1<?php 2/* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */ 3 4include_once("./Services/Repository/classes/class.ilObjectPluginAccess.php"); 5include_once("class.ilCloudConnector.php"); 6include_once("class.ilObjCloud.php"); 7 8/** 9 * Class ilObjCloudAccess 10 * 11 * @author Timon Amstutz <timon.amstutz@ilub.unibe.ch> 12 * @version $Id: 13 * 14 * @extends ilObjectAccess 15 */ 16class ilObjCloudAccess extends ilObjectAccess 17{ 18 protected static $access_cache = array(); 19 20 21 public static function _getCommands() 22 { 23 $commands = array( 24 array( "permission" => "read", "cmd" => "render", "lang_var" => "show", "default" => true ), 25 array( "permission" => "write", "cmd" => "editSettings", "lang_var" => "settings" ), 26 ); 27 28 return $commands; 29 } 30 31 32 /** 33 * @param string $a_cmd 34 * @param string $a_permission 35 * @param int $a_ref_id 36 * @param int $a_obj_id 37 * @param string $a_user_id 38 * @return bool 39 */ 40 public function _checkAccess($a_cmd, $a_permission, $a_ref_id, $a_obj_id, $a_user_id = "") 41 { 42 global $DIC; 43 $ilUser = $DIC['ilUser']; 44 $rbacsystem = $DIC['rbacsystem']; 45 $rbacreview = $DIC['rbacreview']; 46 47 $object = new ilObjCloud($a_ref_id); 48 49 /** 50 * Check if plugin of object is active 51 */ 52 try { 53 ilCloudConnector::checkServiceActive($object->getServiceName()); 54 } catch (Exception $e) { 55 return false; 56 } 57 58 if ($a_user_id == "") { 59 $a_user_id = $ilUser->getId(); 60 } 61 62 /** 63 * Check if authentication is complete. If not, only the owner of the object has access. This prevents the 64 * authentication of an account which does not belong to the owner. 65 */ 66 if (!ilObjCloudAccess::checkAuthStatus($a_obj_id) && $a_user_id != $object->getOwnerId() && !$rbacreview->isAssigned($a_user_id, 2)) { 67 return false; 68 } 69 70 switch ($a_permission) { 71 case "visible": 72 case "read": 73 if (!ilObjCloudAccess::checkOnline($a_obj_id) && !$rbacsystem->checkAccessOfUser($a_user_id, "write", $a_ref_id)) { 74 return false; 75 } 76 break; 77 } 78 79 return true; 80 } 81 82 83 /** 84 * @param $a_target 85 * @return bool 86 */ 87 public static function _checkGoto($a_target) 88 { 89 global $DIC; 90 $ilAccess = $DIC['ilAccess']; 91 92 $t_arr = explode("_", $a_target); 93 94 if ($ilAccess->checkAccess("read", "", $t_arr[1])) { 95 return true; 96 } 97 98 return false; 99 } 100 101 102 /** 103 * @param $a_id 104 * @return mixed 105 */ 106 public static function checkOnline($a_id) 107 { 108 global $DIC; 109 $ilDB = $DIC['ilDB']; 110 111 if (!isset(self::$access_cache[$a_id]["online"])) { 112 $set = $ilDB->query("SELECT is_online FROM il_cld_data " . " WHERE id = " . $ilDB->quote($a_id, "integer")); 113 $rec = $ilDB->fetchAssoc($set); 114 self::$access_cache[$a_id]["online"] = (boolean) ($rec["is_online"]); 115 } 116 117 return self::$access_cache[$a_id]["online"]; 118 } 119 120 121 /** 122 * @param $a_id 123 * @return mixed 124 */ 125 public static function checkAuthStatus($a_id) 126 { 127 global $DIC; 128 $ilDB = $DIC['ilDB']; 129 130 if (!isset(self::$access_cache[$a_id]["auth_status"])) { 131 $set = $ilDB->query("SELECT auth_complete FROM il_cld_data " . " WHERE id = " . $ilDB->quote($a_id, "integer")); 132 $rec = $ilDB->fetchAssoc($set); 133 self::$access_cache[$a_id]["auth_status"] = (boolean) $rec["auth_complete"]; 134 } 135 136 return self::$access_cache[$a_id]["auth_status"]; 137 } 138} 139