ILIAS  Release_4_4_x_branch Revision 61816
 All Data Structures Namespaces Files Functions Variables Groups Pages
ilPortfolioAccessHandler Class Reference

Access handler for portfolio. More...

+ Collaboration diagram for ilPortfolioAccessHandler:

Public Member Functions

 __construct ()
 checkAccess ($a_permission, $a_cmd, $a_node_id, $a_type="")
 check access for an object
 checkAccessOfUser ($a_user_id, $a_permission, $a_cmd, $a_node_id, $a_type="")
 check access for an object
 setPermissions ($a_parent_node_id, $a_node_id)
 Set permissions after creating node/object.
 addPermission ($a_node_id, $a_object_id, $a_extended_data=null)
 Add permission to node for object.
 removePermission ($a_node_id, $a_object_id=null)
 Remove permission[s] (for object) to node.
 getPermissions ($a_node_id)
 Get all permissions to node.
 hasRegisteredPermission ($a_node_id)
 hasGlobalPermission ($a_node_id)
 hasGlobalPasswordPermission ($a_node_id)
 getObjectsIShare ($a_online_only=true)
 getSharedOwners ()
 getSharedObjects ($a_owner_id)
 getShardObjectsDataForUserIds (array $a_owner_ids)
 findSharedObjects (array $a_filter=null, array $a_crs_ids=null, array $a_grp_ids=null)

Static Public Member Functions

static getPossibleSharedTargets ()
static getSharedNodePassword ($a_node_id)
static keepSharedSessionPassword ($a_node_id, $a_password)
static getSharedSessionPassword ($a_node_id)

Protected Member Functions

 syncProfile ($a_node_id)

Detailed Description

Access handler for portfolio.

Author
Jörg Lützenkirchen luetz.nosp@m.enki.nosp@m.rchen.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Version
Id:
class.ilPersonalDesktopGUI.php 26976 2010-12-16 13:24:38Z akill

Definition at line 18 of file class.ilPortfolioAccessHandler.php.

Constructor & Destructor Documentation

ilPortfolioAccessHandler::__construct ( )

Definition at line 20 of file class.ilPortfolioAccessHandler.php.

References $lng.

{
global $lng;
$lng->loadLanguageModule("wsp");
}

Member Function Documentation

ilPortfolioAccessHandler::addPermission (   $a_node_id,
  $a_object_id,
  $a_extended_data = null 
)

Add permission to node for object.

Parameters
int$a_node_id
int$a_object_id
string$a_extended_data

Definition at line 177 of file class.ilPortfolioAccessHandler.php.

References $ilUser, and syncProfile().

{
global $ilDB, $ilUser;
// current owner must not be added
if($a_object_id == $ilUser->getId())
{
return;
}
$ilDB->manipulate("INSERT INTO usr_portf_acl (node_id, object_id, extended_data, tstamp)".
" VALUES (".$ilDB->quote($a_node_id, "integer").", ".
$ilDB->quote($a_object_id, "integer").",".
$ilDB->quote($a_extended_data, "text").",".
$ilDB->quote(time(), "integer").")");
// portfolio as profile
$this->syncProfile($a_node_id);
}

+ Here is the call graph for this function:

ilPortfolioAccessHandler::checkAccess (   $a_permission,
  $a_cmd,
  $a_node_id,
  $a_type = "" 
)

check access for an object

Parameters
string$a_permission
string$a_cmd
int$a_node_id
string$a_type(optional)
Returns
bool

Definition at line 35 of file class.ilPortfolioAccessHandler.php.

References $ilUser, and checkAccessOfUser().

{
global $ilUser;
return $this->checkAccessOfUser($ilUser->getId(),$a_permission, $a_cmd, $a_node_id, $a_type);
}

+ Here is the call graph for this function:

ilPortfolioAccessHandler::checkAccessOfUser (   $a_user_id,
  $a_permission,
  $a_cmd,
  $a_node_id,
  $a_type = "" 
)

check access for an object

Parameters
integer$a_user_id
string$a_permission
string$a_cmd
int$a_node_id
string$a_type(optional)
Returns
bool

Definition at line 52 of file class.ilPortfolioAccessHandler.php.

References $ilSetting, $ilUser, ilGroupParticipants\_getInstanceByObjId(), ilCourseParticipants\_getInstanceByObjId(), ilObject\_lookupType(), getPermissions(), ilWorkspaceAccessGUI\PERMISSION_ALL, ilWorkspaceAccessGUI\PERMISSION_ALL_PASSWORD, and ilWorkspaceAccessGUI\PERMISSION_REGISTERED.

Referenced by checkAccess().

{
global $rbacreview, $ilUser, $ilSetting;
// #12059
if (!$ilSetting->get('user_portfolios'))
{
return false;
}
// :TODO: create permission for parent node with type ?!
$pf = new ilObjPortfolio($a_node_id, false);
if(!$pf->getId())
{
return false;
}
// portfolio owner has all rights
if($pf->getOwner() == $a_user_id)
{
return true;
}
// #11921
if(!$pf->isOnline())
{
return false;
}
// other users can only read
if($a_permission == "read" || $a_permission == "visible")
{
// get all objects with explicit permission
$objects = $this->getPermissions($a_node_id);
if($objects)
{
include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceAccessGUI.php";
// check if given user is member of object or has role
foreach($objects as $obj_id)
{
switch($obj_id)
{
return true;
// check against input kept in session
if(self::getSharedNodePassword($a_node_id) == self::getSharedSessionPassword($a_node_id) ||
$a_permission == "visible")
{
return true;
}
break;
if($ilUser->getId() != ANONYMOUS_USER_ID)
{
return true;
}
break;
default:
switch(ilObject::_lookupType($obj_id))
{
case "grp":
// member of group?
if(ilGroupParticipants::_getInstanceByObjId($obj_id)->isAssigned($a_user_id))
{
return true;
}
break;
case "crs":
// member of course?
if(ilCourseParticipants::_getInstanceByObjId($obj_id)->isAssigned($a_user_id))
{
return true;
}
break;
case "role":
// has role?
if($rbacreview->isAssigned($a_user_id, $obj_id))
{
return true;
}
break;
case "usr":
// direct assignment
if($a_user_id == $obj_id)
{
return true;
}
break;
}
break;
}
}
}
}
return false;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilPortfolioAccessHandler::findSharedObjects ( array  $a_filter = null,
array  $a_crs_ids = null,
array  $a_grp_ids = null 
)

Definition at line 388 of file class.ilPortfolioAccessHandler.php.

References $ilUser, $res, $row, getPossibleSharedTargets(), IL_CAL_DATE, IL_CAL_DATETIME, IL_CAL_UNIX, ilWorkspaceAccessGUI\PERMISSION_ALL, ilWorkspaceAccessGUI\PERMISSION_ALL_PASSWORD, and ilWorkspaceAccessGUI\PERMISSION_REGISTERED.

{
global $ilDB, $ilUser;
if(!$a_filter["acl_type"])
{
$obj_ids = $this->getPossibleSharedTargets();
}
else
{
include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceAccessGUI.php";
switch($a_filter["acl_type"])
{
case "all":
break;
case "password":
break;
case "registered":
break;
case "course":
$obj_ids = $a_crs_ids;
break;
case "group":
$obj_ids = $a_grp_ids;
break;
case "user":
$obj_ids = array($ilUser->getId());
break;
}
}
$res = array();
$sql = "SELECT obj.obj_id,obj.title,obj.owner".
",acl.object_id acl_type, acl.tstamp acl_date".
" FROM object_data obj".
" JOIN usr_portfolio prtf ON (prtf.id = obj.obj_id)".
" JOIN usr_portf_acl acl ON (acl.node_id = obj.obj_id)".
" WHERE ".$ilDB->in("acl.object_id", $obj_ids, "", "integer").
" AND obj.owner <> ".$ilDB->quote($ilUser->getId(), "integer").
" AND obj.type = ".$ilDB->quote("prtf", "text").
" AND prtf.is_online = ".$ilDB->quote(1, "integer");
if($a_filter["title"] && strlen($a_filter["title"]) >= 3)
{
$sql .= " AND ".$ilDB->like("obj.title", "text", "%".$a_filter["title"]."%");
}
if($a_filter["user"] && strlen($a_filter["user"]) >= 3)
{
$usr_ids = array();
$set = $ilDB->query("SELECT usr_id FROM usr_data".
" WHERE (".$ilDB->like("login", "text", "%".$a_filter["user"]."%")." ".
"OR ".$ilDB->like("firstname", "text", "%".$a_filter["user"]."%")." ".
"OR ".$ilDB->like("lastname", "text", "%".$a_filter["user"]."%")." ".
"OR ".$ilDB->like("email", "text", "%".$a_filter["user"]."%").")");
while($row = $ilDB->fetchAssoc($set))
{
$usr_ids[] = $row["usr_id"];
}
if(!sizeof($usr_ids))
{
return;
}
$sql .= " AND ".$ilDB->in("obj.owner", $usr_ids, "", "integer");
}
if($a_filter["acl_date"])
{
$dt = $a_filter["acl_date"]->get(IL_CAL_DATE);
$dt = new ilDateTime($dt." 00:00:00", IL_CAL_DATETIME);
$sql .= " AND acl.tstamp > ".$ilDB->quote($dt->get(IL_CAL_UNIX), "integer");
}
if($a_filter["crsgrp"])
{
include_once "Services/Membership/classes/class.ilParticipants.php";
$part = new ilParticipants($a_filter["crsgrp"]);
$part = $part->getParticipants();
if(!sizeof($part))
{
return;
}
$sql .= " AND ".$ilDB->in("obj.owner", $part, "", "integer");
}
// we use the oldest share date
$sql .= " ORDER BY acl.tstamp";
$set = $ilDB->query($sql);
while ($row = $ilDB->fetchAssoc($set))
{
if(!isset($res[$row["obj_id"]]))
{
$row["acl_type"] = array($row["acl_type"]);
$res[$row["obj_id"]] = $row;
}
else
{
$res[$row["obj_id"]]["acl_type"][] = $row["acl_type"];
}
}
return $res;
}

+ Here is the call graph for this function:

ilPortfolioAccessHandler::getObjectsIShare (   $a_online_only = true)

Definition at line 271 of file class.ilPortfolioAccessHandler.php.

References $ilUser, $res, and $row.

{
global $ilDB, $ilUser;
$res = array();
$sql = "SELECT obj.obj_id".
" FROM object_data obj".
" JOIN usr_portfolio prtf ON (prtf.id = obj.obj_id)".
" JOIN usr_portf_acl acl ON (acl.node_id = obj.obj_id)".
" WHERE obj.owner = ".$ilDB->quote($ilUser->getId(), "integer");
if($a_online_only)
{
$sql .= " AND prtf.is_online = ".$ilDB->quote(1, "integer");
}
$set = $ilDB->query($sql);
while ($row = $ilDB->fetchAssoc($set))
{
$res[] = $row["obj_id"];
}
return $res;
}
ilPortfolioAccessHandler::getPermissions (   $a_node_id)

Get all permissions to node.

Parameters
int$a_node_id
Returns
array

Definition at line 227 of file class.ilPortfolioAccessHandler.php.

References $res, and $row.

Referenced by checkAccessOfUser(), and ilSharedResourceGUI\hasAccess().

{
global $ilDB;
$set = $ilDB->query("SELECT object_id FROM usr_portf_acl".
" WHERE node_id = ".$ilDB->quote($a_node_id, "integer"));
$res = array();
while($row = $ilDB->fetchAssoc($set))
{
$res[] = $row["object_id"];
}
return $res;
}

+ Here is the caller graph for this function:

static ilPortfolioAccessHandler::getPossibleSharedTargets ( )
static

Definition at line 297 of file class.ilPortfolioAccessHandler.php.

References $ilUser, ilParticipants\_getMembershipByType(), ilWorkspaceAccessGUI\PERMISSION_ALL, ilWorkspaceAccessGUI\PERMISSION_ALL_PASSWORD, and ilWorkspaceAccessGUI\PERMISSION_REGISTERED.

Referenced by findSharedObjects(), getShardObjectsDataForUserIds(), getSharedObjects(), and getSharedOwners().

{
global $ilUser;
include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceAccessGUI.php";
include_once "Services/Membership/classes/class.ilParticipants.php";
$grp_ids = ilParticipants::_getMembershipByType($ilUser->getId(), "grp");
$crs_ids = ilParticipants::_getMembershipByType($ilUser->getId(), "crs");
$obj_ids = array_merge($grp_ids, $crs_ids);
$obj_ids[] = $ilUser->getId();
return $obj_ids;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilPortfolioAccessHandler::getShardObjectsDataForUserIds ( array  $a_owner_ids)

Definition at line 365 of file class.ilPortfolioAccessHandler.php.

References $res, $row, and getPossibleSharedTargets().

{
global $ilDB;
$obj_ids = $this->getPossibleSharedTargets();
$res = array();
$set = $ilDB->query("SELECT obj.obj_id, obj.owner, obj.title".
" FROM object_data obj".
" JOIN usr_portfolio prtf ON (prtf.id = obj.obj_id)".
" JOIN usr_portf_acl acl ON (acl.node_id = obj.obj_id)".
" WHERE ".$ilDB->in("acl.object_id", $obj_ids, "", "integer").
" AND ".$ilDB->in("obj.owner", $a_owner_ids, "", "integer").
" AND prtf.is_online = ".$ilDB->quote(1, "integer"));
while ($row = $ilDB->fetchAssoc($set))
{
$res[$row["owner"]][$row["obj_id"]] = $row["title"];
}
return $res;
}

+ Here is the call graph for this function:

static ilPortfolioAccessHandler::getSharedNodePassword (   $a_node_id)
static

Definition at line 502 of file class.ilPortfolioAccessHandler.php.

References $res, and ilWorkspaceAccessGUI\PERMISSION_ALL_PASSWORD.

Referenced by ilSharedResourceGUI\checkPassword().

{
global $ilDB;
include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceAccessGUI.php";
$set = $ilDB->query("SELECT extended_data FROM usr_portf_acl".
" WHERE node_id = ".$ilDB->quote($a_node_id, "integer").
" AND object_id = ".$ilDB->quote(ilWorkspaceAccessGUI::PERMISSION_ALL_PASSWORD, "integer"));
$res = $ilDB->fetchAssoc($set);
if($res)
{
return $res["extended_data"];
}
}

+ Here is the caller graph for this function:

ilPortfolioAccessHandler::getSharedObjects (   $a_owner_id)

Definition at line 343 of file class.ilPortfolioAccessHandler.php.

References $res, $row, and getPossibleSharedTargets().

{
global $ilDB;
$obj_ids = $this->getPossibleSharedTargets();
$res = array();
$set = $ilDB->query("SELECT obj.obj_id, obj.owner".
" FROM object_data obj".
" JOIN usr_portfolio prtf ON (prtf.id = obj.obj_id)".
" JOIN usr_portf_acl acl ON (acl.node_id = obj.obj_id)".
" WHERE ".$ilDB->in("acl.object_id", $obj_ids, "", "integer").
" AND obj.owner = ".$ilDB->quote($a_owner_id, "integer").
" AND prtf.is_online = ".$ilDB->quote(1, "integer"));
while ($row = $ilDB->fetchAssoc($set))
{
$res[$row["obj_id"]] = $row["obj_id"];
}
return $res;
}

+ Here is the call graph for this function:

ilPortfolioAccessHandler::getSharedOwners ( )

Definition at line 315 of file class.ilPortfolioAccessHandler.php.

References $ilUser, $row, and getPossibleSharedTargets().

{
global $ilUser, $ilDB;
$obj_ids = $this->getPossibleSharedTargets();
$user_ids = array();
$set = $ilDB->query("SELECT DISTINCT(obj.owner), u.lastname, u.firstname, u.title".
" FROM object_data obj".
" JOIN usr_portfolio prtf ON (prtf.id = obj.obj_id)".
" JOIN usr_portf_acl acl ON (acl.node_id = obj.obj_id)".
" JOIN usr_data u on (u.usr_id = obj.owner)".
" WHERE ".$ilDB->in("acl.object_id", $obj_ids, "", "integer").
" AND obj.owner <> ".$ilDB->quote($ilUser->getId(), "integer").
" AND prtf.is_online = ".$ilDB->quote(1, "integer").
" ORDER BY u.lastname, u.firstname, u.title");
while ($row = $ilDB->fetchAssoc($set))
{
$user_ids[$row["owner"]] = $row["lastname"].", ".$row["firstname"];
if($row["title"])
{
$user_ids[$row["owner"]] .= ", ".$row["title"];
}
}
return $user_ids;
}

+ Here is the call graph for this function:

static ilPortfolioAccessHandler::getSharedSessionPassword (   $a_node_id)
static

Definition at line 523 of file class.ilPortfolioAccessHandler.php.

References $_SESSION.

{
return $_SESSION["ilshpw_".$a_node_id];
}
ilPortfolioAccessHandler::hasGlobalPasswordPermission (   $a_node_id)

Definition at line 261 of file class.ilPortfolioAccessHandler.php.

References ilWorkspaceAccessGUI\PERMISSION_ALL_PASSWORD.

{
global $ilDB;
$set = $ilDB->query("SELECT object_id FROM usr_portf_acl".
" WHERE node_id = ".$ilDB->quote($a_node_id, "integer").
" AND object_id = ".$ilDB->quote(ilWorkspaceAccessGUI::PERMISSION_ALL_PASSWORD, "integer"));
return (bool)$ilDB->numRows($set);
}
ilPortfolioAccessHandler::hasGlobalPermission (   $a_node_id)

Definition at line 251 of file class.ilPortfolioAccessHandler.php.

References ilWorkspaceAccessGUI\PERMISSION_ALL.

Referenced by syncProfile().

{
global $ilDB;
$set = $ilDB->query("SELECT object_id FROM usr_portf_acl".
" WHERE node_id = ".$ilDB->quote($a_node_id, "integer").
" AND object_id = ".$ilDB->quote(ilWorkspaceAccessGUI::PERMISSION_ALL, "integer"));
return (bool)$ilDB->numRows($set);
}

+ Here is the caller graph for this function:

ilPortfolioAccessHandler::hasRegisteredPermission (   $a_node_id)

Definition at line 241 of file class.ilPortfolioAccessHandler.php.

References ilWorkspaceAccessGUI\PERMISSION_REGISTERED.

Referenced by syncProfile().

{
global $ilDB;
$set = $ilDB->query("SELECT object_id FROM usr_portf_acl".
" WHERE node_id = ".$ilDB->quote($a_node_id, "integer").
" AND object_id = ".$ilDB->quote(ilWorkspaceAccessGUI::PERMISSION_REGISTERED, "integer"));
return (bool)$ilDB->numRows($set);
}

+ Here is the caller graph for this function:

static ilPortfolioAccessHandler::keepSharedSessionPassword (   $a_node_id,
  $a_password 
)
static

Definition at line 518 of file class.ilPortfolioAccessHandler.php.

References $_SESSION.

Referenced by ilSharedResourceGUI\checkPassword().

{
$_SESSION["ilshpw_".$a_node_id] = $a_password;
}

+ Here is the caller graph for this function:

ilPortfolioAccessHandler::removePermission (   $a_node_id,
  $a_object_id = null 
)

Remove permission[s] (for object) to node.

Parameters
int$a_node_id
int$a_object_id

Definition at line 203 of file class.ilPortfolioAccessHandler.php.

References $query, and syncProfile().

{
global $ilDB;
$query = "DELETE FROM usr_portf_acl".
" WHERE node_id = ".$ilDB->quote($a_node_id, "integer");
if($a_object_id)
{
$query .= " AND object_id = ".$ilDB->quote($a_object_id, "integer");
}
$ilDB->manipulate($query);
// portfolio as profile
$this->syncProfile($a_node_id);
}

+ Here is the call graph for this function:

ilPortfolioAccessHandler::setPermissions (   $a_parent_node_id,
  $a_node_id 
)

Set permissions after creating node/object.

Parameters
int$a_parent_node_id
int$a_node_id

Definition at line 165 of file class.ilPortfolioAccessHandler.php.

{
// nothing to do as owner has irrefutable rights to any portfolio object
}
ilPortfolioAccessHandler::syncProfile (   $a_node_id)
protected

Definition at line 528 of file class.ilPortfolioAccessHandler.php.

References $ilUser, ilObjPortfolio\getDefaultPortfolio(), hasGlobalPermission(), hasRegisteredPermission(), and ilObjPortfolio\setUserDefault().

Referenced by addPermission(), and removePermission().

{
global $ilUser;
// #12845
include_once "Modules/Portfolio/classes/class.ilObjPortfolio.php";
if(ilObjPortfolio::getDefaultPortfolio($ilUser->getId()) == $a_node_id)
{
$has_registered = $this->hasRegisteredPermission($a_node_id);
$has_global = $this->hasGlobalPermission($a_node_id);
// not published anymore - remove portfolio as profile
if(!$has_registered && !$has_global)
{
$ilUser->setPref("public_profile", "n");
$ilUser->writePrefs();
ilObjPortfolio::setUserDefault($ilUser->getId());
}
// adapt profile setting
else
{
$new_pref = "y";
if($has_global)
{
$new_pref = "g";
}
if($ilUser->getPref("public_profile") != $new_pref)
{
$ilUser->setPref("public_profile", $new_pref);
$ilUser->writePrefs();
}
}
}
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:


The documentation for this class was generated from the following file: