ILIAS  trunk Revision v12.0_alpha-377-g3641b37b9db
Public Member Functions | Static Public Member Functions | Private Member Functions | Private Attributes | Static Private Attributes
ilObjEmployeeTalkAccess Class Reference
+ Inheritance diagram for ilObjEmployeeTalkAccess:
+ Collaboration diagram for ilObjEmployeeTalkAccess:

Public Member Functions

 __construct ()
 
 canCreate (?ilObjUser $talkParticipant=null)
 Checks if the user is allowed to create a new talks series. More...
 
 hasPermissionToReadUnownedTalksOfUser (int $userId)
 
 canRead (int $refId)
 
 canEditTalkLockStatus (int $refId)
 
 canEdit (int $refId)
 
 canDelete (int $refId)
 
 isTalkReadonlyByCurrentUser (int $ref_id)
 
- Public Member Functions inherited from ilObjectAccess
 _checkAccess (string $cmd, string $permission, int $ref_id, int $obj_id, ?int $user_id=null)
 Checks whether a user may invoke a command or not (this method is called by ilAccessHandler::checkAccess) More...
 
 canBeDelivered (ilWACPath $ilWACPath)
 
 canBeDelivered (ilWACPath $ilWACPath)
 

Static Public Member Functions

static getInstance ()
 
static _getCommands ()
 get commands More...
 
static _isOffline ($obj_id)
 
static _checkGoto ($target)
 
- Static Public Member Functions inherited from ilObjectAccess
static _getCommands ()
 get commands More...
 
static _checkGoto (string $target)
 check whether goto script will succeed More...
 
static _isOffline (int $obj_id)
 Type-specific implementation of general status, has to be overwritten if object type does not support centralized offline handling. More...
 
static _preloadData (array $obj_ids, array $ref_ids)
 Preload data. More...
 

Private Member Functions

 isPermittedToExecuteOperation (int $refId, string $operation)
 
 getCurrentUsersId ()
 

Private Attributes

ilOrgUnitUserAssignmentQueries $ua
 
ilOrgUnitGlobalSettings $set
 
IlOrgUnitPositionAccess $orgUnitAccess
 
Container $container
 
ilOrgUnitObjectTypePositionSetting $talkPositionSettings
 
IliasDBEmployeeTalkSeriesRepository $seriesSettingsRepository
 

Static Private Attributes

static self $instance = null
 

Detailed Description

Definition at line 28 of file class.ilObjEmployeeTalkAccess.php.

Constructor & Destructor Documentation

◆ __construct()

ilObjEmployeeTalkAccess::__construct ( )

Definition at line 47 of file class.ilObjEmployeeTalkAccess.php.

48 {
49 $this->container = $GLOBALS['DIC'];
50
51 $this->set = ilOrgUnitGlobalSettings::getInstance();
52 $this->ua = ilOrgUnitUserAssignmentQueries::getInstance();
53 $this->orgUnitAccess = new ilOrgUnitPositionAccess($this->container->access());
54 $this->talkPositionSettings = $this->set->getObjectPositionSettingsByType(ilObjEmployeeTalk::TYPE);
55 $this->seriesSettingsRepository = new IliasDBEmployeeTalkSeriesRepository($this->container->user(), $this->container->database());
56 }
ilOrgUnitPositionAccess
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilOrgUnitPositionAccess.php:24
$GLOBALS
$GLOBALS["DIC"]
Definition: wac.php:54

References $GLOBALS, ilOrgUnitUserAssignmentQueries\getInstance(), ilOrgUnitGlobalSettings\getInstance(), and ilObjEmployeeTalk\TYPE.

+ Here is the call graph for this function:

Member Function Documentation

◆ _checkGoto()

static ilObjEmployeeTalkAccess::_checkGoto (   $target)
static

Definition at line 89 of file class.ilObjEmployeeTalkAccess.php.

89 : bool
90 {
91 $access = new self();
92
93 $t_arr = explode('_', $target);
94 if ($t_arr[0] !== 'etal' || ((int) $t_arr[1]) <= 0) {
95 return false;
96 }
97 if ($access->canRead(intval($t_arr[1]))) {
98 return true;
99 }
100
101 return false;
102 }

◆ _getCommands()

static ilObjEmployeeTalkAccess::_getCommands ( )
static

get commands

this method returns an array of all possible commands/permission combinations

example: $commands = array ( array('permission' => 'read', 'cmd' => 'view', 'lang_var' => 'show'), array('permission' => 'write', 'cmd' => 'edit', 'lang_var' => 'edit'), );

Reimplemented from ilObjectAccess.

Definition at line 70 of file class.ilObjEmployeeTalkAccess.php.

70 : array
71 {
72 $commands = [
73 [
74 'permission' => 'read',
75 'cmd' => ControlFlowCommand::DEFAULT,
76 'lang_var' => 'show',
77 'default' => true,
78 ]
79 ];
80
81 return $commands;
82 }

References ILIAS\Forum\Notification\DEFAULT.

Referenced by ilObjEmployeeTalkListGUI\init().

+ Here is the caller graph for this function:

◆ _isOffline()

static ilObjEmployeeTalkAccess::_isOffline (   $obj_id)
static

Definition at line 84 of file class.ilObjEmployeeTalkAccess.php.

84 : bool
85 {
86 return false;
87 }

◆ canCreate()

ilObjEmployeeTalkAccess::canCreate ( ?ilObjUser  $talkParticipant = null)

Checks if the user is allowed to create a new talks series.

If no user is given only the position right is checked, which can be used to display create or new buttons based on the general position rights of the user.

If the user is given, only positions with an authority over the given user are used to check the position rights.

Parameters
ilObjUser | null$talkParticipantThe talk participant which should get invited into the new talk.
Returns
bool True if the user has creation rights otherwise false.

Definition at line 115 of file class.ilObjEmployeeTalkAccess.php.

115 : bool
116 {
117 try {
118 $currentUserId = $this->getCurrentUsersId();
119
120 // Root has always full access
121 if ($currentUserId === 6) {
122 return true;
123 }
124
125 // Talks are never editable if the position rights are not active, because the talks don't use RBAC
126 if (!$this->talkPositionSettings->isActive()) {
127 return false;
128 }
129
130 $positions = $this->ua->getPositionsOfUserId($currentUserId);
131
132 // If we don't have a user just check if the current user has the right in any position to create a new talk
133 if ($talkParticipant === null) {
134 foreach ($positions as $position) {
135 // Check if the position has any relevant position rights
136 $permissionSet = ilOrgUnitPermissionQueries::getTemplateSetForContextName(ilObjEmployeeTalk::TYPE, strval($position->getId() ?? 0));
137 $isAbleToExecuteOperation = array_reduce($permissionSet->getOperations(), function (bool $prev, ilOrgUnitOperation $it) {
138 return $prev || $it->getOperationString() === EmployeeTalkPositionAccessLevel::CREATE;
139 }, false);
140
141 // If the position has no rights check the next one
142 if (!$isAbleToExecuteOperation) {
143 continue;
144 }
145
146 return true;
147 }
148
149 // The current user was not in a position with create etal position rights
150 return false;
151 }
152
153 // Validate authority and position rights over the given participant
154 return $this->hasAuthorityAndOperationPermissionOverUser($talkParticipant, EmployeeTalkPositionAccessLevel::CREATE);
155 } catch (\Exception $ex) {
156 return false;
157 }
158 }
ilOrgUnitOperation
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilOrgUnitOperation.php:24
ilOrgUnitPermissionQueries\getTemplateSetForContextName
static getTemplateSetForContextName(string $context_name, string $position_id, bool $editable=false)
Definition: class.ilOrgUnitPermissionQueries.php:41

References getCurrentUsersId(), ilOrgUnitOperation\getOperationString(), ilOrgUnitPermissionQueries\getTemplateSetForContextName(), and ilObjEmployeeTalk\TYPE.

+ Here is the call graph for this function:

◆ canDelete()

ilObjEmployeeTalkAccess::canDelete ( int  $refId)
Parameters
int$refId
Returns
bool

Definition at line 200 of file class.ilObjEmployeeTalkAccess.php.

200 : bool
201 {
202 $talk = new ilObjEmployeeTalk($refId);
203 $user = $this->getCurrentUsersId();
204 if (
205 $user === $talk->getOwner() &&
206 $this->container->access()->checkAccess('read', '', ilObjTalkTemplateAdministration::getRootRefId())
207 ) {
208 return true;
209 }
210 // global admins can delete
211 if ($this->container->rbac()->review()->isAssigned(
212 $user,
213 SYSTEM_ROLE_ID
214 )) {
215 return true;
216 }
217 return false;
218 }
SYSTEM_ROLE_ID
const SYSTEM_ROLE_ID
Definition: constants.php:29
$refId
$refId
Definition: xapitoken.php:56

References $refId, getCurrentUsersId(), ilObjTalkTemplateAdministration\getRootRefId(), and SYSTEM_ROLE_ID.

+ Here is the call graph for this function:

◆ canEdit()

ilObjEmployeeTalkAccess::canEdit ( int  $refId)
Parameters
int$refId
Returns
bool

Definition at line 191 of file class.ilObjEmployeeTalkAccess.php.

191 : bool
192 {
193 return $this->isPermittedToExecuteOperation($refId, EmployeeTalkPositionAccessLevel::EDIT);
194 }
ilObjEmployeeTalkAccess\isPermittedToExecuteOperation
isPermittedToExecuteOperation(int $refId, string $operation)
Definition: class.ilObjEmployeeTalkAccess.php:220

References isPermittedToExecuteOperation().

Referenced by isTalkReadonlyByCurrentUser().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ canEditTalkLockStatus()

ilObjEmployeeTalkAccess::canEditTalkLockStatus ( int  $refId)

Definition at line 174 of file class.ilObjEmployeeTalkAccess.php.

174 : bool
175 {
176 $currentUserId = $this->getCurrentUsersId();
177
178 // Root has always full access
179 if ($currentUserId === 6) {
180 return true;
181 }
182
183 $talk = new ilObjEmployeeTalk($refId);
184 return $talk->getOwner() === $currentUserId;
185 }

References $refId, and getCurrentUsersId().

+ Here is the call graph for this function:

◆ canRead()

ilObjEmployeeTalkAccess::canRead ( int  $refId)

Definition at line 169 of file class.ilObjEmployeeTalkAccess.php.

169 : bool
170 {
171 return $this->isPermittedToExecuteOperation($refId, EmployeeTalkPositionAccessLevel::VIEW);
172 }

References isPermittedToExecuteOperation().

+ Here is the call graph for this function:

◆ getCurrentUsersId()

ilObjEmployeeTalkAccess::getCurrentUsersId ( )
private
Returns
int

Definition at line 288 of file class.ilObjEmployeeTalkAccess.php.

288 : int
289 {
290 return $this->container->user()->getId();
291 }

Referenced by canCreate(), canDelete(), canEditTalkLockStatus(), and isPermittedToExecuteOperation().

+ Here is the caller graph for this function:

◆ getInstance()

static ilObjEmployeeTalkAccess::getInstance ( )
static

Definition at line 38 of file class.ilObjEmployeeTalkAccess.php.

38 : self
39 {
40 if (is_null(self::$instance)) {
41 self::$instance = new ilObjEmployeeTalkAccess();
42 }
43
44 return self::$instance;
45 }

References $instance.

Referenced by ilObjEmployeeTalkGUI\__construct().

+ Here is the caller graph for this function:

◆ hasPermissionToReadUnownedTalksOfUser()

ilObjEmployeeTalkAccess::hasPermissionToReadUnownedTalksOfUser ( int  $userId)

Definition at line 160 of file class.ilObjEmployeeTalkAccess.php.

160 : bool
161 {
162 try {
163 return $this->hasAuthorityAndOperationPermissionOverUser(new ilObjUser($userId), EmployeeTalkPositionAccessLevel::VIEW);
164 } catch (\Exception $ex) {
165 return false;
166 }
167 }
ilObjUser
User class.
Definition: class.ilObjUser.php:48

◆ isPermittedToExecuteOperation()

ilObjEmployeeTalkAccess::isPermittedToExecuteOperation ( int  $refId,
string  $operation 
)
private

Definition at line 220 of file class.ilObjEmployeeTalkAccess.php.

220 : bool
221 {
222 $currentUserId = $this->getCurrentUsersId();
223
224 // Root has always full access
225 if ($currentUserId === 6) {
226 return true;
227 }
228
229 // Talks are never editable if the position rights are not active, because the talks don't use RBAC
230 if (!$this->talkPositionSettings->isActive()) {
231 return false;
232 }
233
234 $talk = new ilObjEmployeeTalk($refId);
235 $series = $talk->getParent();
236 $hasAuthority = $this->hasAuthorityAndOperationPermissionOverUser(new ilObjUser($talk->getData()->getEmployee()), $operation);
237 $data = $talk->getData();
238 $seriesSettings = $this->seriesSettingsRepository->readEmployeeTalkSerieSettings($series->getId());
239 $canExecuteOperation = $this->orgUnitAccess->checkPositionAccess($operation, $refId);
240 $isOwner = $talk->getOwner() === $currentUserId;
241
242 if ($isOwner) {
243 return true;
244 }
245
246 if ($currentUserId === $data->getEmployee()) {
247 // The Employee can never edit their own talks
248 if ($operation !== EmployeeTalkPositionAccessLevel::VIEW) {
249 return false;
250 }
251
252 // The Employee can always read their own talks
253 return true;
254 }
255
256 //Only owner can edit talks with enabled write lock
257 if ($seriesSettings->isLockedEditing() && $operation === EmployeeTalkPositionAccessLevel::EDIT) {
258 return false;
259 }
260
261 // Has no authority over the employee
262 if (!$hasAuthority) {
263 return false;
264 }
265
266 // Has Authority and is permitted to execute the given permission
267 if ($canExecuteOperation) {
268 return true;
269 }
270
271 // Has authority but no permission
272 return false;
273 }

References $data, $refId, and getCurrentUsersId().

Referenced by canEdit(), and canRead().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isTalkReadonlyByCurrentUser()

ilObjEmployeeTalkAccess::isTalkReadonlyByCurrentUser ( int  $ref_id)
Parameters
int$ref_id
Returns
bool

Definition at line 280 of file class.ilObjEmployeeTalkAccess.php.

280 : bool
281 {
282 return !$this->canEdit($ref_id);
283 }
$ref_id
$ref_id
Definition: ltiauth.php:66

References canEdit().

+ Here is the call graph for this function:

Field Documentation

◆ $container

Container ilObjEmployeeTalkAccess::$container
private

Definition at line 34 of file class.ilObjEmployeeTalkAccess.php.

◆ $instance

self ilObjEmployeeTalkAccess::$instance = null
staticprivate

Definition at line 30 of file class.ilObjEmployeeTalkAccess.php.

Referenced by getInstance().

◆ $orgUnitAccess

IlOrgUnitPositionAccess ilObjEmployeeTalkAccess::$orgUnitAccess
private

Definition at line 33 of file class.ilObjEmployeeTalkAccess.php.

◆ $seriesSettingsRepository

IliasDBEmployeeTalkSeriesRepository ilObjEmployeeTalkAccess::$seriesSettingsRepository
private

Definition at line 36 of file class.ilObjEmployeeTalkAccess.php.

◆ $set

ilOrgUnitGlobalSettings ilObjEmployeeTalkAccess::$set
private

Definition at line 32 of file class.ilObjEmployeeTalkAccess.php.

◆ $talkPositionSettings

ilOrgUnitObjectTypePositionSetting ilObjEmployeeTalkAccess::$talkPositionSettings
private

Definition at line 35 of file class.ilObjEmployeeTalkAccess.php.

◆ $ua

ilOrgUnitUserAssignmentQueries ilObjEmployeeTalkAccess::$ua
private

Definition at line 31 of file class.ilObjEmployeeTalkAccess.php.

The documentation for this class was generated from the following file: