ILIAS  trunk Revision v11.0_alpha-1689-g66c127b4ae8
All Data Structures Namespaces Files Functions Variables Enumerations Enumerator Modules Pages
class.ilObjMediaObjectAccess.php
Go to the documentation of this file.
1 <?php
2 
23 class ilObjMediaObjectAccess implements ilWACCheckingClass
24 {
25  protected ilObjectDataCache $obj_data_cache;
26  protected ilObjUser $user;
27  protected ilAccessHandler $access;
28  protected ilLogger $logger;
29 
30  public function __construct()
31  {
32  global $DIC;
33 
34  $this->obj_data_cache = $DIC["ilObjDataCache"];
35  $this->user = $DIC->user();
36  $this->access = $DIC->access();
37  $this->logger = $DIC->logger()->mob();
38  }
39 
40  public function canBeDelivered(ilWACPath $ilWACPath): bool
41  {
42  preg_match("/.\\/public\/data\\/.*\\/mm_([0-9]*)\\/.*/ui", $ilWACPath->getPath(), $matches);
43  $obj_id = $matches[1] ?? 0;
44 
45  return $this->checkAccessMob($obj_id);
46  }
47 
48  protected function checkAccessMob(
49  int $obj_id
50  ): bool {
51 
52  foreach (ilObjMediaObject::lookupUsages($obj_id) as $usage) {
53  $oid = ilObjMediaObject::getParentObjectIdForUsage($usage, true);
54  // for content snippets we must get their usages and check them
55  switch ($usage["type"]) {
56  case "auth:pg":
57  // Mobs on the Loginpage should always be delivered
58  return true;
59  case "mep:pg":
60  $usages2 = ilMediaPoolPage::lookupUsages($usage["id"]);
61  foreach ($usages2 as $usage2) {
62  $oid2 = ilObjMediaObject::getParentObjectIdForUsage($usage2, true);
63  if ($this->checkAccessMobUsage($usage2, $oid2)) {
64  return true;
65  }
66  }
67  break;
68 
69  case "clip":
70  if ($usage["id"] == $this->user->getId()) {
71  return true;
72  }
73  break;
74 
75  default:
76  if ($oid !== null && $this->checkAccessMobUsage($usage, $oid)) {
77  return true;
78  }
79 
80  if ($oid === null) {
81  $this->logger->error(
82  sprintf(
83  "Could not determine parent obj_id for usage: %s",
84  json_encode($usage, JSON_THROW_ON_ERROR | JSON_PRETTY_PRINT)
85  )
86  );
87  }
88  break;
89  }
90  }
91 
92  return false;
93  }
94 
95 
96  protected function checkAccessMobUsage(
97  array $usage,
98  int $oid
99  ): bool {
103  $ilObjDataCache = $this->obj_data_cache;
104  $ilUser = $this->user;
105  $user_id = $ilUser->getId();
106 
107  switch ($usage['type']) {
108  case 'lm:pg':
109  if ($this->checkAccessObject($oid, 'lm')) {
110  return true;
111  }
112  break;
113 
114  case 'news':
115  // media objects in news (media casts)
116  if ($this->checkAccessObject($oid)) {
117  return true;
118  } elseif (ilObjMediaCastAccess::_lookupPublicFiles($oid) && ilNewsItem::_lookupVisibility($usage["id"]) == NEWS_PUBLIC) {
119  return true;
120  }
121  break;
122 
123  case 'frm~:html':
124  case 'exca~:html':
125  // $oid = userid
126  // foreach ($this->check_users as $user_id) {
127  if ($ilObjDataCache->lookupType($oid) == 'usr' && $oid == $user_id) {
128  return true;
129  }
130  // }
131  break;
132 
133  case 'frm~d:html':
134  $draft_id = $usage['id'];
135 
136  $oDraft = ilForumPostDraft::newInstanceByDraftId($draft_id);
137  if ($user_id == $oDraft->getPostAuthorId()) {
138  return true;
139  }
140  break;
141  case 'frm~h:html':
142  $history_id = $usage['id'];
143  $oHistoryDraft = new ilForumDraftsHistory($history_id);
144  $oDraft = ilForumPostDraft::newInstanceByDraftId($oHistoryDraft->getDraftId());
145  if ($user_id == $oDraft->getPostAuthorId()) {
146  return true;
147  }
148  break;
149  case 'qpl:pg':
150  case 'qpl:html':
151  // test questions
152  if ($this->checkAccessTestQuestion($oid, $usage['id'])) {
153  return true;
154  }
155  break;
156 
157  case 'term:pg':
158  // special check for glossary terms
159  if ($this->checkAccessGlossaryTerm($oid, $usage['id'])) {
160  return true;
161  }
162  break;
163 
164  case 'sahs:pg':
165  // check for scorm pages
166  if ($this->checkAccessObject($oid, 'sahs')) {
167  return true;
168  }
169  break;
170 
171  case 'prtf:pg':
172  // special check for portfolio pages
173  if ($this->checkAccessPortfolioPage($oid, $usage['id'])) {
174  return true;
175  }
176  break;
177 
178  case 'blp:pg':
179  // special check for blog pages
180  if ($this->checkAccessBlogPage($oid)) {
181  return true;
182  }
183  break;
184 
185  case 'lobj:pg':
186  // special check for learning objective pages
187  if ($this->checkAccessLearningObjectivePage($oid, $usage['id'])) {
188  return true;
189  }
190  break;
191 
192  case 'impr:pg':
193  return (ilImprint::isActive() || $this->checkAccessObject(SYSTEM_FOLDER_ID, 'adm'));
194 
195  case 'cstr:pg':
196  default:
197  // standard object check
198  if ($this->checkAccessObject($oid)) {
199  return true;
200  }
201  break;
202  }
203 
204  return false;
205  }
206 
207 
211  protected function checkAccessObject(
212  int $obj_id,
213  string $obj_type = ''
214  ): bool {
215  $ilAccess = $this->access;
216  $ilUser = $this->user;
217  $user_id = $ilUser->getId();
218 
219  if (!$obj_type) {
220  $obj_type = ilObject::_lookupType($obj_id);
221  }
222  $ref_ids = ilObject::_getAllReferences($obj_id);
223 
224  foreach ($ref_ids as $ref_id) {
225  // foreach ($this->check_users as $user_id) {
226  if ($ilAccess->checkAccessOfUser($user_id, "read", "view", $ref_id, $obj_type, $obj_id)) {
227  return true;
228  }
229  // }
230  }
231 
232  return false;
233  }
234 
235 
241  protected function checkAccessTestQuestion(
242  int $obj_id,
243  int $usage_id = 0
244  ): bool {
245  // give access if direct usage is readable
246  if ($this->checkAccessObject($obj_id)) {
247  return true;
248  }
249 
250  $obj_type = ilObject::_lookupType($obj_id);
251  if ($obj_type == 'qpl') {
252  // give access if question pool is used by readable test
253  // for random selection of questions
254  $tests = ilObjTestAccess::_getRandomTestsForQuestionPool($obj_id);
255  foreach ($tests as $test_id) {
256  if ($this->checkAccessObject($test_id, 'tst')) {
257  return true;
258  }
259  }
260  }
261 
262  return false;
263  }
264 
265 
273  protected function checkAccessGlossaryTerm(
274  int $obj_id,
275  int $page_id
276  ): bool {
277  // give access if glossary is readable
278  if ($this->checkAccessObject($obj_id)) {
279  return true;
280  }
281 
282  $term_id = $page_id;
283 
284  $sources = ilInternalLink::_getSourcesOfTarget('git', $term_id, 0);
285 
286  if ($sources) {
287  foreach ($sources as $src) {
288  switch ($src['type']) {
289  // Give access if term is linked by a learning module with read access.
290  // The term including media is shown by the learning module presentation!
291  case 'lm:pg':
292  $src_obj_id = ilLMObject::_lookupContObjID($src['id']);
293  if ($this->checkAccessObject($src_obj_id, 'lm')) {
294  return true;
295  }
296  break;
297 
298  // Don't yet give access if the term is linked by another glossary
299  // The link will lead to the origin glossary which is already checked
300  /*
301  case 'gdf:pg':
302  $src_term_id = ilGlossaryDefinition::_lookupTermId($src['id']);
303  $src_obj_id = ilGlossaryTerm::_lookGlossaryID($src_term_id);
304  if ($this->checkAccessObject($src_obj_id, 'glo'))
305  {
306  return true;
307  }
308  break;
309  */
310  }
311  }
312  }
313  return false;
314  }
315 
316 
322  protected function checkAccessPortfolioPage(
323  int $obj_id,
324  int $page_id
325  ): bool {
326  $ilUser = $this->user;
327  $access_handler = new ilPortfolioAccessHandler();
328  if ($access_handler->checkAccessOfUser($ilUser->getId(), "read", "view", $obj_id, "prtf")) {
329  return true;
330  }
331 
332  return false;
333  }
334 
335 
340  protected function checkAccessBlogPage(
341  int $obj_id
342  ): bool {
343  $ilUser = $this->user;
344  $tree = new ilWorkspaceTree(0);
345  $node_id = $tree->lookupNodeId($obj_id);
346  if (!$node_id) {
347  return $this->checkAccessObject($obj_id);
348  } else {
349  $access_handler = new ilWorkspaceAccessHandler($tree);
350  if ($access_handler->checkAccessOfUser($tree, $ilUser->getId(), "read", "view", $node_id, "blog")) {
351  return true;
352  }
353  }
354 
355  return false;
356  }
357 
358 
359  protected function checkAccessLearningObjectivePage(
360  int $obj_id,
361  int $page_id
362  ): bool {
363  $crs_obj_id = ilCourseObjective::_lookupContainerIdByObjectiveId($page_id);
364 
365  return $this->checkAccessObject($crs_obj_id, 'crs');
366  }
367 }
ilObjMediaObjectAccess\checkAccessPortfolioPage
checkAccessPortfolioPage(int $obj_id, int $page_id)
Check access rights for portfolio pages.
Definition: class.ilObjMediaObjectAccess.php:322
ilObjMediaObjectAccess
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilObjMediaObjectAccess.php:23
ilObjMediaObject\lookupUsages
static lookupUsages(int $a_id, bool $a_include_history=true)
Lookup usages of media object.
Definition: class.ilObjMediaObject.php:913
ilObjMediaObjectAccess\checkAccessGlossaryTerm
checkAccessGlossaryTerm(int $obj_id, int $page_id)
Check access rights for glossary terms This checks also learning modules linking the term...
Definition: class.ilObjMediaObjectAccess.php:273
ilObjMediaObject\getParentObjectIdForUsage
static getParentObjectIdForUsage(array $a_usage, bool $a_include_all_access_obj_ids=false)
Get&#39;s the repository object ID of a parent object, if possible see ilWebAccessChecker.
Definition: class.ilObjMediaObject.php:1004
ilObject\_getAllReferences
static _getAllReferences(int $id)
get all reference ids for object ID
Definition: class.ilObject.php:809
ilWorkspaceAccessHandler
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilWorkspaceAccessHandler.php:24
ilMediaPoolPage\lookupUsages
static lookupUsages(int $a_id, bool $a_incl_hist=true)
Lookup usages of media object.
Definition: class.ilMediaPoolPage.php:67
ilWACPath
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilWACPath.php:26
SYSTEM_FOLDER_ID
const SYSTEM_FOLDER_ID
Definition: constants.php:35
ilCourseObjective\_lookupContainerIdByObjectiveId
static _lookupContainerIdByObjectiveId(int $a_objective_id)
Definition: class.ilCourseObjective.php:61
ilWorkspaceTree
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilWorkspaceTree.php:24
ilForumDraftsHistory
Class ilForumDraftHistory.
Definition: class.ilForumDraftsHistory.php:25
ilObjMediaObjectAccess\checkAccessTestQuestion
checkAccessTestQuestion(int $obj_id, int $usage_id=0)
Check access rights for a test question This checks also tests with random selection of questions...
Definition: class.ilObjMediaObjectAccess.php:241
null
while($session_entry=$r->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) return null
Definition: shib_logout.php:142
ilObjMediaObjectAccess\canBeDelivered
canBeDelivered(ilWACPath $ilWACPath)
Definition: class.ilObjMediaObjectAccess.php:40
ilObjTestAccess\_getRandomTestsForQuestionPool
static _getRandomTestsForQuestionPool($qpl_id)
Get all tests using a question pool for random selection.
Definition: class.ilObjTestAccess.php:500
$ref_id
$ref_id
Definition: ltiauth.php:65
NEWS_PUBLIC
const NEWS_PUBLIC
Definition: class.ilNewsItem.php:29
ilNewsItem\_lookupVisibility
static _lookupVisibility(int $a_news_id)
Lookup News Visibility.
Definition: class.ilNewsItem.php:1530
$DIC
global $DIC
Definition: shib_login.php:22
ilWACCheckingClass
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: interface.ilWACCheckingClass.php:24
ilObjMediaObjectAccess\checkAccessBlogPage
checkAccessBlogPage(int $obj_id)
Check access rights for blog pages.
Definition: class.ilObjMediaObjectAccess.php:340
ilObjMediaObjectAccess\checkAccessLearningObjectivePage
checkAccessLearningObjectivePage(int $obj_id, int $page_id)
Definition: class.ilObjMediaObjectAccess.php:359
ilPortfolioAccessHandler
Access handler for portfolio NOTE: This file needs to stay in the classes directory, WAC will be confused otherwise.
Definition: class.ilPortfolioAccessHandler.php:26
ilLMObject\_lookupContObjID
static _lookupContObjID(int $a_id)
get learning module id for lm object
Definition: class.ilLMObject.php:563
ilObjMediaObjectAccess\checkAccessObject
checkAccessObject(int $obj_id, string $obj_type='')
Check access rights for an object by its object id.
Definition: class.ilObjMediaObjectAccess.php:211
ilForumPostDraft\newInstanceByDraftId
static newInstanceByDraftId(int $draft_id)
Definition: class.ilForumPostDraft.php:328
ilObject\_lookupType
static _lookupType(int $id, bool $reference=false)
Definition: class.ilObject.php:1084
ilImprint\isActive
static isActive()
Definition: class.ilImprint.php:35