ILIAS  trunk Revision v11.0_alpha-2638-g80c1d007f79
Public Member Functions | Protected Member Functions | Protected Attributes | Private Member Functions
ilTestAccess Class Reference
+ Collaboration diagram for ilTestAccess:

Public Member Functions

 getAccess ()
 
 setAccess (ilAccessHandler $access)
 
 getRefId ()
 
 checkCorrectionsAccess ()
 
 checkScoreParticipantsAccess ()
 
 checkScoreParticipantsAccessAnon ()
 
 checkManageParticipantsAccess ()
 
 checkParticipantsResultsAccess ()
 
 checkOtherParticipantsLearningProgressAccess ()
 
 checkResultsAccessForActiveId (int $active_id, int $test_id)
 
 checkScoreParticipantsAccessForActiveId (int $active_id, int $test_id)
 
 isParticipantAllowed (int $obj_id, int $user_id)
 

Protected Member Functions

 checkAccessForActiveId (Closure $access_filter, int $active_id, int $test_id)
 

Protected Attributes

ilAccessHandler $access
 
ilDBInterface $db
 
ilLanguage $lng
 
MainSettingsDatabaseRepository $main_settings_repository
 
ilTestParticipantAccessFilterFactory $participant_access_filter
 
ParticipantRepository $participant_repository
 

Private Member Functions

 isParticipantExplicitelyAllowedByIndividualIPRange (?Participant $participant, string $ip)
 
 isIpAllowedToAccessTest (string $ip, SettingsAccess $access_settings)
 
 isIpTypeOf (int $ip_type_flag, string $ip, string $range_start, string $range_end)
 
 isIpv4Between (string $ip, string $range_start, string $range_end)
 
 isIpv6Between (string $ip, string $range_start, string $range_end)
 

Detailed Description

Definition at line 36 of file class.ilTestAccess.php.

Member Function Documentation

◆ checkAccessForActiveId()

ilTestAccess::checkAccessForActiveId ( Closure  $access_filter,
int  $active_id,
int  $test_id 
)
protected

Definition at line 163 of file class.ilTestAccess.php.

References ILIAS\Repository\lng().

Referenced by checkResultsAccessForActiveId(), and checkScoreParticipantsAccessForActiveId().

163  : bool
164  {
165  $participantData = new ilTestParticipantData($this->db, $this->lng);
166  $participantData->setActiveIdsFilter([$active_id]);
167  $participantData->setParticipantAccessFilter($access_filter);
168  $participantData->load($test_id);
169 
170  return in_array($active_id, $participantData->getActiveIds());
171  }
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ checkCorrectionsAccess()

ilTestAccess::checkCorrectionsAccess ( )
Returns
bool

Definition at line 77 of file class.ilTestAccess.php.

References getAccess(), and getRefId().

77  : bool
78  {
79  return $this->getAccess()->checkAccess('write', '', $this->getRefId());
80  }
+ Here is the call graph for this function:

◆ checkManageParticipantsAccess()

ilTestAccess::checkManageParticipantsAccess ( )
Returns
bool

Definition at line 104 of file class.ilTestAccess.php.

References getAccess(), getRefId(), and ilOrgUnitOperation\OP_MANAGE_PARTICIPANTS.

104  : bool
105  {
106  if ($this->getAccess()->checkAccess('write', '', $this->getRefId())) {
107  return true;
108  }
109 
110  if (!$this->getAccess()->checkAccess('read', '', $this->getRefId())) {
111  return false;
112  }
113 
114  if ($this->getAccess()->checkPositionAccess(ilOrgUnitOperation::OP_MANAGE_PARTICIPANTS, $this->getRefId())) {
115  return true;
116  }
117 
118  return false;
119  }
+ Here is the call graph for this function:

◆ checkOtherParticipantsLearningProgressAccess()

ilTestAccess::checkOtherParticipantsLearningProgressAccess ( )

Definition at line 146 of file class.ilTestAccess.php.

References getAccess(), getRefId(), and ilOrgUnitOperation\OP_READ_LEARNING_PROGRESS.

146  : bool
147  {
148  if ($this->getAccess()->checkAccess('write', '', $this->getRefId())) {
149  return true;
150  }
151 
152  if ($this->getAccess()->checkRbacOrPositionPermissionAccess(
153  'read_learning_progress',
154  ilOrgUnitOperation::OP_READ_LEARNING_PROGRESS,
155  $this->getRefId()
156  )) {
157  return true;
158  }
159 
160  return false;
161  }
+ Here is the call graph for this function:

◆ checkParticipantsResultsAccess()

ilTestAccess::checkParticipantsResultsAccess ( )

Definition at line 121 of file class.ilTestAccess.php.

References getAccess(), getRefId(), ilOrgUnitOperation\OP_ACCESS_RESULTS, and ilOrgUnitOperation\OP_MANAGE_PARTICIPANTS.

121  : bool
122  {
123  if ($this->getAccess()->checkAccess('write', '', $this->getRefId())) {
124  return true;
125  }
126 
127  if ($this->getAccess()->checkAccess('tst_results', '', $this->getRefId())) {
128  return true;
129  }
130 
131  if (!$this->getAccess()->checkAccess('read', '', $this->getRefId())) {
132  return false;
133  }
134 
135  if ($this->getAccess()->checkPositionAccess(ilOrgUnitOperation::OP_MANAGE_PARTICIPANTS, $this->getRefId())) {
136  return true;
137  }
138 
139  if ($this->getAccess()->checkPositionAccess(ilOrgUnitOperation::OP_ACCESS_RESULTS, $this->getRefId())) {
140  return true;
141  }
142 
143  return false;
144  }
+ Here is the call graph for this function:

◆ checkResultsAccessForActiveId()

ilTestAccess::checkResultsAccessForActiveId ( int  $active_id,
int  $test_id 
)

Definition at line 173 of file class.ilTestAccess.php.

References checkAccessForActiveId(), and getRefId().

173  : bool
174  {
175  $access_filter = $this->participant_access_filter->getAccessResultsUserFilter($this->getRefId());
176  return $this->checkAccessForActiveId($access_filter, $active_id, $test_id);
177  }
ilTestAccess\checkAccessForActiveId
checkAccessForActiveId(Closure $access_filter, int $active_id, int $test_id)
Definition: class.ilTestAccess.php:163
+ Here is the call graph for this function:

◆ checkScoreParticipantsAccess()

ilTestAccess::checkScoreParticipantsAccess ( )
Returns
bool

Definition at line 85 of file class.ilTestAccess.php.

References getAccess(), getRefId(), and ilOrgUnitOperation\OP_SCORE_PARTICIPANTS.

85  : bool
86  {
87  if (!$this->getAccess()->checkAccess('read', '', $this->getRefId())) {
88  return false;
89  }
90  return
91  $this->getAccess()->checkAccess('write', '', $this->getRefId())
92  || $this->getAccess()->checkPositionAccess(ilOrgUnitOperation::OP_SCORE_PARTICIPANTS, $this->getRefId())
93  ;
94  }
+ Here is the call graph for this function:

◆ checkScoreParticipantsAccessAnon()

ilTestAccess::checkScoreParticipantsAccessAnon ( )

Definition at line 96 of file class.ilTestAccess.php.

References getAccess(), and getRefId().

96  : bool
97  {
98  return $this->getAccess()->checkAccess('score_anon', '', $this->getRefId());
99  }
+ Here is the call graph for this function:

◆ checkScoreParticipantsAccessForActiveId()

ilTestAccess::checkScoreParticipantsAccessForActiveId ( int  $active_id,
int  $test_id 
)

Definition at line 179 of file class.ilTestAccess.php.

References checkAccessForActiveId(), and getRefId().

179  : bool
180  {
181  $access_filter = $this->participant_access_filter->getScoreParticipantsUserFilter($this->getRefId());
182  return $this->checkAccessForActiveId($access_filter, $active_id, $test_id);
183  }
ilTestAccess\checkAccessForActiveId
checkAccessForActiveId(Closure $access_filter, int $active_id, int $test_id)
Definition: class.ilTestAccess.php:163
+ Here is the call graph for this function:

◆ getAccess()

ilTestAccess::getAccess ( )

Definition at line 59 of file class.ilTestAccess.php.

References $access.

Referenced by checkCorrectionsAccess(), checkManageParticipantsAccess(), checkOtherParticipantsLearningProgressAccess(), checkParticipantsResultsAccess(), checkScoreParticipantsAccess(), and checkScoreParticipantsAccessAnon().

59  : ilAccessHandler
60  {
61  return $this->access;
62  }
ilTestAccess\$access
ilAccessHandler $access
Definition: class.ilTestAccess.php:38
+ Here is the caller graph for this function:

◆ getRefId()

ilTestAccess::getRefId ( )

Definition at line 69 of file class.ilTestAccess.php.

References $ref_id.

Referenced by checkCorrectionsAccess(), checkManageParticipantsAccess(), checkOtherParticipantsLearningProgressAccess(), checkParticipantsResultsAccess(), checkResultsAccessForActiveId(), checkScoreParticipantsAccess(), checkScoreParticipantsAccessAnon(), checkScoreParticipantsAccessForActiveId(), and isParticipantAllowed().

69  : int
70  {
71  return $this->ref_id;
72  }
$ref_id
$ref_id
Definition: ltiauth.php:65
+ Here is the caller graph for this function:

◆ isIpAllowedToAccessTest()

ilTestAccess::isIpAllowedToAccessTest ( string  $ip,
SettingsAccess  $access_settings 
)
private

Definition at line 248 of file class.ilTestAccess.php.

