ILIAS  release_6 Revision v6.24-5-g0c8bfefb3b8
class.ilAdvancedMDPermissionHelper.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2013 ILIAS open source, Extended GPL, see docs/LICENSE */
3
4include_once "Services/Component/classes/class.ilClaimingPermissionHelper.php";
5
14class ilAdvancedMDPermissionHelper extends ilClaimingPermissionHelper
15{
16 const CONTEXT_MD = 1;
17 const CONTEXT_RECORD = 2;
18 const CONTEXT_FIELD = 3;
19 const CONTEXT_SUBSTITUTION = 4;
20 const CONTEXT_SUBSTITUTION_COURSE = 5;
21 const CONTEXT_SUBSTITUTION_CATEGORY = 6;
22 const CONTEXT_SUBSTITUTION_SESSION = 7;
23 const CONTEXT_SUBSTITUTION_IASS = 8;
24 const CONTEXT_SUBSTITUTION_GROUP = 9;
25 const CONTEXT_SUBSTITUTION_EXERCISE = 10;
26
27
28 const ACTION_MD_CREATE_RECORD = 1;
29 const ACTION_MD_IMPORT_RECORDS = 2;
30
31 const ACTION_RECORD_EDIT = 5;
32 const ACTION_RECORD_DELETE = 6;
33 const ACTION_RECORD_EXPORT = 7;
34 const ACTION_RECORD_TOGGLE_ACTIVATION = 8;
35 const ACTION_RECORD_EDIT_PROPERTY = 9;
36 const ACTION_RECORD_EDIT_FIELDS = 10;
37 const ACTION_RECORD_CREATE_FIELD = 11;
38 const ACTION_RECORD_FIELD_POSITIONS = 12;
39
40 const ACTION_FIELD_EDIT = 13;
41 const ACTION_FIELD_DELETE = 14;
42 const ACTION_FIELD_EDIT_PROPERTY = 15;
43
44 const ACTION_SUBSTITUTION_SHOW_DESCRIPTION = 16;
45 const ACTION_SUBSTITUTION_SHOW_FIELDNAMES = 17;
46 const ACTION_SUBSTITUTION_FIELD_POSITIONS = 18;
47
48 const ACTION_SUBSTITUTION_COURSE_SHOW_FIELD = 19;
49 const ACTION_SUBSTITUTION_COURSE_EDIT_FIELD_PROPERTY = 20;
50
51 const ACTION_SUBSTITUTION_CATEGORY_SHOW_FIELD = 21;
52 const ACTION_SUBSTITUTION_CATEGORY_EDIT_FIELD_PROPERTY = 22;
53
54 const ACTION_SUBSTITUTION_SESSION_SHOW_FIELD = 23;
55 const ACTION_SUBSTITUTION_SESSION_EDIT_FIELD_PROPERTY = 24;
56
57 const ACTION_SUBSTITUTION_GROUP_SHOW_FIELD = 25;
58 const ACTION_SUBSTITUTION_GROUP_EDIT_FIELD_PROPERTY = 26;
59
60 const ACTION_SUBSTITUTION_IASS_SHOW_FIELD = 27;
61 const ACTION_SUBSTITUTION_IASS_EDIT_FIELD_PROPERTY = 28;
62
63 const ACTION_SUBSTITUTION_EXERCISE_SHOW_FIELD = 29;
64 const ACTION_SUBSTITUTION_EXERCISE_EDIT_FIELD_PROPERTY = 30;
65
66 const SUBACTION_RECORD_TITLE = 1;
67 const SUBACTION_RECORD_DESCRIPTION = 2;
68 const SUBACTION_RECORD_OBJECT_TYPES = 3;
69
70 const SUBACTION_FIELD_TITLE = 4;
71 const SUBACTION_FIELD_DESCRIPTION = 5;
72 const SUBACTION_FIELD_SEARCHABLE = 6;
73 const SUBACTION_FIELD_PROPERTIES = 7;
74
75 const SUBACTION_SUBSTITUTION_BOLD = 8;
76 const SUBACTION_SUBSTITUTION_NEWLINE = 9;
77
78
79
80 // caching
81
82 protected function readContextIds($a_context_type)
83 {
84 global $DIC;
85
86 $ilDB = $DIC['ilDB'];
87
88 switch ($a_context_type) {
89 case self::CONTEXT_MD:
90 return array($_REQUEST["ref_id"]);
91
92 case self::CONTEXT_RECORD:
93 $set = $ilDB->query("SELECT record_id id" .
