ILIAS  Release_4_2_x_branch Revision 61807
 All Data Structures Namespaces Files Functions Variables Groups Pages
Public Member Functions | Static Public Member Functions | Protected Attributes
ilWorkspaceAccessHandler Class Reference

Access handler for personal workspace. More...

+ Collaboration diagram for ilWorkspaceAccessHandler:

Public Member Functions

 __construct (ilTree $a_tree=null)
 getTree ()
 Get workspace tree.
 checkAccess ($a_permission, $a_cmd, $a_node_id, $a_type="")
 check access for an object
 checkAccessOfUser (ilTree $a_tree, $a_user_id, $a_permission, $a_cmd, $a_node_id, $a_type="")
 check access for an object
 setPermissions ($a_parent_node_id, $a_node_id)
 Set permissions after creating node/object.
 addPermission ($a_node_id, $a_object_id, $a_extended_data=null)
 Add permission to node for object.
 removePermission ($a_node_id, $a_object_id=null)
 Remove permission[s] (for object) to node.
 hasRegisteredPermission ($a_node_id)
 hasGlobalPermission ($a_node_id)
 hasGlobalPasswordPermission ($a_node_id)
 getSharedOwners ()
 getSharedObjects ($a_owner_id)
 getObjectsIShare ()

Static Public Member Functions

static getPermissions ($a_node_id)
 Get all permissions to node.
static getPossibleSharedTargets ()
static getSharedNodePassword ($a_node_id)
static keepSharedSessionPassword ($a_node_id, $a_password)
static getSharedSessionPassword ($a_node_id)
static getGotoLink ($a_node_id, $a_obj_id, $a_additional=null)

Protected Attributes

 $tree

Detailed Description

Access handler for personal workspace.

Author
Jörg Lützenkirchen luetz.nosp@m.enki.nosp@m.rchen.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Version
Id:
class.ilPersonalDesktopGUI.php 26976 2010-12-16 13:24:38Z akill

Definition at line 17 of file class.ilWorkspaceAccessHandler.php.

Constructor & Destructor Documentation

ilWorkspaceAccessHandler::__construct ( ilTree  $a_tree = null)

Definition at line 21 of file class.ilWorkspaceAccessHandler.php.

References $lng.

{
global $ilUser, $lng;
$lng->loadLanguageModule("wsp");
if(!$a_tree)
{
include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceTree.php";
$a_tree = new ilWorkspaceTree($ilUser->getId());
}
$this->tree = $a_tree;
}

Member Function Documentation

ilWorkspaceAccessHandler::addPermission (   $a_node_id,
  $a_object_id,
  $a_extended_data = null 
)

Add permission to node for object.

Parameters
int$a_node_id
int$a_object_id
string$a_extended_data
Returns
bool

Definition at line 187 of file class.ilWorkspaceAccessHandler.php.

References $ilDB.

{
global $ilDB, $ilUser;
// tree owner must not be added
if($this->tree->getTreeId() == $ilUser->getId() &&
$a_object_id == $ilUser->getId())
{
return false;
}
$ilDB->manipulate("INSERT INTO acl_ws (node_id, object_id, extended_data)".
" VALUES (".$ilDB->quote($a_node_id, "integer").", ".
$ilDB->quote($a_object_id, "integer").",".
$ilDB->quote($a_extended_data, "text").")");
return true;
}
ilWorkspaceAccessHandler::checkAccess (   $a_permission,
  $a_cmd,
  $a_node_id,
  $a_type = "" 
)

check access for an object

Parameters
string$a_permission
string$a_cmd
int$a_node_id
string$a_type(optional)
Returns
bool

Definition at line 54 of file class.ilWorkspaceAccessHandler.php.

References checkAccessOfUser().

{
global $ilUser;
return $this->checkAccessOfUser($this->tree, $ilUser->getId(),$a_permission, $a_cmd, $a_node_id, $a_type);
}

+ Here is the call graph for this function:

ilWorkspaceAccessHandler::checkAccessOfUser ( ilTree  $a_tree,
  $a_user_id,
  $a_permission,
  $a_cmd,
  $a_node_id,
  $a_type = "" 
)

check access for an object

Parameters
ilTree$a_tree
integer$a_user_id
string$a_permission
string$a_cmd
int$a_node_id
string$a_type(optional)
Returns
bool

Definition at line 72 of file class.ilWorkspaceAccessHandler.php.

References ilGroupParticipants\_getInstanceByObjId(), ilCourseParticipants\_getInstanceByObjId(), ilObject\_lookupType(), getPermissions(), ilWorkspaceAccessGUI\PERMISSION_ALL, ilWorkspaceAccessGUI\PERMISSION_ALL_PASSWORD, ilWorkspaceAccessGUI\PERMISSION_REGISTERED, and ilTree\readRootId().

Referenced by checkAccess().

{
global $rbacreview, $ilUser;
// :TODO: create permission for parent node with type ?!
// tree root is read-only
if($a_permission == "write")
{
if($a_tree->readRootId() == $a_node_id)
{
return false;
}
}
// node owner has all rights
if($a_tree->lookupOwner($a_node_id) == $a_user_id)
{
return true;
}
// other users can only read
if($a_permission == "read" || $a_permission == "visible")
{
// get all objects with explicit permission
$objects = $this->getPermissions($a_node_id);
if($objects)
{
// check if given user is member of object or has role
foreach($objects as $obj_id)
{
switch($obj_id)
{
case ilWorkspaceAccessGUI::PERMISSION_ALL:
return true;
case ilWorkspaceAccessGUI::PERMISSION_ALL_PASSWORD:
// check against input kept in session
if(self::getSharedNodePassword($a_node_id) == self::getSharedSessionPassword($a_node_id) ||
$a_permission == "visible")
{
return true;
}
break;
case ilWorkspaceAccessGUI::PERMISSION_REGISTERED:
if($ilUser->getId() != ANONYMOUS_USER_ID)
{
return true;
}
break;
default:
switch(ilObject::_lookupType($obj_id))
{
case "grp":
// member of group?
if(ilGroupParticipants::_getInstanceByObjId($obj_id)->isAssigned($a_user_id))
{
return true;
}
break;
case "crs":
// member of course?
if(ilCourseParticipants::_getInstanceByObjId($obj_id)->isAssigned($a_user_id))
{
return true;
}
break;
case "role":
// has role?
if($rbacreview->isAssigned($a_user_id, $obj_id))
{
return true;
}
break;
case "usr":
// direct assignment
if($a_user_id == $obj_id)
{
return true;
}
break;
}
break;
}
}
}
}
return false;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

static ilWorkspaceAccessHandler::getGotoLink (   $a_node_id,
  $a_obj_id,
  $a_additional = null 
)
static

Definition at line 391 of file class.ilWorkspaceAccessHandler.php.

References ilLink\_getStaticLink(), and ilObject\_lookupType().

Referenced by ilObjectListGUI\buildGotoLink(), ilPortfolioPageTableGUI\fillRow(), ilExAssignmentGUI\getOverviewBody(), ilObjBlog\sendNotification(), and ilNoteGUI\showTargets().

{
include_once('classes/class.ilLink.php');
return ilLink::_getStaticLink($a_node_id, ilObject::_lookupType($a_obj_id), true, $a_additional."_wsp");
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilWorkspaceAccessHandler::getObjectsIShare ( )

Definition at line 397 of file class.ilWorkspaceAccessHandler.php.

References $ilDB, $res, and $row.

{
global $ilDB, $ilUser;
$res = array();
$set = $ilDB->query("SELECT ref.wsp_id,obj.obj_id".
" FROM object_data obj".
" JOIN object_reference_ws ref ON (obj.obj_id = ref.obj_id)".
" JOIN tree_workspace tree ON (tree.child = ref.wsp_id)".
" JOIN acl_ws acl ON (acl.node_id = tree.child)".
" WHERE obj.owner = ".$ilDB->quote($ilUser->getId(), "integer"));
while ($row = $ilDB->fetchAssoc($set))
{
$res[$row["wsp_id"]] = $row["obj_id"];
}
return $res;
}
static ilWorkspaceAccessHandler::getPermissions (   $a_node_id)
static

Get all permissions to node.

Parameters
int$a_node_id
Returns
array

Definition at line 232 of file class.ilWorkspaceAccessHandler.php.

References $ilDB, $ilSetting, $res, $row, ilWorkspaceAccessGUI\PERMISSION_ALL, and ilWorkspaceAccessGUI\PERMISSION_ALL_PASSWORD.

Referenced by checkAccessOfUser(), ilSharedResourceGUI\hasAccess(), and ilWorkspaceShareTableGUI\importData().

{
global $ilDB, $ilSetting;
$publish_enabled = $ilSetting->get("enable_global_profiles");
$publish_perm = array(ilWorkspaceAccessGUI::PERMISSION_ALL,
ilWorkspaceAccessGUI::PERMISSION_ALL_PASSWORD);
$set = $ilDB->query("SELECT object_id FROM acl_ws".
" WHERE node_id = ".$ilDB->quote($a_node_id, "integer"));
$res = array();
while($row = $ilDB->fetchAssoc($set))
{
if($publish_enabled || !in_array($row["object_id"], $publish_perm))
{
$res[] = $row["object_id"];
}
}
return $res;
}

+ Here is the caller graph for this function:

static ilWorkspaceAccessHandler::getPossibleSharedTargets ( )
static

Definition at line 293 of file class.ilWorkspaceAccessHandler.php.

References $ilSetting, ilParticipants\_getMembershipByType(), ilWorkspaceAccessGUI\PERMISSION_ALL, ilWorkspaceAccessGUI\PERMISSION_ALL_PASSWORD, and ilWorkspaceAccessGUI\PERMISSION_REGISTERED.

Referenced by getSharedObjects(), and getSharedOwners().

{
global $ilUser, $ilSetting;
include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceAccessGUI.php";
include_once "Services/Membership/classes/class.ilParticipants.php";
$grp_ids = ilParticipants::_getMembershipByType($ilUser->getId(), "grp");
$crs_ids = ilParticipants::_getMembershipByType($ilUser->getId(), "crs");
$obj_ids = array_merge($grp_ids, $crs_ids);
$obj_ids[] = $ilUser->getId();
$obj_ids[] = ilWorkspaceAccessGUI::PERMISSION_REGISTERED;
if($ilSetting->get("enable_global_profiles"))
{
$obj_ids[] = ilWorkspaceAccessGUI::PERMISSION_ALL;
$obj_ids[] = ilWorkspaceAccessGUI::PERMISSION_ALL_PASSWORD;
}
return $obj_ids;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

static ilWorkspaceAccessHandler::getSharedNodePassword (   $a_node_id)
static

Definition at line 365 of file class.ilWorkspaceAccessHandler.php.

References $ilDB, $res, and ilWorkspaceAccessGUI\PERMISSION_ALL_PASSWORD.

Referenced by ilSharedResourceGUI\checkPassword().

{
global $ilDB;
include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceAccessGUI.php";
$set = $ilDB->query("SELECT * FROM acl_ws".
" WHERE node_id = ".$ilDB->quote($a_node_id, "integer").
" AND object_id = ".$ilDB->quote(ilWorkspaceAccessGUI::PERMISSION_ALL_PASSWORD, "integer"));
$res = $ilDB->fetchAssoc($set);
if($res)
{
return $res["extended_data"];
}
}

+ Here is the caller graph for this function:

ilWorkspaceAccessHandler::getSharedObjects (   $a_owner_id)

Definition at line 343 of file class.ilWorkspaceAccessHandler.php.

References $ilDB, $res, $row, and getPossibleSharedTargets().

{
global $ilDB;
$obj_ids = $this->getPossibleSharedTargets();
$res = array();
$set = $ilDB->query("SELECT ref.wsp_id,obj.obj_id".
" FROM object_data obj".
" JOIN object_reference_ws ref ON (obj.obj_id = ref.obj_id)".
" JOIN tree_workspace tree ON (tree.child = ref.wsp_id)".
" JOIN acl_ws acl ON (acl.node_id = tree.child)".
" WHERE ".$ilDB->in("acl.object_id", $obj_ids, "", "integer").
" AND obj.owner = ".$ilDB->quote($a_owner_id, "integer"));
while ($row = $ilDB->fetchAssoc($set))
{
$res[$row["wsp_id"]] = $row["obj_id"];
}
return $res;
}

+ Here is the call graph for this function:

ilWorkspaceAccessHandler::getSharedOwners ( )

Definition at line 315 of file class.ilWorkspaceAccessHandler.php.

References $ilDB, $row, and getPossibleSharedTargets().

{
global $ilUser, $ilDB;
$obj_ids = $this->getPossibleSharedTargets();
$user_ids = array();
$set = $ilDB->query("SELECT DISTINCT(obj.owner), u.lastname, u.firstname, u.title".
" FROM object_data obj".
" JOIN object_reference_ws ref ON (obj.obj_id = ref.obj_id)".
" JOIN tree_workspace tree ON (tree.child = ref.wsp_id)".
" JOIN acl_ws acl ON (acl.node_id = tree.child)".
" JOIN usr_data u on (u.usr_id = obj.owner)".
" WHERE ".$ilDB->in("acl.object_id", $obj_ids, "", "integer").
" AND obj.owner <> ".$ilDB->quote($ilUser->getId(), "integer").
" ORDER BY u.lastname, u.firstname, u.title");
while ($row = $ilDB->fetchAssoc($set))
{
$user_ids[$row["owner"]] = $row["lastname"].", ".$row["firstname"];
if($row["title"])
{
$user_ids[$row["owner"]] .= ", ".$row["title"];
}
}
return $user_ids;
}

+ Here is the call graph for this function:

static ilWorkspaceAccessHandler::getSharedSessionPassword (   $a_node_id)
static

Definition at line 386 of file class.ilWorkspaceAccessHandler.php.

References $_SESSION.

{
return $_SESSION["ilshpw_".$a_node_id];
}
ilWorkspaceAccessHandler::getTree ( )

Get workspace tree.

Returns
ilWorkspaceTree

Definition at line 40 of file class.ilWorkspaceAccessHandler.php.

References $tree.

{
return $this->tree;
}
ilWorkspaceAccessHandler::hasGlobalPasswordPermission (   $a_node_id)

Definition at line 278 of file class.ilWorkspaceAccessHandler.php.

References $ilDB, $ilSetting, and ilWorkspaceAccessGUI\PERMISSION_ALL_PASSWORD.

{
global $ilDB, $ilSetting;
if(!$ilSetting->get("enable_global_profiles"))
{
return false;
}
$set = $ilDB->query("SELECT object_id FROM acl_ws".
" WHERE node_id = ".$ilDB->quote($a_node_id, "integer").
" AND object_id = ".$ilDB->quote(ilWorkspaceAccessGUI::PERMISSION_ALL_PASSWORD, "integer"));
return (bool)$ilDB->numRows($set);
}
ilWorkspaceAccessHandler::hasGlobalPermission (   $a_node_id)

Definition at line 263 of file class.ilWorkspaceAccessHandler.php.

References $ilDB, $ilSetting, and ilWorkspaceAccessGUI\PERMISSION_ALL.

{
global $ilDB, $ilSetting;
if(!$ilSetting->get("enable_global_profiles"))
{
return false;
}
$set = $ilDB->query("SELECT object_id FROM acl_ws".
" WHERE node_id = ".$ilDB->quote($a_node_id, "integer").
" AND object_id = ".$ilDB->quote(ilWorkspaceAccessGUI::PERMISSION_ALL, "integer"));
return (bool)$ilDB->numRows($set);
}
ilWorkspaceAccessHandler::hasRegisteredPermission (   $a_node_id)

Definition at line 253 of file class.ilWorkspaceAccessHandler.php.

References $ilDB, and ilWorkspaceAccessGUI\PERMISSION_REGISTERED.

{
global $ilDB;
$set = $ilDB->query("SELECT object_id FROM acl_ws".
" WHERE node_id = ".$ilDB->quote($a_node_id, "integer").
" AND object_id = ".$ilDB->quote(ilWorkspaceAccessGUI::PERMISSION_REGISTERED, "integer"));
return (bool)$ilDB->numRows($set);
}
static ilWorkspaceAccessHandler::keepSharedSessionPassword (   $a_node_id,
  $a_password 
)
static

Definition at line 381 of file class.ilWorkspaceAccessHandler.php.

References $_SESSION.

Referenced by ilSharedResourceGUI\checkPassword().

{
$_SESSION["ilshpw_".$a_node_id] = $a_password;
}

+ Here is the caller graph for this function:

ilWorkspaceAccessHandler::removePermission (   $a_node_id,
  $a_object_id = null 
)

Remove permission[s] (for object) to node.

Parameters
int$a_node_id
int$a_object_id

Definition at line 211 of file class.ilWorkspaceAccessHandler.php.

References $ilDB, and $query.

{
global $ilDB;
$query = "DELETE FROM acl_ws".
" WHERE node_id = ".$ilDB->quote($a_node_id, "integer");
if($a_object_id)
{
$query .= " AND object_id = ".$ilDB->quote($a_object_id, "integer");
}
return $ilDB->manipulate($query);
}
ilWorkspaceAccessHandler::setPermissions (   $a_parent_node_id,
  $a_node_id 
)

Set permissions after creating node/object.

Parameters
int$a_parent_node_id
int$a_node_id

Definition at line 174 of file class.ilWorkspaceAccessHandler.php.

{
// nothing to do as owner has irrefutable rights to any workspace object
}

Field Documentation

ilWorkspaceAccessHandler::$tree
protected

Definition at line 19 of file class.ilWorkspaceAccessHandler.php.

Referenced by getTree().

The documentation for this class was generated from the following file: