ILIAS  release_7 Revision v7.30-3-g800a261c036
class.ilObjDataCollectionAccess.php
Go to the documentation of this file.
1<?php
2
3/* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
4
15class ilObjDataCollectionAccess extends ilObjectAccess
16{
17
30 public static function _getCommands()
31 {
32 $commands = array(
33 array("permission" => "read", "cmd" => "render", "lang_var" => "show", "default" => true),
34 array("permission" => "write", "cmd" => "listRecords", "lang_var" => "edit_content"),
35 array("permission" => "write", "cmd" => "edit", "lang_var" => "settings"),
36 );
37
38 return $commands;
39 }
40
41
45 public static function _checkGoto($a_target)
46 {
47 global $DIC;
48 $ilAccess = $DIC['ilAccess'];
49
50 $t_arr = explode("_", $a_target);
51
52 if ($t_arr[0] != "dcl" || ((int) $t_arr[1]) <= 0) {
53 return false;
54 }
55
56 if ($ilAccess->checkAccess("read", "", $t_arr[1]) ||
57 $ilAccess->checkAccess("visible", "", $t_arr[1])) {
58 return true;
59 }
60
61 return false;
62 }
63
64
71 protected static function isTableInDataCollection($table, $ref_id)
72 {
73 foreach (ilObjDataCollection::_getAllReferences($table->getObjId()) as $reference) {
74 if ($reference == $ref_id) {
75 return true;
76 }
77 }
78
79 return false;
80 }
81
82
95 public function _checkAccess($a_cmd, $a_permission, $a_ref_id, $a_obj_id, $a_user_id = "")
96 {
97 global $DIC;
98 $ilUser = $DIC['ilUser'];
99 $lng = $DIC['lng'];
100 $rbacsystem = $DIC['rbacsystem'];
101 $ilAccess = $DIC['ilAccess'];
102
103 if ($a_user_id == "") {
104 $a_user_id = $ilUser->getId();
105 }
106 switch ($a_cmd) {
107 case "view":
108
109 if (!ilObjDataCollectionAccess::_lookupOnline($a_obj_id)
110 && !$rbacsystem->checkAccessOfUser($a_user_id, 'write', $a_ref_id)
111 ) {
112 $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("offline"));
113
114 return false;
115 }
116 break;
117
118 // for permission query feature
119 case "infoScreen":
120 if (!ilObjDataCollectionAccess::_lookupOnline($a_obj_id)) {
121 $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("offline"));
122 } else {
123 $ilAccess->addInfoItem(IL_STATUS_MESSAGE, $lng->txt("online"));
124 }
125 break;
126 }
127 switch ($a_permission) {
128 case "read":
129 case "visible":
130 if (!ilObjDataCollectionAccess::_lookupOnline($a_obj_id)
131 && (!$rbacsystem->checkAccessOfUser($a_user_id, 'write', $a_ref_id))
132 ) {
133 $ilAccess->addInfoItem(IL_NO_OBJECT_ACCESS, $lng->txt("offline"));
134
135 return false;
136 }
137 break;
138 }
139
140 return true;
141 }
142
143
149 public static function _lookupOnline($a_id)
150 {
151 global $DIC;
152 $ilDB = $DIC['ilDB'];
153
154 $q = "SELECT * FROM il_dcl_data WHERE id = " . $ilDB->quote($a_id, "integer");
155 $dcl_set = $ilDB->query($q);
156 $dcl_rec = $ilDB->fetchAssoc($dcl_set);
157
158 return $dcl_rec["is_online"];
159 }
160
161 //
162 // DataCollection specific Access-Checks
163 //
164
171 public static function checkAccessForDataCollectionId($data_collection_id)
172 {
173 global $DIC;
174 $ilAccess = $DIC['ilAccess'];
175
176 $perm = false;
177 $references = ilObject2::_getAllReferences($data_collection_id);
178
179 if ($ilAccess->checkAccess("add_entry", "", array_shift($references))) {
180 $perm = true;
181 }
182
183 return $perm;
184 }
185
186
193 public static function checkActionForObjId($action, $obj_id)
194 {
195 foreach (ilObject2::_getAllReferences($obj_id) as $ref_id) {
196 if (self::checkActionForRefId($action, $ref_id)) {
197 return true;
198 }
199 }
200
201 return false;
202 }
203
204
211 public static function checkActionForRefId($action, $ref_id)
212 {
213 global $DIC;
214 $ilAccess = $DIC['ilAccess'];
215
