using Acl::(ADD|READ|EDIT|DELETE|PRIVAT) constants instead old EGW_ACL_* defines and fix some namespace errors found by doc/check_namespace.php

This commit is contained in:
Ralf Becker 2016-05-11 19:23:14 +00:00
parent e87cbc4832
commit e34fe9a4e7
20 changed files with 99 additions and 100 deletions

View File

@ -865,7 +865,7 @@ class Ads
}
else // we need to run the unlimited query
{
$query = ldap::quote(strtolower($param['query']));
$query = Api\Ldap::quote(strtolower($param['query']));
$accounts = array();
if($param['type'] !== 'groups')
@ -916,7 +916,7 @@ class Ads
}
if ($param['type'] === 'groups' || $param['type'] === 'both')
{
$query = ldap::quote(strtolower($param['query']));
$query = Api\Ldap::quote(strtolower($param['query']));
$filter = null;
if(!empty($query) && $query != '*')

View File

@ -201,7 +201,7 @@ class Sql
if (!preg_match('/^\\{[a-z5]{3,5}\\}.+/i',$data['account_passwd']) &&
!preg_match('/^[0-9a-f]{32}$/',$data['account_passwd'])) // md5 hash
{
$data['account_passwd'] = $GLOBALS['egw']->auth->encrypt_sql($data['account_passwd']);
$data['account_passwd'] = Api\Auth::encrypt_sql($data['account_passwd']);
}
$to_write['account_pwd'] = $data['account_passwd'];
$to_write['account_lastpwd_change'] = time();

View File

@ -683,7 +683,7 @@ class Acl
if (!$grantor) continue; // can happen if group has no members
// Don't allow to override private with group ACL's!
$rights &= ~EGW_ACL_PRIVATE;
$rights &= ~self::PRIVAT;
if(!isset($grants[$grantor]))
{

View File

@ -231,7 +231,7 @@ class Auth
* @param string $old_passwd must be cleartext
* @param string $new_passwd must be cleartext
* @param int $account_id account id of user whose passwd should be changed
* @throws Exception\WrongUserinput if configured password strength is not meat
* @throws Exception\WrongUserInput if configured password strength is not meat
* @throws Exception from backends having extra requirements
* @return boolean true if password successful changed, false otherwise
*/
@ -239,7 +239,7 @@ class Auth
{
if (($err = self::crackcheck($new_passwd,null,null,null,$account_id)))
{
throw new Exception\WrongUserinput($err);
throw new Exception\WrongUserInput($err);
}
if (($ret = $this->backend->change_password($old_passwd, $new_passwd, $account_id)))
{
@ -256,7 +256,7 @@ class Auth
// run changepwasswd hook
$GLOBALS['hook_values'] = array(
'account_id' => $account_id,
'account_lid' => accounts::id2name($account_id),
'account_lid' => Accounts::id2name($account_id),
'old_passwd' => $old_passwd,
'new_passwd' => $new_passwd,
);

View File

@ -1278,7 +1278,7 @@ class CalDAV extends HTTP_WebDAV_Server
return $entry ? $entry : "404 Not found";
}
if (!Link::file_access($handler->app, $entry['id'], EGW_ACL_EDIT))
if (!Link::file_access($handler->app, $entry['id'], Acl::EDIT))
{
return '403 Forbidden';
}
@ -1386,7 +1386,7 @@ class CalDAV extends HTTP_WebDAV_Server
{
error_log(__METHOD__."('$app', $id, attach=".array2string($attach).", delete_via_put=".array2string($delete_via_put).')');
if (!Link::file_access($app, $id, EGW_ACL_EDIT))
if (!Link::file_access($app, $id, Acl::EDIT))
{
error_log(__METHOD__."('$app', $id, ...) no rights to update attachments");
return; // no rights --> nothing to do
@ -1836,7 +1836,7 @@ class CalDAV extends HTTP_WebDAV_Server
$handler = self::app_handler($app);
// TODO recursive locks on directories not supported yet
if (!$id || !empty($options['depth']) || !$handler->check_access(EGW_ACL_EDIT,$id))
if (!$id || !empty($options['depth']) || !$handler->check_access(Acl::EDIT,$id))
{
return '409 Conflict';
}

View File

@ -58,9 +58,9 @@ abstract class Handler
* @var array
*/
var $method2acl = array(
'GET' => EGW_ACL_READ,
'PUT' => EGW_ACL_EDIT,
'DELETE' => EGW_ACL_DELETE,
'GET' => Api\Acl::READ,
'PUT' => Api\Acl::EDIT,
'DELETE' => Api\Acl::DELETE,
);
/**
* eGW application responsible for the handler
@ -212,7 +212,7 @@ abstract class Handler
/**
* Check if user has the neccessary rights on an entry
*
* @param int $acl EGW_ACL_READ, EGW_ACL_EDIT or EGW_ACL_DELETE
* @param int $acl Api\Acl::READ, Api\Acl::EDIT or Api\Acl::DELETE
* @param array|int $entry entry-array or id
* @return boolean null if entry does not exist, false if no access, true if access permitted
*/
@ -291,7 +291,7 @@ abstract class Handler
}
$extra_acl = $this->method2acl[$method];
if ($id && !($entry = $this->read($id, $options['path'])) && ($method != 'PUT' || $entry === false) ||
($extra_acl != EGW_ACL_READ && $this->check_access($extra_acl,$entry) === false))
($extra_acl != Api\Acl::READ && $this->check_access($extra_acl,$entry) === false))
{
if ($return_no_access && !is_null($entry))
{
@ -496,7 +496,7 @@ abstract class Handler
/**
* Get grants of current user and app
*
* @return array user-id => EGW_ACL_ADD|EGW_ACL_READ|EGW_ACL_EDIT|EGW_ACL_DELETE pairs
* @return array user-id => Api\Acl::ADD|Api\Acl::READ|Api\Acl::EDIT|Api\Acl::DELETE pairs
*/
public function get_grants()
{
@ -523,22 +523,22 @@ abstract class Handler
}
$priviledes = array('read-current-user-privilege-set' => 'read-current-user-privilege-set');
if (is_null($user) || $grants[$user] & EGW_ACL_READ)
if (is_null($user) || $grants[$user] & Api\Acl::READ)
{
$priviledes['read'] = 'read';
// allows on all calendars/addressbooks to write properties, as we store them on a per-user basis
// and only allow to modify explicit named properties in CalDAV, CardDAV or Calendarserver name-space
$priviledes['write-properties'] = 'write-properties';
}
if (is_null($user) || $grants[$user] & EGW_ACL_ADD)
if (is_null($user) || $grants[$user] & Api\Acl::ADD)
{
$priviledes['bind'] = 'bind'; // PUT for new resources
}
if (is_null($user) || $grants[$user] & EGW_ACL_EDIT)
if (is_null($user) || $grants[$user] & Api\Acl::EDIT)
{
$priviledes['write-content'] = 'write-content'; // otherwise iOS calendar does not allow to add events
}
if (is_null($user) || $grants[$user] & EGW_ACL_DELETE)
if (is_null($user) || $grants[$user] & Api\Acl::DELETE)
{
$priviledes['unbind'] = 'unbind'; // DELETE
}
@ -645,7 +645,7 @@ abstract class Handler
$privileges = array('read', 'read-current-user-privilege-set');
if ($this->caldav->prop_requested('current-user-privilege-set') === true && !isset($props['current-user-privilege-set']))
{
if ($this->check_access(EGW_ACL_EDIT, $entry))
if ($this->check_access(Api\Acl::EDIT, $entry))
{
$privileges[] = 'write-content';
}

View File

@ -921,7 +921,7 @@ class Principals extends Handler
{
$addressbooks[] = '/';
}
foreach(array_keys($GLOBALS['egw']->contacts->get_addressbooks(EGW_ACL_READ)) as $id)
foreach(array_keys($GLOBALS['egw']->contacts->get_addressbooks(Api\Acl::READ)) as $id)
{
if ((in_array('A',$addressbook_home_set) || in_array((string)$id,$addressbook_home_set)) &&
is_numeric($id) && ($owner = $this->accounts->id2name($id)))
@ -1366,8 +1366,8 @@ class Principals extends Handler
case 'users':
case 'groups':
$account = $location = $this->accounts->name2id($account, 'account_lid', $account_type[0]);
$right = $what == 'write' ? EGW_ACL_EDIT : EGW_ACL_READ;
$mask = $what == 'write' ? EGW_ACL_EDIT : EGW_ACL_EDIT|EGW_ACL_READ; // do NOT report write+read in read
$right = $what == 'write' ? Api\Acl::EDIT : Api\Acl::READ;
$mask = $what == 'write' ? Api\Acl::EDIT : Api\Acl::EDIT|Api\Acl::READ; // do NOT report write+read in read
break;
case 'locations':
@ -1522,13 +1522,13 @@ class Principals extends Handler
$set = array();
foreach($this->acl->get_grants($app, $app != 'addressbook', $account) as $account_id => $rights)
{
if ($account_id != $account && ($rights & EGW_ACL_READ) &&
if ($account_id != $account && ($rights & Api\Acl::READ) &&
($account_lid = $this->accounts->id2name($account_id)) &&
$this->accounts->visible($account_lid)) // only add visible accounts, gives error in iCal otherwise
{
$set[] = Api\CalDAV::mkprop('href', $this->base_uri.'/principals/'.
($account_id < 0 ? 'groups/' : 'users/').
$account_lid.'/'.$app.'-proxy-'.($rights & EGW_ACL_EDIT ? 'write' : 'read').'/');
$account_lid.'/'.$app.'-proxy-'.($rights & Api\Acl::EDIT ? 'write' : 'read').'/');
}
}
return $set;
@ -1694,13 +1694,13 @@ class Principals extends Handler
/**
* Check if user has the neccessary rights on an entry
*
* @param int $acl EGW_ACL_READ, EGW_ACL_EDIT or EGW_ACL_DELETE
* @param int $acl Api\Acl::READ, Api\Acl::EDIT or Api\Acl::DELETE
* @param array|int $entry entry-array or id
* @return boolean null if entry does not exist, false if no access, true if access permitted
*/
function check_access($acl,$entry)
{
if ($acl != EGW_ACL_READ)
if ($acl != Api\Acl::READ)
{
return false;
}

View File

@ -238,7 +238,7 @@ class Categories
}
// check for read permission
if(!$this->check_perms(EGW_ACL_READ, $cat, $globals === 'all_no_acl'))
if(!$this->check_perms(Acl::READ, $cat, $globals === 'all_no_acl'))
{
continue;
}
@ -470,7 +470,7 @@ class Categories
* Checks category permissions for a given list of commaseparated category ids
* and truncates it by the ones the user does not have the requested permission on
*
* @param int $needed necessary ACL right: EGW_ACL_{READ|EDIT|DELETE}
* @param int $needed necessary ACL right: Acl::{READ|EDIT|DELETE}
* @param string $cat_list commaseparated list of category ids
* @return string truncated commaseparated list of category ids
*/
@ -487,7 +487,7 @@ class Categories
{
foreach($cat_arr as $id=>$cat_id)
{
if (!$this->check_perms($needed, $cat_id, false, $needed == EGW_ACL_READ)) // allow reading all global cats
if (!$this->check_perms($needed, $cat_id, false, $needed == Acl::READ)) // allow reading all global cats
{
unset($cat_arr[$id]);
}
@ -503,7 +503,7 @@ class Categories
*
* If the access of a category is set to private, one needs a private grant for the application
*
* @param int $needed necessary ACL right: EGW_ACL_{READ|EDIT|DELETE}
* @param int $needed necessary ACL right: Acl::{READ|EDIT|DELETE}
* @param mixed $category category as array or the category_id
* @param boolean $no_acl_check =false if true, grants are NOT checked, gives access to all non-private categories of all users
* @param boolean $allow_global_read if true, global cats are allowed (independent of app) for reading
@ -525,7 +525,7 @@ class Categories
}
// Read access to global categories
if ($needed == EGW_ACL_READ && (($is_global=array_intersect(explode(',',$category['owner']),$this->global_owners)) ||
if ($needed == Acl::READ && (($is_global=array_intersect(explode(',',$category['owner']),$this->global_owners)) ||
$no_acl_check && $category['access'] == 'public') && // no_acl_check only means public cats
($category['appname'] == self::GLOBAL_APPNAME || $category['appname'] == $this->app_name ||
$is_global && $allow_global_read))
@ -558,7 +558,7 @@ class Categories
foreach(explode(',',$category['owner']) as $owner)
{
$owner_grant = $owner_grant || (($this->grants[$owner] & $needed) &&
($category['access'] == 'public' || ($this->grants[$owner] & EGW_ACL_PRIVATE)));
($category['access'] == 'public' || ($this->grants[$owner] & Acl::PRIVAT)));
}
return $acl_grant && $owner_grant;
}
@ -704,7 +704,7 @@ class Categories
if (isset($values['old_parent']) && (int)$values['old_parent'] != (int)$values['parent'])
{
$ret = $this->check_consistency4update($values);
if ($ret !== true) throw new Exception\WrongUserinput($ret);
if ($ret !== true) throw new Exception\WrongUserInput($ret);
// everything seems in order -> proceed
$values['level'] = ($values['parent'] ? $this->id2name($values['parent'],'level')+1:0);
$this->adapt_level_in_subtree($values);
@ -717,7 +717,7 @@ class Categories
if ($values['parent'] > 0)
{
$ret = $this->check_consistency4update($values);
if ($ret !== true) throw new Exception\WrongUserinput($ret);
if ($ret !== true) throw new Exception\WrongUserInput($ret);
// everything seems in order -> proceed
$values['main'] = $this->id2name($values['parent'],'main');
@ -1056,7 +1056,7 @@ class Categories
static $cat2color = array();
// ACL check
$cats = $GLOBALS['egw']->categories->check_list(EGW_ACL_READ, $_cats);
$cats = $GLOBALS['egw']->categories->check_list(Acl::READ, $_cats);
if (!$cats) return null;

View File

@ -66,7 +66,7 @@ class Config
/**
* reads the whole repository for $this->appname, appname has to be set via the constructor
*
* You can also use the static config::read($app) method, without instanciating the class.
* You can also use the static Config::read($app) method, without instanciating the class.
*
* @return array the whole config-array for that app
*/
@ -95,7 +95,7 @@ class Config
if (!isset($this->config_data[$name])) // has been deleted
{
self::save_value($name, null, $this->appname, false);
//self::$db->delete(config::TABLE,array('config_app'=>$this->appname,'config_name'=>$name),__LINE__,__FILE__);
//self::$db->delete(self::TABLE,array('config_app'=>$this->appname,'config_name'=>$name),__LINE__,__FILE__);
}
}
@ -126,9 +126,8 @@ class Config
{
if (!$app && (!isset($this) || !is_a($this,__CLASS__)))
{
throw new Exception\WrongParameter('$app parameter required for static call of config::save_value($name,$value,$app)!');
throw new Exception\WrongParameter('$app parameter required for static call of Config::save_value($name,$value,$app)!');
}
//echo "<p>config::save_value('$name','".print_r($value,True)."','$app')</p>\n";
if (!$app || isset($this) && is_a($this,__CLASS__) && $app == $this->appname)
{
$app = $this->appname;
@ -138,7 +137,7 @@ class Config
{
self::init_static();
}
//echo "<p>config::save_value('$name','".print_r($value,True)."','$app')</p>\n";
if (isset(self::$configs[$app][$name]) && self::$configs[$app][$name] === $value)
{
return True; // no change ==> exit
@ -147,13 +146,13 @@ class Config
if (!isset($value) || $value === '')
{
if (isset(self::$configs[$app])) unset(self::$configs[$app][$name]);
self::$db->delete(config::TABLE,array('config_app'=>$app,'config_name'=>$name),__LINE__,__FILE__);
self::$db->delete(self::TABLE,array('config_app'=>$app,'config_name'=>$name),__LINE__,__FILE__);
}
else
{
self::$configs[$app][$name] = $value;
if(is_array($value)) $value = json_encode($value);
self::$db->insert(config::TABLE,array('config_value'=>$value),array('config_app'=>$app,'config_name'=>$name),__LINE__,__FILE__);
self::$db->insert(self::TABLE,array('config_value'=>$value),array('config_app'=>$app,'config_name'=>$name),__LINE__,__FILE__);
}
if ($update_cache)
{
@ -176,7 +175,7 @@ class Config
{
self::init_static();
}
self::$db->delete(config::TABLE,array('config_app' => $this->appname),__LINE__,__FILE__);
self::$db->delete(self::TABLE,array('config_app' => $this->appname),__LINE__,__FILE__);
unset(self::$configs[$this->appname]);
Cache::setInstance(__CLASS__, 'configs', self::$configs);
@ -345,7 +344,7 @@ class Config
if (!(self::$configs = Cache::getInstance(__CLASS__, 'configs')) || !is_array(self::$configs['phpgwapi']))
{
self::$configs = array();
foreach(self::$db->select(config::TABLE,'*',false,__LINE__,__FILE__) as $row)
foreach(self::$db->select(self::TABLE,'*',false,__LINE__,__FILE__) as $row)
{
self::$configs[$row['config_app']][$row['config_name']] = self::unserialize($row['config_value']);
//error_log(__METHOD__."() configs[$row[config_app]][$row[config_name]]=".array2string(self::$configs[$row['config_app']][$row['config_name']]));

View File

@ -334,13 +334,13 @@ class Contacts extends Contacts\Storage
/**
* Get the availible addressbooks of the user
*
* @param int $required =EGW_ACL_READ required rights on the addressbook or multiple rights or'ed together,
* @param int $required =Acl::READ required rights on the addressbook or multiple rights or'ed together,
* to return only addressbooks fullfilling all the given rights
* @param string $extra_label first label if given (already translated)
* @param int $user =null account_id or null for current user
* @return array with owner => label pairs
*/
function get_addressbooks($required=EGW_ACL_READ,$extra_label=null,$user=null)
function get_addressbooks($required=Acl::READ,$extra_label=null,$user=null)
{
if (is_null($user))
{
@ -371,11 +371,11 @@ class Contacts extends Contacts\Storage
asort($to_sort);
$addressbooks += $to_sort;
}
if ($required != EGW_ACL_ADD && // do NOT allow to set accounts as default addressbook (AB can add accounts)
if ($required != Acl::ADD && // do NOT allow to set accounts as default addressbook (AB can add accounts)
!$preferences['addressbook']['hide_accounts'] && (
($grants[0] & $required) == $required ||
$preferences['common']['account_selection'] == 'groupmembers' &&
$this->account_repository != 'ldap' && ($required & EGW_ACL_READ)))
$this->account_repository != 'ldap' && ($required & Acl::READ)))
{
$addressbooks[0] = lang('Accounts');
}
@ -808,7 +808,7 @@ class Contacts extends Contacts\Storage
$id = is_array($c) ? $c['id'] : $c;
$ok = false;
if ($this->check_perms(EGW_ACL_DELETE,$c,$deny_account_delete))
if ($this->check_perms(Acl::DELETE,$c,$deny_account_delete))
{
if (!($old = $this->read($id))) return false;
// check if we only mark contacts as deleted, or really delete them
@ -895,7 +895,7 @@ class Contacts extends Contacts\Storage
{
$contact['private'] = 0;
}
if(!$ignore_acl && !$this->check_perms($isUpdate ? EGW_ACL_EDIT : EGW_ACL_ADD,$contact))
if(!$ignore_acl && !$this->check_perms($isUpdate ? Acl::EDIT : Acl::ADD,$contact))
{
$this->error = 'access denied';
return false;
@ -1087,7 +1087,7 @@ class Contacts extends Contacts\Storage
{
$data = null; // not found
}
elseif (!$ignore_acl && !$this->check_perms(EGW_ACL_READ,$data))
elseif (!$ignore_acl && !$this->check_perms(Acl::READ,$data))
{
$data = false; // no view perms
}
@ -1118,7 +1118,7 @@ class Contacts extends Contacts\Storage
* If the access of a contact is set to private, one need a private grant for a personal addressbook
* or the group membership for a group-addressbook
*
* @param int $needed necessary ACL right: EGW_ACL_{READ|EDIT|DELETE}
* @param int $needed necessary ACL right: Acl::{READ|EDIT|DELETE}
* @param mixed $contact contact as array or the contact-id
* @param boolean $deny_account_delete =false if true never allow to delete accounts
* @param int $user =null for which user to check, default current user
@ -1147,17 +1147,17 @@ class Contacts extends Contacts\Storage
$owner = $contact['owner'];
// allow the user to edit his own account
if (!$owner && $needed == EGW_ACL_EDIT && $contact['account_id'] == $user && $this->own_account_acl)
if (!$owner && $needed == Acl::EDIT && $contact['account_id'] == $user && $this->own_account_acl)
{
$access = true;
}
// dont allow to delete own account (as admin handels it too)
elseif (!$owner && $needed == EGW_ACL_DELETE && ($deny_account_delete || $contact['account_id'] == $user))
elseif (!$owner && $needed == Acl::DELETE && ($deny_account_delete || $contact['account_id'] == $user))
{
$access = false;
}
// for reading accounts (owner == 0) and account_selection == groupmembers, check if current user and contact are groupmembers
elseif ($owner == 0 && $needed == EGW_ACL_READ &&
elseif ($owner == 0 && $needed == Acl::READ &&
$GLOBALS['egw_info']['user']['preferences']['common']['account_selection'] == 'groupmembers' &&
!isset($GLOBALS['egw_info']['user']['apps']['admin']))
{
@ -1166,7 +1166,7 @@ class Contacts extends Contacts\Storage
else
{
$access = ($grants[$owner] & $needed) &&
(!$contact['private'] || ($grants[$owner] & EGW_ACL_PRIVATE) || in_array($owner,$memberships));
(!$contact['private'] || ($grants[$owner] & Acl::PRIVAT) || in_array($owner,$memberships));
}
//error_log(__METHOD__."($needed,$contact[id],$deny_account_delete,$user) returning ".array2string($access));
return $access;
@ -1176,7 +1176,7 @@ class Contacts extends Contacts\Storage
* Check access to the file store
*
* @param int|array $id id of entry or entry array
* @param int $check EGW_ACL_READ for read and EGW_ACL_EDIT for write or delete access
* @param int $check Acl::READ for read and Acl::EDIT for write or delete access
* @param string $rel_path =null currently not used in InfoLog
* @param int $user =null for which user to check, default current user
* @return boolean true if access is granted or false otherwise
@ -1410,7 +1410,7 @@ class Contacts extends Contacts\Storage
}
if ($fields)
{
if (!$this->check_perms(EGW_ACL_EDIT,$member) || !$this->save($member))
if (!$this->check_perms(Acl::EDIT,$member) || !$this->save($member))
{
++$failed_members;
}
@ -1765,7 +1765,7 @@ class Contacts extends Contacts\Storage
$target = $contacts[0];
unset($contacts[0]);
}
if (!$this->check_perms(EGW_ACL_EDIT,$target))
if (!$this->check_perms(Acl::EDIT,$target))
{
echo $this->error = 'No edit permission for the target contact!';
return 0;
@ -1809,7 +1809,7 @@ class Contacts extends Contacts\Storage
$success = 1;
foreach($contacts as $contact)
{
if (!$this->check_perms(EGW_ACL_DELETE,$contact))
if (!$this->check_perms(Acl::DELETE,$contact))
{
continue;
}
@ -1875,7 +1875,7 @@ class Contacts extends Contacts\Storage
*/
function add_list($keys,$owner,$contacts=array(),array &$data=array())
{
if (!$this->check_list(null,EGW_ACL_ADD|EGW_ACL_EDIT,$owner)) return false;
if (!$this->check_list(null,Acl::ADD|Acl::EDIT,$owner)) return false;
try {
$ret = parent::add_list($keys,$owner,$contacts,$data);
@ -1899,7 +1899,7 @@ class Contacts extends Contacts\Storage
*/
function add2list($contact,$list,array $existing=null)
{
if (!$this->check_list($list,EGW_ACL_EDIT)) return false;
if (!$this->check_list($list,Acl::EDIT)) return false;
unset(self::$list_cache[$list]);
@ -1915,7 +1915,7 @@ class Contacts extends Contacts\Storage
*/
function remove_from_list($contact,$list=null)
{
if ($list && !$this->check_list($list,EGW_ACL_EDIT)) return false;
if ($list && !$this->check_list($list,Acl::EDIT)) return false;
if ($list)
{
@ -1937,7 +1937,7 @@ class Contacts extends Contacts\Storage
*/
function delete_list($list)
{
if (!$this->check_list($list,EGW_ACL_DELETE)) return false;
if (!$this->check_list($list,Acl::DELETE)) return false;
foreach((array)$list as $l)
{
@ -2050,7 +2050,7 @@ class Contacts extends Contacts\Storage
{
foreach ($old_categories as $cat_id)
{
if (!$this->categories->check_perms(EGW_ACL_READ, $cat_id))
if (!$this->categories->check_perms(Acl::READ, $cat_id))
{
$old_cats_preserve[] = $cat_id;
}
@ -2108,7 +2108,7 @@ class Contacts extends Contacts\Storage
$cat_list = array();
foreach($cat_id_list as $cat_id)
{
if ($cat_id && $this->categories->check_perms(EGW_ACL_READ, $cat_id) &&
if ($cat_id && $this->categories->check_perms(Acl::READ, $cat_id) &&
($cat_name = $this->categories->id2name($cat_id)) && $cat_name != '--')
{
$cat_list[] = $cat_name;

View File

@ -344,20 +344,20 @@ class Storage
// ToDo: be more specific for 'groupmembers', they should be able to see the groupmembers
if (!in_array($preferences['common']['account_selection'], array('none','groupmembers')))
{
$grants[0] = EGW_ACL_READ;
$grants[0] = Api\Acl::READ;
}
// add account grants for admins (only for current user!)
if ($user == $this->user && $this->is_admin()) // admin rights can be limited by ACL!
{
$grants[0] = EGW_ACL_READ; // admins always have read-access
if (!$GLOBALS['egw']->acl->check('account_access',16,'admin')) $grants[0] |= EGW_ACL_EDIT;
if (!$GLOBALS['egw']->acl->check('account_access',4,'admin')) $grants[0] |= EGW_ACL_ADD;
if (!$GLOBALS['egw']->acl->check('account_access',32,'admin')) $grants[0] |= EGW_ACL_DELETE;
$grants[0] = Api\Acl::READ; // admins always have read-access
if (!$GLOBALS['egw']->acl->check('account_access',16,'admin')) $grants[0] |= Api\Acl::EDIT;
if (!$GLOBALS['egw']->acl->check('account_access',4,'admin')) $grants[0] |= Api\Acl::ADD;
if (!$GLOBALS['egw']->acl->check('account_access',32,'admin')) $grants[0] |= Api\Acl::DELETE;
}
// allow certain groups to edit contact-data of accounts
if (self::allow_account_edit($user))
{
$grants[0] |= EGW_ACL_READ|EGW_ACL_EDIT;
$grants[0] |= Api\Acl::READ|Api\Acl::EDIT;
}
}
else
@ -985,12 +985,12 @@ class Storage
/**
* Get the availible distribution lists for a user
*
* @param int $required =EGW_ACL_READ required rights on the list or multiple rights or'ed together,
* @param int $required =Api\Acl::READ required rights on the list or multiple rights or'ed together,
* to return only lists fullfilling all the given rights
* @param string $extra_labels =null first labels if given (already translated)
* @return array with id => label pairs or false if backend does not support lists
*/
function get_lists($required=EGW_ACL_READ,$extra_labels=null)
function get_lists($required=Api\Acl::READ,$extra_labels=null)
{
if (!method_exists($this->somain,'get_lists')) return false;

View File

@ -556,7 +556,7 @@ class DateTime extends \DateTime
self::$server_timezone = new DateTimeZone('Europe/Berlin');
}
error_log(__METHOD__."() invalid server_timezone='{$GLOBALS['egw_info']['server']['server_timezone']}' setting now '".self::$server_timezone->getName()."'!");
config::save_value('server_timezone',$GLOBALS['egw_info']['server']['server_timezone'] = self::$server_timezone->getName(),'phpgwapi');
Config::save_value('server_timezone',$GLOBALS['egw_info']['server']['server_timezone'] = self::$server_timezone->getName(),'phpgwapi');
}
if (!isset($GLOBALS['egw_info']['user']['preferences']['common']['tz']))
{

View File

@ -371,7 +371,7 @@ class Egw extends Egw\Base
{
$GLOBALS['egw']->session->destroy($sessionid);
}
throw new Exception\Redirect(egw::link('/logout.php'));
throw new Exception\Redirect(self::link('/logout.php'));
}
if ($currentapp == 'admin' || $GLOBALS['egw_info']['flags']['admin_only'])
{

View File

@ -124,7 +124,7 @@ class Taglist extends Etemplate\Widget
}
if($this->type == 'taglist-email' && $this->attrs['include_lists'] && is_numeric($val))
{
$lists = $GLOBALS['egw']->contacts->get_lists(EGW_ACL_READ);
$lists = $GLOBALS['egw']->contacts->get_lists(Api\Acl::READ);
if(!array_key_exists($val, $lists))
{
self::set_validation_error($form_name,lang("'%1' is NOT allowed ('%2')!",$val,implode("','",array_keys($lists))),'');

View File

@ -1581,7 +1581,7 @@ class Link extends Link\Storage
* @param string $app
* @param int|string $id
* @param string $title title string or null
* @param int $file_access =null EGW_ACL_READ, EGW_ACL_EDIT or both or'ed together
* @param int $file_access =null Acl::READ, Acl::EDIT or both or'ed together
*/
public static function set_cache($app,$id,$title,$file_access=null)
{
@ -1682,12 +1682,12 @@ class Link extends Link\Storage
* @ToDo $rel_path is not yet implemented, as no app use it currently
* @param string $app
* @param string|int $id id of entry
* @param int $required =EGW_ACL_READ EGW_ACL_{READ|EDIT}
* @param int $required =Acl::READ Acl::{READ|EDIT}
* @param string $rel_path =null
* @param int $user =null default null = current user
* @return boolean true if access granted, false otherwise
*/
static function file_access($app,$id,$required=EGW_ACL_READ,$rel_path=null,$user=null)
static function file_access($app,$id,$required=Acl::READ,$rel_path=null,$user=null)
{
// are we called for an other user
if ($user && $user != $GLOBALS['egw_info']['user']['account_id'])
@ -1709,15 +1709,15 @@ class Link extends Link\Storage
$cache =& self::get_cache($app,$id,'file_access');
if (!isset($cache) || $required == EGW_ACL_EDIT && !($cache & $required))
if (!isset($cache) || $required == Acl::EDIT && !($cache & $required))
{
if(($method = self::get_registry($app,'file_access')))
{
$cache |= ExecMethod2($method,$id,$required,$rel_path) ? $required|EGW_ACL_READ : 0;
$cache |= ExecMethod2($method,$id,$required,$rel_path) ? $required|Acl::READ : 0;
}
else
{
$cache |= self::title($app,$id) ? EGW_ACL_READ|EGW_ACL_EDIT : 0;
$cache |= self::title($app,$id) ? Acl::READ|Acl::EDIT : 0;
}
//error_log(__METHOD__."($app,$id,$required,$rel_path) got $cache --> ".($cache & $required ? 'true' : 'false'));
}

View File

@ -892,7 +892,7 @@ class Account implements \ArrayAccess
/**
* Check which rights current user has on mail-account
*
* @param int $rights EGW_ACL_(READ|EDIT|DELETE)
* @param int $rights Api\Acl::(READ|EDIT|DELETE)
* @param array|Account $account account array or object
* @return boolean
*/
@ -920,12 +920,12 @@ class Account implements \ArrayAccess
{
switch($rights)
{
case EGW_ACL_READ:
case Api\Acl::READ:
$access = true;
break;
case EGW_ACL_EDIT:
case EGW_ACL_DELETE:
case Api\Acl::EDIT:
case Api\Acl::DELETE:
// users have only edit/delete rights on accounts marked as user-editable AND belonging to them personally
if (!$account['acc_user_editable'])
{

View File

@ -541,7 +541,7 @@ class Mailer extends Horde_Mime_Mail
if (!isset($flowed)) $flowed = $this->_body && $this->_body->getType() != 'multipart/encrypted';
// check if flowed is disabled in mail site configuration
if (($config = config::read('mail')) && $config['disable_rfc3676_flowed'])
if (($config = Config::read('mail')) && $config['disable_rfc3676_flowed'])
{
$flowed = false;
}

View File

@ -937,7 +937,7 @@ class Session
$this->account_id = $GLOBALS['egw']->accounts->name2id($this->account_lid,'account_lid','u');
if (!$this->account_id)
{
if (self::ERROR_LOG_DEBUG) error_log("*** session::verify($sessionid) !accounts::name2id('$this->account_lid')");
if (self::ERROR_LOG_DEBUG) error_log("*** Session::verify($sessionid) !accounts::name2id('$this->account_lid')");
return false;
}
@ -955,7 +955,7 @@ class Session
if ($GLOBALS['egw']->accounts->is_expired($GLOBALS['egw_info']['user']))
{
if (self::ERROR_LOG_DEBUG) error_log("*** session::verify($sessionid) accounts is expired");
if (self::ERROR_LOG_DEBUG) error_log("*** Session::verify($sessionid) accounts is expired");
return false;
}
$this->passwd = base64_decode(Cache::getSession('phpgwapi', 'password'));
@ -966,7 +966,7 @@ class Session
}
if ($this->account_domain != $GLOBALS['egw_info']['user']['domain'])
{
if (self::ERROR_LOG_DEBUG) error_log("*** session::verify($sessionid) wrong domain");
if (self::ERROR_LOG_DEBUG) error_log("*** Session::verify($sessionid) wrong domain");
return false;
}
@ -975,7 +975,7 @@ class Session
if (strtoupper(substr(PHP_OS,0,3)) != 'WIN' && (!$GLOBALS['egw_info']['user']['session_ip'] ||
$GLOBALS['egw_info']['user']['session_ip'] != $this->getuser_ip()))
{
if (self::ERROR_LOG_DEBUG) error_log("*** session::verify($sessionid) wrong IP");
if (self::ERROR_LOG_DEBUG) error_log("*** Session::verify($sessionid) wrong IP");
return false;
}
}
@ -988,7 +988,7 @@ class Session
}
if (!$this->account_lid)
{
if (self::ERROR_LOG_DEBUG) error_log("*** session::verify($sessionid) !account_lid");
if (self::ERROR_LOG_DEBUG) error_log("*** Session::verify($sessionid) !account_lid");
return false;
}
@ -1007,13 +1007,13 @@ class Session
$_REQUEST[self::EGW_SESSION_NAME] === $this->sessionid &&
(!isset($_COOKIE[self::EGW_SESSION_NAME]) || $_COOKIE[self::EGW_SESSION_NAME] !== $_REQUEST[self::EGW_SESSION_NAME]))
{
if (self::ERROR_LOG_DEBUG) error_log("--> session::verify($sessionid) SUCCESS, but NO required cookies set --> setting them now");
if (self::ERROR_LOG_DEBUG) error_log("--> Session::verify($sessionid) SUCCESS, but NO required cookies set --> setting them now");
self::egw_setcookie(self::EGW_SESSION_NAME,$this->sessionid);
self::egw_setcookie('kp3',$this->kp3);
self::egw_setcookie('domain',$this->account_domain);
}
if (self::ERROR_LOG_DEBUG) error_log("--> session::verify($sessionid) SUCCESS");
if (self::ERROR_LOG_DEBUG) error_log("--> Session::verify($sessionid) SUCCESS");
return true;
}

View File

@ -111,8 +111,8 @@ class StreamWrapper extends LinksParent
// which gives him then read AND write access to the file store of the entry
else
{
// vfs & stream-wrapper use posix rights, Api\Link::file_access uses EGW_ACL_{EDIT|READ}!
$required = $check & Vfs::WRITABLE ? EGW_ACL_EDIT : EGW_ACL_READ;
// vfs & stream-wrapper use posix rights, Api\Link::file_access uses Api\Acl::{EDIT|READ}!
$required = $check & Vfs::WRITABLE ? Api\Acl::EDIT : Api\Acl::READ;
$access = Api\Link::file_access($app,$id,$required,$rel_path,Vfs::$user);
$what = "from Api\Link::file_access('$app',$id,$required,'$rel_path,".Vfs::$user.")";
}

View File

@ -1855,7 +1855,7 @@ class StreamWrapper implements Vfs\StreamWrapperIface
{
return false;
}
if (!Vfs::check_access($path,EGW_ACL_EDIT,$stat))
if (!Vfs::check_access($path,Api\Acl::EDIT,$stat))
{
return false; // permission denied
}