62 (isset($ilDB)) ? $this->
ilDB =& $ilDB : $this->
ilDB =& $ilias->db;
107 $ilBench->start(
"RBAC",
"system_checkAccess");
109 $result = $this->
checkAccessOfUser($ilUser->getId(), $a_operations, $a_ref_id, $a_type);
111 $ilBench->stop(
"RBAC",
"system_checkAccess");
118 global $ilUser, $rbacreview,$ilObjDataCache,
$ilDB,
$ilLog;
121 $cacheKey = $a_user_id.
':'.$a_operations.
':'.$a_ref_id.
':'.$a_type;
124 if (! is_array(self::$_checkAccessOfUserCache)) {
125 self::$_checkAccessOfUserCache = array();
129 if (array_key_exists($cacheKey, self::$_checkAccessOfUserCache)) {
130 return self::$_checkAccessOfUserCache[$cacheKey];
144 if (count(self::$_checkAccessOfUserCache) < 1000) {
145 self::$_checkAccessOfUserCache[$cacheKey] =
true;
155 if (in_array(SYSTEM_ROLE_ID, $roles))
159 if (count(self::$_checkAccessOfUserCache) < 1000) {
160 self::$_checkAccessOfUserCache[$cacheKey] =
true;
165 if (!isset($a_operations) or !isset($a_ref_id))
168 $this->ilErr->raiseError(get_class($this).
"::checkAccess(): Missing parameter! ".
169 "ref_id: ".$a_ref_id.
" operations: ".$a_operations,$this->ilErr->WARNING);
172 if (!is_string($a_operations))
175 $this->ilErr->raiseError(get_class($this).
"::checkAccess(): Wrong datatype for operations!",$this->ilErr->WARNING);
179 $paCacheKey = $a_user_id.
':'.$a_ref_id;
180 if (! is_array(self::$_paCache)) {
181 self::$_paCache = array();
184 if (array_key_exists($paCacheKey, self::$_paCache)) {
186 $ops = self::$_paCache[$paCacheKey];
191 $q =
"SELECT * FROM rbac_pa ".
192 "WHERE ref_id = ".$ilDB->quote($a_ref_id,
'integer');
200 if (in_array(
$row->rol_id, $roles))
202 $ops = array_merge($ops,unserialize(stripslashes(
$row->ops_id)));
206 if (count(self::$_paCache) < 1000)
208 self::$_paCache[$paCacheKey] = $ops;
212 $operations = explode(
",",$a_operations);
213 foreach ($operations as $operation)
215 if ($operation ==
"create")
219 $this->ilErr->raiseError(get_class($this).
"::CheckAccess(): Expect a type definition for checking a 'create' permission",
220 $this->ilErr->WARNING);
229 if (! in_array($ops_id,(array) $ops))
234 if (count(self::$_checkAccessOfUserCache) < 1000)
236 self::$_checkAccessOfUserCache[$cacheKey] =
false;
244 if (count(self::$_checkAccessOfUserCache) < 1000)
247 self::$_checkAccessOfUserCache[$cacheKey] =
true;
262 if (!is_array($a_ref_ids))
268 foreach ($a_ref_ids as
$ref_id)
270 if (!isset(self::$_paCache[$a_user_id.
":".$ref_id]))
278 if (count($ref_ids) > 0)
282 $q =
"SELECT * FROM rbac_pa ".
283 "WHERE ".$ilDB->in(
"ref_id", $ref_ids,
false,
"integer");
289 if (in_array(
$row->rol_id, $roles[
$row->ref_id]))
291 $ops[
$row->ref_id] = array_merge($ops[
$row->ref_id],
292 unserialize(stripslashes(
$row->ops_id)));
295 foreach ($a_ref_ids as $ref_id)
316 $query =
'SELECT ops_id FROM rbac_operations '.
317 'WHERE operation = '.$ilDB->quote($a_operation,
'text');
319 while(
$row = $ilDB->fetchObject(
$res))
321 $ops_id =
$row->ops_id;
324 $query =
"SELECT * FROM rbac_pa ".
325 "WHERE rol_id = ".$ilDB->quote($a_rol_id,
'integer').
" ".
326 "AND ref_id = ".$ilDB->quote($a_ref_id,
'integer').
" ";
329 while(
$row = $ilDB->fetchObject(
$res))
331 $ops = array_merge($ops,unserialize(
$row->ops_id));
333 return in_array($ops_id,$ops);
338 global $ilObjDataCache,$ilUser;
341 if($this->mem_view[
'active'] and $a_user_id == $ilUser->getId())
343 if(in_array($a_ref_id, $this->mem_view[
'items']))
345 return $a_operations;
349 if($a_user_id != $ilObjDataCache->lookupOwner($ilObjDataCache->lookupObjId($a_ref_id)))
351 return $a_operations;
355 foreach(explode(
",",$a_operations) as $operation)
357 if($operation !=
'cat_administrate_users' and $operation !=
'edit_permission' and !preg_match(
'/^create/',$operation))
361 if(!strlen($new_ops))
363 $new_ops = $operation;
367 $new_ops .= (
','.$operation);
385 global $ilUser,$rbacreview;
388 if($this->mem_view[
'active'] and $a_usr_id == $ilUser->getId())
391 if(in_array($a_ref_id, $this->mem_view[
'items']) and $this->mem_view[
'role'])
394 return array($this->mem_view[
'role']);
398 if(isset(self::$user_role_cache[$a_usr_id]) and is_array(self::$user_role_cache))
400 return self::$user_role_cache[$a_usr_id];
405 return self::$user_role_cache[$a_usr_id] = $rbacreview->assignedRoles($a_usr_id);
414 include_once
'./Services/Container/classes/class.ilMemberViewSettings.php';
416 if($settings->isEnabled() and isset(
$_GET[
'mv']))
418 $settings->toggleActivation((
int)
$_GET[
'ref_id'], (
int) $_GET[
'mv']);
421 if(!$settings->isActive())
423 $this->mem_view[
'active'] =
false;
424 $this->mem_view[
'items'] = array();
425 $this->mem_view[
'role'] = 0;
431 $this->mem_view[
'active'] =
true;
432 $this->mem_view[
'items'] = $tree->getSubTreeIds($settings->getContainer());
433 $this->mem_view[
'items'] = array_merge($this->mem_view[
'items'],array($settings->getContainer()));
434 include_once
'./Services/Membership/classes/class.ilParticipants.php';