mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-25 16:19:00 +01:00
cleaned up skeeter app rights via ACL implmentation
This commit is contained in:
parent
a4e979eb0f
commit
36acf4e5c6
@ -93,5 +93,99 @@
|
|||||||
function view($app, $location, $id, $id_type){
|
function view($app, $location, $id, $id_type){
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function view_app_list($location, $required, $id_type = "both", $id = ""){
|
||||||
|
global $phpgw, $phpgw_info;
|
||||||
|
if ($id == ""){ $id = $phpgw_info["user"]["account_id"]; }
|
||||||
|
$sql = "select acl_appname, acl_rights from phpgw_acl where (acl_location in ('$location','everywhere')) and ";
|
||||||
|
if ($id_type == "both" || $id_type == "u"){
|
||||||
|
// User piece
|
||||||
|
$sql .= "((acl_account_type = 'u' and acl_account = ".$phpgw_info["user"]["account_id"].")";
|
||||||
|
}
|
||||||
|
if ($id_type == "g"){
|
||||||
|
$sql .= "(acl_account_type='g' and acl_account in (0"; // group 0 covers all users
|
||||||
|
}elseif ($id_type == "both"){
|
||||||
|
$sql .= " or (acl_account_type='g' and acl_account in (0"; // group 0 covers all users
|
||||||
|
}
|
||||||
|
if ($id_type == "both" || $id_type == "g"){
|
||||||
|
// Group piece
|
||||||
|
$memberships = $phpgw->accounts->read_group_names();
|
||||||
|
if (is_array($memberships) && count($memberships) > 0){
|
||||||
|
for ($idx = 0; $idx < count($memberships); ++$idx){
|
||||||
|
$sql .= ",".$memberships[$idx][0];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if ($id_type == "both"){
|
||||||
|
$sql .= ")))";
|
||||||
|
}elseif ($id_type == "u"){
|
||||||
|
$sql .= ")";
|
||||||
|
}elseif ($id_type == "g"){
|
||||||
|
$sql .= "))";
|
||||||
|
}
|
||||||
|
$this->db->query($sql ,__LINE__,__FILE__);
|
||||||
|
$rights = 0;
|
||||||
|
if ($this->db->num_rows() == 0 ){ return False; }
|
||||||
|
while ($this->db->next_record()) {
|
||||||
|
if ($this->db->f("acl_rights") == 0){ return False; }
|
||||||
|
$rights |= $this->db->f("acl_rights");
|
||||||
|
if (!!($rights & $required) == True){
|
||||||
|
$apps[] = $this->db->f("acl_appname");
|
||||||
|
}else{
|
||||||
|
return False;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return $apps;
|
||||||
|
}
|
||||||
|
|
||||||
|
function view_location_list($app, $required, $id_type = "both", $id = ""){
|
||||||
|
global $phpgw, $phpgw_info;
|
||||||
|
if ($id == ""){$id = $phpgw_info["user"]["account_id"];}
|
||||||
|
$sql = "select acl_location, acl_rights from phpgw_acl where (acl_appname in ('$app','everywhere')) and ";
|
||||||
|
if ($id_type == "both" || $id_type == "u"){
|
||||||
|
// User piece
|
||||||
|
$sql .= "((acl_account_type = 'u' and acl_account = ".$phpgw_info["user"]["account_id"].")";
|
||||||
|
}
|
||||||
|
if ($id_type == "g"){
|
||||||
|
$sql .= "(acl_account_type='g' and acl_account in (0"; // group 0 covers all users
|
||||||
|
}elseif ($id_type == "both"){
|
||||||
|
$sql .= " or (acl_account_type='g' and acl_account in (0"; // group 0 covers all users
|
||||||
|
}
|
||||||
|
if ($id_type == "both" || $id_type == "g"){
|
||||||
|
// Group piece
|
||||||
|
$memberships = $phpgw->accounts->read_group_names();
|
||||||
|
if (is_array($memberships) && count($memberships) > 0){
|
||||||
|
for ($idx = 0; $idx < count($memberships); ++$idx){
|
||||||
|
$sql .= ",".$memberships[$idx][0];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if ($id_type == "both"){
|
||||||
|
$sql .= ")))";
|
||||||
|
}elseif ($id_type == "u"){
|
||||||
|
$sql .= ")";
|
||||||
|
}elseif ($id_type == "g"){
|
||||||
|
$sql .= "))";
|
||||||
|
}
|
||||||
|
$this->db->query($sql ,__LINE__,__FILE__);
|
||||||
|
$rights = 0;
|
||||||
|
if ($this->db->num_rows() == 0 ){ return False; }
|
||||||
|
while ($this->db->next_record()) {
|
||||||
|
if ($this->db->f("acl_location") == 0){ return False; }
|
||||||
|
$rights |= $this->db->f("acl_rights");
|
||||||
|
if (!!($rights & $required) == True){
|
||||||
|
$locations[] = $this->db->f("acl_location");
|
||||||
|
}else{
|
||||||
|
return False;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return $locations;
|
||||||
|
}
|
||||||
|
|
||||||
|
function remove_locations($location, $id_type = "u", $id = ""){
|
||||||
|
global $phpgw, $phpgw_info;
|
||||||
|
if ($id == ""){$id = $phpgw_info["user"]["account_id"];}
|
||||||
|
$sql = "DELETE FROM phpgw_acl WHERE acl_location='".$location."' AND acl_account_type='".$id_type."' AND acl_account='".$id."'";
|
||||||
|
$this->db->query($sql ,__LINE__,__FILE__);
|
||||||
|
}
|
||||||
} //end of acl class
|
} //end of acl class
|
||||||
?>
|
?>
|
||||||
|
@ -139,10 +139,11 @@
|
|||||||
return False;
|
return False;
|
||||||
}
|
}
|
||||||
|
|
||||||
$db2->query("SELECT * FROM phpgw_acl WHERE (acl_location='run' AND acl_account_type='u' AND acl_account=".$account_id.") OR (acl_location='everywhere')",__LINE__,__FILE__);
|
$acl_apps = $phpgw->acl->view_app_list('run', 1, 'u');
|
||||||
if($db2->num_rows()) {
|
if ($acl_apps != False){
|
||||||
while($db2->next_record()) {
|
reset ($acl_apps);
|
||||||
$apps[] = $db2->f("acl_appname");
|
while (list(,$value) = each($acl_apps)){
|
||||||
|
$apps[] = $value;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
$db2->query("select account_permissions from accounts where account_id=$account_id",__LINE__,__FILE__);
|
$db2->query("select account_permissions from accounts where account_id=$account_id",__LINE__,__FILE__);
|
||||||
@ -200,10 +201,11 @@
|
|||||||
|
|
||||||
$db2 = $phpgw->db;
|
$db2 = $phpgw->db;
|
||||||
|
|
||||||
$db2->query("SELECT * FROM phpgw_acl WHERE (acl_location='run' AND acl_account_type='g' AND acl_account=".$group_id.") OR (acl_location='everywhere')",__LINE__,__FILE__);
|
$acl_apps = $phpgw->acl->view_app_list('run', 1, 'g', $group_id);
|
||||||
if($db2->num_rows()) {
|
if ($acl_apps != False){
|
||||||
while($db2->next_record()) {
|
reset ($acl_apps);
|
||||||
$apps[] = $db2->f("acl_appname");
|
while (list(,$value) = each($acl_apps)){
|
||||||
|
$apps[] = $value;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
$db2->query("select group_apps from groups where group_id=".$group_id,__LINE__,__FILE__);
|
$db2->query("select group_apps from groups where group_id=".$group_id,__LINE__,__FILE__);
|
||||||
@ -330,7 +332,7 @@
|
|||||||
if($group_id) {
|
if($group_id) {
|
||||||
$db2 = $phpgw->db;
|
$db2 = $phpgw->db;
|
||||||
$db2->query("UPDATE groups SET group_apps='".$this->group_app_string($group_id)."' WHERE group_id=".$group_id,__LINE__,__FILE__);
|
$db2->query("UPDATE groups SET group_apps='".$this->group_app_string($group_id)."' WHERE group_id=".$group_id,__LINE__,__FILE__);
|
||||||
$db2->query("DELETE FROM phpgw_acl WHERE acl_location='run' AND acl_account_type='g' AND acl_account=".$group_id,__LINE__,__FILE__);
|
$phpgw->acl->remove_locations("run", "g", $group_id);
|
||||||
reset($this->group_apps[$group_id]);
|
reset($this->group_apps[$group_id]);
|
||||||
while($app = each($this->group_apps[$group_id])) {
|
while($app = each($this->group_apps[$group_id])) {
|
||||||
$phpgw->acl->add($app[1],'run',$group_id,'g',1);
|
$phpgw->acl->add($app[1],'run',$group_id,'g',1);
|
||||||
@ -345,7 +347,7 @@
|
|||||||
if($this->account_id) {
|
if($this->account_id) {
|
||||||
$db2 = $phpgw->db;
|
$db2 = $phpgw->db;
|
||||||
$db2->query("UPDATE account SET account_permissions = '".$this->user_app_string()."' WHERE account_id=".$this->account_id,__LINE__,__FILE__);
|
$db2->query("UPDATE account SET account_permissions = '".$this->user_app_string()."' WHERE account_id=".$this->account_id,__LINE__,__FILE__);
|
||||||
$db2->query("DELETE FROM phpgw_acl WHERE acl_location='run' AND acl_account_type='u' AND acl_account=".$this->account_id,__LINE__,__FILE__);
|
$phpgw->acl->remove_locations("run");
|
||||||
reset($this->user_apps);
|
reset($this->user_apps);
|
||||||
while($app = each($this->user_apps)) {
|
while($app = each($this->user_apps)) {
|
||||||
$phpgw->acl->add($app[1],'run',$this->account_id,'u',1);
|
$phpgw->acl->add($app[1],'run',$this->account_id,'u',1);
|
||||||
|
@ -115,6 +115,7 @@
|
|||||||
$this->preferences = CreateObject("phpgwapi.preferences");
|
$this->preferences = CreateObject("phpgwapi.preferences");
|
||||||
$this->applications = CreateObject("phpgwapi.applications");
|
$this->applications = CreateObject("phpgwapi.applications");
|
||||||
$this->session = CreateObject("phpgwapi.sessions");
|
$this->session = CreateObject("phpgwapi.sessions");
|
||||||
|
$this->acl = CreateObject("phpgwapi.acl");
|
||||||
if ($phpgw_info["flags"]["currentapp"] == "login") {
|
if ($phpgw_info["flags"]["currentapp"] == "login") {
|
||||||
$log = explode("@",$login);
|
$log = explode("@",$login);
|
||||||
$this->preferences = CreateObject("phpgwapi.preferences", $log[0]);
|
$this->preferences = CreateObject("phpgwapi.preferences", $log[0]);
|
||||||
@ -131,7 +132,6 @@
|
|||||||
}
|
}
|
||||||
|
|
||||||
$this->translation = CreateObject("phpgwapi.translation");
|
$this->translation = CreateObject("phpgwapi.translation");
|
||||||
$this->acl = CreateObject("phpgwapi.acl");
|
|
||||||
|
|
||||||
$sep = filesystem_separator();
|
$sep = filesystem_separator();
|
||||||
$template_root = $this->common->get_tpl_dir();
|
$template_root = $this->common->get_tpl_dir();
|
||||||
|
Loading…
Reference in New Issue
Block a user