ILIAS  release_4-3 Revision
 All Data Structures Namespaces Files Functions Variables Groups Pages
class.ilWorkspaceAccessHandler.php
Go to the documentation of this file.
1 <?php
2 
3 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
4 
5 include_once "Modules/Group/classes/class.ilGroupParticipants.php";
6 include_once "Modules/Course/classes/class.ilCourseParticipants.php";
7 include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceAccessGUI.php";
8 
17 class ilWorkspaceAccessHandler
18 {
19  protected $tree; // [ilTree]
20 
21  public function __construct(ilTree $a_tree = null)
22  {
23  global $ilUser, $lng;
24 
25  $lng->loadLanguageModule("wsp");
26 
27  if(!$a_tree)
28  {
29  include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceTree.php";
30  $a_tree = new ilWorkspaceTree($ilUser->getId());
31  }
32  $this->tree = $a_tree;
33  }
34 
40  public function getTree()
41  {
42  return $this->tree;
43  }
44 
54  public function checkAccess($a_permission, $a_cmd, $a_node_id, $a_type = "")
55  {
56  global $ilUser;
57 
58  return $this->checkAccessOfUser($this->tree, $ilUser->getId(),$a_permission, $a_cmd, $a_node_id, $a_type);
59  }
60 
72  public function checkAccessOfUser(ilTree $a_tree, $a_user_id, $a_permission, $a_cmd, $a_node_id, $a_type = "")
73  {
74  global $rbacreview, $ilUser;
75 
76  // :TODO: create permission for parent node with type ?!
77 
78  // tree root is read-only
79  if($a_permission == "write")
80  {
81  if($a_tree->readRootId() == $a_node_id)
82  {
83  return false;
84  }
85  }
86 
87  // node owner has all rights
88  if($a_tree->lookupOwner($a_node_id) == $a_user_id)
89  {
90  return true;
91  }
92 
93  // other users can only read
94  if($a_permission == "read" || $a_permission == "visible")
95  {
96  // get all objects with explicit permission
97  $objects = $this->getPermissions($a_node_id);
98  if($objects)
99  {
100  // check if given user is member of object or has role
101  foreach($objects as $obj_id)
102  {
103  switch($obj_id)
104  {
105  case ilWorkspaceAccessGUI::PERMISSION_ALL:
106  return true;
107 
108  case ilWorkspaceAccessGUI::PERMISSION_ALL_PASSWORD:
109  // check against input kept in session
110  if(self::getSharedNodePassword($a_node_id) == self::getSharedSessionPassword($a_node_id) ||
111  $a_permission == "visible")
112  {
113  return true;
114  }
115  break;
116 
117  case ilWorkspaceAccessGUI::PERMISSION_REGISTERED:
118  if($ilUser->getId() != ANONYMOUS_USER_ID)
119  {
120  return true;
121  }
122  break;
123 
124  default:
125  switch(ilObject::_lookupType($obj_id))
126  {
127  case "grp":
128  // member of group?
129  if(ilGroupParticipants::_getInstanceByObjId($obj_id)->isAssigned($a_user_id))
130  {
131  return true;
132  }
133  break;
134 
135  case "crs":
136  // member of course?
137  if(ilCourseParticipants::_getInstanceByObjId($obj_id)->isAssigned($a_user_id))
138  {
139  return true;
140  }
141  break;
142 
143  case "role":
144  // has role?
145  if($rbacreview->isAssigned($a_user_id, $obj_id))
146  {
147  return true;
148  }
149  break;
150 
151  case "usr":
152  // direct assignment
153  if($a_user_id == $obj_id)
154  {
155  return true;
156  }
157  break;
158  }
159  break;
160  }
161  }
162  }
163  }
164 
165  return false;
166  }
167 
174  public function setPermissions($a_parent_node_id, $a_node_id)
175  {
176  // nothing to do as owner has irrefutable rights to any workspace object
177  }
178 
187  public function addPermission($a_node_id, $a_object_id, $a_extended_data = null)
188  {
189  global $ilDB, $ilUser;
190 
191  // tree owner must not be added
192  if($this->tree->getTreeId() == $ilUser->getId() &&
193  $a_object_id == $ilUser->getId())
194  {
195  return false;
196  }
197 
198  $ilDB->manipulate("INSERT INTO acl_ws (node_id, object_id, extended_data)".
199  " VALUES (".$ilDB->quote($a_node_id, "integer").", ".
