public static function hasAccess($a_node_id, $a_is_portfolio = false) { global $ilUser, $ilSetting; // if we have current user - check with normal access handler if ($ilUser->getId() != ANONYMOUS_USER_ID) { if (!$a_is_portfolio) { include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceAccessHandler.php"; include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceTree.php"; $tree = new ilWorkspaceTree($ilUser->getId()); $access_handler = new ilWorkspaceAccessHandler($tree); } else { include_once "Modules/Portfolio/classes/class.ilPortfolioAccessHandler.php"; $access_handler = new ilPortfolioAccessHandler(); } if ($access_handler->checkAccess("read", "", $a_node_id)) { return true; } } // not logged in yet or no read access include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceAccessGUI.php"; if (!$a_is_portfolio) { include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceAccessHandler.php"; $shared = ilWorkspaceAccessHandler::getPermissions($a_node_id); } else { // #12059 if (!$ilSetting->get('user_portfolios')) { return false; } // #12039 include_once "Modules/Portfolio/classes/class.ilObjPortfolio.php"; $prtf = new ilObjPortfolio($a_node_id, false); if (!$prtf->isOnline()) { return false; } include_once "Modules/Portfolio/classes/class.ilPortfolioAccessHandler.php"; $shared = ilPortfolioAccessHandler::getPermissions($a_node_id); } // object is "public" if (in_array(ilWorkspaceAccessGUI::PERMISSION_ALL, $shared)) { return true; } // password protected if (in_array(ilWorkspaceAccessGUI::PERMISSION_ALL_PASSWORD, $shared)) { if (!$a_is_portfolio) { ilUtil::redirect("ilias.php?baseClass=ilSharedResourceGUI&cmd=passwordForm&wsp_id=" . $a_node_id); } else { ilUtil::redirect("ilias.php?baseClass=ilSharedResourceGUI&cmd=passwordForm&prt_id=" . $a_node_id); } } return false; }
/** * check access for an object * * @param integer $a_user_id * @param string $a_permission * @param string $a_cmd * @param int $a_node_id * @param string $a_type (optional) * @return bool */ public function checkAccessOfUser($a_user_id, $a_permission, $a_cmd, $a_node_id, $a_type = "") { global $rbacreview, $ilUser, $ilSetting; // #12059 if (!$ilSetting->get('user_portfolios')) { return false; } // :TODO: create permission for parent node with type ?! $pf = new ilObjPortfolio($a_node_id, false); if (!$pf->getId()) { return false; } // portfolio owner has all rights if ($pf->getOwner() == $a_user_id) { return true; } // #11921 if (!$pf->isOnline()) { return false; } // other users can only read if ($a_permission == "read" || $a_permission == "visible") { // get all objects with explicit permission $objects = $this->getPermissions($a_node_id); if ($objects) { include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceAccessGUI.php"; // check if given user is member of object or has role foreach ($objects as $obj_id) { switch ($obj_id) { case ilWorkspaceAccessGUI::PERMISSION_ALL: return true; case ilWorkspaceAccessGUI::PERMISSION_ALL_PASSWORD: // check against input kept in session if (self::getSharedNodePassword($a_node_id) == self::getSharedSessionPassword($a_node_id) || $a_permission == "visible") { return true; } break; case ilWorkspaceAccessGUI::PERMISSION_REGISTERED: if ($ilUser->getId() != ANONYMOUS_USER_ID) { return true; } break; default: switch (ilObject::_lookupType($obj_id)) { case "grp": // member of group? if (ilGroupParticipants::_getInstanceByObjId($obj_id)->isAssigned($a_user_id)) { return true; } break; case "crs": // member of course? if (ilCourseParticipants::_getInstanceByObjId($obj_id)->isAssigned($a_user_id)) { return true; } break; case "role": // has role? if ($rbacreview->isAssigned($a_user_id, $obj_id)) { return true; } break; case "usr": // direct assignment if ($a_user_id == $obj_id) { return true; } break; } break; } } } } return false; }