ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilObjSurveyAccess.php
Go to the documentation of this file.
1<?php
2/*
3 +-----------------------------------------------------------------------------+
4 | ILIAS open source |
5 +-----------------------------------------------------------------------------+
6 | Copyright (c) 1998-2006 ILIAS open source, University of Cologne |
7 | |
8 | This program is free software; you can redistribute it and/or |
9 | modify it under the terms of the GNU General Public License |
10 | as published by the Free Software Foundation; either version 2 |
11 | of the License, or (at your option) any later version. |
12 | |
13 | This program is distributed in the hope that it will be useful, |
14 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | GNU General Public License for more details. |
17 | |
18 | You should have received a copy of the GNU General Public License |
19 | along with this program; if not, write to the Free Software |
20 | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21 +-----------------------------------------------------------------------------+
22*/
23
24include_once "./Services/Object/classes/class.ilObjectAccess.php";
25include_once './Services/AccessControl/interfaces/interface.ilConditionHandling.php';
26
38{
39
43 public static function getConditionOperators()
44 {
45 include_once './Services/AccessControl/classes/class.ilConditionHandler.php';
46 return array(
48 );
49 }
50
51
60 public static function checkCondition($a_svy_id,$a_operator,$a_value,$a_usr_id)
61 {
62 switch($a_operator)
63 {
65 //if (ilExerciseMembers::_lookupStatus($a_exc_id, $ilias->account->getId()) == "passed")
66 include_once("./Modules/Survey/classes/class.ilObjSurveyAccess.php");
67 if (ilObjSurveyAccess::_lookupFinished($a_svy_id, $a_usr_id))
68 {
69 return true;
70 }
71 else
72 {
73 return false;
74 }
75 break;
76
77 default:
78 return true;
79 }
80 return true;
81 }
82
98 function _checkAccess($a_cmd, $a_permission, $a_ref_id, $a_obj_id, $a_user_id = "")
99 {
100 global $ilUser, $lng, $rbacsystem, $ilAccess;
101
102 if ($a_user_id == "")
103 {
104 $a_user_id = $ilUser->getId();
105 }
106
107 $is_admin = $rbacsystem->checkAccessOfUser($a_user_id,'write',$a_ref_id);
108
109 // check "global" online switch
110 if(!self::_lookupOnline($a_obj_id) && !$is_admin)
111 {
112 $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("offline"));
113 return false;
114 }
115
116 switch ($a_permission)
117 {
118 case "visible":
119 case "read":
121 !$is_admin)
122 {
123 $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("warning_survey_not_complete"));
124 return false;
125 }
126 break;
127 }
128
129 switch ($a_cmd)
130 {
131 case "run":
133 || !(ilObjSurveyAccess::_lookupOnline($a_obj_id) == 1))
134 {
135 $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("warning_survey_not_complete"));
136 return false;
137 }
138 break;
139
140 case "evaluation":
142 {
143 $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("warning_survey_not_complete"));
144 return false;
145 }
146 if ($rbacsystem->checkAccess("write",$a_ref_id) || ilObjSurveyAccess::_hasEvaluationAccess($a_obj_id, $a_user_id))
147 {
148 return true;
149 }
150 else
151 {
152 $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("status_no_permission"));
153 return false;
154 }
155 break;
156 }
157
158 return true;
159 }
160
161
174 function _getCommands()
175 {
176 $commands = array
177 (
178 array("permission" => "read", "cmd" => "infoScreen", "lang_var" => "svy_run", "default" => true),
179 array("permission" => "write", "cmd" => "questionsrepo", "lang_var" => "edit_questions"),
180 array("permission" => "write", "cmd" => "properties", "lang_var" => "settings"),
181 array("permission" => "read", "cmd" => "evaluation", "lang_var" => "svy_results")
182 );
183
184 return $commands;
185 }
186
187 //
188 // object specific access related methods
189 //
190
194 function _lookupCreationComplete($a_obj_id)
195 {
196 global $ilDB;
197
198 $result = $ilDB->queryF("SELECT * FROM svy_svy WHERE obj_fi=%s",
199 array('integer'),
200 array($a_obj_id)
201 );
202
203 if ($result->numRows() == 1)
204 {
205 $row = $ilDB->fetchAssoc($result);
206 }
207 if (!$row["complete"])
208 {
209 return false;
210 }
211 return true;
212 }
213
217 function _lookupEvaluationAccess($a_obj_id)
218 {
219 global $ilDB;
220
221 $result = $ilDB->queryF("SELECT * FROM svy_svy WHERE obj_fi=%s",
222 array('integer'),
223 array($a_obj_id)
224 );
225 if ($result->numRows() == 1)
226 {
227 $row = $ilDB->fetchAssoc($result);
228 }
229
230 return $row["evaluation_access"];
231 }
232
233 function _isSurveyParticipant($user_id, $survey_id)
234 {
235 global $ilDB;
236
237 $result = $ilDB->queryF("SELECT finished_id FROM svy_finished WHERE user_fi = %s AND survey_fi = %s",
238 array('integer','integer'),
239 array($user_id, $survey_id)
240 );
241 return ($result->numRows() == 1) ? true : false;
242 }
243
244 function _lookupAnonymize($a_obj_id)
245 {
246 global $ilDB;
247
248 $result = $ilDB->queryF("SELECT anonymize FROM svy_svy WHERE obj_fi = %s",
249 array('integer'),
250 array($a_obj_id)
251 );
252 if ($result->numRows() == 1)
253 {
254 $row = $ilDB->fetchAssoc($result);
255 return $row["anonymize"];
256 }
257 else
258 {
259 return 0;
260 }
261 }
262
263 function _hasEvaluationAccess($a_obj_id, $user_id)
264 {
265 $evaluation_access = ilObjSurveyAccess::_lookupEvaluationAccess($a_obj_id);
266 switch ($evaluation_access)
267 {
268 case 0:
269 // no evaluation access
270 return false;
271 break;
272 case 1:
273 // evaluation access for all registered users
274 if (($user_id > 0) && ($user_id != ANONYMOUS_USER_ID))
275 {
276 return true;
277 }
278 else
279 {
280 return false;
281 }
282 break;
283 case 2:
284 if(!self::_lookup360Mode($a_obj_id))
285 {
286 // evaluation access for participants
287 // check if the user with the given id is a survey participant
288
289 // show the evaluation button for anonymized surveys for all users
290 // access is only granted with the survey access code
291 if (ilObjSurveyAccess::_lookupAnonymize($a_obj_id) == 1) return true;
292
293 global $ilDB;
294 $result = $ilDB->queryF("SELECT survey_id FROM svy_svy WHERE obj_fi = %s",
295 array('integer'),
296 array($a_obj_id)
297 );
298 if ($result->numRows() == 1)
299 {
300 $row = $ilDB->fetchAssoc($result);
301
302 if (ilObjSurveyAccess::_isSurveyParticipant($user_id, $row["survey_id"]))
303 {
304 return true;
305 }
306 }
307 return false;
308 }
309 // 360°
310 else
311 {
312 include_once "Modules/Survey/classes/class.ilObjSurvey.php";
313 $svy = new ilObjSurvey($a_obj_id, false);
314 $svy->read();
315 switch($svy->get360Results())
316 {
318 return false;
319
321 return $svy->isAppraiseeClosed($user_id);
322
324 return $svy->isAppraisee($user_id);
325 }
326 }
327 break;
328 }
329 }
330
334 function _lookupOnline($a_obj_id)
335 {
336 global $ilDB;
337
338 $result = $ilDB->queryF("SELECT * FROM svy_svy WHERE obj_fi=%s",
339 array('integer'),
340 array($a_obj_id)
341 );
342 if ($result->numRows() == 1) {
343 $row = $ilDB->fetchAssoc($result);
344 }
345
346 return $row["status"];
347 }
348
354 function _lookupFinished($a_obj_id, $a_user_id = "")
355 {
356 global $ilDB, $ilUser;
357
358 $finished = "";
359 if (!strlen($a_user_id)) $a_user_id = $ilUser->getId();
360
361 $result = $ilDB->queryF("SELECT * FROM svy_svy WHERE obj_fi = %s",
362 array('integer'),
363 array($a_obj_id)
364 );
365 if ($result->numRows() == 1)
366 {
367 $row = $ilDB->fetchObject($result);
368 if ($row->anonymize == 1)
369 {
370 $result = $ilDB->queryF("SELECT * FROM svy_finished, svy_anonymous WHERE svy_finished.survey_fi = %s ".
371 "AND svy_finished.survey_fi = svy_anonymous.survey_fi AND svy_anonymous.user_key = %s ".
372 "AND svy_anonymous.survey_key = svy_finished.anonymous_id",
373 array('integer','text'),
374 array($row->survey_id, md5($a_user_id))
375 );
376 }
377 else
378 {
379 $result = $ilDB->queryF("SELECT * FROM svy_finished WHERE survey_fi = %s AND user_fi = %s",
380 array('integer','integer'),
381 array($row->survey_id, $a_user_id)
382 );
383 }
384 if ($result->numRows() == 1)
385 {
386 $foundrow = $ilDB->fetchAssoc($result);
387 $finished = (int)$foundrow["state"];
388 }
389 }
390
391 return $finished;
392 }
393
394 function _lookup360Mode($a_obj_id)
395 {
396 global $ilDB;
397
398 $result = $ilDB->queryF("SELECT mode_360 FROM svy_svy".
399 " WHERE obj_fi = %s AND mode_360 = %s",
400 array('integer','integer'),
401 array($a_obj_id, 1)
402 );
403 return (bool)$ilDB->numRows($result);
404 }
405
409 function _checkGoto($a_target)
410 {
411 global $ilAccess;
412
413 $t_arr = explode("_", $a_target);
414
415 if ($t_arr[0] != "svy" || ((int) $t_arr[1]) <= 0)
416 {
417 return false;
418 }
419
420 // 360° external raters
421 if ($_GET["accesscode"])
422 {
423 include_once "Modules/Survey/classes/class.ilObjSurvey.php";
424 if(ilObjSurvey::validateExternalRaterCode($t_arr[1], $_GET["accesscode"]))
425 {
426 return true;
427 }
428 }
429
430 if ($ilAccess->checkAccess("visible", "", $t_arr[1]) ||
431 $ilAccess->checkAccess("read", "", $t_arr[1]))
432 {
433 return true;
434 }
435 return false;
436 }
437}
438
439?>
$result
$_GET["client_id"]
const IL_NO_OBJECT_ACCESS
Class ilObjSurveyAccess.
_lookupOnline($a_obj_id)
get status
_checkGoto($a_target)
check whether goto script will succeed
static getConditionOperators()
Get possible conditions operators.
_isSurveyParticipant($user_id, $survey_id)
_hasEvaluationAccess($a_obj_id, $user_id)
_lookupFinished($a_obj_id, $a_user_id="")
get finished status
_lookupCreationComplete($a_obj_id)
checks wether all necessary parts of the survey are given
_checkAccess($a_cmd, $a_permission, $a_ref_id, $a_obj_id, $a_user_id="")
Checks wether a user may invoke a command or not (this method is called by ilAccessHandler::checkAcce...
static checkCondition($a_svy_id, $a_operator, $a_value, $a_usr_id)
check condition
_lookupEvaluationAccess($a_obj_id)
get evaluation access
static validateExternalRaterCode($a_ref_id, $a_code)
Class ilObjectAccess.
Interface for condition handling.
global $lng
Definition: privfeed.php:40
global $ilDB
global $ilUser
Definition: imgupload.php:15