From e34fe9a4e767e6281572acf467ccd8870665edac Mon Sep 17 00:00:00 2001 From: Ralf Becker Date: Wed, 11 May 2016 19:23:14 +0000 Subject: [PATCH] using Acl::(ADD|READ|EDIT|DELETE|PRIVAT) constants instead old EGW_ACL_* defines and fix some namespace errors found by doc/check_namespace.php --- api/src/Accounts/Ads.php | 4 +-- api/src/Accounts/Sql.php | 2 +- api/src/Acl.php | 2 +- api/src/Auth.php | 6 ++-- api/src/CalDAV.php | 6 ++-- api/src/CalDAV/Handler.php | 22 +++++++------- api/src/CalDAV/Principals.php | 14 ++++----- api/src/Categories.php | 18 ++++++------ api/src/Config.php | 17 +++++------ api/src/Contacts.php | 44 ++++++++++++++-------------- api/src/Contacts/Storage.php | 16 +++++----- api/src/DateTime.php | 2 +- api/src/Egw.php | 2 +- api/src/Etemplate/Widget/Taglist.php | 2 +- api/src/Link.php | 12 ++++---- api/src/Mail/Account.php | 8 ++--- api/src/Mailer.php | 2 +- api/src/Session.php | 14 ++++----- api/src/Vfs/Links/StreamWrapper.php | 4 +-- api/src/Vfs/Sqlfs/StreamWrapper.php | 2 +- 20 files changed, 99 insertions(+), 100 deletions(-) diff --git a/api/src/Accounts/Ads.php b/api/src/Accounts/Ads.php index 767cd2d32d..2c4a4ff7e3 100644 --- a/api/src/Accounts/Ads.php +++ b/api/src/Accounts/Ads.php @@ -865,7 +865,7 @@ class Ads } else // we need to run the unlimited query { - $query = ldap::quote(strtolower($param['query'])); + $query = Api\Ldap::quote(strtolower($param['query'])); $accounts = array(); if($param['type'] !== 'groups') @@ -916,7 +916,7 @@ class Ads } if ($param['type'] === 'groups' || $param['type'] === 'both') { - $query = ldap::quote(strtolower($param['query'])); + $query = Api\Ldap::quote(strtolower($param['query'])); $filter = null; if(!empty($query) && $query != '*') diff --git a/api/src/Accounts/Sql.php b/api/src/Accounts/Sql.php index 823db6599a..203bf23321 100644 --- a/api/src/Accounts/Sql.php +++ b/api/src/Accounts/Sql.php @@ -201,7 +201,7 @@ class Sql if (!preg_match('/^\\{[a-z5]{3,5}\\}.+/i',$data['account_passwd']) && !preg_match('/^[0-9a-f]{32}$/',$data['account_passwd'])) // md5 hash { - $data['account_passwd'] = $GLOBALS['egw']->auth->encrypt_sql($data['account_passwd']); + $data['account_passwd'] = Api\Auth::encrypt_sql($data['account_passwd']); } $to_write['account_pwd'] = $data['account_passwd']; $to_write['account_lastpwd_change'] = time(); diff --git a/api/src/Acl.php b/api/src/Acl.php index e01e836b02..ab771cf302 100644 --- a/api/src/Acl.php +++ b/api/src/Acl.php @@ -683,7 +683,7 @@ class Acl if (!$grantor) continue; // can happen if group has no members // Don't allow to override private with group ACL's! - $rights &= ~EGW_ACL_PRIVATE; + $rights &= ~self::PRIVAT; if(!isset($grants[$grantor])) { diff --git a/api/src/Auth.php b/api/src/Auth.php index c891e15576..1ac600ec16 100644 --- a/api/src/Auth.php +++ b/api/src/Auth.php @@ -231,7 +231,7 @@ class Auth * @param string $old_passwd must be cleartext * @param string $new_passwd must be cleartext * @param int $account_id account id of user whose passwd should be changed - * @throws Exception\WrongUserinput if configured password strength is not meat + * @throws Exception\WrongUserInput if configured password strength is not meat * @throws Exception from backends having extra requirements * @return boolean true if password successful changed, false otherwise */ @@ -239,7 +239,7 @@ class Auth { if (($err = self::crackcheck($new_passwd,null,null,null,$account_id))) { - throw new Exception\WrongUserinput($err); + throw new Exception\WrongUserInput($err); } if (($ret = $this->backend->change_password($old_passwd, $new_passwd, $account_id))) { @@ -256,7 +256,7 @@ class Auth // run changepwasswd hook $GLOBALS['hook_values'] = array( 'account_id' => $account_id, - 'account_lid' => accounts::id2name($account_id), + 'account_lid' => Accounts::id2name($account_id), 'old_passwd' => $old_passwd, 'new_passwd' => $new_passwd, ); diff --git a/api/src/CalDAV.php b/api/src/CalDAV.php index 0d865da160..b53b15e97a 100644 --- a/api/src/CalDAV.php +++ b/api/src/CalDAV.php @@ -1278,7 +1278,7 @@ class CalDAV extends HTTP_WebDAV_Server return $entry ? $entry : "404 Not found"; } - if (!Link::file_access($handler->app, $entry['id'], EGW_ACL_EDIT)) + if (!Link::file_access($handler->app, $entry['id'], Acl::EDIT)) { return '403 Forbidden'; } @@ -1386,7 +1386,7 @@ class CalDAV extends HTTP_WebDAV_Server { error_log(__METHOD__."('$app', $id, attach=".array2string($attach).", delete_via_put=".array2string($delete_via_put).')'); - if (!Link::file_access($app, $id, EGW_ACL_EDIT)) + if (!Link::file_access($app, $id, Acl::EDIT)) { error_log(__METHOD__."('$app', $id, ...) no rights to update attachments"); return; // no rights --> nothing to do @@ -1836,7 +1836,7 @@ class CalDAV extends HTTP_WebDAV_Server $handler = self::app_handler($app); // TODO recursive locks on directories not supported yet - if (!$id || !empty($options['depth']) || !$handler->check_access(EGW_ACL_EDIT,$id)) + if (!$id || !empty($options['depth']) || !$handler->check_access(Acl::EDIT,$id)) { return '409 Conflict'; } diff --git a/api/src/CalDAV/Handler.php b/api/src/CalDAV/Handler.php index f43512abf0..d96eeb06c3 100644 --- a/api/src/CalDAV/Handler.php +++ b/api/src/CalDAV/Handler.php @@ -58,9 +58,9 @@ abstract class Handler * @var array */ var $method2acl = array( - 'GET' => EGW_ACL_READ, - 'PUT' => EGW_ACL_EDIT, - 'DELETE' => EGW_ACL_DELETE, + 'GET' => Api\Acl::READ, + 'PUT' => Api\Acl::EDIT, + 'DELETE' => Api\Acl::DELETE, ); /** * eGW application responsible for the handler @@ -212,7 +212,7 @@ abstract class Handler /** * Check if user has the neccessary rights on an entry * - * @param int $acl EGW_ACL_READ, EGW_ACL_EDIT or EGW_ACL_DELETE + * @param int $acl Api\Acl::READ, Api\Acl::EDIT or Api\Acl::DELETE * @param array|int $entry entry-array or id * @return boolean null if entry does not exist, false if no access, true if access permitted */ @@ -291,7 +291,7 @@ abstract class Handler } $extra_acl = $this->method2acl[$method]; if ($id && !($entry = $this->read($id, $options['path'])) && ($method != 'PUT' || $entry === false) || - ($extra_acl != EGW_ACL_READ && $this->check_access($extra_acl,$entry) === false)) + ($extra_acl != Api\Acl::READ && $this->check_access($extra_acl,$entry) === false)) { if ($return_no_access && !is_null($entry)) { @@ -496,7 +496,7 @@ abstract class Handler /** * Get grants of current user and app * - * @return array user-id => EGW_ACL_ADD|EGW_ACL_READ|EGW_ACL_EDIT|EGW_ACL_DELETE pairs + * @return array user-id => Api\Acl::ADD|Api\Acl::READ|Api\Acl::EDIT|Api\Acl::DELETE pairs */ public function get_grants() { @@ -523,22 +523,22 @@ abstract class Handler } $priviledes = array('read-current-user-privilege-set' => 'read-current-user-privilege-set'); - if (is_null($user) || $grants[$user] & EGW_ACL_READ) + if (is_null($user) || $grants[$user] & Api\Acl::READ) { $priviledes['read'] = 'read'; // allows on all calendars/addressbooks to write properties, as we store them on a per-user basis // and only allow to modify explicit named properties in CalDAV, CardDAV or Calendarserver name-space $priviledes['write-properties'] = 'write-properties'; } - if (is_null($user) || $grants[$user] & EGW_ACL_ADD) + if (is_null($user) || $grants[$user] & Api\Acl::ADD) { $priviledes['bind'] = 'bind'; // PUT for new resources } - if (is_null($user) || $grants[$user] & EGW_ACL_EDIT) + if (is_null($user) || $grants[$user] & Api\Acl::EDIT) { $priviledes['write-content'] = 'write-content'; // otherwise iOS calendar does not allow to add events } - if (is_null($user) || $grants[$user] & EGW_ACL_DELETE) + if (is_null($user) || $grants[$user] & Api\Acl::DELETE) { $priviledes['unbind'] = 'unbind'; // DELETE } @@ -645,7 +645,7 @@ abstract class Handler $privileges = array('read', 'read-current-user-privilege-set'); if ($this->caldav->prop_requested('current-user-privilege-set') === true && !isset($props['current-user-privilege-set'])) { - if ($this->check_access(EGW_ACL_EDIT, $entry)) + if ($this->check_access(Api\Acl::EDIT, $entry)) { $privileges[] = 'write-content'; } diff --git a/api/src/CalDAV/Principals.php b/api/src/CalDAV/Principals.php index 7bf8ea5982..7c4a1fc8e9 100644 --- a/api/src/CalDAV/Principals.php +++ b/api/src/CalDAV/Principals.php @@ -921,7 +921,7 @@ class Principals extends Handler { $addressbooks[] = '/'; } - foreach(array_keys($GLOBALS['egw']->contacts->get_addressbooks(EGW_ACL_READ)) as $id) + foreach(array_keys($GLOBALS['egw']->contacts->get_addressbooks(Api\Acl::READ)) as $id) { if ((in_array('A',$addressbook_home_set) || in_array((string)$id,$addressbook_home_set)) && is_numeric($id) && ($owner = $this->accounts->id2name($id))) @@ -1366,8 +1366,8 @@ class Principals extends Handler case 'users': case 'groups': $account = $location = $this->accounts->name2id($account, 'account_lid', $account_type[0]); - $right = $what == 'write' ? EGW_ACL_EDIT : EGW_ACL_READ; - $mask = $what == 'write' ? EGW_ACL_EDIT : EGW_ACL_EDIT|EGW_ACL_READ; // do NOT report write+read in read + $right = $what == 'write' ? Api\Acl::EDIT : Api\Acl::READ; + $mask = $what == 'write' ? Api\Acl::EDIT : Api\Acl::EDIT|Api\Acl::READ; // do NOT report write+read in read break; case 'locations': @@ -1522,13 +1522,13 @@ class Principals extends Handler $set = array(); foreach($this->acl->get_grants($app, $app != 'addressbook', $account) as $account_id => $rights) { - if ($account_id != $account && ($rights & EGW_ACL_READ) && + if ($account_id != $account && ($rights & Api\Acl::READ) && ($account_lid = $this->accounts->id2name($account_id)) && $this->accounts->visible($account_lid)) // only add visible accounts, gives error in iCal otherwise { $set[] = Api\CalDAV::mkprop('href', $this->base_uri.'/principals/'. ($account_id < 0 ? 'groups/' : 'users/'). - $account_lid.'/'.$app.'-proxy-'.($rights & EGW_ACL_EDIT ? 'write' : 'read').'/'); + $account_lid.'/'.$app.'-proxy-'.($rights & Api\Acl::EDIT ? 'write' : 'read').'/'); } } return $set; @@ -1694,13 +1694,13 @@ class Principals extends Handler /** * Check if user has the neccessary rights on an entry * - * @param int $acl EGW_ACL_READ, EGW_ACL_EDIT or EGW_ACL_DELETE + * @param int $acl Api\Acl::READ, Api\Acl::EDIT or Api\Acl::DELETE * @param array|int $entry entry-array or id * @return boolean null if entry does not exist, false if no access, true if access permitted */ function check_access($acl,$entry) { - if ($acl != EGW_ACL_READ) + if ($acl != Api\Acl::READ) { return false; } diff --git a/api/src/Categories.php b/api/src/Categories.php index 77ea86f016..42242ac6c6 100644 --- a/api/src/Categories.php +++ b/api/src/Categories.php @@ -238,7 +238,7 @@ class Categories } // check for read permission - if(!$this->check_perms(EGW_ACL_READ, $cat, $globals === 'all_no_acl')) + if(!$this->check_perms(Acl::READ, $cat, $globals === 'all_no_acl')) { continue; } @@ -470,7 +470,7 @@ class Categories * Checks category permissions for a given list of commaseparated category ids * and truncates it by the ones the user does not have the requested permission on * - * @param int $needed necessary ACL right: EGW_ACL_{READ|EDIT|DELETE} + * @param int $needed necessary ACL right: Acl::{READ|EDIT|DELETE} * @param string $cat_list commaseparated list of category ids * @return string truncated commaseparated list of category ids */ @@ -487,7 +487,7 @@ class Categories { foreach($cat_arr as $id=>$cat_id) { - if (!$this->check_perms($needed, $cat_id, false, $needed == EGW_ACL_READ)) // allow reading all global cats + if (!$this->check_perms($needed, $cat_id, false, $needed == Acl::READ)) // allow reading all global cats { unset($cat_arr[$id]); } @@ -503,7 +503,7 @@ class Categories * * If the access of a category is set to private, one needs a private grant for the application * - * @param int $needed necessary ACL right: EGW_ACL_{READ|EDIT|DELETE} + * @param int $needed necessary ACL right: Acl::{READ|EDIT|DELETE} * @param mixed $category category as array or the category_id * @param boolean $no_acl_check =false if true, grants are NOT checked, gives access to all non-private categories of all users * @param boolean $allow_global_read if true, global cats are allowed (independent of app) for reading @@ -525,7 +525,7 @@ class Categories } // Read access to global categories - if ($needed == EGW_ACL_READ && (($is_global=array_intersect(explode(',',$category['owner']),$this->global_owners)) || + if ($needed == Acl::READ && (($is_global=array_intersect(explode(',',$category['owner']),$this->global_owners)) || $no_acl_check && $category['access'] == 'public') && // no_acl_check only means public cats ($category['appname'] == self::GLOBAL_APPNAME || $category['appname'] == $this->app_name || $is_global && $allow_global_read)) @@ -558,7 +558,7 @@ class Categories foreach(explode(',',$category['owner']) as $owner) { $owner_grant = $owner_grant || (($this->grants[$owner] & $needed) && - ($category['access'] == 'public' || ($this->grants[$owner] & EGW_ACL_PRIVATE))); + ($category['access'] == 'public' || ($this->grants[$owner] & Acl::PRIVAT))); } return $acl_grant && $owner_grant; } @@ -704,7 +704,7 @@ class Categories if (isset($values['old_parent']) && (int)$values['old_parent'] != (int)$values['parent']) { $ret = $this->check_consistency4update($values); - if ($ret !== true) throw new Exception\WrongUserinput($ret); + if ($ret !== true) throw new Exception\WrongUserInput($ret); // everything seems in order -> proceed $values['level'] = ($values['parent'] ? $this->id2name($values['parent'],'level')+1:0); $this->adapt_level_in_subtree($values); @@ -717,7 +717,7 @@ class Categories if ($values['parent'] > 0) { $ret = $this->check_consistency4update($values); - if ($ret !== true) throw new Exception\WrongUserinput($ret); + if ($ret !== true) throw new Exception\WrongUserInput($ret); // everything seems in order -> proceed $values['main'] = $this->id2name($values['parent'],'main'); @@ -1056,7 +1056,7 @@ class Categories static $cat2color = array(); // ACL check - $cats = $GLOBALS['egw']->categories->check_list(EGW_ACL_READ, $_cats); + $cats = $GLOBALS['egw']->categories->check_list(Acl::READ, $_cats); if (!$cats) return null; diff --git a/api/src/Config.php b/api/src/Config.php index 5b1654d755..7e68d600d3 100755 --- a/api/src/Config.php +++ b/api/src/Config.php @@ -66,7 +66,7 @@ class Config /** * reads the whole repository for $this->appname, appname has to be set via the constructor * - * You can also use the static config::read($app) method, without instanciating the class. + * You can also use the static Config::read($app) method, without instanciating the class. * * @return array the whole config-array for that app */ @@ -95,7 +95,7 @@ class Config if (!isset($this->config_data[$name])) // has been deleted { self::save_value($name, null, $this->appname, false); - //self::$db->delete(config::TABLE,array('config_app'=>$this->appname,'config_name'=>$name),__LINE__,__FILE__); + //self::$db->delete(self::TABLE,array('config_app'=>$this->appname,'config_name'=>$name),__LINE__,__FILE__); } } @@ -126,9 +126,8 @@ class Config { if (!$app && (!isset($this) || !is_a($this,__CLASS__))) { - throw new Exception\WrongParameter('$app parameter required for static call of config::save_value($name,$value,$app)!'); + throw new Exception\WrongParameter('$app parameter required for static call of Config::save_value($name,$value,$app)!'); } - //echo "

config::save_value('$name','".print_r($value,True)."','$app')

\n"; if (!$app || isset($this) && is_a($this,__CLASS__) && $app == $this->appname) { $app = $this->appname; @@ -138,7 +137,7 @@ class Config { self::init_static(); } - //echo "

config::save_value('$name','".print_r($value,True)."','$app')

\n"; + if (isset(self::$configs[$app][$name]) && self::$configs[$app][$name] === $value) { return True; // no change ==> exit @@ -147,13 +146,13 @@ class Config if (!isset($value) || $value === '') { if (isset(self::$configs[$app])) unset(self::$configs[$app][$name]); - self::$db->delete(config::TABLE,array('config_app'=>$app,'config_name'=>$name),__LINE__,__FILE__); + self::$db->delete(self::TABLE,array('config_app'=>$app,'config_name'=>$name),__LINE__,__FILE__); } else { self::$configs[$app][$name] = $value; if(is_array($value)) $value = json_encode($value); - self::$db->insert(config::TABLE,array('config_value'=>$value),array('config_app'=>$app,'config_name'=>$name),__LINE__,__FILE__); + self::$db->insert(self::TABLE,array('config_value'=>$value),array('config_app'=>$app,'config_name'=>$name),__LINE__,__FILE__); } if ($update_cache) { @@ -176,7 +175,7 @@ class Config { self::init_static(); } - self::$db->delete(config::TABLE,array('config_app' => $this->appname),__LINE__,__FILE__); + self::$db->delete(self::TABLE,array('config_app' => $this->appname),__LINE__,__FILE__); unset(self::$configs[$this->appname]); Cache::setInstance(__CLASS__, 'configs', self::$configs); @@ -345,7 +344,7 @@ class Config if (!(self::$configs = Cache::getInstance(__CLASS__, 'configs')) || !is_array(self::$configs['phpgwapi'])) { self::$configs = array(); - foreach(self::$db->select(config::TABLE,'*',false,__LINE__,__FILE__) as $row) + foreach(self::$db->select(self::TABLE,'*',false,__LINE__,__FILE__) as $row) { self::$configs[$row['config_app']][$row['config_name']] = self::unserialize($row['config_value']); //error_log(__METHOD__."() configs[$row[config_app]][$row[config_name]]=".array2string(self::$configs[$row['config_app']][$row['config_name']])); diff --git a/api/src/Contacts.php b/api/src/Contacts.php index 9471c87868..a5572d015d 100755 --- a/api/src/Contacts.php +++ b/api/src/Contacts.php @@ -334,13 +334,13 @@ class Contacts extends Contacts\Storage /** * Get the availible addressbooks of the user * - * @param int $required =EGW_ACL_READ required rights on the addressbook or multiple rights or'ed together, + * @param int $required =Acl::READ required rights on the addressbook or multiple rights or'ed together, * to return only addressbooks fullfilling all the given rights * @param string $extra_label first label if given (already translated) * @param int $user =null account_id or null for current user * @return array with owner => label pairs */ - function get_addressbooks($required=EGW_ACL_READ,$extra_label=null,$user=null) + function get_addressbooks($required=Acl::READ,$extra_label=null,$user=null) { if (is_null($user)) { @@ -371,11 +371,11 @@ class Contacts extends Contacts\Storage asort($to_sort); $addressbooks += $to_sort; } - if ($required != EGW_ACL_ADD && // do NOT allow to set accounts as default addressbook (AB can add accounts) + if ($required != Acl::ADD && // do NOT allow to set accounts as default addressbook (AB can add accounts) !$preferences['addressbook']['hide_accounts'] && ( ($grants[0] & $required) == $required || $preferences['common']['account_selection'] == 'groupmembers' && - $this->account_repository != 'ldap' && ($required & EGW_ACL_READ))) + $this->account_repository != 'ldap' && ($required & Acl::READ))) { $addressbooks[0] = lang('Accounts'); } @@ -808,7 +808,7 @@ class Contacts extends Contacts\Storage $id = is_array($c) ? $c['id'] : $c; $ok = false; - if ($this->check_perms(EGW_ACL_DELETE,$c,$deny_account_delete)) + if ($this->check_perms(Acl::DELETE,$c,$deny_account_delete)) { if (!($old = $this->read($id))) return false; // check if we only mark contacts as deleted, or really delete them @@ -895,7 +895,7 @@ class Contacts extends Contacts\Storage { $contact['private'] = 0; } - if(!$ignore_acl && !$this->check_perms($isUpdate ? EGW_ACL_EDIT : EGW_ACL_ADD,$contact)) + if(!$ignore_acl && !$this->check_perms($isUpdate ? Acl::EDIT : Acl::ADD,$contact)) { $this->error = 'access denied'; return false; @@ -1087,7 +1087,7 @@ class Contacts extends Contacts\Storage { $data = null; // not found } - elseif (!$ignore_acl && !$this->check_perms(EGW_ACL_READ,$data)) + elseif (!$ignore_acl && !$this->check_perms(Acl::READ,$data)) { $data = false; // no view perms } @@ -1118,7 +1118,7 @@ class Contacts extends Contacts\Storage * If the access of a contact is set to private, one need a private grant for a personal addressbook * or the group membership for a group-addressbook * - * @param int $needed necessary ACL right: EGW_ACL_{READ|EDIT|DELETE} + * @param int $needed necessary ACL right: Acl::{READ|EDIT|DELETE} * @param mixed $contact contact as array or the contact-id * @param boolean $deny_account_delete =false if true never allow to delete accounts * @param int $user =null for which user to check, default current user @@ -1147,17 +1147,17 @@ class Contacts extends Contacts\Storage $owner = $contact['owner']; // allow the user to edit his own account - if (!$owner && $needed == EGW_ACL_EDIT && $contact['account_id'] == $user && $this->own_account_acl) + if (!$owner && $needed == Acl::EDIT && $contact['account_id'] == $user && $this->own_account_acl) { $access = true; } // dont allow to delete own account (as admin handels it too) - elseif (!$owner && $needed == EGW_ACL_DELETE && ($deny_account_delete || $contact['account_id'] == $user)) + elseif (!$owner && $needed == Acl::DELETE && ($deny_account_delete || $contact['account_id'] == $user)) { $access = false; } // for reading accounts (owner == 0) and account_selection == groupmembers, check if current user and contact are groupmembers - elseif ($owner == 0 && $needed == EGW_ACL_READ && + elseif ($owner == 0 && $needed == Acl::READ && $GLOBALS['egw_info']['user']['preferences']['common']['account_selection'] == 'groupmembers' && !isset($GLOBALS['egw_info']['user']['apps']['admin'])) { @@ -1166,7 +1166,7 @@ class Contacts extends Contacts\Storage else { $access = ($grants[$owner] & $needed) && - (!$contact['private'] || ($grants[$owner] & EGW_ACL_PRIVATE) || in_array($owner,$memberships)); + (!$contact['private'] || ($grants[$owner] & Acl::PRIVAT) || in_array($owner,$memberships)); } //error_log(__METHOD__."($needed,$contact[id],$deny_account_delete,$user) returning ".array2string($access)); return $access; @@ -1176,7 +1176,7 @@ class Contacts extends Contacts\Storage * Check access to the file store * * @param int|array $id id of entry or entry array - * @param int $check EGW_ACL_READ for read and EGW_ACL_EDIT for write or delete access + * @param int $check Acl::READ for read and Acl::EDIT for write or delete access * @param string $rel_path =null currently not used in InfoLog * @param int $user =null for which user to check, default current user * @return boolean true if access is granted or false otherwise @@ -1410,7 +1410,7 @@ class Contacts extends Contacts\Storage } if ($fields) { - if (!$this->check_perms(EGW_ACL_EDIT,$member) || !$this->save($member)) + if (!$this->check_perms(Acl::EDIT,$member) || !$this->save($member)) { ++$failed_members; } @@ -1765,7 +1765,7 @@ class Contacts extends Contacts\Storage $target = $contacts[0]; unset($contacts[0]); } - if (!$this->check_perms(EGW_ACL_EDIT,$target)) + if (!$this->check_perms(Acl::EDIT,$target)) { echo $this->error = 'No edit permission for the target contact!'; return 0; @@ -1809,7 +1809,7 @@ class Contacts extends Contacts\Storage $success = 1; foreach($contacts as $contact) { - if (!$this->check_perms(EGW_ACL_DELETE,$contact)) + if (!$this->check_perms(Acl::DELETE,$contact)) { continue; } @@ -1875,7 +1875,7 @@ class Contacts extends Contacts\Storage */ function add_list($keys,$owner,$contacts=array(),array &$data=array()) { - if (!$this->check_list(null,EGW_ACL_ADD|EGW_ACL_EDIT,$owner)) return false; + if (!$this->check_list(null,Acl::ADD|Acl::EDIT,$owner)) return false; try { $ret = parent::add_list($keys,$owner,$contacts,$data); @@ -1899,7 +1899,7 @@ class Contacts extends Contacts\Storage */ function add2list($contact,$list,array $existing=null) { - if (!$this->check_list($list,EGW_ACL_EDIT)) return false; + if (!$this->check_list($list,Acl::EDIT)) return false; unset(self::$list_cache[$list]); @@ -1915,7 +1915,7 @@ class Contacts extends Contacts\Storage */ function remove_from_list($contact,$list=null) { - if ($list && !$this->check_list($list,EGW_ACL_EDIT)) return false; + if ($list && !$this->check_list($list,Acl::EDIT)) return false; if ($list) { @@ -1937,7 +1937,7 @@ class Contacts extends Contacts\Storage */ function delete_list($list) { - if (!$this->check_list($list,EGW_ACL_DELETE)) return false; + if (!$this->check_list($list,Acl::DELETE)) return false; foreach((array)$list as $l) { @@ -2050,7 +2050,7 @@ class Contacts extends Contacts\Storage { foreach ($old_categories as $cat_id) { - if (!$this->categories->check_perms(EGW_ACL_READ, $cat_id)) + if (!$this->categories->check_perms(Acl::READ, $cat_id)) { $old_cats_preserve[] = $cat_id; } @@ -2108,7 +2108,7 @@ class Contacts extends Contacts\Storage $cat_list = array(); foreach($cat_id_list as $cat_id) { - if ($cat_id && $this->categories->check_perms(EGW_ACL_READ, $cat_id) && + if ($cat_id && $this->categories->check_perms(Acl::READ, $cat_id) && ($cat_name = $this->categories->id2name($cat_id)) && $cat_name != '--') { $cat_list[] = $cat_name; diff --git a/api/src/Contacts/Storage.php b/api/src/Contacts/Storage.php index a3fe3a2606..ea007a29e8 100755 --- a/api/src/Contacts/Storage.php +++ b/api/src/Contacts/Storage.php @@ -344,20 +344,20 @@ class Storage // ToDo: be more specific for 'groupmembers', they should be able to see the groupmembers if (!in_array($preferences['common']['account_selection'], array('none','groupmembers'))) { - $grants[0] = EGW_ACL_READ; + $grants[0] = Api\Acl::READ; } // add account grants for admins (only for current user!) if ($user == $this->user && $this->is_admin()) // admin rights can be limited by ACL! { - $grants[0] = EGW_ACL_READ; // admins always have read-access - if (!$GLOBALS['egw']->acl->check('account_access',16,'admin')) $grants[0] |= EGW_ACL_EDIT; - if (!$GLOBALS['egw']->acl->check('account_access',4,'admin')) $grants[0] |= EGW_ACL_ADD; - if (!$GLOBALS['egw']->acl->check('account_access',32,'admin')) $grants[0] |= EGW_ACL_DELETE; + $grants[0] = Api\Acl::READ; // admins always have read-access + if (!$GLOBALS['egw']->acl->check('account_access',16,'admin')) $grants[0] |= Api\Acl::EDIT; + if (!$GLOBALS['egw']->acl->check('account_access',4,'admin')) $grants[0] |= Api\Acl::ADD; + if (!$GLOBALS['egw']->acl->check('account_access',32,'admin')) $grants[0] |= Api\Acl::DELETE; } // allow certain groups to edit contact-data of accounts if (self::allow_account_edit($user)) { - $grants[0] |= EGW_ACL_READ|EGW_ACL_EDIT; + $grants[0] |= Api\Acl::READ|Api\Acl::EDIT; } } else @@ -985,12 +985,12 @@ class Storage /** * Get the availible distribution lists for a user * - * @param int $required =EGW_ACL_READ required rights on the list or multiple rights or'ed together, + * @param int $required =Api\Acl::READ required rights on the list or multiple rights or'ed together, * to return only lists fullfilling all the given rights * @param string $extra_labels =null first labels if given (already translated) * @return array with id => label pairs or false if backend does not support lists */ - function get_lists($required=EGW_ACL_READ,$extra_labels=null) + function get_lists($required=Api\Acl::READ,$extra_labels=null) { if (!method_exists($this->somain,'get_lists')) return false; diff --git a/api/src/DateTime.php b/api/src/DateTime.php index 50907715e9..c5fd1c1747 100644 --- a/api/src/DateTime.php +++ b/api/src/DateTime.php @@ -556,7 +556,7 @@ class DateTime extends \DateTime self::$server_timezone = new DateTimeZone('Europe/Berlin'); } error_log(__METHOD__."() invalid server_timezone='{$GLOBALS['egw_info']['server']['server_timezone']}' setting now '".self::$server_timezone->getName()."'!"); - config::save_value('server_timezone',$GLOBALS['egw_info']['server']['server_timezone'] = self::$server_timezone->getName(),'phpgwapi'); + Config::save_value('server_timezone',$GLOBALS['egw_info']['server']['server_timezone'] = self::$server_timezone->getName(),'phpgwapi'); } if (!isset($GLOBALS['egw_info']['user']['preferences']['common']['tz'])) { diff --git a/api/src/Egw.php b/api/src/Egw.php index c7ef6d8ea3..f324f5ee91 100644 --- a/api/src/Egw.php +++ b/api/src/Egw.php @@ -371,7 +371,7 @@ class Egw extends Egw\Base { $GLOBALS['egw']->session->destroy($sessionid); } - throw new Exception\Redirect(egw::link('/logout.php')); + throw new Exception\Redirect(self::link('/logout.php')); } if ($currentapp == 'admin' || $GLOBALS['egw_info']['flags']['admin_only']) { diff --git a/api/src/Etemplate/Widget/Taglist.php b/api/src/Etemplate/Widget/Taglist.php index 38ce19b902..b1d788e636 100644 --- a/api/src/Etemplate/Widget/Taglist.php +++ b/api/src/Etemplate/Widget/Taglist.php @@ -124,7 +124,7 @@ class Taglist extends Etemplate\Widget } if($this->type == 'taglist-email' && $this->attrs['include_lists'] && is_numeric($val)) { - $lists = $GLOBALS['egw']->contacts->get_lists(EGW_ACL_READ); + $lists = $GLOBALS['egw']->contacts->get_lists(Api\Acl::READ); if(!array_key_exists($val, $lists)) { self::set_validation_error($form_name,lang("'%1' is NOT allowed ('%2')!",$val,implode("','",array_keys($lists))),''); diff --git a/api/src/Link.php b/api/src/Link.php index b6432ba164..384b040dbb 100644 --- a/api/src/Link.php +++ b/api/src/Link.php @@ -1581,7 +1581,7 @@ class Link extends Link\Storage * @param string $app * @param int|string $id * @param string $title title string or null - * @param int $file_access =null EGW_ACL_READ, EGW_ACL_EDIT or both or'ed together + * @param int $file_access =null Acl::READ, Acl::EDIT or both or'ed together */ public static function set_cache($app,$id,$title,$file_access=null) { @@ -1682,12 +1682,12 @@ class Link extends Link\Storage * @ToDo $rel_path is not yet implemented, as no app use it currently * @param string $app * @param string|int $id id of entry - * @param int $required =EGW_ACL_READ EGW_ACL_{READ|EDIT} + * @param int $required =Acl::READ Acl::{READ|EDIT} * @param string $rel_path =null * @param int $user =null default null = current user * @return boolean true if access granted, false otherwise */ - static function file_access($app,$id,$required=EGW_ACL_READ,$rel_path=null,$user=null) + static function file_access($app,$id,$required=Acl::READ,$rel_path=null,$user=null) { // are we called for an other user if ($user && $user != $GLOBALS['egw_info']['user']['account_id']) @@ -1709,15 +1709,15 @@ class Link extends Link\Storage $cache =& self::get_cache($app,$id,'file_access'); - if (!isset($cache) || $required == EGW_ACL_EDIT && !($cache & $required)) + if (!isset($cache) || $required == Acl::EDIT && !($cache & $required)) { if(($method = self::get_registry($app,'file_access'))) { - $cache |= ExecMethod2($method,$id,$required,$rel_path) ? $required|EGW_ACL_READ : 0; + $cache |= ExecMethod2($method,$id,$required,$rel_path) ? $required|Acl::READ : 0; } else { - $cache |= self::title($app,$id) ? EGW_ACL_READ|EGW_ACL_EDIT : 0; + $cache |= self::title($app,$id) ? Acl::READ|Acl::EDIT : 0; } //error_log(__METHOD__."($app,$id,$required,$rel_path) got $cache --> ".($cache & $required ? 'true' : 'false')); } diff --git a/api/src/Mail/Account.php b/api/src/Mail/Account.php index feaa647cbc..e580818d63 100644 --- a/api/src/Mail/Account.php +++ b/api/src/Mail/Account.php @@ -892,7 +892,7 @@ class Account implements \ArrayAccess /** * Check which rights current user has on mail-account * - * @param int $rights EGW_ACL_(READ|EDIT|DELETE) + * @param int $rights Api\Acl::(READ|EDIT|DELETE) * @param array|Account $account account array or object * @return boolean */ @@ -920,12 +920,12 @@ class Account implements \ArrayAccess { switch($rights) { - case EGW_ACL_READ: + case Api\Acl::READ: $access = true; break; - case EGW_ACL_EDIT: - case EGW_ACL_DELETE: + case Api\Acl::EDIT: + case Api\Acl::DELETE: // users have only edit/delete rights on accounts marked as user-editable AND belonging to them personally if (!$account['acc_user_editable']) { diff --git a/api/src/Mailer.php b/api/src/Mailer.php index 515d613379..73656958d8 100644 --- a/api/src/Mailer.php +++ b/api/src/Mailer.php @@ -541,7 +541,7 @@ class Mailer extends Horde_Mime_Mail if (!isset($flowed)) $flowed = $this->_body && $this->_body->getType() != 'multipart/encrypted'; // check if flowed is disabled in mail site configuration - if (($config = config::read('mail')) && $config['disable_rfc3676_flowed']) + if (($config = Config::read('mail')) && $config['disable_rfc3676_flowed']) { $flowed = false; } diff --git a/api/src/Session.php b/api/src/Session.php index 4af263aeb6..a6e14d698e 100644 --- a/api/src/Session.php +++ b/api/src/Session.php @@ -937,7 +937,7 @@ class Session $this->account_id = $GLOBALS['egw']->accounts->name2id($this->account_lid,'account_lid','u'); if (!$this->account_id) { - if (self::ERROR_LOG_DEBUG) error_log("*** session::verify($sessionid) !accounts::name2id('$this->account_lid')"); + if (self::ERROR_LOG_DEBUG) error_log("*** Session::verify($sessionid) !accounts::name2id('$this->account_lid')"); return false; } @@ -955,7 +955,7 @@ class Session if ($GLOBALS['egw']->accounts->is_expired($GLOBALS['egw_info']['user'])) { - if (self::ERROR_LOG_DEBUG) error_log("*** session::verify($sessionid) accounts is expired"); + if (self::ERROR_LOG_DEBUG) error_log("*** Session::verify($sessionid) accounts is expired"); return false; } $this->passwd = base64_decode(Cache::getSession('phpgwapi', 'password')); @@ -966,7 +966,7 @@ class Session } if ($this->account_domain != $GLOBALS['egw_info']['user']['domain']) { - if (self::ERROR_LOG_DEBUG) error_log("*** session::verify($sessionid) wrong domain"); + if (self::ERROR_LOG_DEBUG) error_log("*** Session::verify($sessionid) wrong domain"); return false; } @@ -975,7 +975,7 @@ class Session if (strtoupper(substr(PHP_OS,0,3)) != 'WIN' && (!$GLOBALS['egw_info']['user']['session_ip'] || $GLOBALS['egw_info']['user']['session_ip'] != $this->getuser_ip())) { - if (self::ERROR_LOG_DEBUG) error_log("*** session::verify($sessionid) wrong IP"); + if (self::ERROR_LOG_DEBUG) error_log("*** Session::verify($sessionid) wrong IP"); return false; } } @@ -988,7 +988,7 @@ class Session } if (!$this->account_lid) { - if (self::ERROR_LOG_DEBUG) error_log("*** session::verify($sessionid) !account_lid"); + if (self::ERROR_LOG_DEBUG) error_log("*** Session::verify($sessionid) !account_lid"); return false; } @@ -1007,13 +1007,13 @@ class Session $_REQUEST[self::EGW_SESSION_NAME] === $this->sessionid && (!isset($_COOKIE[self::EGW_SESSION_NAME]) || $_COOKIE[self::EGW_SESSION_NAME] !== $_REQUEST[self::EGW_SESSION_NAME])) { - if (self::ERROR_LOG_DEBUG) error_log("--> session::verify($sessionid) SUCCESS, but NO required cookies set --> setting them now"); + if (self::ERROR_LOG_DEBUG) error_log("--> Session::verify($sessionid) SUCCESS, but NO required cookies set --> setting them now"); self::egw_setcookie(self::EGW_SESSION_NAME,$this->sessionid); self::egw_setcookie('kp3',$this->kp3); self::egw_setcookie('domain',$this->account_domain); } - if (self::ERROR_LOG_DEBUG) error_log("--> session::verify($sessionid) SUCCESS"); + if (self::ERROR_LOG_DEBUG) error_log("--> Session::verify($sessionid) SUCCESS"); return true; } diff --git a/api/src/Vfs/Links/StreamWrapper.php b/api/src/Vfs/Links/StreamWrapper.php index 600e935acf..a3c3c18c2c 100644 --- a/api/src/Vfs/Links/StreamWrapper.php +++ b/api/src/Vfs/Links/StreamWrapper.php @@ -111,8 +111,8 @@ class StreamWrapper extends LinksParent // which gives him then read AND write access to the file store of the entry else { - // vfs & stream-wrapper use posix rights, Api\Link::file_access uses EGW_ACL_{EDIT|READ}! - $required = $check & Vfs::WRITABLE ? EGW_ACL_EDIT : EGW_ACL_READ; + // vfs & stream-wrapper use posix rights, Api\Link::file_access uses Api\Acl::{EDIT|READ}! + $required = $check & Vfs::WRITABLE ? Api\Acl::EDIT : Api\Acl::READ; $access = Api\Link::file_access($app,$id,$required,$rel_path,Vfs::$user); $what = "from Api\Link::file_access('$app',$id,$required,'$rel_path,".Vfs::$user.")"; } diff --git a/api/src/Vfs/Sqlfs/StreamWrapper.php b/api/src/Vfs/Sqlfs/StreamWrapper.php index 64ca93e7b9..afafdf95d5 100644 --- a/api/src/Vfs/Sqlfs/StreamWrapper.php +++ b/api/src/Vfs/Sqlfs/StreamWrapper.php @@ -1855,7 +1855,7 @@ class StreamWrapper implements Vfs\StreamWrapperIface { return false; } - if (!Vfs::check_access($path,EGW_ACL_EDIT,$stat)) + if (!Vfs::check_access($path,Api\Acl::EDIT,$stat)) { return false; // permission denied }