diff --git a/phpgwapi/inc/class.acl.inc.php b/phpgwapi/inc/class.acl.inc.php index 3c144d3451..4943e93e12 100644 --- a/phpgwapi/inc/class.acl.inc.php +++ b/phpgwapi/inc/class.acl.inc.php @@ -93,5 +93,99 @@ function view($app, $location, $id, $id_type){ } + function view_app_list($location, $required, $id_type = "both", $id = ""){ + global $phpgw, $phpgw_info; + if ($id == ""){ $id = $phpgw_info["user"]["account_id"]; } + $sql = "select acl_appname, acl_rights from phpgw_acl where (acl_location in ('$location','everywhere')) and "; + if ($id_type == "both" || $id_type == "u"){ + // User piece + $sql .= "((acl_account_type = 'u' and acl_account = ".$phpgw_info["user"]["account_id"].")"; + } + if ($id_type == "g"){ + $sql .= "(acl_account_type='g' and acl_account in (0"; // group 0 covers all users + }elseif ($id_type == "both"){ + $sql .= " or (acl_account_type='g' and acl_account in (0"; // group 0 covers all users + } + if ($id_type == "both" || $id_type == "g"){ + // Group piece + $memberships = $phpgw->accounts->read_group_names(); + if (is_array($memberships) && count($memberships) > 0){ + for ($idx = 0; $idx < count($memberships); ++$idx){ + $sql .= ",".$memberships[$idx][0]; + } + } + } + if ($id_type == "both"){ + $sql .= ")))"; + }elseif ($id_type == "u"){ + $sql .= ")"; + }elseif ($id_type == "g"){ + $sql .= "))"; + } + $this->db->query($sql ,__LINE__,__FILE__); + $rights = 0; + if ($this->db->num_rows() == 0 ){ return False; } + while ($this->db->next_record()) { + if ($this->db->f("acl_rights") == 0){ return False; } + $rights |= $this->db->f("acl_rights"); + if (!!($rights & $required) == True){ + $apps[] = $this->db->f("acl_appname"); + }else{ + return False; + } + } + return $apps; + } + + function view_location_list($app, $required, $id_type = "both", $id = ""){ + global $phpgw, $phpgw_info; + if ($id == ""){$id = $phpgw_info["user"]["account_id"];} + $sql = "select acl_location, acl_rights from phpgw_acl where (acl_appname in ('$app','everywhere')) and "; + if ($id_type == "both" || $id_type == "u"){ + // User piece + $sql .= "((acl_account_type = 'u' and acl_account = ".$phpgw_info["user"]["account_id"].")"; + } + if ($id_type == "g"){ + $sql .= "(acl_account_type='g' and acl_account in (0"; // group 0 covers all users + }elseif ($id_type == "both"){ + $sql .= " or (acl_account_type='g' and acl_account in (0"; // group 0 covers all users + } + if ($id_type == "both" || $id_type == "g"){ + // Group piece + $memberships = $phpgw->accounts->read_group_names(); + if (is_array($memberships) && count($memberships) > 0){ + for ($idx = 0; $idx < count($memberships); ++$idx){ + $sql .= ",".$memberships[$idx][0]; + } + } + } + if ($id_type == "both"){ + $sql .= ")))"; + }elseif ($id_type == "u"){ + $sql .= ")"; + }elseif ($id_type == "g"){ + $sql .= "))"; + } + $this->db->query($sql ,__LINE__,__FILE__); + $rights = 0; + if ($this->db->num_rows() == 0 ){ return False; } + while ($this->db->next_record()) { + if ($this->db->f("acl_location") == 0){ return False; } + $rights |= $this->db->f("acl_rights"); + if (!!($rights & $required) == True){ + $locations[] = $this->db->f("acl_location"); + }else{ + return False; + } + } + return $locations; + } + + function remove_locations($location, $id_type = "u", $id = ""){ + global $phpgw, $phpgw_info; + if ($id == ""){$id = $phpgw_info["user"]["account_id"];} + $sql = "DELETE FROM phpgw_acl WHERE acl_location='".$location."' AND acl_account_type='".$id_type."' AND acl_account='".$id."'"; + $this->db->query($sql ,__LINE__,__FILE__); + } } //end of acl class ?> diff --git a/phpgwapi/inc/class.applications.inc.php b/phpgwapi/inc/class.applications.inc.php index 8a60befab4..98edd4b21b 100755 --- a/phpgwapi/inc/class.applications.inc.php +++ b/phpgwapi/inc/class.applications.inc.php @@ -139,10 +139,11 @@ return False; } - $db2->query("SELECT * FROM phpgw_acl WHERE (acl_location='run' AND acl_account_type='u' AND acl_account=".$account_id.") OR (acl_location='everywhere')",__LINE__,__FILE__); - if($db2->num_rows()) { - while($db2->next_record()) { - $apps[] = $db2->f("acl_appname"); + $acl_apps = $phpgw->acl->view_app_list('run', 1, 'u'); + if ($acl_apps != False){ + reset ($acl_apps); + while (list(,$value) = each($acl_apps)){ + $apps[] = $value; } } else { $db2->query("select account_permissions from accounts where account_id=$account_id",__LINE__,__FILE__); @@ -200,10 +201,11 @@ $db2 = $phpgw->db; - $db2->query("SELECT * FROM phpgw_acl WHERE (acl_location='run' AND acl_account_type='g' AND acl_account=".$group_id.") OR (acl_location='everywhere')",__LINE__,__FILE__); - if($db2->num_rows()) { - while($db2->next_record()) { - $apps[] = $db2->f("acl_appname"); + $acl_apps = $phpgw->acl->view_app_list('run', 1, 'g', $group_id); + if ($acl_apps != False){ + reset ($acl_apps); + while (list(,$value) = each($acl_apps)){ + $apps[] = $value; } } else { $db2->query("select group_apps from groups where group_id=".$group_id,__LINE__,__FILE__); @@ -330,7 +332,7 @@ if($group_id) { $db2 = $phpgw->db; $db2->query("UPDATE groups SET group_apps='".$this->group_app_string($group_id)."' WHERE group_id=".$group_id,__LINE__,__FILE__); - $db2->query("DELETE FROM phpgw_acl WHERE acl_location='run' AND acl_account_type='g' AND acl_account=".$group_id,__LINE__,__FILE__); + $phpgw->acl->remove_locations("run", "g", $group_id); reset($this->group_apps[$group_id]); while($app = each($this->group_apps[$group_id])) { $phpgw->acl->add($app[1],'run',$group_id,'g',1); @@ -345,7 +347,7 @@ if($this->account_id) { $db2 = $phpgw->db; $db2->query("UPDATE account SET account_permissions = '".$this->user_app_string()."' WHERE account_id=".$this->account_id,__LINE__,__FILE__); - $db2->query("DELETE FROM phpgw_acl WHERE acl_location='run' AND acl_account_type='u' AND acl_account=".$this->account_id,__LINE__,__FILE__); + $phpgw->acl->remove_locations("run"); reset($this->user_apps); while($app = each($this->user_apps)) { $phpgw->acl->add($app[1],'run',$this->account_id,'u',1); diff --git a/phpgwapi/inc/class.phpgw.inc.php b/phpgwapi/inc/class.phpgw.inc.php index 0eca99be96..dd29569653 100644 --- a/phpgwapi/inc/class.phpgw.inc.php +++ b/phpgwapi/inc/class.phpgw.inc.php @@ -115,6 +115,7 @@ $this->preferences = CreateObject("phpgwapi.preferences"); $this->applications = CreateObject("phpgwapi.applications"); $this->session = CreateObject("phpgwapi.sessions"); + $this->acl = CreateObject("phpgwapi.acl"); if ($phpgw_info["flags"]["currentapp"] == "login") { $log = explode("@",$login); $this->preferences = CreateObject("phpgwapi.preferences", $log[0]); @@ -131,7 +132,6 @@ } $this->translation = CreateObject("phpgwapi.translation"); - $this->acl = CreateObject("phpgwapi.acl"); $sep = filesystem_separator(); $template_root = $this->common->get_tpl_dir();