ILIAS  release_7 Revision v7.30-3-g800a261c036
class.ilBadgeWAC.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
3
4require_once('./Services/WebAccessChecker/interfaces/interface.ilWACCheckingClass.php');
5
14class ilBadgeWAC implements ilWACCheckingClass
15{
16 public function canBeDelivered(ilWACPath $ilWACPath)
17 {
18 global $DIC;
19
20 if (strpos($ilWACPath->getPath(), '..') !== false) {
21 return false;
22 }
23
24 if (!preg_match('@ilBadge\/(\d+\/)*?badge(tmpl)?_(\d+)\/@ui', $ilWACPath->getPath())) {
25 return false;
26 }
27
28 $obj_id = array_keys(ilObject::_getObjectsByType('bdga'))[0] ?? null;
29 $admin_ref_id = null;
30 if ($obj_id > 0) {
31 $admin_ref_id = array_values(ilObject::_getAllReferences($obj_id))[0] ?? null;
32 }
33
34 $has_global_badge_administration_access = (
35 $admin_ref_id > 0 &&
36 $DIC->rbac()->system()->checkAccessOfUser($DIC->user()->getId(), 'read', $admin_ref_id)
37 );
38
39 if (preg_match('@\/badgetmpl_(\d+)\/@ui', $ilWACPath->getPath())) {
40 // Badge template images must only be accessible for accounts with `read` permission on the badge administration node
41 return $has_global_badge_administration_access;
42 }
43
44 if (preg_match('@\/badge_(\d+)\/@ui', $ilWACPath->getPath(), $matches)) {
45 if ($has_global_badge_administration_access) {
46 return true;
47 }
48
49 $badge_id = (int) $matches[1];
50
51 return (
52 $this->isAssignedBadge($DIC, $badge_id) ||
53 $this->isAssignedBadgeOfPublishedUserProfile($DIC, $badge_id) ||
54 $this->hasAccessToBadgeParentIdNode($DIC, $badge_id, $has_global_badge_administration_access)
55 );
56 }
57
58 return false;
59 }
60
61 private function hasAccessToBadgeParentIdNode(
62 \ILIAS\DI\Container $DIC,
63 int $badge_id,
64 bool $has_global_badge_administration_access
65 ) : bool {
66 // If the acting user still does not have access, check if the image is used in an object badge type
67 $badge = new ilBadge($badge_id);
68 if ($badge->getParentId() > 0) {
69 return false;
70 }
71
72 $badge_handler = ilBadgeHandler::getInstance();
73 if (!$badge_handler->isObjectActive((int) $badge->getParentId())) {
74 return false;
75 }
76
77 $context_ref_id = array_values(ilObject::_getAllReferences((int) $badge->getParentId()))[0] ?? null;
78 if (!($context_ref_id > 0)) {
79 return false;
80 }
81
82 $context_ref_id = (int) $context_ref_id;
83 if ($DIC->repositoryTree()->isGrandChild((int) SYSTEM_FOLDER_ID, $context_ref_id)) {
84 $has_access = $has_global_badge_administration_access;
85 } else {
86 $has_access = $DIC->access()->checkAccessOfUser(
87 $DIC->user()->getId(),
88 'write',
89 '',
90 $context_ref_id
91 );
92 }
93
94 return $has_access;
95 }
96
97 private function isAssignedBadge(\ILIAS\DI\Container $DIC, int $badge_id) : bool
98 {
99 // First, check all badge assignments of the current user for a match
100 $badges_of_user = ilBadgeAssignment::getInstancesByUserId($DIC->user()->getId());
101 foreach ($badges_of_user as $user_badge) {
102 if ((int) $user_badge->getBadgeId() === $badge_id) {
103 return true;
104 }
105 }
106
107 return false;
108 }
109
110 private function isAssignedBadgeOfPublishedUserProfile(\ILIAS\DI\Container $DIC, int $badge_id) : bool
111 {
112 // It seems the badge is not assigned to the curent user, so check if the profile of the badge user is made visible
113 $assignments = ilBadgeAssignment::getInstancesByBadgeId($badge_id);
114 foreach ($assignments as $assignment) {
115 if (!$assignment->getPosition()) {
116 continue;
117 }
118
119 $user = ilObjectFactory::getInstanceByObjId((int) $assignment->getUserId(), false);
120 if (!$user instanceof ilObjUser) {
121 continue;
122 }
123
124 $profile_visibility = $user->getPref('public_profile');
125 if ($profile_visibility === 'g' || ($profile_visibility === 'y' && !$DIC->user()->isAnonymous())) {
126 return true;
127 }
128 }
129
130 return false;
131 }
132}
php
An exception for terminatinating execution or to throw for unit testing.
ilBadgeAssignment\getInstancesByUserId
static getInstancesByUserId($a_user_id)
Definition: class.ilBadgeAssignment.php:96
ilBadgeAssignment\getInstancesByBadgeId
static getInstancesByBadgeId($a_badge_id)
Definition: class.ilBadgeAssignment.php:117
ilBadgeHandler\getInstance
static getInstance()
Constructor.
Definition: class.ilBadgeHandler.php:51
ilBadgeWAC\canBeDelivered
canBeDelivered(ilWACPath $ilWACPath)
Definition: class.ilBadgeWAC.php:16
ilBadgeWAC\isAssignedBadgeOfPublishedUserProfile
isAssignedBadgeOfPublishedUserProfile(\ILIAS\DI\Container $DIC, int $badge_id)
Definition: class.ilBadgeWAC.php:110
ilBadgeWAC\hasAccessToBadgeParentIdNode
hasAccessToBadgeParentIdNode(\ILIAS\DI\Container $DIC, int $badge_id, bool $has_global_badge_administration_access)
Definition: class.ilBadgeWAC.php:61
ilBadgeWAC\isAssignedBadge
isAssignedBadge(\ILIAS\DI\Container $DIC, int $badge_id)
Definition: class.ilBadgeWAC.php:97
ilBadge
Class ilBadge.
Definition: class.ilBadge.php:11
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:70
ilObject\_getObjectsByType
static _getObjectsByType($a_obj_type="", $a_owner="")
Get objects by type.
Definition: class.ilObject.php:1717
ilObject\_getAllReferences
static _getAllReferences($a_id)
get all reference ids of object
Definition: class.ilObject.php:968
ilWACPath
Class ilWACPath.
Definition: class.ilWACPath.php:27
SYSTEM_FOLDER_ID
const SYSTEM_FOLDER_ID
Definition: constants.php:33
$DIC
global $DIC
Definition: goto.php:24
ilWACCheckingClass
Class ilWACCheckingClass.
Definition: interface.ilWACCheckingClass.php:13
DI
Class HTTPServicesTest.
ILIAS
Class ChatMainBarProvider \MainMenu\Provider.