- inherit ACL and admin from parent categories

+ ACL get or'ed together (you can't take away rights)
  + admins only get inherited, if there's none defined in cat
- store state of category filter for select resource popup (not
  currently used in stock EGroupware)

resources/inc/class.bo_acl.inc.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * eGroupWare - resources
+ * EGroupWare - resources
  *
  * @license http://www.gnu.org/licenses/gpl.html GNU General Public License
  * @package resources
@@ -11,15 +11,12 @@
 /**
  * ACL business object for resources
  *
- * @package resources
+ * Category rights and admins get inherited from parent categories.
+ * Current rights and the ones inherited from parents get ORed together,
+ * while for admins the "closest" cat-admin will be used.
  */
 class bo_acl
 {
-	/**
-	* @var $permissions Holds alls permissions for resources of user
-	*/
-	var $permissions;
-
 	var $acl;
 	var $start = 0;
 	var $query = '';
@@ -37,13 +34,17 @@ class bo_acl
 	 */
 	var $egw_cats;
 
-	function bo_acl($session=False)
+	/**
+	 * Constructor
+	 *
+	 * @param boolean $session
+	 */
+	function __construct($session=False)
 	{
 		define('EGW_ACL_CAT_ADMIN',64);
 		define('EGW_ACL_DIRECT_BOOKING',128);
 		define('EGW_ACL_CALREAD',256);
 
-		$this->permissions = $GLOBALS['egw']->acl->get_all_location_rights($GLOBALS['egw_info']['user']['account_id'],'resources',true);
 		$this->egw_cats = new categories('','resources');
 		$this->debug = False;
 
@@ -68,6 +69,18 @@ class bo_acl
 		}
 	}
 
+	/**
+	 * PHP4 constructor
+	 *
+	 * @param boolean $session
+	 * @deprecated use __construct()
+	 * @return bo_acl
+	 */
+	function bo_acl($session=False)
+	{
+		self::__construct($session);
+	}
+
 	/**
 	* get list of cats where current user has given rights
 	*
@@ -106,9 +119,9 @@ class bo_acl
 	* @param int $cat_id
 	* @return mixed name of category
 	*/
-	function get_cat_name($cat_id)
+	static public function get_cat_name($cat_id)
 	{
-		return $this->egw_cats->id2name($cat_id);
+		return $GLOBALS['egw']->categories->id2name($cat_id);
 	}
 
 	/**
@@ -118,9 +131,9 @@ class bo_acl
 	* @param int $cat_id
 	* @return int userid of cat admin
 	*/
-	function get_cat_admin($cat_id)
+	static public function get_cat_admin($cat_id)
 	{
-		$cat_rights = $this->get_rights($cat_id);
+		$cat_rights = self::get_rights($cat_id);
 		foreach ($cat_rights as $userid => $right)
 		{
 			if ($right & EGW_ACL_CAT_ADMIN)
@@ -128,21 +141,63 @@ class bo_acl
 				return $userid;
 			}
 		}
+		// check for an inherited cat admin
+		if (($parent = $GLOBALS['egw']->categories->id2name($cat_id,'parent')))
+		{
+			return self::get_cat_admin($parent);
+		}
 		return lang('none');
 	}
 
 	/**
-	* cheks one of the following rights for current user:
+	 * Permissions including inherited ones
+	 *
+	 * @var array cat_id => rights
+	 */
+	static private $permissions;
+	static private $resource_acl;
+
+	/**
+	 * Get permissions of current user on a given category
+	 *
+	 * @param int $cat_id
+	 * @return int
+	 */
+	static public function get_permissions($cat_id)
+	{
+		if (!isset(self::$permissions[$cat_id]))
+		{
+			if (is_null(self::$resource_acl))
+			{
+				self::$resource_acl = $GLOBALS['egw']->acl->get_all_location_rights($GLOBALS['egw_info']['user']['account_id'],'resources',true);
+			}
+			self::$permissions[$cat_id] = (int)self::$resource_acl['L'.$cat_id];
+			if (($parent = $GLOBALS['egw']->categories->id2name($cat_id,'parent')))
+			{
+				self::$permissions[$cat_id] |= self::get_permissions($parent);
+			}
+		}
+		//echo "<p>".__METHOD__."($cat_id) = ".self::$permissions[$cat_id]."</p>\n";
+		return self::$permissions[$cat_id];
+	}
+
+	/**
+	 * checks one of the following rights for current user:
 	 *
 	 * EGW_ACL_READ, EGW_ACL_ADD, EGW_ACL_EDIT, EGW_ACL_DELETE, EGW_ACL_DIRECT_BOOKING
 	 *
 	 * @param int $cat_id
 	 * @param int $right
-	* @return bool user is permitted or not for right
+	 * @return boolean user is permitted or not for right
 	 */
-	function is_permitted($cat_id,$right)
+	static public function is_permitted($cat_id,$right)
 	{
-		return $this->permissions['L'.$cat_id] & $right;
+		if (!isset(self::$permissions[$cat_id]))
+		{
+			self::get_permissions($cat_id);
+		}
+		//echo "<p>".__METHOD__."($cat_id,$right) = ".self::$permissions[$cat_id]." & $right = ".(self::$permissions[$cat_id] & $right)."</p>\n";
+		return (boolean) (self::$permissions[$cat_id] & $right);
 	}
 
 	/**
@@ -151,7 +206,7 @@ class bo_acl
 	* @param int $cat_id
 	* @return array userid => right
 	*/
-	function get_rights($cat_id)
+	static public function get_rights($cat_id)
 	{
 		return $GLOBALS['egw']->acl->get_all_rights('L'.$cat_id,'resources');
 	}

resources/inc/class.bo_resources.inc.php

@@ -27,6 +27,16 @@ class bo_resources
 	 * @var so_resources
 	 */
 	var $so;
+	/**
+	 * Instance of resources acl class
+	 *
+	 * @var bo_acl
+	 */
+	var $acl;
+	/**
+	 * Instance of categories class for resources
+	 */
+	var $cats;
 
 	function bo_resources()
 	{
@@ -48,6 +58,16 @@ class bo_resources
 	 */
 	function get_rows($query,&$rows,&$readonlys)
 	{
+		if ($query['store_state'])	// request to store state in session and filter in prefs?
+		{
+			egw_cache::setSession('resources',$query['store_state'],$query);
+			//echo "<p>".__METHOD__."() query[filter]=$query[filter], prefs[resources][filter]={$GLOBALS['egw_info']['user']['preferences']['resources']['filter']}</p>\n";
+			if ($query['filter'] != $GLOBALS['egw_info']['user']['preferences']['resources']['filter'])
+			{
+				$GLOBALS['egw']->preferences->add('resources','filter',$query['filter'],'user');
+				$GLOBALS['egw']->preferences->save_repository();
+			}
+		}
 		if ($this->debug) _debug_array($query);
 		$criteria = array('name' => $query['search'], 'short_description' => $query['search'], 'inventory_number' => $query['search']);
 		$read_onlys = 'res_id,name,short_description,quantity,useable,bookable,buyable,cat_id,location,storage_info';

resources/inc/class.ui_resources.inc.php

@@ -26,10 +26,10 @@ class ui_resources
 		);
 
 	/**
-	 * constructor of class ui_resources
+	 * Constructor
 	 *
 	 */
-	function ui_resources()
+	function __construct()
 	{
 // 		print_r($GLOBALS['egw_info']); die();
 		$this->tmpl	= new etemplate('resources.show');
@@ -37,6 +37,15 @@ class ui_resources
 // 		$this->calui	= CreateObject('resources.ui_calviews');
 
 	}
+	/**
+	 * PHP4 constructor
+	 *
+	 * @deprecated use __construct();
+	 */
+	function ui_resources()
+	{
+		self::__construct();
+	}
 
 	/**
 	 * main resources list.
@@ -435,6 +444,8 @@ class ui_resources
 			}</script>";
 
 		if (!is_array($content))
+		{
+			if (!($content['nm'] = egw_cache::getSession('resources','get_rows')))
 			{
 				$content['nm'] = array(
 					'header_left'   => 'resources.resource_select.header',
@@ -449,7 +460,10 @@ class ui_resources
 					'rows'          => array('js_id' => 1),
 					'csv_fields'    => false,
 					'default_cols'  => 'name,cat_id,quantity',	// I  columns to use if there's no user or default pref
+					'store_state' => 'get_rows',	// store in session as for location get_rows
 				);
+				$content['nm']['filter'] = $GLOBALS['egw_info']['user']['preferences']['resources']['filter'];
+			}
 		}
 		$sel_options = array();
 		$no_button = array();