ilOrgUnitPositionAccess Class Reference

Class ilOrgUnitPositionAccess. More...

Inheritance diagram for ilOrgUnitPositionAccess:

Collaboration diagram for ilOrgUnitPositionAccess:

Public Member Functions
	__construct ()
	ilOrgUnitPositionAccess constructor. More...
	filterUserIdsForCurrentUsersPositionsAndPermission (array $user_ids, $permission)
	Parameters int[] $user_ids List of ILIAS-User-IDs which shall be filtered string $permission See also getAvailablePositionRelatedPermissions for available permissions Exceptions ilOrgUnitAccessException when a unknown permission is used. See the list of available permissions in interface ilOrgUnitPositionAccessHandler Returns int[] Filtered List of ILIAS-User-IDs More...
	filterUserIdsForUsersPositionsAndPermission (array $user_ids, $for_user_id, $permission)
	Parameters int[] $user_ids List of ILIAS-User-IDs which shall be filtered int $for_user_id string $permission See also getAvailablePositionRelatedPermissions for available permissions Exceptions ilOrgUnitAccessException when a unknown permission is used. See the list of available permissions in interface ilOrgUnitPositionAccessHandler Returns int[] Filtered List of ILIAS-User-IDs More...
	isCurrentUserBasedOnPositionsAllowedTo ($permission, array $on_user_ids)
	Parameters string $permission int[] $on_user_ids List of ILIAS-User-IDs See also getAvailablePositionRelatedPermissions for available permissions Returns bool More...
	isUserBasedOnPositionsAllowedTo ($which_user_id, $permission, array $on_user_ids)
	Parameters int $which_user_id Permission check for this ILIAS-User-ID string $permission int[] $on_user_ids List of ILIAS-User-IDs See also getAvailablePositionRelatedPermissions for available permissions Returns bool More...
	filterUserIdsByPositionOfCurrentUser ($pos_perm, $ref_id, array $user_ids)
	Parameters string $pos_perm int $ref_id int[] $user_ids See also getAvailablePositionRelatedPermissions for available permissions Returns int[] More...
	filterUserIdsByPositionOfUser ($user_id, $pos_perm, $ref_id, array $user_ids)
	Parameters int $user_id string $pos_perm int $ref_id int[] $user_ids See also getAvailablePositionRelatedPermissions for available permissions Returns int[] More...
	checkPositionAccess ($pos_perm, $ref_id)
	Parameters string $pos_perm int $ref_id Reference-ID of the desired Object in the tree See also getAvailablePositionRelatedPermissions for available permissions Returns bool More...
	hasCurrentUserAnyPositionAccess ($ref_id)
	Parameters int $ref_id Returns bool More...
	checkRbacOrPositionPermissionAccess ($rbac_perm, $pos_perm, $ref_id)
	Parameters string $rbac_perm string $pos_perm See the list of available permissions in interface ilOrgUnitPositionAccessHandler int $ref_id Reference-ID of the desired Object in the tree Returns bool More...
	filterUserIdsByRbacOrPositionOfCurrentUser ($rbac_perm, $pos_perm, $ref_id, array $user_ids)
	Parameters string $rbac_perm string $pos_perm See the list of available permissions in interface ilOrgUnitPositionAccessHandler int $ref_id Reference-ID of the desired Object in the tree int[] $user_ids Returns int[] More...
	hasUserRBACorAnyPositionAccess ($rbac_perm, $ref_id)
	Parameters string $rbac_perm int $ref_id Returns bool More...
	filterUserIdsForCurrentUsersPositionsAndPermission (array $user_ids, $permission)
	filterUserIdsForUsersPositionsAndPermission (array $user_ids, $for_user_id, $permission)
	isCurrentUserBasedOnPositionsAllowedTo ($permission, array $on_user_ids)
	isUserBasedOnPositionsAllowedTo ($which_user_id, $permission, array $on_user_ids)
	checkPositionAccess ($pos_perm, $ref_id)
	hasCurrentUserAnyPositionAccess ($ref_id)
	filterUserIdsByPositionOfCurrentUser ($pos_perm, $ref_id, array $user_ids)
	filterUserIdsByPositionOfUser ($user_id, $pos_perm, $ref_id, array $user_ids)
	checkRbacOrPositionPermissionAccess ($rbac_perm, $pos_perm, $ref_id)
	filterUserIdsByRbacOrPositionOfCurrentUser ($rbac_perm, $pos_perm, $ref_id, array $user_ids)
	hasUserRBACorAnyPositionAccess ($rbac_perm, $ref_id)

Protected Attributes
	$ua
	$set

Static Protected Attributes
static	$ref_id_obj_type_map = array()

Private Member Functions
	dic ()
	getCurrentUsersId ()
	getTypeForRefId ($ref_id)
	getObjIdForRefId ($ref_id)
	isPositionActiveForRefId ($ref_id)

Detailed Description

Class ilOrgUnitPositionAccess.

Author

Fabian Schmid fs@st.nosp@m.uder.nosp@m.-raim.nosp@m.ann..nosp@m.ch

Definition at line 8 of file class.ilOrgUnitPositionAccess.php.

Constructor & Destructor Documentation

__construct()

ilOrgUnitPositionAccess::__construct

(

)

ilOrgUnitPositionAccess constructor.

Definition at line 28 of file class.ilOrgUnitPositionAccess.php.

    {
        $this->set = ilOrgUnitGlobalSettings::getInstance();
        $this->ua = ilOrgUnitUserAssignmentQueries::getInstance();
    }

References ilOrgUnitUserAssignmentQueries\getInstance(), and ilOrgUnitGlobalSettings\getInstance().

Here is the call graph for this function:

Member Function Documentation

checkPositionAccess()

ilOrgUnitPositionAccess::checkPositionAccess	(		$pos_perm,
			$ref_id
	)

Parameters

string	$pos_perm
int	$ref_id	Reference-ID of the desired Object in the tree

See also

getAvailablePositionRelatedPermissions for available permissions

Returns

bool

Implements ilOrgUnitPositionAccessHandler.

Definition at line 161 of file class.ilOrgUnitPositionAccess.php.

    {
        // If context is not activated, return same array of $user_ids
        if (!$this->isPositionActiveForRefId($ref_id)) {
            return false;
        }
 
        $operation = ilOrgUnitOperationQueries::findByOperationString($pos_perm, $this->getTypeForRefId($ref_id));
        if (!$operation) {
            return false;
        }
        $current_user_id = $this->getCurrentUsersId();
 
        foreach ($this->ua->getPositionsOfUserId($current_user_id) as $position) {
            $permissions = ilOrgUnitPermissionQueries::getSetForRefId($ref_id, $position->getId());
            if ($permissions->isOperationIdSelected($operation->getOperationId())) {
                return true;
            }
        }
 
        return false;
    }

References ilOrgUnitOperationQueries\findByOperationString(), getCurrentUsersId(), getTypeForRefId(), and isPositionActiveForRefId().

Referenced by ilAccess\checkPositionAccess(), and checkRbacOrPositionPermissionAccess().

Here is the call graph for this function:

Here is the caller graph for this function:

checkRbacOrPositionPermissionAccess()

ilOrgUnitPositionAccess::checkRbacOrPositionPermissionAccess	(		$rbac_perm,
			$pos_perm,
			$ref_id
	)

Parameters

string	$rbac_perm
string	$pos_perm	See the list of available permissions in interface ilOrgUnitPositionAccessHandler
int	$ref_id	Reference-ID of the desired Object in the tree

Returns

bool

Implements ilOrgUnitPositionAndRBACAccessHandler.

Definition at line 211 of file class.ilOrgUnitPositionAccess.php.

    {
        global $DIC;
        // If RBAC allows, just return true
        if ($DIC->access()->checkAccess($rbac_perm, '', $ref_id)) {
            return true;
        }
 
        // If context is not activated, return same array of $user_ids
        if (!$this->isPositionActiveForRefId($ref_id)) {
            return false;
        }
 
        return $this->checkPositionAccess($pos_perm, $ref_id);
    }

References $DIC, checkPositionAccess(), and isPositionActiveForRefId().

