ILIAS  trunk Revision v11.0_alpha-3011-gc6b235a2e85
ilOrgUnitPositionAccess Class Reference

This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Learning e.V. More...

+ Inheritance diagram for ilOrgUnitPositionAccess:
+ Collaboration diagram for ilOrgUnitPositionAccess:

Public Member Functions

 __construct (ilAccess $access)
 
 filterUserIdsForCurrentUsersPositionsAndPermission (array $user_ids, string $permission)
 
 filterUserIdsForUsersPositionsAndPermission (array $user_ids, int $for_user_id, string $permission)
 
 isCurrentUserBasedOnPositionsAllowedTo (string $permission, array $on_user_ids)
 
 isUserBasedOnPositionsAllowedTo (int $which_user_id, string $permission, array $on_user_ids)
 
 filterUserIdsByPositionOfCurrentUser (string $pos_perm, int $ref_id, array $user_ids)
 
 filterUserIdsByPositionOfUser (int $user_id, string $pos_perm, int $ref_id, array $user_ids)
 
 checkPositionAccess (string $pos_perm, int $ref_id)
 
 hasCurrentUserAnyPositionAccess (int $ref_id)
 
 checkRbacOrPositionPermissionAccess (string $rbac_perm, string $pos_perm, int $ref_id)
 
 filterUserIdsByRbacOrPositionOfCurrentUser (string $rbac_perm, string $pos_perm, int $ref_id, array $user_ids)
 
 hasUserRBACorAnyPositionAccess (string $rbac_perm, int $ref_id)
 
 filterUserIdsForCurrentUsersPositionsAndPermission (array $user_ids, string $permission)
 
 filterUserIdsForUsersPositionsAndPermission (array $user_ids, int $for_user_id, string $permission)
 
 isCurrentUserBasedOnPositionsAllowedTo (string $permission, array $on_user_ids)
 
 isUserBasedOnPositionsAllowedTo (int $which_user_id, string $permission, array $on_user_ids)
 
 checkPositionAccess (string $pos_perm, int $ref_id)
 
 hasCurrentUserAnyPositionAccess (int $ref_id)
 
 filterUserIdsByPositionOfCurrentUser (string $pos_perm, int $ref_id, array $user_ids)
 
 filterUserIdsByPositionOfUser (int $user_id, string $pos_perm, int $ref_id, array $user_ids)
 
 checkRbacOrPositionPermissionAccess (string $rbac_perm, string $pos_perm, int $ref_id)
 
 filterUserIdsByRbacOrPositionOfCurrentUser (string $rbac_perm, string $pos_perm, int $ref_id, array $user_ids)
 
 hasUserRBACorAnyPositionAccess (string $rbac_perm, int $ref_id)
 

Protected Attributes

ilOrgUnitUserAssignmentDBRepository $assignmentRepo
 
ilOrgUnitOperationDBRepository $operationRepo
 
ilOrgUnitPermissionDBRepository $permissionRepo
 

Static Protected Attributes

static array $ref_id_obj_type_map = array()
 

Private Member Functions

 getCurrentUsersId ()
 
 getTypeForRefId (int $ref_id)
 
 getObjIdForRefId (int $ref_id)
 
 isPositionActiveForRefId (int $ref_id)
 

Private Attributes

ilOrgUnitGlobalSettings $set
 
ilAccess $access
 
ilObjUser $user
 

Detailed Description

This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Learning e.V.

ILIAS is licensed with the GPL-3.0, see https://www.gnu.org/licenses/gpl-3.0.en.html You should have received a copy of said license along with the source code, too.

If this is not the case or you just want to try ILIAS, you'll find us at: https://www.ilias.de https://github.com/ILIAS-eLearning Class ilOrgUnitPositionAccess

Author
Fabian Schmid fs@st.nosp@m.uder.nosp@m.-raim.nosp@m.ann..nosp@m.ch

Definition at line 23 of file class.ilOrgUnitPositionAccess.php.

Constructor & Destructor Documentation

◆ __construct()

ilOrgUnitPositionAccess::__construct ( ilAccess  $access)

Definition at line 33 of file class.ilOrgUnitPositionAccess.php.

34 {
35 global $DIC;
37 $this->access = $access;
38 $this->user = $DIC->user();
39
41 $this->assignmentRepo = $dic["repo.UserAssignments"];
42 $this->operationRepo = $dic["repo.Operations"];
43 $this->permissionRepo = $dic["repo.Permissions"];
44 }
$dic
Definition: ltiresult.php:33
global $DIC
Definition: shib_login.php:26

References $access, $DIC, $dic, ILIAS\Repository\access(), ilOrgUnitLocalDIC\dic(), ilOrgUnitGlobalSettings\getInstance(), and ILIAS\Repository\user().

+ Here is the call graph for this function:

Member Function Documentation

◆ checkPositionAccess()

ilOrgUnitPositionAccess::checkPositionAccess ( string  $pos_perm,
int  $ref_id 
)
Parameters
string$pos_perm
int$ref_idReference-ID of the desired Object in the tree
Returns
bool
See also
getAvailablePositionRelatedPermissions for available permissions

Implements ilOrgUnitPositionAccessHandler.

Definition at line 183 of file class.ilOrgUnitPositionAccess.php.

183 : bool
184 {
185 if (!$this->isPositionActiveForRefId($ref_id)) {
186 return false;
187 }
188
189 $operation = $this->operationRepo->find($pos_perm, $this->getTypeForRefId($ref_id));
190 if (!$operation) {
191 return false;
192 }
193 $current_user_id = $this->getCurrentUsersId();
194
195 foreach ($this->assignmentRepo->getPositionsByUser($current_user_id) as $position) {
196 $permissions = $this->permissionRepo->getLocalorDefault($ref_id, $position->getId());
197 if ($permissions->isOperationIdSelected($operation->getOperationId())) {
198 return true;
199 }
200 }
201
202 return false;
203 }
$ref_id
Definition: ltiauth.php:66

References $ref_id.

Referenced by ilAccess\checkPositionAccess().

+ Here is the caller graph for this function:

◆ checkRbacOrPositionPermissionAccess()

ilOrgUnitPositionAccess::checkRbacOrPositionPermissionAccess ( string  $rbac_perm,
string  $pos_perm,
int  $ref_id 
)
Parameters
string$rbac_perm
string$pos_permSee the list of available permissions in interface ilOrgUnitPositionAccessHandler
int$ref_idReference-ID of the desired Object in the tree
Returns
bool

Implements ilOrgUnitPositionAndRBACAccessHandler.

Definition at line 225 of file class.ilOrgUnitPositionAccess.php.

225 : bool
226 {
227 // If RBAC allows, just return true
228 if ($this->access->checkAccess($rbac_perm, '', $ref_id)) {
229 return true;
230 }
231
232 if (!$this->isPositionActiveForRefId($ref_id)) {
233 return false;
234 }
235
236 return $this->checkPositionAccess($pos_perm, $ref_id);
237 }
checkPositionAccess(string $pos_perm, int $ref_id)

References $ref_id, and ILIAS\Repository\access().

Referenced by ilAccess\checkRbacOrPositionPermissionAccess().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ filterUserIdsByPositionOfCurrentUser()

ilOrgUnitPositionAccess::filterUserIdsByPositionOfCurrentUser ( string  $pos_perm,
int  $ref_id,
array  $user_ids 
)
Parameters
int[]$user_ids

Implements ilOrgUnitPositionAccessHandler.

Definition at line 100 of file class.ilOrgUnitPositionAccess.php.

100 : array
101 {
102 $current_user_id = $this->getCurrentUsersId();
103
104 return $this->filterUserIdsByPositionOfUser($current_user_id, $pos_perm, $ref_id, $user_ids);
105 }
filterUserIdsByPositionOfUser(int $user_id, string $pos_perm, int $ref_id, array $user_ids)

References $ref_id.

Referenced by ilAccess\filterUserIdsByPositionOfCurrentUser().

+ Here is the caller graph for this function:

◆ filterUserIdsByPositionOfUser()

ilOrgUnitPositionAccess::filterUserIdsByPositionOfUser ( int  $user_id,
string  $pos_perm,
int  $ref_id,
array  $user_ids 
)
Parameters
int[]$user_ids

Implements ilOrgUnitPositionAccessHandler.

Definition at line 109 of file class.ilOrgUnitPositionAccess.php.

114 : array {
115 if (!$this->isPositionActiveForRefId($ref_id)) {
116 return [];
117 }
118
119 $operation = $this->operationRepo->find($pos_perm, $this->getTypeForRefId($ref_id));
120 if (!$operation) {
121 return [];
122 }
123
124 $allowed_user_ids = [];
125 foreach ($this->assignmentRepo->getPositionsByUser($user_id) as $position) {
126 $permissions = $this->permissionRepo->getLocalorDefault($ref_id, $position->getId());
127 if (!$permissions->isOperationIdSelected($operation->getOperationId())) {
128 continue;
129 }
130
131 foreach ($position->getAuthorities() as $authority) {
132 switch ($authority->getOver()) {
134 switch ($authority->getScope()) {
136 $allowed = $this->assignmentRepo->getUsersByUserAndPosition(
137 $user_id,
138 $position->getId(),
139 false
140 );
141 $allowed_user_ids = array_merge($allowed_user_ids, $allowed);
142 break;
144 $allowed = $this->assignmentRepo->getUsersByUserAndPosition(
145 $user_id,
146 $position->getId(),
147 true
148 );
149 $allowed_user_ids = array_merge($allowed_user_ids, $allowed);
150 break;
151 }
152 break;
153 default:
154 switch ($authority->getScope()) {
156 $allowed = $this->assignmentRepo->getFilteredUsersByUserAndPosition(
157 $user_id,
158 $authority->getPositionId(),
159 $authority->getOver(),
160 false
161 );
162 $allowed_user_ids = array_merge($allowed_user_ids, $allowed);
163 break;
165 $allowed = $this->assignmentRepo->getFilteredUsersByUserAndPosition(
166 $user_id,
167 $authority->getPositionId(),
168 $authority->getOver(),
169 true
170 );
171 $allowed_user_ids = array_merge($allowed_user_ids, $allowed);
172 break;
173 }
174 break;
175 }
176 }
177 }
178 $allowed_user_ids[] = $this->user->getId();
179 return array_intersect($user_ids, $allowed_user_ids);
180 }

Referenced by ilAccess\filterUserIdsByPositionOfUser().

+ Here is the caller graph for this function:

◆ filterUserIdsByRbacOrPositionOfCurrentUser()

ilOrgUnitPositionAccess::filterUserIdsByRbacOrPositionOfCurrentUser ( string  $rbac_perm,
string  $pos_perm,
int  $ref_id,
array  $user_ids 
)
Parameters
string$rbac_perm
string$pos_permSee the list of available permissions in interface ilOrgUnitPositionAccessHandler
int$ref_idReference-ID of the desired Object in the tree
int[]$user_ids
Returns
int[]

Implements ilOrgUnitPositionAndRBACAccessHandler.

Definition at line 240 of file class.ilOrgUnitPositionAccess.php.

245 : array {
246 global $DIC;
247
248 // If RBAC allows, just return true
249 if ($this->access->checkAccess($rbac_perm, '', $ref_id)) {
250 return $user_ids;
251 }
252
253 return $this->filterUserIdsByPositionOfCurrentUser($pos_perm, $ref_id, $user_ids);
254 }
filterUserIdsByPositionOfCurrentUser(string $pos_perm, int $ref_id, array $user_ids)

Referenced by ilAccess\filterUserIdsByRbacOrPositionOfCurrentUser().

+ Here is the caller graph for this function:

◆ filterUserIdsForCurrentUsersPositionsAndPermission()

ilOrgUnitPositionAccess::filterUserIdsForCurrentUsersPositionsAndPermission ( array  $user_ids,
string  $permission 
)
Returns
int[] Filtered List of ILIAS-User-IDs

Implements ilOrgUnitPositionAccessHandler.

Definition at line 48 of file class.ilOrgUnitPositionAccess.php.

51 : array {
52 $current_user_id = $this->getCurrentUsersId();
53 return $this->filterUserIdsForUsersPositionsAndPermission($user_ids, $current_user_id, $permission);
54 }
filterUserIdsForUsersPositionsAndPermission(array $user_ids, int $for_user_id, string $permission)

Referenced by ilAccess\filterUserIdsForCurrentUsersPositionsAndPermission().

+ Here is the caller graph for this function:

◆ filterUserIdsForUsersPositionsAndPermission()

ilOrgUnitPositionAccess::filterUserIdsForUsersPositionsAndPermission ( array  $user_ids,
int  $for_user_id,
string  $permission 
)
Returns
int[] Filtered List of ILIAS-User-IDs

Implements ilOrgUnitPositionAccessHandler.

Definition at line 59 of file class.ilOrgUnitPositionAccess.php.

63 : array {
64 $assignment_of_user = $this->assignmentRepo->getByUsers([$for_user_id]);
65 $other_users_in_same_org_units = [];
66 foreach ($assignment_of_user as $assignment) {
67 $other_users_in_same_org_units += $this->assignmentRepo->getUsersByOrgUnits([$assignment->getOrguId()]);
68 }
69
70 return array_intersect($user_ids, $other_users_in_same_org_units);
71 }

Referenced by ilAccess\filterUserIdsForUsersPositionsAndPermission().

+ Here is the caller graph for this function:

◆ getCurrentUsersId()

ilOrgUnitPositionAccess::getCurrentUsersId ( )
private

Definition at line 271 of file class.ilOrgUnitPositionAccess.php.

271 : int
272 {
273 return $this->user->getId();
274 }

References ILIAS\Repository\user().

+ Here is the call graph for this function:

◆ getObjIdForRefId()

ilOrgUnitPositionAccess::getObjIdForRefId ( int  $ref_id)
private

Definition at line 286 of file class.ilOrgUnitPositionAccess.php.

286 : int
287 {
289 }
static _lookupObjectId(int $ref_id)

References $ref_id, and ilObject\_lookupObjectId().

+ Here is the call graph for this function:

◆ getTypeForRefId()

ilOrgUnitPositionAccess::getTypeForRefId ( int  $ref_id)
private

Definition at line 277 of file class.ilOrgUnitPositionAccess.php.

277 : string
278 {
279 if (!isset(self::$ref_id_obj_type_map[$ref_id])) {
280 self::$ref_id_obj_type_map[$ref_id] = ilObject2::_lookupType($ref_id, true);
281 }
282
283 return self::$ref_id_obj_type_map[$ref_id];
284 }
static _lookupType(int $id, bool $reference=false)

References $ref_id, and ilObject\_lookupType().

+ Here is the call graph for this function:

◆ hasCurrentUserAnyPositionAccess()

ilOrgUnitPositionAccess::hasCurrentUserAnyPositionAccess ( int  $ref_id)
Parameters
int$ref_id
Returns
bool

Implements ilOrgUnitPositionAccessHandler.

Definition at line 206 of file class.ilOrgUnitPositionAccess.php.

206 : bool
207 {
208 if (!$this->isPositionActiveForRefId($ref_id)) {
209 return false;
210 }
211
212 $current_user_id = $this->getCurrentUsersId();
213
214 foreach ($this->assignmentRepo->getPositionsByUser($current_user_id) as $position) {
215 $permissions = $this->permissionRepo->getLocalorDefault($ref_id, $position->getId());
216 if (count($permissions->getOperations()) > 0) {
217 return true;
218 }
219 }
220
221 return false;
222 }

References $ref_id.

Referenced by ilAccess\hasCurrentUserAnyPositionAccess().

+ Here is the caller graph for this function:

◆ hasUserRBACorAnyPositionAccess()

ilOrgUnitPositionAccess::hasUserRBACorAnyPositionAccess ( string  $rbac_perm,
int  $ref_id 
)

Implements ilOrgUnitPositionAndRBACAccessHandler.

Definition at line 257 of file class.ilOrgUnitPositionAccess.php.

257 : bool
258 {
259 if ($this->access->checkAccess($rbac_perm, '', $ref_id)) {
260 return true;
261 }
262
264 }

References $ref_id, and ILIAS\Repository\access().

Referenced by ilAccess\hasUserRBACorAnyPositionAccess().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isCurrentUserBasedOnPositionsAllowedTo()

ilOrgUnitPositionAccess::isCurrentUserBasedOnPositionsAllowedTo ( string  $permission,
array  $on_user_ids 
)
Parameters
int[]$on_user_ids

Implements ilOrgUnitPositionAccessHandler.

Definition at line 74 of file class.ilOrgUnitPositionAccess.php.

74 : bool
75 {
76 $current_user_id = $this->getCurrentUsersId();
77
78 return $this->isUserBasedOnPositionsAllowedTo($current_user_id, $permission, $on_user_ids);
79 }
isUserBasedOnPositionsAllowedTo(int $which_user_id, string $permission, array $on_user_ids)

Referenced by ilAccess\isCurrentUserBasedOnPositionsAllowedTo().

+ Here is the caller graph for this function:

◆ isPositionActiveForRefId()

ilOrgUnitPositionAccess::isPositionActiveForRefId ( int  $ref_id)
private

Definition at line 291 of file class.ilOrgUnitPositionAccess.php.

291 : bool
292 {
293 $obj_id = $this->getObjIdForRefId($ref_id); // TODO this will change to ref_id!!
294
295 return $this->set->isPositionAccessActiveForObject($obj_id);
296 }

References $ref_id.

◆ isUserBasedOnPositionsAllowedTo()

ilOrgUnitPositionAccess::isUserBasedOnPositionsAllowedTo ( int  $which_user_id,
string  $permission,
array  $on_user_ids 
)
Parameters
int[]$on_user_ids

Implements ilOrgUnitPositionAccessHandler.

Definition at line 83 of file class.ilOrgUnitPositionAccess.php.

87 : bool {
88 $filtered_user_ids = $this->filterUserIdsForUsersPositionsAndPermission(
89 $on_user_ids,
90 $which_user_id,
91 $permission
92 );
93
94 return ($on_user_ids === array_intersect($on_user_ids, $filtered_user_ids)
95 && $filtered_user_ids === array_intersect($filtered_user_ids, $on_user_ids));
96 }

Referenced by ilAccess\isUserBasedOnPositionsAllowedTo().

+ Here is the caller graph for this function:

Field Documentation

◆ $access

ilAccess ilOrgUnitPositionAccess::$access
private

Definition at line 27 of file class.ilOrgUnitPositionAccess.php.

Referenced by __construct().

◆ $assignmentRepo

ilOrgUnitUserAssignmentDBRepository ilOrgUnitPositionAccess::$assignmentRepo
protected

Definition at line 29 of file class.ilOrgUnitPositionAccess.php.

◆ $operationRepo

ilOrgUnitOperationDBRepository ilOrgUnitPositionAccess::$operationRepo
protected

Definition at line 30 of file class.ilOrgUnitPositionAccess.php.

◆ $permissionRepo

ilOrgUnitPermissionDBRepository ilOrgUnitPositionAccess::$permissionRepo
protected

Definition at line 31 of file class.ilOrgUnitPositionAccess.php.

◆ $ref_id_obj_type_map

array ilOrgUnitPositionAccess::$ref_id_obj_type_map = array()
staticprotected

Definition at line 25 of file class.ilOrgUnitPositionAccess.php.

◆ $set

ilOrgUnitGlobalSettings ilOrgUnitPositionAccess::$set
private

Definition at line 26 of file class.ilOrgUnitPositionAccess.php.

◆ $user

ilObjUser ilOrgUnitPositionAccess::$user
private

Definition at line 28 of file class.ilOrgUnitPositionAccess.php.


The documentation for this class was generated from the following file: