mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-25 16:19:00 +01:00
- inherit ACL and admin from parent categories
+ ACL get or'ed together (you can't take away rights) + admins only get inherited, if there's none defined in cat - store state of category filter for select resource popup (not currently used in stock EGroupware)
This commit is contained in:
parent
e99af0dfd6
commit
c531f0077e
@ -1,6 +1,6 @@
|
||||
<?php
|
||||
/**
|
||||
* eGroupWare - resources
|
||||
* EGroupWare - resources
|
||||
*
|
||||
* @license http://www.gnu.org/licenses/gpl.html GNU General Public License
|
||||
* @package resources
|
||||
@ -11,15 +11,12 @@
|
||||
/**
|
||||
* ACL business object for resources
|
||||
*
|
||||
* @package resources
|
||||
* Category rights and admins get inherited from parent categories.
|
||||
* Current rights and the ones inherited from parents get ORed together,
|
||||
* while for admins the "closest" cat-admin will be used.
|
||||
*/
|
||||
class bo_acl
|
||||
{
|
||||
/**
|
||||
* @var $permissions Holds alls permissions for resources of user
|
||||
*/
|
||||
var $permissions;
|
||||
|
||||
var $acl;
|
||||
var $start = 0;
|
||||
var $query = '';
|
||||
@ -37,13 +34,17 @@ class bo_acl
|
||||
*/
|
||||
var $egw_cats;
|
||||
|
||||
function bo_acl($session=False)
|
||||
/**
|
||||
* Constructor
|
||||
*
|
||||
* @param boolean $session
|
||||
*/
|
||||
function __construct($session=False)
|
||||
{
|
||||
define('EGW_ACL_CAT_ADMIN',64);
|
||||
define('EGW_ACL_DIRECT_BOOKING',128);
|
||||
define('EGW_ACL_CALREAD',256);
|
||||
|
||||
$this->permissions = $GLOBALS['egw']->acl->get_all_location_rights($GLOBALS['egw_info']['user']['account_id'],'resources',true);
|
||||
$this->egw_cats = new categories('','resources');
|
||||
$this->debug = False;
|
||||
|
||||
@ -68,6 +69,18 @@ class bo_acl
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* PHP4 constructor
|
||||
*
|
||||
* @param boolean $session
|
||||
* @deprecated use __construct()
|
||||
* @return bo_acl
|
||||
*/
|
||||
function bo_acl($session=False)
|
||||
{
|
||||
self::__construct($session);
|
||||
}
|
||||
|
||||
/**
|
||||
* get list of cats where current user has given rights
|
||||
*
|
||||
@ -106,9 +119,9 @@ class bo_acl
|
||||
* @param int $cat_id
|
||||
* @return mixed name of category
|
||||
*/
|
||||
function get_cat_name($cat_id)
|
||||
static public function get_cat_name($cat_id)
|
||||
{
|
||||
return $this->egw_cats->id2name($cat_id);
|
||||
return $GLOBALS['egw']->categories->id2name($cat_id);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -118,9 +131,9 @@ class bo_acl
|
||||
* @param int $cat_id
|
||||
* @return int userid of cat admin
|
||||
*/
|
||||
function get_cat_admin($cat_id)
|
||||
static public function get_cat_admin($cat_id)
|
||||
{
|
||||
$cat_rights = $this->get_rights($cat_id);
|
||||
$cat_rights = self::get_rights($cat_id);
|
||||
foreach ($cat_rights as $userid => $right)
|
||||
{
|
||||
if ($right & EGW_ACL_CAT_ADMIN)
|
||||
@ -128,21 +141,63 @@ class bo_acl
|
||||
return $userid;
|
||||
}
|
||||
}
|
||||
// check for an inherited cat admin
|
||||
if (($parent = $GLOBALS['egw']->categories->id2name($cat_id,'parent')))
|
||||
{
|
||||
return self::get_cat_admin($parent);
|
||||
}
|
||||
return lang('none');
|
||||
}
|
||||
|
||||
/**
|
||||
* cheks one of the following rights for current user:
|
||||
*
|
||||
* EGW_ACL_READ, EGW_ACL_ADD, EGW_ACL_EDIT, EGW_ACL_DELETE, EGW_ACL_DIRECT_BOOKING
|
||||
*
|
||||
* @param int $cat_id
|
||||
* @param int $right
|
||||
* @return bool user is permitted or not for right
|
||||
*/
|
||||
function is_permitted($cat_id,$right)
|
||||
* Permissions including inherited ones
|
||||
*
|
||||
* @var array cat_id => rights
|
||||
*/
|
||||
static private $permissions;
|
||||
static private $resource_acl;
|
||||
|
||||
/**
|
||||
* Get permissions of current user on a given category
|
||||
*
|
||||
* @param int $cat_id
|
||||
* @return int
|
||||
*/
|
||||
static public function get_permissions($cat_id)
|
||||
{
|
||||
return $this->permissions['L'.$cat_id] & $right;
|
||||
if (!isset(self::$permissions[$cat_id]))
|
||||
{
|
||||
if (is_null(self::$resource_acl))
|
||||
{
|
||||
self::$resource_acl = $GLOBALS['egw']->acl->get_all_location_rights($GLOBALS['egw_info']['user']['account_id'],'resources',true);
|
||||
}
|
||||
self::$permissions[$cat_id] = (int)self::$resource_acl['L'.$cat_id];
|
||||
if (($parent = $GLOBALS['egw']->categories->id2name($cat_id,'parent')))
|
||||
{
|
||||
self::$permissions[$cat_id] |= self::get_permissions($parent);
|
||||
}
|
||||
}
|
||||
//echo "<p>".__METHOD__."($cat_id) = ".self::$permissions[$cat_id]."</p>\n";
|
||||
return self::$permissions[$cat_id];
|
||||
}
|
||||
|
||||
/**
|
||||
* checks one of the following rights for current user:
|
||||
*
|
||||
* EGW_ACL_READ, EGW_ACL_ADD, EGW_ACL_EDIT, EGW_ACL_DELETE, EGW_ACL_DIRECT_BOOKING
|
||||
*
|
||||
* @param int $cat_id
|
||||
* @param int $right
|
||||
* @return boolean user is permitted or not for right
|
||||
*/
|
||||
static public function is_permitted($cat_id,$right)
|
||||
{
|
||||
if (!isset(self::$permissions[$cat_id]))
|
||||
{
|
||||
self::get_permissions($cat_id);
|
||||
}
|
||||
//echo "<p>".__METHOD__."($cat_id,$right) = ".self::$permissions[$cat_id]." & $right = ".(self::$permissions[$cat_id] & $right)."</p>\n";
|
||||
return (boolean) (self::$permissions[$cat_id] & $right);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -151,7 +206,7 @@ class bo_acl
|
||||
* @param int $cat_id
|
||||
* @return array userid => right
|
||||
*/
|
||||
function get_rights($cat_id)
|
||||
static public function get_rights($cat_id)
|
||||
{
|
||||
return $GLOBALS['egw']->acl->get_all_rights('L'.$cat_id,'resources');
|
||||
}
|
||||
|
@ -27,6 +27,16 @@ class bo_resources
|
||||
* @var so_resources
|
||||
*/
|
||||
var $so;
|
||||
/**
|
||||
* Instance of resources acl class
|
||||
*
|
||||
* @var bo_acl
|
||||
*/
|
||||
var $acl;
|
||||
/**
|
||||
* Instance of categories class for resources
|
||||
*/
|
||||
var $cats;
|
||||
|
||||
function bo_resources()
|
||||
{
|
||||
@ -48,6 +58,16 @@ class bo_resources
|
||||
*/
|
||||
function get_rows($query,&$rows,&$readonlys)
|
||||
{
|
||||
if ($query['store_state']) // request to store state in session and filter in prefs?
|
||||
{
|
||||
egw_cache::setSession('resources',$query['store_state'],$query);
|
||||
//echo "<p>".__METHOD__."() query[filter]=$query[filter], prefs[resources][filter]={$GLOBALS['egw_info']['user']['preferences']['resources']['filter']}</p>\n";
|
||||
if ($query['filter'] != $GLOBALS['egw_info']['user']['preferences']['resources']['filter'])
|
||||
{
|
||||
$GLOBALS['egw']->preferences->add('resources','filter',$query['filter'],'user');
|
||||
$GLOBALS['egw']->preferences->save_repository();
|
||||
}
|
||||
}
|
||||
if ($this->debug) _debug_array($query);
|
||||
$criteria = array('name' => $query['search'], 'short_description' => $query['search'], 'inventory_number' => $query['search']);
|
||||
$read_onlys = 'res_id,name,short_description,quantity,useable,bookable,buyable,cat_id,location,storage_info';
|
||||
|
@ -26,10 +26,10 @@ class ui_resources
|
||||
);
|
||||
|
||||
/**
|
||||
* constructor of class ui_resources
|
||||
* Constructor
|
||||
*
|
||||
*/
|
||||
function ui_resources()
|
||||
function __construct()
|
||||
{
|
||||
// print_r($GLOBALS['egw_info']); die();
|
||||
$this->tmpl = new etemplate('resources.show');
|
||||
@ -37,6 +37,15 @@ class ui_resources
|
||||
// $this->calui = CreateObject('resources.ui_calviews');
|
||||
|
||||
}
|
||||
/**
|
||||
* PHP4 constructor
|
||||
*
|
||||
* @deprecated use __construct();
|
||||
*/
|
||||
function ui_resources()
|
||||
{
|
||||
self::__construct();
|
||||
}
|
||||
|
||||
/**
|
||||
* main resources list.
|
||||
@ -436,20 +445,25 @@ class ui_resources
|
||||
|
||||
if (!is_array($content))
|
||||
{
|
||||
$content['nm'] = array(
|
||||
'header_left' => 'resources.resource_select.header',
|
||||
'show_bookable' => true,
|
||||
'get_rows' => 'resources.bo_resources.get_rows',
|
||||
'filter_label' => 'Category',
|
||||
'filter_help' => lang('Select a category'),
|
||||
'options-filter'=> array(''=>lang('all categories'))+(array)$this->bo->acl->get_cats(EGW_ACL_READ),
|
||||
'no_filter2' => true,
|
||||
'filter_no_lang'=> true,
|
||||
'no_cat' => true,
|
||||
'rows' => array('js_id' => 1),
|
||||
'csv_fields' => false,
|
||||
'default_cols' => 'name,cat_id,quantity', // I columns to use if there's no user or default pref
|
||||
);
|
||||
if (!($content['nm'] = egw_cache::getSession('resources','get_rows')))
|
||||
{
|
||||
$content['nm'] = array(
|
||||
'header_left' => 'resources.resource_select.header',
|
||||
'show_bookable' => true,
|
||||
'get_rows' => 'resources.bo_resources.get_rows',
|
||||
'filter_label' => 'Category',
|
||||
'filter_help' => lang('Select a category'),
|
||||
'options-filter'=> array(''=>lang('all categories'))+(array)$this->bo->acl->get_cats(EGW_ACL_READ),
|
||||
'no_filter2' => true,
|
||||
'filter_no_lang'=> true,
|
||||
'no_cat' => true,
|
||||
'rows' => array('js_id' => 1),
|
||||
'csv_fields' => false,
|
||||
'default_cols' => 'name,cat_id,quantity', // I columns to use if there's no user or default pref
|
||||
'store_state' => 'get_rows', // store in session as for location get_rows
|
||||
);
|
||||
$content['nm']['filter'] = $GLOBALS['egw_info']['user']['preferences']['resources']['filter'];
|
||||
}
|
||||
}
|
||||
$sel_options = array();
|
||||
$no_button = array();
|
||||
|
Loading…
Reference in New Issue
Block a user