ILIAS  trunk Revision v11.0_alpha-3011-gc6b235a2e85
class.ilObjMediaObjectAccess.php
Go to the documentation of this file.
1<?php
2
23class ilObjMediaObjectAccess implements ilWACCheckingClass
24{
25 protected ilObjectDataCache $obj_data_cache;
26 protected ilObjUser $user;
27 protected ilAccessHandler $access;
28 protected ilLogger $logger;
29
30 public function __construct()
31 {
32 global $DIC;
33
34 $this->obj_data_cache = $DIC["ilObjDataCache"];
35 $this->user = $DIC->user();
36 $this->access = $DIC->access();
37 $this->logger = $DIC->logger()->mob();
38 }
39
40 public function canBeDelivered(ilWACPath $ilWACPath): bool
41 {
42 preg_match("/.\\/public\/data\\/.*\\/mm_([0-9]*)\\/.*/ui", $ilWACPath->getPath(), $matches);
43 $obj_id = $matches[1] ?? 0;
44
45 return $this->checkAccessMob($obj_id);
46 }
47
48 protected function checkAccessMob(
49 int $obj_id
50 ): bool {
51
52 foreach (ilObjMediaObject::lookupUsages($obj_id) as $usage) {
53 $oid = ilObjMediaObject::getParentObjectIdForUsage($usage, true);
54 // for content snippets we must get their usages and check them
55 switch ($usage["type"]) {
56 case "auth:pg":
57 // Mobs on the Loginpage should always be delivered
58 return true;
59 case "mep:pg":
60 $usages2 = ilMediaPoolPage::lookupUsages($usage["id"]);
61 foreach ($usages2 as $usage2) {
62 $oid2 = ilObjMediaObject::getParentObjectIdForUsage($usage2, true);
63 if ($this->checkAccessMobUsage($usage2, $oid2)) {
64 return true;
65 }
66 }
67 break;
68
69 case "clip":
70 if ($usage["id"] == $this->user->getId()) {
71 return true;
72 }
73 break;
74
75 default:
76 if ($oid !== null && $this->checkAccessMobUsage($usage, $oid)) {
77 return true;
78 }
79
80 if ($oid === null) {
81 $this->logger->error(
82 sprintf(
83 "Could not determine parent obj_id for usage: %s",
84 json_encode($usage, JSON_THROW_ON_ERROR | JSON_PRETTY_PRINT)
85 )
86 );
87 }
88 break;
89 }
90 }
91
92 return false;
93 }
94
95
96 protected function checkAccessMobUsage(
97 array $usage,
98 int $oid
99 ): bool {
103 $ilObjDataCache = $this->obj_data_cache;
104 $ilUser = $this->user;
105 $user_id = $ilUser->getId();
106
107 switch ($usage['type']) {
108 case 'lm:pg':
109 if ($this->checkAccessObject($oid, 'lm')) {
110 return true;
111 }
112 break;
113
114 case 'news':
115 // media objects in news (media casts)
116 if ($this->checkAccessObject($oid)) {
117 return true;
118 } elseif (ilObjMediaCastAccess::_lookupPublicFiles($oid) && ilNewsItem::_lookupVisibility($usage["id"]) == NEWS_PUBLIC) {
119 return true;
120 }
121 break;
122
123 case 'frm~:html':
124 case 'exca~:html':
125 // $oid = userid
126 // foreach ($this->check_users as $user_id) {
127 if ($ilObjDataCache->lookupType($oid) == 'usr' && $oid == $user_id) {
128 return true;
129 }
130 // }
131 break;
132
133 case 'frm~d:html':
134 $draft_id = $usage['id'];
135
136 $oDraft = ilForumPostDraft::newInstanceByDraftId($draft_id);
137 if ($user_id == $oDraft->getPostAuthorId()) {
138 return true;
139 }
140 break;
141 case 'frm~h:html':
142 $history_id = $usage['id'];
143 $oHistoryDraft = new ilForumDraftsHistory($history_id);
144 $oDraft = ilForumPostDraft::newInstanceByDraftId($oHistoryDraft->getDraftId());
145 if ($user_id == $oDraft->getPostAuthorId()) {
146 return true;
147 }
148 break;
149 case 'qpl:pg':
150 case 'qpl:html':
151 // test questions
152 if ($this->checkAccessTestQuestion($oid, $usage['id'])) {
153 return true;
154 }
155 break;
156
157 case 'term:pg':
158 // special check for glossary terms
159 if ($this->checkAccessGlossaryTerm($oid, $usage['id'])) {
160 return true;
161 }
162 break;
163
164 case 'sahs:pg':
165 // check for scorm pages
166 if ($this->checkAccessObject($oid, 'sahs')) {
167 return true;
168 }
169 break;
170
171 case 'prtf:pg':
172 // special check for portfolio pages
173 if ($this->checkAccessPortfolioPage($oid, $usage['id'])) {
174 return true;
175 }
176 break;
177
178 case 'blp:pg':
179 // special check for blog pages
180 if ($this->checkAccessBlogPage($oid)) {
181 return true;
182 }
183 break;
184
185 case 'lobj:pg':
186 // special check for learning objective pages
187 if ($this->checkAccessLearningObjectivePage($oid, $usage['id'])) {
188 return true;
189 }
190 break;
191
192 case 'impr:pg':
193 return (ilImprint::isActive() || $this->checkAccessObject(SYSTEM_FOLDER_ID, 'adm'));
194
195 case 'cstr:pg':
196 default:
197 // standard object check
198 if ($this->checkAccessObject($oid)) {
199 return true;
200 }
201 break;
202 }
203
204 return false;
205 }
206
207
211 protected function checkAccessObject(
212 int $obj_id,
213 string $obj_type = ''
214 ): bool {
215 $ilAccess = $this->access;
216 $ilUser = $this->user;
217 $user_id = $ilUser->getId();
218
219 if (!$obj_type) {
220 $obj_type = ilObject::_lookupType($obj_id);
221 }
222 $ref_ids = ilObject::_getAllReferences($obj_id);
223
224 foreach ($ref_ids as $ref_id) {
225 // foreach ($this->check_users as $user_id) {
226 if ($ilAccess->checkAccessOfUser($user_id, "read", "view", $ref_id, $obj_type, $obj_id)) {
227 return true;
228 }
229 // }
230 }
231
232 return false;
233 }
234
235
241 protected function checkAccessTestQuestion(
242 int $obj_id,
243 int $usage_id = 0
244 ): bool {
245 // give access if direct usage is readable
246 if ($this->checkAccessObject($obj_id)) {
247 return true;
248 }
249
250 $obj_type = ilObject::_lookupType($obj_id);
251 if ($obj_type == 'qpl') {
252 // give access if question pool is used by readable test
253 // for random selection of questions
254 $tests = ilObjTestAccess::_getRandomTestsForQuestionPool($obj_id);
255 foreach ($tests as $test_id) {
256 if ($this->checkAccessObject($test_id, 'tst')) {
257 return true;
258 }
259 }
260 }
261
262 return false;
263 }
264
265
273 protected function checkAccessGlossaryTerm(
274 int $obj_id,
275 int $page_id
276 ): bool {
277 // give access if glossary is readable
278 if ($this->checkAccessObject($obj_id)) {
279 return true;
280 }
281
282 $term_id = $page_id;
283
284 $sources = ilInternalLink::_getSourcesOfTarget('git', $term_id, 0);
285
286 if ($sources) {
287 foreach ($sources as $src) {
288 switch ($src['type']) {
289 // Give access if term is linked by a learning module with read access.
290 // The term including media is shown by the learning module presentation!
291 case 'lm:pg':
292 $src_obj_id = ilLMObject::_lookupContObjID($src['id']);
293 if ($this->checkAccessObject($src_obj_id, 'lm')) {
294 return true;
295 }
296 break;
297
298 // Don't yet give access if the term is linked by another glossary
299 // The link will lead to the origin glossary which is already checked
300 /*
301 case 'gdf:pg':
302 $src_term_id = ilGlossaryDefinition::_lookupTermId($src['id']);
303 $src_obj_id = ilGlossaryTerm::_lookGlossaryID($src_term_id);
304 if ($this->checkAccessObject($src_obj_id, 'glo'))
305 {
306 return true;
307 }
308 break;
309 */
310 }
311 }
312 }
313 return false;
314 }
315
316
322 protected function checkAccessPortfolioPage(
323 int $obj_id,
324 int $page_id
325 ): bool {
326 $ilUser = $this->user;
327 $access_handler = new ilPortfolioAccessHandler();
328 if ($access_handler->checkAccessOfUser($ilUser->getId(), "read", "view", $obj_id, "prtf")) {
329 return true;
330 }
331
332 return false;
333 }
334
335
340 protected function checkAccessBlogPage(
341 int $obj_id
342 ): bool {
343 $ilUser = $this->user;
344 $tree = new ilWorkspaceTree(0);
345 $node_id = $tree->lookupNodeId($obj_id);
346 if (!$node_id) {
347 return $this->checkAccessObject($obj_id);
348 } else {
349 $access_handler = new ilWorkspaceAccessHandler($tree);
350 if ($access_handler->checkAccessOfUser($tree, $ilUser->getId(), "read", "view", $node_id, "blog")) {
351 return true;
352 }
353 }
354
355 return false;
356 }
357
358
359 protected function checkAccessLearningObjectivePage(
360 int $obj_id,
361 int $page_id
362 ): bool {
363 $crs_obj_id = ilCourseObjective::_lookupContainerIdByObjectiveId($page_id);
364
365 return $this->checkAccessObject($crs_obj_id, 'crs');
366 }
367}
NEWS_PUBLIC
const NEWS_PUBLIC
Definition: class.ilNewsItem.php:29
ilCourseObjective
class ilcourseobjective
Definition: class.ilCourseObjective.php:28
ilForumDraftsHistory
Class ilForumDraftHistory.
Definition: class.ilForumDraftsHistory.php:26
ilForumPostDraft\newInstanceByDraftId
static newInstanceByDraftId(int $draft_id)
Definition: class.ilForumPostDraft.php:328
ilImprint\isActive
static isActive()
Definition: class.ilImprint.php:26
ilLMObject\_lookupContObjID
static _lookupContObjID(int $a_id)
get learning module id for lm object
Definition: class.ilLMObject.php:563
ilLogger
Component logger with individual log levels by component id.
Definition: class.ilLogger.php:29
ilMediaPoolPage\lookupUsages
static lookupUsages(int $a_id, bool $a_incl_hist=true)
Lookup usages of media object.
Definition: class.ilMediaPoolPage.php:67
ilNewsItem\_lookupVisibility
static _lookupVisibility(int $a_news_id)
Lookup News Visibility.
Definition: class.ilNewsItem.php:1530
ilObjMediaObjectAccess
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilObjMediaObjectAccess.php:24
ilObjMediaObjectAccess\checkAccessTestQuestion
checkAccessTestQuestion(int $obj_id, int $usage_id=0)
Check access rights for a test question This checks also tests with random selection of questions.
Definition: class.ilObjMediaObjectAccess.php:241
ilObjMediaObjectAccess\canBeDelivered
canBeDelivered(ilWACPath $ilWACPath)
Definition: class.ilObjMediaObjectAccess.php:40
ilObjMediaObjectAccess\checkAccessObject
checkAccessObject(int $obj_id, string $obj_type='')
Check access rights for an object by its object id.
Definition: class.ilObjMediaObjectAccess.php:211
ilObjMediaObjectAccess\checkAccessBlogPage
checkAccessBlogPage(int $obj_id)
Check access rights for blog pages.
Definition: class.ilObjMediaObjectAccess.php:340
ilObjMediaObjectAccess\checkAccessPortfolioPage
checkAccessPortfolioPage(int $obj_id, int $page_id)
Check access rights for portfolio pages.
Definition: class.ilObjMediaObjectAccess.php:322
ilObjMediaObjectAccess\checkAccessLearningObjectivePage
checkAccessLearningObjectivePage(int $obj_id, int $page_id)
Definition: class.ilObjMediaObjectAccess.php:359
ilObjMediaObjectAccess\checkAccessGlossaryTerm
checkAccessGlossaryTerm(int $obj_id, int $page_id)
Check access rights for glossary terms This checks also learning modules linking the term.
Definition: class.ilObjMediaObjectAccess.php:273
ilObjMediaObject\getParentObjectIdForUsage
static getParentObjectIdForUsage(array $a_usage, bool $a_include_all_access_obj_ids=false)
Get's the repository object ID of a parent object, if possible see ilWebAccessChecker.
Definition: class.ilObjMediaObject.php:1004
ilObjTestAccess\_getRandomTestsForQuestionPool
static _getRandomTestsForQuestionPool(int $qpl_id)
Get all tests using a question pool for random selection.
Definition: class.ilObjTestAccess.php:242
ilObjUser
User class.
Definition: class.ilObjUser.php:46
ilObjectDataCache
class ilObjectDataCache
Definition: class.ilObjectDataCache.php:30
ilObject\_lookupType
static _lookupType(int $id, bool $reference=false)
Definition: class.ilObject.php:1101
ilObject\_getAllReferences
static _getAllReferences(int $id)
get all reference ids for object ID
Definition: class.ilObject.php:826
ilPortfolioAccessHandler
Access handler for portfolio NOTE: This file needs to stay in the classes directory,...
Definition: class.ilPortfolioAccessHandler.php:27
ilWACPath
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilWACPath.php:27
ilWorkspaceAccessHandler
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilWorkspaceAccessHandler.php:25
ilWorkspaceTree
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilWorkspaceTree.php:25
SYSTEM_FOLDER_ID
const SYSTEM_FOLDER_ID
Definition: constants.php:35
ilAccessHandler
Interface ilAccessHandler This interface combines all available interfaces which can be called via gl...
Definition: interface.ilAccessHandler.php:27
ilWACCheckingClass
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: interface.ilWACCheckingClass.php:26
$ref_id
$ref_id
Definition: ltiauth.php:66
if
if(!file_exists('../ilias.ini.php'))
Definition: sessioncheck.php:23
$DIC
global $DIC
Definition: shib_login.php:26