ILIAS  trunk Revision v11.0_alpha-1861-g09f3d197f78
All Data Structures Namespaces Files Functions Variables Enumerations Enumerator Modules Pages
Public Member Functions | Protected Member Functions | Protected Attributes | Private Member Functions
ilTestAccess Class Reference
+ Collaboration diagram for ilTestAccess:

Public Member Functions

 getAccess ()
 
 setAccess (ilAccessHandler $access)
 
 getRefId ()
 
 checkCorrectionsAccess ()
 
 checkScoreParticipantsAccess ()
 
 checkManageParticipantsAccess ()
 
 checkParticipantsResultsAccess ()
 
 checkResultsAccessForActiveId (int $active_id, int $test_id)
 
 checkScoreParticipantsAccessForActiveId (int $active_id, int $test_id)
 
 isParticipantAllowed (int $obj_id, int $user_id)
 

Protected Member Functions

 checkAccessForActiveId (Closure $access_filter, int $active_id, int $test_id)
 

Protected Attributes

ilAccessHandler $access
 
ilDBInterface $db
 
ilLanguage $lng
 
MainSettingsDatabaseRepository $main_settings_repository
 
ilTestParticipantAccessFilterFactory $participant_access_filter
 
ParticipantRepository $participant_repository
 

Private Member Functions

 isParticipantExplicitelyAllowedByIndividualIPRange (?Participant $participant, string $ip)
 
 isIpAllowedToAccessTest (string $ip, SettingsAccess $access_settings)
 
 isIpTypeOf (int $ip_type_flag, string $ip, string $range_start, string $range_end)
 
 isIpv4Between (string $ip, string $range_start, string $range_end)
 
 isIpv6Between (string $ip, string $range_start, string $range_end)
 

Detailed Description

Definition at line 36 of file class.ilTestAccess.php.

Member Function Documentation

◆ checkAccessForActiveId()

ilTestAccess::checkAccessForActiveId ( Closure  $access_filter,
int  $active_id,
int  $test_id 
)
protected

Definition at line 138 of file class.ilTestAccess.php.

References ILIAS\Repository\lng().

Referenced by checkResultsAccessForActiveId(), and checkScoreParticipantsAccessForActiveId().

138  : bool
139  {
140  $participantData = new ilTestParticipantData($this->db, $this->lng);
141  $participantData->setActiveIdsFilter([$active_id]);
142  $participantData->setParticipantAccessFilter($access_filter);
143  $participantData->load($test_id);
144 
145  return in_array($active_id, $participantData->getActiveIds());
146  }
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ checkCorrectionsAccess()

ilTestAccess::checkCorrectionsAccess ( )
Returns
bool

Definition at line 77 of file class.ilTestAccess.php.

References getAccess(), and getRefId().

77  : bool
78  {
79  return $this->getAccess()->checkAccess('write', '', $this->getRefId());
80  }
+ Here is the call graph for this function:

◆ checkManageParticipantsAccess()

ilTestAccess::checkManageParticipantsAccess ( )
Returns
bool

Definition at line 101 of file class.ilTestAccess.php.

References getAccess(), getRefId(), and ilOrgUnitOperation\OP_MANAGE_PARTICIPANTS.

101  : bool
102  {
103  if ($this->getAccess()->checkAccess('write', '', $this->getRefId())) {
104  return true;
105  }
106 
107  if ($this->getAccess()->checkPositionAccess(ilOrgUnitOperation::OP_MANAGE_PARTICIPANTS, $this->getRefId())) {
108  return true;
109  }
110 
111  return false;
112  }
+ Here is the call graph for this function:

◆ checkParticipantsResultsAccess()

ilTestAccess::checkParticipantsResultsAccess ( )
Returns
bool

Definition at line 117 of file class.ilTestAccess.php.

References getAccess(), getRefId(), ilOrgUnitOperation\OP_ACCESS_RESULTS, and ilOrgUnitOperation\OP_MANAGE_PARTICIPANTS.

117  : bool
118  {
119  if ($this->getAccess()->checkAccess('write', '', $this->getRefId())) {
120  return true;
121  }
122 
123  if ($this->getAccess()->checkAccess('tst_results', '', $this->getRefId())) {
124  return true;
125  }
126 
127  if ($this->getAccess()->checkPositionAccess(ilOrgUnitOperation::OP_MANAGE_PARTICIPANTS, $this->getRefId())) {
128  return true;
129  }
130 
131  if ($this->getAccess()->checkPositionAccess(ilOrgUnitOperation::OP_ACCESS_RESULTS, $this->getRefId())) {
132  return true;
133  }
134 
135  return false;
136  }
+ Here is the call graph for this function:

◆ checkResultsAccessForActiveId()

ilTestAccess::checkResultsAccessForActiveId ( int  $active_id,
int  $test_id 
)

Definition at line 148 of file class.ilTestAccess.php.

References checkAccessForActiveId(), and getRefId().

148  : bool
149  {
150  $access_filter = $this->participant_access_filter->getAccessResultsUserFilter($this->getRefId());
151  return $this->checkAccessForActiveId($access_filter, $active_id, $test_id);
152  }
ilTestAccess\checkAccessForActiveId
checkAccessForActiveId(Closure $access_filter, int $active_id, int $test_id)
Definition: class.ilTestAccess.php:138
+ Here is the call graph for this function:

◆ checkScoreParticipantsAccess()

ilTestAccess::checkScoreParticipantsAccess ( )
Returns
bool

Definition at line 85 of file class.ilTestAccess.php.

References getAccess(), getRefId(), and ilOrgUnitOperation\OP_SCORE_PARTICIPANTS.

85  : bool
86  {
87  if ($this->getAccess()->checkAccess('write', '', $this->getRefId())) {
88  return true;
89  }
90 
91  if ($this->getAccess()->checkPositionAccess(ilOrgUnitOperation::OP_SCORE_PARTICIPANTS, $this->getRefId())) {
92  return true;
93  }
94 
95  return false;
96  }
+ Here is the call graph for this function:

◆ checkScoreParticipantsAccessForActiveId()

ilTestAccess::checkScoreParticipantsAccessForActiveId ( int  $active_id,
int  $test_id 
)

Definition at line 154 of file class.ilTestAccess.php.

References checkAccessForActiveId(), and getRefId().

154  : bool
155  {
156  $access_filter = $this->participant_access_filter->getScoreParticipantsUserFilter($this->getRefId());
157  return $this->checkAccessForActiveId($access_filter, $active_id, $test_id);
158  }
ilTestAccess\checkAccessForActiveId
checkAccessForActiveId(Closure $access_filter, int $active_id, int $test_id)
Definition: class.ilTestAccess.php:138
+ Here is the call graph for this function:

◆ getAccess()

ilTestAccess::getAccess ( )

Definition at line 59 of file class.ilTestAccess.php.

References $access.

Referenced by checkCorrectionsAccess(), checkManageParticipantsAccess(), checkParticipantsResultsAccess(), and checkScoreParticipantsAccess().

59  : ilAccessHandler
60  {
61  return $this->access;
62  }
ilTestAccess\$access
ilAccessHandler $access
Definition: class.ilTestAccess.php:38
+ Here is the caller graph for this function:

◆ getRefId()

ilTestAccess::getRefId ( )

Definition at line 69 of file class.ilTestAccess.php.

References $ref_id.

Referenced by checkCorrectionsAccess(), checkManageParticipantsAccess(), checkParticipantsResultsAccess(), checkResultsAccessForActiveId(), checkScoreParticipantsAccess(), checkScoreParticipantsAccessForActiveId(), and isParticipantAllowed().

69  : int
70  {
71  return $this->ref_id;
72  }
$ref_id
$ref_id
Definition: ltiauth.php:65
+ Here is the caller graph for this function:

◆ isIpAllowedToAccessTest()

ilTestAccess::isIpAllowedToAccessTest ( string  $ip,
SettingsAccess  $access_settings 
)
private

Definition at line 223 of file class.ilTestAccess.php.

References ILIAS\Test\Settings\MainSettings\SettingsAccess\getIpRangeFrom(), ILIAS\Test\Settings\MainSettings\SettingsAccess\getIpRangeTo(), ILIAS\Test\Settings\MainSettings\SettingsAccess\isIpRangeEnabled(), isIpTypeOf(), isIpv4Between(), and isIpv6Between().

Referenced by isParticipantAllowed().

226  : bool {
227  if (!$access_settings->isIpRangeEnabled()) {
228  return true;
229  }
230 
231  $range_start = $access_settings->getIpRangeFrom();
232  $range_end = $access_settings->getIpRangeTo();
233 
234  if ($this->isIpTypeOf(FILTER_FLAG_IPV4, $ip, $range_start, $range_end)) {
235  return $this->isIpv4Between($ip, $range_start, $range_end);
236  }
237 
238  if ($this->isIpTypeOf(FILTER_FLAG_IPV6, $ip, $range_start, $range_end)) {
239  return $this->isIpv6Between($ip, $range_start, $range_end);
240  }
241 
242  return false;
243  }
ilTestAccess\isIpTypeOf
isIpTypeOf(int $ip_type_flag, string $ip, string $range_start, string $range_end)
Definition: class.ilTestAccess.php:245
ilTestAccess\isIpv4Between
isIpv4Between(string $ip, string $range_start, string $range_end)
Definition: class.ilTestAccess.php:252
ilTestAccess\isIpv6Between
isIpv6Between(string $ip, string $range_start, string $range_end)
Definition: class.ilTestAccess.php:258
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isIpTypeOf()

ilTestAccess::isIpTypeOf ( int  $ip_type_flag,
string  $ip,
string  $range_start,
string  $range_end 
)
private

Definition at line 245 of file class.ilTestAccess.php.

Referenced by isIpAllowedToAccessTest(), and isParticipantExplicitelyAllowedByIndividualIPRange().

245  : bool
246  {
247  return filter_var($ip, FILTER_VALIDATE_IP, $ip_type_flag) !== false
248  && filter_var($range_start, FILTER_VALIDATE_IP, $ip_type_flag) !== false
249  && filter_var($range_end, FILTER_VALIDATE_IP, $ip_type_flag) !== false;
250  }
+ Here is the caller graph for this function:

◆ isIpv4Between()

ilTestAccess::isIpv4Between ( string  $ip,
string  $range_start,
string  $range_end 
)
private

Definition at line 252 of file class.ilTestAccess.php.

Referenced by isIpAllowedToAccessTest(), and isParticipantExplicitelyAllowedByIndividualIPRange().

252  : bool
253  {
254  return ip2long($range_start) <= ip2long($ip)
255  && ip2long($ip) <= ip2long($range_end);
256  }
+ Here is the caller graph for this function:

◆ isIpv6Between()

ilTestAccess::isIpv6Between ( string  $ip,
string  $range_start,
string  $range_end 
)
private

Definition at line 258 of file class.ilTestAccess.php.

Referenced by isIpAllowedToAccessTest(), and isParticipantExplicitelyAllowedByIndividualIPRange().

258  : bool
259  {
260  return bin2hex(inet_pton($range_start)) <= bin2hex(inet_pton($ip))
261  && bin2hex(inet_pton($ip)) <= bin2hex(inet_pton($range_end));
262  }
+ Here is the caller graph for this function:

◆ isParticipantAllowed()

ilTestAccess::isParticipantAllowed ( int  $obj_id,
int  $user_id 
)

Definition at line 160 of file class.ilTestAccess.php.

References $_SERVER, Vendor\Package\$e, ilObjTest\_getTestIDFromObjectID(), ilObject\_lookupObjId(), getRefId(), isIpAllowedToAccessTest(), isParticipantExplicitelyAllowedByIndividualIPRange(), and null.

160  : ParticipantAccess
161  {
162  try {
163  $access_settings = $this->main_settings_repository->getForObjFi($obj_id)
164  ->getAccessSettings();
165  } catch (\Exception $e) {
166  return ParticipantAccess::BROKEN_TEST;
167  }
168 
169  $participant = $this->participant_repository->getParticipantByUserId(
170  ilObjTest::_getTestIDFromObjectID(
171  ilObjTest::_lookupObjId($this->getRefId())
172  ),
173  $user_id
174  );
175 
176  if ($access_settings->getFixedParticipants()
177  && ($participant === null || !$participant->isInvitedParticipant())) {
178  return ParticipantAccess::NOT_INVITED;
179  }
180 
181  $ip = $_SERVER['REMOTE_ADDR'];
182 
183  $allowed_individual = $this->isParticipantExplicitelyAllowedByIndividualIPRange($participant, $ip);
184  if ($allowed_individual === false) {
185  return ParticipantAccess::INDIVIDUAL_CLIENT_IP_MISMATCH;
186  }
187 
188 
189  if ($allowed_individual === true
190  || !$access_settings->isIpRangeEnabled()) {
191  return ParticipantAccess::ALLOWED;
192  }
193 
194  if (!$this->isIpAllowedToAccessTest($ip, $access_settings)) {
195  return ParticipantAccess::TEST_LEVEL_CLIENT_IP_MISMATCH;
196  }
197 
198  return ParticipantAccess::ALLOWED;
199  }
ilObject\_lookupObjId
static _lookupObjId(int $ref_id)
Definition: class.ilObject.php:923
null
while($session_entry=$r->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) return null
Definition: shib_logout.php:142
ilTestAccess\isParticipantExplicitelyAllowedByIndividualIPRange
isParticipantExplicitelyAllowedByIndividualIPRange(?Participant $participant, string $ip)
Definition: class.ilTestAccess.php:201
$_SERVER
$_SERVER['HTTP_HOST']
Definition: raiseError.php:26
ilObjTest\_getTestIDFromObjectID
static _getTestIDFromObjectID($object_id)
Returns the ILIAS test id for a given object id.
Definition: class.ilObjTest.php:4300
ilTestAccess\isIpAllowedToAccessTest
isIpAllowedToAccessTest(string $ip, SettingsAccess $access_settings)
Definition: class.ilTestAccess.php:223
+ Here is the call graph for this function:

◆ isParticipantExplicitelyAllowedByIndividualIPRange()

ilTestAccess::isParticipantExplicitelyAllowedByIndividualIPRange ( ?Participant  $participant,
string  $ip 
)
private

Definition at line 201 of file class.ilTestAccess.php.

References ILIAS\Test\Participants\Participant\getClientIpFrom(), ILIAS\Test\Participants\Participant\getClientIpTo(), isIpTypeOf(), isIpv4Between(), isIpv6Between(), and null.

Referenced by isParticipantAllowed().

204  : ?bool {
205  $range_start = $participant?->getClientIpFrom();
206  $range_end = $participant?->getClientIpTo();
207 
208  if ($range_start === null && $range_end === null) {
209  return null;
210  }
211 
212  if ($this->isIpTypeOf(FILTER_FLAG_IPV4, $ip, $range_start, $range_end)) {
213  return $this->isIpv4Between($ip, $range_start, $range_end);
214  }
215 
216  if ($this->isIpTypeOf(FILTER_FLAG_IPV6, $ip, $range_start, $range_end)) {
217  return !$this->isIpv6Between($ip, $range_start, $range_end);
218  }
219 
220  return false;
221  }
ilTestAccess\isIpTypeOf
isIpTypeOf(int $ip_type_flag, string $ip, string $range_start, string $range_end)
Definition: class.ilTestAccess.php:245
null
while($session_entry=$r->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) return null
Definition: shib_logout.php:142
ilTestAccess\isIpv4Between
isIpv4Between(string $ip, string $range_start, string $range_end)
Definition: class.ilTestAccess.php:252
ilTestAccess\isIpv6Between
isIpv6Between(string $ip, string $range_start, string $range_end)
Definition: class.ilTestAccess.php:258
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ setAccess()

ilTestAccess::setAccess ( ilAccessHandler  $access)

Definition at line 64 of file class.ilTestAccess.php.

References $access, and ILIAS\Repository\access().

65  {
66  $this->access = $access;
67  }
ilTestAccess\$access
ilAccessHandler $access
Definition: class.ilTestAccess.php:38
+ Here is the call graph for this function:

Field Documentation

◆ $access

ilAccessHandler ilTestAccess::$access
protected

Definition at line 38 of file class.ilTestAccess.php.

Referenced by getAccess(), and setAccess().

◆ $db

ilDBInterface ilTestAccess::$db
protected

Definition at line 39 of file class.ilTestAccess.php.

◆ $lng

ilLanguage ilTestAccess::$lng
protected

Definition at line 40 of file class.ilTestAccess.php.

◆ $main_settings_repository

MainSettingsDatabaseRepository ilTestAccess::$main_settings_repository
protected

Definition at line 41 of file class.ilTestAccess.php.

◆ $participant_access_filter

ilTestParticipantAccessFilterFactory ilTestAccess::$participant_access_filter
protected

Definition at line 43 of file class.ilTestAccess.php.

◆ $participant_repository

ParticipantRepository ilTestAccess::$participant_repository
protected

Definition at line 44 of file class.ilTestAccess.php.

The documentation for this class was generated from the following file: