/** * @param string $attribute * @param LearningMaterialInterface $material * @param UserInterface|null $user * @return bool */ protected function isGranted($attribute, $material, $user = null) { // make sure there is a user object (i.e. that the user is logged in) if (!$user instanceof UserInterface) { return false; } switch ($attribute) { case self::VIEW: // any authenticated user can see all learning materials. return true; break; case self::CREATE: // users with 'Faculty', 'Course director' or 'Developer' role can create materials. return $this->userHasRole($user, ['Faculty', 'Course Director', 'Developer']); break; case self::EDIT: case self::DELETE: // in order to grant EDIT and DELETE privileges on the given learning material to the given user, // at least one of the following statements must be true: // 1. the user owns the learning material // 2. the user and the owner of the learning material share the same primary school, // and the user has at least one of 'Faculty', 'Course Director' or 'Developer' roles. // 3. the user has WRITE rights in the learning material owner's primary school, // and the user has at least one of 'Faculty', 'Course Director' or 'Developer' roles. return $user->getId() === $material->getOwningUser()->getId() || $this->userHasRole($user, ['Faculty', 'Course Director', 'Developer']) && ($this->schoolsAreIdentical($user->getSchool(), $material->getOwningUser()->getSchool()) || $this->permissionManager->userHasWritePermissionToSchool($user, $material->getOwningUser()->getSchool())); break; } return false; }
/** * @param string $attribute * @param LearningMaterialInterface $material * @param TokenInterface $token * @return bool */ protected function voteOnAttribute($attribute, $material, TokenInterface $token) { $user = $token->getUser(); if (!$user instanceof UserInterface) { return false; } switch ($attribute) { case self::VIEW: // Deny access to LMs that are 'in draft' if the current user // does not have elevated privileges. return LearningMaterialStatusInterface::IN_DRAFT !== $material->getStatus()->getId() || $this->userHasRole($user, ['Faculty', 'Course Director', 'Developer']); break; case self::CREATE: // users with 'Faculty', 'Course director' or 'Developer' role can create materials. return $this->userHasRole($user, ['Faculty', 'Course Director', 'Developer']); break; case self::EDIT: case self::DELETE: // in order to grant EDIT and DELETE privileges on the given learning material to the given user, // at least one of the following statements must be true: // 1. the user owns the learning material // 2. the user has at least one of 'Faculty', 'Course Director' or 'Developer' roles. return $this->usersAreIdentical($user, $material->getOwningUser()) || $this->userHasRole($user, ['Faculty', 'Course Director', 'Developer']); break; } return false; }
/** * @param LearningMaterialInterface $learningMaterial * @param Router $router */ public function __construct(LearningMaterialInterface $learningMaterial, Router $router) { if ($learningMaterial->getFilename()) { $link = $router->generate('ilios_core_downloadlearningmaterial', ['token' => $learningMaterial->getToken()], UrlGenerator::ABSOLUTE_URL); $this->absoluteFileUri = $link; } $this->id = $learningMaterial->getId(); $this->title = $learningMaterial->getTitle(); $this->description = $learningMaterial->getDescription(); $this->uploadDate = $learningMaterial->getUploadDate(); $this->originalAuthor = $learningMaterial->getOriginalAuthor(); $this->userRole = (string) $learningMaterial->getUserRole(); $this->status = (string) $learningMaterial->getStatus(); $this->owningUser = (string) $learningMaterial->getOwningUser(); $this->citation = $learningMaterial->getCitation(); $this->copyrightPermission = $learningMaterial->hasCopyrightPermission(); $this->copyrightRationale = $learningMaterial->getCopyrightRationale(); $this->mimetype = $learningMaterial->getMimetype(); $this->filesize = $learningMaterial->getFilesize(); $this->filename = $learningMaterial->getFilename(); $this->link = $learningMaterial->getLink(); $courseLearningMaterialIds = $learningMaterial->getCourseLearningMaterials()->map(function (CourseLearningMaterialInterface $lm) { return (string) $lm; }); $this->courseLearningMaterials = $courseLearningMaterialIds->toArray(); $sessionLearningMaterialIds = $learningMaterial->getSessionLearningMaterials()->map(function (SessionLearningMaterialInterface $lm) { return (string) $lm; }); $this->sessionLearningMaterials = $sessionLearningMaterialIds->toArray(); }