protected function checkPrivileges($context, $privileges) { require_once 'Services/AccessControl/classes/class.ilRbacSystem.php'; global $ilUser; $userid = $ilUser->getId(); if (!isset($this->rbacAcl)) { $this->rbacAcl = ilRbacSystem::getInstance(); } $this->log(json_encode($context)); $this->log(json_encode($privileges)); $mode = 1; // 1 = this user // 2 = other user // 3 = object // 4 = other user privs if (property_exists($context, 'object')) { $mode = 3; $objid = $context->object; } if (property_exists($context, 'user')) { $mode += 1; $privileges = $this->initPrivileges(false); $userid = $context->user; } if (!isset($privileges)) { $privileges = $this->initPrivileges(); } if ($mode >= 3) { // get read privileges $privileges->personal->readObject = $this->rbacAcl->checkAccessOfUser($userid, 'read', $objid); $privileges->context->readObject = $privileges->personal->readObject; // get write privileges $privileges->personal->writeObject = $this->rbacAcl->checkAccessOfUser($userid, 'write', $objid); $privileges->context->writeObject = $privileges->personal->writeObject; // get learning progress teacher's privileges $priv = 'read_learning_progress'; $privileges->context->readActionStream = $this->rbacAcl->checkAccessOfUser($userid, 'read_learning_progress', $objid); if (!$privileges->context->readActionStream) { // if the priv is missing NOW, we need to lookup the parent global $tree; $objid = $tree->getParentId($objid); $privileges->context->readActionStream = $this->rbacAcl->checkAccessOfUser($userid, 'read_learning_progress', $objid); } if (!$privileges->context->readActionStream) { // if the user is lacking privileges now, // it is also necessary to verify if the current object // is an organisational unit because in that case there is a // different privilege. $privileges->context->readActionStream = $this->rbacAcl->checkAccessOfUser($userid, 'view_learning_progress', $objid); } } if ($mode === 2 || $mode === 4) { // this is a different part of the ACL! // get learning progress reading privileges // get learning progress update privileges } return $privileges; }
/** * $ilAccess and $rbac... initialisation */ protected static function initAccessHandling() { self::initGlobal("rbacreview", "ilRbacReview", "./Services/AccessControl/classes/class.ilRbacReview.php"); require_once "./Services/AccessControl/classes/class.ilRbacSystem.php"; $rbacsystem = ilRbacSystem::getInstance(); self::initGlobal("rbacsystem", $rbacsystem); self::initGlobal("rbacadmin", "ilRbacAdmin", "./Services/AccessControl/classes/class.ilRbacAdmin.php"); self::initGlobal("ilAccess", "ilAccessHandler", "./Services/AccessControl/classes/class.ilAccessHandler.php"); require_once "./Services/AccessControl/classes/class.ilConditionHandler.php"; }