ILIAS  Release_5_0_x_branch Revision 61816
 All Data Structures Namespaces Files Functions Variables Groups Pages
Public Member Functions | Static Public Member Functions | Protected Attributes
ilWorkspaceAccessHandler Class Reference

Access handler for personal workspace. More...

+ Collaboration diagram for ilWorkspaceAccessHandler:

Public Member Functions

 __construct (ilTree $a_tree=null)
 getTree ()
 Get workspace tree.
 checkAccess ($a_permission, $a_cmd, $a_node_id, $a_type="")
 check access for an object
 checkAccessOfUser (ilTree $a_tree, $a_user_id, $a_permission, $a_cmd, $a_node_id, $a_type="")
 check access for an object
 setPermissions ($a_parent_node_id, $a_node_id)
 Set permissions after creating node/object.
 addPermission ($a_node_id, $a_object_id, $a_extended_data=null)
 Add permission to node for object.
 removePermission ($a_node_id, $a_object_id=null)
 Remove permission[s] (for object) to node.
 hasRegisteredPermission ($a_node_id)
 hasGlobalPermission ($a_node_id)
 hasGlobalPasswordPermission ($a_node_id)
 getSharedOwners ()
 getSharedObjects ($a_owner_id)
 findSharedObjects (array $a_filter=null, array $a_crs_ids=null, array $a_grp_ids=null)
 getObjectsIShare ()

Static Public Member Functions

static getPermissions ($a_node_id)
 Get all permissions to node.
static getPossibleSharedTargets ()
static getSharedNodePassword ($a_node_id)
static keepSharedSessionPassword ($a_node_id, $a_password)
static getSharedSessionPassword ($a_node_id)
static getGotoLink ($a_node_id, $a_obj_id, $a_additional=null)
static getObjectDataFromNode ($a_node_id)

Protected Attributes

 $tree

Detailed Description

Access handler for personal workspace.

Author
Jörg Lützenkirchen luetz.nosp@m.enki.nosp@m.rchen.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Version
Id:
class.ilPersonalDesktopGUI.php 26976 2010-12-16 13:24:38Z akill

Definition at line 17 of file class.ilWorkspaceAccessHandler.php.

Constructor & Destructor Documentation

ilWorkspaceAccessHandler::__construct ( ilTree  $a_tree = null)

Definition at line 21 of file class.ilWorkspaceAccessHandler.php.

References $ilUser, and $lng.

{
global $ilUser, $lng;
$lng->loadLanguageModule("wsp");
if(!$a_tree)
{
include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceTree.php";
$a_tree = new ilWorkspaceTree($ilUser->getId());
}
$this->tree = $a_tree;
}

Member Function Documentation

ilWorkspaceAccessHandler::addPermission (   $a_node_id,
  $a_object_id,
  $a_extended_data = null 
)

Add permission to node for object.

Parameters
int$a_node_id
int$a_object_id
string$a_extended_data
Returns
bool

Definition at line 187 of file class.ilWorkspaceAccessHandler.php.

References $ilDB, and $ilUser.

{
global $ilDB, $ilUser;
// tree owner must not be added
if($this->tree->getTreeId() == $ilUser->getId() &&
$a_object_id == $ilUser->getId())
{
return false;
}
$ilDB->manipulate("INSERT INTO acl_ws (node_id, object_id, extended_data, tstamp)".
" VALUES (".$ilDB->quote($a_node_id, "integer").", ".
$ilDB->quote($a_object_id, "integer").",".
$ilDB->quote($a_extended_data, "text").",".
$ilDB->quote(time(), "integer").")");
return true;
}
ilWorkspaceAccessHandler::checkAccess (   $a_permission,
  $a_cmd,
  $a_node_id,
  $a_type = "" 
)

check access for an object

Parameters
string$a_permission
string$a_cmd
int$a_node_id
string$a_type(optional)
Returns
bool

Definition at line 54 of file class.ilWorkspaceAccessHandler.php.

