ILIAS  trunk Revision v11.0_alpha-1713-gd8962da2f67
All Data Structures Namespaces Files Functions Variables Enumerations Enumerator Modules Pages
class.ilAdvancedMDPermissionHelper.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
27 class ilAdvancedMDPermissionHelper extends ilClaimingPermissionHelper
28 {
29  public const CONTEXT_MD = 1;
30  public const CONTEXT_RECORD = 2;
31  public const CONTEXT_FIELD = 3;
32  public const CONTEXT_SUBSTITUTION = 4;
33  public const CONTEXT_SUBSTITUTION_COURSE = 5;
34  public const CONTEXT_SUBSTITUTION_CATEGORY = 6;
35  public const CONTEXT_SUBSTITUTION_SESSION = 7;
36  public const CONTEXT_SUBSTITUTION_IASS = 8;
37  public const CONTEXT_SUBSTITUTION_GROUP = 9;
38  public const CONTEXT_SUBSTITUTION_EXERCISE = 10;
39 
40  public const CONTEXT_SUBSTITUTION_FILE = 11;
41  public const CONTEXT_SUBSTITUTION_PRG = 12;
42  public const CONTEXT_SUBSTITUTION_ORG_UNIT = 13;
43 
44  public const ACTION_MD_CREATE_RECORD = 1;
45  public const ACTION_MD_IMPORT_RECORDS = 2;
46 
47  public const ACTION_RECORD_EDIT = 5;
48  public const ACTION_RECORD_DELETE = 6;
49  public const ACTION_RECORD_EXPORT = 7;
50  public const ACTION_RECORD_TOGGLE_ACTIVATION = 8;
51  public const ACTION_RECORD_EDIT_PROPERTY = 9;
52  public const ACTION_RECORD_EDIT_FIELDS = 10;
53  public const ACTION_RECORD_CREATE_FIELD = 11;
54  public const ACTION_RECORD_FIELD_POSITIONS = 12;
55 
56  public const ACTION_FIELD_EDIT = 13;
57  public const ACTION_FIELD_DELETE = 14;
58  public const ACTION_FIELD_EDIT_PROPERTY = 15;
59 
60  public const ACTION_SUBSTITUTION_SHOW_DESCRIPTION = 16;
61  public const ACTION_SUBSTITUTION_SHOW_FIELDNAMES = 17;
62  public const ACTION_SUBSTITUTION_FIELD_POSITIONS = 18;
63 
64  public const ACTION_SUBSTITUTION_COURSE_SHOW_FIELD = 19;
65  public const ACTION_SUBSTITUTION_COURSE_EDIT_FIELD_PROPERTY = 20;
66 
67  public const ACTION_SUBSTITUTION_CATEGORY_SHOW_FIELD = 21;
68  public const ACTION_SUBSTITUTION_CATEGORY_EDIT_FIELD_PROPERTY = 22;
69 
70  public const ACTION_SUBSTITUTION_SESSION_SHOW_FIELD = 23;
71  public const ACTION_SUBSTITUTION_SESSION_EDIT_FIELD_PROPERTY = 24;
72 
73  public const ACTION_SUBSTITUTION_GROUP_SHOW_FIELD = 25;
74  public const ACTION_SUBSTITUTION_GROUP_EDIT_FIELD_PROPERTY = 26;
75 
76  public const ACTION_SUBSTITUTION_IASS_SHOW_FIELD = 27;
77  public const ACTION_SUBSTITUTION_IASS_EDIT_FIELD_PROPERTY = 28;
78 
79  public const ACTION_SUBSTITUTION_EXERCISE_SHOW_FIELD = 29;
80  public const ACTION_SUBSTITUTION_EXERCISE_EDIT_FIELD_PROPERTY = 30;
81 
82  public const ACTION_SUBSTITUTION_FILE_SHOW_FIELD = 31;
83  public const ACTION_SUBSTITUTION_FILE_EDIT_FIELD_PROPERTY = 32;
84 
85  public const ACTION_SUBSTITUTION_PRG_SHOW_FIELD = 33;
86  public const ACTION_SUBSTITUTION_PRG_EDIT_FIELD_PROPERTY = 34;
87 
88  public const ACTION_SUBSTITUTION_ORG_UNIT_SHOW_FIELD = 35;
89  public const ACTION_SUBSTITUTION_ORG_UNIT_EDIT_FIELD_PROPERTY = 36;
90 
91  public const SUBACTION_UNDEFINED = 0;
92  public const SUBACTION_RECORD_TITLE = 1;
93  public const SUBACTION_RECORD_DESCRIPTION = 2;
94  public const SUBACTION_RECORD_OBJECT_TYPES = 3;
95 
96  public const SUBACTION_FIELD_TITLE = 4;
97  public const SUBACTION_FIELD_DESCRIPTION = 5;
98  public const SUBACTION_FIELD_SEARCHABLE = 6;
99  public const SUBACTION_FIELD_PROPERTIES = 7;
100 
101  public const SUBACTION_SUBSTITUTION_BOLD = 8;
102  public const SUBACTION_SUBSTITUTION_NEWLINE = 9;
103 
104  protected function readContextIds(int $a_context_type): array
105  {
106  global $DIC;
107 
108  $ilDB = $DIC->database();
109 
110  switch ($a_context_type) {
111  case self::CONTEXT_MD:
112  return array($this->ref_id);
113 
114  case self::CONTEXT_RECORD:
115  $set = $ilDB->query("SELECT record_id id" .
116  " FROM adv_md_record");
117  break;
118 
119  case self::CONTEXT_FIELD:
120  case self::CONTEXT_SUBSTITUTION_COURSE:
121  case self::CONTEXT_SUBSTITUTION_GROUP:
122  case self::CONTEXT_SUBSTITUTION_SESSION:
123  case self::CONTEXT_SUBSTITUTION_CATEGORY:
124  case self::CONTEXT_SUBSTITUTION_IASS:
125  case self::CONTEXT_SUBSTITUTION_EXERCISE:
126  case self::CONTEXT_SUBSTITUTION_FILE:
127  case self::CONTEXT_SUBSTITUTION_PRG:
128  case self::CONTEXT_SUBSTITUTION_ORG_UNIT:
129  $set = $ilDB->query("SELECT field_id id" .
130  " FROM adv_mdf_definition");
131  break;
132 
133  case self::CONTEXT_SUBSTITUTION:
134  return $this->getAllowedObjectTypes();
135 
136  default:
137  return array();
138  }
139 
140  $res = array();
141  while ($row = $ilDB->fetchAssoc($set)) {
142  $res[] = (int) $row["id"];
143  }
144  return $res;
145  }
146 
147  // permissions
148 
149  protected function buildPermissionMap(): array
150  {
151  return array(
152  self::CONTEXT_MD => array(
153  "actions" => array(
154  self::ACTION_MD_CREATE_RECORD
155  ,
156  self::ACTION_MD_IMPORT_RECORDS
157  )
158  ),
159  self::CONTEXT_RECORD => array(
160  "actions" => array(
161  self::ACTION_RECORD_EDIT
162  ,
163  self::ACTION_RECORD_DELETE
164  ,
165  self::ACTION_RECORD_EXPORT
166  ,
167  self::ACTION_RECORD_TOGGLE_ACTIVATION
168  ,
169  self::ACTION_RECORD_EDIT_FIELDS
170  ,
171  self::ACTION_RECORD_FIELD_POSITIONS
172  ,
173  self::ACTION_RECORD_CREATE_FIELD
174  ),
175  "subactions" => array(
176  self::ACTION_RECORD_EDIT_PROPERTY =>
177  array(
178  self::SUBACTION_RECORD_TITLE
179  ,
180  self::SUBACTION_RECORD_DESCRIPTION
181  ,
182  self::SUBACTION_RECORD_OBJECT_TYPES
183  )
184  )
185  ),
186  self::CONTEXT_FIELD => array(
187  "actions" => array(
188  self::ACTION_FIELD_EDIT,
189  self::ACTION_FIELD_DELETE
190  ),
191  "subactions" => array(
192  self::ACTION_FIELD_EDIT_PROPERTY =>
193  array(
194  self::SUBACTION_FIELD_TITLE
195  ,
196  self::SUBACTION_FIELD_DESCRIPTION
197  ,
198  self::SUBACTION_FIELD_SEARCHABLE
199  ,
200  self::SUBACTION_FIELD_PROPERTIES
201  )
202  )
203  ),
204  self::CONTEXT_SUBSTITUTION => array(
205  "actions" => array(
206  self::ACTION_SUBSTITUTION_SHOW_DESCRIPTION
207  ,
208  self::ACTION_SUBSTITUTION_SHOW_FIELDNAMES
209  ,
210  self::ACTION_SUBSTITUTION_FIELD_POSITIONS
211  )
212  ),
213  self::CONTEXT_SUBSTITUTION_COURSE => array(
214  "actions" => array(
215  self::ACTION_SUBSTITUTION_COURSE_SHOW_FIELD
216  ),
217  "subactions" => array(
218  self::ACTION_SUBSTITUTION_COURSE_EDIT_FIELD_PROPERTY =>
219  array(
220  self::SUBACTION_SUBSTITUTION_BOLD
221  ,
222  self::SUBACTION_SUBSTITUTION_NEWLINE
223  )
224  )
225  ),
226  self::CONTEXT_SUBSTITUTION_CATEGORY => array(
227  "actions" => array(
228  self::ACTION_SUBSTITUTION_CATEGORY_SHOW_FIELD
229  ),
230  "subactions" => array(
231  self::ACTION_SUBSTITUTION_CATEGORY_EDIT_FIELD_PROPERTY =>
232  array(
233  self::SUBACTION_SUBSTITUTION_BOLD
234  ,
235  self::SUBACTION_SUBSTITUTION_NEWLINE
236  )
237  )
238  ),
239  self::CONTEXT_SUBSTITUTION_SESSION => array(
240  "actions" => array(
241  self::ACTION_SUBSTITUTION_SESSION_SHOW_FIELD
242  ),
243  "subactions" => array(
244  self::ACTION_SUBSTITUTION_SESSION_EDIT_FIELD_PROPERTY =>
245  array(
246  self::SUBACTION_SUBSTITUTION_BOLD
247  ,
248  self::SUBACTION_SUBSTITUTION_NEWLINE
249  )
250  )
251  ),
252  self::CONTEXT_SUBSTITUTION_GROUP => array(
253  "actions" => array(
254  self::ACTION_SUBSTITUTION_GROUP_SHOW_FIELD
255  ),
256  "subactions" => array(
257  self::ACTION_SUBSTITUTION_GROUP_EDIT_FIELD_PROPERTY =>
258  array(
259  self::SUBACTION_SUBSTITUTION_BOLD
260  ,
261  self::SUBACTION_SUBSTITUTION_NEWLINE
262  )
263  )
264  ),
265  self::CONTEXT_SUBSTITUTION_IASS => array(
266  "actions" => array(
267  self::ACTION_SUBSTITUTION_IASS_SHOW_FIELD
268  ),
269  "subactions" => array(
270  self::ACTION_SUBSTITUTION_IASS_EDIT_FIELD_PROPERTY =>
271  array(
272  self::SUBACTION_SUBSTITUTION_BOLD
273  ,
274  self::SUBACTION_SUBSTITUTION_NEWLINE
275  )
276  )
277  ),
278  self::CONTEXT_SUBSTITUTION_EXERCISE => array(
279  "actions" => array(
280  self::ACTION_SUBSTITUTION_EXERCISE_SHOW_FIELD
281  ),
282  "subactions" => array(
283  self::ACTION_SUBSTITUTION_EXERCISE_EDIT_FIELD_PROPERTY =>
284  array(
285  self::SUBACTION_SUBSTITUTION_BOLD
286  ,
287  self::SUBACTION_SUBSTITUTION_NEWLINE
288  )
289  )
290  ),
291  self::CONTEXT_SUBSTITUTION_FILE => array(
292  "actions" => array(
293  self::ACTION_SUBSTITUTION_FILE_SHOW_FIELD
294  ),
295  "subactions" => array(
296  self::ACTION_SUBSTITUTION_FILE_EDIT_FIELD_PROPERTY =>
297  array(
298  self::SUBACTION_SUBSTITUTION_BOLD
299  ,
300  self::SUBACTION_SUBSTITUTION_NEWLINE
301  )
302  )
303  ),
304  self::CONTEXT_SUBSTITUTION_PRG => array(
305  "actions" => array(
306  self::ACTION_SUBSTITUTION_PRG_SHOW_FIELD
307  ),
308  "subactions" => array(
309  self::ACTION_SUBSTITUTION_PRG_EDIT_FIELD_PROPERTY =>
310  array(
311  self::SUBACTION_SUBSTITUTION_BOLD
312  ,
313  self::SUBACTION_SUBSTITUTION_NEWLINE
314  )
315  )
316  ),
317  self::CONTEXT_SUBSTITUTION_ORG_UNIT => [
318  "actions" => [
319  self::ACTION_SUBSTITUTION_ORG_UNIT_SHOW_FIELD
320  ],
321  "subactions" => [
322  self::ACTION_SUBSTITUTION_ORG_UNIT_EDIT_FIELD_PROPERTY =>
323  [
324  self::SUBACTION_SUBSTITUTION_BOLD
325  ,
326  self::SUBACTION_SUBSTITUTION_NEWLINE
327  ]
328  ]
329  ]
330  );
331  }
332 
333  // plugins
334 
335  protected function getActivePlugins(): Generator
336  {
337  global $DIC;
338 
339  $component_factory = $DIC['component.factory'];
340  yield from $component_factory->getActivePluginsInSlot("amdc");
341  }
342 
343  protected function checkPermission(
344  int $a_context_type,
345  string $a_context_id,
346  int $a_action_id,
347  ?int $a_action_sub_id = null
348  ): bool {
349  global $DIC;
350 
351  $ilAccess = $DIC['ilAccess'];
352 
353  if (!$this->checkPlugins($a_context_type, $a_context_id, $a_action_id, $a_action_sub_id)) {
354  return false;
355  }
356 
357  // export is considered read-action
358  if ($a_context_type == ilAdvancedMDPermissionHelper::CONTEXT_RECORD &&
359  $a_action_id == ilAdvancedMDPermissionHelper::ACTION_RECORD_EXPORT) {
360  return $ilAccess->checkAccessOfUser($this->getUserId(), "read", "", $this->getRefId());
361  }
362 
363  return $this->checkRBAC();
364  }
365 }
$res
$res
Definition: ltiservices.php:66
ilClaimingPermissionHelper
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilClaimingPermissionHelper.php:24
null
while($session_entry=$r->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) return null
Definition: shib_logout.php:142
ilAdvancedMDPermissionHelper
Advanced metadata permission helper.
Definition: class.ilAdvancedMDPermissionHelper.php:27
ilClaimingPermissionHelper\checkRBAC
checkRBAC()
Check permission against RBAC.
Definition: class.ilClaimingPermissionHelper.php:200
$DIC
global $DIC
Definition: shib_login.php:22
ilClaimingPermissionHelper\checkPlugins
checkPlugins(int $a_context_type, string $a_context_id, int $a_action_id, ?int $a_action_sub_id=null)
Check permission against plugins.
Definition: class.ilClaimingPermissionHelper.php:217
ilAdvancedMDPermissionHelper\checkPermission
checkPermission(int $a_context_type, string $a_context_id, int $a_action_id, ?int $a_action_sub_id=null)
Definition: class.ilAdvancedMDPermissionHelper.php:343