AccountId"])
{
$_SESSION["AccountId"] = ANONYMOUS_USER_ID;
$ilUser->setId(ANONYMOUS_USER_ID);
$ilUser->read();
}
// get the requested file and its type
$uri = parse_url($_SERVER["REQUEST_URI"]);
parse_str($uri["query"], $this->params);
$pattern = ILIAS_WEB_DIR . "/" . CLIENT_ID;
$this->subpath = urldecode(substr($uri["path"], strpos($uri["path"], $pattern)));
$this->file = realpath(ILIAS_ABSOLUTE_PATH . "/". $this->subpath);
/* debugging
echo "<pre>";
echo "REQUEST_URI: ". $_SERVER["REQUEST_URI"]. "\n";
echo "Parsed URI: ". $uri["path"]. "\n";
echo "DOCUMENT_ROOT: ". $_SERVER["DOCUMENT_ROOT"]. "\n";
echo "PHP_SELF: ". $_SERVER["PHP_SELF"]. "\n";
echo "SCRIPT_NAME: ". $_SERVER["SCRIPT_NAME"]. "\n";
echo "SCRIPT_FILENAME: ". $_SERVER["SCRIPT_FILENAME"]. "\n";
echo "PATH_TRANSLATED: ". $_SERVER["PATH_TRANSLATED"]. "\n";
echo "ILIAS_WEB_DIR: ". ILIAS_WEB_DIR. "\n";
echo "ILIAS_HTTP_PATH: ". ILIAS_HTTP_PATH. "\n";
echo "ILIAS_ABSOLUTE_PATH: ". ILIAS_ABSOLUTE_PATH. "\n";
echo "CLIENT_ID: ". CLIENT_ID. "\n";
echo "CLIENT_WEB_DIR: ". CLIENT_WEB_DIR. "\n";
echo "subpath: ". $this->subpath. "\n";
echo "file: ". $this->file. "\n";
echo "</pre>";
exit;
*/
if (file_exists($this->file))
{
//$this->mimetype = ilObjMediaObject::getMimeType($this->file);
$this->mimetype = $this->getMimeType();
}
else
{
$this->errorcode = 404;
$this->errortext = $this->lng->txt("url_not_found");
return false;
}
}

+ Here is the call graph for this function:

ilWebAccessChecker::sendError ( )

Send an error response for the requested file public.

Definition at line 428 of file class.ilWebAccessChecker.php.

References exit.

{
switch ($this->errorcode)
{
case 404:
header("HTTP/1.0: 404 Not Found");
break;
case 403:
default:
header("HTTP/1.0: 403 Forbidden");
break;
}
exit($this->errortext);
}
ilWebAccessChecker::sendFile ( )

Send the requested file as if directly delivered from the web server public.

Definition at line 367 of file class.ilWebAccessChecker.php.

References ilUtil\deliverFile(), exit, getDisposition(), and ilUtil\readFile().

{
//$system_use_xsendfile = true;
$xsendfile_available = false;
//if (function_exists('apache_get_modules'))
//{
// $modules = apache_get_modules();
// $xsendfile_available = in_array('mod_xsendfile', $modules);
//}
//$xsendfile_available = $system_use_xsendfile & $xsendfile_available;
if ($this->getDisposition() == "attachment")
{
if ($xsendfile_available)
{
header('x-sendfile: ' . $this->file);
header("Content-Type: application/octet-stream");
}
else
ilUtil::deliverFile($this->file, basename($this->file));
exit;
}
else
{
if (!isset($_SERVER["HTTPS"]))
{
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
}
header("Content-Type: " . $this->mimetype);
header("Content-Length: ".(string)(filesize($this->file)));
if (isset($_SERVER["HTTPS"]))
{
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
}
header("Connection: close");
if ($xsendfile_available)
{
header('x-sendfile: ' . $this->file);
header("Content-Type: " . $this->mimetype);
}
else
{
ilUtil::readFile( $this->file);
}
exit;
}
}

+ Here is the call graph for this function:

ilWebAccessChecker::setDisposition (   $a_disposition = "inline")

Set the delivery mode for the file.

Parameters
string"inline" or "attachment" public

Definition at line 347 of file class.ilWebAccessChecker.php.

{
$this->disposition = $a_disposition;
}

Field Documentation

ilWebAccessChecker::$checked_list

Definition at line 48 of file class.ilWebAccessChecker.php.

ilWebAccessChecker::$disposition = "inline"

Definition at line 77 of file class.ilWebAccessChecker.php.

Referenced by getDisposition().

ilWebAccessChecker::$errorcode

Definition at line 92 of file class.ilWebAccessChecker.php.

ilWebAccessChecker::$errortext

Definition at line 100 of file class.ilWebAccessChecker.php.

ilWebAccessChecker::$file

Definition at line 62 of file class.ilWebAccessChecker.php.

ilWebAccessChecker::$ilAccess

Definition at line 47 of file class.ilWebAccessChecker.php.

Referenced by ilWebAccessChecker().

ilWebAccessChecker::$lng

Definition at line 46 of file class.ilWebAccessChecker.php.

Referenced by ilWebAccessChecker().

ilWebAccessChecker::$mimetype

Definition at line 85 of file class.ilWebAccessChecker.php.

ilWebAccessChecker::$params

Definition at line 69 of file class.ilWebAccessChecker.php.

ilWebAccessChecker::$subpath

Definition at line 55 of file class.ilWebAccessChecker.php.

The documentation for this class was generated from the following file: