Update ACL for mail application

This commit is contained in:
Hadi Nategh 2013-11-28 15:08:41 +00:00
parent de1b7207ec
commit 1dc919e83b
2 changed files with 305 additions and 98 deletions

View File

@ -21,6 +21,21 @@ class mail_acl
'edit' => True, 'edit' => True,
); );
/**
* static used define abbrevations for common access rights
*
* @array
*
*/
var $aclRightsAbbrvs = array(
'lrs' => array('label'=>'readable','title'=>'Allows a user to read the contents of the mailbox.'),
'lprs' => array('label'=>'post','title'=>'Allows a user to read the mailbox and post to it through the delivery system by sending mail to the submission address of the mailbox.'),
'ilprs' => array('label'=>'append','title'=>'Allows a user to read the mailbox and append messages to it, either via IMAP or through the delivery system.'),
'cdilprsw' => array('label'=>'write','title'=>'Allows a user to read the maibox, post to it, append messages to it, and delete messages or the mailbox itself. The only right not given is the right to change the ACL of the mailbox.'),
'acdilprsw' => array('label'=>'all','title'=>'The user has all possible rights on the mailbox. This is usually granted to users only on the mailboxes they own.'),
'custom' => array('label'=>'custom','title'=>'User defined combination of rights for the ACL'),
);
/** /**
* instance of mail_bo * instance of mail_bo
* *
@ -33,6 +48,7 @@ class mail_acl
* @var mail_account * @var mail_account
*/ */
var $current_account; var $current_account;
/** /**
* Constructor * Constructor
* *
@ -41,7 +57,7 @@ class mail_acl
function __construct() function __construct()
{ {
$this->mail_bo = mail_bo::getInstance(false, (int)$GLOBALS['egw_info']['user']['preferences']['mail']['ActiveProfileID']); $this->mail_bo = mail_bo::getInstance(false, (int)$GLOBALS['egw_info']['user']['preferences']['mail']['ActiveProfileID']);
$this->current_account = $this->mail_bo->icServer->acc_imap_username;
} }
/** /**
@ -49,54 +65,254 @@ class mail_acl
* *
* @param string $msg * @param string $msg
* @param array $content * @param array $content
*
* @todo delete action / recursive action/
*/ */
function edit(array $content=null ,$msg='') function edit(array $content=null ,$msg='')
{ {
if (!is_array($content))
{
$mailbox = $_GET['mailbox'];
if (!empty($mailbox))
{
$acl = $this->retrive_acl($mailbox, $msg);
}
}
$tmpl = new etemplate_new('mail.acl'); $tmpl = new etemplate_new('mail.acl');
$content = array(); $preserv['mailbox'] = $mailbox = $_GET['mailbox'];
$tmpl->exec('mail.mail_ui.edit_acl', $content, $sel_options, $readonlys, array(),2); if (!is_array($content))
{
if (!empty($mailbox))
{
$acl = (array)$this->retrive_acl($mailbox, $msg);
$n = 1;
foreach ($acl as $keys => $value)
{
$value = array_shift(array_values((array)$value));
foreach ($value as $right)
{
$content['grid'][$n]['acl_'. $right] = true;
}
$acl_abbrvs = implode('',$value);
//$acl_c =
if (array_key_exists($acl_abbrvs, $this->aclRightsAbbrvs))
{
$content['grid'][$n]['acl'] = $acl_abbrvs;
}
else
{
$content['grid'][$n]['acl'] = 'custom';
}
$content['grid'][$n++]['acc_id'] = $keys;
}
}
array_push($content['grid'], array('acc_id'=>''));
}
else
{
list($button) = @each($content['button']);
if (!empty ($content['grid']['delete']))
{
$button = 'delete';
}
switch ($button)
{
case 'save':
case 'apply':
if ($content)
{
$validation_err = $this->update_acl($content,$msg);
if ($validation_err)
{
foreach ($validation_err as &$row)
{
$tmpl->set_validation_error('grid['.$row.']'.'[acc_id]', "You must fill this field!");
}
}
else
{
$msg .= lang("The Folder %1 's ACLs saved!", $content['mailbox']);
}
$preserv ['mailbox'] = $content['mailbox'];
}
else
{
$msg .= "\n".lang("Error: Could not save ACL").' '.lang("reason!");
}
//Send message
egw_framework::refresh_opener($msg, 'mail', 'update');
if ($button == "apply") break;
case 'cancel':
egw_framework::window_close();
common::egw_exit();
break;
case 'delete':
if ($content)
{
//$content['grid'] = $this->remove_acl($content,$msg);
egw_framework::refresh_opener($msg, 'mail', 'update');
}
}
}
$sel_options['acl'] = $this->aclRightsAbbrvs;
$content['msg'] = $msg;
$tmpl->exec('mail.mail_acl.edit', $content, $sel_options, $readonlys, $preserv,2);
} }
/** /**
* Update Folder ACL rights * Update ACL rights of a folder or including subfolders for an account(s)
* *
* @param array $content content including the acl rights
* @param Boolean $recursive boolean flag FALSE|TRUE. If it is FALSE, only the folder take in to account, but in case of TRUE
* the mailbox including all its subfolders will be considered.
* @param string $msg Message
*
* @todo need to consider recursively update
* @todo rights 'c' and 'd' should be fixed
*/ */
function update_acl ($mailbox, $ident,$options, &$msg) function update_acl ($content, &$msg)
{ {
$validator = array();
foreach ($content['grid'] as $keys => $value)
{
unset($value['acc_id']);
unset($value['acl_recursive']);
unset($value['acl']);
$i=0;
$options = array();
foreach ($value as $key => $val)
{
if ($value[$key] == true)
{
$right = explode("acl_" ,$key);
$options['rights'] .= $right[1];
}
}
if (!empty($content['grid'][$keys]['acc_id'][0]))
{
$this->setACL($content['mailbox'], $content['grid'][$keys]['acc_id'][0],$options );
}
else
{
if($keys !== count($content['grid']))
{
array_push($validator, $keys) ;
$msg = lang("Could not save the ACL! Because some names are empty!");
}
}
}
if (is_array($validator)) return $validator;
} }
/** /**
* Retrive Folder ACL rights * Retrive Folder ACL rights
* * @todo rights 'c' and 'd' should be fixed
*/ */
function retrive_acl ($mailbox, &$msg) function retrive_acl ($mailbox, &$msg)
{ {
if ($acl = $this->mail_bo->icServer->getACL($mailbox)) if (($acl = $this->getACL($mailbox)))
{
if (is_array($acl))
{ {
$msg = lang('ACL rights retrived successfully!'); $msg = lang('ACL rights retrived successfully!');
} return $acl;
else
{
$msg = lang('ACL rights retrive failed, seems there are no rights set!');
}
} }
else else
{ {
$msg = lang('Get ACL rights failed from IMAP server!'); $msg = lang('Get ACL rights failed from IMAP server!');
error_log(__METHOD__. "(" . $acl . ")" ); }
}
/**
* remove_acl
*
* @param Array $content content array of popup window
* @param string $msg message
*
* @todo need to be completed
*/
function remove_acl($content,$msg)
{
$row_num = array_keys($content['grid']['delete'],"pressed");
$identifier = $content['grid'][$row_num]['acc_id'][0];
//$this->deleteACL($content['mailbox'], $identifier,$content['grid'][$row_num]['recursively'] );
unset($content['grid'][$row_num]);
unset($content['grid']['delete']);
return array_values($content['grid']);
}
/**
* Delete ACL rights of a folder or including subfolders from an account
*
* @param String $mailbox folder name that needs to be edited
* @param String $identifier The identifier to delete.
* @param Boolean $recursive boolean flag FALSE|TRUE. If it is FALSE, only the folder take in to account, but in case of TRUE
* the mailbox including all its subfolders will be considered.
*
* @todo need to considetr recursive action
*/
function deleteACL ($mailbox, $identifier, $recursive)
{
try
{
$this->mail_bo->icServer->deleteACL($mailbox, $identifier);
return true;
}
catch (Exception $e)
{
error_log(__METHOD__. "Could not delete ACL rights of folder " . $mailbox . " for account ". $identifier ." because of " .$e->getMessage());
return false;
}
}
/**
* Set ACL rights of a folder or including subfolders to an account
* @param String $mailbox folder name that needs to be edited
* @param String $Identifier The identifier to set.
* @param Array $options Additional options:
* - rights: (string) The rights to alter or set.
* - action: (string, optional) If 'add' or 'remove', adds or removes the
* specified rights. Sets the rights otherwise.
* @param Boolean $recursive boolean flag FALSE|TRUE. If it is FALSE, only the folder take in to account, but in case of TRUE
* the mailbox including all its subfolders will be considered.
* @param String $msg message
* @return Boolean FALSE in case of any exceptions and if TRUE in case of success,
*
*/
function setACL($mailbox, $identifier,$options)
{
try
{
$this->mail_bo->icServer->setACL($mailbox,$identifier,$options);
return true;
}
catch (Exception $e)
{
error_log(__METHOD__. "Could not set ACL rights on folder " . $mailbox . " for account ". $identifier . " because of " .$e->getMessage());
return false;
}
}
/**
* Get ACL rights of a folder from an account
*
* @param String $mailbox folder name that needs to be read
* @return Boolean FALSE in case of any exceptions and if TRUE in case of success,
*/
function getACL ($mailbox)
{
if(($acl =$this->mail_bo->icServer->getACL($mailbox)))
{
try
{
$acl = $this->mail_bo->icServer->getACL($mailbox);
return $acl;
} catch (Exception $e) {
error_log(__METHOD__. "Could not get ACL rights from folder " . $mailbox . " because of " .$e->getMessage());
return false;
}
} }
} }
} }

View File

@ -2,15 +2,10 @@
<!-- $Id$ --> <!-- $Id$ -->
<overlay> <overlay>
<template id="mail.acl" template="" lang="" group="0" version="1.9.001"> <template id="mail.acl" template="" lang="" group="0" version="1.9.001">
<grid> <vbox>
<columns> <hbox>
<column width="100%" />
</columns>
<rows>
<row disabled="!@msg">
<description id="msg" class="message"/> <description id="msg" class="message"/>
</row> </hbox>
<row>
<grid id="grid"> <grid id="grid">
<columns> <columns>
<column/> <column/>
@ -44,35 +39,31 @@
<description value="Action"/> <description value="Action"/>
</row> </row>
<row class="row"> <row class="row">
<taglist-email allowFreeEntries="true" maxSelection="1" /> <taglist-email id="${row}[acc_id]" allowFreeEntries="true" maxSelection="1" />
<menulist> <menulist>
<menupopup id="${row}[]"/> <menupopup id="${row}[acl]" onchange="1"/>
</menulist> </menulist>
<checkbox align="center" id="${row}[]" /> <checkbox align="center" id="${row}[acl_l]" />
<checkbox align="center" id="${row}[]" /> <checkbox align="center" id="${row}[acl_r]" />
<checkbox align="center" id="${row}[]" /> <checkbox align="center" id="${row}[acl_s]" />
<checkbox align="center" id="${row}[]" /> <checkbox align="center" id="${row}[acl_w]" />
<checkbox align="center" id="${row}[]" /> <checkbox align="center" id="${row}[acl_i]" />
<checkbox align="center" id="${row}[]" /> <checkbox align="center" id="${row}[acl_p]" />
<checkbox align="center" id="${row}[]" /> <checkbox align="center" id="${row}[acl_c]" />
<checkbox align="center" id="${row}[]" /> <checkbox align="center" id="${row}[acl_d]" />
<checkbox align="center" id="${row}[]" /> <checkbox align="center" id="${row}[acl_a]" />
<checkbox align="center" id="${row}[]" /> <checkbox align="center" id="${row}[acl_recursive]"/>
<hbox orient=",0,0" options="0,0,0,0"> <hbox orient=",0,0">
<button align="right" statustext="Delete this ACL" label="Delete" id="delete[$row_cont[]]" image="delete"/> <button align="right" statustext="Delete this ACL" label="Delete" id="delete[${row}]" value="${row}" image="delete" onclick="return app.mail.acl_delete_btn();"/>
</hbox> </hbox>
</row> </row>
</rows> </rows>
</grid> </grid>
</row>
<row>
<hbox> <hbox>
<button statustext="Saves this ACL" label="Save" id="button[save]" image="save" background_image="1"/> <button statustext="Saves this ACL" label="Save" id="button[save]"/>
<button statustext="Applies the changes made" label="Apply" id="button[apply]" image="apply" background_image="1"/> <button statustext="Applies the changes made" label="Apply" id="button[apply]"/>
<button label="Cancel" id="button[cancel]" image="cancel" background_image="1"/> <button label="Cancel" id="button[cancel]"/>
</hbox> </hbox>
</row> </vbox>
</rows>
</grid>
</template> </template>
</overlay> </overlay>