forked from extern/egroupware
Added basic ACL support (needs one last bit to be correct), $fakebase is now special, and removed checkboxes for / and $fakebase
This commit is contained in:
parent
303110b926
commit
20bf89517c
@ -83,9 +83,6 @@ $now = date ("Y-m-d");
|
|||||||
//This will hopefully be replaced by a session management working_id
|
//This will hopefully be replaced by a session management working_id
|
||||||
//if (!$phpgw->vfs->working_id = preg_replace ("/\$fakebase\/(.*)\/(.*)$/U", "\\1", $path))
|
//if (!$phpgw->vfs->working_id = preg_replace ("/\$fakebase\/(.*)\/(.*)$/U", "\\1", $path))
|
||||||
|
|
||||||
$userinfo["working_id"] = $phpgw->vfs->working_id;
|
|
||||||
$userinfo["working_lid"] = $phpgw->accounts->id2name ($userinfo["working_id"]);
|
|
||||||
|
|
||||||
if ($phpwh_debug)
|
if ($phpwh_debug)
|
||||||
{
|
{
|
||||||
echo "<b>PHPWebHosting debug:</b><br>
|
echo "<b>PHPWebHosting debug:</b><br>
|
||||||
@ -101,8 +98,57 @@ if ($phpwh_debug)
|
|||||||
pwd: " . $phpgw->vfs->pwd () . "<br>";
|
pwd: " . $phpgw->vfs->pwd () . "<br>";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
###
|
||||||
|
# Get their memberships to be used throughout the script
|
||||||
|
###
|
||||||
|
|
||||||
|
$memberships = $phpgw->accounts->memberships ($userinfo["username"]);
|
||||||
|
|
||||||
|
###
|
||||||
|
# We determine if they're in their home directory or a group's directory
|
||||||
|
# If they request a group's directory, we ensure they have access to the group,
|
||||||
|
# and the group has access to the app
|
||||||
|
###
|
||||||
|
|
||||||
|
if ((preg_match ("+^$fakebase\/(.*)(\/|$)+U", $path, $matches)) && $matches[1] != $userinfo["account_lid"])
|
||||||
|
{
|
||||||
|
$phpgw->vfs->working_id = $phpgw->accounts->name2id ($matches[1]);
|
||||||
|
|
||||||
|
reset ($memberships);
|
||||||
|
while (list ($num, $group_array) = each ($memberships))
|
||||||
|
{
|
||||||
|
if ($matches[1] == $group_array["account_name"])
|
||||||
|
{
|
||||||
|
$group_ok = 1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (!$group_ok)
|
||||||
|
{
|
||||||
|
echo $phpgw->common->error_list (array ("You do not have access to group/directory $matches[1]"));
|
||||||
|
html_page_close ();
|
||||||
|
}
|
||||||
|
|
||||||
|
/* WIP - how are we actually supposed to use the API to determine if a group has access to an app?
|
||||||
|
$group_acl = CreateObject('phpgwapi.acl', $phpgw->accounts->name2id ($matches[1]));
|
||||||
|
if ($group_acl->get_specific_rights () == False)
|
||||||
|
{
|
||||||
|
echo $phpgw->common->error_list (array ("The group $matches[1] does not have access to $appname"));
|
||||||
|
html_page_close ();
|
||||||
|
}
|
||||||
|
*/
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
$phpgw->vfs->working_id = $userinfo["username"];
|
||||||
|
}
|
||||||
|
|
||||||
|
$userinfo["working_id"] = $phpgw->vfs->working_id;
|
||||||
|
$userinfo["working_lid"] = $phpgw->accounts->id2name ($userinfo["working_id"]);
|
||||||
|
|
||||||
###
|
###
|
||||||
# If their home directory doesn't exist, we create it
|
# If their home directory doesn't exist, we create it
|
||||||
|
# Same for group directories
|
||||||
###
|
###
|
||||||
|
|
||||||
if (($path == $homedir) && !$phpgw->vfs->file_exists ($homedir, array (RELATIVE_NONE)))
|
if (($path == $homedir) && !$phpgw->vfs->file_exists ($homedir, array (RELATIVE_NONE)))
|
||||||
@ -153,9 +199,8 @@ if ($path == $fakebase)
|
|||||||
$files_array[] = $phpgw->vfs->ls ($homedir, array (RELATIVE_NONE), False, False, True);
|
$files_array[] = $phpgw->vfs->ls ($homedir, array (RELATIVE_NONE), False, False, True);
|
||||||
$numoffiles++;
|
$numoffiles++;
|
||||||
|
|
||||||
$groups = $phpgw->accounts->memberships ($userinfo["username"]);
|
reset ($memberships);
|
||||||
|
while (list ($num, $group_array) = each ($memberships))
|
||||||
while (list ($num, $group_array) = each ($groups))
|
|
||||||
{
|
{
|
||||||
if (!$phpgw->vfs->file_exists ("$fakebase/$group_array[account_name]", array (RELATIVE_NONE)))
|
if (!$phpgw->vfs->file_exists ("$fakebase/$group_array[account_name]", array (RELATIVE_NONE)))
|
||||||
{
|
{
|
||||||
@ -334,7 +379,7 @@ if (!$op && !$delete && !$createdir && !$renamefiles && !$move && !$copy && !$ed
|
|||||||
|
|
||||||
html_table_col_begin ("right");
|
html_table_col_begin ("right");
|
||||||
|
|
||||||
if (!$rename && !$edit_comments)
|
if (!$rename && !$edit_comments && $path != $fakebase && $path != "/")
|
||||||
{
|
{
|
||||||
html_form_input ("checkbox", "fileman[$i]", "$files[name]");
|
html_form_input ("checkbox", "fileman[$i]", "$files[name]");
|
||||||
}
|
}
|
||||||
@ -576,25 +621,53 @@ if (!$op && !$delete && !$createdir && !$renamefiles && !$move && !$copy && !$ed
|
|||||||
html_form_input ("submit", "move", "Move to:");
|
html_form_input ("submit", "move", "Move to:");
|
||||||
html_form_select_begin ("todir");
|
html_form_select_begin ("todir");
|
||||||
|
|
||||||
$query3 = db_query ("SELECT name, directory FROM phpgw_vfs WHERE owner_id = '$userinfo[username]' AND mime_type = 'Directory' ORDER BY name");
|
###
|
||||||
while ($dirs = db_fetch_array ($query3))
|
# First we get the directories in their home directory
|
||||||
|
###
|
||||||
|
|
||||||
|
$dirs[] = array ("directory" => $fakebase, "name" => $userinfo["account_lid"]);
|
||||||
|
|
||||||
|
$ls_array = $phpgw->vfs->ls ($homedir, array (RELATIVE_NONE), True, "Directory");
|
||||||
|
while (list ($num, $dir) = each ($ls_array))
|
||||||
|
{
|
||||||
|
$dirs[] = $dir;
|
||||||
|
}
|
||||||
|
|
||||||
|
###
|
||||||
|
# Then we get the directories in their membership's home directories
|
||||||
|
###
|
||||||
|
|
||||||
|
reset ($memberships);
|
||||||
|
while (list ($num, $group_array) = each ($memberships))
|
||||||
|
{
|
||||||
|
$dirs[] = array ("directory" => $fakebase, "name" => $group_array["account_name"]);
|
||||||
|
|
||||||
|
$ls_array = $phpgw->vfs->ls ("$fakebase/$group_array[account_name]", array (RELATIVE_NONE), True, "Directory");
|
||||||
|
while (list ($num, $dir) = each ($ls_array))
|
||||||
|
{
|
||||||
|
$dirs[] = $dir;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
reset ($dirs);
|
||||||
|
while (list ($num, $dir) = each ($dirs))
|
||||||
{
|
{
|
||||||
###
|
###
|
||||||
# So we don't display //
|
# So we don't display //
|
||||||
###
|
###
|
||||||
|
|
||||||
if ($dirs["directory"] != '/')
|
if ($dir["directory"] != '/')
|
||||||
{
|
{
|
||||||
$dirs["directory"] .= '/';
|
$dir["directory"] .= '/';
|
||||||
}
|
}
|
||||||
|
|
||||||
###
|
###
|
||||||
# No point in displaying the current directory
|
# No point in displaying the current directory
|
||||||
###
|
###
|
||||||
|
|
||||||
if (($dirs["directory"] . $dirs["name"]) != $path)
|
if (($dir["directory"] . $dir["name"]) != $path)
|
||||||
{
|
{
|
||||||
html_form_option ($dirs["directory"] . $dirs["name"]);
|
html_form_option ($dir["directory"] . $dir["name"]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user