ILIAS  trunk Revision v11.0_alpha-1689-g66c127b4ae8
All Data Structures Namespaces Files Functions Variables Enumerations Enumerator Modules Pages
class.ilObjDataCollectionAccess.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
21 class ilObjDataCollectionAccess extends ilObjectAccess
22 {
33  public static function _getCommands(): array
34  {
35  $commands = [
36  ["permission" => "read", "cmd" => "render", "lang_var" => "show", "default" => true],
37  ["permission" => "write", "cmd" => "listRecords", "lang_var" => "edit_content"],
38  ["permission" => "write", "cmd" => "edit", "lang_var" => "settings"],
39  ];
40 
41  return $commands;
42  }
43 
47  public static function _checkGoto(string $target): bool
48  {
49  global $DIC;
50  $ilAccess = $DIC['ilAccess'];
51 
52  $t_arr = explode("_", $target);
53  $ref_id = (int) $t_arr[1];
54 
55  if ($t_arr[0] != "dcl" || $ref_id <= 0) {
56  return false;
57  }
58 
59  if ($ilAccess->checkAccess("read", "", $ref_id) ||
60  $ilAccess->checkAccess("visible", "", $ref_id)) {
61  return true;
62  }
63 
64  return false;
65  }
66 
67  protected static function isTableInDataCollection(ilDclTable $table, int $ref_id): bool
68  {
69  if ($table->getObjId() !== null) {
70  foreach (ilObjDataCollection::_getAllReferences($table->getObjId()) as $reference) {
71  if ($reference == $ref_id) {
72  return true;
73  }
74  }
75  }
76 
77  return false;
78  }
79 
80  public function _checkAccess(string $cmd, string $permission, int $ref_id, int $obj_id, ?int $user_id = null): bool
81  {
82  global $DIC;
83  $ilUser = $DIC['ilUser'];
84  $lng = $DIC['lng'];
85  $rbacsystem = $DIC['rbacsystem'];
86  $ilAccess = $DIC['ilAccess'];
87 
88  if (is_null($user_id) === true) {
89  $user_id = $ilUser->getId();
90  }
91 
92  switch ($cmd) {
93  case "view":
94 
95  if (!ilObjDataCollectionAccess::_lookupOnline($obj_id)
96  && !$rbacsystem->checkAccessOfUser($user_id, 'write', $ref_id)
97  ) {
98  $ilAccess->addInfoItem(ilAccessInfo::IL_NO_OBJECT_ACCESS, $lng->txt("offline"));
99 
100  return false;
101  }
102  break;
103 
104  // for permission query feature
105  case "infoScreen":
106  if (!ilObjDataCollectionAccess::_lookupOnline($obj_id)) {
107  $ilAccess->addInfoItem(ilAccessInfo::IL_NO_OBJECT_ACCESS, $lng->txt("offline"));
108  } else {
109  $ilAccess->addInfoItem(ilAccessInfo::IL_STATUS_MESSAGE, $lng->txt("online"));
110  }
111  break;
112  }
113  switch ($permission) {
114  case "read":
115  case "visible":
116  if (!ilObjDataCollectionAccess::_lookupOnline($obj_id)
117  && (!$rbacsystem->checkAccessOfUser($user_id, 'write', $ref_id))
118  ) {
119  $ilAccess->addInfoItem(ilAccessInfo::IL_NO_OBJECT_ACCESS, $lng->txt("offline"));
120 
121  return false;
122  }
123  break;
124  }
125 
126  return true;
127  }
128 
133  public static function _lookupOnline(int $a_id): bool
134  {
135  global $DIC;
136  $ilDB = $DIC->database();
137 
138  $q = "SELECT * FROM il_dcl_data WHERE id = " . $ilDB->quote($a_id, "integer");
139  $dcl_set = $ilDB->query($q);
140  $dcl_rec = $ilDB->fetchAssoc($dcl_set);
141 
142  return !is_null($dcl_rec) && $dcl_rec["is_online"];
143  }
144 
145  //
146  // DataCollection specific Access-Checks
147  //
148 
154  public static function checkAccessForDataCollectionId(int $data_collection_id): bool
155  {
156  global $DIC;
157  $ilAccess = $DIC['ilAccess'];
158 
159  $perm = false;
160  $references = ilObject2::_getAllReferences($data_collection_id);
161 
162  if ($ilAccess->checkAccess("add_entry", "", array_shift($references))) {
163  $perm = true;
164  }
165 
166  return $perm;
167  }
168 
169  public static function checkActionForObjId(string $action, int $obj_id): bool
170  {
171  foreach (ilObject2::_getAllReferences($obj_id) as $ref_id) {
172  if (self::checkActionForRefId($action, $ref_id)) {
173  return true;
174  }
175  }
176 
177  return false;
178  }
179 
180  public static function checkActionForRefId(string $action, int $ref_id): bool
181  {
182  global $DIC;
183  $ilAccess = $DIC['ilAccess'];
184 
189  return $ilAccess->checkAccess($action, "", $ref_id);
190  }
191 
196  public static function hasWriteAccess(int $ref, ?int $user_id = 0): bool
197  {
198  global $DIC;
199  $ilAccess = $DIC['ilAccess'];
200 
201  if ($user_id) {
202  return $ilAccess->checkAccessOfUser($user_id, "write", "", $ref);
203  }
204 
205  return $ilAccess->checkAccess("write", "", $ref);
206  }
207 
208  public static function hasEditAccess(int $ref, ?int $user_id = 0): bool
209  {
210  global $DIC;
211  $ilAccess = $DIC['ilAccess'];
212 
213  if ($user_id) {
214  return $ilAccess->checkAccessOfUser($user_id, "write", "", $ref);
215  }
216 
217  return $ilAccess->checkAccess("edit_content", "", $ref);
218  }
219 
224  public static function hasAddRecordAccess(int $ref, ?int $user_id = 0): bool
225  {
226  global $DIC;
227  $ilAccess = $DIC['ilAccess'];
228 
229  if ($user_id) {
230  return $ilAccess->checkAccessOfUser($user_id, "write", "", $ref);
231  }
232 
233  return $ilAccess->checkAccess("add_entry", "", $ref);
234  }
235 
240  public static function hasReadAccess(int $ref, ?int $user_id = 0): bool
241  {
242  global $DIC;
243  $ilAccess = $DIC['ilAccess'];
244 
245  if ($user_id) {
246  return $ilAccess->checkAccessOfUser($user_id, "write", "", $ref);
247  }
248 
249  return $ilAccess->checkAccess("read", "", $ref);
250  }
251 
252  public static function hasAccessToTableView(ilDclTableView $tableview, ?int $user_id = 0): bool
253  {
254  global $DIC;
255  $rbacreview = $DIC['rbacreview'];
256  $ilUser = $DIC['ilUser'];
257 
258  $assigned_roles = $rbacreview->assignedRoles($user_id ?: $ilUser->getId());
259  $allowed_roles = $tableview->getRoles();
260 
261  return !empty(array_intersect($assigned_roles, $allowed_roles));
262  }
263 
268  protected static function hasAccessToTable(int $table_id, int $ref_id): bool
269  {
270  $table = ilDclCache::getTableCache($table_id);
271  return self::hasWriteAccess($ref_id) || $table->getIsVisible();
272  }
273 
274  public static function hasAccessTo(int $ref_id, int $table_id, int $tableview_id): bool
275  {
277  $tableview = ilDclTableView::find($tableview_id);
278  $table = ilDclCache::getTableCache($table_id);
279 
280  // is tableview in table and is table in datacollection
281  if (($tableview->getTableId() !== $table_id)
282  || !self::isTableInDataCollection($table, $ref_id)
283  ) {
284  return false;
285  }
286 
287  // check access
288  return self::hasWriteAccess($ref_id)
289  || (
290  self::hasReadAccess($ref_id) && self::hasAccessToTable($table_id, $ref_id) && self::hasAccessToTableView($tableview)
291  );
292  }
293 
294  public static function hasAccessToFields(int $ref_id, int $table_id): bool
295  {
296  return self::isTableInDataCollection(ilDclCache::getTableCache($table_id), $ref_id)
297  && (self::hasWriteAccess($ref_id));
298  }
299 
300  public static function hasAccessToEditTable(int $ref_id, int $table_id): bool
301  {
302  return self::hasAccessToFields($ref_id, $table_id);
303  }
304 
305  public static function hasAccessToField(int $ref_id, int $table_id, int $field_id): bool
306  {
307  $table = ilDclCache::getTableCache($table_id);
308 
309  return in_array($field_id, $table->getFieldIds()) && self::hasAccessToFields($ref_id, $table_id);
310  }
311 
312  public static function hasPermissionToAddRecord(int $ref_id, int $table_id): bool
313  {
314  $table = ilDclCache::getTableCache($table_id);
315  if (!self::isTableInDataCollection($table, $ref_id)) {
316  return false;
317  }
318 
319  return ilObjDataCollectionAccess::hasWriteAccess($ref_id)
320  || (ilObjDataCollectionAccess::hasAddRecordAccess($ref_id) && $table->getAddPerm() && $table->checkLimit());
321  }
322 }
ilObjDataCollectionAccess\hasAccessToTableView
static hasAccessToTableView(ilDclTableView $tableview, ?int $user_id=0)
Definition: class.ilObjDataCollectionAccess.php:252
ilObjDataCollectionAccess\hasAddRecordAccess
static hasAddRecordAccess(int $ref, ?int $user_id=0)
Definition: class.ilObjDataCollectionAccess.php:224
ilObject\_getAllReferences
static _getAllReferences(int $id)
get all reference ids for object ID
Definition: class.ilObject.php:809
ilObjDataCollectionAccess\_getCommands
static _getCommands()
get commands this method returns an array of all possible commands/permission combinations example: $...
Definition: class.ilObjDataCollectionAccess.php:33
null
while($session_entry=$r->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) return null
Definition: shib_logout.php:142
ilObjDataCollectionAccess\hasAccessToFields
static hasAccessToFields(int $ref_id, int $table_id)
Definition: class.ilObjDataCollectionAccess.php:294
$ref_id
$ref_id
Definition: ltiauth.php:65
ilObjDataCollectionAccess\_checkAccess
_checkAccess(string $cmd, string $permission, int $ref_id, int $obj_id, ?int $user_id=null)
Definition: class.ilObjDataCollectionAccess.php:80
$DIC
global $DIC
Definition: shib_login.php:22
ilObjDataCollectionAccess\isTableInDataCollection
static isTableInDataCollection(ilDclTable $table, int $ref_id)
Definition: class.ilObjDataCollectionAccess.php:67
ilDclCache\getTableCache
static getTableCache(?int $table_id=null)
Definition: class.ilDclCache.php:131
ilObjDataCollectionAccess\hasAccessToField
static hasAccessToField(int $ref_id, int $table_id, int $field_id)
Definition: class.ilObjDataCollectionAccess.php:305
ilObjDataCollectionAccess\hasWriteAccess
static hasWriteAccess(int $ref, ?int $user_id=0)
Definition: class.ilObjDataCollectionAccess.php:196
ilObjDataCollectionAccess\_checkGoto
static _checkGoto(string $target)
check whether goto script will succeed
Definition: class.ilObjDataCollectionAccess.php:47
ilObjDataCollectionAccess\hasAccessToTable
static hasAccessToTable(int $table_id, int $ref_id)
returns true if either the table is visible for all users, or no tables are visible and this is the t...
Definition: class.ilObjDataCollectionAccess.php:268
$lng
global $lng
Definition: privfeed.php:31
$q
$q
Definition: shib_logout.php:21
ilObjDataCollectionAccess\hasReadAccess
static hasReadAccess(int $ref, ?int $user_id=0)
Definition: class.ilObjDataCollectionAccess.php:240
ilObjDataCollectionAccess\hasPermissionToAddRecord
static hasPermissionToAddRecord(int $ref_id, int $table_id)
Definition: class.ilObjDataCollectionAccess.php:312
ilObjDataCollectionAccess\hasAccessToEditTable
static hasAccessToEditTable(int $ref_id, int $table_id)
Definition: class.ilObjDataCollectionAccess.php:300
ilObjDataCollectionAccess\hasEditAccess
static hasEditAccess(int $ref, ?int $user_id=0)
Definition: class.ilObjDataCollectionAccess.php:208
ilObjDataCollectionAccess\checkAccessForDataCollectionId
static checkAccessForDataCollectionId(int $data_collection_id)
Definition: class.ilObjDataCollectionAccess.php:154
ilObjDataCollectionAccess\_lookupOnline
static _lookupOnline(int $a_id)
Check wether datacollection is online.
Definition: class.ilObjDataCollectionAccess.php:133
ilObjDataCollectionAccess\checkActionForObjId
static checkActionForObjId(string $action, int $obj_id)
Definition: class.ilObjDataCollectionAccess.php:169