ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
class.ilObjSurveyAccess.php
Go to the documentation of this file.
1<?php
2/*
3 +-----------------------------------------------------------------------------+
4 | ILIAS open source |
5 +-----------------------------------------------------------------------------+
6 | Copyright (c) 1998-2006 ILIAS open source, University of Cologne |
7 | |
8 | This program is free software; you can redistribute it and/or |
9 | modify it under the terms of the GNU General Public License |
10 | as published by the Free Software Foundation; either version 2 |
11 | of the License, or (at your option) any later version. |
12 | |
13 | This program is distributed in the hope that it will be useful, |
14 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | GNU General Public License for more details. |
17 | |
18 | You should have received a copy of the GNU General Public License |
19 | along with this program; if not, write to the Free Software |
20 | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21 +-----------------------------------------------------------------------------+
22*/
23
24include_once "./Services/Object/classes/class.ilObjectAccess.php";
25include_once './Services/Conditions/interfaces/interface.ilConditionHandling.php';
26
37class ilObjSurveyAccess extends ilObjectAccess implements ilConditionHandling
38{
42 protected $user;
43
47 protected $lng;
48
52 protected $rbacsystem;
53
57 protected $access;
58
59
63 public function __construct()
64 {
65 global $DIC;
66
67 $this->user = $DIC->user();
68 $this->lng = $DIC->language();
69 $this->rbacsystem = $DIC->rbac()->system();
70 $this->access = $DIC->access();
71 }
72
73
77 public static function getConditionOperators()
78 {
79 include_once './Services/Conditions/classes/class.ilConditionHandler.php';
80 return array(
81 ilConditionHandler::OPERATOR_FINISHED
82 );
83 }
84
85
94 public static function checkCondition($a_svy_id, $a_operator, $a_value, $a_usr_id)
95 {
96 switch ($a_operator) {
97 case ilConditionHandler::OPERATOR_FINISHED:
98 include_once("./Modules/Survey/classes/class.ilObjSurveyAccess.php");
99 if (ilObjSurveyAccess::_lookupFinished($a_svy_id, $a_usr_id)) {
100 return true;
101 } else {
102 return false;
103 }
104 break;
105
106 default:
107 return true;
108 }
109 return true;
110 }
111
127 public function _checkAccess($a_cmd, $a_permission, $a_ref_id, $a_obj_id, $a_user_id = "")
128 {
129 $ilUser = $this->user;
130 $lng = $this->lng;
131 $rbacsystem = $this->rbacsystem;
132 $ilAccess = $this->access;
133
134 if ($a_user_id == "") {
135 $a_user_id = $ilUser->getId();
136 }
137
138 $is_admin = $rbacsystem->checkAccessOfUser($a_user_id, 'write', $a_ref_id);
139
140 switch ($a_permission) {
141 case "visible":
142 case "read":
143 if (!ilObjSurveyAccess::_lookupCreationComplete($a_obj_id) &&
144 !$is_admin) {
145 $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("warning_survey_not_complete"));
146 return false;
147 }
148 break;
149 }
150
151 switch ($a_cmd) {
152 case "run":
153 if (!ilObjSurveyAccess::_lookupCreationComplete($a_obj_id)) {
154 $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("warning_survey_not_complete"));
155 return false;
156 }
157 break;
158
159 case "evaluation":
160 if (!ilObjSurveyAccess::_lookupCreationComplete($a_obj_id)) {
161 $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("warning_survey_not_complete"));
162 return false;
163 }
164 if ($rbacsystem->checkAccess("write", $a_ref_id) || ilObjSurveyAccess::_hasEvaluationAccess($a_obj_id, $a_user_id)) {
165 return true;
166 } else {
167 $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("status_no_permission"));
168 return false;
169 }
170 break;
171 }
172
173 return true;
174 }
175
176
189 public static function _getCommands()
190 {
191 $commands = array(
192 array("permission" => "read", "cmd" => "infoScreen", "lang_var" => "svy_run", "default" => true),
193 array("permission" => "write", "cmd" => "questionsrepo", "lang_var" => "edit_questions"),
194 array("permission" => "write", "cmd" => "properties", "lang_var" => "settings"),
195 array("permission" => "read", "cmd" => "evaluation", "lang_var" => "svy_results")
196 );
197
198 return $commands;
199 }
200
201 //
202 // object specific access related methods
203 //
204
208 public static function _lookupCreationComplete($a_obj_id)
209 {
210 global $DIC;
211
212 $ilDB = $DIC->database();
213
214 $result = $ilDB->queryF(
215 "SELECT * FROM svy_svy WHERE obj_fi=%s",
216 array('integer'),
217 array($a_obj_id)
218 );
219
220 if ($result->numRows() == 1) {
221 $row = $ilDB->fetchAssoc($result);
222 }
223 if (!$row["complete"]) {
224 return false;
225 }
226 return true;
227 }
228
232 public static function _lookupEvaluationAccess($a_obj_id)
233 {
234 global $DIC;
235
236 $ilDB = $DIC->database();
237
238 $result = $ilDB->queryF(
239 "SELECT * FROM svy_svy WHERE obj_fi=%s",
240 array('integer'),
241 array($a_obj_id)
242 );
243 if ($result->numRows() == 1) {
244 $row = $ilDB->fetchAssoc($result);
245 }
246
247 return $row["evaluation_access"];
248 }
249
250 public static function _isSurveyParticipant($user_id, $survey_id)
251 {
252 global $DIC;
253
254 $ilDB = $DIC->database();
255
256 $result = $ilDB->queryF(
257 "SELECT finished_id FROM svy_finished WHERE user_fi = %s AND survey_fi = %s",
258 array('integer','integer'),
259 array($user_id, $survey_id)
260 );
261 return ($result->numRows() == 1) ? true : false;
262 }
263
264 public static function _lookupAnonymize($a_obj_id)
265 {
266 global $DIC;
267
268 $ilDB = $DIC->database();
269
270 $result = $ilDB->queryF(
271 "SELECT anonymize FROM svy_svy WHERE obj_fi = %s",
272 array('integer'),
273 array($a_obj_id)
274 );
275 if ($result->numRows() == 1) {
276 $row = $ilDB->fetchAssoc($result);
277 return $row["anonymize"];
278 } else {
279 return 0;
280 }
281 }
282
283 public static function _hasEvaluationAccess($a_obj_id, $user_id)
284 {
285 $evaluation_access = ilObjSurveyAccess::_lookupEvaluationAccess($a_obj_id);
286 switch ($evaluation_access) {
287 case 0:
288 // no evaluation access
289 return false;
290 break;
291 case 1:
292 // evaluation access for all registered users
293 if (($user_id > 0) && ($user_id != ANONYMOUS_USER_ID)) {
294 return true;
295 } else {
296 return false;
297 }
298 break;
299 case 2:
300 $svy_mode = self::_lookupMode($a_obj_id);
301 switch ($svy_mode) {
302 case ilObjSurvey::MODE_360:
303 include_once "Modules/Survey/classes/class.ilObjSurvey.php";
304 $svy = new ilObjSurvey($a_obj_id, false);
305 $svy->read();
306 switch ($svy->get360Results()) {
307 case ilObjSurvey::RESULTS_360_NONE:
308 return false;
309
310 case ilObjSurvey::RESULTS_360_OWN:
311 return $svy->isAppraiseeClosed($user_id);
312
313 case ilObjSurvey::RESULTS_360_ALL:
314 return $svy->isAppraisee($user_id);
315 }
316 break;
317
318 case ilObjSurvey::MODE_SELF_EVAL:
319 include_once "Modules/Survey/classes/class.ilObjSurvey.php";
320 $svy = new ilObjSurvey($a_obj_id, false);
321 $svy->read();
322 switch ($svy->getSelfEvaluationResults()) {
323 case ilObjSurvey::RESULTS_SELF_EVAL_NONE:
324 return false;
325 default:
326 return true;
327 }
328 break;
329
330 default:
331 // evaluation access for participants
332 // check if the user with the given id is a survey participant
333
334 // show the evaluation button for anonymized surveys for all users
335 // access is only granted with the survey access code
336 if (ilObjSurveyAccess::_lookupAnonymize($a_obj_id) == 1) {
337 return true;
338 }
339
340 global $DIC;
341
342 $ilDB = $DIC->database();
343 $result = $ilDB->queryF(
344 "SELECT survey_id FROM svy_svy WHERE obj_fi = %s",
345 array('integer'),
346 array($a_obj_id)
347 );
348 if ($result->numRows() == 1) {
349 $row = $ilDB->fetchAssoc($result);
350
351 if (ilObjSurveyAccess::_isSurveyParticipant($user_id, $row["survey_id"])) {
352 return true;
353 }
354 }
355 return false;
356 break;
357 }
358 break;
359 }
360 }
361
362
368 public static function _lookupFinished($a_obj_id, $a_user_id = "")
369 {
370 global $DIC;
371
372 $ilDB = $DIC->database();
373 $ilUser = $DIC->user();
374
375 $finished = "";
376 if (!strlen($a_user_id)) {
377 $a_user_id = $ilUser->getId();
378 }
379
380 $result = $ilDB->queryF(
381 "SELECT * FROM svy_svy WHERE obj_fi = %s",
382 array('integer'),
383 array($a_obj_id)
384 );
385 if ($result->numRows() == 1) {
386 $row = $ilDB->fetchObject($result);
387 if ($row->anonymize == 1) {
388 $result = $ilDB->queryF(
389 "SELECT * FROM svy_finished, svy_anonymous WHERE svy_finished.survey_fi = %s " .
390 "AND svy_finished.survey_fi = svy_anonymous.survey_fi AND svy_anonymous.user_key = %s " .
391 "AND svy_anonymous.survey_key = svy_finished.anonymous_id",
392 array('integer','text'),
393 array($row->survey_id, md5($a_user_id))
394 );
395 } else {
396 $result = $ilDB->queryF(
397 "SELECT * FROM svy_finished WHERE survey_fi = %s AND user_fi = %s",
398 array('integer','integer'),
399 array($row->survey_id, $a_user_id)
400 );
401 }
402 if ($result->numRows() == 1) {
403 $foundrow = $ilDB->fetchAssoc($result);
404 $finished = (int) $foundrow["state"];
405 }
406 }
407
408 return $finished;
409 }
410
416 public static function _lookupMode($a_obj_id)
417 {
418 global $DIC;
419 $ilDB = $DIC->database();
420
421 $result = $ilDB->queryF(
422 "SELECT mode FROM svy_svy" .
423 " WHERE obj_fi = %s",
424 array('integer'),
425 array($a_obj_id)
426 );
427
428 if ($result->numRows() == 1) {
429 $row = $ilDB->fetchAssoc($result);
430 }
431
432 return $row["mode"];
433 }
434
435 public static function _lookup360Mode($a_obj_id)
436 {
437 global $DIC;
438
439 $ilDB = $DIC->database();
440
441 $result = $ilDB->queryF(
442 "SELECT mode FROM svy_svy" .
443 " WHERE obj_fi = %s AND mode = %s",
444 array('integer','integer'),
445 array($a_obj_id, ilObjSurvey::MODE_360)
446 );
447 return (bool) $ilDB->numRows($result);
448 }
449
453 public static function _checkGoto($a_target)
454 {
455 global $DIC;
456
457 $ilAccess = $DIC->access();
458
459 $t_arr = explode("_", $a_target);
460
461 if ($t_arr[0] != "svy" || ((int) $t_arr[1]) <= 0) {
462 return false;
463 }
464
465 // 360° external raters
466 if ($_GET["accesscode"]) {
467 include_once "Modules/Survey/classes/class.ilObjSurvey.php";
468 if (ilObjSurvey::validateExternalRaterCode($t_arr[1], $_GET["accesscode"])) {
469 return true;
470 }
471 }
472
473 if ($ilAccess->checkAccess("visible", "", $t_arr[1]) ||
474 $ilAccess->checkAccess("read", "", $t_arr[1])) {
475 return true;
476 }
477 return false;
478 }
479}
$result
$result
Definition: CleanUpTest.php:463
user
user()
Definition: user.php:4
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
php
An exception for terminatinating execution or to throw for unit testing.
IL_NO_OBJECT_ACCESS
const IL_NO_OBJECT_ACCESS
Definition: class.ilAccessInfo.php:26
ilObjSurveyAccess
Class ilObjSurveyAccess.
Definition: class.ilObjSurveyAccess.php:38
ilObjSurveyAccess\_isSurveyParticipant
static _isSurveyParticipant($user_id, $survey_id)
Definition: class.ilObjSurveyAccess.php:250
ilObjSurveyAccess\_lookupEvaluationAccess
static _lookupEvaluationAccess($a_obj_id)
get evaluation access
Definition: class.ilObjSurveyAccess.php:232
ilObjSurveyAccess\getConditionOperators
static getConditionOperators()
Get possible conditions operators.
Definition: class.ilObjSurveyAccess.php:77
ilObjSurveyAccess\_lookup360Mode
static _lookup360Mode($a_obj_id)
Definition: class.ilObjSurveyAccess.php:435
ilObjSurveyAccess\_getCommands
static _getCommands()
get commands
Definition: class.ilObjSurveyAccess.php:189
ilObjSurveyAccess\_checkAccess
_checkAccess($a_cmd, $a_permission, $a_ref_id, $a_obj_id, $a_user_id="")
Checks wether a user may invoke a command or not (this method is called by ilAccessHandler::checkAcce...
Definition: class.ilObjSurveyAccess.php:127
ilObjSurveyAccess\checkCondition
static checkCondition($a_svy_id, $a_operator, $a_value, $a_usr_id)
check condition
Definition: class.ilObjSurveyAccess.php:94
ilObjSurveyAccess\_lookupMode
static _lookupMode($a_obj_id)
Get survey mode.
Definition: class.ilObjSurveyAccess.php:416
ilObjSurveyAccess\_lookupFinished
static _lookupFinished($a_obj_id, $a_user_id="")
get finished status
Definition: class.ilObjSurveyAccess.php:368
ilObjSurveyAccess\_lookupCreationComplete
static _lookupCreationComplete($a_obj_id)
checks wether all necessary parts of the survey are given
Definition: class.ilObjSurveyAccess.php:208
ilObjSurveyAccess\_checkGoto
static _checkGoto($a_target)
check whether goto script will succeed
Definition: class.ilObjSurveyAccess.php:453
ilObjSurveyAccess\_hasEvaluationAccess
static _hasEvaluationAccess($a_obj_id, $user_id)
Definition: class.ilObjSurveyAccess.php:283
ilObjSurveyAccess\_lookupAnonymize
static _lookupAnonymize($a_obj_id)
Definition: class.ilObjSurveyAccess.php:264
ilObjSurvey\RESULTS_SELF_EVAL_NONE
const RESULTS_SELF_EVAL_NONE
Definition: class.ilObjSurvey.php:205
ilObjSurvey\validateExternalRaterCode
static validateExternalRaterCode($a_ref_id, $a_code)
Definition: class.ilObjSurvey.php:5685
ilObjectAccess
Class ilObjectAccess.
Definition: class.ilObjectAccess.php:17
ilConditionHandling
Interface for condition handling.
Definition: interface.ilConditionHandling.php:11
$row
$row
Definition: migrateto20.php:360
$DIC
global $DIC
Definition: saml.php:7
$ilDB
global $ilDB
Definition: storeScorm2004.php:19
$ilUser
$ilUser
Definition: imgupload.php:18