ILIAS  release_8 Revision v8.19
All Data Structures Namespaces Files Functions Variables Modules Pages
class.ilObjDataCollectionAccess.php
Go to the documentation of this file.
1 <?php
2 
19 class ilObjDataCollectionAccess extends ilObjectAccess
20 {
31  public static function _getCommands(): array
32  {
33  $commands = array(
34  array("permission" => "read", "cmd" => "render", "lang_var" => "show", "default" => true),
35  array("permission" => "write", "cmd" => "listRecords", "lang_var" => "edit_content"),
36  array("permission" => "write", "cmd" => "edit", "lang_var" => "settings"),
37  );
38 
39  return $commands;
40  }
41 
45  public static function _checkGoto(string $target): bool
46  {
47  global $DIC;
48  $ilAccess = $DIC['ilAccess'];
49 
50  $t_arr = explode("_", $target);
51 
52  if ($t_arr[0] != "dcl" || ((int) $t_arr[1]) <= 0) {
53  return false;
54  }
55 
56  if ($ilAccess->checkAccess("read", "", $t_arr[1]) ||
57  $ilAccess->checkAccess("visible", "", $t_arr[1])) {
58  return true;
59  }
60 
61  return false;
62  }
63 
64  protected static function isTableInDataCollection(ilDclTable $table, int $ref_id): bool
65  {
66  if ($table->getObjId() !== null) {
67  foreach (ilObjDataCollection::_getAllReferences($table->getObjId()) as $reference) {
68  if ($reference == $ref_id) {
69  return true;
70  }
71  }
72  }
73 
74  return false;
75  }
76 
77  public function _checkAccess(string $cmd, string $permission, int $ref_id, int $obj_id, ?int $user_id = null): bool
78  {
79  global $DIC;
80  $ilUser = $DIC['ilUser'];
81  $lng = $DIC['lng'];
82  $rbacsystem = $DIC['rbacsystem'];
83  $ilAccess = $DIC['ilAccess'];
84 
85  if (is_null($user_id) === true) {
86  $user_id = $ilUser->getId();
87  }
88 
89  switch ($cmd) {
90  case "view":
91 
92  if (!ilObjDataCollectionAccess::_lookupOnline($obj_id)
93  && !$rbacsystem->checkAccessOfUser($user_id, 'write', $ref_id)
94  ) {
95  $ilAccess->addInfoItem(ilAccessInfo::IL_NO_OBJECT_ACCESS, $lng->txt("offline"));
96 
97  return false;
98  }
99  break;
100 
101  // for permission query feature
102  case "infoScreen":
103  if (!ilObjDataCollectionAccess::_lookupOnline($obj_id)) {
104  $ilAccess->addInfoItem(ilAccessInfo::IL_NO_OBJECT_ACCESS, $lng->txt("offline"));
105  } else {
106  $ilAccess->addInfoItem(ilAccessInfo::IL_STATUS_MESSAGE, $lng->txt("online"));
107  }
108  break;
109  }
110  switch ($permission) {
111  case "read":
112  case "visible":
113  if (!ilObjDataCollectionAccess::_lookupOnline($obj_id)
114  && (!$rbacsystem->checkAccessOfUser($user_id, 'write', $ref_id))
115  ) {
116  $ilAccess->addInfoItem(ilAccessInfo::IL_NO_OBJECT_ACCESS, $lng->txt("offline"));
117 
118  return false;
119  }
120  break;
121  }
122 
123  return true;
124  }
125 
130  public static function _lookupOnline(int $a_id): bool
131  {
132  global $DIC;
133  $ilDB = $DIC->database();
134 
135  $q = "SELECT * FROM il_dcl_data WHERE id = " . $ilDB->quote($a_id, "integer");
136  $dcl_set = $ilDB->query($q);
137  $dcl_rec = $ilDB->fetchAssoc($dcl_set);
138 
139  return !is_null($dcl_rec) && $dcl_rec["is_online"];
140  }
141 
142  //
143  // DataCollection specific Access-Checks
144  //
145 
151  public static function checkAccessForDataCollectionId(int $data_collection_id): bool
152  {
153  global $DIC;
154  $ilAccess = $DIC['ilAccess'];
155 
156  $perm = false;
157  $references = ilObject2::_getAllReferences($data_collection_id);
158 
159  if ($ilAccess->checkAccess("add_entry", "", array_shift($references))) {
160  $perm = true;
161  }
162 
163  return $perm;
164  }
165 
166  public static function checkActionForObjId(string $action, int $obj_id): bool
167  {
168  foreach (ilObject2::_getAllReferences($obj_id) as $ref_id) {
169  if (self::checkActionForRefId($action, $ref_id)) {
170  return true;
171  }
172  }
173 
174  return false;
175  }
176 
177  public static function checkActionForRefId(string $action, int $ref_id): bool
178  {
179  global $DIC;
180  $ilAccess = $DIC['ilAccess'];
181 
186  return $ilAccess->checkAccess($action, "", $ref_id);
187  }
188 
193  public static function hasWriteAccess(int $ref, ?int $user_id = 0): bool
194  {
195  global $DIC;
196  $ilAccess = $DIC['ilAccess'];
197 
198  if ($user_id) {
199  return $ilAccess->checkAccessOfUser($user_id, "write", "", $ref);
200  }
201 
202  return $ilAccess->checkAccess("write", "", $ref);
203  }
204 
205  public static function hasEditAccess(int $ref, ?int $user_id = 0): bool
206  {
207  global $DIC;
208  $ilAccess = $DIC['ilAccess'];
209 
210  if ($user_id) {
211  return $ilAccess->checkAccessOfUser($user_id, "write", "", $ref);
212  }
213 
214  return $ilAccess->checkAccess("edit_content", "", $ref);
215  }
216 
221  public static function hasAddRecordAccess(int $ref, ?int $user_id = 0): bool
222  {
223  global $DIC;
224  $ilAccess = $DIC['ilAccess'];
225 
226  if ($user_id) {
227  return $ilAccess->checkAccessOfUser($user_id, "write", "", $ref);
228  }
229 
230  return $ilAccess->checkAccess("add_entry", "", $ref);
231  }
232 
237  public static function hasReadAccess(int $ref, ?int $user_id = 0): bool
238  {
239  global $DIC;
240  $ilAccess = $DIC['ilAccess'];
241 
242  if ($user_id) {
243  return $ilAccess->checkAccessOfUser($user_id, "write", "", $ref);
244  }
245 
246  return $ilAccess->checkAccess("read", "", $ref);
247  }
248 
253  public static function hasAccessToTableView($tableview, ?int $user_id = 0): bool
254  {
255  global $DIC;
256  $rbacreview = $DIC['rbacreview'];
257  $ilUser = $DIC['ilUser'];
258  if (!$tableview) {
259  return false;
260  }
261 
262  if (is_numeric($tableview)) {
263  $tableview = ilDclTableView::find($tableview);
264  }
265 
266  $assigned_roles = $rbacreview->assignedRoles($user_id ?: $ilUser->getId());
267  $allowed_roles = $tableview->getRoles();
268 
269  return !empty(array_intersect($assigned_roles, $allowed_roles));
270  }
271 
278  protected static function hasAccessToTable(int $table_id, int $ref_id): bool
279  {
280  $table = ilDclCache::getTableCache($table_id);
281  return self::hasWriteAccess($ref_id) || $table->getIsVisible();
282  }
283 
284  public static function hasAccessTo(int $ref_id, int $table_id, int $tableview_id): bool
285  {
287  $tableview = ilDclTableView::find($tableview_id);
288  $table = ilDclCache::getTableCache($table_id);
289 
290  // is tableview in table and is table in datacollection
291  if (($tableview->getTableId() !== $table_id)
292  || !self::isTableInDataCollection($table, $ref_id)
293  ) {
294  return false;
295  }
296 
297  // check access
298  return self::hasWriteAccess($ref_id)
299  || (
300  self::hasReadAccess($ref_id) && self::hasAccessToTable($table_id, $ref_id) && self::hasAccessToTableView($tableview)
301  );
302  }
303 
304  public static function hasAccessToFields(int $ref_id, int $table_id): bool
305  {
306  return self::isTableInDataCollection(ilDclCache::getTableCache($table_id), $ref_id)
307  && (self::hasWriteAccess($ref_id));
308  }
309 
310  public static function hasAccessToEditTable(int $ref_id, int $table_id): bool
311  {
312  return self::hasAccessToFields($ref_id, $table_id);
313  }
314 
315  public static function hasAccessToField(int $ref_id, int $table_id, int $field_id): bool
316  {
317  $table = ilDclCache::getTableCache($table_id);
318 
319  return in_array($field_id, $table->getFieldIds()) && self::hasAccessToFields($ref_id, $table_id);
320  }
321 
322  public static function hasPermissionToAddRecord(int $ref_id, int $table_id): bool
323  {
324  $table = ilDclCache::getTableCache($table_id);
325  if (!self::isTableInDataCollection($table, $ref_id)) {
326  return false;
327  }
328 
329  return ilObjDataCollectionAccess::hasWriteAccess($ref_id)
330  || (ilObjDataCollectionAccess::hasAddRecordAccess($ref_id) && $table->getAddPerm() && $table->checkLimit());
331  }
332 }
$lng
$lng
Definition: save_question_post_data.php:24
ilObjDataCollectionAccess\hasAddRecordAccess
static hasAddRecordAccess(int $ref, ?int $user_id=0)
Definition: class.ilObjDataCollectionAccess.php:221
ilObject\_getAllReferences
static _getAllReferences(int $id)
get all reference ids for object ID
Definition: class.ilObject.php:816
ilDclTable
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilDclTable.php:19
ilObjDataCollectionAccess\_getCommands
static _getCommands()
get commands this method returns an array of all possible commands/permission combinations example: $...
Definition: class.ilObjDataCollectionAccess.php:31
$DIC
global $DIC
Definition: feed.php:28
ilObjDataCollectionAccess\hasAccessToFields
static hasAccessToFields(int $ref_id, int $table_id)
Definition: class.ilObjDataCollectionAccess.php:304
$ref_id
$ref_id
Definition: ltiauth.php:67
ilDclCache\getTableCache
static getTableCache(int $table_id=null)
Definition: class.ilDclCache.php:129
ilObjDataCollectionAccess\_checkAccess
_checkAccess(string $cmd, string $permission, int $ref_id, int $obj_id, ?int $user_id=null)
Definition: class.ilObjDataCollectionAccess.php:77
ilObjDataCollectionAccess\isTableInDataCollection
static isTableInDataCollection(ilDclTable $table, int $ref_id)
Definition: class.ilObjDataCollectionAccess.php:64
ilObjDataCollectionAccess\hasAccessToField
static hasAccessToField(int $ref_id, int $table_id, int $field_id)
Definition: class.ilObjDataCollectionAccess.php:315
ilObjDataCollectionAccess\hasWriteAccess
static hasWriteAccess(int $ref, ?int $user_id=0)
Definition: class.ilObjDataCollectionAccess.php:193
ilObjDataCollectionAccess\_checkGoto
static _checkGoto(string $target)
check whether goto script will succeed
Definition: class.ilObjDataCollectionAccess.php:45
ilObjDataCollectionAccess\hasAccessToTable
static hasAccessToTable(int $table_id, int $ref_id)
returns true if either the table is visible for all users, or no tables are visible and this is the t...
Definition: class.ilObjDataCollectionAccess.php:278
$ilUser
$ilUser
Definition: imgupload.php:34
ilObjDataCollectionAccess\hasAccessToTableView
static hasAccessToTableView($tableview, ?int $user_id=0)
This only checks access to the tableview - if the full access check is required, use hasAccessTo($ref...
Definition: class.ilObjDataCollectionAccess.php:253
ilObjDataCollectionAccess\hasReadAccess
static hasReadAccess(int $ref, ?int $user_id=0)
Definition: class.ilObjDataCollectionAccess.php:237
ilObjDataCollectionAccess\hasPermissionToAddRecord
static hasPermissionToAddRecord(int $ref_id, int $table_id)
Definition: class.ilObjDataCollectionAccess.php:322
ilObjDataCollectionAccess\hasAccessToEditTable
static hasAccessToEditTable(int $ref_id, int $table_id)
Definition: class.ilObjDataCollectionAccess.php:310
ilObjDataCollectionAccess\hasEditAccess
static hasEditAccess(int $ref, ?int $user_id=0)
Definition: class.ilObjDataCollectionAccess.php:205
ilObjDataCollectionAccess\checkAccessForDataCollectionId
static checkAccessForDataCollectionId(int $data_collection_id)
Definition: class.ilObjDataCollectionAccess.php:151
ilObjDataCollectionAccess\_lookupOnline
static _lookupOnline(int $a_id)
Check wether datacollection is online.
Definition: class.ilObjDataCollectionAccess.php:130
ilObjDataCollectionAccess
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilObjDataCollectionAccess.php:19
ilObjDataCollectionAccess\checkActionForObjId
static checkActionForObjId(string $action, int $obj_id)
Definition: class.ilObjDataCollectionAccess.php:166