Referenced by ilAccess\checkRbacOrPositionPermissionAccess().

Here is the call graph for this function:

Here is the caller graph for this function:

dic()

ilOrgUnitPositionAccess::dic ( )

private

Returns

\ILIAS\DI\Container

Definition at line 268 of file class.ilOrgUnitPositionAccess.php.

    {
        return $GLOBALS['DIC'];
    }

References $GLOBALS.

Referenced by getCurrentUsersId().

Here is the caller graph for this function:

filterUserIdsByPositionOfCurrentUser()

ilOrgUnitPositionAccess::filterUserIdsByPositionOfCurrentUser	(		$pos_perm,
			$ref_id,
		array	$user_ids
	)

Parameters

string	$pos_perm
int	$ref_id
int[]	$user_ids

See also

getAvailablePositionRelatedPermissions for available permissions

Returns

int[]

Implements ilOrgUnitPositionAccessHandler.

Definition at line 88 of file class.ilOrgUnitPositionAccess.php.

    {
        // If context is not activated, return same array of $user_ids
        if (!$this->set->getObjectPositionSettingsByType($this->getTypeForRefId($ref_id))->isActive()) {
            return $user_ids;
        }
 
        $current_user_id = $this->getCurrentUsersId();
 
        return $this->filterUserIdsByPositionOfUser($current_user_id, $pos_perm, $ref_id, $user_ids);
    }

References filterUserIdsByPositionOfUser(), and getCurrentUsersId().

Referenced by ilAccess\filterUserIdsByPositionOfCurrentUser(), and filterUserIdsByRbacOrPositionOfCurrentUser().

Here is the call graph for this function:

Here is the caller graph for this function:

filterUserIdsByPositionOfUser()

ilOrgUnitPositionAccess::filterUserIdsByPositionOfUser	(		$user_id,
			$pos_perm,
			$ref_id,
		array	$user_ids
	)

Parameters

int	$user_id
string	$pos_perm
int	$ref_id
int[]	$user_ids

See also

getAvailablePositionRelatedPermissions for available permissions

Returns

int[]

Implements ilOrgUnitPositionAccessHandler.

Definition at line 104 of file class.ilOrgUnitPositionAccess.php.

    {
        // If context is not activated, return same array of $user_ids
        if (!$this->set->getObjectPositionSettingsByType($this->getTypeForRefId($ref_id))->isActive()) {
            return $user_ids;
        }
 
        // $all_available_users = $this->ua->getUserIdsOfOrgUnit()
        $operation = ilOrgUnitOperationQueries::findByOperationString($pos_perm, $this->getTypeForRefId($ref_id));
        if (!$operation) {
            return $user_ids;
        }
 
        $allowed_user_ids = [];
        foreach ($this->ua->getPositionsOfUserId($user_id) as $position) {
            $permissions = ilOrgUnitPermissionQueries::getSetForRefId($ref_id, $position->getId());
            if (!$permissions->isOperationIdSelected($operation->getOperationId())) {
                continue;
            }
 
            foreach ($position->getAuthorities() as $authority) {
                switch ($authority->getOver()) {
                    case ilOrgUnitAuthority::OVER_EVERYONE:
                        switch ($authority->getScope()) {
                            case ilOrgUnitAuthority::SCOPE_SAME_ORGU:
                                $allowed = $this->ua->getUserIdsOfOrgUnitsOfUsersPosition($position->getId(), $user_id);
                                $allowed_user_ids = $allowed_user_ids + $allowed;
                                break;
                            case ilOrgUnitAuthority::SCOPE_SUBSEQUENT_ORGUS:
                                $allowed = $this->ua->getUserIdsOfOrgUnitsOfUsersPosition($position->getId(), $user_id, true);
                                $allowed_user_ids = $allowed_user_ids + $allowed;
                                break;
                        }
                        break;
                    default:
                        switch ($authority->getScope()) {
                            case ilOrgUnitAuthority::SCOPE_SAME_ORGU:
                                $allowed = $this->ua->getUserIdsOfUsersOrgUnitsInPosition($user_id, $position->getId(), $authority->getOver());
                                $allowed_user_ids = $allowed_user_ids + $allowed;
                                break;
                            case ilOrgUnitAuthority::SCOPE_SUBSEQUENT_ORGUS:
                                $allowed = $this->ua->getUserIdsOfUsersOrgUnitsInPosition($user_id, $position->getId(), $authority->getOver(), true);
                                $allowed_user_ids = $allowed_user_ids + $allowed;
                                break;
                        }
                        break;
                }
            }
        }
 
        return array_intersect($user_ids, $allowed_user_ids);
    }

References $authority, ilOrgUnitOperationQueries\findByOperationString(), getTypeForRefId(), ilOrgUnitAuthority\OVER_EVERYONE, ilOrgUnitAuthority\SCOPE_SAME_ORGU, and ilOrgUnitAuthority\SCOPE_SUBSEQUENT_ORGUS.

Referenced by filterUserIdsByPositionOfCurrentUser(), and ilAccess\filterUserIdsByPositionOfUser().

Here is the call graph for this function:

Here is the caller graph for this function:

filterUserIdsByRbacOrPositionOfCurrentUser()

ilOrgUnitPositionAccess::filterUserIdsByRbacOrPositionOfCurrentUser	(		$rbac_perm,
			$pos_perm,
			$ref_id,
		array	$user_ids
	)

Parameters

string	$rbac_perm
string	$pos_perm	See the list of available permissions in interface ilOrgUnitPositionAccessHandler
int	$ref_id	Reference-ID of the desired Object in the tree
int[]	$user_ids

Returns

int[]

Implements ilOrgUnitPositionAndRBACAccessHandler.

Definition at line 231 of file class.ilOrgUnitPositionAccess.php.

    {
        global $DIC;
        // If RBAC allows, just return true
        if ($DIC->access()->checkAccess($rbac_perm, '', $ref_id)) {
            return $user_ids;
        }
        // If context is not activated, return same array of $user_ids
        if (!$this->isPositionActiveForRefId($ref_id)) {
            return $user_ids;
        }
 
        return $this->filterUserIdsByPositionOfCurrentUser($pos_perm, $ref_id, $user_ids);
    }

References $DIC, filterUserIdsByPositionOfCurrentUser(), and isPositionActiveForRefId().

Referenced by ilAccess\filterUserIdsByRbacOrPositionOfCurrentUser().

Here is the call graph for this function:

Here is the caller graph for this function:

filterUserIdsForCurrentUsersPositionsAndPermission()

ilOrgUnitPositionAccess::filterUserIdsForCurrentUsersPositionsAndPermission	(	array	$user_ids,
			$permission
	)

Parameters

int[]	$user_ids	List of ILIAS-User-IDs which shall be filtered
string	$permission

See also

getAvailablePositionRelatedPermissions for available permissions

Exceptions

ilOrgUnitAccessException when a unknown permission is used. See the list of available permissions in interface ilOrgUnitPositionAccessHandler

Returns

int[] Filtered List of ILIAS-User-IDs

Implements ilOrgUnitPositionAccessHandler.

Definition at line 38 of file class.ilOrgUnitPositionAccess.php.

    {
        $current_user_id = $this->getCurrentUsersId();
 
        return $this->filterUserIdsForUsersPositionsAndPermission($user_ids, $current_user_id, $permission);
    }

References filterUserIdsForUsersPositionsAndPermission(), and getCurrentUsersId().

Referenced by ilAccess\filterUserIdsForCurrentUsersPositionsAndPermission().

Here is the call graph for this function:

Here is the caller graph for this function:

filterUserIdsForUsersPositionsAndPermission()

ilOrgUnitPositionAccess::filterUserIdsForUsersPositionsAndPermission	(	array	$user_ids,
			$for_user_id,
			$permission
	)

Parameters

int[]	$user_ids	List of ILIAS-User-IDs which shall be filtered
int	$for_user_id
string	$permission

See also

getAvailablePositionRelatedPermissions for available permissions

Exceptions

ilOrgUnitAccessException when a unknown permission is used. See the list of available permissions in interface ilOrgUnitPositionAccessHandler

Returns

int[] Filtered List of ILIAS-User-IDs

Implements ilOrgUnitPositionAccessHandler.

Definition at line 49 of file class.ilOrgUnitPositionAccess.php.

    {
        // FSX TODO no permission is checked or existing
        $assignment_of_user = $this->ua->getAssignmentsOfUserId($for_user_id);
        $other_users_in_same_org_units = [];
        foreach ($assignment_of_user as $assignment) {
            $other_users_in_same_org_units = $other_users_in_same_org_units + $this->ua->getUserIdsOfOrgUnit($assignment->getOrguId());
        }
 
        return array_intersect($user_ids, $other_users_in_same_org_units);
    }

Referenced by filterUserIdsForCurrentUsersPositionsAndPermission(), ilAccess\filterUserIdsForUsersPositionsAndPermission(), and isUserBasedOnPositionsAllowedTo().

Here is the caller graph for this function:

getCurrentUsersId()

ilOrgUnitPositionAccess::getCurrentUsersId ( )

private

Returns

int

Definition at line 277 of file class.ilOrgUnitPositionAccess.php.

    {
        return $this->dic()->user()->getId();
    }

References dic().

Referenced by checkPositionAccess(), filterUserIdsByPositionOfCurrentUser(), filterUserIdsForCurrentUsersPositionsAndPermission(), hasCurrentUserAnyPositionAccess(), and isCurrentUserBasedOnPositionsAllowedTo().

Here is the call graph for this function:

Here is the caller graph for this function:

getObjIdForRefId()

ilOrgUnitPositionAccess::getObjIdForRefId (   $ref_id )

private

Parameters

$ref_id

Returns

int

Definition at line 303 of file class.ilOrgUnitPositionAccess.php.

    {
        return ilObject2::_lookupObjectId($ref_id);
    }

References ilObject2\_lookupObjectId().

Referenced by isPositionActiveForRefId().

Here is the call graph for this function:

Here is the caller graph for this function:

getTypeForRefId()

ilOrgUnitPositionAccess::getTypeForRefId (   $ref_id )

private

Parameters

$ref_id

Returns

mixed

Definition at line 288 of file class.ilOrgUnitPositionAccess.php.

    {
        if (!isset(self::$ref_id_obj_type_map[$ref_id])) {
            self::$ref_id_obj_type_map[$ref_id] = ilObject2::_lookupType($ref_id, true);
        }
 
        return self::$ref_id_obj_type_map[$ref_id];
    }

References ilObject2\_lookupType().

Referenced by checkPositionAccess(), and filterUserIdsByPositionOfUser().

Here is the call graph for this function:

Here is the caller graph for this function:

hasCurrentUserAnyPositionAccess()

ilOrgUnitPositionAccess::hasCurrentUserAnyPositionAccess

(

$ref_id

)

Parameters

int

$ref_id

Returns

bool

Implements ilOrgUnitPositionAccessHandler.

Definition at line 188 of file class.ilOrgUnitPositionAccess.php.

    {
        // If context is not activated, return same array of $user_ids
        if (!$this->isPositionActiveForRefId($ref_id)) {
            return false;
        }
 
        $current_user_id = $this->getCurrentUsersId();
 
        foreach ($this->ua->getPositionsOfUserId($current_user_id) as $position) {
            $permissions = ilOrgUnitPermissionQueries::getSetForRefId($ref_id, $position->getId());
            if (count($permissions->getOperations()) > 0) {
                return true;
            }
        }
 
        return false;
    }

References getCurrentUsersId(), and isPositionActiveForRefId().

Referenced by ilAccess\hasCurrentUserAnyPositionAccess(), and hasUserRBACorAnyPositionAccess().

Here is the call graph for this function:

Here is the caller graph for this function:

hasUserRBACorAnyPositionAccess()

ilOrgUnitPositionAccess::hasUserRBACorAnyPositionAccess	(		$rbac_perm,
			$ref_id
	)

Parameters

string	$rbac_perm
int	$ref_id

Returns

bool

Implements ilOrgUnitPositionAndRBACAccessHandler.

Definition at line 250 of file class.ilOrgUnitPositionAccess.php.

    {
        global $DIC;
        if ($DIC->access()->checkAccess($rbac_perm, '', $ref_id)) {
            return true;
        }
 
        return $this->hasCurrentUserAnyPositionAccess($ref_id);
    }

References $DIC, and hasCurrentUserAnyPositionAccess().

Referenced by ilAccess\hasUserRBACorAnyPositionAccess().

Here is the call graph for this function:

Here is the caller graph for this function:

isCurrentUserBasedOnPositionsAllowedTo()

ilOrgUnitPositionAccess::isCurrentUserBasedOnPositionsAllowedTo	(		$permission,
		array	$on_user_ids
	)

Parameters

string	$permission
int[]	$on_user_ids	List of ILIAS-User-IDs

See also

getAvailablePositionRelatedPermissions for available permissions

Returns

bool

Implements ilOrgUnitPositionAccessHandler.

Definition at line 65 of file class.ilOrgUnitPositionAccess.php.

    {
        $current_user_id = $this->getCurrentUsersId();
 
        return $this->isUserBasedOnPositionsAllowedTo($current_user_id, $permission, $on_user_ids);
    }

References getCurrentUsersId(), and isUserBasedOnPositionsAllowedTo().

Referenced by ilAccess\isCurrentUserBasedOnPositionsAllowedTo().

Here is the call graph for this function:

Here is the caller graph for this function:

isPositionActiveForRefId()

ilOrgUnitPositionAccess::isPositionActiveForRefId (   $ref_id )

private

Parameters

$ref_id

Returns

bool

Definition at line 314 of file class.ilOrgUnitPositionAccess.php.

    {
        $obj_id = $this->getObjIdForRefId($ref_id); // TODO this will change to ref_id!!
 
        return $this->set->isPositionAccessActiveForObject($obj_id);
    }

References getObjIdForRefId().

Referenced by checkPositionAccess(), checkRbacOrPositionPermissionAccess(), filterUserIdsByRbacOrPositionOfCurrentUser(), and hasCurrentUserAnyPositionAccess().

Here is the call graph for this function:

Here is the caller graph for this function:

isUserBasedOnPositionsAllowedTo()

ilOrgUnitPositionAccess::isUserBasedOnPositionsAllowedTo	(		$which_user_id,
			$permission,
		array	$on_user_ids
	)

Parameters

int	$which_user_id	Permission check for this ILIAS-User-ID
string	$permission
int[]	$on_user_ids	List of ILIAS-User-IDs

See also

getAvailablePositionRelatedPermissions for available permissions

Returns

bool

Implements ilOrgUnitPositionAccessHandler.

Definition at line 76 of file class.ilOrgUnitPositionAccess.php.

    {
        $filtered_user_ids = $this->filterUserIdsForUsersPositionsAndPermission($on_user_ids, $which_user_id, $permission);
 
        return ($on_user_ids === array_intersect($on_user_ids, $filtered_user_ids)
            && $filtered_user_ids === array_intersect($filtered_user_ids, $on_user_ids));
    }

References filterUserIdsForUsersPositionsAndPermission().

Referenced by isCurrentUserBasedOnPositionsAllowedTo(), and ilAccess\isUserBasedOnPositionsAllowedTo().

Here is the call graph for this function:

Here is the caller graph for this function:

Field Documentation

$ref_id_obj_type_map

ilOrgUnitPositionAccess::$ref_id_obj_type_map = array()

staticprotected

Definition at line 22 of file class.ilOrgUnitPositionAccess.php.

$set

ilOrgUnitPositionAccess::$set

protected

Definition at line 18 of file class.ilOrgUnitPositionAccess.php.

$ua

ilOrgUnitPositionAccess::$ua

protected

Definition at line 14 of file class.ilOrgUnitPositionAccess.php.

---

The documentation for this class was generated from the following file:

• Modules/OrgUnit/classes/class.ilOrgUnitPositionAccess.php