[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-cvs] property/class.acl2.php, 1.1.1.4
From: |
nomail |
Subject: |
[Phpgroupware-cvs] property/class.acl2.php, 1.1.1.4 |
Date: |
Fri, 21 May 2004 19:12:00 -0000 |
Update of /property
Modified Files:
Branch:
class.acl2.php
date: 2004/04/24 19:39:54; author: sigurdne; state: Exp; lines: +345 -11
Log Message:
no message
=====================================================================
Index: property/class.acl2.php
diff -u property/class.acl2.php:1.1.1.3 property/class.acl2.php:1.1.1.4
--- property/class.acl2.php:1.1.1.3 Fri Apr 23 21:26:33 2004
+++ property/class.acl2.php Sat Apr 24 19:39:54 2004
@@ -34,16 +34,27 @@
{
$expected_args[0] =
Array('name'=>'account_id','default'=>$GLOBALS['phpgw_data']['user']['id'],
'type'=>'number');
$expected_args[1] =
Array('name'=>'host_id','default'=>0, 'type'=>'number');
- $expected_args[2] =
Array('name'=>'app_id','default'=>$GLOBALS['phpgw']->applications->data[$GLOBALS['phpgw_info']['flags']['currentapp']]['id'],
'type'=>'number');
+ $expected_args[2] =
Array('name'=>'app_id','default'=>$GLOBALS['phpgw']->applications->data[$GLOBALS['phpgw_data']['flags']['req_app']]['id'],
'type'=>'number');
$recieved_args = func_get_args();
$args = $this->safe_args($expected_args,
$recieved_args,__LINE__,__FILE__);
$this->db = $GLOBALS['phpgw']->db;
$this->db2 = $this->db;
$this->account_id = $args['account_id'];
$this->host_id = $args['host_id'];
- $this->app_id = $args['app_id'];
+ $this->app_id = 6;//$args['app_id'];
}
+
+ /*!
+ @function get_account_id
+ @abstract Return a properly formatted account_id.
+ @author skeeter
+ @discussion This function will return a properly formatted
account_id. This can take either a name or an account_id as paramters. If a
name is provided it will return the associated id.
+ @syntax get_account_id($accountid);
+ @example $account_id = get_account_id($accountid);
+ @param $account_id either a name or an id
+ @param $default_id either a name or an id
+ */
function get_account_id($account_id = '',$default_id = '')
{
if (gettype($account_id) == 'integer')
@@ -76,13 +87,12 @@
}
-
function membership($accountid = '')
{
$account_id = $this->get_account_id($accountid);
$security_equals = Array();
- $security_equals =
$GLOBALS['phpgw']->acl->get_location_list_for_id('phpgw_group', 1, $account_id);
+ $security_equals =
$this->get_location_list_for_id('phpgw_group', 1, $account_id);
if($security_equals == False)
{
@@ -94,15 +104,336 @@
for($idx=0; $idx<count($security_equals); $idx++)
{
$groups = intval($security_equals[$idx]);
- $this->memberships[] = Array('account_id' =>
$groups, 'account_name' => $this->id2name($groups));
+ $this->memberships[] = Array('account_id' =>
$groups, 'account_name' => $GLOBALS['phpgw']->accounts->id2name($groups));
}
return $this->memberships;
}
+ function member($accountid = '')
+ {
+ $account_id = get_account_id($accountid);
+
+ $security_equals = Array();
+// $acl = CreateObject('phpgwapi.acl');
+ $security_equals =
$this->get_ids_for_location($account_id, 1, 'phpgw_group');
+ unset($acl);
+
+ if($security_equals == False)
+ {
+ return False;
+ }
+
+ for($idx=0; $idx<count($security_equals); $idx++)
+ {
+ $name =
$GLOBALS['phpgw']->accounts->id2name(intval($security_equals[$idx]));
+ $this->members[] = Array('account_id' =>
intval($security_equals[$idx]), 'account_name' => $name);
+ }
+
+ return $this->members;
+ }
+
+ /*!
+ @function get_ids_for_location
+ @abstract get ids for location
+ @param $location location
+ @param $required required
+ @param $app app optional defaults to
$phpgw_info['flags']['currentapp'];
+ */
+ function get_ids_for_location($location, $required, $app =
False)
+ {
+echo 'hepp';
+ if ($app == False)
+ {
+ $app =
$GLOBALS['phpgw_data']['flags']['req_app'];
+ }
+ $sql = "select acl_account, acl_rights from phpgw_acl
where acl_appname = '$app' and ";
+ $sql .= "acl_location = '".$location."'";
+ $dbresult = $GLOBALS['phpgw']->db->Execute($sql);
+ $rights = 0;
+ if ($dbresult->_numOfRows == 0 )
+ {
+ return False;
+ }
+ while (!$dbresult->EOF)
+ {
+ $rights = 0;
+ $rights |= $dbresult->fields['acl_rights'];
+ if (!!($rights & $required) == True)
+ {
+ $accounts[] =
intval($dbresult->fields['acl_account']);
+ }
+ }
+ @reset($accounts);
+ return $accounts;
+ }
+
+
+ /*!
+ @function get_location_list_for_id
+ @abstract get location list for id
+ @discussion ?
+ @param $app app
+ @param $required required
+ @param $account_id optional defaults to
$phpgw_info['user']['account_id'];
+ */
+ function get_location_list_for_id($app, $required, $accountid =
'')
+ {
+
+ return array(0=>1);
+ static $cache_accountid;
+
+ if($cache_accountid[$accountid])
+ {
+ $account_id = $cache_accountid[$accountid];
+ }
+ else
+ {
+ $account_id =
$this->get_account_id($accountid,$this->account_id);
+ $cache_accountid[$accountid] = $account_id;
+ }
+ $sql = "select acl_location, acl_rights from phpgw_acl
where acl_appname = '$app' and ";
+ $sql .= "acl_account = ".$account_id;
+ $dbresult = $GLOBALS['phpgw']->db->Execute($sql);
+ $rights = 0;
+ if ($dbresult->_numOfRows == 0 )
+ {
+ return False;
+ }
+ while (!$dbresult->EOF)
+ {
+ if ($dbresult->fields['acl_rights'])
+ {
+ $rights |=
$dbresult->fields['acl_rights'];
+ if (!!($rights & $required) == True)
+ {
+ $locations[] =
$dbresult->fields['acl_location'];
+ }
+ }
+ }
+ return $locations;
+ }
+
+
+ function exists($account_lid)
+ {
+ static $by_id, $by_lid;
+
+ $sql = 'SELECT count(account_id) FROM phpgw_accounts
WHERE ';
+ if(is_integer($account_lid))
+ {
+ if(@isset($by_id[$account_lid]) &&
$by_id[$account_lid] != '')
+ {
+ return $by_id[$account_lid];
+ }
+ $sql .= 'account_id=' . $account_lid;
+ }
+ else
+ {
+ if(@isset($by_lid[$account_lid]) &&
$by_lid[$account_lid] != '')
+ {
+ return $by_lid[$account_lid];
+ }
+ $sql .= "account_lid ='" . $account_lid . "'";
+ }
+
+ $dbresult = $GLOBALS['phpgw']->db->Execute($sql);
+ $ret_val = $dbresult->fields[0] > 0;
+ if(gettype($account_lid) == 'integer')
+ {
+ $by_id[$account_lid] = $ret_val;
+
$by_lid[$GLOBALS['phpgw']->accounts->id2name($account_lid)] = $ret_val;
+ }
+ else
+ {
+ $by_lid[$account_lid] = $ret_val;
+
$by_id[$GLOBALS['phpgw']->accounts->name2id($account_lid)] = $ret_val;
+ }
+ return $ret_val;
+ }
+
+
+
+ function sanitize($string,$type)
+ {
+ switch ($type)
+ {
+ case 'bool':
+ if ($string == 1 || $string == 0)
+ {
+ return True;
+ }
+ break;
+ case 'isprint':
+ $length = strlen($string);
+ $position = 0;
+ while ($length > $position)
+ {
+ $char = substr($string,
$position, 1);
+ if ($char < ' ' || $char > '~')
+ {
+ return False;
+ }
+ $position = $position + 1;
+ }
+ return True;
+ break;
+ case 'alpha':
+ if (preg_match("/^[a-z]+$/i", $string))
+ {
+ return True;
+ }
+ break;
+ case 'number':
+ if (preg_match("/^[0-9]+$/i", $string))
+ {
+ return True;
+ }
+ break;
+ case 'alphanumeric':
+ if (preg_match("/^[a-z0-9 -._]+$/i",
$string))
+ {
+ return True;
+ }
+ break;
+ case 'string':
+ if (preg_match("/^[a-z]+$/i", $string))
+ {
+ return True;
+ }
+ break;
+ case 'ip':
+ if
(eregi("^[0-9]{1,3}(\.[0-9]{1,3}){3}$",$string))
+ {
+ $octets = split('\.',$string);
+ for ($i=0; $i !=
count($octets); $i++)
+ {
+ if ($octets[$i] < 0 ||
$octets[$i] > 255)
+ {
+ return False;
+ }
+ }
+ return True;
+ }
+ return False;
+ break;
+ case 'file':
+ if
(preg_match("/^[a-z0-9_]+\.+[a-z]+$/i", $string))
+ {
+ return True;
+ }
+ break;
+ case 'email':
+ if
(eregi("^([[:alnum:]_%+=.-]+)@([[:alnum:]_.-]+)\.([a-z]{2,3}|[0-9]{1,3})$",$string))
+ {
+ return True;
+ }
+ break;
+ case 'password':
+ $password_length = strlen($string);
+ $password_numbers =
Array('0','1','2','3','4','5','6','7','8','9');
+ $password_special_chars = Array('
','~','`','!','@','#','$','%','^','&','*','(',')','_','+','-','=','{','}','|','[',']',"\\",':','"',';',"'",'<','>','?',',','.','/');
+
+
if(@isset($GLOBALS['phpgw_info']['server']['pass_min_length']) &&
is_int($GLOBALS['phpgw_info']['server']['pass_min_length']) &&
$GLOBALS['phpgw_info']['server']['pass_min_length'] > 1)
+ {
+ $min_length =
$GLOBALS['phpgw_info']['server']['pass_min_length'];
+ }
+ else
+ {
+ $min_length = 1;
+ }
+
+
if(@isset($GLOBALS['phpgw_info']['server']['pass_require_non_alpha']) &&
$GLOBALS['phpgw_info']['server']['pass_require_non_alpha'] == True)
+ {
+ $pass_verify_non_alpha = False;
+ }
+ else
+ {
+ $pass_verify_non_alpha = True;
+ }
+
+
if(@isset($GLOBALS['phpgw_info']['server']['pass_require_numbers']) &&
$GLOBALS['phpgw_info']['server']['pass_require_numbers'] == True)
+ {
+ $pass_verify_num = False;
+ }
+ else
+ {
+ $pass_verify_num = True;
+ }
+
+
if(@isset($GLOBALS['phpgw_info']['server']['pass_require_special_char']) &&
$GLOBALS['phpgw_info']['server']['pass_require_special_char'] == True)
+ {
+ $pass_verify_special_char =
False;
+ }
+ else
+ {
+ $pass_verify_special_char =
True;
+ }
+
+ if ($password_length >= $min_length)
+ {
+ for ($i=0; $i !=
$password_length; $i++)
+ {
+ $cur_test_string =
substr($string, $i, 1);
+ if
(in_array($cur_test_string, $password_numbers) || in_array($cur_test_string,
$password_special_chars))
+ {
+
$pass_verify_non_alpha = True;
+ if
(in_array($cur_test_string, $password_numbers))
+ {
+
$pass_verify_num = True;
+ }
+ elseif
(in_array($cur_test_string, $password_special_chars))
+ {
+
$pass_verify_special_char = True;
+ }
+ }
+ }
+
+ if ($pass_verify_num == False)
+ {
+
$GLOBALS['phpgw_info']['flags']['msgbox_data']['Password requires at least one
non-alpha character']=False;
+ }
+
+ if ($pass_verify_num == False)
+ {
+
$GLOBALS['phpgw_info']['flags']['msgbox_data']['Password requires at least one
numeric character']=False;
+ }
+
+ if ($pass_verify_special_char
== False)
+ {
+
$GLOBALS['phpgw_info']['flags']['msgbox_data']['Password requires at least one
special character (non-letter and non-number)']=False;
+ }
+
+ if ($pass_verify_num == True &&
$pass_verify_special_char == True)
+ {
+ return True;
+ }
+ return False;
+ }
+
$GLOBALS['phpgw_info']['flags']['msgbox_data']['Password must be at least
'.$min_length.' characters']=False;
+ return False;
+ break;
+ case 'any':
+ return True;
+ break;
+ default :
+ if
(isset($GLOBALS['phpgw_info']['server']['sanitize_types'][$type]['type']))
+ {
+ if
($GLOBALS['phpgw_info']['server']['sanitize_types'][$type]['type']($GLOBALS['phpgw_info']['server']['sanitize_types'][$type]['string'],
$string))
+ {
+ return True;
+ }
+ }
+ return False;
+ }
+ }
+
+
function safe_args($expected, $recieved, $line='??', $file='??')
{
+//html_print_r($expected);
+//html_print_r($recieved);
/* This array will contain all the required fields */
$required = Array();
@@ -133,7 +464,7 @@
{
if(isset($recieved[$i]) &&
$recieved[$i] !== '##DEFAULT##')
{
-
if(sanitize($recieved[$i],$expected[$i]['type']))
+
if($this->sanitize($recieved[$i],$expected[$i]['type']))
{
$args[$expected[$i]['name']] = $recieved[$i];
unset($required[$expected[$i]['name']]);
@@ -205,7 +536,7 @@
}
}
-
+/*
function exists($account_lid)
{
static $by_id, $by_lid;
@@ -243,7 +574,7 @@
return $ret_val;
}
-
+*/
function cache_rights()
{
@@ -254,6 +585,7 @@
$expected_args[4] =
Array('name'=>'no_effective','default'=>false, 'type'=>'any');
$recieved_args = func_get_args();
+// html_print_r($recieved_args);
$args = $this->safe_args($expected_args,
$recieved_args,__LINE__,__FILE__);
if(isset($this->rights_cache[$args['app_id']][$args['account_id']][$args['location']]))
@@ -380,6 +712,7 @@
}
}
+//html_print_r($args);
$this->cache_rights($args['location'],$args['app_id'],$args['account_id'],False,$args['no_effective']);
if($args['acl_type']==0)
{
@@ -739,7 +1072,7 @@
{
if ($app=='')
{
- $app = 'property';
//$GLOBALS['phpgw_info']['flags']['currentapp'];
+ $app = 'property';
//$GLOBALS['phpgw_data']['flags']['req_app'];
}
$app_id =
$GLOBALS['phpgw']->applications->data[$app]['id'];
@@ -747,8 +1080,9 @@
$sql = "select grantor,grantor_type, acl_rights from
fm_acl2 where acl_appid = $app_id AND acl_type=0 and acl_location =
'$location' AND grantor is NOT NULL AND"
. " fm_acl2.acl_account in ";
$security = "(". $this->account_id ."";
- $myaccounts = CreateObject('phpgwapi_accounts');
- $my_memberships =
$myaccounts->membership($this->account_id);
+// $myaccounts = CreateObject('phpgwapi_accounts');
+// $my_memberships =
$myaccounts->membership($this->account_id);
+ $my_memberships = $this->membership($this->account_id);
// unset($myaccounts);
@reset($my_memberships);
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Phpgroupware-cvs] property/class.acl2.php, 1.1.1.4,
nomail <=