[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-cvs] phpgwapi/inc class.acl.inc.php
|
From: |
Dave Hall |
|
Subject: |
[Phpgroupware-cvs] phpgwapi/inc class.acl.inc.php |
|
Date: |
Wed, 19 Apr 2006 09:16:19 +0000 |
CVSROOT: /cvsroot/phpgwapi
Module name: phpgwapi
Branch:
Changes by: Dave Hall <address@hidden> 06/04/19 09:16:19
Modified files:
inc : class.acl.inc.php
Log message:
cleanup and added add/edit location support
CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/phpgwapi/phpgwapi/inc/class.acl.inc.php.diff?tr1=1.74&tr2=1.75&r1=text&r2=text
Patches:
Index: phpgwapi/inc/class.acl.inc.php
diff -u phpgwapi/inc/class.acl.inc.php:1.74 phpgwapi/inc/class.acl.inc.php:1.75
--- phpgwapi/inc/class.acl.inc.php:1.74 Sat Apr 15 12:14:10 2006
+++ phpgwapi/inc/class.acl.inc.php Wed Apr 19 09:16:19 2006
@@ -6,7 +6,7 @@
* @license http://www.gnu.org/licenses/lgpl.html GNU Lesser General
Public License
* @package phpgwapi
* @subpackage accounts
- * @version $Id: class.acl.inc.php,v 1.74 2006/04/15 12:14:10 sigurdne
Exp $
+ * @version $Id: class.acl.inc.php,v 1.75 2006/04/19 09:16:19 skwashd
Exp $
*/
/**
@@ -54,24 +54,11 @@
*/
function acl($account_id = '')
{
- // $this->db = $GLOBALS['phpgw']->db;
- $this->db = CreateObject('phpgwapi.db');
- $this->db->Host =
$GLOBALS['phpgw_info']['server']['db_host'];
- $this->db->Type =
$GLOBALS['phpgw_info']['server']['db_type'];
- $this->db->Database =
$GLOBALS['phpgw_info']['server']['db_name'];
- $this->db->User =
$GLOBALS['phpgw_info']['server']['db_user'];
- $this->db->Password =
$GLOBALS['phpgw_info']['server']['db_pass'];
+ $this->db =& $GLOBALS['phpgw']->db;
$this->like = $this->db->like;
$this->join = $this->db->join;
- $this->db2 = CreateObject('phpgwapi.db');
- $this->db2->Host =
$GLOBALS['phpgw_info']['server']['db_host'];
- $this->db2->Type =
$GLOBALS['phpgw_info']['server']['db_type'];
- $this->db2->Database =
$GLOBALS['phpgw_info']['server']['db_name'];
- $this->db2->User =
$GLOBALS['phpgw_info']['server']['db_user'];
- $this->db2->Password =
$GLOBALS['phpgw_info']['server']['db_pass'];
-
if (!($this->account_id = intval($account_id)))
{
$this->account_id =
get_account_id($account_id,@$GLOBALS['phpgw_info']['user']['account_id']);
@@ -153,9 +140,9 @@
if($account_type == 'groups' || $account_type == 'both')
{
$groups =
$this->get_location_list_for_id('phpgw_group', 1, $this->account_id);
- while($groups && (list($key,$value) = each($groups)))
- {
- $account_list[] = $value;
+ while($groups && (list($key,$value) =
each($groups)))
+ {
+ $account_list[] = $value;
}
}
@@ -169,7 +156,7 @@
$sql .= $account_list . '))';
$this->db->query($sql ,__LINE__,__FILE__);
$count = $this->db->num_rows();
- $this->data = Array();
+ $this->data = array();
for ($idx = 0; $idx < $count; ++$idx)
{
//reset ($this->data);
@@ -223,6 +210,49 @@
reset($this->data);
return $this->data;
}
+
+ /**
+ * Add an ACL location
+ *
+ * @param string $location the name of the location
+ * @param string $description the description of the location -
seen by users
+ * @param string $appname the name of the application for the
location
+ * @return bool was the location added?
+ */
+ function add_location($location, $descr, $appname = '',
$allow_grant = true, $custom_tbl = '')
+ {
+ if ( $appname === '' )
+ {
+ $appname =
$GLOBALS['phpgw']['flags']['currentapp'];
+ }
+
+ $location = $this->db->db_addslashes($location);
+ $descr = $this->db->db_addslashes($descr);
+ $appname = $this->db->db_addslashes($appname);
+ $allow_grant = (int) $allow_grant;
+
+ $this->db->query('SELECT COUNT(id) AS cnt_id FROM
phpgw_acl_location'
+ . " WHERE appname = '{$appname}' AND id
= '{$location}'",
+ __LINE__, __FILE__);
+ if ( $this->db->next_record() &&
(int)$this->db->next_record() > 0 )
+ {
+ return false; //already exists - so bail out
+ }
+ if ( $custom_tbl === '' )
+ {
+ $sql = 'INSERT INTO phpgw_acl_location
(appname, id, descr, allow_grant)'
+ . " VALUES ('{$appname}',
'{$location}', '{$descr}', {$allow_grant})";
+ }
+ else
+ {
+ $custom_tbl =
$this->db->db_addslashes($custom_tbl);
+ $sql = 'INSERT INTO phpgw_acl_location
(appname, id, descr, allow_grant, allow_c_attrib, c_attrib_table)'
+ . " VALUES ('{$appname}',
'{$location}', '{$descr}', {$allow_grant}, 1, '{$custom_tbl}')";
+ }
+ $this->db->query($sql, __LINE__, __FILE__);
+
+ return true;//bad but lets assume it works :)
+ }
/**
* Delete ACL records
@@ -261,7 +291,7 @@
{
$this->db->transaction_begin();
- $sql = 'delete from phpgw_acl where acl_account = '.
intval($this->account_id);
+ $sql = 'DELETE FROM phpgw_acl WHERE acl_account = '.
(int) $this->account_id;
$this->db->query($sql ,__LINE__,__FILE__);
reset ($this->data);
@@ -600,6 +630,7 @@
{
$this->delete_repository($app, $location, $account_id);
+ $inherit_location = array();
$inherit_location[] = $location; // in case the
location is not found in the location table
$sql = "SELECT id as location FROM phpgw_acl_location
WHERE id $this->like '".$location."%' AND appname='" . $app . "' AND id != '"
.$location . "'";
@@ -608,14 +639,14 @@
{
$inherit_location[] = $this->db->f('location');
}
-
+
foreach($inherit_location as $acl_location)
{
$sql = 'insert into phpgw_acl (acl_appname,
acl_location, acl_account, acl_rights,acl_grantor,acl_type)';
$sql .= " values ('" . $app . "','" .
$acl_location . "','" . $account_id . "','" . intval($rights) . "', NULL ,'0')";
$this->db->query($sql ,__LINE__,__FILE__);
}
- return True;
+ return true;
}
/**
@@ -672,22 +703,23 @@
$cache_accountid[$accountid] = $account_id;
}
$sql = 'SELECT acl_appname, acl_rights from phpgw_acl
';
- $sql .= "where acl_location = '" .
$this->db->db_addslashes($location) . "' ";
+ $sql .= "WHERE acl_location = '" .
$this->db->db_addslashes($location) . "' ";
$sql .= 'AND acl_account = ' . intval($account_id);
+ die("acl::get_app_list_for_id $sql == {$sql}");
$this->db->query($sql ,__LINE__,__FILE__);
$rights = 0;
if ($this->db->num_rows() == 0 )
{
- return False;
+ return false;
}
while ($this->db->next_record())
{
if ($this->db->f('acl_rights') == 0)
{
- return False;
+ return false;
}
$rights |= $this->db->f('acl_rights');
- if (!!($rights & $required) == True)
+ if (!!($rights & $required) == true)
{
$apps[] = $this->db->f('acl_appname');
}
@@ -719,19 +751,19 @@
$sql = 'SELECT acl_location, acl_rights ';
$sql .= "FROM phpgw_acl where acl_appname = '" .
$this->db->db_addslashes($app) . "' ";
$sql .= 'AND acl_account =' . intval($account_id);
-
$this->db->query($sql ,__LINE__,__FILE__);
+
$rights = 0;
if ($this->db->num_rows() == 0 )
{
- return False;
+ return false;
}
while ($this->db->next_record())
{
if ($this->db->f('acl_rights'))
{
$rights |= $this->db->f('acl_rights');
- if (!!($rights & $required) == True)
+ if ( !!($rights & $required) )
{
$locations[] =
$this->db->f('acl_location');
}
@@ -795,37 +827,35 @@
$cache_accountid[$accountid] = $account_id;
}
-
- // $db2 = $this->db;
$memberships =
$GLOBALS['phpgw']->accounts->membership($account_id);
$sql = "select acl_appname, acl_rights from phpgw_acl
where acl_location = 'run' and "
. 'acl_account in ';
- $security = '('.$account_id;
+ $sql .= '('.$account_id;
while($groups = @each($memberships))
{
$group = each($groups);
- $security .= ','.$group[1]['account_id'];
+ $sql .= ','.$group[1]['account_id'];
}
- $security .= ')';
- $this->db2->query($sql . $security ,__LINE__,__FILE__);
+ $sql .= ')';
+ $this->db->query($sql, __LINE__, __FILE__);
- if ($this->db2->num_rows() == 0)
+ if ($this->db->num_rows() == 0)
{
- return False;
+ return false;
}
- while ($this->db2->next_record())
+ while ($this->db->next_record())
{
- if(isset($apps[$this->db2->f('acl_appname')]))
+ if(isset($apps[$this->db->f('acl_appname')]))
{
- $rights =
$apps[$this->db2->f('acl_appname')];
+ $rights =
$apps[$this->db->f('acl_appname')];
}
else
{
$rights = 0;
- $apps[$this->db2->f('acl_appname')] = 0;
+ $apps[$this->db->f('acl_appname')] = 0;
}
- $rights |= $this->db2->f('acl_rights');
- $apps[$this->db2->f('acl_appname')] |= $rights;
+ $rights |= $this->db->f('acl_rights');
+ $apps[$this->db->f('acl_appname')] |= $rights;
}
return $apps;
}
@@ -883,18 +913,18 @@
$security .= ",'" . $group['account_id'] . "'";
}
$security .= ')';
- $this->db2->query($sql . $security ,__LINE__,__FILE__);
+ $this->db->query($sql . $security ,__LINE__,__FILE__);
$rights = 0;
$accounts = Array();
- if ($this->db2->num_rows() == 0 && $type==0)
+ if ($this->db->num_rows() == 0 && $type==0)
{
$grants[$GLOBALS['phpgw_info']['user']['account_id']] = 31;
return $grants;
}
- while ($this->db2->next_record())
+ while ($this->db->next_record())
{
- $grantor = $this->db2->f('acl_grantor');
- $rights = $this->db2->f('acl_rights');
+ $grantor = $this->db->f('acl_grantor');
+ $rights = $this->db->f('acl_rights');
if(!isset($accounts[$grantor]))
// cache the group-members for performance
{
@@ -903,8 +933,8 @@
if(!$members)
{
- $accounts[$grantor] =
Array($grantor);
- $is_group[$grantor] = False;
+ $accounts[$grantor] =
array($grantor);
+ $is_group[$grantor] = false;
}
else
{
@@ -947,6 +977,31 @@
return $grants;
}
+
+ /**
+ * Update the description of a location
+ *
+ * @param string $location the name of the location
+ * @param string $description the description of the location -
seen by users
+ * @param string $appname the name of the application for the
location
+ */
+ function update_location_description($location, $description,
$appname = '')
+ {
+ if ( $appname === '' )
+ {
+ $appname =
$GLOBALS['phpgw']['flags']['currentapp'];
+ }
+
+ $location = $this->db->db_addslashes($location);
+ $description = $this->db->db_addslashes($description);
+ $appname = $this->db->db_addslashes($appname);
+
+ $this->db->query('UPDATE phpgw_acl_location'
+ . " SET descr = '{$description}'"
+ . " WHERE appname = '{$appname}' AND id
= '{$location}'",
+ __LINE__, __FILE__);
+ return true;
+ }
function verify_location($apps_with_acl)
{