94 " FROM adv_md_record");
95 break;
96
97 case self::CONTEXT_FIELD:
98 case self::CONTEXT_SUBSTITUTION_COURSE:
99 case self::CONTEXT_SUBSTITUTION_GROUP:
100 case self::CONTEXT_SUBSTITUTION_SESSION:
101 case self::CONTEXT_SUBSTITUTION_CATEGORY:
102 case self::CONTEXT_SUBSTITUTION_IASS:
103 case self::CONTEXT_SUBSTITUTION_EXERCISE:
104 $set = $ilDB->query("SELECT field_id id" .
105 " FROM adv_mdf_definition");
106 break;
107
108 case self::CONTEXT_SUBSTITUTION:
109 return $this->getAllowedObjectTypes();
110
111 default:
112 return array();
113 }
114
115 $res = array();
116 while ($row = $ilDB->fetchAssoc($set)) {
117 $res[] = $row["id"];
118 }
119 return $res;
120 }
121
122
123 // permissions
124
125 protected function buildPermissionMap()
126 {
127 return array(
128 self::CONTEXT_MD => array(
129 "actions" => array(
130 self::ACTION_MD_CREATE_RECORD
131 ,self::ACTION_MD_IMPORT_RECORDS
132 )
133 ),
134 self::CONTEXT_RECORD => array(
135 "actions" => array(
136 self::ACTION_RECORD_EDIT
137 ,self::ACTION_RECORD_DELETE
138 ,self::ACTION_RECORD_EXPORT
139 ,self::ACTION_RECORD_TOGGLE_ACTIVATION
140 ,self::ACTION_RECORD_EDIT_FIELDS
141 ,self::ACTION_RECORD_FIELD_POSITIONS
142 ,self::ACTION_RECORD_CREATE_FIELD
143 ),
144 "subactions" => array(
145 self::ACTION_RECORD_EDIT_PROPERTY =>
146 array(
147 self::SUBACTION_RECORD_TITLE
148 ,self::SUBACTION_RECORD_DESCRIPTION
149 ,self::SUBACTION_RECORD_OBJECT_TYPES
150 )
151 )
152 ),
153 self::CONTEXT_FIELD => array(
154 "actions" => array(
155 self::ACTION_FIELD_EDIT,
156 self::ACTION_FIELD_DELETE
157 ),
158 "subactions" => array(
159 self::ACTION_FIELD_EDIT_PROPERTY =>
160 array(
161 self::SUBACTION_FIELD_TITLE
162 ,self::SUBACTION_FIELD_DESCRIPTION
163 ,self::SUBACTION_FIELD_SEARCHABLE
164 ,self::SUBACTION_FIELD_PROPERTIES
165 )
166 )
167 ),
168 self::CONTEXT_SUBSTITUTION => array(
169 "actions" => array(
170 self::ACTION_SUBSTITUTION_SHOW_DESCRIPTION
171 ,self::ACTION_SUBSTITUTION_SHOW_FIELDNAMES
172 ,self::ACTION_SUBSTITUTION_FIELD_POSITIONS
173 )
174 ),
175 self::CONTEXT_SUBSTITUTION_COURSE => array(
176 "actions" => array(
177 self::ACTION_SUBSTITUTION_COURSE_SHOW_FIELD
178 ),
179 "subactions" => array(
180 self::ACTION_SUBSTITUTION_COURSE_EDIT_FIELD_PROPERTY =>
181 array(
182 self::SUBACTION_SUBSTITUTION_BOLD
183 ,self::SUBACTION_SUBSTITUTION_NEWLINE
184 )
185 )
186 ),
187 self::CONTEXT_SUBSTITUTION_CATEGORY => array(
188 "actions" => array(
189 self::ACTION_SUBSTITUTION_CATEGORY_SHOW_FIELD
190 ),
191 "subactions" => array(
192 self::ACTION_SUBSTITUTION_CATEGORY_EDIT_FIELD_PROPERTY =>
193 array(
194 self::SUBACTION_SUBSTITUTION_BOLD
195 ,self::SUBACTION_SUBSTITUTION_NEWLINE
196 )
197 )
198 ),
199 self::CONTEXT_SUBSTITUTION_SESSION => array(
200 "actions" => array(
201 self::ACTION_SUBSTITUTION_SESSION_SHOW_FIELD
202 ),
203 "subactions" => array(
204 self::ACTION_SUBSTITUTION_SESSION_EDIT_FIELD_PROPERTY =>
205 array(
206 self::SUBACTION_SUBSTITUTION_BOLD
207 ,self::SUBACTION_SUBSTITUTION_NEWLINE
208 )
209 )
210 ),
211 self::CONTEXT_SUBSTITUTION_GROUP => array(
212 "actions" => array(
213 self::ACTION_SUBSTITUTION_GROUP_SHOW_FIELD
214 ),
215 "subactions" => array(
216 self::ACTION_SUBSTITUTION_GROUP_EDIT_FIELD_PROPERTY =>
217 array(
218 self::SUBACTION_SUBSTITUTION_BOLD
219 ,self::SUBACTION_SUBSTITUTION_NEWLINE
220 )
221 )
222 ),
223 self::CONTEXT_SUBSTITUTION_IASS => array(
224 "actions" => array(
225 self::ACTION_SUBSTITUTION_IASS_SHOW_FIELD
226 ),
227 "subactions" => array(
228 self::ACTION_SUBSTITUTION_IASS_EDIT_FIELD_PROPERTY =>
229 array(
230 self::SUBACTION_SUBSTITUTION_BOLD
231 ,self::SUBACTION_SUBSTITUTION_NEWLINE
232 )
233 )
234 ),
235 self::CONTEXT_SUBSTITUTION_EXERCISE => array(
236 "actions" => array(
237 self::ACTION_SUBSTITUTION_EXERCISE_SHOW_FIELD
238 ),
239 "subactions" => array(
240 self::ACTION_SUBSTITUTION_EXERCISE_EDIT_FIELD_PROPERTY =>
241 array(
242 self::SUBACTION_SUBSTITUTION_BOLD
243 ,self::SUBACTION_SUBSTITUTION_NEWLINE
244 )
245 )
246 )
247 );
248 }
249
250
251 // plugins
252
253 protected function getActivePlugins()
254 {
255 global $DIC;
256
257 $ilPluginAdmin = $DIC['ilPluginAdmin'];
258
259 $res = array();
260
261 foreach ($ilPluginAdmin->getActivePluginsForSlot(IL_COMP_SERVICE, "AdvancedMetaData", "amdc") as $plugin_name) {
262 $res[] = $ilPluginAdmin->getPluginObject(
263 IL_COMP_SERVICE,
264 "AdvancedMetaData",
265 "amdc",
266 $plugin_name
267 );
268 }
269
270 return $res;
271 }
272
273 protected function checkPermission($a_context_type, $a_context_id, $a_action_id, $a_action_sub_id = null)
274 {
275 global $DIC;
276
277 $ilAccess = $DIC['ilAccess'];
278
279 if (!$this->checkPlugins($a_context_type, $a_context_id, $a_action_id, $a_action_sub_id)) {
280 return false;
281 }
282
283 // export is considered read-action
284 if ($a_context_type == ilAdvancedMDPermissionHelper::CONTEXT_RECORD &&
285 $a_action_id == ilAdvancedMDPermissionHelper::ACTION_RECORD_EXPORT) {
286 return $ilAccess->checkAccessOfUser($this->getUserId(), "read", "", $this->getRefId());
287 }
288
289 return $this->checkRBAC();
290 }
291}
php
An exception for terminatinating execution or to throw for unit testing.
IL_COMP_SERVICE
const IL_COMP_SERVICE
Definition: class.ilComponent.php:6
ilAdvancedMDPermissionHelper
Advanced metadata permission helper.
Definition: class.ilAdvancedMDPermissionHelper.php:15
ilAdvancedMDPermissionHelper\buildPermissionMap
buildPermissionMap()
Build map of context and actions.
Definition: class.ilAdvancedMDPermissionHelper.php:125
ilAdvancedMDPermissionHelper\checkPermission
checkPermission($a_context_type, $a_context_id, $a_action_id, $a_action_sub_id=null)
Check permission (helper: rbac, plugins)
Definition: class.ilAdvancedMDPermissionHelper.php:273
ilAdvancedMDPermissionHelper\readContextIds
readContextIds($a_context_type)
Get all context ids for context type (from DB, is cached)
Definition: class.ilAdvancedMDPermissionHelper.php:82
ilAdvancedMDPermissionHelper\getActivePlugins
getActivePlugins()
Get active plugins (for current slot)
Definition: class.ilAdvancedMDPermissionHelper.php:253
ilClaimingPermissionHelper
Claiming permission helper base class.
Definition: class.ilClaimingPermissionHelper.php:13
ilClaimingPermissionHelper\checkPlugins
checkPlugins($a_context_type, $a_context_id, $a_action_id, $a_action_sub_id=null)
Check permission against plugins.
Definition: class.ilClaimingPermissionHelper.php:279
ilClaimingPermissionHelper\checkRBAC
checkRBAC()
Check permission against RBAC.
Definition: class.ilClaimingPermissionHelper.php:254
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
$ilDB
global $ilDB
Definition: storeScorm2004.php:19
$a_context_id
$a_context_id
Definition: workflow.php:97
$a_context_type
$a_context_type
Definition: workflow.php:96
$DIC
$DIC
Definition: xapitoken.php:46