ILIAS  trunk Revision v11.0_alpha-3011-gc6b235a2e85
class.ilBadgeWAC.php
Go to the documentation of this file.
1<?php
2
19class ilBadgeWAC implements ilWACCheckingClass
20{
21 public function canBeDelivered(ilWACPath $ilWACPath): bool
22 {
23 global $DIC;
24
25 if (strpos($ilWACPath->getPath(), '..') !== false) {
26 return false;
27 }
28
29 if (!preg_match('@ilBadge\/(\d+\/)*?badge(tmpl)?_(\d+)\/@ui', $ilWACPath->getPath())) {
30 return false;
31 }
32
33 $obj_id = array_keys(ilObject::_getObjectsByType('bdga'))[0] ?? null;
34 $admin_ref_id = null;
35 if ($obj_id > 0) {
36 $admin_ref_id = array_values(ilObject::_getAllReferences($obj_id))[0] ?? null;
37 }
38
39 $has_global_badge_administration_access = (
40 $admin_ref_id > 0 &&
41 $DIC->rbac()->system()->checkAccessOfUser($DIC->user()->getId(), 'read', $admin_ref_id)
42 );
43
44 if (preg_match('@\/badgetmpl_(\d+)\/@ui', $ilWACPath->getPath())) {
45 // Badge template images must only be accessible for accounts with `read` permission on the badge administration node
46 return $has_global_badge_administration_access;
47 }
48
49 if (preg_match('@\/badge_(\d+)\/@ui', $ilWACPath->getPath(), $matches)) {
50 if ($has_global_badge_administration_access) {
51 return true;
52 }
53
54 $badge_id = (int) $matches[1];
55
56 return (
57 $this->isAssignedBadge($DIC, $badge_id) ||
58 $this->isAssignedBadgeOfPublishedUserProfile($DIC, $badge_id) ||
59 $this->hasAccessToBadgeParentIdNode($DIC, $badge_id, $has_global_badge_administration_access)
60 );
61 }
62
63 return false;
64 }
65
66 private function hasAccessToBadgeParentIdNode(
67 \ILIAS\DI\Container $DIC,
68 int $badge_id,
69 bool $has_global_badge_administration_access
70 ): bool {
71 // If the acting user still does not have access, check if the image is used in an object badge type
72 $badge = new ilBadge($badge_id);
73 if ($badge->getParentId() > 0) {
74 return false;
75 }
76
77 $badge_handler = ilBadgeHandler::getInstance();
78 if (!$badge_handler->isObjectActive((int) $badge->getParentId())) {
79 return false;
80 }
81
82 $context_ref_id = array_values(ilObject::_getAllReferences((int) $badge->getParentId()))[0] ?? null;
83 if (!($context_ref_id > 0)) {
84 return false;
85 }
86
87 $context_ref_id = (int) $context_ref_id;
88 if ($DIC->repositoryTree()->isGrandChild((int) SYSTEM_FOLDER_ID, $context_ref_id)) {
89 $has_access = $has_global_badge_administration_access;
90 } else {
91 $has_access = $DIC->access()->checkAccessOfUser(
92 $DIC->user()->getId(),
93 'write',
94 '',
95 $context_ref_id
96 );
97 }
98
99 return $has_access;
100 }
101
102 private function isAssignedBadge(\ILIAS\DI\Container $DIC, int $badge_id): bool
103 {
104 // First, check all badge assignments of the current user for a match
105 $badges_of_user = ilBadgeAssignment::getInstancesByUserId($DIC->user()->getId());
106 foreach ($badges_of_user as $user_badge) {
107 if ((int) $user_badge->getBadgeId() === $badge_id) {
108 return true;
109 }
110 }
111
112 return false;
113 }
114
115 private function isAssignedBadgeOfPublishedUserProfile(\ILIAS\DI\Container $DIC, int $badge_id): bool
116 {
117 // It seems the badge is not assigned to the curent user, so check if the profile of the badge user is made visible
118 $assignments = ilBadgeAssignment::getInstancesByBadgeId($badge_id);
119 foreach ($assignments as $assignment) {
120 if (!$assignment->getPosition()) {
121 continue;
122 }
123
124 $user = ilObjectFactory::getInstanceByObjId((int) $assignment->getUserId(), false);
125 if (!$user instanceof ilObjUser) {
126 continue;
127 }
128
129 $profile_visibility = $user->getPref('public_profile');
130 if ($profile_visibility === 'g' || ($profile_visibility === 'y' && !$DIC->user()->isAnonymous())) {
131 return true;
132 }
133 }
134
135 return false;
136 }
137}
ilBadgeAssignment\getInstancesByBadgeId
static getInstancesByBadgeId(int $a_badge_id)
Definition: class.ilBadgeAssignment.php:125
ilBadgeAssignment\getInstancesByUserId
static getInstancesByUserId(int $a_user_id)
Definition: class.ilBadgeAssignment.php:101
ilBadgeWAC
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilBadgeWAC.php:20
ilBadgeWAC\canBeDelivered
canBeDelivered(ilWACPath $ilWACPath)
Definition: class.ilBadgeWAC.php:21
ilBadgeWAC\isAssignedBadgeOfPublishedUserProfile
isAssignedBadgeOfPublishedUserProfile(\ILIAS\DI\Container $DIC, int $badge_id)
Definition: class.ilBadgeWAC.php:115
ilBadgeWAC\hasAccessToBadgeParentIdNode
hasAccessToBadgeParentIdNode(\ILIAS\DI\Container $DIC, int $badge_id, bool $has_global_badge_administration_access)
Definition: class.ilBadgeWAC.php:66
ilBadgeWAC\isAssignedBadge
isAssignedBadge(\ILIAS\DI\Container $DIC, int $badge_id)
Definition: class.ilBadgeWAC.php:102
ilObjUser
User class.
Definition: class.ilObjUser.php:46
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId(?int $obj_id, bool $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:84
ilObject\_getAllReferences
static _getAllReferences(int $id)
get all reference ids for object ID
Definition: class.ilObject.php:826
ilObject\_getObjectsByType
static _getObjectsByType(string $obj_type="", ?int $owner=null)
Definition: class.ilObject.php:1490
ilWACPath
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilWACPath.php:27
SYSTEM_FOLDER_ID
const SYSTEM_FOLDER_ID
Definition: constants.php:35
ilWACCheckingClass
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: interface.ilWACCheckingClass.php:26
DI
Class HTTPServicesTest.
ILIAS
Interface Observer \BackgroundTasks Contains several chained tasks and infos about them.
Definition: AccessControl.php:21
$DIC
global $DIC
Definition: shib_login.php:26