200  $ilDB->quote($a_object_id, "integer").",".
201  $ilDB->quote($a_extended_data, "text").")");
202  return true;
203  }
204 
211  public function removePermission($a_node_id, $a_object_id = null)
212  {
213  global $ilDB;
214 
215  $query = "DELETE FROM acl_ws".
216  " WHERE node_id = ".$ilDB->quote($a_node_id, "integer");
217 
218  if($a_object_id)
219  {
220  $query .= " AND object_id = ".$ilDB->quote($a_object_id, "integer");
221  }
222 
223  return $ilDB->manipulate($query);
224  }
225 
232  public static function getPermissions($a_node_id)
233  {
234  global $ilDB, $ilSetting;
235 
236  $publish_enabled = $ilSetting->get("enable_global_profiles");
237  $publish_perm = array(ilWorkspaceAccessGUI::PERMISSION_ALL,
238  ilWorkspaceAccessGUI::PERMISSION_ALL_PASSWORD);
239 
240  $set = $ilDB->query("SELECT object_id FROM acl_ws".
241  " WHERE node_id = ".$ilDB->quote($a_node_id, "integer"));
242  $res = array();
243  while($row = $ilDB->fetchAssoc($set))
244  {
245  if($publish_enabled || !in_array($row["object_id"], $publish_perm))
246  {
247  $res[] = $row["object_id"];
248  }
249  }
250  return $res;
251  }
252 
253  public function hasRegisteredPermission($a_node_id)
254  {
255  global $ilDB;
256 
257  $set = $ilDB->query("SELECT object_id FROM acl_ws".
258  " WHERE node_id = ".$ilDB->quote($a_node_id, "integer").
259  " AND object_id = ".$ilDB->quote(ilWorkspaceAccessGUI::PERMISSION_REGISTERED, "integer"));
260  return (bool)$ilDB->numRows($set);
261  }
262 
263  public function hasGlobalPermission($a_node_id)
264  {
265  global $ilDB, $ilSetting;
266 
267  if(!$ilSetting->get("enable_global_profiles"))
268  {
269  return false;
270  }
271 
272  $set = $ilDB->query("SELECT object_id FROM acl_ws".
273  " WHERE node_id = ".$ilDB->quote($a_node_id, "integer").
274  " AND object_id = ".$ilDB->quote(ilWorkspaceAccessGUI::PERMISSION_ALL, "integer"));
275  return (bool)$ilDB->numRows($set);
276  }
277 
278  public function hasGlobalPasswordPermission($a_node_id)
279  {
280  global $ilDB, $ilSetting;
281 
282  if(!$ilSetting->get("enable_global_profiles"))
283  {
284  return false;
285  }
286 
287  $set = $ilDB->query("SELECT object_id FROM acl_ws".
288  " WHERE node_id = ".$ilDB->quote($a_node_id, "integer").
289  " AND object_id = ".$ilDB->quote(ilWorkspaceAccessGUI::PERMISSION_ALL_PASSWORD, "integer"));
290  return (bool)$ilDB->numRows($set);
291  }
292 
293  public static function getPossibleSharedTargets()
294  {
295  global $ilUser, $ilSetting;
296 
297  include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceAccessGUI.php";
298  include_once "Services/Membership/classes/class.ilParticipants.php";
299  $grp_ids = ilParticipants::_getMembershipByType($ilUser->getId(), "grp");
300  $crs_ids = ilParticipants::_getMembershipByType($ilUser->getId(), "crs");
301 
302  $obj_ids = array_merge($grp_ids, $crs_ids);
303  $obj_ids[] = $ilUser->getId();
304  $obj_ids[] = ilWorkspaceAccessGUI::PERMISSION_REGISTERED;
305 
306  if($ilSetting->get("enable_global_profiles"))
307  {
308  $obj_ids[] = ilWorkspaceAccessGUI::PERMISSION_ALL;
309  $obj_ids[] = ilWorkspaceAccessGUI::PERMISSION_ALL_PASSWORD;
310  }
311 
312  return $obj_ids;
313  }
314 
315  public function getSharedOwners()
316  {
317  global $ilUser, $ilDB;
318 
319  $obj_ids = $this->getPossibleSharedTargets();
320 
321  $user_ids = array();
322  $set = $ilDB->query("SELECT DISTINCT(obj.owner), u.lastname, u.firstname, u.title".
323  " FROM object_data obj".
324  " JOIN object_reference_ws ref ON (obj.obj_id = ref.obj_id)".
325  " JOIN tree_workspace tree ON (tree.child = ref.wsp_id)".
326  " JOIN acl_ws acl ON (acl.node_id = tree.child)".
327  " JOIN usr_data u on (u.usr_id = obj.owner)".
328  " WHERE ".$ilDB->in("acl.object_id", $obj_ids, "", "integer").
329  " AND obj.owner <> ".$ilDB->quote($ilUser->getId(), "integer").
330  " ORDER BY u.lastname, u.firstname, u.title");
331  while ($row = $ilDB->fetchAssoc($set))
332  {
333  $user_ids[$row["owner"]] = $row["lastname"].", ".$row["firstname"];
334  if($row["title"])
335  {
336  $user_ids[$row["owner"]] .= ", ".$row["title"];
337  }
338  }
339 
340  return $user_ids;
341  }
342 
343  public function getSharedObjects($a_owner_id)
344  {
345  global $ilDB;
346 
347  $obj_ids = $this->getPossibleSharedTargets();
348 
349  $res = array();
350  $set = $ilDB->query("SELECT ref.wsp_id,obj.obj_id".
351  " FROM object_data obj".
352  " JOIN object_reference_ws ref ON (obj.obj_id = ref.obj_id)".
353  " JOIN tree_workspace tree ON (tree.child = ref.wsp_id)".
354  " JOIN acl_ws acl ON (acl.node_id = tree.child)".
355  " WHERE ".$ilDB->in("acl.object_id", $obj_ids, "", "integer").
356  " AND obj.owner = ".$ilDB->quote($a_owner_id, "integer"));
357  while ($row = $ilDB->fetchAssoc($set))
358  {
359  $res[$row["wsp_id"]] = $row["obj_id"];
360  }
361 
362  return $res;
363  }
364 
365  public static function getSharedNodePassword($a_node_id)
366  {
367  global $ilDB;
368 
369  include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceAccessGUI.php";
370 
371  $set = $ilDB->query("SELECT * FROM acl_ws".
372  " WHERE node_id = ".$ilDB->quote($a_node_id, "integer").
373  " AND object_id = ".$ilDB->quote(ilWorkspaceAccessGUI::PERMISSION_ALL_PASSWORD, "integer"));
374  $res = $ilDB->fetchAssoc($set);
375  if($res)
376  {
377  return $res["extended_data"];
378  }
379  }
380 
381  public static function keepSharedSessionPassword($a_node_id, $a_password)
382  {
383  $_SESSION["ilshpw_".$a_node_id] = $a_password;
384  }
385 
386  public static function getSharedSessionPassword($a_node_id)
387  {
388  return $_SESSION["ilshpw_".$a_node_id];
389  }
390 
391  public static function getGotoLink($a_node_id, $a_obj_id, $a_additional = null)
392  {
393  include_once('./Services/Link/classes/class.ilLink.php');
394  return ilLink::_getStaticLink($a_node_id, ilObject::_lookupType($a_obj_id), true, $a_additional."_wsp");
395  }
396 
397  public function getObjectsIShare()
398  {
399  global $ilDB, $ilUser;
400 
401  $res = array();
402  $set = $ilDB->query("SELECT ref.wsp_id,obj.obj_id".
403  " FROM object_data obj".
404  " JOIN object_reference_ws ref ON (obj.obj_id = ref.obj_id)".
405  " JOIN tree_workspace tree ON (tree.child = ref.wsp_id)".
406  " JOIN acl_ws acl ON (acl.node_id = tree.child)".
407  " WHERE obj.owner = ".$ilDB->quote($ilUser->getId(), "integer"));
408  while ($row = $ilDB->fetchAssoc($set))
409  {
410  $res[$row["wsp_id"]] = $row["obj_id"];
411  }
412 
413  return $res;
414  }
415 
416  public static function getObjectDataFromNode($a_node_id)
417  {
418  global $ilDB;
419 
420  $set = $ilDB->query("SELECT obj.obj_id, obj.type, obj.title".
421  " FROM object_reference_ws ref".
422  " JOIN tree_workspace tree ON (tree.child = ref.wsp_id)".
423  " JOIN object_data obj ON (ref.obj_id = obj.obj_id)".
424  " WHERE ref.wsp_id = ".$ilDB->quote($a_node_id, "integer"));
425  return $ilDB->fetchAssoc($set);
426  }
427 }
428 
429 ?>