ILIAS  trunk Revision v11.0_alpha-3011-gc6b235a2e85
class.ilAdvancedMDPermissionHelper.php
Go to the documentation of this file.
1<?php
2
19declare(strict_types=1);
20
27class ilAdvancedMDPermissionHelper extends ilClaimingPermissionHelper
28{
29 public const CONTEXT_MD = 1;
30 public const CONTEXT_RECORD = 2;
31 public const CONTEXT_FIELD = 3;
32 public const CONTEXT_SUBSTITUTION = 4;
33 public const CONTEXT_SUBSTITUTION_COURSE = 5;
34 public const CONTEXT_SUBSTITUTION_CATEGORY = 6;
35 public const CONTEXT_SUBSTITUTION_SESSION = 7;
36 public const CONTEXT_SUBSTITUTION_IASS = 8;
37 public const CONTEXT_SUBSTITUTION_GROUP = 9;
38 public const CONTEXT_SUBSTITUTION_EXERCISE = 10;
39
40 public const CONTEXT_SUBSTITUTION_FILE = 11;
41 public const CONTEXT_SUBSTITUTION_PRG = 12;
42 public const CONTEXT_SUBSTITUTION_ORG_UNIT = 13;
43
44 public const ACTION_MD_CREATE_RECORD = 1;
45 public const ACTION_MD_IMPORT_RECORDS = 2;
46
47 public const ACTION_RECORD_EDIT = 5;
48 public const ACTION_RECORD_DELETE = 6;
49 public const ACTION_RECORD_EXPORT = 7;
50 public const ACTION_RECORD_TOGGLE_ACTIVATION = 8;
51 public const ACTION_RECORD_EDIT_PROPERTY = 9;
52 public const ACTION_RECORD_EDIT_FIELDS = 10;
53 public const ACTION_RECORD_CREATE_FIELD = 11;
54 public const ACTION_RECORD_FIELD_POSITIONS = 12;
55
56 public const ACTION_FIELD_EDIT = 13;
57 public const ACTION_FIELD_DELETE = 14;
58 public const ACTION_FIELD_EDIT_PROPERTY = 15;
59
60 public const ACTION_SUBSTITUTION_SHOW_DESCRIPTION = 16;
61 public const ACTION_SUBSTITUTION_SHOW_FIELDNAMES = 17;
62 public const ACTION_SUBSTITUTION_FIELD_POSITIONS = 18;
63
64 public const ACTION_SUBSTITUTION_COURSE_SHOW_FIELD = 19;
65 public const ACTION_SUBSTITUTION_COURSE_EDIT_FIELD_PROPERTY = 20;
66
67 public const ACTION_SUBSTITUTION_CATEGORY_SHOW_FIELD = 21;
68 public const ACTION_SUBSTITUTION_CATEGORY_EDIT_FIELD_PROPERTY = 22;
69
70 public const ACTION_SUBSTITUTION_SESSION_SHOW_FIELD = 23;
71 public const ACTION_SUBSTITUTION_SESSION_EDIT_FIELD_PROPERTY = 24;
72
73 public const ACTION_SUBSTITUTION_GROUP_SHOW_FIELD = 25;
74 public const ACTION_SUBSTITUTION_GROUP_EDIT_FIELD_PROPERTY = 26;
75
76 public const ACTION_SUBSTITUTION_IASS_SHOW_FIELD = 27;
77 public const ACTION_SUBSTITUTION_IASS_EDIT_FIELD_PROPERTY = 28;
78
79 public const ACTION_SUBSTITUTION_EXERCISE_SHOW_FIELD = 29;
80 public const ACTION_SUBSTITUTION_EXERCISE_EDIT_FIELD_PROPERTY = 30;
81
82 public const ACTION_SUBSTITUTION_FILE_SHOW_FIELD = 31;
83 public const ACTION_SUBSTITUTION_FILE_EDIT_FIELD_PROPERTY = 32;
84
85 public const ACTION_SUBSTITUTION_PRG_SHOW_FIELD = 33;
86 public const ACTION_SUBSTITUTION_PRG_EDIT_FIELD_PROPERTY = 34;
87
88 public const ACTION_SUBSTITUTION_ORG_UNIT_SHOW_FIELD = 35;
89 public const ACTION_SUBSTITUTION_ORG_UNIT_EDIT_FIELD_PROPERTY = 36;
90
91 public const SUBACTION_UNDEFINED = 0;
92 public const SUBACTION_RECORD_TITLE = 1;
93 public const SUBACTION_RECORD_DESCRIPTION = 2;
94 public const SUBACTION_RECORD_OBJECT_TYPES = 3;
95
96 public const SUBACTION_FIELD_TITLE = 4;
97 public const SUBACTION_FIELD_DESCRIPTION = 5;
98 public const SUBACTION_FIELD_SEARCHABLE = 6;
99 public const SUBACTION_FIELD_PROPERTIES = 7;
100
101 public const SUBACTION_SUBSTITUTION_BOLD = 8;
102 public const SUBACTION_SUBSTITUTION_NEWLINE = 9;
103
104 protected function readContextIds(int $a_context_type): array
105 {
106 global $DIC;
107
108 $ilDB = $DIC->database();
109
110 switch ($a_context_type) {
111 case self::CONTEXT_MD:
112 return array($this->ref_id);
113
114 case self::CONTEXT_RECORD:
115 $set = $ilDB->query("SELECT record_id id" .
116 " FROM adv_md_record");
117 break;
118
119 case self::CONTEXT_FIELD:
120 case self::CONTEXT_SUBSTITUTION_COURSE:
121 case self::CONTEXT_SUBSTITUTION_GROUP:
122 case self::CONTEXT_SUBSTITUTION_SESSION:
123 case self::CONTEXT_SUBSTITUTION_CATEGORY:
124 case self::CONTEXT_SUBSTITUTION_IASS:
125 case self::CONTEXT_SUBSTITUTION_EXERCISE:
126 case self::CONTEXT_SUBSTITUTION_FILE:
127 case self::CONTEXT_SUBSTITUTION_PRG:
128 case self::CONTEXT_SUBSTITUTION_ORG_UNIT:
129 $set = $ilDB->query("SELECT field_id id" .
130 " FROM adv_mdf_definition");
131 break;
132
133 case self::CONTEXT_SUBSTITUTION:
134 return $this->getAllowedObjectTypes();
135
136 default:
137 return array();
138 }
139
140 $res = array();
141 while ($row = $ilDB->fetchAssoc($set)) {
142 $res[] = (int) $row["id"];
143 }
144 return $res;
145 }
146
147 // permissions
148
149 protected function buildPermissionMap(): array
150 {
151 return array(
152 self::CONTEXT_MD => array(
153 "actions" => array(
154 self::ACTION_MD_CREATE_RECORD
155 ,
156 self::ACTION_MD_IMPORT_RECORDS
157 )
158 ),
159 self::CONTEXT_RECORD => array(
160 "actions" => array(
161 self::ACTION_RECORD_EDIT
162 ,
163 self::ACTION_RECORD_DELETE
164 ,
165 self::ACTION_RECORD_EXPORT
166 ,
167 self::ACTION_RECORD_TOGGLE_ACTIVATION
168 ,
169 self::ACTION_RECORD_EDIT_FIELDS
170 ,
171 self::ACTION_RECORD_FIELD_POSITIONS
172 ,
173 self::ACTION_RECORD_CREATE_FIELD
174 ),
175 "subactions" => array(
176 self::ACTION_RECORD_EDIT_PROPERTY =>
177 array(
178 self::SUBACTION_RECORD_TITLE
179 ,
180 self::SUBACTION_RECORD_DESCRIPTION
181 ,
182 self::SUBACTION_RECORD_OBJECT_TYPES
183 )
184 )
185 ),
186 self::CONTEXT_FIELD => array(
187 "actions" => array(
188 self::ACTION_FIELD_EDIT,
189 self::ACTION_FIELD_DELETE
190 ),
191 "subactions" => array(
192 self::ACTION_FIELD_EDIT_PROPERTY =>
193 array(
194 self::SUBACTION_FIELD_TITLE
195 ,
196 self::SUBACTION_FIELD_DESCRIPTION
197 ,
198 self::SUBACTION_FIELD_SEARCHABLE
199 ,
200 self::SUBACTION_FIELD_PROPERTIES
201 )
202 )
203 ),
204 self::CONTEXT_SUBSTITUTION => array(
205 "actions" => array(
206 self::ACTION_SUBSTITUTION_SHOW_DESCRIPTION
207 ,
208 self::ACTION_SUBSTITUTION_SHOW_FIELDNAMES
209 ,
210 self::ACTION_SUBSTITUTION_FIELD_POSITIONS
211 )
212 ),
213 self::CONTEXT_SUBSTITUTION_COURSE => array(
214 "actions" => array(
215 self::ACTION_SUBSTITUTION_COURSE_SHOW_FIELD
216 ),
217 "subactions" => array(
218 self::ACTION_SUBSTITUTION_COURSE_EDIT_FIELD_PROPERTY =>
219 array(
220 self::SUBACTION_SUBSTITUTION_BOLD
221 ,
222 self::SUBACTION_SUBSTITUTION_NEWLINE
223 )
224 )
225 ),
226 self::CONTEXT_SUBSTITUTION_CATEGORY => array(
227 "actions" => array(
228 self::ACTION_SUBSTITUTION_CATEGORY_SHOW_FIELD
229 ),
230 "subactions" => array(
231 self::ACTION_SUBSTITUTION_CATEGORY_EDIT_FIELD_PROPERTY =>
232 array(
233 self::SUBACTION_SUBSTITUTION_BOLD
234 ,
235 self::SUBACTION_SUBSTITUTION_NEWLINE
236 )
237 )
238 ),
239 self::CONTEXT_SUBSTITUTION_SESSION => array(
240 "actions" => array(
241 self::ACTION_SUBSTITUTION_SESSION_SHOW_FIELD
242 ),
243 "subactions" => array(
244 self::ACTION_SUBSTITUTION_SESSION_EDIT_FIELD_PROPERTY =>
245 array(
246 self::SUBACTION_SUBSTITUTION_BOLD
247 ,
248 self::SUBACTION_SUBSTITUTION_NEWLINE
249 )
250 )
251 ),
252 self::CONTEXT_SUBSTITUTION_GROUP => array(
253 "actions" => array(
254 self::ACTION_SUBSTITUTION_GROUP_SHOW_FIELD
255 ),
256 "subactions" => array(
257 self::ACTION_SUBSTITUTION_GROUP_EDIT_FIELD_PROPERTY =>
258 array(
259 self::SUBACTION_SUBSTITUTION_BOLD
260 ,
261 self::SUBACTION_SUBSTITUTION_NEWLINE
262 )
263 )
264 ),
265 self::CONTEXT_SUBSTITUTION_IASS => array(
266 "actions" => array(
267 self::ACTION_SUBSTITUTION_IASS_SHOW_FIELD
268 ),
269 "subactions" => array(
270 self::ACTION_SUBSTITUTION_IASS_EDIT_FIELD_PROPERTY =>
271 array(
272 self::SUBACTION_SUBSTITUTION_BOLD
273 ,
274 self::SUBACTION_SUBSTITUTION_NEWLINE
275 )
276 )
277 ),
278 self::CONTEXT_SUBSTITUTION_EXERCISE => array(
279 "actions" => array(
280 self::ACTION_SUBSTITUTION_EXERCISE_SHOW_FIELD
281 ),
282 "subactions" => array(
283 self::ACTION_SUBSTITUTION_EXERCISE_EDIT_FIELD_PROPERTY =>
284 array(
285 self::SUBACTION_SUBSTITUTION_BOLD
286 ,
287 self::SUBACTION_SUBSTITUTION_NEWLINE
288 )
289 )
290 ),
291 self::CONTEXT_SUBSTITUTION_FILE => array(
292 "actions" => array(
293 self::ACTION_SUBSTITUTION_FILE_SHOW_FIELD
294 ),
295 "subactions" => array(
296 self::ACTION_SUBSTITUTION_FILE_EDIT_FIELD_PROPERTY =>
297 array(
298 self::SUBACTION_SUBSTITUTION_BOLD
299 ,
300 self::SUBACTION_SUBSTITUTION_NEWLINE
301 )
302 )
303 ),
304 self::CONTEXT_SUBSTITUTION_PRG => array(
305 "actions" => array(
306 self::ACTION_SUBSTITUTION_PRG_SHOW_FIELD
307 ),
308 "subactions" => array(
309 self::ACTION_SUBSTITUTION_PRG_EDIT_FIELD_PROPERTY =>
310 array(
311 self::SUBACTION_SUBSTITUTION_BOLD
312 ,
313 self::SUBACTION_SUBSTITUTION_NEWLINE
314 )
315 )
316 ),
317 self::CONTEXT_SUBSTITUTION_ORG_UNIT => [
318 "actions" => [
319 self::ACTION_SUBSTITUTION_ORG_UNIT_SHOW_FIELD
320 ],
321 "subactions" => [
322 self::ACTION_SUBSTITUTION_ORG_UNIT_EDIT_FIELD_PROPERTY =>
323 [
324 self::SUBACTION_SUBSTITUTION_BOLD
325 ,
326 self::SUBACTION_SUBSTITUTION_NEWLINE
327 ]
328 ]
329 ]
330 );
331 }
332
333 // plugins
334
335 protected function getActivePlugins(): Generator
336 {
337 global $DIC;
338
339 $component_factory = $DIC['component.factory'];
340 yield from $component_factory->getActivePluginsInSlot("amdc");
341 }
342
343 protected function checkPermission(
344 int $a_context_type,
345 string $a_context_id,
346 int $a_action_id,
347 ?int $a_action_sub_id = null
348 ): bool {
349 global $DIC;
350
351 $ilAccess = $DIC['ilAccess'];
352
353 if (!$this->checkPlugins($a_context_type, $a_context_id, $a_action_id, $a_action_sub_id)) {
354 return false;
355 }
356
357 // export is considered read-action
358 if ($a_context_type == ilAdvancedMDPermissionHelper::CONTEXT_RECORD &&
359 $a_action_id == ilAdvancedMDPermissionHelper::ACTION_RECORD_EXPORT) {
360 return $ilAccess->checkAccessOfUser($this->getUserId(), "read", "", $this->getRefId());
361 }
362
363 return $this->checkRBAC();
364 }
365}
ilAdvancedMDPermissionHelper
Advanced metadata permission helper.
Definition: class.ilAdvancedMDPermissionHelper.php:28
ilAdvancedMDPermissionHelper\readContextIds
readContextIds(int $a_context_type)
Get all context ids for context type (from DB, is cached)
Definition: class.ilAdvancedMDPermissionHelper.php:104
ilAdvancedMDPermissionHelper\checkPermission
checkPermission(int $a_context_type, string $a_context_id, int $a_action_id, ?int $a_action_sub_id=null)
Check permission (helper: rbac, plugins)
Definition: class.ilAdvancedMDPermissionHelper.php:343
ilAdvancedMDPermissionHelper\buildPermissionMap
buildPermissionMap()
Build map of context and actions.
Definition: class.ilAdvancedMDPermissionHelper.php:149
ilAdvancedMDPermissionHelper\getActivePlugins
getActivePlugins()
Get active plugins (for current slot)
Definition: class.ilAdvancedMDPermissionHelper.php:335
ilClaimingPermissionHelper
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilClaimingPermissionHelper.php:25
ilClaimingPermissionHelper\checkRBAC
checkRBAC()
Check permission against RBAC.
Definition: class.ilClaimingPermissionHelper.php:200
ilClaimingPermissionHelper\checkPlugins
checkPlugins(int $a_context_type, string $a_context_id, int $a_action_id, ?int $a_action_sub_id=null)
Check permission against plugins.
Definition: class.ilClaimingPermissionHelper.php:217
$res
$res
Definition: ltiservices.php:69
$DIC
global $DIC
Definition: shib_login.php:26