aboutsummaryrefslogtreecommitdiff
path: root/lib/classes/JsonApi/Routes/Files/Authority.php
blob: f96475d0d223408aeb5062c33df9f288864aee3f (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150

<?php

namespace JsonApi\Routes\Files;

use User;
use JsonApi\Routes\Courses\Authority as CoursesAuth;
use JsonApi\Routes\Users\Authority as UsersAuth;

/**
 * @SuppressWarnings(PHPMD.TooManyPublicMethods)
 * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
 */
class Authority
{
    public static function canShowFileArea(User $user, \SimpleORMap $resource): bool
    {
        if (
            $resource instanceof \Course &&
            !CoursesAuth::canShowCourse($user, $resource, CoursesAuth::SCOPE_EXTENDED)
        ) {
            return false;
        }

        if ($resource instanceof \Course || $resource instanceof \Institute) {
            $info = \PluginManager::getInstance()->getPluginInfo('CoreDocuments');
            if (!\PluginManager::getInstance()->isPluginActivated($info['id'], $resource->id)) {
                return false;
            }
        }

        return ($folder = \Folder::findTopFolder($resource->id)) &&
            ($rootFolder = $folder->getTypedFolder()) &&
            $rootFolder->isVisible($user->id);
    }

    public static function canShowFolder(User $user, \FolderType $folder)
    {
        return $folder->isReadable($user->id);
    }

    public static function canUpdateFolder(User $user, \FolderType $folder)
    {
        return $folder->isEditable($user->id);
    }

    public static function canDeleteFolder(User $user, \FolderType $folder)
    {
        return $folder->isEditable($user->id);
    }

    public static function canShowFileRef(User $user, \FileRef $fileRef)
    {
        return $fileRef->getFileType()->isVisible($user->id) || $fileRef->getFileType()->isDownloadable($user->id);
    }

    public static function canUpdateFileRef(User $user, \FileRef $fileRef)
    {
        return $fileRef->getFileType()->isWritable($user->id);
    }

    public static function canDeleteFileRef(User $user, \FileRef $fileRef)
    {
        return $fileRef->getFileType()->isWritable($user->id);
    }

    public static function canDownloadFileRef(User $user, \FileRef $fileRef)
    {
        return $fileRef->getFileType()->isDownloadable($user->id);
    }

    public static function canShowFile(User $user, \File $file)
    {
        return $file['user_id'] === $user->id ||
            0 <
                count(
                    $file->refs->filter(function (\FileRef $ref) use ($user) {
                        $folder = $ref->foldertype;

                        return $folder && $folder->isVisible($user->id) && $folder->isReadable($user->id);
                    }, 1)
                );
    }

    public static function canUpdateFile(User $user, \File $file)
    {
        return 0 <
            count(
                $file->refs->filter(function (\FileRef $ref) use ($user) {
                    return $ref->getFileType()->isWritable($user->id);
                }, 1)
            );
    }

    public static function canIndexCourse(User $user, \Course $course)
    {
        return CoursesAuth::canShowCourse($user, $course, CoursesAuth::SCOPE_EXTENDED);
    }

    /**
     * @SuppressWarnings(PHPMD.UnusedFormalParameters)
     */
    public static function canIndexInstitute(User $user, \Institute $institute)
    {
        return true;
    }

    public static function canIndexUser(User $user, \User $otherUser)
    {
        return UsersAuth::canShowUser($user, $otherUser);
    }

    /**
     * @SuppressWarnings(PHPMD.UnusedFormalParameters)
     */
    public static function canShowTermsOfUse(User $user, \ContentTermsOfUse $terms)
    {
        return true; // !!
    }

    /**
     * @SuppressWarnings(PHPMD.UnusedFormalParameters)
     */
    public static function canIndexTermsOfUse(User $user)
    {
        return true; // !!
    }

    public static function canCreateSubfolder(User $user, \FolderType $folder)
    {
        return $folder->isSubfolderAllowed($user->id);
    }

    public static function canCreateFileRefsInFolder(User $user, \FolderType $folder)
    {
        return $folder->isWritable($user->id);
    }

    public static function canCopyFolder(User $user, \FolderType $sourceFolder, \FolderType $destinationFolder)
    {
        return self::canCreateFileRefsInFolder($user, $destinationFolder) && self::canShowFolder($user, $sourceFolder);
    }

    public static function canAnnotateFileRef(User $user, \FileRef $fileRef)
    {
        $range = $fileRef->getRangeCourseId();
        return static::canCreateFileRefsInFolder($user, $fileRef->folder->getTypedFolder())
            && $GLOBALS['perm']->have_studip_perm('tutor', $fileRef->getRangeCourseId(), $user->id);
    }

}
generated by cgit v1.0 at 2026-05-28 01:04:43 +0000