ILIAS  release_9 Revision v9.13-25-g2c18ec4c24f
class.ilObjDataCollectionAccess.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
21 class ilObjDataCollectionAccess extends ilObjectAccess
22 {
33  public static function _getCommands(): array
34  {
35  $commands = [
36  ["permission" => "read", "cmd" => "render", "lang_var" => "show", "default" => true],
37  ["permission" => "write", "cmd" => "listRecords", "lang_var" => "edit_content"],
38  ["permission" => "write", "cmd" => "edit", "lang_var" => "settings"],
39  ];
40 
41  return $commands;
42  }
43 
47  public static function _checkGoto(string $target): bool
48  {
49  global $DIC;
50  $ilAccess = $DIC['ilAccess'];
51 
52  $t_arr = explode("_", $target);
53  $ref_id = (int) $t_arr[1];
54 
55  if ($t_arr[0] != "dcl" || $ref_id <= 0) {
56  return false;
57  }
58 
59  if ($ilAccess->checkAccess("read", "", $ref_id) ||
60  $ilAccess->checkAccess("visible", "", $ref_id)) {
61  return true;
62  }
63 
64  return false;
65  }
66 
67  protected static function isTableInDataCollection(ilDclTable $table, int $ref_id): bool
68  {
69  if ($table->getObjId() !== null) {
70  foreach (ilObjDataCollection::_getAllReferences($table->getObjId()) as $reference) {
71  if ($reference == $ref_id) {
72  return true;
73  }
74  }
75  }
76 
77  return false;
78  }
79 
80  public function _checkAccess(string $cmd, string $permission, int $ref_id, int $obj_id, ?int $user_id = null): bool
81  {
82  global $DIC;
83  $ilUser = $DIC['ilUser'];
84  $lng = $DIC['lng'];
85  $rbacsystem = $DIC['rbacsystem'];
86  $ilAccess = $DIC['ilAccess'];
87 
88  if (is_null($user_id) === true) {
89  $user_id = $ilUser->getId();
90  }
91 
92  switch ($cmd) {
93  case "view":
94 
95  if (!ilObjDataCollectionAccess::_lookupOnline($obj_id)
96  && !$rbacsystem->checkAccessOfUser($user_id, 'write', $ref_id)
97  ) {
98  $ilAccess->addInfoItem(ilAccessInfo::IL_NO_OBJECT_ACCESS, $lng->txt("offline"));
99 
100  return false;
101  }
102  break;
103 
104  // for permission query feature
105  case "infoScreen":
106  if (!ilObjDataCollectionAccess::_lookupOnline($obj_id)) {
107  $ilAccess->addInfoItem(ilAccessInfo::IL_NO_OBJECT_ACCESS, $lng->txt("offline"));
108  } else {
109  $ilAccess->addInfoItem(ilAccessInfo::IL_STATUS_MESSAGE, $lng->txt("online"));
110  }
111  break;
112  }
113  switch ($permission) {
114  case "read":
115  case "visible":
116  if (!ilObjDataCollectionAccess::_lookupOnline($obj_id)
117  && (!$rbacsystem->checkAccessOfUser($user_id, 'write', $ref_id))
118  ) {
119  $ilAccess->addInfoItem(ilAccessInfo::IL_NO_OBJECT_ACCESS, $lng->txt("offline"));
120 
121  return false;
122  }
123  break;
124  }
125 
126  return true;
127  }
128 
133  public static function _lookupOnline(int $a_id): bool
134  {
135  global $DIC;
136  $ilDB = $DIC->database();
137 
138  $q = "SELECT * FROM il_dcl_data WHERE id = " . $ilDB->quote($a_id, "integer");
139  $dcl_set = $ilDB->query($q);
140  $dcl_rec = $ilDB->fetchAssoc($dcl_set);
141 
142  return !is_null($dcl_rec) && $dcl_rec["is_online"];
143  }
144 
145  //
146  // DataCollection specific Access-Checks
147  //
148 
154  public static function checkAccessForDataCollectionId(int $data_collection_id): bool
155  {
156  global $DIC;
157  $ilAccess = $DIC['ilAccess'];
158 
159  $perm = false;
160  $references = ilObject2::_getAllReferences($data_collection_id);
161 
162  if ($ilAccess->checkAccess("add_entry", "", array_shift($references))) {
163  $perm = true;
164  }
165 
166  return $perm;
167  }
168 
169  public static function checkActionForObjId(string $action, int $obj_id): bool
170  {
171  foreach (ilObject2::_getAllReferences($obj_id) as $ref_id) {
172  if (self::checkActionForRefId($action, $ref_id)) {
173  return true;
174  }
175  }
176 
177  return false;
178  }
179 
180  public static function checkActionForRefId(string $action, int $ref_id): bool
181  {
182  global $DIC;
183  $ilAccess = $DIC['ilAccess'];
184 
189  return $ilAccess->checkAccess($action, "", $ref_id);
190  }
191 
196  public static function hasWriteAccess(int $ref, ?int $user_id = 0): bool
197  {
198  global $DIC;
199  $ilAccess = $DIC['ilAccess'];