References ILIAS\Test\Settings\MainSettings\SettingsAccess\getIpRangeFrom(), ILIAS\Test\Settings\MainSettings\SettingsAccess\getIpRangeTo(), ILIAS\Test\Settings\MainSettings\SettingsAccess\isIpRangeEnabled(), isIpTypeOf(), isIpv4Between(), and isIpv6Between().

Referenced by isParticipantAllowed().

251  : bool {
252  if (!$access_settings->isIpRangeEnabled()) {
253  return true;
254  }
255 
256  $range_start = $access_settings->getIpRangeFrom();
257  $range_end = $access_settings->getIpRangeTo();
258 
259  if ($this->isIpTypeOf(FILTER_FLAG_IPV4, $ip, $range_start, $range_end)) {
260  return $this->isIpv4Between($ip, $range_start, $range_end);
261  }
262 
263  if ($this->isIpTypeOf(FILTER_FLAG_IPV6, $ip, $range_start, $range_end)) {
264  return $this->isIpv6Between($ip, $range_start, $range_end);
265  }
266 
267  return false;
268  }
ilTestAccess\isIpTypeOf
isIpTypeOf(int $ip_type_flag, string $ip, string $range_start, string $range_end)
Definition: class.ilTestAccess.php:270
ilTestAccess\isIpv4Between
isIpv4Between(string $ip, string $range_start, string $range_end)
Definition: class.ilTestAccess.php:277
ilTestAccess\isIpv6Between
isIpv6Between(string $ip, string $range_start, string $range_end)
Definition: class.ilTestAccess.php:283
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isIpTypeOf()

ilTestAccess::isIpTypeOf ( int  $ip_type_flag,
string  $ip,
string  $range_start,
string  $range_end 
)
private

Definition at line 270 of file class.ilTestAccess.php.

Referenced by isIpAllowedToAccessTest(), and isParticipantExplicitelyAllowedByIndividualIPRange().

270  : bool
271  {
272  return filter_var($ip, FILTER_VALIDATE_IP, $ip_type_flag) !== false
273  && filter_var($range_start, FILTER_VALIDATE_IP, $ip_type_flag) !== false
274  && filter_var($range_end, FILTER_VALIDATE_IP, $ip_type_flag) !== false;
275  }
+ Here is the caller graph for this function:

◆ isIpv4Between()

ilTestAccess::isIpv4Between ( string  $ip,
string  $range_start,
string  $range_end 
)
private

Definition at line 277 of file class.ilTestAccess.php.

Referenced by isIpAllowedToAccessTest(), and isParticipantExplicitelyAllowedByIndividualIPRange().

277  : bool
278  {
279  return ip2long($range_start) <= ip2long($ip)
280  && ip2long($ip) <= ip2long($range_end);
281  }
+ Here is the caller graph for this function:

◆ isIpv6Between()

ilTestAccess::isIpv6Between ( string  $ip,
string  $range_start,
string  $range_end 
)
private

Definition at line 283 of file class.ilTestAccess.php.

Referenced by isIpAllowedToAccessTest(), and isParticipantExplicitelyAllowedByIndividualIPRange().

283  : bool
284  {
285  return bin2hex(inet_pton($range_start)) <= bin2hex(inet_pton($ip))
286  && bin2hex(inet_pton($ip)) <= bin2hex(inet_pton($range_end));
287  }
+ Here is the caller graph for this function:

◆ isParticipantAllowed()

ilTestAccess::isParticipantAllowed ( int  $obj_id,
int  $user_id 
)

Definition at line 185 of file class.ilTestAccess.php.

References $_SERVER, Vendor\Package\$e, ilObjTest\_getTestIDFromObjectID(), ilObject\_lookupObjId(), getRefId(), isIpAllowedToAccessTest(), isParticipantExplicitelyAllowedByIndividualIPRange(), and null.

185  : ParticipantAccess
186  {
187  try {
188  $access_settings = $this->main_settings_repository->getForObjFi($obj_id)
189  ->getAccessSettings();
190  } catch (\Exception $e) {
191  return ParticipantAccess::BROKEN_TEST;
192  }
193 
194  $participant = $this->participant_repository->getParticipantByUserId(
195  ilObjTest::_getTestIDFromObjectID(
196  ilObjTest::_lookupObjId($this->getRefId())
197  ),
198  $user_id
199  );
200 
201  if ($access_settings->getFixedParticipants()
202  && ($participant === null || !$participant->isInvitedParticipant())) {
203  return ParticipantAccess::NOT_INVITED;
204  }
205 
206  $ip = $_SERVER['REMOTE_ADDR'];
207 
208  $allowed_individual = $this->isParticipantExplicitelyAllowedByIndividualIPRange($participant, $ip);
209  if ($allowed_individual === false) {
210  return ParticipantAccess::INDIVIDUAL_CLIENT_IP_MISMATCH;
211  }
212 
213 
214  if ($allowed_individual === true
215  || !$access_settings->isIpRangeEnabled()) {
216  return ParticipantAccess::ALLOWED;
217  }
218 
219  if (!$this->isIpAllowedToAccessTest($ip, $access_settings)) {
220  return ParticipantAccess::TEST_LEVEL_CLIENT_IP_MISMATCH;
221  }
222 
223  return ParticipantAccess::ALLOWED;
224  }
ilObject\_lookupObjId
static _lookupObjId(int $ref_id)
Definition: class.ilObject.php:931
null
while($session_entry=$r->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) return null
Definition: shib_logout.php:144
ilTestAccess\isParticipantExplicitelyAllowedByIndividualIPRange
isParticipantExplicitelyAllowedByIndividualIPRange(?Participant $participant, string $ip)
Definition: class.ilTestAccess.php:226
$_SERVER
$_SERVER['HTTP_HOST']
Definition: raiseError.php:26
ilObjTest\_getTestIDFromObjectID
static _getTestIDFromObjectID($object_id)
Returns the ILIAS test id for a given object id.
Definition: class.ilObjTest.php:4261
ilTestAccess\isIpAllowedToAccessTest
isIpAllowedToAccessTest(string $ip, SettingsAccess $access_settings)
Definition: class.ilTestAccess.php:248
+ Here is the call graph for this function:

◆ isParticipantExplicitelyAllowedByIndividualIPRange()

ilTestAccess::isParticipantExplicitelyAllowedByIndividualIPRange ( ?Participant  $participant,
string  $ip 
)
private

Definition at line 226 of file class.ilTestAccess.php.

References ILIAS\Test\Participants\Participant\getClientIpFrom(), ILIAS\Test\Participants\Participant\getClientIpTo(), isIpTypeOf(), isIpv4Between(), isIpv6Between(), and null.

Referenced by isParticipantAllowed().

229  : ?bool {
230  $range_start = $participant?->getClientIpFrom();
231  $range_end = $participant?->getClientIpTo();
232 
233  if ($range_start === null && $range_end === null) {
234  return null;
235  }
236 
237  if ($this->isIpTypeOf(FILTER_FLAG_IPV4, $ip, $range_start, $range_end)) {
238  return $this->isIpv4Between($ip, $range_start, $range_end);
239  }
240 
241  if ($this->isIpTypeOf(FILTER_FLAG_IPV6, $ip, $range_start, $range_end)) {
242  return $this->isIpv6Between($ip, $range_start, $range_end);
243  }
244 
245  return false;
246  }
ilTestAccess\isIpTypeOf
isIpTypeOf(int $ip_type_flag, string $ip, string $range_start, string $range_end)
Definition: class.ilTestAccess.php:270
null
while($session_entry=$r->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) return null
Definition: shib_logout.php:144
ilTestAccess\isIpv4Between
isIpv4Between(string $ip, string $range_start, string $range_end)
Definition: class.ilTestAccess.php:277
ilTestAccess\isIpv6Between
isIpv6Between(string $ip, string $range_start, string $range_end)
Definition: class.ilTestAccess.php:283
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ setAccess()

ilTestAccess::setAccess ( ilAccessHandler  $access)

Definition at line 64 of file class.ilTestAccess.php.

References $access, and ILIAS\Repository\access().

65  {
66  $this->access = $access;
67  }
ilTestAccess\$access
ilAccessHandler $access
Definition: class.ilTestAccess.php:38
+ Here is the call graph for this function:

Field Documentation

◆ $access

ilAccessHandler ilTestAccess::$access
protected

Definition at line 38 of file class.ilTestAccess.php.

Referenced by getAccess(), and setAccess().

◆ $db

ilDBInterface ilTestAccess::$db
protected

Definition at line 39 of file class.ilTestAccess.php.

◆ $lng

ilLanguage ilTestAccess::$lng
protected

Definition at line 40 of file class.ilTestAccess.php.

◆ $main_settings_repository

MainSettingsDatabaseRepository ilTestAccess::$main_settings_repository
protected

Definition at line 41 of file class.ilTestAccess.php.

◆ $participant_access_filter

ilTestParticipantAccessFilterFactory ilTestAccess::$participant_access_filter
protected

Definition at line 43 of file class.ilTestAccess.php.

◆ $participant_repository

ParticipantRepository ilTestAccess::$participant_repository
protected

Definition at line 44 of file class.ilTestAccess.php.

The documentation for this class was generated from the following file: