egw_cats = new Api\Categories($user, 'resources'); $this->debug = False; //all this is only needed when called from uiacl. if($session) { $this->read_sessiondata(); $this->use_session = True; foreach(array('start','query','sort','order') as $var) { if (isset($_POST[$var])) { $this->$var = $_POST[$var]; } elseif (isset($_GET[$var])) { $this->$var = $_GET[$var]; } } $this->save_sessiondata(); $this->cats = $this->egw_cats->return_sorted_array(0,false,'','','',true); } } /** * get list of cats where current user has given rights * * @author Cornelius Weiss * @param int $perm_type one of Acl::READ, Acl::ADD, Acl::EDIT, Acl::DELETE, self::DIRECT_BOOKING * @param int $parent_id=0 cat_id of parent to return only children of that category * @return array cat_id => cat_name * TODO mark subcats and so on! */ function get_cats($perm_type,$parent_id=0) { $cats = $this->egw_cats->return_sorted_array(0,false,'','','',true,$parent_id); #_debug_array($cats); if (!is_array($cats)) $cats = array(); $perm_cats = array(); foreach($cats as $key=>$cat) { #echo "key:$key"._debug_array($value)."
"; #_debug_array($cat)."hier
"; if($this->is_permitted($cat['id'],$perm_type)) { $s = str_repeat(' ',$cat['level']) . stripslashes($cat['name']); if ($cat['app_name'] == 'phpgw' || $cat['owner'] == '-1') { $s .= ' ♦'; } $perm_cats[$cat['id']] = $s; } } return isset($perm_cats)?$perm_cats:array(); } /** * gets name of category * * @author Lukas Weiss * @param int $cat_id * @return mixed name of category */ static public function get_cat_name($cat_id) { return $GLOBALS['egw']->categories->id2name($cat_id); } /** * gets userid of admin for given category * * @author Cornelius Weiss * @param int $cat_id * @return int|null userid of cat admin or null for none set */ static public function get_cat_admin($cat_id) { $cat_rights = self::get_rights($cat_id); foreach ($cat_rights as $userid => $right) { if ($right & self::CAT_ADMIN) { return $userid; } } // check for an inherited cat admin if (($parent = $GLOBALS['egw']->categories->id2name($cat_id,'parent'))) { return self::get_cat_admin($parent); } return null; } /** * Permissions including inherited ones * * @var array cat_id => rights */ static private $permissions; static private $resource_acl; /** * Get permissions of current user on a given category * * @param int $cat_id * @return int */ static public function get_permissions($cat_id) { if (!isset(self::$permissions[$cat_id])) { if (is_null(self::$resource_acl)) { self::$resource_acl = $GLOBALS['egw']->acl->get_all_location_rights($GLOBALS['egw_info']['user']['account_id'],'resources',true); } self::$permissions[$cat_id] = (int)self::$resource_acl['L'.$cat_id]; if (($parent = $GLOBALS['egw']->categories->id2name($cat_id,'parent'))) { self::$permissions[$cat_id] |= self::get_permissions($parent); } } //echo "

".__METHOD__."($cat_id) = ".self::$permissions[$cat_id]."

\n"; return self::$permissions[$cat_id]; } /** * checks one of the following rights for current user: * * Acl::READ, Acl::ADD, Acl::EDIT, Acl::DELETE, self::DIRECT_BOOKING * * @param int $cat_id * @param int $right * @return boolean user is permitted or not for right */ static public function is_permitted($cat_id,$right) { if (!isset(self::$permissions[$cat_id])) { self::get_permissions($cat_id); } //echo "

".__METHOD__."($cat_id,$right) = ".self::$permissions[$cat_id]." & $right = ".(self::$permissions[$cat_id] & $right)."

\n"; return (boolean) (self::$permissions[$cat_id] & $right); } /** * gets all rights from all user for given cat * * @param int $cat_id * @return array userid => right */ static public function get_rights($cat_id) { return $GLOBALS['egw']->acl->get_all_rights('L'.$cat_id,'resources'); } static public function check_calendar_invite($uid) { $resources_config = Api\Config::read('resources'); $resources_so = new resources_so(); if ($resources_config['bookingrequests'] === 'disabled') { $resources_so = new resources_so(); $cat_id = $resources_so->get_value('cat_id', intval(substr($uid, 1))); return resources_acl_bo::is_permitted($cat_id, resources_acl_bo::DIRECT_BOOKING); } else { return true; } } // privat functions from here on ------------------------------------------------------------------------- function save_sessiondata() { $data = array( 'start' => $this->start, 'query' => $this->query, 'sort' => $this->sort, 'order' => $this->order, 'limit' => $this->limit, ); if($this->debug) { echo '
Read:'; _debug_array($data); } Api\Cache::setSession('resources_acl', 'session_data', $data); } function read_sessiondata() { $data = Api\Cache::getSession('resources_acl', 'session_data'); if($this->debug) { echo '
Read:'; _debug_array($data); } $this->start = $data['start']; $this->query = $data['query']; $this->sort = $data['sort']; $this->order = $data['order']; $this->limit = $data['limit']; } public static function set_rights($cat_id,$read,$write,$calread,$calbook,$admin) { // Clear cache unset(self::$permissions[$cat_id]); $readcat = $read ? $read : array(); $writecat = $write ? $write : array(); $calreadcat = $calread ? $calread : array(); $calbookcat = $calbook ? $calbook : array(); $admincat = $admin ? $admin : array(); $GLOBALS['egw']->acl->delete_repository('resources','L' . $cat_id,false); foreach(array_unique(array_merge($readcat, $writecat, $calreadcat, $calbookcat, $admincat)) as $account_id) { $rights = false; $rights = in_array($account_id,$readcat) ? ($rights | Acl::READ) : false; $rights = in_array($account_id,$writecat) ? ($rights | Acl::READ | Acl::ADD | Acl::EDIT | Acl::DELETE): $rights; $rights = in_array($account_id,$calreadcat) ? ($rights | self::CAL_READ) : $rights; $rights = in_array($account_id,$calbookcat) ? ($rights | self::DIRECT_BOOKING | self::CAL_READ) : $rights; $rights = in_array($account_id,$admincat) ? ($rights = 511) : $rights; if ($rights) { $GLOBALS['egw']->acl->add_repository('resources','L'.$cat_id,$account_id,$rights); } } } }