ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
class.ilObjSurveyAccess.php
Go to the documentation of this file.
1<?php
2/*
3 +-----------------------------------------------------------------------------+
4 | ILIAS open source |
5 +-----------------------------------------------------------------------------+
6 | Copyright (c) 1998-2006 ILIAS open source, University of Cologne |
7 | |
8 | This program is free software; you can redistribute it and/or |
9 | modify it under the terms of the GNU General Public License |
10 | as published by the Free Software Foundation; either version 2 |
11 | of the License, or (at your option) any later version. |
12 | |
13 | This program is distributed in the hope that it will be useful, |
14 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | GNU General Public License for more details. |
17 | |
18 | You should have received a copy of the GNU General Public License |
19 | along with this program; if not, write to the Free Software |
20 | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21 +-----------------------------------------------------------------------------+
22*/
23
24include_once "./Services/Object/classes/class.ilObjectAccess.php";
25include_once './Services/AccessControl/interfaces/interface.ilConditionHandling.php';
26
38{
39
43 public static function getConditionOperators()
44 {
45 include_once './Services/AccessControl/classes/class.ilConditionHandler.php';
46 return array(
48 );
49 }
50
51
60 public static function checkCondition($a_svy_id,$a_operator,$a_value,$a_usr_id)
61 {
62 switch($a_operator)
63 {
65 include_once("./Modules/Survey/classes/class.ilObjSurveyAccess.php");
66 if (ilObjSurveyAccess::_lookupFinished($a_svy_id, $a_usr_id))
67 {
68 return true;
69 }
70 else
71 {
72 return false;
73 }
74 break;
75
76 default:
77 return true;
78 }
79 return true;
80 }
81
97 function _checkAccess($a_cmd, $a_permission, $a_ref_id, $a_obj_id, $a_user_id = "")
98 {
99 global $ilUser, $lng, $rbacsystem, $ilAccess;
100
101 if ($a_user_id == "")
102 {
103 $a_user_id = $ilUser->getId();
104 }
105
106 $is_admin = $rbacsystem->checkAccessOfUser($a_user_id,'write',$a_ref_id);
107
108 // check "global" online switch
109 if(!self::_lookupOnline($a_obj_id) && !$is_admin)
110 {
111 $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("offline"));
112 return false;
113 }
114
115 switch ($a_permission)
116 {
117 case "visible":
118 case "read":
120 !$is_admin)
121 {
122 $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("warning_survey_not_complete"));
123 return false;
124 }
125 break;
126 }
127
128 switch ($a_cmd)
129 {
130 case "run":
132 || !(ilObjSurveyAccess::_lookupOnline($a_obj_id) == 1))
133 {
134 $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("warning_survey_not_complete"));
135 return false;
136 }
137 break;
138
139 case "evaluation":
141 {
142 $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("warning_survey_not_complete"));
143 return false;
144 }
145 if ($rbacsystem->checkAccess("write",$a_ref_id) || ilObjSurveyAccess::_hasEvaluationAccess($a_obj_id, $a_user_id))
146 {
147 return true;
148 }
149 else
150 {
151 $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("status_no_permission"));
152 return false;
153 }
154 break;
155 }
156
157 return true;
158 }
159
160
173 static function _getCommands()
174 {
175 $commands = array
176 (
177 array("permission" => "read", "cmd" => "infoScreen", "lang_var" => "svy_run", "default" => true),
178 array("permission" => "write", "cmd" => "questionsrepo", "lang_var" => "edit_questions"),
179 array("permission" => "write", "cmd" => "properties", "lang_var" => "settings"),
180 array("permission" => "read", "cmd" => "evaluation", "lang_var" => "svy_results")
181 );
182
183 return $commands;
184 }
185
186 //
187 // object specific access related methods
188 //
189
193 static function _lookupCreationComplete($a_obj_id)
194 {
195 global $ilDB;
196
197 $result = $ilDB->queryF("SELECT * FROM svy_svy WHERE obj_fi=%s",
198 array('integer'),
199 array($a_obj_id)
200 );
201
202 if ($result->numRows() == 1)
203 {
204 $row = $ilDB->fetchAssoc($result);
205 }
206 if (!$row["complete"])
207 {
208 return false;
209 }
210 return true;
211 }
212
216 static function _lookupEvaluationAccess($a_obj_id)
217 {
218 global $ilDB;
219
220 $result = $ilDB->queryF("SELECT * FROM svy_svy WHERE obj_fi=%s",
221 array('integer'),
222 array($a_obj_id)
223 );
224 if ($result->numRows() == 1)
225 {
226 $row = $ilDB->fetchAssoc($result);
227 }
228
229 return $row["evaluation_access"];
230 }
231
232 static function _isSurveyParticipant($user_id, $survey_id)
233 {
234 global $ilDB;
235
236 $result = $ilDB->queryF("SELECT finished_id FROM svy_finished WHERE user_fi = %s AND survey_fi = %s",
237 array('integer','integer'),
238 array($user_id, $survey_id)
239 );
240 return ($result->numRows() == 1) ? true : false;
241 }
242
243 static function _lookupAnonymize($a_obj_id)
244 {
245 global $ilDB;
246
247 $result = $ilDB->queryF("SELECT anonymize FROM svy_svy WHERE obj_fi = %s",
248 array('integer'),
249 array($a_obj_id)
250 );
251 if ($result->numRows() == 1)
252 {
253 $row = $ilDB->fetchAssoc($result);
254 return $row["anonymize"];
255 }
256 else
257 {
258 return 0;
259 }
260 }
261
262 static function _hasEvaluationAccess($a_obj_id, $user_id)
263 {
264 $evaluation_access = ilObjSurveyAccess::_lookupEvaluationAccess($a_obj_id);
265 switch ($evaluation_access)
266 {
267 case 0:
268 // no evaluation access
269 return false;
270 break;
271 case 1:
272 // evaluation access for all registered users
273 if (($user_id > 0) && ($user_id != ANONYMOUS_USER_ID))
274 {
275 return true;
276 }
277 else
278 {
279 return false;
280 }
281 break;
282 case 2:
283 if(!self::_lookup360Mode($a_obj_id))
284 {
285 // evaluation access for participants
286 // check if the user with the given id is a survey participant
287
288 // show the evaluation button for anonymized surveys for all users
289 // access is only granted with the survey access code
290 if (ilObjSurveyAccess::_lookupAnonymize($a_obj_id) == 1) return true;
291
292 global $ilDB;
293 $result = $ilDB->queryF("SELECT survey_id FROM svy_svy WHERE obj_fi = %s",
294 array('integer'),
295 array($a_obj_id)
296 );
297 if ($result->numRows() == 1)
298 {
299 $row = $ilDB->fetchAssoc($result);
300
301 if (ilObjSurveyAccess::_isSurveyParticipant($user_id, $row["survey_id"]))
302 {
303 return true;
304 }
305 }
306 return false;
307 }
308 // 360°
309 else
310 {
311 include_once "Modules/Survey/classes/class.ilObjSurvey.php";
312 $svy = new ilObjSurvey($a_obj_id, false);
313 $svy->read();
314 switch($svy->get360Results())
315 {
317 return false;
318
320 return $svy->isAppraiseeClosed($user_id);
321
323 return $svy->isAppraisee($user_id);
324 }
325 }
326 break;
327 }
328 }
329
333 static function _lookupOnline($a_obj_id)
334 {
335 global $ilDB;
336
337 $result = $ilDB->queryF("SELECT * FROM svy_svy WHERE obj_fi=%s",
338 array('integer'),
339 array($a_obj_id)
340 );
341 if ($result->numRows() == 1) {
342 $row = $ilDB->fetchAssoc($result);
343 }
344
345 return $row["status"];
346 }
347
353 static function _lookupFinished($a_obj_id, $a_user_id = "")
354 {
355 global $ilDB, $ilUser;
356
357 $finished = "";
358 if (!strlen($a_user_id)) $a_user_id = $ilUser->getId();
359
360 $result = $ilDB->queryF("SELECT * FROM svy_svy WHERE obj_fi = %s",
361 array('integer'),
362 array($a_obj_id)
363 );
364 if ($result->numRows() == 1)
365 {
366 $row = $ilDB->fetchObject($result);
367 if ($row->anonymize == 1)
368 {
369 $result = $ilDB->queryF("SELECT * FROM svy_finished, svy_anonymous WHERE svy_finished.survey_fi = %s ".
370 "AND svy_finished.survey_fi = svy_anonymous.survey_fi AND svy_anonymous.user_key = %s ".
371 "AND svy_anonymous.survey_key = svy_finished.anonymous_id",
372 array('integer','text'),
373 array($row->survey_id, md5($a_user_id))
374 );
375 }
376 else
377 {
378 $result = $ilDB->queryF("SELECT * FROM svy_finished WHERE survey_fi = %s AND user_fi = %s",
379 array('integer','integer'),
380 array($row->survey_id, $a_user_id)
381 );
382 }
383 if ($result->numRows() == 1)
384 {
385 $foundrow = $ilDB->fetchAssoc($result);
386 $finished = (int)$foundrow["state"];
387 }
388 }
389
390 return $finished;
391 }
392
393 static function _lookup360Mode($a_obj_id)
394 {
395 global $ilDB;
396
397 $result = $ilDB->queryF("SELECT mode_360 FROM svy_svy".
398 " WHERE obj_fi = %s AND mode_360 = %s",
399 array('integer','integer'),
400 array($a_obj_id, 1)
401 );
402 return (bool)$ilDB->numRows($result);
403 }
404
408 static function _checkGoto($a_target)
409 {
410 global $ilAccess;
411
412 $t_arr = explode("_", $a_target);
413
414 if ($t_arr[0] != "svy" || ((int) $t_arr[1]) <= 0)
415 {
416 return false;
417 }
418
419 // 360° external raters
420 if ($_GET["accesscode"])
421 {
422 include_once "Modules/Survey/classes/class.ilObjSurvey.php";
423 if(ilObjSurvey::validateExternalRaterCode($t_arr[1], $_GET["accesscode"]))
424 {
425 return true;
426 }
427 }
428
429 if ($ilAccess->checkAccess("visible", "", $t_arr[1]) ||
430 $ilAccess->checkAccess("read", "", $t_arr[1]))
431 {
432 return true;
433 }
434 return false;
435 }
436}
437
438?>
$result
$_GET["client_id"]
An exception for terminatinating execution or to throw for unit testing.
const IL_NO_OBJECT_ACCESS
Class ilObjSurveyAccess.
static _isSurveyParticipant($user_id, $survey_id)
static _lookupEvaluationAccess($a_obj_id)
get evaluation access
static getConditionOperators()
Get possible conditions operators.
static _lookup360Mode($a_obj_id)
static _getCommands()
get commands
_checkAccess($a_cmd, $a_permission, $a_ref_id, $a_obj_id, $a_user_id="")
Checks wether a user may invoke a command or not (this method is called by ilAccessHandler::checkAcce...
static checkCondition($a_svy_id, $a_operator, $a_value, $a_usr_id)
check condition
static _lookupOnline($a_obj_id)
get status
static _lookupFinished($a_obj_id, $a_user_id="")
get finished status
static _lookupCreationComplete($a_obj_id)
checks wether all necessary parts of the survey are given
static _checkGoto($a_target)
check whether goto script will succeed
static _hasEvaluationAccess($a_obj_id, $user_id)
static _lookupAnonymize($a_obj_id)
static validateExternalRaterCode($a_ref_id, $a_code)
Class ilObjectAccess.
Interface for condition handling.
global $lng
Definition: privfeed.php:17
global $ilDB
$ilUser
Definition: imgupload.php:18