ILIAS  release_8 Revision v8.24
Public Member Functions | Static Protected Attributes | Private Member Functions | Private Attributes
ilOrgUnitPositionAccess Class Reference

This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Learning e.V. More...

+ Inheritance diagram for ilOrgUnitPositionAccess:
+ Collaboration diagram for ilOrgUnitPositionAccess:

Public Member Functions

 __construct (ilAccess $access)
 
 filterUserIdsForCurrentUsersPositionsAndPermission (array $user_ids, string $permission)
 
 filterUserIdsForUsersPositionsAndPermission (array $user_ids, int $for_user_id, string $permission)
 
 isCurrentUserBasedOnPositionsAllowedTo (string $permission, array $on_user_ids)
 
 isUserBasedOnPositionsAllowedTo (int $which_user_id, string $permission, array $on_user_ids)
 
 filterUserIdsByPositionOfCurrentUser (string $pos_perm, int $ref_id, array $user_ids)
 
 filterUserIdsByPositionOfUser (int $user_id, string $pos_perm, int $ref_id, array $user_ids)
 
 checkPositionAccess (string $pos_perm, int $ref_id)
 
 hasCurrentUserAnyPositionAccess (int $ref_id)
 
 checkRbacOrPositionPermissionAccess (string $rbac_perm, string $pos_perm, int $ref_id)
 
 filterUserIdsByRbacOrPositionOfCurrentUser (string $rbac_perm, string $pos_perm, int $ref_id, array $user_ids)
 
 hasUserRBACorAnyPositionAccess (string $rbac_perm, int $ref_id)
 
 filterUserIdsForCurrentUsersPositionsAndPermission (array $user_ids, string $permission)
 
 filterUserIdsForUsersPositionsAndPermission (array $user_ids, int $for_user_id, string $permission)
 
 isCurrentUserBasedOnPositionsAllowedTo (string $permission, array $on_user_ids)
 
 isUserBasedOnPositionsAllowedTo (int $which_user_id, string $permission, array $on_user_ids)
 
 checkPositionAccess (string $pos_perm, int $ref_id)
 
 hasCurrentUserAnyPositionAccess (int $ref_id)
 
 filterUserIdsByPositionOfCurrentUser (string $pos_perm, int $ref_id, array $user_ids)
 
 filterUserIdsByPositionOfUser (int $user_id, string $pos_perm, int $ref_id, array $user_ids)
 
 checkRbacOrPositionPermissionAccess (string $rbac_perm, string $pos_perm, int $ref_id)
 
 filterUserIdsByRbacOrPositionOfCurrentUser (string $rbac_perm, string $pos_perm, int $ref_id, array $user_ids)
 
 hasUserRBACorAnyPositionAccess (string $rbac_perm, int $ref_id)
 

Static Protected Attributes

static array $ref_id_obj_type_map = array()
 

Private Member Functions

 getCurrentUsersId ()
 
 getTypeForRefId (int $ref_id)
 
 getObjIdForRefId (int $ref_id)
 
 isPositionActiveForRefId (int $ref_id)
 

Private Attributes

ilOrgUnitUserAssignmentQueries $ua
 
ilOrgUnitGlobalSettings $set
 
ilAccess $access
 
ilObjUser $user
 

Detailed Description

This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Learning e.V.

ILIAS is licensed with the GPL-3.0, see https://www.gnu.org/licenses/gpl-3.0.en.html You should have received a copy of said license along with the source code, too.

If this is not the case or you just want to try ILIAS, you'll find us at: https://www.ilias.de https://github.com/ILIAS-eLearning Class ilOrgUnitPositionAccess

Author
Fabian Schmid fs@st.nosp@m.uder.nosp@m.-raim.nosp@m.ann..nosp@m.ch

Definition at line 23 of file class.ilOrgUnitPositionAccess.php.

Constructor & Destructor Documentation

◆ __construct()

ilOrgUnitPositionAccess::__construct ( ilAccess  $access)

Definition at line 31 of file class.ilOrgUnitPositionAccess.php.

32 {
33 global $DIC;
34 $this->set = ilOrgUnitGlobalSettings::getInstance();
35 $this->ua = ilOrgUnitUserAssignmentQueries::getInstance();
36 $this->access = $access;
37 $this->user = $DIC->user();
38 }
$DIC
global $DIC
Definition: feed.php:28

References $access, $DIC, ILIAS\Repository\access(), ilOrgUnitUserAssignmentQueries\getInstance(), ilOrgUnitGlobalSettings\getInstance(), and ILIAS\Repository\user().

+ Here is the call graph for this function:

Member Function Documentation

◆ checkPositionAccess()

ilOrgUnitPositionAccess::checkPositionAccess ( string  $pos_perm,
int  $ref_id 
)
Parameters
string$pos_perm
int$ref_idReference-ID of the desired Object in the tree
Returns
bool
See also
getAvailablePositionRelatedPermissions for available permissions

Implements ilOrgUnitPositionAccessHandler.

Definition at line 172 of file class.ilOrgUnitPositionAccess.php.

172 : bool
173 {
174 if (!$this->isPositionActiveForRefId($ref_id)) {
175 return false;
176 }
177
178 $operation = ilOrgUnitOperationQueries::findByOperationString($pos_perm, $this->getTypeForRefId($ref_id));
179 if (!$operation) {
180 return false;
181 }
182 $current_user_id = $this->getCurrentUsersId();
183
184 foreach ($this->ua->getPositionsOfUserId($current_user_id) as $position) {
185 $permissions = ilOrgUnitPermissionQueries::getSetForRefId($ref_id, $position->getId());
186 if ($permissions->isOperationIdSelected($operation->getOperationId())) {
187 return true;
188 }
189 }
190
191 return false;
192 }
ilOrgUnitOperationQueries\findByOperationString
static findByOperationString(string $operation_string, string $context_name)
Definition: class.ilOrgUnitOperationQueries.php:106
$ref_id
$ref_id
Definition: ltiauth.php:67

References $ref_id, and ilOrgUnitOperationQueries\findByOperationString().

Referenced by ilAccess\checkPositionAccess().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ checkRbacOrPositionPermissionAccess()

ilOrgUnitPositionAccess::checkRbacOrPositionPermissionAccess ( string  $rbac_perm,
string  $pos_perm,
int  $ref_id 
)
Parameters
string$rbac_perm
string$pos_permSee the list of available permissions in interface ilOrgUnitPositionAccessHandler
int$ref_idReference-ID of the desired Object in the tree
Returns
bool

Implements ilOrgUnitPositionAndRBACAccessHandler.

Definition at line 214 of file class.ilOrgUnitPositionAccess.php.

214 : bool
215 {
216 // If RBAC allows, just return true
217 if ($this->access->checkAccess($rbac_perm, '', $ref_id)) {
218 return true;
219 }
220
221 if (!$this->isPositionActiveForRefId($ref_id)) {
222 return false;
223 }
224
225 return $this->checkPositionAccess($pos_perm, $ref_id);
226 }
ilOrgUnitPositionAccess\checkPositionAccess
checkPositionAccess(string $pos_perm, int $ref_id)
Definition: class.ilOrgUnitPositionAccess.php:172

References $ref_id, and ILIAS\Repository\access().

Referenced by ilAccess\checkRbacOrPositionPermissionAccess().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ filterUserIdsByPositionOfCurrentUser()

ilOrgUnitPositionAccess::filterUserIdsByPositionOfCurrentUser ( string  $pos_perm,
int  $ref_id,
array  $user_ids 
)
Parameters
int[]$user_ids

Implements ilOrgUnitPositionAccessHandler.

Definition at line 94 of file class.ilOrgUnitPositionAccess.php.

94 : array
95 {
96 $current_user_id = $this->getCurrentUsersId();
97
98 return $this->filterUserIdsByPositionOfUser($current_user_id, $pos_perm, $ref_id, $user_ids);
99 }
ilOrgUnitPositionAccess\filterUserIdsByPositionOfUser
filterUserIdsByPositionOfUser(int $user_id, string $pos_perm, int $ref_id, array $user_ids)
Definition: class.ilOrgUnitPositionAccess.php:103

References $ref_id.

Referenced by ilAccess\filterUserIdsByPositionOfCurrentUser().

+ Here is the caller graph for this function:

◆ filterUserIdsByPositionOfUser()

ilOrgUnitPositionAccess::filterUserIdsByPositionOfUser ( int  $user_id,
string  $pos_perm,
int  $ref_id,
array  $user_ids 
)
Parameters
int[]$user_ids

Implements ilOrgUnitPositionAccessHandler.

Definition at line 103 of file class.ilOrgUnitPositionAccess.php.

108 : array {
109 // $all_available_users = $this->ua->getUserIdsOfOrgUnit()
110 $operation = ilOrgUnitOperationQueries::findByOperationString($pos_perm, $this->getTypeForRefId($ref_id));
111 if (!$operation) {
112 return [];
113 }
114
115 $allowed_user_ids = [];
116 foreach ($this->ua->getPositionsOfUserId($user_id) as $position) {
117 $permissions = ilOrgUnitPermissionQueries::getSetForRefId($ref_id, $position->getId());
118 $permissions->afterObjectLoad();
119 if (!$permissions->isOperationIdSelected($operation->getOperationId())) {
120 continue;
121 }
122
123 $position->afterObjectLoad();
124 foreach ($position->getAuthorities() as $authority) {
125 switch ($authority->getOver()) {
126 case ilOrgUnitAuthority::OVER_EVERYONE:
127 switch ($authority->getScope()) {
128 case ilOrgUnitAuthority::SCOPE_SAME_ORGU:
129 $allowed = $this->ua->getUserIdsOfOrgUnitsOfUsersPosition($position->getId(), $user_id);
130 $allowed_user_ids = array_merge($allowed_user_ids, $allowed);
131 break;
132 case ilOrgUnitAuthority::SCOPE_SUBSEQUENT_ORGUS:
133 $allowed = $this->ua->getUserIdsOfOrgUnitsOfUsersPosition(
134 $position->getId(),
135 $user_id,
136 true
137 );
138 $allowed_user_ids = array_merge($allowed_user_ids, $allowed);
139 break;
140 }
141 break;
142 default:
143 switch ($authority->getScope()) {
144 case ilOrgUnitAuthority::SCOPE_SAME_ORGU:
145 $allowed = $this->ua->getUserIdsOfUsersOrgUnitsInPosition(
146 $user_id,
147 $authority->getPositionId(),
148 $authority->getOver(),
149 false
150 );
151 $allowed_user_ids = array_merge($allowed_user_ids, $allowed);
152 break;
153 case ilOrgUnitAuthority::SCOPE_SUBSEQUENT_ORGUS:
154 $allowed = $this->ua->getUserIdsOfUsersOrgUnitsInPosition(
155 $user_id,
156 $authority->getPositionId(),
157 $authority->getOver(),
158 true
159 );
160 $allowed_user_ids = array_merge($allowed_user_ids, $allowed);
161 break;
162 }
163 break;
164 }
165 }
166 }
167 $allowed_user_ids[] = $this->user->getId();
168 return array_intersect($user_ids, $allowed_user_ids);
169 }

Referenced by ilAccess\filterUserIdsByPositionOfUser().

+ Here is the caller graph for this function:

◆ filterUserIdsByRbacOrPositionOfCurrentUser()

ilOrgUnitPositionAccess::filterUserIdsByRbacOrPositionOfCurrentUser ( string  $rbac_perm,
string  $pos_perm,
int  $ref_id,
array  $user_ids 
)
Parameters
string$rbac_perm
string$pos_permSee the list of available permissions in interface ilOrgUnitPositionAccessHandler
int$ref_idReference-ID of the desired Object in the tree
int[]$user_ids
Returns
int[]

Implements ilOrgUnitPositionAndRBACAccessHandler.

Definition at line 229 of file class.ilOrgUnitPositionAccess.php.

234 : array {
235 global $DIC;
236
237 // If RBAC allows, just return true
238 if ($this->access->checkAccess($rbac_perm, '', $ref_id)) {
239 return $user_ids;
240 }
241
242 return $this->filterUserIdsByPositionOfCurrentUser($pos_perm, $ref_id, $user_ids);
243 }
ilOrgUnitPositionAccess\filterUserIdsByPositionOfCurrentUser
filterUserIdsByPositionOfCurrentUser(string $pos_perm, int $ref_id, array $user_ids)
Definition: class.ilOrgUnitPositionAccess.php:94

Referenced by ilAccess\filterUserIdsByRbacOrPositionOfCurrentUser().

+ Here is the caller graph for this function:

◆ filterUserIdsForCurrentUsersPositionsAndPermission()

ilOrgUnitPositionAccess::filterUserIdsForCurrentUsersPositionsAndPermission ( array  $user_ids,
string  $permission 
)
Returns
int[] Filtered List of ILIAS-User-IDs

Implements ilOrgUnitPositionAccessHandler.

Definition at line 42 of file class.ilOrgUnitPositionAccess.php.

45 : array {
46 $current_user_id = $this->getCurrentUsersId();
47 return $this->filterUserIdsForUsersPositionsAndPermission($user_ids, $current_user_id, $permission);
48 }
ilOrgUnitPositionAccess\filterUserIdsForUsersPositionsAndPermission
filterUserIdsForUsersPositionsAndPermission(array $user_ids, int $for_user_id, string $permission)
Definition: class.ilOrgUnitPositionAccess.php:53

Referenced by ilAccess\filterUserIdsForCurrentUsersPositionsAndPermission().

+ Here is the caller graph for this function:

◆ filterUserIdsForUsersPositionsAndPermission()

ilOrgUnitPositionAccess::filterUserIdsForUsersPositionsAndPermission ( array  $user_ids,
int  $for_user_id,
string  $permission 
)
Returns
int[] Filtered List of ILIAS-User-IDs

Implements ilOrgUnitPositionAccessHandler.

Definition at line 53 of file class.ilOrgUnitPositionAccess.php.

57 : array {
58 $assignment_of_user = $this->ua->getAssignmentsOfUserId($for_user_id);
59 $other_users_in_same_org_units = [];
60 foreach ($assignment_of_user as $assignment) {
61 $other_users_in_same_org_units += $this->ua->getUserIdsOfOrgUnit($assignment->getOrguId());
62 }
63
64 return array_intersect($user_ids, $other_users_in_same_org_units);
65 }

Referenced by ilAccess\filterUserIdsForUsersPositionsAndPermission().

+ Here is the caller graph for this function:

◆ getCurrentUsersId()

ilOrgUnitPositionAccess::getCurrentUsersId ( )
private

Definition at line 260 of file class.ilOrgUnitPositionAccess.php.

260 : int
261 {
262 return $this->user->getId();
263 }

References ILIAS\Repository\user().

+ Here is the call graph for this function:

◆ getObjIdForRefId()

ilOrgUnitPositionAccess::getObjIdForRefId ( int  $ref_id)
private

Definition at line 275 of file class.ilOrgUnitPositionAccess.php.

275 : int
276 {
277 return ilObject2::_lookupObjectId($ref_id);
278 }
ilObject\_lookupObjectId
static _lookupObjectId(int $ref_id)
Definition: class.ilObject.php:1123

References $ref_id, and ilObject\_lookupObjectId().

+ Here is the call graph for this function:

◆ getTypeForRefId()

ilOrgUnitPositionAccess::getTypeForRefId ( int  $ref_id)
private

Definition at line 266 of file class.ilOrgUnitPositionAccess.php.

266 : string
267 {
268 if (!isset(self::$ref_id_obj_type_map[$ref_id])) {
269 self::$ref_id_obj_type_map[$ref_id] = ilObject2::_lookupType($ref_id, true);
270 }
271
272 return self::$ref_id_obj_type_map[$ref_id];
273 }
ilObject\_lookupType
static _lookupType(int $id, bool $reference=false)
Definition: class.ilObject.php:1091

References $ref_id, and ilObject\_lookupType().

+ Here is the call graph for this function:

◆ hasCurrentUserAnyPositionAccess()

ilOrgUnitPositionAccess::hasCurrentUserAnyPositionAccess ( int  $ref_id)
Parameters
int$ref_id
Returns
bool

Implements ilOrgUnitPositionAccessHandler.

Definition at line 195 of file class.ilOrgUnitPositionAccess.php.

195 : bool
196 {
197 if (!$this->isPositionActiveForRefId($ref_id)) {
198 return false;
199 }
200
201 $current_user_id = $this->getCurrentUsersId();
202
203 foreach ($this->ua->getPositionsOfUserId($current_user_id) as $position) {
204 $permissions = ilOrgUnitPermissionQueries::getSetForRefId($ref_id, $position->getId());
205 if (count($permissions->getOperations()) > 0) {
206 return true;
207 }
208 }
209
210 return false;
211 }

References $ref_id.

Referenced by ilAccess\hasCurrentUserAnyPositionAccess().

+ Here is the caller graph for this function:

◆ hasUserRBACorAnyPositionAccess()

ilOrgUnitPositionAccess::hasUserRBACorAnyPositionAccess ( string  $rbac_perm,
int  $ref_id 
)

Implements ilOrgUnitPositionAndRBACAccessHandler.

Definition at line 246 of file class.ilOrgUnitPositionAccess.php.

246 : bool
247 {
248 if ($this->access->checkAccess($rbac_perm, '', $ref_id)) {
249 return true;
250 }
251
252 return $this->hasCurrentUserAnyPositionAccess($ref_id);
253 }

References $ref_id, and ILIAS\Repository\access().

Referenced by ilAccess\hasUserRBACorAnyPositionAccess().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isCurrentUserBasedOnPositionsAllowedTo()

ilOrgUnitPositionAccess::isCurrentUserBasedOnPositionsAllowedTo ( string  $permission,
array  $on_user_ids 
)
Parameters
int[]$on_user_ids

Implements ilOrgUnitPositionAccessHandler.

Definition at line 68 of file class.ilOrgUnitPositionAccess.php.

68 : bool
69 {
70 $current_user_id = $this->getCurrentUsersId();
71
72 return $this->isUserBasedOnPositionsAllowedTo($current_user_id, $permission, $on_user_ids);
73 }
ilOrgUnitPositionAccess\isUserBasedOnPositionsAllowedTo
isUserBasedOnPositionsAllowedTo(int $which_user_id, string $permission, array $on_user_ids)
Definition: class.ilOrgUnitPositionAccess.php:77

Referenced by ilAccess\isCurrentUserBasedOnPositionsAllowedTo().

+ Here is the caller graph for this function:

◆ isPositionActiveForRefId()

ilOrgUnitPositionAccess::isPositionActiveForRefId ( int  $ref_id)
private

Definition at line 280 of file class.ilOrgUnitPositionAccess.php.

280 : bool
281 {
282 $obj_id = $this->getObjIdForRefId($ref_id); // TODO this will change to ref_id!!
283
284 return $this->set->isPositionAccessActiveForObject($obj_id);
285 }

References $ref_id.

◆ isUserBasedOnPositionsAllowedTo()

ilOrgUnitPositionAccess::isUserBasedOnPositionsAllowedTo ( int  $which_user_id,
string  $permission,
array  $on_user_ids 
)
Parameters
int[]$on_user_ids

Implements ilOrgUnitPositionAccessHandler.

Definition at line 77 of file class.ilOrgUnitPositionAccess.php.

81 : bool {
82 $filtered_user_ids = $this->filterUserIdsForUsersPositionsAndPermission(
83 $on_user_ids,
84 $which_user_id,
85 $permission
86 );
87
88 return ($on_user_ids === array_intersect($on_user_ids, $filtered_user_ids)
89 && $filtered_user_ids === array_intersect($filtered_user_ids, $on_user_ids));
90 }

Referenced by ilAccess\isUserBasedOnPositionsAllowedTo().

+ Here is the caller graph for this function:

Field Documentation

◆ $access

ilAccess ilOrgUnitPositionAccess::$access
private

Definition at line 28 of file class.ilOrgUnitPositionAccess.php.

Referenced by __construct().

◆ $ref_id_obj_type_map

array ilOrgUnitPositionAccess::$ref_id_obj_type_map = array()
staticprotected

Definition at line 25 of file class.ilOrgUnitPositionAccess.php.

◆ $set

ilOrgUnitGlobalSettings ilOrgUnitPositionAccess::$set
private

Definition at line 27 of file class.ilOrgUnitPositionAccess.php.

◆ $ua

ilOrgUnitUserAssignmentQueries ilOrgUnitPositionAccess::$ua
private

Definition at line 26 of file class.ilOrgUnitPositionAccess.php.

◆ $user

ilObjUser ilOrgUnitPositionAccess::$user
private

Definition at line 29 of file class.ilOrgUnitPositionAccess.php.

The documentation for this class was generated from the following file: