ILIAS  trunk Revision v11.0_alpha-3011-gc6b235a2e85
AccessManager.php
Go to the documentation of this file.
1<?php
2
19declare(strict_types=1);
20
21namespace ILIAS\BookingManager\Access;
22
23use ILIAS\BookingManager\InternalDomainService;
24
25class AccessManager
26{
27 protected \ilTree $tree;
28 protected int $user_id;
29 protected int $ref_id;
30 protected \ilAccessHandler $access;
31 protected InternalDomainService $domain;
32
33 public function __construct(
34 InternalDomainService $domain,
35 \ilAccessHandler $access
36 ) {
37 $this->domain = $domain;
38 $this->access = $access;
39 $this->tree = $this->domain->repositoryTree();
40 }
41
42 protected function getCurrentUserId(int $user_id): int
43 {
44 if ($user_id > 0) {
45 return $user_id;
46 }
47 return $this->domain->user()->getId();
48 }
49
50 public function canManageObjects(
51 int $ref_id,
52 int $current_user = 0
53 ): bool {
54 $current_user = $this->getCurrentUserId($current_user);
55 return $this->access->checkAccessOfUser($current_user, "write", "", $ref_id);
56 }
57
58 public function canManageSettings(
59 int $ref_id,
60 int $current_user = 0
61 ): bool {
62 $current_user = $this->getCurrentUserId($current_user);
63 return $this->access->checkAccessOfUser($current_user, "write", "", $ref_id);
64 }
65
66 public function canManageParticipants(
67 int $ref_id,
68 int $current_user = 0
69 ): bool {
70 $current_user = $this->getCurrentUserId($current_user);
71 return $this->access->checkAccessOfUser($current_user, "write", "", $ref_id);
72 }
73
74 public function filterManageableParticipants(
75 int $ref_id,
76 array $participant_ids
77 ): array {
78 return $this->access->filterUserIdsByRbacOrPositionOfCurrentUser(
79 'render',
80 'render',
81 $ref_id,
82 $participant_ids
83 );
84 }
85
86 public function canManageAllReservations(
87 int $ref_id,
88 int $current_user = 0
89 ): bool {
90 $current_user = $this->getCurrentUserId($current_user);
91 return $this->access->checkAccessOfUser($current_user, "manage_all_reservations", "", $ref_id);
92 }
93
94 public function canManageOwnReservations(
95 int $ref_id,
96 int $current_user = 0
97 ): bool {
98 $current_user = $this->getCurrentUserId($current_user);
99 return $this->access->checkAccessOfUser($current_user, "manage_own_reservations", "", $ref_id) ||
100 $this->access->checkAccessOfUser($current_user, "manage_all_reservations", "", $ref_id);
101 }
102
103 public function canManageReservationForUser(
104 int $ref_id,
105 int $target_user,
106 int $current_user = 0
107 ): bool {
108 $current_user = $this->getCurrentUserId($current_user);
109 if ($target_user === $current_user) {
110 return $this->access->checkAccessOfUser($current_user, "manage_own_reservations", "", $ref_id) ||
111 $this->access->checkAccessOfUser($current_user, "manage_all_reservations", "", $ref_id);
112 }
113 return $this->access->checkAccessOfUser($current_user, "manage_all_reservations", "", $ref_id);
114 }
115
116 public function canRetrieveNotificationsForOwnReservationsByObjId(
117 int $book_obj_id,
118 int $current_user = 0
119 ): bool {
120 $current_user = $this->getCurrentUserId($current_user);
121 return $this->hasPermissionOnAnyReference("manage_own_reservations", $current_user, $book_obj_id);
122 }
123
124 public function canRetrieveNotificationsForAllReservationsByObjId(
125 int $book_obj_id,
126 int $current_user = 0
127 ): bool {
128 $current_user = $this->getCurrentUserId($current_user);
129 return $this->hasPermissionOnAnyReference("manage_all_reservations", $current_user, $book_obj_id);
130 }
131
132 protected function hasPermissionOnAnyReference(
133 string $perm,
134 int $uid,
135 int $obj_id
136 ): bool {
137 $access = $this->access;
138 foreach (\ilObject::_getAllReferences($obj_id) as $ref_id) {
139 if ($access->checkAccessOfUser($uid, $perm, "", $ref_id)) {
140 return true;
141 }
142 }
143 return false;
144 }
145
146 public function getParentGroupCourse(int $ref_id): ?array
147 {
148 $tree = $this->tree;
149 if (($par_ref_id = $tree->checkForParentType($ref_id, "grp")) > 0) {
150 return [
151 "ref_id" => $par_ref_id,
152 "type" => "grp"
153 ];
154 }
155 if (($par_ref_id = $tree->checkForParentType($ref_id, "crs")) > 0) {
156 return [
157 "ref_id" => $par_ref_id,
158 "type" => "crs"
159 ];
160 }
161 return null;
162 }
163
164 public function canManageMembersOfParent(int $ref_id): bool
165 {
166 if (($parent = $this->getParentGroupCourse($ref_id)) !== null) {
167 return ($this->access->checkAccess("manage_members", "", (int) $parent["ref_id"])) ;
168 }
169 return false;
170 }
171
172 public function validateBookingObjId(int $book_obj_id, int $pool_id): void
173 {
174 if ($book_obj_id > 0 && \ilBookingObject::lookupPoolId($book_obj_id) !== $pool_id) {
175 throw new \ilPermissionException("Booking object pool id does not match pool id.");
176 }
177 }
178
179 public function validateScheduleId(int $schedule_id, int $pool_id): void
180 {
181 $sm = $this->domain->schedules($pool_id);
182 if (!$sm->hasScheduleId($schedule_id)) {
183 throw new \ilPermissionException("Schedule id does not match pool id.");
184 }
185 }
186
187}
ILIAS\BookingManager\Access\AccessManager\validateBookingObjId
validateBookingObjId(int $book_obj_id, int $pool_id)
Definition: AccessManager.php:172
ILIAS\BookingManager\Access\AccessManager\canRetrieveNotificationsForAllReservationsByObjId
canRetrieveNotificationsForAllReservationsByObjId(int $book_obj_id, int $current_user=0)
Definition: AccessManager.php:124
ILIAS\BookingManager\Access\AccessManager\__construct
__construct(InternalDomainService $domain, \ilAccessHandler $access)
Definition: AccessManager.php:33
ILIAS\BookingManager\Access\AccessManager\canManageObjects
canManageObjects(int $ref_id, int $current_user=0)
Definition: AccessManager.php:50
ILIAS\BookingManager\Access\AccessManager\canRetrieveNotificationsForOwnReservationsByObjId
canRetrieveNotificationsForOwnReservationsByObjId(int $book_obj_id, int $current_user=0)
Definition: AccessManager.php:116
ILIAS\BookingManager\Access\AccessManager\validateScheduleId
validateScheduleId(int $schedule_id, int $pool_id)
Definition: AccessManager.php:179
ILIAS\BookingManager\Access\AccessManager\canManageParticipants
canManageParticipants(int $ref_id, int $current_user=0)
Definition: AccessManager.php:66
ILIAS\BookingManager\Access\AccessManager\filterManageableParticipants
filterManageableParticipants(int $ref_id, array $participant_ids)
Definition: AccessManager.php:74
ILIAS\BookingManager\Access\AccessManager\hasPermissionOnAnyReference
hasPermissionOnAnyReference(string $perm, int $uid, int $obj_id)
Definition: AccessManager.php:132
ILIAS\BookingManager\Access\AccessManager\canManageReservationForUser
canManageReservationForUser(int $ref_id, int $target_user, int $current_user=0)
Definition: AccessManager.php:103
ILIAS\BookingManager\Access\AccessManager\canManageOwnReservations
canManageOwnReservations(int $ref_id, int $current_user=0)
Definition: AccessManager.php:94
ILIAS\BookingManager\Access\AccessManager\canManageAllReservations
canManageAllReservations(int $ref_id, int $current_user=0)
Definition: AccessManager.php:86
ILIAS\BookingManager\Access\AccessManager\canManageSettings
canManageSettings(int $ref_id, int $current_user=0)
Definition: AccessManager.php:58
ILIAS\BookingManager\InternalDomainService
Author: Alexander Killing killing@leifos.de
Definition: class.InternalDomainService.php:35
ilBookingObject\lookupPoolId
static lookupPoolId(int $object_id)
Definition: class.ilBookingObject.php:385
ilObject\_getAllReferences
static _getAllReferences(int $id)
get all reference ids for object ID
Definition: class.ilObject.php:826
return
return['delivery_method'=> 'php',]
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: delivery_method.php:21
ilAccessHandler
Interface ilAccessHandler This interface combines all available interfaces which can be called via gl...
Definition: interface.ilAccessHandler.php:27
$ref_id
$ref_id
Definition: ltiauth.php:66