holm/egroupware
1
1
Fork 0
forked from extern/egroupware
Code Issues Pull Requests Packages Projects Releases Wiki Activity

new function get_grants() - who grants rights to an app

Browse Source
This commit is contained in:
skeeter 2001-02-11 19:07:56 +00:00
parent 3c55ebb349
commit 7551afd156
1 changed files with 86 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

133
phpgwapi/inc/class.acl.inc.php
View File

@ -48,14 +48,14 @@
function read_repository() function read_repository()
{ {
global $phpgw, $phpgw_info; global $phpgw, $phpgw_info;
$sql = "select * from phpgw_acl where (acl_account in (".$this->account_id.", 0"; $sql = 'select * from phpgw_acl where (acl_account in ('.$this->account_id.', 0';
// $equalto = $phpgw->accounts->security_equals($this->account_id); // $equalto = $phpgw->accounts->security_equals($this->account_id);
// if (is_array($equalto) && count($equalto) > 0){ // if (is_array($equalto) && count($equalto) > 0){
// for ($idx = 0; $idx < count($equalto); ++$idx){ // for ($idx = 0; $idx < count($equalto); ++$idx){
// $sql .= ",".$equalto[$idx][0]; // $sql .= ",".$equalto[$idx][0];
// } // }
// } // }
$sql .= "))"; $sql .= '))';
$this->db->query($sql ,__LINE__,__FILE__); $this->db->query($sql ,__LINE__,__FILE__);
$count = $this->db->num_rows(); $count = $this->db->num_rows();
$this->data = Array(); $this->data = Array();
@ -63,10 +63,10 @@
//reset ($this->data); //reset ($this->data);
//while(list($idx,$value) = each($this->data)){ //while(list($idx,$value) = each($this->data)){
$this->db->next_record(); $this->db->next_record();
$this->data[] = array("appname" => $this->db->f("acl_appname"), $this->data[] = array('appname' => $this->db->f('acl_appname'),
"location" => $this->db->f("acl_location"), 'location' => $this->db->f('acl_location'),
"account" => $this->db->f("acl_account"), 'account' => $this->db->f('acl_account'),
"rights" => $this->db->f("acl_rights") 'rights' => $this->db->f('acl_rights')
); );
} }
reset ($this->data); reset ($this->data);
@ -83,9 +83,9 @@
function add($appname = False, $location, $rights) function add($appname = False, $location, $rights)
{ {
if ($appname == False){ if ($appname == False){
$appname = $phpgw_info["flags"]["currentapp"]; $appname = $phpgw_info['flags']['currentapp'];
} }
$this->data[] = array("appname" => $appname, "location" => $location, "account" => $this->account_id, "rights" => $rights); $this->data[] = array('appname' => $appname, 'location' => $location, 'account' => $this->account_id, 'rights' => $rights);
reset($this->data); reset($this->data);
return $this->data; return $this->data;
} }
@ -93,12 +93,12 @@
function delete($appname = False, $location) function delete($appname = False, $location)
{ {
if ($appname == False){ if ($appname == False){
$appname = $phpgw_info["flags"]["currentapp"]; $appname = $phpgw_info['flags']['currentapp'];
} }
$count = count($this->data); $count = count($this->data);
reset ($this->data); reset ($this->data);
while(list($idx,$value) = each($this->data)){ while(list($idx,$value) = each($this->data)){
if ($this->data[$idx]["appname"] == $appname && $this->data[$idx]["location"] == $location && $this->data[$idx]["account"] == $this->account_id){ if ($this->data[$idx]['appname'] == $appname && $this->data[$idx]['location'] == $location && $this->data[$idx]['account'] == $this->account_id){
$this->data[$idx] = Array(); $this->data[$idx] = Array();
} }
} }
@ -110,15 +110,15 @@
global $phpgw, $phpgw_info; global $phpgw, $phpgw_info;
reset($this->data); reset($this->data);
$sql = "delete from phpgw_acl where acl_account = ".$this->account_id; $sql = 'delete from phpgw_acl where acl_account = '.$this->account_id;
$this->db->query($sql ,__LINE__,__FILE__); $this->db->query($sql ,__LINE__,__FILE__);
$count = count($this->data); $count = count($this->data);
reset ($this->data); reset ($this->data);
while(list($idx,$value) = each($this->data)){ while(list($idx,$value) = each($this->data)){
if ($this->data[$idx]["account"] == $this->account_id){ if ($this->data[$idx]['account'] == $this->account_id){
$sql = "insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights)"; $sql = 'insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights)';
$sql .= " values('".$this->data[$idx]["appname"]."', '".$this->data[$idx]["location"]."', ".$this->account_id.", ".$this->data[$idx]["rights"].")"; $sql .= " values('".$this->data[$idx]['appname']."', '".$this->data[$idx]['location']."', ".$this->account_id.', '.$this->data[$idx]['rights'].')';
$this->db->query($sql ,__LINE__,__FILE__); $this->db->query($sql ,__LINE__,__FILE__);
} }
} }
@ -135,18 +135,18 @@
if (count($this->data) == 0){ $this->read_repository(); } if (count($this->data) == 0){ $this->read_repository(); }
reset ($this->data); reset ($this->data);
if ($appname == False){ if ($appname == False){
$appname = $phpgw_info["flags"]["currentapp"]; $appname = $phpgw_info['flags']['currentapp'];
} }
$count = count($this->data); $count = count($this->data);
if ($count == 0 && $phpgw_info["server"]["acl_default"] != "deny"){ return True; } if ($count == 0 && $phpgw_info['server']['acl_default'] != 'deny'){ return True; }
$rights = 0; $rights = 0;
// for ($idx = 0; $idx < $count; ++$idx){ // for ($idx = 0; $idx < $count; ++$idx){
reset ($this->data); reset ($this->data);
while(list($idx,$value) = each($this->data)){ while(list($idx,$value) = each($this->data)){
if ($this->data[$idx]["appname"] == $appname) { if ($this->data[$idx]['appname'] == $appname) {
if ($this->data[$idx]["location"] == $location || $this->data[$idx]["location"] == 'everywhere'){ if ($this->data[$idx]['location'] == $location || $this->data[$idx]['location'] == 'everywhere'){
if ($this->data[$idx]["rights"] == 0){ return False; } if ($this->data[$idx]['rights'] == 0){ return False; }
$rights |= $this->data[$idx]["rights"]; $rights |= $this->data[$idx]['rights'];
} }
} }
} }
@ -163,20 +163,20 @@
global $phpgw, $phpgw_info; global $phpgw, $phpgw_info;
if ($appname == False){ if ($appname == False){
$appname = $phpgw_info["flags"]["currentapp"]; $appname = $phpgw_info['flags']['currentapp'];
} }
$count = count($this->data); $count = count($this->data);
if ($count == 0 && $phpgw_info["server"]["acl_default"] != "deny"){ return True; } if ($count == 0 && $phpgw_info['server']['acl_default'] != 'deny'){ return True; }
$rights = 0; $rights = 0;
reset ($this->data); reset ($this->data);
while(list($idx,$value) = each($this->data)){ while(list($idx,$value) = each($this->data)){
if ($this->data[$idx]["appname"] == $appname && if ($this->data[$idx]['appname'] == $appname &&
($this->data[$idx]["location"] == $location || $this->data[$idx]["location"] == 'everywhere') && ($this->data[$idx]['location'] == $location || $this->data[$idx]['location'] == 'everywhere') &&
$this->data[$idx]["account"] == $this->account_id) { $this->data[$idx]['account'] == $this->account_id) {
if ($this->data[$idx]["rights"] == 0){ return False; } if ($this->data[$idx]['rights'] == 0){ return False; }
$rights |= $this->data[$idx]["rights"]; $rights |= $this->data[$idx]['rights'];
} }
} }
return $rights; return $rights;
@ -195,19 +195,19 @@
$equalto = $phpgw->accounts->security_equals($this->account_id); $equalto = $phpgw->accounts->security_equals($this->account_id);
if (is_array($equalto) && count($equalto) > 0){ if (is_array($equalto) && count($equalto) > 0){
for ($idx = 0; $idx < count($equalto); ++$idx){ for ($idx = 0; $idx < count($equalto); ++$idx){
$sql .= ",".$equalto[$idx][0]; $sql .= ','.$equalto[$idx][0];
} }
} }
$sql .= ")))"; $sql .= ')))';
$this->db->query($sql ,__LINE__,__FILE__); $this->db->query($sql ,__LINE__,__FILE__);
$rights = 0; $rights = 0;
if ($this->db->num_rows() == 0 ){ return False; } if ($this->db->num_rows() == 0 ){ return False; }
while ($this->db->next_record()) { while ($this->db->next_record()) {
if ($this->db->f("acl_rights") == 0){ return False; } if ($this->db->f('acl_rights') == 0){ return False; }
$rights |= $this->db->f("acl_rights"); $rights |= $this->db->f('acl_rights');
if (!!($rights & $required) == True){ if (!!($rights & $required) == True){
$locations[] = $this->db->f("acl_location"); $locations[] = $this->db->f('acl_location');
}else{ }else{
return False; return False;
} }
@ -222,23 +222,23 @@ It should use the values in the $this->data
function get_location_list($app, $required){ function get_location_list($app, $required){
global $phpgw, $phpgw_info; global $phpgw, $phpgw_info;
if ($appname == False){ if ($appname == False){
$appname = $phpgw_info["flags"]["currentapp"]; $appname = $phpgw_info['flags']['currentapp'];
} }
$count = count($this->data); $count = count($this->data);
if ($count == 0 && $phpgw_info["server"]["acl_default"] != "deny"){ return True; } if ($count == 0 && $phpgw_info['server']['acl_default'] != 'deny'){ return True; }
$rights = 0; $rights = 0;
reset ($this->data); reset ($this->data);
while(list($idx,$value) = each($this->data)){ while(list($idx,$value) = each($this->data)){
if ($this->data[$idx]["appname"] == $appname && $this->data[$idx]["rights"] != 0){ if ($this->data[$idx]['appname'] == $appname && $this->data[$idx]['rights'] != 0){
$location_rights[$this->data[$idx]["location"]] |= $this->data[$idx]["rights"]; $location_rights[$this->data[$idx]['location']] |= $this->data[$idx]['rights'];
} }
} }
reset($location_rights); reset($location_rights);
for ($idx = 0; $idx < count($location_rights); ++$idx){ for ($idx = 0; $idx < count($location_rights); ++$idx){
if (!!($location_rights[$idx] & $required) == True){ if (!!($location_rights[$idx] & $required) == True){
$location_rights[] = $this->data[$idx]["location"]; $location_rights[] = $this->data[$idx]['location'];
} }
} }
return $locations; return $locations;
@ -251,8 +251,8 @@ It should use the values in the $this->data
function add_repository($app, $location, $account_id, $rights){ function add_repository($app, $location, $account_id, $rights){
$this->delete_repository($app, $location, $account_id); $this->delete_repository($app, $location, $account_id);
$sql = "insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights)"; $sql = 'insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights)';
$sql .= " values('".$app."', '".$location."', ".$account_id.", ".$rights.")"; $sql .= " values('".$app."', '".$location."', ".$account_id.', '.$rights.')';
$this->db->query($sql ,__LINE__,__FILE__); $this->db->query($sql ,__LINE__,__FILE__);
return True; return True;
} }
@ -286,27 +286,27 @@ It should use the values in the $this->data
function get_location_list_for_id($app, $required, $account_id = False){ function get_location_list_for_id($app, $required, $account_id = False){
global $phpgw, $phpgw_info; global $phpgw, $phpgw_info;
if ($account_id == False){ $account_id = $phpgw_info["user"]["account_id"]; } if ($account_id == False){ $account_id = $phpgw_info['user']['account_id']; }
$sql = "select acl_location, acl_rights from phpgw_acl where acl_appname = '$app' and "; $sql = "select acl_location, acl_rights from phpgw_acl where acl_appname = '$app' and ";
$sql .= "acl_account = '".$account_id."'"; $sql .= "acl_account = '".$account_id."'";
$this->db->query($sql ,__LINE__,__FILE__); $this->db->query($sql ,__LINE__,__FILE__);
$rights = 0; $rights = 0;
if ($this->db->num_rows() == 0 ){ return False; } if ($this->db->num_rows() == 0 ){ return False; }
while ($this->db->next_record()) { while ($this->db->next_record()) {
if ($this->db->f("acl_rights")) { if ($this->db->f('acl_rights')) {
$rights |= $this->db->f("acl_rights"); $rights |= $this->db->f('acl_rights');
if (!!($rights & $required) == True){ if (!!($rights & $required) == True){
$locations[] = $this->db->f("acl_location"); $locations[] = $this->db->f('acl_location');
} }
} }
} }
return $locations; return $locations;
} }
function get_ids_for_location($location, $required, $app = False){ function get_ids_for_location($location, $required, $app = False){
global $phpgw, $phpgw_info; global $phpgw, $phpgw_info;
if ($app == False){ if ($app == False){
$app = $phpgw_info["flags"]["currentapp"]; $app = $phpgw_info['flags']['currentapp'];
} }
$sql = "select acl_account, acl_rights from phpgw_acl where acl_appname = '$app' and "; $sql = "select acl_account, acl_rights from phpgw_acl where acl_appname = '$app' and ";
$sql .= "acl_location = '".$location."'"; $sql .= "acl_location = '".$location."'";
@ -314,12 +314,51 @@ It should use the values in the $this->data
$rights = 0; $rights = 0;
if ($this->db->num_rows() == 0 ){ return False; } if ($this->db->num_rows() == 0 ){ return False; }
while ($this->db->next_record()) { while ($this->db->next_record()) {
$rights |= $this->db->f("acl_rights"); $rights |= $this->db->f('acl_rights');
if (!!($rights & $required) == True){ if (!!($rights & $required) == True){
$accounts[] = $this->db->f("acl_account"); $accounts[] = $this->db->f('acl_account');
} }
} }
return $accounts; return $accounts;
}
function get_grants($app=False){
global $phpgw, $phpgw_info;
$db2 = $this->db;
$group_pre = 'g_';
$user_pre = 'u_';
if ($app==False)
{
$app = $phpgw_info['flags']['currentapp'];
}
$sql = "select acl_account, acl_rights from phpgw_acl where acl_appname = '$app' and "
. "acl_location in ";
$security = "('". $user_pre . $phpgw_info['user']['account_id'] ."'";
$my_memberships = $phpgw->accounts->memberships($phpgw_info['user']['account_id']);
while($groups = each($my_memberships))
{
$group = each($groups);
$security .= ",'" . $group_pre . $group[1] . "'";
}
$security .= ')';
$db2->query($sql . $security ,__LINE__,__FILE__);
$rights = 0;
if ($db2->num_rows() == 0 ){ return False; }
while ($db2->next_record())
{
$grantor = $db2->f('acl_account');
$rights = $db2->f('acl_rights');
if(!$accounts[$grantor])
{
$accounts[$grantor] = 0;
}
$accounts[$grantor] |= $rights;
}
return $accounts;
} }
} //end of acl class } //end of acl class
?> ?>