d2/d45/class_8ilWebAccessChecker_8php_source.html

 <?php
 require_once('./Services/WebAccessChecker/classes/class.ilWACSignedPath.php');
 require_once('./Services/WebAccessChecker/classes/class.ilWACPath.php');
 require_once('./Services/WebAccessChecker/classes/class.ilWACSecurePath.php');
 require_once('./Services/WebAccessChecker/classes/class.ilWACLog.php');
 require_once('./Services/Init/classes/class.ilInitialisation.php');
 require_once('./Services/FileDelivery/classes/class.ilFileDelivery.php');
 require_once('./Services/WebAccessChecker/classes/class.ilWACCookie.php');

 class ilWebAccessChecker {

         const DISPOSITION = 'disposition';
         const STATUS_CODE = 'status_code';
         const REVALIDATE = 'revalidate';
         const CM_FILE_TOKEN = 1;
         const CM_FOLDER_TOKEN = 2;
         const CM_CHECKINGINSTANCE = 3;
         const CM_SECFOLDER = 4;
         protected $path_object = null;
         protected $checked = false;
         protected $disposition = ilFileDelivery::DISP_INLINE;
         protected $override_mimetype = '';
         protected $send_status_code = false;
         protected $initialized = false;
         protected $revalidate_folder_tokens = true;
         protected static $DEBUG = false;
         protected static $use_seperate_logfile = false;
         protected $cookie = null;
         protected $applied_checking_methods = array();


         public function __construct($path, ilWACCookieInterface $ilWACCookieInterface = null) {
                 $this->setPathObject(new ilWACPath($path));
                 $this->setCookie($ilWACCookieInterface ? $ilWACCookieInterface : new ilWACCookie());
         }


         public function check() {
                 ilWACLog::getInstance()->write('Checking File: ' . $this->getPathObject()->getPathWithoutQuery());
                 if (!$this->getPathObject()) {
                         throw new ilWACException(ilWACException::CODE_NO_PATH);
                 }

                 // Check if Path has been signed with a token
                 $ilWACSignedPath = new ilWACSignedPath($this->getPathObject(), $this->cookie);
                 if ($ilWACSignedPath->isSignedPath()) {
                         $this->addAppliedCheckingMethod(self::CM_FILE_TOKEN);
                         if ($ilWACSignedPath->isSignedPathValid()) {
                                 $this->setChecked(true);
                                 ilWACLog::getInstance()->write('checked using token');
                                 $this->sendHeader('checked using token');

                                 return true;
                         }
                 }

                 // Check if the whole secured folder has been signed
                 if ($ilWACSignedPath->isFolderSigned()) {
                         $this->addAppliedCheckingMethod(self::CM_FOLDER_TOKEN);
                         if ($ilWACSignedPath->isFolderTokenValid()) {
                                 if ($this->isRevalidateFolderTokens()) {
                                         $ilWACSignedPath->revalidatingFolderToken();
                                 }
                                 $this->setChecked(true);
                                 ilWACLog::getInstance()->write('checked using secure folder');
                                 $this->sendHeader('checked using secure folder');

                                 return true;
                         }
                 }

                 // Fallback, have to initiate ILIAS
                 $this->initILIAS();

                 // Maybe the path has been registered, lets check
                 $checkingInstance = ilWACSecurePath::getCheckingInstance($this->getPathObject());
                 if ($checkingInstance instanceof ilWACCheckingClass) {
                         $this->addAppliedCheckingMethod(self::CM_CHECKINGINSTANCE);
                         ilWACLog::getInstance()->write('has checking instance: ' . get_class($checkingInstance));
                         $canBeDelivered = $checkingInstance->canBeDelivered($this->getPathObject());
                         if ($canBeDelivered) {
                                 ilWACLog::getInstance()->write('checked using fallback');
                                 $this->sendHeader('checked using fallback');
                                 if ($ilWACSignedPath->isFolderSigned()&& $this->isRevalidateFolderTokens()) {
                                         $ilWACSignedPath->revalidatingFolderToken();
                                 }

                                 $this->setChecked(true);

                                 return true;
                         } else {
                                 ilWACLog::getInstance()->write('checking-instance denied access');
                                 $this->setChecked(true);

                                 return false;
                         }
                 }

                 // none of the checking mechanisms could have been applied. no access
                 $this->setChecked(true);
                 ilWACLog::getInstance()->write('none of the checking mechanisms could have been applied. access depending on sec folder');
                 if ($this->getPathObject()->isInSecFolder()) {
                         $this->addAppliedCheckingMethod(self::CM_SECFOLDER);
                         ilWACLog::getInstance()->write('file is in sec-folder, no delivery');

                         return false;
                 } else {
                         $this->addAppliedCheckingMethod(self::CM_SECFOLDER);
                         ilWACLog::getInstance()->write('file is not in sec-folder, delivery');

                         return true;
                 }
         }


         public function initILIAS() {
                 if ($this->isInitialized()) {
                         return true;
                 }
                 $GLOBALS['COOKIE_PATH'] = '/';
                 $this->cookie->set('ilClientId', $this->getPathObject()->getClient(), 0, '/');
                 ilContext::init(ilContext::CONTEXT_WAC);
                 try {
                         ilWACLog::getInstance()->write('init ILIAS');
                         ilInitialisation::initILIAS();
                         $this->checkPublicSection();
                         $this->checkUser();
                 } catch (Exception $e) {
                         if (($e instanceof ilWACException && $e->getCode() == ilWACException::ACCESS_DENIED_NO_LOGIN)
                                 || ($e instanceof Exception && $e->getMessage() == 'Authentication failed.')) {
                                 $_REQUEST["baseClass"] = "ilStartUpGUI";
                                 // @todo authentication: fix request show login
                                 $_REQUEST["cmd"] = "showLogin";

                                 $_POST['username'] = 'anonymous';
                                 $_POST['password'] = 'anonymous';
                                 ilWACLog::getInstance()->write('reinit ILIAS');
                                 ilInitialisation::reinitILIAS();
                                 $this->checkPublicSection();
                                 $this->checkUser();
                         } elseif ($e instanceof ilWACException) {
                                 throw  $e;
                         }
                 }
                 $this->setInitialized(true);
         }


         protected function checkPublicSection() {
                 global $ilSetting, $ilUser;
                 if (!$ilSetting instanceof ilSetting || ($ilUser->getId() == ANONYMOUS_USER_ID && !$ilSetting->get('pub_section'))) {
                         ilWACLog::getInstance()->write('public section not activated');
                         throw new ilWACException(ilWACException::ACCESS_DENIED_NO_PUB);
                 }
         }


         protected function checkUser() {
                 global $ilUser;
                 if (!$ilUser instanceof ilObjUser || ($ilUser->getId() == 0 && strpos($_SERVER['HTTP_REFERER'], 'login.php') === false)) {
                         throw new ilWACException(ilWACException::ACCESS_DENIED_NO_LOGIN);
                 }
         }


         public function isChecked() {
                 return $this->checked;
         }


         public function setChecked($checked) {
                 $this->checked = $checked;
         }


         public function getPathObject() {
                 return $this->path_object;
         }


         public function setPathObject($path_object) {
                 $this->path_object = $path_object;
         }


         public function getDisposition() {
                 return $this->disposition;
         }


         public function setDisposition($disposition) {
                 $this->disposition = $disposition;
         }


         public function getOverrideMimetype() {
                 return $this->override_mimetype;
         }


         public function setOverrideMimetype($override_mimetype) {
                 $this->override_mimetype = $override_mimetype;
         }


         public function isInitialized() {
                 return $this->initialized;
         }


         public function setInitialized($initialized) {
                 $this->initialized = $initialized;
         }


         public function isSendStatusCode() {
                 return $this->send_status_code;
         }


         public function setSendStatusCode($send_status_code) {
                 $this->send_status_code = $send_status_code;
         }


         public function isRevalidateFolderTokens() {
                 return $this->revalidate_folder_tokens;
         }


         public function setRevalidateFolderTokens($revalidate_folder_tokens) {
                 $this->revalidate_folder_tokens = $revalidate_folder_tokens;
         }


         public static function isDEBUG() {
                 return self::$DEBUG;
         }


         public static function setDEBUG($DEBUG) {
                 self::$DEBUG = $DEBUG;
         }


         public static function isUseSeperateLogfile() {
                 return self::$use_seperate_logfile;
         }


         public static function setUseSeperateLogfile($use_seperate_logfile) {
                 self::$use_seperate_logfile = $use_seperate_logfile;
         }


         public function getCookie() {
                 return $this->cookie;
         }


         public function setCookie($cookie) {
                 $this->cookie = $cookie;
         }


         public function getAppliedCheckingMethods() {
                 return $this->applied_checking_methods;
         }


         public function setAppliedCheckingMethods($applied_checking_methods) {
                 $this->applied_checking_methods = $applied_checking_methods;
         }


         protected function addAppliedCheckingMethod($method) {
                 $this->applied_checking_methods[] = $method;
         }


         protected function sendHeader($message) {
                 header('X-ILIAS-WebAccessChecker: ' . $message);
         }
 }
ilWebAccessChecker\$path_object
$path_object
Definition: class.ilWebAccessChecker.php:28

ilWebAccessChecker\setUseSeperateLogfile
static setUseSeperateLogfile($use_seperate_logfile)
Definition: class.ilWebAccessChecker.php:358

ilSetting
ILIAS Setting Class.
Definition: class.ilSetting.php:32

ilWebAccessChecker\getAppliedCheckingMethods
getAppliedCheckingMethods()
Definition: class.ilWebAccessChecker.php:382

ilWebAccessChecker\__construct
__construct($path, ilWACCookieInterface $ilWACCookieInterface=null)
ilWebAccessChecker constructor.
Definition: class.ilWebAccessChecker.php:77

ilWebAccessChecker\$use_seperate_logfile
static $use_seperate_logfile
Definition: class.ilWebAccessChecker.php:60

ilWebAccessChecker\isChecked
isChecked()
Definition: class.ilWebAccessChecker.php:222

ilWebAccessChecker\setCookie
setCookie($cookie)
Definition: class.ilWebAccessChecker.php:374

$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54

ilWACException
Class ilWACException.
Definition: class.ilWACException.php:10

ilContext\CONTEXT_WAC
const CONTEXT_WAC
Definition: class.ilContext.php:31

$_POST
$_POST['username']
Definition: cron.php:12

ilWebAccessChecker\$DEBUG
static $DEBUG
Definition: class.ilWebAccessChecker.php:56

ilWebAccessChecker\setAppliedCheckingMethods
setAppliedCheckingMethods($applied_checking_methods)
Definition: class.ilWebAccessChecker.php:390

ilWebAccessChecker\setInitialized
setInitialized($initialized)
Definition: class.ilWebAccessChecker.php:294

ilWebAccessChecker\getOverrideMimetype
getOverrideMimetype()
Definition: class.ilWebAccessChecker.php:270

ilWebAccessChecker\REVALIDATE
const REVALIDATE
Definition: class.ilWebAccessChecker.php:20

ilWebAccessChecker\$cookie
$cookie
Definition: class.ilWebAccessChecker.php:64

ilWebAccessChecker\check
check()
Definition: class.ilWebAccessChecker.php:87

ilWACCookieInterface
Class ilWACCookieInterface.
Definition: interface.ilWACCookieInterface.php:8

ilWebAccessChecker\setDisposition
setDisposition($disposition)
Definition: class.ilWebAccessChecker.php:262

ilWACLog\getInstance
static getInstance()
Definition: class.ilWACLog.php:39

ilInitialisation\reinitILIAS
static reinitILIAS()
Definition: class.ilInitialisation.php:852

ilWebAccessChecker\CM_CHECKINGINSTANCE
const CM_CHECKINGINSTANCE
Definition: class.ilWebAccessChecker.php:23

ilWACException\ACCESS_DENIED_NO_LOGIN
const ACCESS_DENIED_NO_LOGIN
Definition: class.ilWACException.php:21

ilWACPath
Class ilWACPath.
Definition: class.ilWACPath.php:9

ilWebAccessChecker\setRevalidateFolderTokens
setRevalidateFolderTokens($revalidate_folder_tokens)
Definition: class.ilWebAccessChecker.php:326

ilWebAccessChecker\CM_SECFOLDER
const CM_SECFOLDER
Definition: class.ilWebAccessChecker.php:24

ilWebAccessChecker\$send_status_code
$send_status_code
Definition: class.ilWebAccessChecker.php:44

ilWebAccessChecker\isInitialized
isInitialized()
Definition: class.ilWebAccessChecker.php:286

ilInitialisation\initILIAS
static initILIAS()
ilias initialisation
Definition: class.ilInitialisation.php:860

ilWebAccessChecker\$initialized
$initialized
Definition: class.ilWebAccessChecker.php:48

ilWACException\CODE_NO_PATH
const CODE_NO_PATH
Definition: class.ilWACException.php:13

ilWACCookie
Class ilWACCookie.
Definition: class.ilWACCookie.php:9

ilWebAccessChecker\CM_FOLDER_TOKEN
const CM_FOLDER_TOKEN
Definition: class.ilWebAccessChecker.php:22

ilWebAccessChecker\isRevalidateFolderTokens
isRevalidateFolderTokens()
Definition: class.ilWebAccessChecker.php:318

ilWebAccessChecker
Class ilWebAccessChecker.
Definition: class.ilWebAccessChecker.php:16

ilWebAccessChecker\setSendStatusCode
setSendStatusCode($send_status_code)
Definition: class.ilWebAccessChecker.php:310

ilWACSignedPath
Class ilWACSignedPath.
Definition: class.ilWACSignedPath.php:13

ilWebAccessChecker\isSendStatusCode
isSendStatusCode()
Definition: class.ilWebAccessChecker.php:302

ilFileDelivery\DISP_INLINE
const DISP_INLINE
Definition: class.ilFileDelivery.php:23

ilWebAccessChecker\getDisposition
getDisposition()
Definition: class.ilWebAccessChecker.php:254

ilWebAccessChecker\checkPublicSection
checkPublicSection()
Definition: class.ilWebAccessChecker.php:202

ilWebAccessChecker\getCookie
getCookie()
Definition: class.ilWebAccessChecker.php:366

ilWebAccessChecker\isDEBUG
static isDEBUG()
Definition: class.ilWebAccessChecker.php:334

ilWebAccessChecker\DISPOSITION
const DISPOSITION
Definition: class.ilWebAccessChecker.php:18

ilWACCheckingClass
Class ilWACCheckingClass.
Definition: interface.ilWACCheckingClass.php:10

ilWebAccessChecker\isUseSeperateLogfile
static isUseSeperateLogfile()
Definition: class.ilWebAccessChecker.php:350

ilWebAccessChecker\setOverrideMimetype
setOverrideMimetype($override_mimetype)
Definition: class.ilWebAccessChecker.php:278

ilWebAccessChecker\STATUS_CODE
const STATUS_CODE
Definition: class.ilWebAccessChecker.php:19

ilWebAccessChecker\$checked
$checked
Definition: class.ilWebAccessChecker.php:32

ilWebAccessChecker\getPathObject
getPathObject()
Definition: class.ilWebAccessChecker.php:238

ilContext\init
static init($a_type)
Init context by type.
Definition: class.ilContext.php:39

ilWebAccessChecker\$applied_checking_methods
$applied_checking_methods
Definition: class.ilWebAccessChecker.php:68

ilWebAccessChecker\$override_mimetype
$override_mimetype
Definition: class.ilWebAccessChecker.php:40

$ilUser
global $ilUser
Definition: imgupload.php:15

ilWebAccessChecker\$disposition
$disposition
Definition: class.ilWebAccessChecker.php:36

$ilSetting
global $ilSetting
Definition: privfeed.php:40

$path
$path
Definition: index.php:22

ilWebAccessChecker\$revalidate_folder_tokens
$revalidate_folder_tokens
Definition: class.ilWebAccessChecker.php:52

ilWACException\ACCESS_DENIED_NO_PUB
const ACCESS_DENIED_NO_PUB
Definition: class.ilWACException.php:20

$_REQUEST
if($_REQUEST['ilias_path']) define('ILIAS_HTTP_PATH' $_REQUEST['ilias_path']
Definition: index.php:7

ilWebAccessChecker\addAppliedCheckingMethod
addAppliedCheckingMethod($method)
Definition: class.ilWebAccessChecker.php:398

ilObjUser
Definition: class.ilObjUser.php:23

ilWebAccessChecker\sendHeader
sendHeader($message)
Definition: class.ilWebAccessChecker.php:406

$GLOBALS
$GLOBALS['PHPCAS_CLIENT']
This global variable is used by the interface class phpCAS.
Definition: CAS.php:276

ilWebAccessChecker\initILIAS
initILIAS()
Definition: class.ilWebAccessChecker.php:169

ilWebAccessChecker\setPathObject
setPathObject($path_object)
Definition: class.ilWebAccessChecker.php:246

ilWebAccessChecker\setDEBUG
static setDEBUG($DEBUG)
Definition: class.ilWebAccessChecker.php:342

ilWebAccessChecker\CM_FILE_TOKEN
const CM_FILE_TOKEN
Definition: class.ilWebAccessChecker.php:21

ilWebAccessChecker\setChecked
setChecked($checked)
Definition: class.ilWebAccessChecker.php:230

Exception

ilWebAccessChecker\checkUser
checkUser()
Definition: class.ilWebAccessChecker.php:211