ILIAS  trunk Revision v11.0_alpha-3011-gc6b235a2e85
Public Member Functions | Protected Member Functions | Protected Attributes | Private Member Functions
ilTestAccess Class Reference
+ Collaboration diagram for ilTestAccess:

Public Member Functions

 getAccess ()
 
 setAccess (ilAccessHandler $access)
 
 getRefId ()
 
 checkCorrectionsAccess ()
 
 checkScoreParticipantsAccess ()
 
 checkScoreParticipantsAccessAnon ()
 
 checkManageParticipantsAccess ()
 
 checkParticipantsResultsAccess ()
 
 checkOtherParticipantsLearningProgressAccess ()
 
 checkResultsAccessForActiveId (int $active_id, int $test_id)
 
 checkScoreParticipantsAccessForActiveId (int $active_id, int $test_id)
 
 isParticipantAllowed (int $obj_id, int $user_id)
 

Protected Member Functions

 checkAccessForActiveId (Closure $access_filter, int $active_id, int $test_id)
 

Protected Attributes

ilAccessHandler $access
 
ilDBInterface $db
 
ilLanguage $lng
 
MainSettingsDatabaseRepository $main_settings_repository
 
ilTestParticipantAccessFilterFactory $participant_access_filter
 
ParticipantRepository $participant_repository
 

Private Member Functions

 isParticipantExplicitelyAllowedByIndividualIPRange (?Participant $participant, string $ip)
 
 isIpAllowedToAccessTest (string $ip, SettingsAccess $access_settings)
 
 isIpTypeOf (int $ip_type_flag, string $ip, string $range_start, string $range_end)
 
 isIpv4Between (string $ip, string $range_start, string $range_end)
 
 isIpv6Between (string $ip, string $range_start, string $range_end)
 

Detailed Description

Definition at line 36 of file class.ilTestAccess.php.

Member Function Documentation

◆ checkAccessForActiveId()

ilTestAccess::checkAccessForActiveId ( Closure  $access_filter,
int  $active_id,
int  $test_id 
)
protected

Definition at line 163 of file class.ilTestAccess.php.

163 : bool
164 {
165 $participantData = new ilTestParticipantData($this->db, $this->lng);
166 $participantData->setActiveIdsFilter([$active_id]);
167 $participantData->setParticipantAccessFilter($access_filter);
168 $participantData->load($test_id);
169
170 return in_array($active_id, $participantData->getActiveIds());
171 }

References ILIAS\Repository\lng().

Referenced by checkResultsAccessForActiveId(), and checkScoreParticipantsAccessForActiveId().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ checkCorrectionsAccess()

ilTestAccess::checkCorrectionsAccess ( )
Returns
bool

Definition at line 77 of file class.ilTestAccess.php.

77 : bool
78 {
79 return $this->getAccess()->checkAccess('write', '', $this->getRefId());
80 }

References getAccess(), and getRefId().

+ Here is the call graph for this function:

◆ checkManageParticipantsAccess()

ilTestAccess::checkManageParticipantsAccess ( )
Returns
bool

Definition at line 104 of file class.ilTestAccess.php.

104 : bool
105 {
106 if ($this->getAccess()->checkAccess('write', '', $this->getRefId())) {
107 return true;
108 }
109
110 if (!$this->getAccess()->checkAccess('read', '', $this->getRefId())) {
111 return false;
112 }
113
114 if ($this->getAccess()->checkPositionAccess(ilOrgUnitOperation::OP_MANAGE_PARTICIPANTS, $this->getRefId())) {
115 return true;
116 }
117
118 return false;
119 }

References getAccess(), getRefId(), and ilOrgUnitOperation\OP_MANAGE_PARTICIPANTS.

+ Here is the call graph for this function:

◆ checkOtherParticipantsLearningProgressAccess()

ilTestAccess::checkOtherParticipantsLearningProgressAccess ( )

Definition at line 146 of file class.ilTestAccess.php.

146 : bool
147 {
148 if ($this->getAccess()->checkAccess('write', '', $this->getRefId())) {
149 return true;
150 }
151
152 if ($this->getAccess()->checkRbacOrPositionPermissionAccess(
153 'read_learning_progress',
154 ilOrgUnitOperation::OP_READ_LEARNING_PROGRESS,
155 $this->getRefId()
156 )) {
157 return true;
158 }
159
160 return false;
161 }

References getAccess(), getRefId(), and ilOrgUnitOperation\OP_READ_LEARNING_PROGRESS.

