ILIAS  trunk Revision v12.0_alpha-377-g3641b37b9db
class.ilAdvancedMDPermissionHelper.php
Go to the documentation of this file.
1<?php
2
19declare(strict_types=1);
20
27class ilAdvancedMDPermissionHelper extends ilClaimingPermissionHelper
28{
29 public const int CONTEXT_MD = 1;
30 public const int CONTEXT_RECORD = 2;
31 public const int CONTEXT_FIELD = 3;
32
33 public const int ACTION_MD_CREATE_RECORD = 1;
34 public const int ACTION_MD_IMPORT_RECORDS = 2;
35
36 public const int ACTION_RECORD_EDIT = 5;
37 public const int ACTION_RECORD_DELETE = 6;
38 public const int ACTION_RECORD_EXPORT = 7;
39 public const int ACTION_RECORD_TOGGLE_ACTIVATION = 8;
40 public const int ACTION_RECORD_EDIT_PROPERTY = 9;
41 public const int ACTION_RECORD_EDIT_FIELDS = 10;
42 public const int ACTION_RECORD_CREATE_FIELD = 11;
43 public const int ACTION_RECORD_FIELD_POSITIONS = 12;
44
45 public const int ACTION_FIELD_EDIT = 13;
46 public const int ACTION_FIELD_DELETE = 14;
47 public const int ACTION_FIELD_EDIT_PROPERTY = 15;
48
49 public const int SUBACTION_UNDEFINED = 0;
50 public const int SUBACTION_RECORD_TITLE = 1;
51 public const int SUBACTION_RECORD_DESCRIPTION = 2;
52 public const int SUBACTION_RECORD_OBJECT_TYPES = 3;
53
54 public const int SUBACTION_FIELD_TITLE = 4;
55 public const int SUBACTION_FIELD_DESCRIPTION = 5;
56 public const int SUBACTION_FIELD_SEARCHABLE = 6;
57 public const int SUBACTION_FIELD_PROPERTIES = 7;
58
59 protected function readContextIds(int $a_context_type): array
60 {
61 global $DIC;
62
63 $ilDB = $DIC->database();
64
65 switch ($a_context_type) {
66 case self::CONTEXT_MD:
67 return array($this->ref_id);
68
69 case self::CONTEXT_RECORD:
70 $set = $ilDB->query("SELECT record_id id" .
71 " FROM adv_md_record");
72 break;
73
74 case self::CONTEXT_FIELD:
75 $set = $ilDB->query("SELECT field_id id" .
76 " FROM adv_mdf_definition");
77 break;
78
79 default:
80 return array();
81 }
82
83 $res = array();
84 while ($row = $ilDB->fetchAssoc($set)) {
85 $res[] = (int) $row["id"];
86 }
87 return $res;
88 }
89
90 // permissions
91
92 protected function buildPermissionMap(): array
93 {
94 return array(
95 self::CONTEXT_MD => array(
96 "actions" => array(
97 self::ACTION_MD_CREATE_RECORD
98 ,
99 self::ACTION_MD_IMPORT_RECORDS
100 )
101 ),
102 self::CONTEXT_RECORD => array(
103 "actions" => array(
104 self::ACTION_RECORD_EDIT
105 ,
106 self::ACTION_RECORD_DELETE
107 ,
108 self::ACTION_RECORD_EXPORT
109 ,
110 self::ACTION_RECORD_TOGGLE_ACTIVATION
111 ,
112 self::ACTION_RECORD_EDIT_FIELDS
113 ,
114 self::ACTION_RECORD_FIELD_POSITIONS
115 ,
116 self::ACTION_RECORD_CREATE_FIELD
117 ),
118 "subactions" => array(
119 self::ACTION_RECORD_EDIT_PROPERTY =>
120 array(
121 self::SUBACTION_RECORD_TITLE
122 ,
123 self::SUBACTION_RECORD_DESCRIPTION
124 ,
125 self::SUBACTION_RECORD_OBJECT_TYPES
126 )
127 )
128 ),
129 self::CONTEXT_FIELD => array(
130 "actions" => array(
131 self::ACTION_FIELD_EDIT,
132 self::ACTION_FIELD_DELETE
133 ),
134 "subactions" => array(
135 self::ACTION_FIELD_EDIT_PROPERTY =>
136 array(
137 self::SUBACTION_FIELD_TITLE
138 ,
139 self::SUBACTION_FIELD_DESCRIPTION
140 ,
141 self::SUBACTION_FIELD_SEARCHABLE
142 ,
143 self::SUBACTION_FIELD_PROPERTIES
144 )
145 )
146 )
147 );
148 }
149
150 // plugins
151
152 protected function getActivePlugins(): Generator
153 {
154 global $DIC;
155
156 $component_factory = $DIC['component.factory'];
157 yield from $component_factory->getActivePluginsInSlot("amdc");
158 }
159
160 protected function checkPermission(
161 int $a_context_type,
162 int $a_context_id,
163 int $a_action_id,
164 ?int $a_action_sub_id = null
165 ): bool {
166 global $DIC;
167
168 $ilAccess = $DIC['ilAccess'];
169
170 if (!$this->checkPlugins($a_context_type, $a_context_id, $a_action_id, $a_action_sub_id)) {
171 return false;
172 }
173
174 // export is considered read-action
175 if ($a_context_type == ilAdvancedMDPermissionHelper::CONTEXT_RECORD &&
176 $a_action_id == ilAdvancedMDPermissionHelper::ACTION_RECORD_EXPORT) {
177 return $ilAccess->checkAccessOfUser($this->getUserId(), "read", "", $this->getRefId());
178 }
179
180 return $this->checkRBAC();
181 }
182}
ilAdvancedMDPermissionHelper
Advanced metadata permission helper.
Definition: class.ilAdvancedMDPermissionHelper.php:28
ilAdvancedMDPermissionHelper\readContextIds
readContextIds(int $a_context_type)
Get all context ids for context type (from DB, is cached)
Definition: class.ilAdvancedMDPermissionHelper.php:59
ilAdvancedMDPermissionHelper\buildPermissionMap
buildPermissionMap()
Build map of context and actions.
Definition: class.ilAdvancedMDPermissionHelper.php:92
ilAdvancedMDPermissionHelper\checkPermission
checkPermission(int $a_context_type, int $a_context_id, int $a_action_id, ?int $a_action_sub_id=null)
Check permission (helper: rbac, plugins)
Definition: class.ilAdvancedMDPermissionHelper.php:160
ilAdvancedMDPermissionHelper\getActivePlugins
getActivePlugins()
Get active plugins (for current slot)
Definition: class.ilAdvancedMDPermissionHelper.php:152
ilClaimingPermissionHelper
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilClaimingPermissionHelper.php:25
ilClaimingPermissionHelper\checkRBAC
checkRBAC()
Check permission against RBAC.
Definition: class.ilClaimingPermissionHelper.php:200
ilClaimingPermissionHelper\checkPlugins
checkPlugins(int $a_context_type, int $a_context_id, int $a_action_id, ?int $a_action_sub_id=null)
Check permission against plugins.
Definition: class.ilClaimingPermissionHelper.php:217
$res
$res
Definition: ltiservices.php:69
$DIC
global $DIC
Definition: shib_login.php:26