ILIAS  release_8 Revision v8.24
class.ilAdvancedMDPermissionHelper.php
Go to the documentation of this file.
1<?php
2
19declare(strict_types=1);
20
27class ilAdvancedMDPermissionHelper extends ilClaimingPermissionHelper
28{
29 public const CONTEXT_MD = 1;
30 public const CONTEXT_RECORD = 2;
31 public const CONTEXT_FIELD = 3;
32 public const CONTEXT_SUBSTITUTION = 4;
33 public const CONTEXT_SUBSTITUTION_COURSE = 5;
34 public const CONTEXT_SUBSTITUTION_CATEGORY = 6;
35 public const CONTEXT_SUBSTITUTION_SESSION = 7;
36 public const CONTEXT_SUBSTITUTION_IASS = 8;
37 public const CONTEXT_SUBSTITUTION_GROUP = 9;
38 public const CONTEXT_SUBSTITUTION_EXERCISE = 10;
39 public const CONTEXT_SUBSTITUTION_PRG = 11;
40 public const CONTEXT_SUBSTITUTION_ORG_UNIT = 12;
41
42 public const ACTION_MD_CREATE_RECORD = 1;
43 public const ACTION_MD_IMPORT_RECORDS = 2;
44
45 public const ACTION_RECORD_EDIT = 5;
46 public const ACTION_RECORD_DELETE = 6;
47 public const ACTION_RECORD_EXPORT = 7;
48 public const ACTION_RECORD_TOGGLE_ACTIVATION = 8;
49 public const ACTION_RECORD_EDIT_PROPERTY = 9;
50 public const ACTION_RECORD_EDIT_FIELDS = 10;
51 public const ACTION_RECORD_CREATE_FIELD = 11;
52 public const ACTION_RECORD_FIELD_POSITIONS = 12;
53
54 public const ACTION_FIELD_EDIT = 13;
55 public const ACTION_FIELD_DELETE = 14;
56 public const ACTION_FIELD_EDIT_PROPERTY = 15;
57
58 public const ACTION_SUBSTITUTION_SHOW_DESCRIPTION = 16;
59 public const ACTION_SUBSTITUTION_SHOW_FIELDNAMES = 17;
60 public const ACTION_SUBSTITUTION_FIELD_POSITIONS = 18;
61
62 public const ACTION_SUBSTITUTION_COURSE_SHOW_FIELD = 19;
63 public const ACTION_SUBSTITUTION_COURSE_EDIT_FIELD_PROPERTY = 20;
64
65 public const ACTION_SUBSTITUTION_CATEGORY_SHOW_FIELD = 21;
66 public const ACTION_SUBSTITUTION_CATEGORY_EDIT_FIELD_PROPERTY = 22;
67
68 public const ACTION_SUBSTITUTION_SESSION_SHOW_FIELD = 23;
69 public const ACTION_SUBSTITUTION_SESSION_EDIT_FIELD_PROPERTY = 24;
70
71 public const ACTION_SUBSTITUTION_GROUP_SHOW_FIELD = 25;
72 public const ACTION_SUBSTITUTION_GROUP_EDIT_FIELD_PROPERTY = 26;
73
74 public const ACTION_SUBSTITUTION_IASS_SHOW_FIELD = 27;
75 public const ACTION_SUBSTITUTION_IASS_EDIT_FIELD_PROPERTY = 28;
76
77 public const ACTION_SUBSTITUTION_EXERCISE_SHOW_FIELD = 29;
78 public const ACTION_SUBSTITUTION_EXERCISE_EDIT_FIELD_PROPERTY = 30;
79
80 public const ACTION_SUBSTITUTION_PRG_SHOW_FIELD = 31;
81 public const ACTION_SUBSTITUTION_PRG_EDIT_FIELD_PROPERTY = 32;
82
83 public const ACTION_SUBSTITUTION_ORG_UNIT_SHOW_FIELD = 35;
84 public const ACTION_SUBSTITUTION_ORG_UNIT_EDIT_FIELD_PROPERTY = 36;
85
86 public const SUBACTION_UNDEFINED = 0;
87 public const SUBACTION_RECORD_TITLE = 1;
88 public const SUBACTION_RECORD_DESCRIPTION = 2;
89 public const SUBACTION_RECORD_OBJECT_TYPES = 3;
90
91 public const SUBACTION_FIELD_TITLE = 4;
92 public const SUBACTION_FIELD_DESCRIPTION = 5;
93 public const SUBACTION_FIELD_SEARCHABLE = 6;
94 public const SUBACTION_FIELD_PROPERTIES = 7;
95
96 public const SUBACTION_SUBSTITUTION_BOLD = 8;
97 public const SUBACTION_SUBSTITUTION_NEWLINE = 9;
98
99 protected function readContextIds(int $a_context_type): array
100 {
101 global $DIC;
102
103 $ilDB = $DIC->database();
104
105 switch ($a_context_type) {
106 case self::CONTEXT_MD:
107 return array($this->ref_id);
108
109 case self::CONTEXT_RECORD:
110 $set = $ilDB->query("SELECT record_id id" .
111 " FROM adv_md_record");
112 break;
113
114 case self::CONTEXT_FIELD:
115 case self::CONTEXT_SUBSTITUTION_COURSE:
116 case self::CONTEXT_SUBSTITUTION_GROUP:
117 case self::CONTEXT_SUBSTITUTION_SESSION:
118 case self::CONTEXT_SUBSTITUTION_CATEGORY:
119 case self::CONTEXT_SUBSTITUTION_IASS:
120 case self::CONTEXT_SUBSTITUTION_EXERCISE:
121 case self::CONTEXT_SUBSTITUTION_PRG:
122 case self::CONTEXT_SUBSTITUTION_ORG_UNIT:
123 $set = $ilDB->query("SELECT field_id id" .
124 " FROM adv_mdf_definition");
125 break;
126
127 case self::CONTEXT_SUBSTITUTION:
128 return $this->getAllowedObjectTypes();
129
130 default:
131 return array();
132 }
133
134 $res = array();
135 while ($row = $ilDB->fetchAssoc($set)) {
136 $res[] = (int) $row["id"];
137 }
138 return $res;
139 }
140
141 // permissions
142
143 protected function buildPermissionMap(): array
144 {
145 return array(
146 self::CONTEXT_MD => array(
147 "actions" => array(
148 self::ACTION_MD_CREATE_RECORD
149 ,
150 self::ACTION_MD_IMPORT_RECORDS
151 )
152 ),
153 self::CONTEXT_RECORD => array(
154 "actions" => array(
155 self::ACTION_RECORD_EDIT
156 ,
157 self::ACTION_RECORD_DELETE
158 ,
159 self::ACTION_RECORD_EXPORT
160 ,
161 self::ACTION_RECORD_TOGGLE_ACTIVATION
162 ,
163 self::ACTION_RECORD_EDIT_FIELDS
164 ,
165 self::ACTION_RECORD_FIELD_POSITIONS
166 ,
167 self::ACTION_RECORD_CREATE_FIELD
168 ),
169 "subactions" => array(
170 self::ACTION_RECORD_EDIT_PROPERTY =>
171 array(
172 self::SUBACTION_RECORD_TITLE
173 ,
174 self::SUBACTION_RECORD_DESCRIPTION
175 ,
176 self::SUBACTION_RECORD_OBJECT_TYPES
177 )
178 )
179 ),
180 self::CONTEXT_FIELD => array(
181 "actions" => array(
182 self::ACTION_FIELD_EDIT,
183 self::ACTION_FIELD_DELETE
184 ),
185 "subactions" => array(
186 self::ACTION_FIELD_EDIT_PROPERTY =>
187 array(
188 self::SUBACTION_FIELD_TITLE
189 ,
190 self::SUBACTION_FIELD_DESCRIPTION
191 ,
192 self::SUBACTION_FIELD_SEARCHABLE
193 ,
194 self::SUBACTION_FIELD_PROPERTIES
195 )
196 )
197 ),
198 self::CONTEXT_SUBSTITUTION => array(
199 "actions" => array(
200 self::ACTION_SUBSTITUTION_SHOW_DESCRIPTION
201 ,
202 self::ACTION_SUBSTITUTION_SHOW_FIELDNAMES
203 ,
204 self::ACTION_SUBSTITUTION_FIELD_POSITIONS
205 )
206 ),
207 self::CONTEXT_SUBSTITUTION_COURSE => array(
208 "actions" => array(
209 self::ACTION_SUBSTITUTION_COURSE_SHOW_FIELD
210 ),
211 "subactions" => array(
212 self::ACTION_SUBSTITUTION_COURSE_EDIT_FIELD_PROPERTY =>
213 array(
214 self::SUBACTION_SUBSTITUTION_BOLD
215 ,
216 self::SUBACTION_SUBSTITUTION_NEWLINE
217 )
218 )
219 ),
220 self::CONTEXT_SUBSTITUTION_CATEGORY => array(
221 "actions" => array(
222 self::ACTION_SUBSTITUTION_CATEGORY_SHOW_FIELD
223 ),
224 "subactions" => array(
225 self::ACTION_SUBSTITUTION_CATEGORY_EDIT_FIELD_PROPERTY =>
226 array(
227 self::SUBACTION_SUBSTITUTION_BOLD
228 ,
229 self::SUBACTION_SUBSTITUTION_NEWLINE
230 )
231 )
232 ),
233 self::CONTEXT_SUBSTITUTION_SESSION => array(
234 "actions" => array(
235 self::ACTION_SUBSTITUTION_SESSION_SHOW_FIELD
236 ),
237 "subactions" => array(
238 self::ACTION_SUBSTITUTION_SESSION_EDIT_FIELD_PROPERTY =>
239 array(
240 self::SUBACTION_SUBSTITUTION_BOLD
241 ,
242 self::SUBACTION_SUBSTITUTION_NEWLINE
243 )
244 )
245 ),
246 self::CONTEXT_SUBSTITUTION_GROUP => array(
247 "actions" => array(
248 self::ACTION_SUBSTITUTION_GROUP_SHOW_FIELD
249 ),
250 "subactions" => array(
251 self::ACTION_SUBSTITUTION_GROUP_EDIT_FIELD_PROPERTY =>
252 array(
253 self::SUBACTION_SUBSTITUTION_BOLD
254 ,
255 self::SUBACTION_SUBSTITUTION_NEWLINE
256 )
257 )
258 ),
259 self::CONTEXT_SUBSTITUTION_IASS => array(
260 "actions" => array(
261 self::ACTION_SUBSTITUTION_IASS_SHOW_FIELD
262 ),
263 "subactions" => array(
264 self::ACTION_SUBSTITUTION_IASS_EDIT_FIELD_PROPERTY =>
265 array(
266 self::SUBACTION_SUBSTITUTION_BOLD
267 ,
268 self::SUBACTION_SUBSTITUTION_NEWLINE
269 )
270 )
271 ),
272 self::CONTEXT_SUBSTITUTION_EXERCISE => array(
273 "actions" => array(
274 self::ACTION_SUBSTITUTION_EXERCISE_SHOW_FIELD
275 ),
276 "subactions" => array(
277 self::ACTION_SUBSTITUTION_EXERCISE_EDIT_FIELD_PROPERTY =>
278 array(
279 self::SUBACTION_SUBSTITUTION_BOLD
280 ,
281 self::SUBACTION_SUBSTITUTION_NEWLINE
282 )
283 )
284 ),
285 self::CONTEXT_SUBSTITUTION_PRG => array(
286 "actions" => array(
287 self::ACTION_SUBSTITUTION_PRG_SHOW_FIELD
288 ),
289 "subactions" => array(
290 self::ACTION_SUBSTITUTION_PRG_EDIT_FIELD_PROPERTY =>
291 array(
292 self::SUBACTION_SUBSTITUTION_BOLD
293 ,
294 self::SUBACTION_SUBSTITUTION_NEWLINE
295 )
296 )
297 ),
298 self::CONTEXT_SUBSTITUTION_ORG_UNIT => [
299 "actions" => [
300 self::ACTION_SUBSTITUTION_ORG_UNIT_SHOW_FIELD
301 ],
302 "subactions" => [
303 self::ACTION_SUBSTITUTION_ORG_UNIT_EDIT_FIELD_PROPERTY =>
304 [
305 self::SUBACTION_SUBSTITUTION_BOLD
306 ,
307 self::SUBACTION_SUBSTITUTION_NEWLINE
308 ]
309 ]
310 ]
311 );
312 }
313
314 // plugins
315
316 protected function getActivePlugins(): Generator
317 {
318 global $DIC;
319
320 $component_factory = $DIC['component.factory'];
321 yield from $component_factory->getActivePluginsInSlot("amdc");
322 }
323
324 protected function checkPermission(
325 int $a_context_type,
326 string $a_context_id,
327 int $a_action_id,
328 ?int $a_action_sub_id = null
329 ): bool {
330 global $DIC;
331
332 $ilAccess = $DIC['ilAccess'];
333
334 if (!$this->checkPlugins($a_context_type, $a_context_id, $a_action_id, $a_action_sub_id)) {
335 return false;
336 }
337
338 // export is considered read-action
339 if ($a_context_type == ilAdvancedMDPermissionHelper::CONTEXT_RECORD &&
340 $a_action_id == ilAdvancedMDPermissionHelper::ACTION_RECORD_EXPORT) {
341 return $ilAccess->checkAccessOfUser($this->getUserId(), "read", "", $this->getRefId());
342 }
343
344 return $this->checkRBAC();
345 }
346}
ilAdvancedMDPermissionHelper
Advanced metadata permission helper.
Definition: class.ilAdvancedMDPermissionHelper.php:28
ilAdvancedMDPermissionHelper\readContextIds
readContextIds(int $a_context_type)
Get all context ids for context type (from DB, is cached)
Definition: class.ilAdvancedMDPermissionHelper.php:99
ilAdvancedMDPermissionHelper\checkPermission
checkPermission(int $a_context_type, string $a_context_id, int $a_action_id, ?int $a_action_sub_id=null)
Check permission (helper: rbac, plugins)
Definition: class.ilAdvancedMDPermissionHelper.php:324
ilAdvancedMDPermissionHelper\buildPermissionMap
buildPermissionMap()
Build map of context and actions.
Definition: class.ilAdvancedMDPermissionHelper.php:143
ilAdvancedMDPermissionHelper\getActivePlugins
getActivePlugins()
Get active plugins (for current slot)
Definition: class.ilAdvancedMDPermissionHelper.php:316
ilClaimingPermissionHelper
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilClaimingPermissionHelper.php:26
ilClaimingPermissionHelper\checkRBAC
checkRBAC()
Check permission against RBAC.
Definition: class.ilClaimingPermissionHelper.php:201
ilClaimingPermissionHelper\checkPlugins
checkPlugins(int $a_context_type, string $a_context_id, int $a_action_id, ?int $a_action_sub_id=null)
Check permission against plugins.
Definition: class.ilClaimingPermissionHelper.php:218
$DIC
global $DIC
Definition: feed.php:28
$res
$res
Definition: ltiservices.php:69