ILIAS  trunk Revision v11.0_alpha-3011-gc6b235a2e85
Public Member Functions | Static Public Member Functions | Private Member Functions | Private Attributes | Static Private Attributes
ilObjEmployeeTalkAccess Class Reference
+ Inheritance diagram for ilObjEmployeeTalkAccess:
+ Collaboration diagram for ilObjEmployeeTalkAccess:

Public Member Functions

 __construct ()
 
 canCreate (?ilObjUser $talkParticipant=null)
 Checks if the user is allowed to create a new talks series. More...
 
 hasPermissionToReadUnownedTalksOfUser (int $userId)
 
 canRead (int $refId)
 
 canEditTalkLockStatus (int $refId)
 
 canEdit (int $refId)
 
 canDelete (int $refId)
 
 isTalkReadonlyByCurrentUser (int $ref_id)
 
- Public Member Functions inherited from ilObjectAccess
 _checkAccess (string $cmd, string $permission, int $ref_id, int $obj_id, ?int $user_id=null)
 Checks whether a user may invoke a command or not (this method is called by ilAccessHandler::checkAccess) More...
 
 canBeDelivered (ilWACPath $ilWACPath)
 
 canBeDelivered (ilWACPath $ilWACPath)
 

Static Public Member Functions

static getInstance ()
 
static _getCommands ()
 get commands More...
 
static _isOffline ($obj_id)
 
static _checkGoto ($target)
 
- Static Public Member Functions inherited from ilObjectAccess
static _getCommands ()
 get commands More...
 
static _checkGoto (string $target)
 check whether goto script will succeed More...
 
static _isOffline (int $obj_id)
 Type-specific implementation of general status, has to be overwritten if object type does not support centralized offline handling. More...
 
static _preloadData (array $obj_ids, array $ref_ids)
 Preload data. More...
 

Private Member Functions

 isPermittedToExecuteOperation (int $refId, string $operation)
 
 getCurrentUsersId ()
 

Private Attributes

ilOrgUnitUserAssignmentQueries $ua
 
ilOrgUnitGlobalSettings $set
 
IlOrgUnitPositionAccess $orgUnitAccess
 
Container $container
 
ilOrgUnitObjectTypePositionSetting $talkPositionSettings
 
IliasDBEmployeeTalkSeriesRepository $seriesSettingsRepository
 

Static Private Attributes

static self $instance = null
 

Detailed Description

Definition at line 28 of file class.ilObjEmployeeTalkAccess.php.

Constructor & Destructor Documentation

◆ __construct()

ilObjEmployeeTalkAccess::__construct ( )

Definition at line 47 of file class.ilObjEmployeeTalkAccess.php.

48 {
49 $this->container = $GLOBALS['DIC'];
50
51 $this->set = ilOrgUnitGlobalSettings::getInstance();
52 $this->ua = ilOrgUnitUserAssignmentQueries::getInstance();
53 $this->orgUnitAccess = new ilOrgUnitPositionAccess($this->container->access());
54 $this->talkPositionSettings = $this->set->getObjectPositionSettingsByType(ilObjEmployeeTalk::TYPE);
55 $this->seriesSettingsRepository = new IliasDBEmployeeTalkSeriesRepository($this->container->user(), $this->container->database());
56 }
ilOrgUnitPositionAccess
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilOrgUnitPositionAccess.php:24
$GLOBALS
$GLOBALS["DIC"]
Definition: wac.php:54

References $GLOBALS, ilOrgUnitUserAssignmentQueries\getInstance(), ilOrgUnitGlobalSettings\getInstance(), and ilObjEmployeeTalk\TYPE.

+ Here is the call graph for this function:

Member Function Documentation

◆ _checkGoto()

static ilObjEmployeeTalkAccess::_checkGoto (   $target)
static

Definition at line 89 of file class.ilObjEmployeeTalkAccess.php.

89 : bool
90 {
91 $access = new self();
92
93 $t_arr = explode('_', $target);
94 if ($t_arr[0] !== 'etal' || ((int) $t_arr[1]) <= 0) {
95 return false;
96 }
97 if ($access->canRead(intval($t_arr[1]))) {
98 return true;
99 }
100
101 return false;
102 }

◆ _getCommands()

static ilObjEmployeeTalkAccess::_getCommands ( )
static

get commands

this method returns an array of all possible commands/permission combinations

example: $commands = array ( array('permission' => 'read', 'cmd' => 'view', 'lang_var' => 'show'), array('permission' => 'write', 'cmd' => 'edit', 'lang_var' => 'edit'), );

Reimplemented from ilObjectAccess.

Definition at line 70 of file class.ilObjEmployeeTalkAccess.php.

70 : array
71 {
72 $commands = [
73 [
74 'permission' => 'read',
75 'cmd' => ControlFlowCommand::DEFAULT,
76 'lang_var' => 'show',
77 'default' => true,
78 ]
79 ];
80
81 return $commands;
82 }

References ILIAS\Forum\Notification\DEFAULT.

Referenced by ilObjEmployeeTalkListGUI\init().

+ Here is the caller graph for this function:

◆ _isOffline()

static ilObjEmployeeTalkAccess::_isOffline (   $obj_id)
static

Definition at line 84 of file class.ilObjEmployeeTalkAccess.php.

84 : bool
85 {
86 return false;
87 }

◆ canCreate()

ilObjEmployeeTalkAccess::canCreate ( ?ilObjUser  $talkParticipant = null)

Checks if the user is allowed to create a new talks series.

If no user is given only the position right is checked, which can be used to display create or new buttons based on the general position rights of the user.

If the user is given, only positions with an authority over the given user are used to check the position rights.

Parameters
ilObjUser | null$talkParticipantThe talk participant which should get invited into the new talk.
Returns
bool True if the user has creation rights otherwise false.

Definition at line 115 of file class.ilObjEmployeeTalkAccess.php.

115 : bool
116 {
117 try {
118 $currentUserId = $this->getCurrentUsersId();
119
120 // Root has always full access
121 if ($currentUserId === 6) {
122 return true;
123 }
124
125 // Talks are never editable if the position rights are not active, because the talks don't use RBAC
126 if (!$this->talkPositionSettings->isActive()) {
127 return false;
128 }
129
130 $positions = $this->ua->getPositionsOfUserId($currentUserId);
131
132 // If we don't have a user just check if the current user has the right in any position to create a new talk
133 if ($talkParticipant === null) {
134 foreach ($positions as $position) {
135 // Check if the position has any relevant position rights
136 $permissionSet = ilOrgUnitPermissionQueries::getTemplateSetForContextName(ilObjEmployeeTalk::TYPE, strval($position->getId() ?? 0));
137 $isAbleToExecuteOperation = array_reduce($permissionSet->getOperations(), function (bool $prev, ilOrgUnitOperation $it) {
138 return $prev || $it->getOperationString() === EmployeeTalkPositionAccessLevel::CREATE;
139 }, false);
140
141 // If the position has no rights check the next one
142 if (!$isAbleToExecuteOperation) {
143 continue;
144 }
145
146 return true;
147 }
148
149 // The current user was not in a position with create etal position rights
150 return false;
151 }
152
153 // Validate authority and position rights over the given participant
154 return $this->hasAuthorityAndOperationPermissionOverUser($talkParticipant, EmployeeTalkPositionAccessLevel::CREATE);
155 } catch (\Exception $ex) {
156 return false;
157 }
158 }
ilOrgUnitOperation
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilOrgUnitOperation.php:24
ilOrgUnitPermissionQueries\getTemplateSetForContextName
static getTemplateSetForContextName(string $context_name, string $position_id, bool $editable=false)
Definition: class.ilOrgUnitPermissionQueries.php:41

References getCurrentUsersId(), ilOrgUnitOperation\getOperationString(), ilOrgUnitPermissionQueries\getTemplateSetForContextName(), and ilObjEmployeeTalk\TYPE.

+ Here is the call graph for this function:

◆ canDelete()

ilObjEmployeeTalkAccess::canDelete ( int  $refId)
Parameters
int$refId
Returns
bool

Definition at line 200 of file class.ilObjEmployeeTalkAccess.php.

200 : bool
201 {
202 $talk = new ilObjEmployeeTalk($refId);
203 $user = $this->getCurrentUsersId();
204 if ($user === $talk->getOwner()) {
205 return true;
206 }
207 // global admins can delete
208 if ($this->container->rbac()->review()->isAssigned(
209 $user,
210 SYSTEM_ROLE_ID
211 )) {
212 return true;
213 }
214 return false;
215 }
SYSTEM_ROLE_ID
const SYSTEM_ROLE_ID
Definition: constants.php:29
$refId
$refId
Definition: xapitoken.php:58

References $refId, getCurrentUsersId(), and SYSTEM_ROLE_ID.

+ Here is the call graph for this function:

◆ canEdit()

ilObjEmployeeTalkAccess::canEdit ( int  $refId)
Parameters
int$refId
Returns
bool

Definition at line 191 of file class.ilObjEmployeeTalkAccess.php.

191 : bool
192 {
193 return $this->isPermittedToExecuteOperation($refId, EmployeeTalkPositionAccessLevel::EDIT);
194 }
ilObjEmployeeTalkAccess\isPermittedToExecuteOperation
isPermittedToExecuteOperation(int $refId, string $operation)
Definition: class.ilObjEmployeeTalkAccess.php:217

References isPermittedToExecuteOperation().

Referenced by isTalkReadonlyByCurrentUser().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ canEditTalkLockStatus()

ilObjEmployeeTalkAccess::canEditTalkLockStatus ( int  $refId)

Definition at line 174 of file class.ilObjEmployeeTalkAccess.php.

174 : bool
175 {
176 $currentUserId = $this->getCurrentUsersId();
177
178 // Root has always full access
179 if ($currentUserId === 6) {
180 return true;
181 }
182
183 $talk = new ilObjEmployeeTalk($refId);
184 return $talk->getOwner() === $currentUserId;
185 }

References $refId, and getCurrentUsersId().

+ Here is the call graph for this function:

◆ canRead()

ilObjEmployeeTalkAccess::canRead ( int  $refId)

Definition at line 169 of file class.ilObjEmployeeTalkAccess.php.

169 : bool
170 {
171 return $this->isPermittedToExecuteOperation($refId, EmployeeTalkPositionAccessLevel::VIEW);
172 }

References isPermittedToExecuteOperation().

+ Here is the call graph for this function:

◆ getCurrentUsersId()

ilObjEmployeeTalkAccess::getCurrentUsersId ( )
private
Returns
int

Definition at line 285 of file class.ilObjEmployeeTalkAccess.php.

285 : int
286 {
287 return $this->container->user()->getId();
288 }

Referenced by canCreate(), canDelete(), canEditTalkLockStatus(), and isPermittedToExecuteOperation().

+ Here is the caller graph for this function:

◆ getInstance()

static ilObjEmployeeTalkAccess::getInstance ( )
static

Definition at line 38 of file class.ilObjEmployeeTalkAccess.php.

38 : self
39 {
40 if (is_null(self::$instance)) {
41 self::$instance = new ilObjEmployeeTalkAccess();
42 }
43
44 return self::$instance;
45 }

References $instance.

Referenced by ilObjEmployeeTalkGUI\__construct().

+ Here is the caller graph for this function:

◆ hasPermissionToReadUnownedTalksOfUser()

ilObjEmployeeTalkAccess::hasPermissionToReadUnownedTalksOfUser ( int  $userId)

Definition at line 160 of file class.ilObjEmployeeTalkAccess.php.

160 : bool
161 {
162 try {
163 return $this->hasAuthorityAndOperationPermissionOverUser(new ilObjUser($userId), EmployeeTalkPositionAccessLevel::VIEW);
164 } catch (\Exception $ex) {
165 return false;
166 }
167 }
ilObjUser
User class.
Definition: class.ilObjUser.php:46

◆ isPermittedToExecuteOperation()

ilObjEmployeeTalkAccess::isPermittedToExecuteOperation ( int  $refId,
string  $operation 
)
private

Definition at line 217 of file class.ilObjEmployeeTalkAccess.php.

217 : bool
218 {
219 $currentUserId = $this->getCurrentUsersId();
220
221 // Root has always full access
222 if ($currentUserId === 6) {
223 return true;
224 }
225
226 // Talks are never editable if the position rights are not active, because the talks don't use RBAC
227 if (!$this->talkPositionSettings->isActive()) {
228 return false;
229 }
230
231 $talk = new ilObjEmployeeTalk($refId);
232 $series = $talk->getParent();
233 $hasAuthority = $this->hasAuthorityAndOperationPermissionOverUser(new ilObjUser($talk->getData()->getEmployee()), $operation);
234 $data = $talk->getData();
235 $seriesSettings = $this->seriesSettingsRepository->readEmployeeTalkSerieSettings($series->getId());
236 $canExecuteOperation = $this->orgUnitAccess->checkPositionAccess($operation, $refId);
237 $isOwner = $talk->getOwner() === $currentUserId;
238
239 if ($isOwner) {
240 return true;
241 }
242
243 if ($currentUserId === $data->getEmployee()) {
244 // The Employee can never edit their own talks
245 if ($operation !== EmployeeTalkPositionAccessLevel::VIEW) {
246 return false;
247 }
248
249 // The Employee can always read their own talks
250 return true;
251 }
252
253 //Only owner can edit talks with enabled write lock
254 if ($seriesSettings->isLockedEditing() && $operation === EmployeeTalkPositionAccessLevel::EDIT) {
255 return false;
256 }
257
258 // Has no authority over the employee
259 if (!$hasAuthority) {
260 return false;
261 }
262
263 // Has Authority and is permitted to execute the given permission
264 if ($canExecuteOperation) {
265 return true;
266 }
267
268 // Has authority but no permission
269 return false;
270 }

References $data, $refId, and getCurrentUsersId().

Referenced by canEdit(), and canRead().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isTalkReadonlyByCurrentUser()

ilObjEmployeeTalkAccess::isTalkReadonlyByCurrentUser ( int  $ref_id)
Parameters
int$ref_id
Returns
bool

Definition at line 277 of file class.ilObjEmployeeTalkAccess.php.

277 : bool
278 {
279 return !$this->canEdit($ref_id);
280 }
$ref_id
$ref_id
Definition: ltiauth.php:66

References canEdit().

+ Here is the call graph for this function:

Field Documentation

◆ $container

Container ilObjEmployeeTalkAccess::$container
private

Definition at line 34 of file class.ilObjEmployeeTalkAccess.php.

◆ $instance

self ilObjEmployeeTalkAccess::$instance = null
staticprivate

Definition at line 30 of file class.ilObjEmployeeTalkAccess.php.

Referenced by getInstance().

◆ $orgUnitAccess

IlOrgUnitPositionAccess ilObjEmployeeTalkAccess::$orgUnitAccess
private

Definition at line 33 of file class.ilObjEmployeeTalkAccess.php.

◆ $seriesSettingsRepository

IliasDBEmployeeTalkSeriesRepository ilObjEmployeeTalkAccess::$seriesSettingsRepository
private

Definition at line 36 of file class.ilObjEmployeeTalkAccess.php.

◆ $set

ilOrgUnitGlobalSettings ilObjEmployeeTalkAccess::$set
private

Definition at line 32 of file class.ilObjEmployeeTalkAccess.php.

◆ $talkPositionSettings

ilOrgUnitObjectTypePositionSetting ilObjEmployeeTalkAccess::$talkPositionSettings
private

Definition at line 35 of file class.ilObjEmployeeTalkAccess.php.

◆ $ua

ilOrgUnitUserAssignmentQueries ilObjEmployeeTalkAccess::$ua
private

Definition at line 31 of file class.ilObjEmployeeTalkAccess.php.

The documentation for this class was generated from the following file: