ILIAS  release_4-3 Revision
 All Data Structures Namespaces Files Functions Variables Groups Pages
class.ilObjSurveyAccess.php
Go to the documentation of this file.
1 <?php
2 /*
3  +-----------------------------------------------------------------------------+
4  | ILIAS open source |
5  +-----------------------------------------------------------------------------+
6  | Copyright (c) 1998-2006 ILIAS open source, University of Cologne |
7  | |
8  | This program is free software; you can redistribute it and/or |
9  | modify it under the terms of the GNU General Public License |
10  | as published by the Free Software Foundation; either version 2 |
11  | of the License, or (at your option) any later version. |
12  | |
13  | This program is distributed in the hope that it will be useful, |
14  | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15  | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16  | GNU General Public License for more details. |
17  | |
18  | You should have received a copy of the GNU General Public License |
19  | along with this program; if not, write to the Free Software |
20  | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21  +-----------------------------------------------------------------------------+
22 */
23 
24 include_once "./Services/Object/classes/class.ilObjectAccess.php";
25 include_once "./Modules/Survey/classes/inc.SurveyConstants.php";
26 
37 class ilObjSurveyAccess extends ilObjectAccess
38 {
54  function _checkAccess($a_cmd, $a_permission, $a_ref_id, $a_obj_id, $a_user_id = "")
55  {
56  global $ilUser, $lng, $rbacsystem, $ilAccess;
57 
58  if ($a_user_id == "")
59  {
60  $a_user_id = $ilUser->getId();
61  }
62 
63  $is_admin = $rbacsystem->checkAccessOfUser($a_user_id,'write',$a_ref_id);
64 
65  // check "global" online switch
66  if(!self::_lookupOnline($a_obj_id) && !$is_admin)
67  {
68  $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("offline"));
69  return false;
70  }
71 
72  switch ($a_permission)
73  {
74  case "visible":
75  case "read":
76  if (!ilObjSurveyAccess::_lookupCreationComplete($a_obj_id) &&
77  !$is_admin)
78  {
79  $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("warning_survey_not_complete"));
80  return false;
81  }
82  break;
83  }
84 
85  switch ($a_cmd)
86  {
87  case "run":
88  if (!ilObjSurveyAccess::_lookupCreationComplete($a_obj_id)
89  || !(ilObjSurveyAccess::_lookupOnline($a_obj_id) == 1))
90  {
91  $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("warning_survey_not_complete"));
92  return false;
93  }
94  break;
95 
96  case "evaluation":
97  if (!ilObjSurveyAccess::_lookupCreationComplete($a_obj_id))
98  {
99  $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("warning_survey_not_complete"));
100  return false;
101  }
102  if ($rbacsystem->checkAccess("write",$a_ref_id) || ilObjSurveyAccess::_hasEvaluationAccess($a_obj_id, $a_user_id))
103  {
104  return true;
105  }
106  else
107  {
108  $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("status_no_permission"));
109  return false;
110  }
111  break;
112  }
113 
114  return true;
115  }
116 
117 
130  function _getCommands()
131  {
132  $commands = array
133  (
134  array("permission" => "read", "cmd" => "infoScreen", "lang_var" => "svy_run", "default" => true),
135  array("permission" => "write", "cmd" => "questionsrepo", "lang_var" => "edit_questions"),
136  array("permission" => "write", "cmd" => "properties", "lang_var" => "settings"),
137  array("permission" => "read", "cmd" => "evaluation", "lang_var" => "svy_evaluation")
138  );
139 
140  return $commands;
141  }
142 
143  //
144  // object specific access related methods
145  //
146 
150  function _lookupCreationComplete($a_obj_id)
151  {
152  global $ilDB;
153 
154  $result = $ilDB->queryF("SELECT * FROM svy_svy WHERE obj_fi=%s",
155  array('integer'),
156  array($a_obj_id)
157  );
158 
159  if ($result->numRows() == 1)
160  {
161  $row = $ilDB->fetchAssoc($result);
162  }
163  if (!$row["complete"])
164  {
165  return false;
166  }
167  return true;
168  }
169 
173  function _lookupEvaluationAccess($a_obj_id)
174  {
175  global $ilDB;
176 
177  $result = $ilDB->queryF("SELECT * FROM svy_svy WHERE obj_fi=%s",
178  array('integer'),
179  array($a_obj_id)
180  );
181  if ($result->numRows() == 1)
182  {
183  $row = $ilDB->fetchAssoc($result);
184  }
185 
186  return $row["evaluation_access"];
187  }
188 
189  function _isSurveyParticipant($user_id, $survey_id)
190  {
191  global $ilDB;
192 
193  $result = $ilDB->queryF("SELECT finished_id FROM svy_finished WHERE user_fi = %s AND survey_fi = %s",
194  array('integer','integer'),
195  array($user_id, $survey_id)
196  );
197  return ($result->numRows() == 1) ? true : false;
198  }
199 
200  function _lookupAnonymize($a_obj_id)
201  {
202  global $ilDB;
203 
204  $result = $ilDB->queryF("SELECT anonymize FROM svy_svy WHERE obj_fi = %s",
205  array('integer'),
206  array($a_obj_id)
207  );
208  if ($result->numRows() == 1)
209  {
210  $row = $ilDB->fetchAssoc($result);
211  return $row["anonymize"];
212  }
213  else
214  {
215  return 0;
216  }
217  }
218 
219  function _hasEvaluationAccess($a_obj_id, $user_id)
220  {
221  $evaluation_access = ilObjSurveyAccess::_lookupEvaluationAccess($a_obj_id);
222  switch ($evaluation_access)
223  {
224  case 0:
225  // no evaluation access
226  return false;
227  break;
228  case 1:
229  // evaluation access for all registered users
230  if (($user_id > 0) && ($user_id != ANONYMOUS_USER_ID))
231  {
232  return true;
233  }
234  else
235  {
236  return false;
237  }
238  break;
239  case 2:
240  // evaluation access for participants
241  // check if the user with the given id is a survey participant
242 
243  // show the evaluation button for anonymized surveys for all users
244  // access is only granted with the survey access code
245  if (ilObjSurveyAccess::_lookupAnonymize($a_obj_id) == 1) return true;
246 
247  global $ilDB;
248  $result = $ilDB->queryF("SELECT survey_id FROM svy_svy WHERE obj_fi = %s",
249  array('integer'),
250  array($a_obj_id)
251  );
252  if ($result->numRows() == 1)
253  {
254  $row = $ilDB->fetchAssoc($result);
255  if (ilObjSurveyAccess::_isSurveyParticipant($user_id, $row["survey_id"]))
256  {
257  return true;
258  }
259  }
260  return false;
261  break;
262  }
263  }
264 
268  function _lookupOnline($a_obj_id)
269  {
270  global $ilDB;
271 
272  $result = $ilDB->queryF("SELECT * FROM svy_svy WHERE obj_fi=%s",
273  array('integer'),
274  array($a_obj_id)
275  );
276  if ($result->numRows() == 1) {
277  $row = $ilDB->fetchAssoc($result);
278  }
279 
280  return $row["status"];
281  }
282 
288  function _lookupFinished($a_obj_id, $a_user_id = "")
289  {
290  global $ilDB, $ilUser;
291 
292  $finished = "";
293  if (!strlen($a_user_id)) $a_user_id = $ilUser->getId();
294 
295  $result = $ilDB->queryF("SELECT * FROM svy_svy WHERE obj_fi = %s",
296  array('integer'),
297  array($a_obj_id)
298  );
299  if ($result->numRows() == 1)
300  {
301  $row = $ilDB->fetchObject($result);
302  if ($row->anonymize == 1)
303  {
304  $result = $ilDB->queryF("SELECT * FROM svy_finished, svy_anonymous WHERE svy_finished.survey_fi = %s ".
305  "AND svy_finished.survey_fi = svy_anonymous.survey_fi AND svy_anonymous.user_key = %s ".
306  "AND svy_anonymous.survey_key = svy_finished.anonymous_id",
307  array('integer','text'),
308  array($row->survey_id, md5($a_user_id))
309  );
310  }
311  else
312  {
313  $result = $ilDB->queryF("SELECT * FROM svy_finished WHERE survey_fi = %s AND user_fi = %s",
314  array('integer','integer'),
315  array($row->survey_id, $a_user_id)
316  );
317  }
318  if ($result->numRows() == 1)
319  {
320  $foundrow = $ilDB->fetchAssoc($result);
321  $finished = (int)$foundrow["state"];
322  }
323  }
324 
325  return $finished;
326  }
327 
331  function _checkGoto($a_target)
332  {
333  global $ilAccess;
334 
335  $t_arr = explode("_", $a_target);
336 
337  if ($t_arr[0] != "svy" || ((int) $t_arr[1]) <= 0)
338  {
339  return false;
340  }
341 
342  if ($ilAccess->checkAccess("read", "", $t_arr[1]))
343  {
344  return true;
345  }
346  return false;
347  }
348 }
349 
350 ?>