+ Here is the call graph for this function:

◆ checkParticipantsResultsAccess()

ilTestAccess::checkParticipantsResultsAccess ( )

Definition at line 121 of file class.ilTestAccess.php.

121 : bool
122 {
123 if ($this->getAccess()->checkAccess('write', '', $this->getRefId())) {
124 return true;
125 }
126
127 if ($this->getAccess()->checkAccess('tst_results', '', $this->getRefId())) {
128 return true;
129 }
130
131 if (!$this->getAccess()->checkAccess('read', '', $this->getRefId())) {
132 return false;
133 }
134
135 if ($this->getAccess()->checkPositionAccess(ilOrgUnitOperation::OP_MANAGE_PARTICIPANTS, $this->getRefId())) {
136 return true;
137 }
138
139 if ($this->getAccess()->checkPositionAccess(ilOrgUnitOperation::OP_ACCESS_RESULTS, $this->getRefId())) {
140 return true;
141 }
142
143 return false;
144 }

References getAccess(), getRefId(), ilOrgUnitOperation\OP_ACCESS_RESULTS, and ilOrgUnitOperation\OP_MANAGE_PARTICIPANTS.

+ Here is the call graph for this function:

◆ checkResultsAccessForActiveId()

ilTestAccess::checkResultsAccessForActiveId ( int  $active_id,
int  $test_id 
)

Definition at line 173 of file class.ilTestAccess.php.

173 : bool
174 {
175 $access_filter = $this->participant_access_filter->getAccessResultsUserFilter($this->getRefId());
176 return $this->checkAccessForActiveId($access_filter, $active_id, $test_id);
177 }
ilTestAccess\checkAccessForActiveId
checkAccessForActiveId(Closure $access_filter, int $active_id, int $test_id)
Definition: class.ilTestAccess.php:163

References checkAccessForActiveId(), and getRefId().

+ Here is the call graph for this function:

◆ checkScoreParticipantsAccess()

ilTestAccess::checkScoreParticipantsAccess ( )
Returns
bool

Definition at line 85 of file class.ilTestAccess.php.

85 : bool
86 {
87 if (!$this->getAccess()->checkAccess('read', '', $this->getRefId())) {
88 return false;
89 }
90 return
91 $this->getAccess()->checkAccess('write', '', $this->getRefId())
92 || $this->getAccess()->checkPositionAccess(ilOrgUnitOperation::OP_SCORE_PARTICIPANTS, $this->getRefId())
93 ;
94 }

References getAccess(), getRefId(), and ilOrgUnitOperation\OP_SCORE_PARTICIPANTS.

+ Here is the call graph for this function:

◆ checkScoreParticipantsAccessAnon()

ilTestAccess::checkScoreParticipantsAccessAnon ( )

Definition at line 96 of file class.ilTestAccess.php.

96 : bool
97 {
98 return $this->getAccess()->checkAccess('score_anon', '', $this->getRefId());
99 }

References getAccess(), and getRefId().

+ Here is the call graph for this function:

◆ checkScoreParticipantsAccessForActiveId()

ilTestAccess::checkScoreParticipantsAccessForActiveId ( int  $active_id,
int  $test_id 
)

Definition at line 179 of file class.ilTestAccess.php.

179 : bool
180 {
181 $access_filter = $this->participant_access_filter->getScoreParticipantsUserFilter($this->getRefId());
182 return $this->checkAccessForActiveId($access_filter, $active_id, $test_id);
183 }

References checkAccessForActiveId(), and getRefId().

+ Here is the call graph for this function:

◆ getAccess()

ilTestAccess::getAccess ( )

Definition at line 59 of file class.ilTestAccess.php.

59 : ilAccessHandler
60 {
61 return $this->access;
62 }
ilTestAccess\$access
ilAccessHandler $access
Definition: class.ilTestAccess.php:38
ilAccessHandler
Interface ilAccessHandler This interface combines all available interfaces which can be called via gl...
Definition: interface.ilAccessHandler.php:27

References $access.

Referenced by checkCorrectionsAccess(), checkManageParticipantsAccess(), checkOtherParticipantsLearningProgressAccess(), checkParticipantsResultsAccess(), checkScoreParticipantsAccess(), and checkScoreParticipantsAccessAnon().

+ Here is the caller graph for this function:

◆ getRefId()

ilTestAccess::getRefId ( )

Definition at line 69 of file class.ilTestAccess.php.

69 : int
70 {
71 return $this->ref_id;
72 }
$ref_id
$ref_id
Definition: ltiauth.php:66

References $ref_id.

Referenced by checkCorrectionsAccess(), checkManageParticipantsAccess(), checkOtherParticipantsLearningProgressAccess(), checkParticipantsResultsAccess(), checkResultsAccessForActiveId(), checkScoreParticipantsAccess(), checkScoreParticipantsAccessAnon(), checkScoreParticipantsAccessForActiveId(), and isParticipantAllowed().

+ Here is the caller graph for this function:

◆ isIpAllowedToAccessTest()

ilTestAccess::isIpAllowedToAccessTest ( string  $ip,
SettingsAccess  $access_settings 
)
private

Definition at line 248 of file class.ilTestAccess.php.

251 : bool {
252 if (!$access_settings->isIpRangeEnabled()) {
253 return true;
254 }
255
256 $range_start = $access_settings->getIpRangeFrom();
257 $range_end = $access_settings->getIpRangeTo();
258
259 if ($this->isIpTypeOf(FILTER_FLAG_IPV4, $ip, $range_start, $range_end)) {
260 return $this->isIpv4Between($ip, $range_start, $range_end);
261 }
262
263 if ($this->isIpTypeOf(FILTER_FLAG_IPV6, $ip, $range_start, $range_end)) {
264 return $this->isIpv6Between($ip, $range_start, $range_end);
265 }
266
267 return false;
268 }
ilTestAccess\isIpv6Between
isIpv6Between(string $ip, string $range_start, string $range_end)
Definition: class.ilTestAccess.php:283
ilTestAccess\isIpTypeOf
isIpTypeOf(int $ip_type_flag, string $ip, string $range_start, string $range_end)
Definition: class.ilTestAccess.php:270
ilTestAccess\isIpv4Between
isIpv4Between(string $ip, string $range_start, string $range_end)
Definition: class.ilTestAccess.php:277

Referenced by isParticipantAllowed().

+ Here is the caller graph for this function:

◆ isIpTypeOf()

ilTestAccess::isIpTypeOf ( int  $ip_type_flag,
string  $ip,
string  $range_start,
string  $range_end 
)
private

Definition at line 270 of file class.ilTestAccess.php.

270 : bool
271 {
272 return filter_var($ip, FILTER_VALIDATE_IP, $ip_type_flag) !== false
273 && filter_var($range_start, FILTER_VALIDATE_IP, $ip_type_flag) !== false
274 && filter_var($range_end, FILTER_VALIDATE_IP, $ip_type_flag) !== false;
275 }

◆ isIpv4Between()

ilTestAccess::isIpv4Between ( string  $ip,
string  $range_start,
string  $range_end 
)
private

Definition at line 277 of file class.ilTestAccess.php.

277 : bool
278 {
279 return ip2long($range_start) <= ip2long($ip)
280 && ip2long($ip) <= ip2long($range_end);
281 }

◆ isIpv6Between()

ilTestAccess::isIpv6Between ( string  $ip,
string  $range_start,
string  $range_end 
)
private

Definition at line 283 of file class.ilTestAccess.php.

283 : bool
284 {
285 return bin2hex(inet_pton($range_start)) <= bin2hex(inet_pton($ip))
286 && bin2hex(inet_pton($ip)) <= bin2hex(inet_pton($range_end));
287 }

◆ isParticipantAllowed()

ilTestAccess::isParticipantAllowed ( int  $obj_id,
int  $user_id 
)

Definition at line 185 of file class.ilTestAccess.php.

185 : ParticipantAccess
186 {
187 try {
188 $access_settings = $this->main_settings_repository->getForObjFi($obj_id)
189 ->getAccessSettings();
190 } catch (\Exception $e) {
191 return ParticipantAccess::BROKEN_TEST;
192 }
193
194 $participant = $this->participant_repository->getParticipantByUserId(
195 ilObjTest::_getTestIDFromObjectID(
196 ilObjTest::_lookupObjId($this->getRefId())
197 ),
198 $user_id
199 );
200
201 if ($access_settings->getFixedParticipants()
202 && ($participant === null || !$participant->isInvitedParticipant())) {
203 return ParticipantAccess::NOT_INVITED;
204 }
205
206 $ip = $_SERVER['REMOTE_ADDR'];
207
208 $allowed_individual = $this->isParticipantExplicitelyAllowedByIndividualIPRange($participant, $ip);
209 if ($allowed_individual === false) {
210 return ParticipantAccess::INDIVIDUAL_CLIENT_IP_MISMATCH;
211 }
212
213
214 if ($allowed_individual === true
215 || !$access_settings->isIpRangeEnabled()) {
216 return ParticipantAccess::ALLOWED;
217 }
218
219 if (!$this->isIpAllowedToAccessTest($ip, $access_settings)) {
220 return ParticipantAccess::TEST_LEVEL_CLIENT_IP_MISMATCH;
221 }
222
223 return ParticipantAccess::ALLOWED;
224 }
ilObjTest\_getTestIDFromObjectID
static _getTestIDFromObjectID($object_id)
Returns the ILIAS test id for a given object id.
Definition: class.ilObjTest.php:4189
ilObject\_lookupObjId
static _lookupObjId(int $ref_id)
Definition: class.ilObject.php:940
ilTestAccess\isParticipantExplicitelyAllowedByIndividualIPRange
isParticipantExplicitelyAllowedByIndividualIPRange(?Participant $participant, string $ip)
Definition: class.ilTestAccess.php:226
ilTestAccess\isIpAllowedToAccessTest
isIpAllowedToAccessTest(string $ip, SettingsAccess $access_settings)
Definition: class.ilTestAccess.php:248
$_SERVER
$_SERVER['HTTP_HOST']
Definition: raiseError.php:26

References $_SERVER, Vendor\Package\$e, ilObjTest\_getTestIDFromObjectID(), ilObject\_lookupObjId(), getRefId(), isIpAllowedToAccessTest(), and isParticipantExplicitelyAllowedByIndividualIPRange().

+ Here is the call graph for this function:

◆ isParticipantExplicitelyAllowedByIndividualIPRange()

ilTestAccess::isParticipantExplicitelyAllowedByIndividualIPRange ( ?Participant  $participant,
string  $ip 
)
private

Definition at line 226 of file class.ilTestAccess.php.

229 : ?bool {
230 $range_start = $participant?->getClientIpFrom();
231 $range_end = $participant?->getClientIpTo();
232
233 if ($range_start === null && $range_end === null) {
234 return null;
235 }
236
237 if ($this->isIpTypeOf(FILTER_FLAG_IPV4, $ip, $range_start, $range_end)) {
238 return $this->isIpv4Between($ip, $range_start, $range_end);
239 }
240
241 if ($this->isIpTypeOf(FILTER_FLAG_IPV6, $ip, $range_start, $range_end)) {
242 return $this->isIpv6Between($ip, $range_start, $range_end);
243 }
244
245 return false;
246 }

Referenced by isParticipantAllowed().

+ Here is the caller graph for this function:

◆ setAccess()

ilTestAccess::setAccess ( ilAccessHandler  $access)

Definition at line 64 of file class.ilTestAccess.php.

65 {
66 $this->access = $access;
67 }

References $access, and ILIAS\Repository\access().

+ Here is the call graph for this function:

Field Documentation

◆ $access

ilAccessHandler ilTestAccess::$access
protected

Definition at line 38 of file class.ilTestAccess.php.

Referenced by getAccess(), and setAccess().

◆ $db

ilDBInterface ilTestAccess::$db
protected

Definition at line 39 of file class.ilTestAccess.php.

◆ $lng

ilLanguage ilTestAccess::$lng
protected

Definition at line 40 of file class.ilTestAccess.php.

◆ $main_settings_repository

MainSettingsDatabaseRepository ilTestAccess::$main_settings_repository
protected

Definition at line 41 of file class.ilTestAccess.php.

◆ $participant_access_filter

ilTestParticipantAccessFilterFactory ilTestAccess::$participant_access_filter
protected

Definition at line 43 of file class.ilTestAccess.php.

◆ $participant_repository

ParticipantRepository ilTestAccess::$participant_repository
protected

Definition at line 44 of file class.ilTestAccess.php.

The documentation for this class was generated from the following file: