ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilClaimingPermissionHelper.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2013 ILIAS open source, Extended GPL, see docs/LICENSE */
3
12abstract class ilClaimingPermissionHelper
13{
14 protected $user_id; // [int]
15 protected $ref_id; // [int]
16 protected $map; // [array]
17 protected $context_ids; // [array]
18 protected $plugins; // [array]
19
20 protected static $instances; // [array]
21
22
23 // constructor
24
32 protected function __construct($a_user_id, $a_ref_id)
33 {
34 $this->setUserId($a_user_id);
35 $this->setRefId($a_ref_id);
36 $this->map = $this->buildPermissionMap();
37 $this->reset();
38 }
39
47 public static function getInstance($a_user_id = null, $a_ref_id = null)
48 {
49 global $ilUser;
50
51 if(!$a_user_id)
52 {
53 $a_user_id = $ilUser->getId();
54 }
55 if(!$a_ref_id)
56 {
57 $a_ref_id = (int)$_REQUEST["ref_id"];
58 }
59 if(!isset(self::$instances[$a_user_id][$a_ref_id]))
60 {
61 self::$instances[$a_user_id][$a_ref_id] = new static($a_user_id, $a_ref_id);
62 }
63 return self::$instances[$a_user_id][$a_ref_id];
64 }
65
69 public function reset()
70 {
71 $this->context_ids = array();
72 }
73
74
75 // properties
76
82 protected function setUserId($a_value)
83 {
84 $this->user_id = (int)$a_value;
85 }
86
92 protected function getUserId()
93 {
94 return $this->user_id;
95 }
96
102 protected function setRefId($a_value)
103 {
104 $this->ref_id = (int)$a_value;
105 }
106
112 protected function getRefId()
113 {
114 return $this->ref_id;
115 }
116
117
118 // caching
119
127 abstract protected function readContextIds($a_context_type);
128
129
130 // permissions
131
137 abstract protected function buildPermissionMap();
138
148 protected function isValidContextAndAction($a_context_type, $a_context_id, $a_action_id, $a_action_sub_id = null)
149 {
150 $valid = false;
151
152 if(array_key_exists($a_context_type, $this->map))
153 {
154 if(!$a_action_sub_id)
155 {
156 if(in_array($a_action_id, $this->map[$a_context_type]["actions"]))
157 {
158 $valid = true;
159 }
160 }
161 else
162 {
163 if(array_key_exists($a_action_id, $this->map[$a_context_type]["subactions"]) &&
164 in_array($a_action_sub_id, $this->map[$a_context_type]["subactions"][$a_action_id]))
165 {
166 $valid = true;
167 }
168 }
169 }
170
171 if($valid &&
172 $a_context_id &&
173 !in_array($a_context_id, $this->getValidContextIds($a_context_type)))
174 {
175 $valid = false;
176 }
177
178 if(DEVMODE && !$valid)
179 {
180 trigger_error("INVALID permission context - ".$a_context_type.":".$a_context_id.":".$a_action_id.":".$a_action_sub_id, E_USER_WARNING);
181 }
182
183 return $valid;
184 }
185
193 protected function getValidContextIds($a_context_type)
194 {
195 if(!array_key_exists($a_context_type, $this->context_ids))
196 {
197 $this->context_ids[$a_context_type] = $this->readContextIds($a_context_type);
198 }
199 return (array)$this->context_ids[$a_context_type];
200 }
201
211 public function hasPermission($a_context_type, $a_context_id, $a_action_id, $a_action_sub_id = null)
212 {
213 if($this->isValidContextAndAction($a_context_type, $a_context_id, $a_action_id, $a_action_sub_id))
214 {
215 return $this->checkPermission($a_context_type, $a_context_id, $a_action_id, $a_action_sub_id);
216 }
217 // :TODO: exception?
218 }
219
228 public function hasPermissions($a_context_type, $a_context_id, array $a_action_ids)
229 {
230 $res = array();
231
232 foreach($a_action_ids as $action_id)
233 {
234 if(is_array($action_id))
235 {
236 $action_sub_id = $action_id[1];
237 $action_id = $action_id[0];
238
239 $res[$action_id][$action_sub_id] = $this->hasPermission($a_context_type, $a_context_id, $action_id, $action_sub_id);
240 }
241 else
242 {
243 $res[$action_id] = $this->hasPermission($a_context_type, $a_context_id, $action_id);
244 }
245 }
246
247 return $res;
248 }
249
259 protected function checkPermission($a_context_type, $a_context_id, $a_action_id, $a_action_sub_id = null)
260 {
261 return ($this->checkRBAC() &&
262 $this->checkPlugins($a_context_type, $a_context_id, $a_action_id, $a_action_sub_id));
263 }
264
270 protected function checkRBAC()
271 {
272 global $ilAccess;
273
274 // we are currently only supporting write operations
275 return $ilAccess->checkAccessOfUser($this->getUserId(), "write", "", $this->getRefId());
276 }
277
283 abstract protected function getActivePlugins();
284
294 protected function checkPlugins($a_context_type, $a_context_id, $a_action_id, $a_action_sub_id = null)
295 {
296 $valid = true;
297
298 if(!is_array($this->plugins))
299 {
300 $this->plugins = (array)$this->getActivePlugins();
301 }
302
303 foreach($this->plugins as $plugin)
304 {
305 if(!$plugin->checkPermission($this->getUserId(), $a_context_type, $a_context_id, $a_action_id, $a_action_sub_id))
306 {
307 $valid = false;
308 break;
309 }
310 }
311
312 return $valid;
313 }
314}
315
316?>
ilClaimingPermissionHelper
Claiming permission helper base class.
Definition: class.ilClaimingPermissionHelper.php:13
ilClaimingPermissionHelper\buildPermissionMap
buildPermissionMap()
Build map of context and actions.
ilClaimingPermissionHelper\hasPermission
hasPermission($a_context_type, $a_context_id, $a_action_id, $a_action_sub_id=null)
Check permission.
Definition: class.ilClaimingPermissionHelper.php:211
ilClaimingPermissionHelper\getValidContextIds
getValidContextIds($a_context_type)
Get context ids for context type (uses cache)
Definition: class.ilClaimingPermissionHelper.php:193
ilClaimingPermissionHelper\getActivePlugins
getActivePlugins()
Get active plugins (for current slot)
ilClaimingPermissionHelper\checkPlugins
checkPlugins($a_context_type, $a_context_id, $a_action_id, $a_action_sub_id=null)
Check permission against plugins.
Definition: class.ilClaimingPermissionHelper.php:294
ilClaimingPermissionHelper\hasPermissions
hasPermissions($a_context_type, $a_context_id, array $a_action_ids)
Check permissions.
Definition: class.ilClaimingPermissionHelper.php:228
ilClaimingPermissionHelper\checkRBAC
checkRBAC()
Check permission against RBAC.
Definition: class.ilClaimingPermissionHelper.php:270
ilClaimingPermissionHelper\checkPermission
checkPermission($a_context_type, $a_context_id, $a_action_id, $a_action_sub_id=null)
Check permission (helper: rbac, plugins)
Definition: class.ilClaimingPermissionHelper.php:259
ilClaimingPermissionHelper\getInstance
static getInstance($a_user_id=null, $a_ref_id=null)
Factory.
Definition: class.ilClaimingPermissionHelper.php:47
ilClaimingPermissionHelper\isValidContextAndAction
isValidContextAndAction($a_context_type, $a_context_id, $a_action_id, $a_action_sub_id=null)
Check if given combination of context and action is valid.
Definition: class.ilClaimingPermissionHelper.php:148
ilClaimingPermissionHelper\__construct
__construct($a_user_id, $a_ref_id)
Constructor.
Definition: class.ilClaimingPermissionHelper.php:32
ilClaimingPermissionHelper\readContextIds
readContextIds($a_context_type)
Get all context ids for context type (from DB, is cached)
$valid
$valid
Definition: dummy_client.php:53
$_REQUEST
if($_REQUEST['ilias_path']) define('ILIAS_HTTP_PATH' $_REQUEST['ilias_path']
Definition: index.php:7
$ilUser
global $ilUser
Definition: imgupload.php:15