ILIAS  release_7 Revision v7.30-3-g800a261c036
class.ilBadgeWAC.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
4 require_once('./Services/WebAccessChecker/interfaces/interface.ilWACCheckingClass.php');
5 
14 class ilBadgeWAC implements ilWACCheckingClass
15 {
16  public function canBeDelivered(ilWACPath $ilWACPath)
17  {
18  global $DIC;
19 
20  if (strpos($ilWACPath->getPath(), '..') !== false) {
21  return false;
22  }
23 
24  if (!preg_match('@ilBadge\/(\d+\/)*?badge(tmpl)?_(\d+)\/@ui', $ilWACPath->getPath())) {
25  return false;
26  }
27 
28  $obj_id = array_keys(ilObject::_getObjectsByType('bdga'))[0] ?? null;
29  $admin_ref_id = null;
30  if ($obj_id > 0) {
31  $admin_ref_id = array_values(ilObject::_getAllReferences($obj_id))[0] ?? null;
32  }
33 
34  $has_global_badge_administration_access = (
35  $admin_ref_id > 0 &&
36  $DIC->rbac()->system()->checkAccessOfUser($DIC->user()->getId(), 'read', $admin_ref_id)
37  );
38 
39  if (preg_match('@\/badgetmpl_(\d+)\/@ui', $ilWACPath->getPath())) {
40  // Badge template images must only be accessible for accounts with `read` permission on the badge administration node
41  return $has_global_badge_administration_access;
42  }
43 
44  if (preg_match('@\/badge_(\d+)\/@ui', $ilWACPath->getPath(), $matches)) {
45  if ($has_global_badge_administration_access) {
46  return true;
47  }
48 
49  $badge_id = (int) $matches[1];
50 
51  return (
52  $this->isAssignedBadge($DIC, $badge_id) ||
53  $this->isAssignedBadgeOfPublishedUserProfile($DIC, $badge_id) ||
54  $this->hasAccessToBadgeParentIdNode($DIC, $badge_id, $has_global_badge_administration_access)
55  );
56  }
57 
58  return false;
59  }
60 
61  private function hasAccessToBadgeParentIdNode(
62  \ILIAS\DI\Container $DIC,
63  int $badge_id,
64  bool $has_global_badge_administration_access
65  ) : bool {
66  // If the acting user still does not have access, check if the image is used in an object badge type
67  $badge = new ilBadge($badge_id);
68  if ($badge->getParentId() > 0) {
69  return false;
70  }
71 
72  $badge_handler = ilBadgeHandler::getInstance();
73  if (!$badge_handler->isObjectActive((int) $badge->getParentId())) {
74  return false;
75  }
76 
77  $context_ref_id = array_values(ilObject::_getAllReferences((int) $badge->getParentId()))[0] ?? null;
78  if (!($context_ref_id > 0)) {
79  return false;
80  }
81 
82  $context_ref_id = (int) $context_ref_id;
83  if ($DIC->repositoryTree()->isGrandChild((int) SYSTEM_FOLDER_ID, $context_ref_id)) {
84  $has_access = $has_global_badge_administration_access;
85  } else {
86  $has_access = $DIC->access()->checkAccessOfUser(
87  $DIC->user()->getId(),
88  'write',
89  '',
90  $context_ref_id
91  );
92  }
93 
94  return $has_access;
95  }
96 
97  private function isAssignedBadge(\ILIAS\DI\Container $DIC, int $badge_id) : bool
98  {
99  // First, check all badge assignments of the current user for a match
100  $badges_of_user = ilBadgeAssignment::getInstancesByUserId($DIC->user()->getId());
101  foreach ($badges_of_user as $user_badge) {
102  if ((int) $user_badge->getBadgeId() === $badge_id) {
103  return true;
104  }
105  }
106 
107  return false;
108  }
109 
110  private function isAssignedBadgeOfPublishedUserProfile(\ILIAS\DI\Container $DIC, int $badge_id) : bool
111  {
112  // It seems the badge is not assigned to the curent user, so check if the profile of the badge user is made visible
113  $assignments = ilBadgeAssignment::getInstancesByBadgeId($badge_id);
114  foreach ($assignments as $assignment) {
115  if (!$assignment->getPosition()) {
116  continue;
117  }
118 
119  $user = ilObjectFactory::getInstanceByObjId((int) $assignment->getUserId(), false);
120  if (!$user instanceof ilObjUser) {
121  continue;
122  }
123 
124  $profile_visibility = $user->getPref('public_profile');
125  if ($profile_visibility === 'g' || ($profile_visibility === 'y' && !$DIC->user()->isAnonymous())) {
126  return true;
127  }
128  }
129 
130  return false;
131  }
132 }
ILIAS
Class ChatMainBarProvider .
ilBadgeWAC\hasAccessToBadgeParentIdNode
hasAccessToBadgeParentIdNode(\ILIAS\DI\Container $DIC, int $badge_id, bool $has_global_badge_administration_access)
Definition: class.ilBadgeWAC.php:61
ilObject\_getObjectsByType
static _getObjectsByType($a_obj_type="", $a_owner="")
Get objects by type.
Definition: class.ilObject.php:1717
ilBadgeWAC\isAssignedBadge
isAssignedBadge(\ILIAS\DI\Container $DIC, int $badge_id)
Definition: class.ilBadgeWAC.php:97
ilWACPath
Class ilWACPath.
Definition: class.ilWACPath.php:26
SYSTEM_FOLDER_ID
const SYSTEM_FOLDER_ID
Definition: constants.php:33
ilObject\_getAllReferences
static _getAllReferences($a_id)
get all reference ids of object
Definition: class.ilObject.php:968
ilBadge
Class ilBadge.
Definition: class.ilBadge.php:10
ilBadgeWAC\isAssignedBadgeOfPublishedUserProfile
isAssignedBadgeOfPublishedUserProfile(\ILIAS\DI\Container $DIC, int $badge_id)
Definition: class.ilBadgeWAC.php:110
DI
Class HTTPServicesTest.
$DIC
global $DIC
Definition: goto.php:24
ilWACCheckingClass
Class ilWACCheckingClass.
Definition: interface.ilWACCheckingClass.php:12
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:70
ilBadgeWAC\canBeDelivered
canBeDelivered(ilWACPath $ilWACPath)
Definition: class.ilBadgeWAC.php:16
ilBadgeAssignment\getInstancesByBadgeId
static getInstancesByBadgeId($a_badge_id)
Definition: class.ilBadgeAssignment.php:117
ilBadgeAssignment\getInstancesByUserId
static getInstancesByUserId($a_user_id)
Definition: class.ilBadgeAssignment.php:96
ilBadgeHandler\getInstance
static getInstance()
Constructor.
Definition: class.ilBadgeHandler.php:51