200 
201  if ($user_id) {
202  return $ilAccess->checkAccessOfUser($user_id, "write", "", $ref);
203  }
204 
205  return $ilAccess->checkAccess("write", "", $ref);
206  }
207 
208  public static function hasEditAccess(int $ref, ?int $user_id = 0): bool
209  {
210  global $DIC;
211  $ilAccess = $DIC['ilAccess'];
212 
213  if ($user_id) {
214  return $ilAccess->checkAccessOfUser($user_id, "write", "", $ref);
215  }
216 
217  return $ilAccess->checkAccess("edit_content", "", $ref);
218  }
219 
224  public static function hasAddRecordAccess(int $ref, ?int $user_id = 0): bool
225  {
226  global $DIC;
227  $ilAccess = $DIC['ilAccess'];
228 
229  if ($user_id) {
230  return $ilAccess->checkAccessOfUser($user_id, "write", "", $ref);
231  }
232 
233  return $ilAccess->checkAccess("add_entry", "", $ref);
234  }
235 
240  public static function hasReadAccess(int $ref, ?int $user_id = 0): bool
241  {
242  global $DIC;
243  $ilAccess = $DIC['ilAccess'];
244 
245  if ($user_id) {
246  return $ilAccess->checkAccessOfUser($user_id, "write", "", $ref);
247  }
248 
249  return $ilAccess->checkAccess("read", "", $ref);
250  }
251 
252  public static function hasAccessToTableView(ilDclTableView $tableview, ?int $user_id = 0): bool
253  {
254  global $DIC;
255  $rbacreview = $DIC['rbacreview'];
256  $ilUser = $DIC['ilUser'];
257 
258  $assigned_roles = $rbacreview->assignedRoles($user_id ?: $ilUser->getId());
259  $allowed_roles = $tableview->getRoles();
260 
261  return !empty(array_intersect($assigned_roles, $allowed_roles));
262  }
263 
264  protected static function hasAccessToTable(int $table_id, int $ref_id): bool
265  {
266  $table = ilDclCache::getTableCache($table_id);
267  return self::hasWriteAccess($ref_id) || $table->getIsVisible();
268  }
269 
270  public static function hasAccessTo(int $ref_id, int $table_id, int $tableview_id): bool
271  {
273  $tableview = ilDclTableView::find($tableview_id);
274  $table = ilDclCache::getTableCache($table_id);
275 
276  // is tableview in table and is table in datacollection
277  if (($tableview->getTableId() !== $table_id)
278  || !self::isTableInDataCollection($table, $ref_id)
279  ) {
280  return false;
281  }
282 
283  // check access
284  return self::hasWriteAccess($ref_id)
285  || (
286  self::hasReadAccess($ref_id) && self::hasAccessToTable($table_id, $ref_id) && self::hasAccessToTableView($tableview)
287  );
288  }
289 
290  public static function hasAccessToFields(int $ref_id, int $table_id): bool
291  {
292  return self::isTableInDataCollection(ilDclCache::getTableCache($table_id), $ref_id)
293  && (self::hasWriteAccess($ref_id));
294  }
295 
296  public static function hasAccessToEditTable(int $ref_id, int $table_id): bool
297  {
298  return self::hasAccessToFields($ref_id, $table_id);
299  }
300 
301  public static function hasAccessToField(int $ref_id, int $table_id, int $field_id): bool
302  {
303  $table = ilDclCache::getTableCache($table_id);
304 
305  return in_array($field_id, $table->getFieldIds()) && self::hasAccessToFields($ref_id, $table_id);
306  }
307 
308  public static function hasPermissionToAddRecord(int $ref_id, int $table_id): bool
309  {
310  $table = ilDclCache::getTableCache($table_id);
311  if (!self::isTableInDataCollection($table, $ref_id)) {
312  return false;
313  }
314 
315  return ilObjDataCollectionAccess::hasWriteAccess($ref_id)
316  || (ilObjDataCollectionAccess::hasAddRecordAccess($ref_id) && $table->getAddPerm() && $table->checkLimit());
317  }
318 }
ilObjDataCollectionAccess\hasAccessToTableView
static hasAccessToTableView(ilDclTableView $tableview, ?int $user_id=0)
Definition: class.ilObjDataCollectionAccess.php:252
ilObjDataCollectionAccess\hasAddRecordAccess
static hasAddRecordAccess(int $ref, ?int $user_id=0)
Definition: class.ilObjDataCollectionAccess.php:224
ilObject\_getAllReferences
static _getAllReferences(int $id)
get all reference ids for object ID
Definition: class.ilObject.php:813
ilObjDataCollectionAccess\_getCommands
static _getCommands()
get commands this method returns an array of all possible commands/permission combinations example: $...
Definition: class.ilObjDataCollectionAccess.php:33
$DIC
global $DIC
Definition: feed.php:28
ilObjDataCollectionAccess\hasAccessToFields
static hasAccessToFields(int $ref_id, int $table_id)
Definition: class.ilObjDataCollectionAccess.php:290
$ref_id
$ref_id
Definition: ltiauth.php:67
ilDclCache\getTableCache
static getTableCache(int $table_id=null)
Definition: class.ilDclCache.php:131
$lng
$lng
Definition: save_question_post_data.php:24
ilObjDataCollectionAccess\_checkAccess
_checkAccess(string $cmd, string $permission, int $ref_id, int $obj_id, ?int $user_id=null)
Definition: class.ilObjDataCollectionAccess.php:80
ilObjDataCollectionAccess\isTableInDataCollection
static isTableInDataCollection(ilDclTable $table, int $ref_id)
Definition: class.ilObjDataCollectionAccess.php:67
ilObjDataCollectionAccess\hasAccessToField
static hasAccessToField(int $ref_id, int $table_id, int $field_id)
Definition: class.ilObjDataCollectionAccess.php:301
ilObjDataCollectionAccess\hasWriteAccess
static hasWriteAccess(int $ref, ?int $user_id=0)
Definition: class.ilObjDataCollectionAccess.php:196
ilObjDataCollectionAccess\_checkGoto
static _checkGoto(string $target)
check whether goto script will succeed
Definition: class.ilObjDataCollectionAccess.php:47
ilObjDataCollectionAccess\hasAccessToTable
static hasAccessToTable(int $table_id, int $ref_id)
Definition: class.ilObjDataCollectionAccess.php:264
$q
$q
Definition: shib_logout.php:21
ilObjDataCollectionAccess\hasReadAccess
static hasReadAccess(int $ref, ?int $user_id=0)
Definition: class.ilObjDataCollectionAccess.php:240
ilObjDataCollectionAccess\hasPermissionToAddRecord
static hasPermissionToAddRecord(int $ref_id, int $table_id)
Definition: class.ilObjDataCollectionAccess.php:308
ilObjDataCollectionAccess\hasAccessToEditTable
static hasAccessToEditTable(int $ref_id, int $table_id)
Definition: class.ilObjDataCollectionAccess.php:296
ilObjDataCollectionAccess\hasEditAccess
static hasEditAccess(int $ref, ?int $user_id=0)
Definition: class.ilObjDataCollectionAccess.php:208
ilObjDataCollectionAccess\checkAccessForDataCollectionId
static checkAccessForDataCollectionId(int $data_collection_id)
Definition: class.ilObjDataCollectionAccess.php:154
ilObjDataCollectionAccess\_lookupOnline
static _lookupOnline(int $a_id)
Check wether datacollection is online.
Definition: class.ilObjDataCollectionAccess.php:133
ilObjDataCollectionAccess\checkActionForObjId
static checkActionForObjId(string $action, int $obj_id)
Definition: class.ilObjDataCollectionAccess.php:169