mirror of
https://github.com/EGroupware/egroupware.git
synced 2025-01-03 20:49:08 +01:00
moved code so that group memberships are based on ACL entries
This commit is contained in:
parent
0267cb49d6
commit
3509042d9b
@ -134,34 +134,20 @@
|
||||
return $userData;
|
||||
}
|
||||
|
||||
function read_groups($lid) {
|
||||
global $phpgw_info, $phpgw;
|
||||
function read_groups($id)
|
||||
{
|
||||
global $phpgw_info, $phpgw;
|
||||
|
||||
$db2 = $phpgw->db;
|
||||
|
||||
if (gettype($lid) == "integer") {
|
||||
if ($phpgw_info["user"]["account_id"] != $lid || !$phpgw_info["user"]["groups"]) {
|
||||
$db2->query("select account_groups from accounts where account_id=$lid",__LINE__,__FILE__);
|
||||
$db2->next_record();
|
||||
$gl = explode(",",$db2->f("account_groups"));
|
||||
} else {
|
||||
$gl = $phpgw_info["user"]["groups"];
|
||||
}
|
||||
} else {
|
||||
if ($phpgw_info["user"]["userid"] != $lid || !$phpgw_info["user"]["groups"]) {
|
||||
$db2->query("select account_groups from accounts where account_lid='$lid'",__LINE__,__FILE__);
|
||||
$db2->next_record();
|
||||
$gl = explode(",",$db2->f("account_groups"));
|
||||
} else {
|
||||
$gl = $phpgw_info["user"]["groups"];
|
||||
}
|
||||
}
|
||||
|
||||
for ($i=1; $i<(count($gl)-1); $i++) {
|
||||
$ga = explode(":",$gl[$i]);
|
||||
$groups[$ga[0]] = $ga[1];
|
||||
}
|
||||
return $groups;
|
||||
$db2 = $phpgw->db;
|
||||
if (gettype($id) == "string") { $id = $this->username2userid($id); }
|
||||
$groups = Array();
|
||||
$group_memberhips = $phpgw->acl->get_location_list_for_id("phpgw_group", 1, "u", $id);
|
||||
reset ($groups);
|
||||
$num = count($group_memberhips);
|
||||
for ($idx=0; $idx<$num; ++$idx){
|
||||
$groups[$group_memberhips[$idx]] = 0;
|
||||
}
|
||||
return $groups;
|
||||
}
|
||||
|
||||
function read_group_names($lid = "")
|
||||
@ -188,135 +174,6 @@
|
||||
return $group_names;
|
||||
}
|
||||
|
||||
/* // This works a little odd, but it is required for apps to be listed in the correct order.
|
||||
// We first take an array of apps in the correct order and give it a value of 1. Which local means false.
|
||||
// After the app is verified, it is giving the value of 2, meaning true.
|
||||
function read_apps($lid)
|
||||
{
|
||||
global $phpgw, $phpgw_info;
|
||||
|
||||
$db = $phpgw->db;
|
||||
// fing enabled apps in this system
|
||||
$db->query("select app_name from applications where app_enabled != 0 order by app_order",__LINE__,__FILE__);
|
||||
while ($phpgw->db->next_record()) {
|
||||
$enabled_apps[$db->f("app_name")] = 1;
|
||||
}
|
||||
|
||||
// get a ldap connection handle
|
||||
$ds = $phpgw->common->ldapConnect();
|
||||
|
||||
// search the dn for the given uid
|
||||
$sri = ldap_search($ds, $phpgw_info["server"]["ldap_context"], "uid=$lid");
|
||||
$allValues = ldap_get_entries($ds, $sri);
|
||||
|
||||
for ($i=0; $i < $allValues[0]["phpgw_account_perms"]["count"]; $i++)
|
||||
{
|
||||
$pl = $allValues[0]["phpgw_account_perms"][$i];
|
||||
if ($enabled_apps[$pl])
|
||||
{
|
||||
$enabled_apps[$pl] = 2;
|
||||
}
|
||||
}
|
||||
|
||||
// This is to prevent things from being loaded twice
|
||||
if ($phpgw_info["user"]["userid"] == $lid) {
|
||||
$group_list = $this->groups;
|
||||
} else {
|
||||
$group_list = $this->read_groups($lid);
|
||||
}
|
||||
|
||||
while ($group_list && $group = each($group_list)) {
|
||||
$db->query("select group_apps from groups where group_id=".$group[0]);
|
||||
$db->next_record();
|
||||
|
||||
$gp = explode(":",$db->f("group_apps"));
|
||||
for ($i=1,$j=0;$i<count($gp)-1;$i++,$j++) {
|
||||
$enabled_apps[$gp[$i]] = 2;
|
||||
}
|
||||
}
|
||||
|
||||
while ($sa = each($enabled_apps)) {
|
||||
if ($sa[1] == 2) {
|
||||
$return_apps[$sa[0]] = True;
|
||||
}
|
||||
}
|
||||
|
||||
return $return_apps;
|
||||
}
|
||||
*/
|
||||
// This works a little odd, but it is required for apps to be listed in the correct order.
|
||||
// We first take an array of apps in the correct order and give it a value of 1. Which local means false.
|
||||
// After the app is verified, it is giving the value of 2, meaning true.
|
||||
function read_apps($lid)
|
||||
{
|
||||
global $phpgw, $phpgw_info;
|
||||
|
||||
$db2 = $phpgw->db;
|
||||
|
||||
$db2->query("select * from applications where app_enabled != '0'",__LINE__,__FILE__);
|
||||
while ($db2->next_record()) {
|
||||
$name = $db2->f("app_name");
|
||||
$title = $db2->f("app_title");
|
||||
$status = $db2->f("app_enabled");
|
||||
$phpgw_info["apps"][$name] = array("title" => $title, "enabled" => True, "status" => $status);
|
||||
|
||||
$enabled_apps[$db2->f("app_name")] = 1;
|
||||
$app_status[$db2->f("app_name")] = $db2->f("app_status");
|
||||
}
|
||||
|
||||
if (gettype($lid) == "integer") {
|
||||
$db2->query("select account_permissions from accounts where account_id=$lid",__LINE__,__FILE__);
|
||||
} else {
|
||||
$db2->query("select account_permissions from accounts where account_lid='$lid'",__LINE__,__FILE__);
|
||||
}
|
||||
$db2->next_record();
|
||||
|
||||
$pl = explode(":",$db2->f("account_permissions"));
|
||||
|
||||
for ($i=0; $i<count($pl); $i++) {
|
||||
if ($enabled_apps[$pl[$i]]) {
|
||||
$enabled_apps[$pl[$i]] = 2;
|
||||
}
|
||||
}
|
||||
|
||||
$group_list = $this->read_groups($lid);
|
||||
|
||||
while ($group_list && $group = each($group_list)) {
|
||||
$db2->query("select group_apps from groups where group_id=".$group[0],__LINE__,__FILE__);
|
||||
$db2->next_record();
|
||||
|
||||
$gp = explode(":",$db2->f("group_apps"));
|
||||
for ($i=1,$j=0;$i<count($gp)-1;$i++,$j++) {
|
||||
$enabled_apps[$gp[$i]] = 2;
|
||||
}
|
||||
}
|
||||
|
||||
while ($sa = each($enabled_apps)) {
|
||||
if ($sa[1] == 2) {
|
||||
$return_apps[$sa[0]] = True;
|
||||
}
|
||||
}
|
||||
|
||||
return $return_apps;
|
||||
}
|
||||
|
||||
// This will return the group permissions in an array
|
||||
function read_group_apps($group_id)
|
||||
{
|
||||
global $phpgw;
|
||||
|
||||
$db = $phpgw->db;
|
||||
$db->query("select group_apps from groups where group_id=".$group_id,__LINE__,__FILE__);
|
||||
$db->next_record();
|
||||
|
||||
$gp = explode(":",$db->f("group_apps"));
|
||||
for ($i=1,$j=0;$i<count($gp)-1;$i++,$j++) {
|
||||
$apps_array[$j] = $gp[$i];
|
||||
}
|
||||
return $apps_array;
|
||||
}
|
||||
|
||||
// Note: This needs to work off LDAP (jengo)
|
||||
function listusers($groups="")
|
||||
{
|
||||
global $phpgw;
|
||||
|
@ -145,21 +145,6 @@
|
||||
return implode(",",$group_names);
|
||||
}
|
||||
|
||||
// Convert an array into the format needed for the groups column in the accounts table.
|
||||
// This function is only temp, until we create the wrapper class's for different forms
|
||||
// of auth.
|
||||
function groups_array_to_string($groups)
|
||||
{
|
||||
$s = "";
|
||||
if (count($groups)) {
|
||||
while (list($t,$group,$level) = each($groups)) {
|
||||
$s .= "," . $group . ":0";
|
||||
}
|
||||
$s .= ",";
|
||||
}
|
||||
return $s;
|
||||
}
|
||||
|
||||
// Convert an array into the format needed for the access column.
|
||||
function array_to_string($access,$array)
|
||||
{
|
||||
|
@ -88,35 +88,20 @@
|
||||
return $userData;
|
||||
}
|
||||
|
||||
function read_groups($lid)
|
||||
function read_groups($id)
|
||||
{
|
||||
global $phpgw_info, $phpgw;
|
||||
global $phpgw_info, $phpgw;
|
||||
|
||||
$db2 = $phpgw->db;
|
||||
|
||||
if (gettype($lid) == "integer") {
|
||||
if ($phpgw_info["user"]["account_id"] != $lid || !$phpgw_info["user"]["groups"]) {
|
||||
$db2->query("select account_groups from accounts where account_id=$lid",__LINE__,__FILE__);
|
||||
$db2->next_record();
|
||||
$gl = explode(",",$db2->f("account_groups"));
|
||||
} else {
|
||||
$gl = $phpgw_info["user"]["groups"];
|
||||
}
|
||||
} else {
|
||||
if ($phpgw_info["user"]["userid"] != $lid || !$phpgw_info["user"]["groups"]) {
|
||||
$db2->query("select account_groups from accounts where account_lid='$lid'",__LINE__,__FILE__);
|
||||
$db2->next_record();
|
||||
$gl = explode(",",$db2->f("account_groups"));
|
||||
} else {
|
||||
$gl = $phpgw_info["user"]["groups"];
|
||||
}
|
||||
}
|
||||
|
||||
for ($i=1; $i<(count($gl)-1); $i++) {
|
||||
$ga = explode(":",$gl[$i]);
|
||||
$groups[$ga[0]] = $ga[1];
|
||||
}
|
||||
return $groups;
|
||||
$db2 = $phpgw->db;
|
||||
if (gettype($id) == "string") { $id = $this->username2userid($id); }
|
||||
$groups = Array();
|
||||
$group_memberhips = $phpgw->acl->get_location_list_for_id("phpgw_group", 1, "u", $id);
|
||||
reset ($groups);
|
||||
$num = count($group_memberhips);
|
||||
for ($idx=0; $idx<$num; ++$idx){
|
||||
$groups[$group_memberhips[$idx]] = 0;
|
||||
}
|
||||
return $groups;
|
||||
}
|
||||
|
||||
function read_group_names($lid = "")
|
||||
@ -146,80 +131,6 @@
|
||||
return $group_names;
|
||||
}
|
||||
|
||||
// This works a little odd, but it is required for apps to be listed in the correct order.
|
||||
// We first take an array of apps in the correct order and give it a value of 1. Which local means false.
|
||||
// After the app is verified, it is giving the value of 2, meaning true.
|
||||
function read_apps($lid)
|
||||
{
|
||||
global $phpgw, $phpgw_info;
|
||||
|
||||
$db2 = $phpgw->db;
|
||||
|
||||
$db2->query("select * from applications where app_enabled != '0'",__LINE__,__FILE__);
|
||||
while ($db2->next_record()) {
|
||||
$name = $db2->f("app_name");
|
||||
$title = $db2->f("app_title");
|
||||
$status = $db2->f("app_enabled");
|
||||
$phpgw_info["apps"][$name] = array("title" => $title, "enabled" => True, "status" => $status);
|
||||
|
||||
$enabled_apps[$db2->f("app_name")] = 1;
|
||||
$app_status[$db2->f("app_name")] = $db2->f("app_status");
|
||||
}
|
||||
|
||||
if (gettype($lid) == "integer") {
|
||||
$db2->query("select account_permissions from accounts where account_id=$lid",__LINE__,__FILE__);
|
||||
} else {
|
||||
$db2->query("select account_permissions from accounts where account_lid='$lid'",__LINE__,__FILE__);
|
||||
}
|
||||
$db2->next_record();
|
||||
|
||||
$pl = explode(":",$db2->f("account_permissions"));
|
||||
|
||||
for ($i=0; $i<count($pl); $i++) {
|
||||
if ($enabled_apps[$pl[$i]]) {
|
||||
$enabled_apps[$pl[$i]] = 2;
|
||||
}
|
||||
}
|
||||
|
||||
$group_list = $this->read_groups($lid);
|
||||
|
||||
while ($group_list && $group = each($group_list)) {
|
||||
$db2->query("select group_apps from groups where group_id=".$group[0],__LINE__,__FILE__);
|
||||
$db2->next_record();
|
||||
|
||||
$gp = explode(":",$db2->f("group_apps"));
|
||||
for ($i=1,$j=0;$i<count($gp)-1;$i++,$j++) {
|
||||
$enabled_apps[$gp[$i]] = 2;
|
||||
}
|
||||
}
|
||||
|
||||
while ($sa = each($enabled_apps)) {
|
||||
if ($sa[1] == 2) {
|
||||
$return_apps[$sa[0]] = True;
|
||||
}
|
||||
}
|
||||
|
||||
return $return_apps;
|
||||
}
|
||||
|
||||
// This will return the group permissions in an array
|
||||
function read_group_apps($group_id)
|
||||
{
|
||||
global $phpgw;
|
||||
|
||||
$db2 = $phpgw->db;
|
||||
|
||||
$db2->query("select group_apps from groups where group_id=".$group_id,__LINE__,__FILE__);
|
||||
$db2->next_record();
|
||||
|
||||
$gp = explode(":",$db2->f("group_apps"));
|
||||
for ($i=1,$j=0;$i<count($gp)-1;$i++,$j++) {
|
||||
$apps_array[$j] = $gp[$i];
|
||||
}
|
||||
return $apps_array;
|
||||
}
|
||||
|
||||
|
||||
function listusers($groups="")
|
||||
{
|
||||
global $phpgw;
|
||||
|
@ -98,7 +98,10 @@
|
||||
$sql .= "acl_account_type = '".$id_type."' and acl_account = ".$id;
|
||||
$this->db->query($sql ,__LINE__,__FILE__);
|
||||
$rights = 0;
|
||||
if ($this->db->num_rows() == 0 && $phpgw_info["server"]["acl_default"] != "deny"){ return True; }
|
||||
if ($this->db->num_rows() == 0 && $phpgw_info["server"]["acl_default"] != "deny"){
|
||||
echo "rows: ".$this->db->num_rows()."<br>";
|
||||
return True;
|
||||
}
|
||||
while ($this->db->next_record()) {
|
||||
if ($this->db->f("acl_rights") == 0){ return False; }
|
||||
$rights |= $this->db->f("acl_rights");
|
||||
|
@ -831,11 +831,32 @@
|
||||
$phpgw_info["setup"]["currentver"]["phpgwapi"] = "0.9.10pre1";
|
||||
}
|
||||
|
||||
$test[] = "0.9.10pre1";
|
||||
function upgrade0_9_10pre1(){
|
||||
$test[] = "0.9.10pre1";
|
||||
function upgrade0_9_10pre1(){
|
||||
global $phpgw_info, $phpgw_setup;
|
||||
$phpgw_setup->db->query("alter table phpgw_categories add column cat_access varchar(25) after cat_owner");
|
||||
$phpgw_info["setup"]["currentver"]["phpgwapi"] = "0.9.10pre2";
|
||||
}
|
||||
|
||||
$test[] = "0.9.10pre2";
|
||||
function upgrade0_9_10pre2(){
|
||||
global $phpgw_info, $phpgw_setup;
|
||||
$db2 = $phpgw_setup->db;
|
||||
$phpgw_setup->db->query("select account_groups,account_id from accounts",__LINE__,__FILE__);
|
||||
if($phpgw_setup->db->num_rows()) {
|
||||
while($phpgw_setup->db->next_record()) {
|
||||
$gl = explode(",",$phpgw_setup->db->f("account_groups"));
|
||||
for ($i=1; $i<(count($gl)-1); $i++) {
|
||||
$ga = explode(":",$gl[$i]);
|
||||
$sql = "insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights)";
|
||||
$sql .= " values('phpgw_group', '".$ga[0]."', ".$phpgw_setup->db->f("account_id").", 'u', 1)";
|
||||
$db2->query($sql ,__LINE__,__FILE__);
|
||||
}
|
||||
}
|
||||
}
|
||||
$phpgw_setup->db->query("update accounts set account_groups = ''",__LINE__,__FILE__);
|
||||
$phpgw_info["setup"]["currentver"]["phpgwapi"] = "0.9.10pre3";
|
||||
}
|
||||
|
||||
reset ($test);
|
||||
while (list ($key, $value) = each ($test)){
|
||||
|
@ -860,7 +860,29 @@
|
||||
function upgrade0_9_10pre1(){
|
||||
global $phpgw_info, $phpgw_setup;
|
||||
$phpgw_setup->db->query("alter table phpgw_categories add column cat_access varchar(25) after cat_owner");
|
||||
}
|
||||
$phpgw_info["setup"]["currentver"]["phpgwapi"] = "0.9.10pre2";
|
||||
}
|
||||
|
||||
$test[] = "0.9.10pre2";
|
||||
function upgrade0_9_10pre2(){
|
||||
global $phpgw_info, $phpgw_setup;
|
||||
$db2 = $phpgw_setup->db;
|
||||
$phpgw_setup->db->query("select account_groups,account_id from accounts",__LINE__,__FILE__);
|
||||
if($phpgw_setup->db->num_rows()) {
|
||||
while($phpgw_setup->db->next_record()) {
|
||||
$gl = explode(",",$phpgw_setup->db->f("account_groups"));
|
||||
for ($i=1; $i<(count($gl)-1); $i++) {
|
||||
$ga = explode(":",$gl[$i]);
|
||||
$sql = "insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights)";
|
||||
$sql .= " values('phpgw_group', '".$ga[0]."', ".$phpgw_setup->db->f("account_id").", 'u', 1)";
|
||||
$db2->query($sql ,__LINE__,__FILE__);
|
||||
}
|
||||
}
|
||||
}
|
||||
$phpgw_setup->db->query("update accounts set account_groups = ''",__LINE__,__FILE__);
|
||||
$phpgw_info["setup"]["currentver"]["phpgwapi"] = "0.9.10pre3";
|
||||
}
|
||||
|
||||
|
||||
reset ($test);
|
||||
while (list ($key, $value) = each ($test)){
|
||||
|
@ -11,5 +11,5 @@
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
$phpgw_info["server"]["versions"]["phpgwapi"] = "0.9.10pre1";
|
||||
$phpgw_info["server"]["versions"]["phpgwapi"] = "0.9.10pre3";
|
||||
$phpgw_info["server"]["versions"]["current_header"] = "1.10";
|
||||
|
Loading…
Reference in New Issue
Block a user