holm/egroupware
1
1
Fork 0
forked from extern/egroupware
Code Issues Pull Requests Packages Projects Releases Wiki Activity

- inherit ACL and admin from parent categories

Browse Source 
+ ACL get or'ed together (you can't take away rights)
  + admins only get inherited, if there's none defined in cat
- store state of category filter for select resource popup (not
  currently used in stock EGroupware)
This commit is contained in:
Ralf Becker 2009-11-05 19:37:28 +00:00
parent e99af0dfd6
commit c531f0077e
3 changed files with 129 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

103
resources/inc/class.bo_acl.inc.php
View File

@ -1,6 +1,6 @@
<?php
/**
* eGroupWare - resources
* EGroupWare - resources
*
* @license http://www.gnu.org/licenses/gpl.html GNU General Public License
* @package resources
@ -11,15 +11,12 @@
/**
* ACL business object for resources
*
* @package resources
* Category rights and admins get inherited from parent categories.
* Current rights and the ones inherited from parents get ORed together,
* while for admins the "closest" cat-admin will be used.
*/
class bo_acl
{
/**
* @var $permissions Holds alls permissions for resources of user
*/
var $permissions;
var $acl;
var $start = 0;
var $query = '';
@ -37,13 +34,17 @@ class bo_acl
*/
var $egw_cats;
function bo_acl($session=False)
/**
* Constructor
*
* @param boolean $session
*/
function __construct($session=False)
{
define('EGW_ACL_CAT_ADMIN',64);
define('EGW_ACL_DIRECT_BOOKING',128);
define('EGW_ACL_CALREAD',256);
$this->permissions = $GLOBALS['egw']->acl->get_all_location_rights($GLOBALS['egw_info']['user']['account_id'],'resources',true);
$this->egw_cats = new categories('','resources');
$this->debug = False;
@ -68,6 +69,18 @@ class bo_acl
}
}
/**
* PHP4 constructor
*
* @param boolean $session
* @deprecated use __construct()
* @return bo_acl
*/
function bo_acl($session=False)
{
self::__construct($session);
}
/**
* get list of cats where current user has given rights
*
@ -106,9 +119,9 @@ class bo_acl
* @param int $cat_id
* @return mixed name of category
*/
function get_cat_name($cat_id)
static public function get_cat_name($cat_id)
{
return $this->egw_cats->id2name($cat_id);
return $GLOBALS['egw']->categories->id2name($cat_id);
}
/**
@ -118,9 +131,9 @@ class bo_acl
* @param int $cat_id
* @return int userid of cat admin
*/
function get_cat_admin($cat_id)
static public function get_cat_admin($cat_id)
{
$cat_rights = $this->get_rights($cat_id);
$cat_rights = self::get_rights($cat_id);
foreach ($cat_rights as $userid => $right)
{
if ($right & EGW_ACL_CAT_ADMIN)
@ -128,21 +141,63 @@ class bo_acl
return $userid;
}
}
// check for an inherited cat admin
if (($parent = $GLOBALS['egw']->categories->id2name($cat_id,'parent')))
{
return self::get_cat_admin($parent);
}
return lang('none');
}
/**
* cheks one of the following rights for current user:
*
* EGW_ACL_READ, EGW_ACL_ADD, EGW_ACL_EDIT, EGW_ACL_DELETE, EGW_ACL_DIRECT_BOOKING
*
* @param int $cat_id
* @param int $right
* @return bool user is permitted or not for right
*/
function is_permitted($cat_id,$right)
* Permissions including inherited ones
*
* @var array cat_id => rights
*/
static private $permissions;
static private $resource_acl;
/**
* Get permissions of current user on a given category
*
* @param int $cat_id
* @return int
*/
static public function get_permissions($cat_id)
{
return $this->permissions['L'.$cat_id] & $right;
if (!isset(self::$permissions[$cat_id]))
{
if (is_null(self::$resource_acl))
{
self::$resource_acl = $GLOBALS['egw']->acl->get_all_location_rights($GLOBALS['egw_info']['user']['account_id'],'resources',true);
}
self::$permissions[$cat_id] = (int)self::$resource_acl['L'.$cat_id];
if (($parent = $GLOBALS['egw']->categories->id2name($cat_id,'parent')))
{
self::$permissions[$cat_id] |= self::get_permissions($parent);
}
}
//echo "<p>".__METHOD__."($cat_id) = ".self::$permissions[$cat_id]."</p>\n";
return self::$permissions[$cat_id];
}
/**
* checks one of the following rights for current user:
*
* EGW_ACL_READ, EGW_ACL_ADD, EGW_ACL_EDIT, EGW_ACL_DELETE, EGW_ACL_DIRECT_BOOKING
*
* @param int $cat_id
* @param int $right
* @return boolean user is permitted or not for right
*/
static public function is_permitted($cat_id,$right)
{
if (!isset(self::$permissions[$cat_id]))
{
self::get_permissions($cat_id);
}
//echo "<p>".__METHOD__."($cat_id,$right) = ".self::$permissions[$cat_id]." & $right = ".(self::$permissions[$cat_id] & $right)."</p>\n";
return (boolean) (self::$permissions[$cat_id] & $right);
}
/**
@ -151,7 +206,7 @@ class bo_acl
* @param int $cat_id
* @return array userid => right
*/
function get_rights($cat_id)
static public function get_rights($cat_id)
{
return $GLOBALS['egw']->acl->get_all_rights('L'.$cat_id,'resources');
}

20
resources/inc/class.bo_resources.inc.php
View File

@ -27,6 +27,16 @@ class bo_resources
* @var so_resources
*/
var $so;
/**
* Instance of resources acl class
*
* @var bo_acl
*/
var $acl;
/**
* Instance of categories class for resources
*/
var $cats;
function bo_resources()
{
@ -48,6 +58,16 @@ class bo_resources
*/
function get_rows($query,&$rows,&$readonlys)
{
if ($query['store_state']) // request to store state in session and filter in prefs?
{
egw_cache::setSession('resources',$query['store_state'],$query);
//echo "<p>".__METHOD__."() query[filter]=$query[filter], prefs[resources][filter]={$GLOBALS['egw_info']['user']['preferences']['resources']['filter']}</p>\n";
if ($query['filter'] != $GLOBALS['egw_info']['user']['preferences']['resources']['filter'])
{
$GLOBALS['egw']->preferences->add('resources','filter',$query['filter'],'user');
$GLOBALS['egw']->preferences->save_repository();
}
}
if ($this->debug) _debug_array($query);
$criteria = array('name' => $query['search'], 'short_description' => $query['search'], 'inventory_number' => $query['search']);
$read_onlys = 'res_id,name,short_description,quantity,useable,bookable,buyable,cat_id,location,storage_info';

46
resources/inc/class.ui_resources.inc.php
View File

@ -26,10 +26,10 @@ class ui_resources
);
/**
* constructor of class ui_resources
* Constructor
*
*/
function ui_resources()
function __construct()
{
// print_r($GLOBALS['egw_info']); die();
$this->tmpl = new etemplate('resources.show');
@ -37,6 +37,15 @@ class ui_resources
// $this->calui = CreateObject('resources.ui_calviews');
}
/**
* PHP4 constructor
*
* @deprecated use __construct();
*/
function ui_resources()
{
self::__construct();
}
/**
* main resources list.
@ -436,20 +445,25 @@ class ui_resources
if (!is_array($content))
{
$content['nm'] = array(
'header_left' => 'resources.resource_select.header',
'show_bookable' => true,
'get_rows' => 'resources.bo_resources.get_rows',
'filter_label' => 'Category',
'filter_help' => lang('Select a category'),
'options-filter'=> array(''=>lang('all categories'))+(array)$this->bo->acl->get_cats(EGW_ACL_READ),
'no_filter2' => true,
'filter_no_lang'=> true,
'no_cat' => true,
'rows' => array('js_id' => 1),
'csv_fields' => false,
'default_cols' => 'name,cat_id,quantity', // I columns to use if there's no user or default pref
);
if (!($content['nm'] = egw_cache::getSession('resources','get_rows')))
{
$content['nm'] = array(
'header_left' => 'resources.resource_select.header',
'show_bookable' => true,
'get_rows' => 'resources.bo_resources.get_rows',
'filter_label' => 'Category',
'filter_help' => lang('Select a category'),
'options-filter'=> array(''=>lang('all categories'))+(array)$this->bo->acl->get_cats(EGW_ACL_READ),
'no_filter2' => true,
'filter_no_lang'=> true,
'no_cat' => true,
'rows' => array('js_id' => 1),
'csv_fields' => false,
'default_cols' => 'name,cat_id,quantity', // I columns to use if there's no user or default pref
'store_state' => 'get_rows', // store in session as for location get_rows
);
$content['nm']['filter'] = $GLOBALS['egw_info']['user']['preferences']['resources']['filter'];
}
}
$sel_options = array();
$no_button = array();