extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-08 09:04:53 +01:00
Code Issues Packages Projects Releases Wiki Activity

Formatting

Browse Source
This commit is contained in:
Miles Lott 2001-05-02 12:28:10 +00:00
parent 90d97f0881
commit 637b1c04b5
1 changed files with 400 additions and 350 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

750
phpgwapi/inc/class.acl.inc.php
View File

@ -22,7 +22,7 @@
\**************************************************************************/ \**************************************************************************/
/* $Id$ */ /* $Id$ */
/*! /*!
@class acl @class acl
@abstract Acces Control List Security System @abstract Acces Control List Security System
@ -34,15 +34,15 @@
Syntax: CreateObject('phpgwapi.acl',int account_id); <br> Syntax: CreateObject('phpgwapi.acl',int account_id); <br>
Example1: $acl = CreateObject('phpgwapi.acl',5); // 5 is the user id Example1: $acl = CreateObject('phpgwapi.acl',5); // 5 is the user id
*/ */
class acl class acl
{ /*! @var $account_id */ { /*! @var $account_id */
var $account_id; var $account_id;
/*! @var $account_type */ /*! @var $account_type */
var $account_type; var $account_type;
/*! @var $data */ /*! @var $data */
var $data = Array(); var $data = Array();
/*! @var $db */ /*! @var $db */
var $db; var $db;
/*! /*!
@function acl @function acl
@ -54,19 +54,19 @@
Example1: acl->acl(5); // 5 is the user id <br> Example1: acl->acl(5); // 5 is the user id <br>
@param account_id int-the user id @param account_id int-the user id
*/ */
function acl($account_id = '') function acl($account_id = '')
{
global $phpgw, $phpgw_info;
$this->db = $phpgw->db;
if($account_id != '')
{ {
$this->account_id = get_account_id($account_id,$phpgw_info['user']['account_id']); global $phpgw, $phpgw_info;
$this->db = $phpgw->db;
if($account_id != '')
{
$this->account_id = get_account_id($account_id,$phpgw_info['user']['account_id']);
}
} }
}
/**************************************************************************\ /**************************************************************************\
* These are the standard $this->account_id specific functions * * These are the standard $this->account_id specific functions *
\**************************************************************************/ \**************************************************************************/
/*! /*!
@function read_repository @function read_repository
@ -77,33 +77,35 @@
Example1: acl->read_repository(); <br> Example1: acl->read_repository(); <br>
Should only be called within this class Should only be called within this class
*/ */
function read_repository() function read_repository()
{ {
global $phpgw, $phpgw_info; global $phpgw, $phpgw_info;
$sql = 'select * from phpgw_acl where (acl_account in ('.$this->account_id.', 0'; $sql = 'select * from phpgw_acl where (acl_account in ('.$this->account_id.', 0';
// $equalto = $phpgw->accounts->security_equals($this->account_id); // $equalto = $phpgw->accounts->security_equals($this->account_id);
// if (is_array($equalto) && count($equalto) > 0){ // if (is_array($equalto) && count($equalto) > 0){
// for ($idx = 0; $idx < count($equalto); ++$idx){ // for ($idx = 0; $idx < count($equalto); ++$idx){
// $sql .= ",".$equalto[$idx][0]; // $sql .= ",".$equalto[$idx][0];
// } // }
// } // }
$sql .= '))'; $sql .= '))';
$this->db->query($sql ,__LINE__,__FILE__); $this->db->query($sql ,__LINE__,__FILE__);
$count = $this->db->num_rows(); $count = $this->db->num_rows();
$this->data = Array(); $this->data = Array();
for ($idx = 0; $idx < $count; ++$idx){ for ($idx = 0; $idx < $count; ++$idx)
//reset ($this->data); {
//while(list($idx,$value) = each($this->data)){ //reset ($this->data);
$this->db->next_record(); //while(list($idx,$value) = each($this->data)){
$this->data[] = array('appname' => $this->db->f('acl_appname'), $this->db->next_record();
'location' => $this->db->f('acl_location'), $this->data[] = array(
'account' => $this->db->f('acl_account'), 'appname' => $this->db->f('acl_appname'),
'rights' => $this->db->f('acl_rights') 'location' => $this->db->f('acl_location'),
); 'account' => $this->db->f('acl_account'),
} 'rights' => $this->db->f('acl_rights')
reset ($this->data); );
return $this->data; }
} reset ($this->data);
return $this->data;
}
/*! /*!
@function read @function read
@ -113,12 +115,12 @@
Syntax: array read() <br> Syntax: array read() <br>
Example1: acl->read(); <br> Example1: acl->read(); <br>
*/ */
function read() function read()
{ {
if (count($this->data) == 0){ $this->read_repository(); } if (count($this->data) == 0){ $this->read_repository(); }
reset ($this->data); reset ($this->data);
return $this->data; return $this->data;
} }
/*! /*!
@function add @function add
@ -130,40 +132,44 @@
@param $location location @param $location location
@param $rights rights @param $rights rights
*/ */
function add($appname = False, $location, $rights) function add($appname = False, $location, $rights)
{ {
if ($appname == False){ if ($appname == False)
$appname = $phpgw_info['flags']['currentapp']; {
} $appname = $phpgw_info['flags']['currentapp'];
$this->data[] = array('appname' => $appname, 'location' => $location, 'account' => $this->account_id, 'rights' => $rights); }
reset($this->data); $this->data[] = array('appname' => $appname, 'location' => $location, 'account' => $this->account_id, 'rights' => $rights);
return $this->data; reset($this->data);
} return $this->data;
}
/*!
@function delete /*!
@abstract Delete ACL record @function delete
@discussion @abstract Delete ACL record
Syntax <br> @discussion
Example: <br> Syntax <br>
@param $appname optional defaults to $phpgw_info['flags']['currentapp'] Example: <br>
@param $location app location @param $appname optional defaults to $phpgw_info['flags']['currentapp']
*/ @param $location app location
function delete($appname = False, $location) */
{ function delete($appname = False, $location)
if ($appname == False){ {
$appname = $phpgw_info['flags']['currentapp']; if ($appname == False)
} {
$count = count($this->data); $appname = $phpgw_info['flags']['currentapp'];
reset ($this->data); }
while(list($idx,$value) = each($this->data)){ $count = count($this->data);
if ($this->data[$idx]['appname'] == $appname && $this->data[$idx]['location'] == $location && $this->data[$idx]['account'] == $this->account_id){ reset ($this->data);
$this->data[$idx] = Array(); while(list($idx,$value) = each($this->data))
} {
} if ($this->data[$idx]['appname'] == $appname && $this->data[$idx]['location'] == $location && $this->data[$idx]['account'] == $this->account_id)
reset($this->data); {
return $this->data; $this->data[$idx] = Array();
} }
}
reset($this->data);
return $this->data;
}
/*! /*!
@function save_repostiory @function save_repostiory
@ -173,29 +179,34 @@
example: acl->save_repository() example: acl->save_repository()
*/ */
function save_repository(){ function save_repository()
global $phpgw, $phpgw_info; {
reset($this->data); global $phpgw, $phpgw_info;
reset($this->data);
$sql = 'delete from phpgw_acl where acl_account = '.$this->account_id; $sql = 'delete from phpgw_acl where acl_account = '.$this->account_id;
$this->db->query($sql ,__LINE__,__FILE__); $this->db->query($sql ,__LINE__,__FILE__);
$count = count($this->data); $count = count($this->data);
reset ($this->data); reset ($this->data);
while(list($idx,$value) = each($this->data)){ while(list($idx,$value) = each($this->data))
if ($this->data[$idx]['account'] == $this->account_id){ {
$sql = 'insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights)'; if ($this->data[$idx]['account'] == $this->account_id)
$sql .= " values('".$this->data[$idx]['appname']."', '".$this->data[$idx]['location']."', ".$this->account_id.', '.$this->data[$idx]['rights'].')'; {
$this->db->query($sql ,__LINE__,__FILE__); $sql = 'insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights)';
} $sql .= " values('".$this->data[$idx]['appname']."', '"
} . $this->data[$idx]['location']."', ".$this->account_id.', '.$this->data[$idx]['rights'].')';
reset($this->data); $this->db->query($sql ,__LINE__,__FILE__);
return $this->data; }
} }
reset($this->data);
return $this->data;
}
/**************************************************************************\
* These are the non-standard $this->account_id specific functions *
\**************************************************************************/
/**************************************************************************\
* These are the non-standard $this->account_id specific functions *
\**************************************************************************/
/*! /*!
@function get_rights @function get_rights
@abstract get rights from the repository not specific to this->account_id (?) @abstract get rights from the repository not specific to this->account_id (?)
@ -203,28 +214,33 @@
@param $location app location to get rights from @param $location app location to get rights from
@param $appname optional defaults to $phpgw_info['flags']['currentapp']; @param $appname optional defaults to $phpgw_info['flags']['currentapp'];
*/ */
function get_rights($location,$appname = False){ function get_rights($location,$appname = False)
global $phpgw, $phpgw_info; {
if (count($this->data) == 0){ $this->read_repository(); } global $phpgw, $phpgw_info;
reset ($this->data); if (count($this->data) == 0){ $this->read_repository(); }
if ($appname == False){ reset ($this->data);
$appname = $phpgw_info['flags']['currentapp']; if ($appname == False)
} {
$count = count($this->data); $appname = $phpgw_info['flags']['currentapp'];
if ($count == 0 && $phpgw_info['server']['acl_default'] != 'deny'){ return True; } }
$rights = 0; $count = count($this->data);
// for ($idx = 0; $idx < $count; ++$idx){ if ($count == 0 && $phpgw_info['server']['acl_default'] != 'deny'){ return True; }
reset ($this->data); $rights = 0;
while(list($idx,$value) = each($this->data)){ //for ($idx = 0; $idx < $count; ++$idx){
if ($this->data[$idx]['appname'] == $appname) { reset ($this->data);
if ($this->data[$idx]['location'] == $location || $this->data[$idx]['location'] == 'everywhere'){ while(list($idx,$value) = each($this->data))
if ($this->data[$idx]['rights'] == 0){ return False; } {
$rights |= $this->data[$idx]['rights']; if ($this->data[$idx]['appname'] == $appname)
} {
} if ($this->data[$idx]['location'] == $location || $this->data[$idx]['location'] == 'everywhere')
} {
return $rights; if ($this->data[$idx]['rights'] == 0){ return False; }
} $rights |= $this->data[$idx]['rights'];
}
}
}
return $rights;
}
/*! /*!
@function check @function check
@abstract check required rights (not specific to this->account_id?) @abstract check required rights (not specific to this->account_id?)
@ -232,11 +248,12 @@
@param $required required right to check against @param $required required right to check against
@param $appname optional defaults to currentapp @param $appname optional defaults to currentapp
*/ */
function check($location, $required, $appname = False){ function check($location, $required, $appname = False)
global $phpgw, $phpgw_info; {
$rights = $this->get_rights($location,$appname); global $phpgw, $phpgw_info;
return !!($rights & $required); $rights = $this->get_rights($location,$appname);
} return !!($rights & $required);
}
/*! /*!
@function get_specific_rights @function get_specific_rights
@abstract get specific rights for this->account_id for an app location @abstract get specific rights for this->account_id for an app location
@ -244,28 +261,33 @@
@param $appname optional defaults to currentapp @param $appname optional defaults to currentapp
@result $rights ? @result $rights ?
*/ */
function get_specific_rights($location, $appname = False){ function get_specific_rights($location, $appname = False)
global $phpgw, $phpgw_info; {
global $phpgw, $phpgw_info;
if ($appname == False){ if ($appname == False)
$appname = $phpgw_info['flags']['currentapp']; {
} $appname = $phpgw_info['flags']['currentapp'];
}
$count = count($this->data); $count = count($this->data);
if ($count == 0 && $phpgw_info['server']['acl_default'] != 'deny'){ return True; } if ($count == 0 && $phpgw_info['server']['acl_default'] != 'deny'){ return True; }
$rights = 0; $rights = 0;
reset ($this->data); reset ($this->data);
while(list($idx,$value) = each($this->data)){ while(list($idx,$value) = each($this->data))
if ($this->data[$idx]['appname'] == $appname && {
($this->data[$idx]['location'] == $location || $this->data[$idx]['location'] == 'everywhere') && if ($this->data[$idx]['appname'] == $appname &&
$this->data[$idx]['account'] == $this->account_id) { ($this->data[$idx]['location'] == $location ||
if ($this->data[$idx]['rights'] == 0){ return False; } $this->data[$idx]['location'] == 'everywhere') &&
$rights |= $this->data[$idx]['rights']; $this->data[$idx]['account'] == $this->account_id)
} {
} if ($this->data[$idx]['rights'] == 0){ return False; }
return $rights; $rights |= $this->data[$idx]['rights'];
} }
}
return $rights;
}
/*! /*!
@function check_specific @function check_specific
@abstract check specific @abstract check specific
@ -274,77 +296,92 @@
@param $appname optional defaults to currentapp @param $appname optional defaults to currentapp
@result boolean @result boolean
*/ */
function check_specific($location, $required, $appname = False){ function check_specific($location, $required, $appname = False)
$rights = $this->get_specific_rights($location,$appname); {
return !!($rights & $required); $rights = $this->get_specific_rights($location,$appname);
} return !!($rights & $required);
}
/*! /*!
@function get_location_list @function get_location_list
@abstract ? @abstract ?
@param $app appname @param $app appname
@param $required ? @param $required ?
*/ */
function get_location_list($app, $required){ function get_location_list($app, $required)
global $phpgw, $phpgw_info; {
// User piece global $phpgw, $phpgw_info;
$sql = "select acl_location, acl_rights from phpgw_acl where acl_appname = '$app' "; // User piece
$sql .= " and (acl_account in ('".$this->account_id."', 0"; // group 0 covers all users $sql = "select acl_location, acl_rights from phpgw_acl where acl_appname = '$app' ";
$equalto = $phpgw->accounts->security_equals($this->account_id); $sql .= " and (acl_account in ('".$this->account_id."', 0"; // group 0 covers all users
if (is_array($equalto) && count($equalto) > 0){ $equalto = $phpgw->accounts->security_equals($this->account_id);
for ($idx = 0; $idx < count($equalto); ++$idx){ if (is_array($equalto) && count($equalto) > 0)
$sql .= ','.$equalto[$idx][0]; {
} for ($idx = 0; $idx < count($equalto); ++$idx)
} {
$sql .= ')))'; $sql .= ','.$equalto[$idx][0];
}
}
$sql .= ')))';
$this->db->query($sql ,__LINE__,__FILE__); $this->db->query($sql ,__LINE__,__FILE__);
$rights = 0; $rights = 0;
if ($this->db->num_rows() == 0 ){ return False; } if ($this->db->num_rows() == 0 ){ return False; }
while ($this->db->next_record()) { while ($this->db->next_record())
if ($this->db->f('acl_rights') == 0){ return False; } {
$rights |= $this->db->f('acl_rights'); if ($this->db->f('acl_rights') == 0){ return False; }
if (!!($rights & $required) == True){ $rights |= $this->db->f('acl_rights');
$locations[] = $this->db->f('acl_location'); if (!!($rights & $required) == True)
}else{ {
return False; $locations[] = $this->db->f('acl_location');
} }
} else
return $locations; {
} return False;
}
}
return $locations;
}
/* /*
This is kinda how the function SHOULD work, so that it doesnt need to do its own sql query. This is kinda how the function SHOULD work, so that it doesnt need to do its own sql query.
It should use the values in the $this->data It should use the values in the $this->data
function get_location_list($app, $required){ function get_location_list($app, $required)
global $phpgw, $phpgw_info; {
if ($appname == False){ global $phpgw, $phpgw_info;
$appname = $phpgw_info['flags']['currentapp']; if ($appname == False)
} {
$appname = $phpgw_info['flags']['currentapp'];
}
$count = count($this->data); $count = count($this->data);
if ($count == 0 && $phpgw_info['server']['acl_default'] != 'deny'){ return True; } if ($count == 0 && $phpgw_info['server']['acl_default'] != 'deny'){ return True; }
$rights = 0; $rights = 0;
reset ($this->data); reset ($this->data);
while(list($idx,$value) = each($this->data)){ while(list($idx,$value) = each($this->data))
if ($this->data[$idx]['appname'] == $appname && $this->data[$idx]['rights'] != 0){ {
$location_rights[$this->data[$idx]['location']] |= $this->data[$idx]['rights']; if ($this->data[$idx]['appname'] == $appname && $this->data[$idx]['rights'] != 0)
} {
} $location_rights[$this->data[$idx]['location']] |= $this->data[$idx]['rights'];
reset($location_rights); }
for ($idx = 0; $idx < count($location_rights); ++$idx){ }
if (!!($location_rights[$idx] & $required) == True){ reset($location_rights);
$location_rights[] = $this->data[$idx]['location']; for ($idx = 0; $idx < count($location_rights); ++$idx)
} {
} if (!!($location_rights[$idx] & $required) == True)
return $locations; {
} $location_rights[] = $this->data[$idx]['location'];
}
}
return $locations;
}
*/ */
/**************************************************************************\ /**************************************************************************\
* These are the generic functions. Not specific to $this->account_id * * These are the generic functions. Not specific to $this->account_id *
\**************************************************************************/ \**************************************************************************/
/*! /*!
@function add_repository @function add_repository
@abstract add repository information for an app @abstract add repository information for an app
@ -353,14 +390,14 @@ It should use the values in the $this->data
@param $account_id account id @param $account_id account id
@param $rights rights @param $rights rights
*/ */
function add_repository($app, $location, $account_id, $rights) function add_repository($app, $location, $account_id, $rights)
{ {
$this->delete_repository($app, $location, $account_id); $this->delete_repository($app, $location, $account_id);
$sql = 'insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights)'; $sql = 'insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights)';
$sql .= " values ('" . $app . "','" . $location . "','" . $account_id . "','" . $rights . "')"; $sql .= " values ('" . $app . "','" . $location . "','" . $account_id . "','" . $rights . "')";
$this->db->query($sql ,__LINE__,__FILE__); $this->db->query($sql ,__LINE__,__FILE__);
return True; return True;
} }
/*! /*!
@function delete_repository @function delete_repository
@ -369,14 +406,15 @@ It should use the values in the $this->data
@param $location location @param $location location
@param $account_id account id @param $account_id account id
*/ */
function delete_repository($app, $location, $accountid = ''){ function delete_repository($app, $location, $accountid = '')
$account_id = get_account_id($accountid,$this->account_id); {
$sql = "delete from phpgw_acl where acl_appname like '".$app."'" $account_id = get_account_id($accountid,$this->account_id);
. " and acl_location like '".$location."' and " $sql = "delete from phpgw_acl where acl_appname like '".$app."'"
. " acl_account = ".$account_id; . " and acl_location like '".$location."' and "
$this->db->query($sql ,__LINE__,__FILE__); . " acl_account = ".$account_id;
return $this->db->num_rows(); $this->db->query($sql ,__LINE__,__FILE__);
} return $this->db->num_rows();
}
/*! /*!
@function get_app_list_for_id @function get_app_list_for_id
@ -385,23 +423,26 @@ It should use the values in the $this->data
@param $required ? @param $required ?
@param $account_id account id defaults to $phpgw_info['user']['account_id']; @param $account_id account id defaults to $phpgw_info['user']['account_id'];
*/ */
function get_app_list_for_id($location, $required, $accountid = ''){ function get_app_list_for_id($location, $required, $accountid = '')
global $phpgw, $phpgw_info; {
$account_id = get_account_id($accountid,$this->account_id); global $phpgw, $phpgw_info;
$sql = "select acl_appname, acl_rights from phpgw_acl where acl_location = '$location' and "; $account_id = get_account_id($accountid,$this->account_id);
$sql .= 'acl_account = '.$account_id; $sql = "select acl_appname, acl_rights from phpgw_acl where acl_location = '$location' and ";
$this->db->query($sql ,__LINE__,__FILE__); $sql .= 'acl_account = '.$account_id;
$rights = 0; $this->db->query($sql ,__LINE__,__FILE__);
if ($this->db->num_rows() == 0 ){ return False; } $rights = 0;
while ($this->db->next_record()) { if ($this->db->num_rows() == 0 ){ return False; }
if ($this->db->f('acl_rights') == 0){ return False; } while ($this->db->next_record())
$rights |= $this->db->f('acl_rights'); {
if (!!($rights & $required) == True){ if ($this->db->f('acl_rights') == 0){ return False; }
$apps[] = $this->db->f('acl_appname'); $rights |= $this->db->f('acl_rights');
} if (!!($rights & $required) == True)
} {
return $apps; $apps[] = $this->db->f('acl_appname');
} }
}
return $apps;
}
/*! /*!
@function get_location_list_for_id @function get_location_list_for_id
@ -411,24 +452,28 @@ It should use the values in the $this->data
@param $required required @param $required required
@param $account_id optional defaults to $phpgw_info['user']['account_id']; @param $account_id optional defaults to $phpgw_info['user']['account_id'];
*/ */
function get_location_list_for_id($app, $required, $accountid = ''){ function get_location_list_for_id($app, $required, $accountid = '')
global $phpgw, $phpgw_info; {
$account_id = get_account_id($accountid); global $phpgw, $phpgw_info;
$sql = "select acl_location, acl_rights from phpgw_acl where acl_appname = '$app' and "; $account_id = get_account_id($accountid);
$sql .= "acl_account = ".$account_id; $sql = "select acl_location, acl_rights from phpgw_acl where acl_appname = '$app' and ";
$this->db->query($sql ,__LINE__,__FILE__); $sql .= "acl_account = ".$account_id;
$rights = 0; $this->db->query($sql ,__LINE__,__FILE__);
if ($this->db->num_rows() == 0 ){ return False; } $rights = 0;
while ($this->db->next_record()) { if ($this->db->num_rows() == 0 ){ return False; }
if ($this->db->f('acl_rights')) { while ($this->db->next_record())
$rights |= $this->db->f('acl_rights'); {
if (!!($rights & $required) == True){ if ($this->db->f('acl_rights'))
$locations[] = $this->db->f('acl_location'); {
} $rights |= $this->db->f('acl_rights');
} if (!!($rights & $required) == True)
} {
return $locations; $locations[] = $this->db->f('acl_location');
} }
}
}
return $locations;
}
/*! /*!
@function get_ids_for_location @function get_ids_for_location
@abstract get ids for location @abstract get ids for location
@ -436,25 +481,29 @@ It should use the values in the $this->data
@param $required required @param $required required
@param $app app optional defaults to $phpgw_info['flags']['currentapp']; @param $app app optional defaults to $phpgw_info['flags']['currentapp'];
*/ */
function get_ids_for_location($location, $required, $app = False){ function get_ids_for_location($location, $required, $app = False)
global $phpgw, $phpgw_info; {
if ($app == False){ global $phpgw, $phpgw_info;
$app = $phpgw_info['flags']['currentapp']; if ($app == False)
} {
$sql = "select acl_account, acl_rights from phpgw_acl where acl_appname = '$app' and "; $app = $phpgw_info['flags']['currentapp'];
$sql .= "acl_location = '".$location."'"; }
$this->db->query($sql ,__LINE__,__FILE__); $sql = "select acl_account, acl_rights from phpgw_acl where acl_appname = '$app' and ";
$rights = 0; $sql .= "acl_location = '".$location."'";
if ($this->db->num_rows() == 0 ){ return False; } $this->db->query($sql ,__LINE__,__FILE__);
while ($this->db->next_record()) { $rights = 0;
$rights = 0; if ($this->db->num_rows() == 0 ){ return False; }
$rights |= $this->db->f('acl_rights'); while ($this->db->next_record())
if (!!($rights & $required) == True){ {
$accounts[] = intval($this->db->f('acl_account')); $rights = 0;
} $rights |= $this->db->f('acl_rights');
} if (!!($rights & $required) == True)
return $accounts; {
} $accounts[] = intval($this->db->f('acl_account'));
}
}
return $accounts;
}
/*! /*!
@function get_user_applications @function get_user_applications
@ -462,87 +511,88 @@ It should use the values in the $this->data
@param $account_id optional defaults to $phpgw_info['user']['account_id']; @param $account_id optional defaults to $phpgw_info['user']['account_id'];
@result $apps array containing list of apps @result $apps array containing list of apps
*/ */
function get_user_applications($accountid = '') function get_user_applications($accountid = '')
{
global $phpgw, $phpgw_info;
$db2 = $this->db;
$account_id = get_account_id($accountid,$this->account_id);
$memberships = $phpgw->accounts->memberships($account_id);
$sql = "select acl_appname, acl_rights from phpgw_acl where acl_location = 'run' and "
. 'acl_account in ';
$security = '('.$account_id;
while($groups = @each($memberships))
{ {
$group = each($groups); global $phpgw, $phpgw_info;
$security .= ','.$group[1]['account_id'];
}
$security .= ')';
$db2->query($sql . $security ,__LINE__,__FILE__);
if ($db2->num_rows() == 0){ return False; } $db2 = $this->db;
while ($db2->next_record())
{ $account_id = get_account_id($accountid,$this->account_id);
if(isset($apps[$db2->f('acl_appname')])) $memberships = $phpgw->accounts->memberships($account_id);
$sql = "select acl_appname, acl_rights from phpgw_acl where acl_location = 'run' and "
. 'acl_account in ';
$security = '('.$account_id;
while($groups = @each($memberships))
{ {
$rights = $apps[$db2->f('acl_appname')]; $group = each($groups);
$security .= ','.$group[1]['account_id'];
} }
else $security .= ')';
$db2->query($sql . $security ,__LINE__,__FILE__);
if ($db2->num_rows() == 0){ return False; }
while ($db2->next_record())
{ {
$rights = 0; if(isset($apps[$db2->f('acl_appname')]))
{
$rights = $apps[$db2->f('acl_appname')];
}
else
{
$rights = 0;
}
$rights |= $db2->f('acl_rights');
$apps[$db2->f('acl_appname')] |= $rights;
} }
$rights |= $db2->f('acl_rights'); return $apps;
$apps[$db2->f('acl_appname')] |= $rights;
} }
return $apps;
}
/*! /*!
@function get_grants @function get_grants
@abstract ? @abstract ?
@param $app optional defaults to $phpgw_info['flags']['currentapp']; @param $app optional defaults to $phpgw_info['flags']['currentapp'];
*/ */
function get_grants($app=False){ function get_grants($app=False)
global $phpgw, $phpgw_info; {
global $phpgw, $phpgw_info;
$db2 = $this->db;
if ($app==False)
{
$app = $phpgw_info['flags']['currentapp'];
}
$sql = "select acl_account, acl_rights from phpgw_acl where acl_appname = '$app' and " $db2 = $this->db;
. "acl_location in ";
$security = "('". $phpgw_info['user']['account_id'] ."'"; if ($app==False)
$my_memberships = $phpgw->accounts->memberships(); {
while($my_memberships && $groups = each($my_memberships)) $app = $phpgw_info['flags']['currentapp'];
{ }
$group = each($groups);
$security .= ",'" . $group[1]['account_id'] . "'"; $sql = "select acl_account, acl_rights from phpgw_acl where acl_appname = '$app' and "
} . "acl_location in ";
$security .= ')'; $security = "('". $phpgw_info['user']['account_id'] ."'";
$db2->query($sql . $security ,__LINE__,__FILE__); $my_memberships = $phpgw->accounts->memberships();
$rights = 0; while($my_memberships && $groups = each($my_memberships))
$accounts = Array(); {
if ($db2->num_rows() == 0){ return False; } $group = each($groups);
while ($db2->next_record()) $security .= ",'" . $group[1]['account_id'] . "'";
{ }
$grantor = $db2->f('acl_account'); $security .= ')';
$rights = $db2->f('acl_rights'); $db2->query($sql . $security ,__LINE__,__FILE__);
$rights = 0;
// if($grantor == $phpgw_info['user']['account_id']) $accounts = Array();
// { if ($db2->num_rows() == 0){ return False; }
// continue; while ($db2->next_record())
// } {
$grantor = $db2->f('acl_account');
if(!isset($accounts[$grantor])) $rights = $db2->f('acl_rights');
{
$accounts[$grantor] = 0; // if($grantor == $phpgw_info['user']['account_id'])
} // {
$accounts[$grantor] |= $rights; // continue;
} // }
return $accounts;
} if(!isset($accounts[$grantor]))
} //end of acl class {
$accounts[$grantor] = 0;
}
$accounts[$grantor] |= $rights;
}
return $accounts;
}
} //end of acl class
?> ?>