220 return $ilAccess->checkAccess($action, "", $ref_id);
221 }
222
223
231 public static function hasWriteAccess($ref, $user_id = 0)
232 {
233 global $DIC;
234 $ilAccess = $DIC['ilAccess'];
235
236 if ($user_id) {
237 return $ilAccess->checkAccessOfUser($user_id, "write", "", $ref);
238 }
239
240 return $ilAccess->checkAccess("write", "", $ref);
241 }
242
243
252 public static function hasEditAccess($ref, $user_id = 0)
253 {
254 global $DIC;
255 $ilAccess = $DIC['ilAccess'];
256
257 if ($user_id) {
258 return $ilAccess->checkAccessOfUser($user_id, "write", "", $ref);
259 }
260
261 return $ilAccess->checkAccess("edit_content", "", $ref);
262 }
263
264
271 public static function hasAddRecordAccess($ref, $user_id = 0)
272 {
273 global $DIC;
274 $ilAccess = $DIC['ilAccess'];
275
276 if ($user_id) {
277 return $ilAccess->checkAccessOfUser($user_id, "write", "", $ref);
278 }
279
280 return $ilAccess->checkAccess("add_entry", "", $ref);
281 }
282
283
290 public static function hasReadAccess($ref, $user_id = 0)
291 {
292 global $DIC;
293 $ilAccess = $DIC['ilAccess'];
294
295 if ($user_id) {
296 return $ilAccess->checkAccessOfUser($user_id, "write", "", $ref);
297 }
298
299 return $ilAccess->checkAccess("read", "", $ref);
300 }
301
302
311 public static function hasAccessToTableView($tableview, $user_id = 0)
312 {
313 global $DIC;
314 $rbacreview = $DIC['rbacreview'];
315 $ilUser = $DIC['ilUser'];
316 if (!$tableview) {
317 return false;
318 }
319
320 if (is_numeric($tableview)) {
321 $tableview = ilDclTableView::find($tableview);
322 }
323
324 $assigned_roles = $rbacreview->assignedRoles($user_id ? $user_id : $ilUser->getId());
325 $allowed_roles = $tableview->getRoles();
326
327 return !empty(array_intersect($assigned_roles, $allowed_roles));
328 }
329
330
339 protected static function hasAccessToTable($table_id)
340 {
341 $table = ilDclCache::getTableCache($table_id);
342
343 return $table->getIsVisible() || ($table_id == $table->getCollectionObject()->getFirstVisibleTableId());
344 }
345
346
354 public static function hasAccessTo($ref_id, $table_id, $tableview_id)
355 {
357 $tableview = ilDclTableView::find($tableview_id);
358 $table = ilDclCache::getTableCache($table_id);
359
360 // is tableview in table and is table in datacollection
361 if (($tableview->getTableId() != $table_id)
362 || !self::isTableInDataCollection($table, $ref_id)
363 ) {
364 return false;
365 }
366
367 // check access
368 return self::hasWriteAccess($ref_id)
369 || (
370 self::hasReadAccess($ref_id) && self::hasAccessToTable($table_id) && self::hasAccessToTableView($tableview)
371 );
372 }
373
374
381 public static function hasAccessToFields($ref_id, $table_id)
382 {
383 return self::isTableInDataCollection(ilDclCache::getTableCache($table_id), $ref_id)
384 && (self::hasWriteAccess($ref_id));
385 }
386
387
394 public static function hasAccessToEditTable($ref_id, $table_id)
395 {
396 return self::hasAccessToFields($ref_id, $table_id);
397 }
398
399
407 public static function hasAccessToField($ref_id, $table_id, $field_id)
408 {
409 $table = ilDclCache::getTableCache($table_id);
410
411 return in_array($field_id, $table->getFieldIds()) && self::hasAccessToFields($ref_id, $table_id);
412 }
413
414
421 public static function hasPermissionToAddRecord($ref_id, $table_id)
422 {
423 $table = ilDclCache::getTableCache($table_id);
424 if (!self::isTableInDataCollection($table, $ref_id)) {
425 return false;
426 }
427
428 return ilObjDataCollectionAccess::hasWriteAccess($ref_id)
429 || (ilObjDataCollectionAccess::hasAddRecordAccess($ref_id) && $table->getAddPerm() && $table->checkLimit());
430 }
431}
php
An exception for terminatinating execution or to throw for unit testing.
IL_STATUS_MESSAGE
const IL_STATUS_MESSAGE
Definition: class.ilAccessInfo.php:30
IL_NO_OBJECT_ACCESS
const IL_NO_OBJECT_ACCESS
Definition: class.ilAccessInfo.php:26
ilDclCache\getTableCache
static getTableCache($table_id=0)
Definition: class.ilDclCache.php:126
ilObjDataCollectionAccess
Class ilObjDataCollectionAccess.
Definition: class.ilObjDataCollectionAccess.php:16
ilObjDataCollectionAccess\_checkAccess
_checkAccess($a_cmd, $a_permission, $a_ref_id, $a_obj_id, $a_user_id="")
checks wether a user may invoke a command or not (this method is called by ilAccessHandler::checkAcce...
Definition: class.ilObjDataCollectionAccess.php:95
ilObjDataCollectionAccess\isTableInDataCollection
static isTableInDataCollection($table, $ref_id)
Definition: class.ilObjDataCollectionAccess.php:71
ilObjDataCollectionAccess\checkAccessForDataCollectionId
static checkAccessForDataCollectionId($data_collection_id)
Definition: class.ilObjDataCollectionAccess.php:171
ilObjDataCollectionAccess\hasAccessToEditTable
static hasAccessToEditTable($ref_id, $table_id)
Definition: class.ilObjDataCollectionAccess.php:394
ilObjDataCollectionAccess\hasAccessToTableView
static hasAccessToTableView($tableview, $user_id=0)
This only checks access to the tableview - if the full access check is required, use hasAccessTo($ref...
Definition: class.ilObjDataCollectionAccess.php:311
ilObjDataCollectionAccess\checkActionForObjId
static checkActionForObjId($action, $obj_id)
Definition: class.ilObjDataCollectionAccess.php:193
ilObjDataCollectionAccess\_lookupOnline
static _lookupOnline($a_id)
Check wether datacollection is online.
Definition: class.ilObjDataCollectionAccess.php:149
ilObjDataCollectionAccess\hasAccessToFields
static hasAccessToFields($ref_id, $table_id)
Definition: class.ilObjDataCollectionAccess.php:381
ilObjDataCollectionAccess\hasEditAccess
static hasEditAccess($ref, $user_id=0)
Has permission to view and edit all entries event when he is not the owner.
Definition: class.ilObjDataCollectionAccess.php:252
ilObjDataCollectionAccess\_checkGoto
static _checkGoto($a_target)
check whether goto script will succeed
Definition: class.ilObjDataCollectionAccess.php:45
ilObjDataCollectionAccess\hasPermissionToAddRecord
static hasPermissionToAddRecord($ref_id, $table_id)
Definition: class.ilObjDataCollectionAccess.php:421
ilObjDataCollectionAccess\hasAccessToField
static hasAccessToField($ref_id, $table_id, $field_id)
Definition: class.ilObjDataCollectionAccess.php:407
ilObjDataCollectionAccess\hasAccessToTable
static hasAccessToTable($table_id)
returns true if either the table is visible for all users, or no tables are visible and this is the t...
Definition: class.ilObjDataCollectionAccess.php:339
ilObject2\_getAllReferences
static _getAllReferences($a_id)
get all reference ids of object
Definition: class.ilObject2.php:248
ilObjectAccess
Class ilObjectAccess.
Definition: class.ilObjectAccess.php:17
$DIC
global $DIC
Definition: goto.php:24
$ilUser
$ilUser
Definition: imgupload.php:18
$lng
$lng
Definition: save_question_post_data.php:23
$ilDB
global $ilDB
Definition: storeScorm2004.php:19