ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
class.ilObjDataCollectionAccess.php
Go to the documentation of this file.
1<?php
2
3/* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
4
5
17{
18
31 public static function _getCommands()
32 {
33 $commands = array(
34 array( "permission" => "read", "cmd" => "render", "lang_var" => "show", "default" => true ),
35 array( "permission" => "write", "cmd" => "listRecords", "lang_var" => "edit_content" ),
36 array( "permission" => "write", "cmd" => "edit", "lang_var" => "settings" )
37 );
38
39 return $commands;
40 }
41
42
46 public static function _checkGoto($a_target)
47 {
48 global $DIC;
49 $ilAccess = $DIC['ilAccess'];
50
51 $t_arr = explode("_", $a_target);
52
53 if ($t_arr[0] != "dcl" || ((int) $t_arr[1]) <= 0) {
54 return false;
55 }
56
57 if ($ilAccess->checkAccess("read", "", $t_arr[1])) {
58 return true;
59 }
60
61 return false;
62 }
63
64
71 protected static function isTableInDataCollection($table, $ref_id)
72 {
73 foreach (ilObjDataCollection::_getAllReferences($table->getObjId()) as $reference) {
74 if ($reference == $ref_id) {
75 return true;
76 }
77 }
78 return false;
79 }
80
81
94 public function _checkAccess($a_cmd, $a_permission, $a_ref_id, $a_obj_id, $a_user_id = "")
95 {
96 global $DIC;
97 $ilUser = $DIC['ilUser'];
98 $lng = $DIC['lng'];
99 $rbacsystem = $DIC['rbacsystem'];
100 $ilAccess = $DIC['ilAccess'];
101
102 if ($a_user_id == "") {
103 $a_user_id = $ilUser->getId();
104 }
105 switch ($a_cmd) {
106 case "view":
107
109 && !$rbacsystem->checkAccessOfUser($a_user_id, 'write', $a_ref_id)
110 ) {
111 $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("offline"));
112
113 return false;
114 }
115 break;
116
117 // for permission query feature
118 case "infoScreen":
120 $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("offline"));
121 } else {
122 $ilAccess->addInfoItem(IL_STATUS_MESSAGE, $lng->txt("online"));
123 }
124 break;
125 }
126 switch ($a_permission) {
127 case "read":
128 case "visible":
130 && (!$rbacsystem->checkAccessOfUser($a_user_id, 'write', $a_ref_id))
131 ) {
132 $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("offline"));
133
134 return false;
135 }
136 break;
137 }
138
139 return true;
140 }
141
142
148 public static function _lookupOnline($a_id)
149 {
150 global $DIC;
151 $ilDB = $DIC['ilDB'];
152
153 $q = "SELECT * FROM il_dcl_data WHERE id = " . $ilDB->quote($a_id, "integer");
154 $dcl_set = $ilDB->query($q);
155 $dcl_rec = $ilDB->fetchAssoc($dcl_set);
156
157 return $dcl_rec["is_online"];
158 }
159
160 //
161 // DataCollection specific Access-Checks
162 //
163
170 public static function checkAccessForDataCollectionId($data_collection_id)
171 {
172 global $DIC;
173 $ilAccess = $DIC['ilAccess'];
174
175 $perm = false;
176 $references = ilObject2::_getAllReferences($data_collection_id);
177
178 if ($ilAccess->checkAccess("add_entry", "", array_shift($references))) {
179 $perm = true;
180 }
181
182 return $perm;
183 }
184
185
192 public static function checkActionForObjId($action, $obj_id)
193 {
194 foreach (ilObject2::_getAllReferences($obj_id) as $ref_id) {
195 if (self::checkActionForRefId($action, $ref_id)) {
196 return true;
197 }
198 }
199
200 return false;
201 }
202
203
210 public static function checkActionForRefId($action, $ref_id)
211 {
212 global $DIC;
213 $ilAccess = $DIC['ilAccess'];
214
219 return $ilAccess->checkAccess($action, "", $ref_id);
220 }
221
222
230 public static function hasWriteAccess($ref, $user_id = 0)
231 {
232 global $DIC;
233 $ilAccess = $DIC['ilAccess'];
234
235 if ($user_id) {
236 return $ilAccess->checkAccessOfUser($user_id, "write", "", $ref);
237 }
238 return $ilAccess->checkAccess("write", "", $ref);
239 }
240
241
249 public static function hasEditAccess($ref, $user_id = 0)
250 {
251 global $DIC;
252 $ilAccess = $DIC['ilAccess'];
253
254 if ($user_id) {
255 return $ilAccess->checkAccessOfUser($user_id, "write", "", $ref);
256 }
257 return $ilAccess->checkAccess("edit_content", "", $ref);
258 }
259
260
266 public static function hasAddRecordAccess($ref, $user_id = 0)
267 {
268 global $DIC;
269 $ilAccess = $DIC['ilAccess'];
270
271 if ($user_id) {
272 return $ilAccess->checkAccessOfUser($user_id, "write", "", $ref);
273 }
274 return $ilAccess->checkAccess("add_entry", "", $ref);
275 }
276
277
283 public static function hasReadAccess($ref, $user_id = 0)
284 {
285 global $DIC;
286 $ilAccess = $DIC['ilAccess'];
287
288 if ($user_id) {
289 return $ilAccess->checkAccessOfUser($user_id, "write", "", $ref);
290 }
291 return $ilAccess->checkAccess("read", "", $ref);
292 }
293
301 public static function hasAccessToTableView($tableview, $user_id = 0)
302 {
303 global $DIC;
304 $rbacreview = $DIC['rbacreview'];
305 $ilUser = $DIC['ilUser'];
306 if (!$tableview) {
307 return false;
308 }
309
310
311 if (is_numeric($tableview)) {
312 $tableview = ilDclTableView::find($tableview);
313 }
314
315 $assigned_roles = $rbacreview->assignedRoles($user_id ? $user_id : $ilUser->getId());
316 $allowed_roles = $tableview->getRoles();
317
318 return !empty(array_intersect($assigned_roles, $allowed_roles));
319 }
320
321
330 protected static function hasAccessToTable($table_id)
331 {
333 return $table->getIsVisible() || ($table_id == $table->getCollectionObject()->getFirstVisibleTableId());
334 }
335
336
344 public static function hasAccessTo($ref_id, $table_id, $tableview_id)
345 {
347 $tableview = ilDclTableView::find($tableview_id);
349
350 // is tableview in table and is table in datacollection
351 if (($tableview->getTableId() != $table_id)
352 || !self::isTableInDataCollection($table, $ref_id)) {
353 return false;
354 }
355
356 // check access
357 return self::hasWriteAccess($ref_id) || (
358 self::hasReadAccess($ref_id) && self::hasAccessToTable($table_id) && self::hasAccessToTableView($tableview)
359 );
360 }
361
362
369 public static function hasAccessToFields($ref_id, $table_id)
370 {
372 && (self::hasWriteAccess($ref_id));
373 }
374
375
382 public static function hasAccessToEditTable($ref_id, $table_id)
383 {
384 return self::hasAccessToFields($ref_id, $table_id);
385 }
386
387
395 public static function hasAccessToField($ref_id, $table_id, $field_id)
396 {
398 return in_array($field_id, $table->getFieldIds()) && self::hasAccessToFields($ref_id, $table_id);
399 }
400
407 public static function hasPermissionToAddRecord($ref_id, $table_id)
408 {
410 if (!self::isTableInDataCollection($table, $ref_id)) {
411 return false;
412 }
413
415 || (ilObjDataCollectionAccess::hasAddRecordAccess($ref_id) && $table->getAddPerm() && $table->checkLimit());
416 }
417}
An exception for terminatinating execution or to throw for unit testing.
const IL_STATUS_MESSAGE
const IL_NO_OBJECT_ACCESS
static getTableCache($table_id=0)
Class ilObjDataCollectionAccess.
_checkAccess($a_cmd, $a_permission, $a_ref_id, $a_obj_id, $a_user_id="")
checks wether a user may invoke a command or not (this method is called by ilAccessHandler::checkAcce...
static isTableInDataCollection($table, $ref_id)
static checkAccessForDataCollectionId($data_collection_id)
static hasAccessToEditTable($ref_id, $table_id)
static hasAccessToTableView($tableview, $user_id=0)
This only checks access to the tableview - if the full access check is required, use hasAccessTo($ref...
static checkActionForObjId($action, $obj_id)
static _lookupOnline($a_id)
Check wether datacollection is online.
static hasAccessToFields($ref_id, $table_id)
static hasEditAccess($ref, $user_id=0)
Has permission to view and edit all entries event when he is not the owner.
static _checkGoto($a_target)
check whether goto script will succeed
static hasPermissionToAddRecord($ref_id, $table_id)
static hasAccessToField($ref_id, $table_id, $field_id)
static hasAccessToTable($table_id)
returns true if either the table is visible for all users, or no tables are visible and this is the t...
static _getAllReferences($a_id)
get all reference ids of object
Class ilObjectAccess.
$action
global $lng
Definition: privfeed.php:17
if(empty($password)) $table
Definition: pwgen.php:24
global $DIC
Definition: saml.php:7
global $ilDB
$ilUser
Definition: imgupload.php:18