ILIAS  release_8 Revision v8.24
class.ilIndividualAssessmentAccessHandler.php
Go to the documentation of this file.
1<?php
2
3declare(strict_types=1);
4
24class ilIndividualAssessmentAccessHandler implements IndividualAssessmentAccessHandler
25{
26 public const DEFAULT_ROLE = 'il_iass_member';
27
28 protected ilObjIndividualAssessment $iass;
29 protected ilAccessHandler $handler;
30 protected ilRbacAdmin $admin;
31 protected ilRbacReview $review;
32 protected ilObjUser $usr;
33
34 public function __construct(
35 ilObjIndividualAssessment $iass,
36 ilAccessHandler $handler,
37 ilRbacAdmin $admin,
38 ilRbacReview $review,
39 ilObjUser $usr
40 ) {
41 $this->iass = $iass;
42 $this->handler = $handler;
43 $this->admin = $admin;
44 $this->review = $review;
45 $this->usr = $usr;
46 }
47
51 public function checkRBACAccessToObj(string $operation): bool
52 {
53 return $this->isSystemAdmin() || $this->handler->checkAccessOfUser($this->usr->getId(), $operation, '', $this->iass->getRefId(), 'iass');
54 }
55
56 public function checkRBACOrPositionAccessToObj(string $operation)
57 {
58 if ($this->isSystemAdmin()) {
59 return true;
60 }
61
62 if ($operation == "read_learning_progress") {
63 return $this->handler->checkRbacOrPositionPermissionAccess(
64 "read_learning_progress",
65 "read_learning_progress",
66 $this->iass->getRefId()
67 );
68 }
69
70 if ($operation == "edit_learning_progress") {
71 return $this->handler->checkRbacOrPositionPermissionAccess(
72 "edit_learning_progress",
73 "write_learning_progress",
74 $this->iass->getRefId()
75 );
76 }
77
78 throw new \LogicException("Unknown rbac/position-operation: $operation");
79 }
80
84 public function initDefaultRolesForObject(ilObjIndividualAssessment $iass): void
85 {
86 ilObjRole::createDefaultRole(
87 $this->getRoleTitleByObj($iass),
88 "Admin of iass obj_no." . $iass->getId(),
89 self::DEFAULT_ROLE,
90 $iass->getRefId()
91 );
92 }
93
97 public function assignUserToMemberRole(ilObjUser $usr, ilObjIndividualAssessment $iass): bool
98 {
99 $this->admin->assignUser($this->getMemberRoleIdForObj($iass), $usr->getId());
100 return true;
101 }
102
106 public function deassignUserFromMemberRole(ilObjUser $usr, ilObjIndividualAssessment $iass): bool
107 {
108 $this->admin->deassignUser($this->getMemberRoleIdForObj($iass), $usr->getId());
109 return true;
110 }
111
112 protected function getRoleTitleByObj(ilObjIndividualAssessment $iass): string
113 {
114 return self::DEFAULT_ROLE . '_' . $iass->getRefId();
115 }
116
120 protected function getMemberRoleIdForObj(ilObjIndividualAssessment $iass)
121 {
122 return current($this->review->getLocalRoles($iass->getRefId()));
123 }
124
125 public function mayReadObject(): bool
126 {
127 return $this->checkRBACAccessToObj('read');
128 }
129
130 public function mayEditObject(): bool
131 {
132 return $this->checkRBACAccessToObj('write');
133 }
134
135 public function mayEditPermissions(): bool
136 {
137 return $this->checkRBACAccessToObj('edit_permission');
138 }
139
140 public function mayEditMembers(): bool
141 {
142 return $this->checkRBACAccessToObj('edit_members');
143 }
144
145 public function mayViewAnyUser(): bool
146 {
147 return $this->mayViewAllUsers()
148 || $this->checkRBACOrPositionAccessToObj('read_learning_progress')
149 || $this->checkRBACOrPositionAccessToObj('edit_learning_progress');
150 }
151
152 public function mayViewAllUsers(): bool
153 {
154 return $this->checkRBACAccessToObj('read_learning_progress');
155 }
156
157 public function mayGradeAnyUser(): bool
158 {
159 return $this->mayGradeAllUsers() || $this->checkRBACOrPositionAccessToObj('edit_learning_progress');
160 }
161
162 public function mayGradeAllUsers(): bool
163 {
164 return $this->checkRBACAccessToObj('edit_learning_progress');
165 }
166
167 public function mayGradeUser(int $user_id): bool
168 {
169 return
170 $this->mayGradeAllUsers() ||
171 (count(
172 $this->handler->filterUserIdsByRbacOrPositionOfCurrentUser(
173 "edit_learning_progress",
174 "write_learning_progress",
175 $this->iass->getRefId(),
176 [$user_id]
177 )
178 ) > 0);
179 }
180
181 public function mayViewUser(int $user_id): bool
182 {
183 return
184 $this->mayViewAllUsers() ||
185 (count(
186 $this->handler->filterUserIdsByRbacOrPositionOfCurrentUser(
187 "read_learning_progress",
188 "read_learning_progress",
189 $this->iass->getRefId(),
190 [$user_id]
191 )
192 ) > 0);
193 }
194
195 public function mayAmendAllUsers(): bool
196 {
197 return $this->checkRBACAccessToObj('amend_grading');
198 }
199
200 public function isSystemAdmin(): bool
201 {
202 return $this->review->isAssigned($this->usr->getId(), SYSTEM_ROLE_ID);
203 }
204}
ilIndividualAssessmentAccessHandler
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilIndividualAssessmentAccessHandler.php:25
ilIndividualAssessmentAccessHandler\initDefaultRolesForObject
initDefaultRolesForObject(ilObjIndividualAssessment $iass)
Create default roles at an object.
Definition: class.ilIndividualAssessmentAccessHandler.php:84
ilIndividualAssessmentAccessHandler\assignUserToMemberRole
assignUserToMemberRole(ilObjUser $usr, ilObjIndividualAssessment $iass)
Assign a user to the member role at an Individual assessment.
Definition: class.ilIndividualAssessmentAccessHandler.php:97
ilIndividualAssessmentAccessHandler\__construct
__construct(ilObjIndividualAssessment $iass, ilAccessHandler $handler, ilRbacAdmin $admin, ilRbacReview $review, ilObjUser $usr)
Definition: class.ilIndividualAssessmentAccessHandler.php:34
ilIndividualAssessmentAccessHandler\deassignUserFromMemberRole
deassignUserFromMemberRole(ilObjUser $usr, ilObjIndividualAssessment $iass)
Deasign a user from the member role at an Individual assessment.
Definition: class.ilIndividualAssessmentAccessHandler.php:106
ilObjIndividualAssessment
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilObjIndividualAssessment.php:27
ilObjRole\createDefaultRole
static createDefaultRole(string $a_title, string $a_description, string $a_tpl_name, int $a_ref_id)
Definition: class.ilObjRole.php:59
ilObjUser
User class.
Definition: class.ilObjUser.php:28
ilRbacAdmin
Class ilRbacAdmin Core functions for role based access control.
Definition: class.ilRbacAdmin.php:31
ilRbacReview
class ilRbacReview Contains Review functions of core Rbac.
Definition: class.ilRbacReview.php:34
SYSTEM_ROLE_ID
const SYSTEM_ROLE_ID
Definition: constants.php:29
IndividualAssessmentAccessHandler
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: interface.IndividualAssessmentAccessHandler.php:25
ilAccessHandler
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: interface.ilAccessHandler.php:27