References $ilUser, and checkAccessOfUser().

{
global $ilUser;
return $this->checkAccessOfUser($this->tree, $ilUser->getId(),$a_permission, $a_cmd, $a_node_id, $a_type);
}

+ Here is the call graph for this function:

ilWorkspaceAccessHandler::checkAccessOfUser ( ilTree  $a_tree,
  $a_user_id,
  $a_permission,
  $a_cmd,
  $a_node_id,
  $a_type = "" 
)

check access for an object

Parameters
ilTree$a_tree
integer$a_user_id
string$a_permission
string$a_cmd
int$a_node_id
string$a_type(optional)
Returns
bool

Definition at line 72 of file class.ilWorkspaceAccessHandler.php.

References $ilUser, ilGroupParticipants\_getInstanceByObjId(), ilCourseParticipants\_getInstanceByObjId(), ilObject\_lookupType(), getPermissions(), ilWorkspaceAccessGUI\PERMISSION_ALL, ilWorkspaceAccessGUI\PERMISSION_ALL_PASSWORD, ilWorkspaceAccessGUI\PERMISSION_REGISTERED, and ilTree\readRootId().

Referenced by checkAccess().

{
global $rbacreview, $ilUser;
// :TODO: create permission for parent node with type ?!
// tree root is read-only
if($a_permission == "write")
{
if($a_tree->readRootId() == $a_node_id)
{
return false;
}
}
// node owner has all rights
if($a_tree->lookupOwner($a_node_id) == $a_user_id)
{
return true;
}
// other users can only read
if($a_permission == "read" || $a_permission == "visible")
{
// get all objects with explicit permission
$objects = $this->getPermissions($a_node_id);
if($objects)
{
// check if given user is member of object or has role
foreach($objects as $obj_id)
{
switch($obj_id)
{
case ilWorkspaceAccessGUI::PERMISSION_ALL:
return true;
case ilWorkspaceAccessGUI::PERMISSION_ALL_PASSWORD:
// check against input kept in session
if(self::getSharedNodePassword($a_node_id) == self::getSharedSessionPassword($a_node_id) ||
$a_permission == "visible")
{
return true;
}
break;
case ilWorkspaceAccessGUI::PERMISSION_REGISTERED:
if($ilUser->getId() != ANONYMOUS_USER_ID)
{
return true;
}
break;
default:
switch(ilObject::_lookupType($obj_id))
{
case "grp":
// member of group?
if(ilGroupParticipants::_getInstanceByObjId($obj_id)->isAssigned($a_user_id))
{
return true;
}
break;
case "crs":
// member of course?
if(ilCourseParticipants::_getInstanceByObjId($obj_id)->isAssigned($a_user_id))
{
return true;
}
break;
case "role":
// has role?
if($rbacreview->isAssigned($a_user_id, $obj_id))
{
return true;
}
break;
case "usr":
// direct assignment
if($a_user_id == $obj_id)
{
return true;
}
break;
}
break;
}
}
}
}
return false;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilWorkspaceAccessHandler::findSharedObjects ( array  $a_filter = null,
array  $a_crs_ids = null,
array  $a_grp_ids = null 
)

Definition at line 366 of file class.ilWorkspaceAccessHandler.php.

References $ilDB, $ilUser, $res, $row, ilParticipants\getInstanceByObjId(), getPossibleSharedTargets(), IL_CAL_DATE, IL_CAL_DATETIME, IL_CAL_UNIX, ilWorkspaceAccessGUI\PERMISSION_ALL, ilWorkspaceAccessGUI\PERMISSION_ALL_PASSWORD, and ilWorkspaceAccessGUI\PERMISSION_REGISTERED.

{
global $ilDB, $ilUser;
if(!$a_filter["acl_type"])
{
$obj_ids = $this->getPossibleSharedTargets();
}
else
{
include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceAccessGUI.php";
switch($a_filter["acl_type"])
{
case "all":
$obj_ids = array(ilWorkspaceAccessGUI::PERMISSION_ALL);
break;
case "password":
$obj_ids = array(ilWorkspaceAccessGUI::PERMISSION_ALL_PASSWORD);
break;
case "registered":
$obj_ids = array(ilWorkspaceAccessGUI::PERMISSION_REGISTERED);
break;
case "course":
$obj_ids = $a_crs_ids;
break;
case "group":
$obj_ids = $a_grp_ids;
break;
case "user":
$obj_ids = array($ilUser->getId());
break;
}
}
$res = array();
$sql = "SELECT ref.wsp_id,obj.obj_id,obj.type,obj.title,obj.owner,".
"acl.object_id acl_type, acl.tstamp acl_date".
" FROM object_data obj".
" JOIN object_reference_ws ref ON (obj.obj_id = ref.obj_id)".
" JOIN tree_workspace tree ON (tree.child = ref.wsp_id)".
" JOIN acl_ws acl ON (acl.node_id = tree.child)".
" WHERE ".$ilDB->in("acl.object_id", $obj_ids, "", "integer").
" AND obj.owner <> ".$ilDB->quote($ilUser->getId(), "integer");
if($a_filter["obj_type"])
{
$sql .= " AND obj.type = ".$ilDB->quote($a_filter["obj_type"], "text");
}
if($a_filter["title"] && strlen($a_filter["title"]) >= 3)
{
$sql .= " AND ".$ilDB->like("obj.title", "text", "%".$a_filter["title"]."%");
}
if($a_filter["user"] && strlen($a_filter["user"]) >= 3)
{
$usr_ids = array();
$set = $ilDB->query("SELECT usr_id FROM usr_data".
" WHERE (".$ilDB->like("login", "text", "%".$a_filter["user"]."%")." ".
"OR ".$ilDB->like("firstname", "text", "%".$a_filter["user"]."%")." ".
"OR ".$ilDB->like("lastname", "text", "%".$a_filter["user"]."%")." ".
"OR ".$ilDB->like("email", "text", "%".$a_filter["user"]."%").")");
while($row = $ilDB->fetchAssoc($set))
{
$usr_ids[] = $row["usr_id"];
}
if(!sizeof($usr_ids))
{
return;
}
$sql .= " AND ".$ilDB->in("obj.owner", $usr_ids, "", "integer");
}
if($a_filter["acl_date"])
{
$dt = $a_filter["acl_date"]->get(IL_CAL_DATE);
$dt = new ilDateTime($dt." 00:00:00", IL_CAL_DATETIME);
$sql .= " AND acl.tstamp > ".$ilDB->quote($dt->get(IL_CAL_UNIX), "integer");
}
if($a_filter["crsgrp"])
{
include_once "Services/Membership/classes/class.ilParticipants.php";
$part = ilParticipants::getInstanceByObjId($a_filter['crsgrp']);
$part = $part->getParticipants();
if(!sizeof($part))
{
return;
}
$sql .= " AND ".$ilDB->in("obj.owner", $part, "", "integer");
}
// we use the oldest share date
$sql .= " ORDER BY acl.tstamp";
$set = $ilDB->query($sql);
while ($row = $ilDB->fetchAssoc($set))
{
if(!isset($res[$row["wsp_id"]]))
{
$row["acl_type"] = array($row["acl_type"]);
$res[$row["wsp_id"]] = $row;
}
else
{
$res[$row["wsp_id"]]["acl_type"][] = $row["acl_type"];
}
}
return $res;
}

+ Here is the call graph for this function:

static ilWorkspaceAccessHandler::getGotoLink (   $a_node_id,
  $a_obj_id,
  $a_additional = null 
)
static

Definition at line 509 of file class.ilWorkspaceAccessHandler.php.

References ilLink\_getStaticLink(), and ilObject\_lookupType().

Referenced by ilObjectListGUI\buildGotoLink(), ilMailNotification\createPermanentLink(), ilPortfolioPageTableGUI\fillRow(), and ilNoteGUI\showTargets().

{
include_once('./Services/Link/classes/class.ilLink.php');
return ilLink::_getStaticLink($a_node_id, ilObject::_lookupType($a_obj_id), true, $a_additional."_wsp");
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

static ilWorkspaceAccessHandler::getObjectDataFromNode (   $a_node_id)
static

Definition at line 534 of file class.ilWorkspaceAccessHandler.php.

References $ilDB.

Referenced by ilSharedResourceGUI\initPasswordForm(), and ilSharedResourceGUI\redirectToResource().

{
global $ilDB;
$set = $ilDB->query("SELECT obj.obj_id, obj.type, obj.title".
" FROM object_reference_ws ref".
" JOIN tree_workspace tree ON (tree.child = ref.wsp_id)".
" JOIN object_data obj ON (ref.obj_id = obj.obj_id)".
" WHERE ref.wsp_id = ".$ilDB->quote($a_node_id, "integer"));
return $ilDB->fetchAssoc($set);
}

+ Here is the caller graph for this function:

ilWorkspaceAccessHandler::getObjectsIShare ( )

Definition at line 515 of file class.ilWorkspaceAccessHandler.php.

References $ilDB, $ilUser, $res, and $row.

{
global $ilDB, $ilUser;
$res = array();
$set = $ilDB->query("SELECT ref.wsp_id,obj.obj_id".
" FROM object_data obj".
" JOIN object_reference_ws ref ON (obj.obj_id = ref.obj_id)".
" JOIN tree_workspace tree ON (tree.child = ref.wsp_id)".
" JOIN acl_ws acl ON (acl.node_id = tree.child)".
" WHERE obj.owner = ".$ilDB->quote($ilUser->getId(), "integer"));
while ($row = $ilDB->fetchAssoc($set))
{
$res[$row["wsp_id"]] = $row["obj_id"];
}
return $res;
}
static ilWorkspaceAccessHandler::getPermissions (   $a_node_id)
static

Get all permissions to node.

Parameters
int$a_node_id
Returns
array

Definition at line 233 of file class.ilWorkspaceAccessHandler.php.

References $ilDB, $ilSetting, $res, $row, ilWorkspaceAccessGUI\PERMISSION_ALL, and ilWorkspaceAccessGUI\PERMISSION_ALL_PASSWORD.

Referenced by checkAccessOfUser(), and ilSharedResourceGUI\hasAccess().

{
global $ilDB, $ilSetting;
$publish_enabled = $ilSetting->get("enable_global_profiles");
$publish_perm = array(ilWorkspaceAccessGUI::PERMISSION_ALL,
ilWorkspaceAccessGUI::PERMISSION_ALL_PASSWORD);
$set = $ilDB->query("SELECT object_id FROM acl_ws".
" WHERE node_id = ".$ilDB->quote($a_node_id, "integer"));
$res = array();
while($row = $ilDB->fetchAssoc($set))
{
if($publish_enabled || !in_array($row["object_id"], $publish_perm))
{
$res[] = $row["object_id"];
}
}
return $res;
}

+ Here is the caller graph for this function:

static ilWorkspaceAccessHandler::getPossibleSharedTargets ( )
static

Definition at line 294 of file class.ilWorkspaceAccessHandler.php.

References $ilSetting, $ilUser, ilParticipants\_getMembershipByType(), ilWorkspaceAccessGUI\PERMISSION_ALL, ilWorkspaceAccessGUI\PERMISSION_ALL_PASSWORD, and ilWorkspaceAccessGUI\PERMISSION_REGISTERED.

Referenced by findSharedObjects(), getSharedObjects(), and getSharedOwners().

{
global $ilUser, $ilSetting;
include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceAccessGUI.php";
include_once "Services/Membership/classes/class.ilParticipants.php";
$grp_ids = ilParticipants::_getMembershipByType($ilUser->getId(), "grp");
$crs_ids = ilParticipants::_getMembershipByType($ilUser->getId(), "crs");
$obj_ids = array_merge($grp_ids, $crs_ids);
$obj_ids[] = $ilUser->getId();
$obj_ids[] = ilWorkspaceAccessGUI::PERMISSION_REGISTERED;
if($ilSetting->get("enable_global_profiles"))
{
$obj_ids[] = ilWorkspaceAccessGUI::PERMISSION_ALL;
$obj_ids[] = ilWorkspaceAccessGUI::PERMISSION_ALL_PASSWORD;
}
return $obj_ids;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

static ilWorkspaceAccessHandler::getSharedNodePassword (   $a_node_id)
static

Definition at line 483 of file class.ilWorkspaceAccessHandler.php.

References $ilDB, $res, and ilWorkspaceAccessGUI\PERMISSION_ALL_PASSWORD.

Referenced by ilSharedResourceGUI\checkPassword(), and ilObjWorkspaceFolderGUI\checkPassword().

{
global $ilDB;
include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceAccessGUI.php";
$set = $ilDB->query("SELECT * FROM acl_ws".
" WHERE node_id = ".$ilDB->quote($a_node_id, "integer").
" AND object_id = ".$ilDB->quote(ilWorkspaceAccessGUI::PERMISSION_ALL_PASSWORD, "integer"));
$res = $ilDB->fetchAssoc($set);
if($res)
{
return $res["extended_data"];
}
}

+ Here is the caller graph for this function:

ilWorkspaceAccessHandler::getSharedObjects (   $a_owner_id)

Definition at line 344 of file class.ilWorkspaceAccessHandler.php.

References $ilDB, $res, $row, and getPossibleSharedTargets().

{
global $ilDB;
$obj_ids = $this->getPossibleSharedTargets();
$res = array();
$set = $ilDB->query("SELECT ref.wsp_id,obj.obj_id".
" FROM object_data obj".
" JOIN object_reference_ws ref ON (obj.obj_id = ref.obj_id)".
" JOIN tree_workspace tree ON (tree.child = ref.wsp_id)".
" JOIN acl_ws acl ON (acl.node_id = tree.child)".
" WHERE ".$ilDB->in("acl.object_id", $obj_ids, "", "integer").
" AND obj.owner = ".$ilDB->quote($a_owner_id, "integer"));
while ($row = $ilDB->fetchAssoc($set))
{
$res[$row["wsp_id"]] = $row["obj_id"];
}
return $res;
}

+ Here is the call graph for this function:

ilWorkspaceAccessHandler::getSharedOwners ( )

Definition at line 316 of file class.ilWorkspaceAccessHandler.php.

References $ilDB, $ilUser, $row, and getPossibleSharedTargets().

{
global $ilUser, $ilDB;
$obj_ids = $this->getPossibleSharedTargets();
$user_ids = array();
$set = $ilDB->query("SELECT DISTINCT(obj.owner), u.lastname, u.firstname, u.title".
" FROM object_data obj".
" JOIN object_reference_ws ref ON (obj.obj_id = ref.obj_id)".
" JOIN tree_workspace tree ON (tree.child = ref.wsp_id)".
" JOIN acl_ws acl ON (acl.node_id = tree.child)".
" JOIN usr_data u on (u.usr_id = obj.owner)".
" WHERE ".$ilDB->in("acl.object_id", $obj_ids, "", "integer").
" AND obj.owner <> ".$ilDB->quote($ilUser->getId(), "integer").
" ORDER BY u.lastname, u.firstname, u.title");
while ($row = $ilDB->fetchAssoc($set))
{
$user_ids[$row["owner"]] = $row["lastname"].", ".$row["firstname"];
if($row["title"])
{
$user_ids[$row["owner"]] .= ", ".$row["title"];
}
}
return $user_ids;
}

+ Here is the call graph for this function:

static ilWorkspaceAccessHandler::getSharedSessionPassword (   $a_node_id)
static

Definition at line 504 of file class.ilWorkspaceAccessHandler.php.

References $_SESSION.

{
return $_SESSION["ilshpw_".$a_node_id];
}
ilWorkspaceAccessHandler::getTree ( )

Get workspace tree.

Returns
ilWorkspaceTree

Definition at line 40 of file class.ilWorkspaceAccessHandler.php.

References $tree.

{
return $this->tree;
}
ilWorkspaceAccessHandler::hasGlobalPasswordPermission (   $a_node_id)

Definition at line 279 of file class.ilWorkspaceAccessHandler.php.

References $ilDB, $ilSetting, and ilWorkspaceAccessGUI\PERMISSION_ALL_PASSWORD.

{
global $ilDB, $ilSetting;
if(!$ilSetting->get("enable_global_profiles"))
{
return false;
}
$set = $ilDB->query("SELECT object_id FROM acl_ws".
" WHERE node_id = ".$ilDB->quote($a_node_id, "integer").
" AND object_id = ".$ilDB->quote(ilWorkspaceAccessGUI::PERMISSION_ALL_PASSWORD, "integer"));
return (bool)$ilDB->numRows($set);
}
ilWorkspaceAccessHandler::hasGlobalPermission (   $a_node_id)

Definition at line 264 of file class.ilWorkspaceAccessHandler.php.

References $ilDB, $ilSetting, and ilWorkspaceAccessGUI\PERMISSION_ALL.

{
global $ilDB, $ilSetting;
if(!$ilSetting->get("enable_global_profiles"))
{
return false;
}
$set = $ilDB->query("SELECT object_id FROM acl_ws".
" WHERE node_id = ".$ilDB->quote($a_node_id, "integer").
" AND object_id = ".$ilDB->quote(ilWorkspaceAccessGUI::PERMISSION_ALL, "integer"));
return (bool)$ilDB->numRows($set);
}
ilWorkspaceAccessHandler::hasRegisteredPermission (   $a_node_id)

Definition at line 254 of file class.ilWorkspaceAccessHandler.php.

References $ilDB, and ilWorkspaceAccessGUI\PERMISSION_REGISTERED.

{
global $ilDB;
$set = $ilDB->query("SELECT object_id FROM acl_ws".
" WHERE node_id = ".$ilDB->quote($a_node_id, "integer").
" AND object_id = ".$ilDB->quote(ilWorkspaceAccessGUI::PERMISSION_REGISTERED, "integer"));
return (bool)$ilDB->numRows($set);
}
static ilWorkspaceAccessHandler::keepSharedSessionPassword (   $a_node_id,
  $a_password 
)
static

Definition at line 499 of file class.ilWorkspaceAccessHandler.php.

References $_SESSION.

Referenced by ilSharedResourceGUI\checkPassword(), and ilObjWorkspaceFolderGUI\checkPassword().

{
$_SESSION["ilshpw_".$a_node_id] = $a_password;
}

+ Here is the caller graph for this function:

ilWorkspaceAccessHandler::removePermission (   $a_node_id,
  $a_object_id = null 
)

Remove permission[s] (for object) to node.

Parameters
int$a_node_id
int$a_object_id

Definition at line 212 of file class.ilWorkspaceAccessHandler.php.

References $ilDB, and $query.

{
global $ilDB;
$query = "DELETE FROM acl_ws".
" WHERE node_id = ".$ilDB->quote($a_node_id, "integer");
if($a_object_id)
{
$query .= " AND object_id = ".$ilDB->quote($a_object_id, "integer");
}
return $ilDB->manipulate($query);
}
ilWorkspaceAccessHandler::setPermissions (   $a_parent_node_id,
  $a_node_id 
)

Set permissions after creating node/object.

Parameters
int$a_parent_node_id
int$a_node_id

Definition at line 174 of file class.ilWorkspaceAccessHandler.php.

{
// nothing to do as owner has irrefutable rights to any workspace object
}

Field Documentation

ilWorkspaceAccessHandler::$tree
protected

Definition at line 19 of file class.ilWorkspaceAccessHandler.php.

Referenced by getTree().

The documentation for this class was generated from the following file: