ILIAS  release_8 Revision v8.23
class.ilAdvancedMDPermissionHelper.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
27 class ilAdvancedMDPermissionHelper extends ilClaimingPermissionHelper
28 {
29  public const CONTEXT_MD = 1;
30  public const CONTEXT_RECORD = 2;
31  public const CONTEXT_FIELD = 3;
32  public const CONTEXT_SUBSTITUTION = 4;
33  public const CONTEXT_SUBSTITUTION_COURSE = 5;
34  public const CONTEXT_SUBSTITUTION_CATEGORY = 6;
35  public const CONTEXT_SUBSTITUTION_SESSION = 7;
36  public const CONTEXT_SUBSTITUTION_IASS = 8;
37  public const CONTEXT_SUBSTITUTION_GROUP = 9;
38  public const CONTEXT_SUBSTITUTION_EXERCISE = 10;
39  public const CONTEXT_SUBSTITUTION_PRG = 11;
40  public const CONTEXT_SUBSTITUTION_ORG_UNIT = 12;
41 
42  public const ACTION_MD_CREATE_RECORD = 1;
43  public const ACTION_MD_IMPORT_RECORDS = 2;
44 
45  public const ACTION_RECORD_EDIT = 5;
46  public const ACTION_RECORD_DELETE = 6;
47  public const ACTION_RECORD_EXPORT = 7;
48  public const ACTION_RECORD_TOGGLE_ACTIVATION = 8;
49  public const ACTION_RECORD_EDIT_PROPERTY = 9;
50  public const ACTION_RECORD_EDIT_FIELDS = 10;
51  public const ACTION_RECORD_CREATE_FIELD = 11;
52  public const ACTION_RECORD_FIELD_POSITIONS = 12;
53 
54  public const ACTION_FIELD_EDIT = 13;
55  public const ACTION_FIELD_DELETE = 14;
56  public const ACTION_FIELD_EDIT_PROPERTY = 15;
57 
58  public const ACTION_SUBSTITUTION_SHOW_DESCRIPTION = 16;
59  public const ACTION_SUBSTITUTION_SHOW_FIELDNAMES = 17;
60  public const ACTION_SUBSTITUTION_FIELD_POSITIONS = 18;
61 
62  public const ACTION_SUBSTITUTION_COURSE_SHOW_FIELD = 19;
63  public const ACTION_SUBSTITUTION_COURSE_EDIT_FIELD_PROPERTY = 20;
64 
65  public const ACTION_SUBSTITUTION_CATEGORY_SHOW_FIELD = 21;
66  public const ACTION_SUBSTITUTION_CATEGORY_EDIT_FIELD_PROPERTY = 22;
67 
68  public const ACTION_SUBSTITUTION_SESSION_SHOW_FIELD = 23;
69  public const ACTION_SUBSTITUTION_SESSION_EDIT_FIELD_PROPERTY = 24;
70 
71  public const ACTION_SUBSTITUTION_GROUP_SHOW_FIELD = 25;
72  public const ACTION_SUBSTITUTION_GROUP_EDIT_FIELD_PROPERTY = 26;
73 
74  public const ACTION_SUBSTITUTION_IASS_SHOW_FIELD = 27;
75  public const ACTION_SUBSTITUTION_IASS_EDIT_FIELD_PROPERTY = 28;
76 
77  public const ACTION_SUBSTITUTION_EXERCISE_SHOW_FIELD = 29;
78  public const ACTION_SUBSTITUTION_EXERCISE_EDIT_FIELD_PROPERTY = 30;
79 
80  public const ACTION_SUBSTITUTION_PRG_SHOW_FIELD = 31;
81  public const ACTION_SUBSTITUTION_PRG_EDIT_FIELD_PROPERTY = 32;
82 
83  public const ACTION_SUBSTITUTION_ORG_UNIT_SHOW_FIELD = 35;
84  public const ACTION_SUBSTITUTION_ORG_UNIT_EDIT_FIELD_PROPERTY = 36;
85 
86  public const SUBACTION_UNDEFINED = 0;
87  public const SUBACTION_RECORD_TITLE = 1;
88  public const SUBACTION_RECORD_DESCRIPTION = 2;
89  public const SUBACTION_RECORD_OBJECT_TYPES = 3;
90 
91  public const SUBACTION_FIELD_TITLE = 4;
92  public const SUBACTION_FIELD_DESCRIPTION = 5;
93  public const SUBACTION_FIELD_SEARCHABLE = 6;
94  public const SUBACTION_FIELD_PROPERTIES = 7;
95 
96  public const SUBACTION_SUBSTITUTION_BOLD = 8;
97  public const SUBACTION_SUBSTITUTION_NEWLINE = 9;
98 
99  protected function readContextIds(int $a_context_type): array
100  {
101  global $DIC;
102 
103  $ilDB = $DIC->database();
104 
105  switch ($a_context_type) {
106  case self::CONTEXT_MD:
107  return array($this->ref_id);
108 
109  case self::CONTEXT_RECORD:
110  $set = $ilDB->query("SELECT record_id id" .
111  " FROM adv_md_record");
112  break;
113 
114  case self::CONTEXT_FIELD:
115  case self::CONTEXT_SUBSTITUTION_COURSE:
116  case self::CONTEXT_SUBSTITUTION_GROUP:
117  case self::CONTEXT_SUBSTITUTION_SESSION:
118  case self::CONTEXT_SUBSTITUTION_CATEGORY:
119  case self::CONTEXT_SUBSTITUTION_IASS:
120  case self::CONTEXT_SUBSTITUTION_EXERCISE:
121  case self::CONTEXT_SUBSTITUTION_PRG:
122  case self::CONTEXT_SUBSTITUTION_ORG_UNIT:
123  $set = $ilDB->query("SELECT field_id id" .
124  " FROM adv_mdf_definition");
125  break;
126 
127  case self::CONTEXT_SUBSTITUTION:
128  return $this->getAllowedObjectTypes();
129 
130  default:
131  return array();
132  }
133 
134  $res = array();
135  while ($row = $ilDB->fetchAssoc($set)) {
136  $res[] = (int) $row["id"];
137  }
138  return $res;
139  }
140 
141  // permissions
142 
143  protected function buildPermissionMap(): array
144  {
145  return array(
146  self::CONTEXT_MD => array(
147  "actions" => array(
148  self::ACTION_MD_CREATE_RECORD
149  ,
150  self::ACTION_MD_IMPORT_RECORDS
151  )
152  ),
153  self::CONTEXT_RECORD => array(
154  "actions" => array(
155  self::ACTION_RECORD_EDIT
156  ,
157  self::ACTION_RECORD_DELETE
158  ,
159  self::ACTION_RECORD_EXPORT
160  ,
161  self::ACTION_RECORD_TOGGLE_ACTIVATION
162  ,
163  self::ACTION_RECORD_EDIT_FIELDS
164  ,
165  self::ACTION_RECORD_FIELD_POSITIONS
166  ,
167  self::ACTION_RECORD_CREATE_FIELD
168  ),
169  "subactions" => array(
170  self::ACTION_RECORD_EDIT_PROPERTY =>
171  array(
172  self::SUBACTION_RECORD_TITLE
173  ,
174  self::SUBACTION_RECORD_DESCRIPTION
175  ,
176  self::SUBACTION_RECORD_OBJECT_TYPES
177  )
178  )
179  ),
180  self::CONTEXT_FIELD => array(
181  "actions" => array(
182  self::ACTION_FIELD_EDIT,
183  self::ACTION_FIELD_DELETE
184  ),
185  "subactions" => array(
186  self::ACTION_FIELD_EDIT_PROPERTY =>
187  array(
188  self::SUBACTION_FIELD_TITLE
189  ,
190  self::SUBACTION_FIELD_DESCRIPTION
191  ,
192  self::SUBACTION_FIELD_SEARCHABLE
193  ,
194  self::SUBACTION_FIELD_PROPERTIES
195  )
196  )
197  ),
198  self::CONTEXT_SUBSTITUTION => array(
199  "actions" => array(
200  self::ACTION_SUBSTITUTION_SHOW_DESCRIPTION
201  ,
202  self::ACTION_SUBSTITUTION_SHOW_FIELDNAMES
203  ,
204  self::ACTION_SUBSTITUTION_FIELD_POSITIONS
205  )
206  ),
207  self::CONTEXT_SUBSTITUTION_COURSE => array(
208  "actions" => array(
209  self::ACTION_SUBSTITUTION_COURSE_SHOW_FIELD
210  ),
211  "subactions" => array(
212  self::ACTION_SUBSTITUTION_COURSE_EDIT_FIELD_PROPERTY =>
213  array(
214  self::SUBACTION_SUBSTITUTION_BOLD
215  ,
216  self::SUBACTION_SUBSTITUTION_NEWLINE
217  )
218  )
219  ),
220  self::CONTEXT_SUBSTITUTION_CATEGORY => array(
221  "actions" => array(
222  self::ACTION_SUBSTITUTION_CATEGORY_SHOW_FIELD
223  ),
224  "subactions" => array(
225  self::ACTION_SUBSTITUTION_CATEGORY_EDIT_FIELD_PROPERTY =>
226  array(
227  self::SUBACTION_SUBSTITUTION_BOLD
228  ,
229  self::SUBACTION_SUBSTITUTION_NEWLINE
230  )
231  )
232  ),
233  self::CONTEXT_SUBSTITUTION_SESSION => array(
234  "actions" => array(
235  self::ACTION_SUBSTITUTION_SESSION_SHOW_FIELD
236  ),
237  "subactions" => array(
238  self::ACTION_SUBSTITUTION_SESSION_EDIT_FIELD_PROPERTY =>
239  array(
240  self::SUBACTION_SUBSTITUTION_BOLD
241  ,
242  self::SUBACTION_SUBSTITUTION_NEWLINE
243  )
244  )
245  ),
246  self::CONTEXT_SUBSTITUTION_GROUP => array(
247  "actions" => array(
248  self::ACTION_SUBSTITUTION_GROUP_SHOW_FIELD
249  ),
250  "subactions" => array(
251  self::ACTION_SUBSTITUTION_GROUP_EDIT_FIELD_PROPERTY =>
252  array(
253  self::SUBACTION_SUBSTITUTION_BOLD
254  ,
255  self::SUBACTION_SUBSTITUTION_NEWLINE
256  )
257  )
258  ),
259  self::CONTEXT_SUBSTITUTION_IASS => array(
260  "actions" => array(
261  self::ACTION_SUBSTITUTION_IASS_SHOW_FIELD
262  ),
263  "subactions" => array(
264  self::ACTION_SUBSTITUTION_IASS_EDIT_FIELD_PROPERTY =>
265  array(
266  self::SUBACTION_SUBSTITUTION_BOLD
267  ,
268  self::SUBACTION_SUBSTITUTION_NEWLINE
269  )
270  )
271  ),
272  self::CONTEXT_SUBSTITUTION_EXERCISE => array(
273  "actions" => array(
274  self::ACTION_SUBSTITUTION_EXERCISE_SHOW_FIELD
275  ),
276  "subactions" => array(
277  self::ACTION_SUBSTITUTION_EXERCISE_EDIT_FIELD_PROPERTY =>
278  array(
279  self::SUBACTION_SUBSTITUTION_BOLD
280  ,
281  self::SUBACTION_SUBSTITUTION_NEWLINE
282  )
283  )
284  ),
285  self::CONTEXT_SUBSTITUTION_PRG => array(
286  "actions" => array(
287  self::ACTION_SUBSTITUTION_PRG_SHOW_FIELD
288  ),
289  "subactions" => array(
290  self::ACTION_SUBSTITUTION_PRG_EDIT_FIELD_PROPERTY =>
291  array(
292  self::SUBACTION_SUBSTITUTION_BOLD
293  ,
294  self::SUBACTION_SUBSTITUTION_NEWLINE
295  )
296  )
297  ),
298  self::CONTEXT_SUBSTITUTION_ORG_UNIT => [
299  "actions" => [
300  self::ACTION_SUBSTITUTION_ORG_UNIT_SHOW_FIELD
301  ],
302  "subactions" => [
303  self::ACTION_SUBSTITUTION_ORG_UNIT_EDIT_FIELD_PROPERTY =>
304  [
305  self::SUBACTION_SUBSTITUTION_BOLD
306  ,
307  self::SUBACTION_SUBSTITUTION_NEWLINE
308  ]
309  ]
310  ]
311  );
312  }
313 
314  // plugins
315 
316  protected function getActivePlugins(): Generator
317  {
318  global $DIC;
319 
320  $component_factory = $DIC['component.factory'];
321  yield from $component_factory->getActivePluginsInSlot("amdc");
322  }
323 
324  protected function checkPermission(
325  int $a_context_type,
326  string $a_context_id,
327  int $a_action_id,
328  ?int $a_action_sub_id = null
329  ): bool {
330  global $DIC;
331 
332  $ilAccess = $DIC['ilAccess'];
333 
334  if (!$this->checkPlugins($a_context_type, $a_context_id, $a_action_id, $a_action_sub_id)) {
335  return false;
336  }
337 
338  // export is considered read-action
339  if ($a_context_type == ilAdvancedMDPermissionHelper::CONTEXT_RECORD &&
340  $a_action_id == ilAdvancedMDPermissionHelper::ACTION_RECORD_EXPORT) {
341  return $ilAccess->checkAccessOfUser($this->getUserId(), "read", "", $this->getRefId());
342  }
343 
344  return $this->checkRBAC();
345  }
346 }
$res
$res
Definition: ltiservices.php:69
ilClaimingPermissionHelper
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilClaimingPermissionHelper.php:25
$DIC
global $DIC
Definition: feed.php:28
ilAdvancedMDPermissionHelper
Advanced metadata permission helper.
Definition: class.ilAdvancedMDPermissionHelper.php:27
ilClaimingPermissionHelper\checkRBAC
checkRBAC()
Check permission against RBAC.
Definition: class.ilClaimingPermissionHelper.php:201
ilClaimingPermissionHelper\checkPlugins
checkPlugins(int $a_context_type, string $a_context_id, int $a_action_id, ?int $a_action_sub_id=null)
Check permission against plugins.
Definition: class.ilClaimingPermissionHelper.php:218
ilAdvancedMDPermissionHelper\checkPermission
checkPermission(int $a_context_type, string $a_context_id, int $a_action_id, ?int $a_action_sub_id=null)
Definition: class.ilAdvancedMDPermissionHelper.php:324