using Acl::(ADD|READ|EDIT|DELETE|PRIVAT) constants instead old EGW_ACL_* defines and fix some namespace errors found by doc/check_namespace.php

2016-05-11 19:23:14 +00:00 · 2016-05-11 19:23:14 +00:00 · e34fe9a4e7
commit e34fe9a4e7
parent e87cbc4832
20 changed files with 99 additions and 100 deletions
--- a/api/src/Accounts/Ads.php
+++ b/api/src/Accounts/Ads.php
@ -865,7 +865,7 @@ class Ads
 		}
 		else	// we need to run the unlimited query
 		{
-			$query = ldap::quote(strtolower($param['query']));
+			$query = Api\Ldap::quote(strtolower($param['query']));
 			$accounts = array();
 			if($param['type'] !== 'groups')
@ -916,7 +916,7 @@ class Ads
 			}
 			if ($param['type'] === 'groups' || $param['type'] === 'both')
 			{
-				$query = ldap::quote(strtolower($param['query']));
+				$query = Api\Ldap::quote(strtolower($param['query']));
 				$filter = null;
 				if(!empty($query) && $query != '*')
--- a/api/src/Accounts/Sql.php
+++ b/api/src/Accounts/Sql.php
@ -201,7 +201,7 @@ class Sql
 			if (!preg_match('/^\\{[a-z5]{3,5}\\}.+/i',$data['account_passwd']) &&
 				!preg_match('/^[0-9a-f]{32}$/',$data['account_passwd']))	// md5 hash
 			{
-				$data['account_passwd'] = $GLOBALS['egw']->auth->encrypt_sql($data['account_passwd']);
+				$data['account_passwd'] = Api\Auth::encrypt_sql($data['account_passwd']);
 			}
 			$to_write['account_pwd'] = $data['account_passwd'];
 			$to_write['account_lastpwd_change'] = time();
--- a/api/src/Acl.php
+++ b/api/src/Acl.php
@ -683,7 +683,7 @@ class Acl
 						if (!$grantor) continue;	// can happen if group has no members
 						// Don't allow to override private with group ACL's!
-						$rights &= ~EGW_ACL_PRIVATE;
+						$rights &= ~self::PRIVAT;
 						if(!isset($grants[$grantor]))
 						{
--- a/api/src/Auth.php
+++ b/api/src/Auth.php
@ -231,7 +231,7 @@ class Auth
 	 * @param string $old_passwd must be cleartext
 	 * @param string $new_passwd must be cleartext
 	 * @param int $account_id account id of user whose passwd should be changed
-	 * @throws Exception\WrongUserinput if configured password strength is not meat
+	 * @throws Exception\WrongUserInput if configured password strength is not meat
 	 * @throws Exception from backends having extra requirements
 	 * @return boolean true if password successful changed, false otherwise
 	 */
@ -239,7 +239,7 @@ class Auth
 	{
 		if (($err = self::crackcheck($new_passwd,null,null,null,$account_id)))
 		{
-			throw new Exception\WrongUserinput($err);
+			throw new Exception\WrongUserInput($err);
 		}
 		if (($ret = $this->backend->change_password($old_passwd, $new_passwd, $account_id)))
 		{
@ -256,7 +256,7 @@ class Auth
 			// run changepwasswd hook
 			$GLOBALS['hook_values'] = array(
 				'account_id'  => $account_id,
-				'account_lid' => accounts::id2name($account_id),
+				'account_lid' => Accounts::id2name($account_id),
 				'old_passwd'  => $old_passwd,
 				'new_passwd'  => $new_passwd,
 			);
--- a/api/src/CalDAV.php
+++ b/api/src/CalDAV.php
@ -1278,7 +1278,7 @@ class CalDAV extends HTTP_WebDAV_Server
 			return $entry ? $entry : "404 Not found";
 		}
-		if (!Link::file_access($handler->app, $entry['id'], EGW_ACL_EDIT))
+		if (!Link::file_access($handler->app, $entry['id'], Acl::EDIT))
 		{
 			return '403 Forbidden';
 		}
@ -1386,7 +1386,7 @@ class CalDAV extends HTTP_WebDAV_Server
 	{
 		error_log(__METHOD__."('$app', $id, attach=".array2string($attach).", delete_via_put=".array2string($delete_via_put).')');
-		if (!Link::file_access($app, $id, EGW_ACL_EDIT))
+		if (!Link::file_access($app, $id, Acl::EDIT))
 		{
 			error_log(__METHOD__."('$app', $id, ...) no rights to update attachments");
 			return;	// no rights --> nothing to do
@ -1836,7 +1836,7 @@ class CalDAV extends HTTP_WebDAV_Server
 		$handler = self::app_handler($app);
 		// TODO recursive locks on directories not supported yet
-		if (!$id || !empty($options['depth']) || !$handler->check_access(EGW_ACL_EDIT,$id))
+		if (!$id || !empty($options['depth']) || !$handler->check_access(Acl::EDIT,$id))
 		{
 			return '409 Conflict';
 		}
--- a/api/src/CalDAV/Handler.php
+++ b/api/src/CalDAV/Handler.php
@ -58,9 +58,9 @@ abstract class Handler
 	 * @var array
 	 */
 	var $method2acl = array(
-		'GET' => EGW_ACL_READ,
+		'GET' => Api\Acl::READ,
-		'PUT' => EGW_ACL_EDIT,
+		'PUT' => Api\Acl::EDIT,
-		'DELETE' => EGW_ACL_DELETE,
+		'DELETE' => Api\Acl::DELETE,
 	);
 	/**
 	 * eGW application responsible for the handler
@ -212,7 +212,7 @@ abstract class Handler
 	/**
 	 * Check if user has the neccessary rights on an entry
 	 *
-	 * @param int $acl EGW_ACL_READ, EGW_ACL_EDIT or EGW_ACL_DELETE
+	 * @param int $acl Api\Acl::READ, Api\Acl::EDIT or Api\Acl::DELETE
 	 * @param array|int $entry entry-array or id
 	 * @return boolean null if entry does not exist, false if no access, true if access permitted
 	 */
@ -291,7 +291,7 @@ abstract class Handler
 		}
 		$extra_acl = $this->method2acl[$method];
 		if ($id && !($entry = $this->read($id, $options['path'])) && ($method != 'PUT' || $entry === false) ||
-			($extra_acl != EGW_ACL_READ && $this->check_access($extra_acl,$entry) === false))
+			($extra_acl != Api\Acl::READ && $this->check_access($extra_acl,$entry) === false))
 		{
 			if ($return_no_access && !is_null($entry))
 			{
@ -496,7 +496,7 @@ abstract class Handler
 	/**
 	 * Get grants of current user and app
 	 *
-	 * @return array user-id => EGW_ACL_ADD|EGW_ACL_READ|EGW_ACL_EDIT|EGW_ACL_DELETE pairs
+	 * @return array user-id => Api\Acl::ADD|Api\Acl::READ|Api\Acl::EDIT|Api\Acl::DELETE pairs
 	 */
 	public function get_grants()
 	{
@ -523,22 +523,22 @@ abstract class Handler
 		}
 		$priviledes = array('read-current-user-privilege-set' => 'read-current-user-privilege-set');
-		if (is_null($user) || $grants[$user] & EGW_ACL_READ)
+		if (is_null($user) || $grants[$user] & Api\Acl::READ)
 		{
 			$priviledes['read'] = 'read';
 			// allows on all calendars/addressbooks to write properties, as we store them on a per-user basis
 			// and only allow to modify explicit named properties in CalDAV, CardDAV or Calendarserver name-space
 			$priviledes['write-properties'] = 'write-properties';
 		}
-		if (is_null($user) || $grants[$user] & EGW_ACL_ADD)
+		if (is_null($user) || $grants[$user] & Api\Acl::ADD)
 		{
 			$priviledes['bind'] = 'bind';	// PUT for new resources
 		}
-		if (is_null($user) || $grants[$user] & EGW_ACL_EDIT)
+		if (is_null($user) || $grants[$user] & Api\Acl::EDIT)
 		{
 			$priviledes['write-content'] = 'write-content';	// otherwise iOS calendar does not allow to add events
 		}
-		if (is_null($user) || $grants[$user] & EGW_ACL_DELETE)
+		if (is_null($user) || $grants[$user] & Api\Acl::DELETE)
 		{
 			$priviledes['unbind'] = 'unbind';	// DELETE
 		}
@ -645,7 +645,7 @@ abstract class Handler
 		$privileges = array('read', 'read-current-user-privilege-set');
 		if ($this->caldav->prop_requested('current-user-privilege-set') === true && !isset($props['current-user-privilege-set']))
 		{
-			if ($this->check_access(EGW_ACL_EDIT, $entry))
+			if ($this->check_access(Api\Acl::EDIT, $entry))
 			{
 				$privileges[] = 'write-content';
 			}
--- a/api/src/CalDAV/Principals.php
+++ b/api/src/CalDAV/Principals.php
@ -921,7 +921,7 @@ class Principals extends Handler
 		{
 			$addressbooks[] = '/';
 		}
-		foreach(array_keys($GLOBALS['egw']->contacts->get_addressbooks(EGW_ACL_READ)) as $id)
+		foreach(array_keys($GLOBALS['egw']->contacts->get_addressbooks(Api\Acl::READ)) as $id)
 		{
 			if ((in_array('A',$addressbook_home_set) || in_array((string)$id,$addressbook_home_set)) &&
 				is_numeric($id) && ($owner = $this->accounts->id2name($id)))
@ -1366,8 +1366,8 @@ class Principals extends Handler
 			case 'users':
 			case 'groups':
 				$account = $location = $this->accounts->name2id($account, 'account_lid', $account_type[0]);
-				$right = $what == 'write' ? EGW_ACL_EDIT : EGW_ACL_READ;
+				$right = $what == 'write' ? Api\Acl::EDIT : Api\Acl::READ;
-				$mask = $what == 'write' ? EGW_ACL_EDIT : EGW_ACL_EDIT|EGW_ACL_READ;	// do NOT report write+read in read
+				$mask = $what == 'write' ? Api\Acl::EDIT : Api\Acl::EDIT|Api\Acl::READ;	// do NOT report write+read in read
 				break;
 			case 'locations':
@ -1522,13 +1522,13 @@ class Principals extends Handler
 		$set = array();
 		foreach($this->acl->get_grants($app, $app != 'addressbook', $account) as $account_id => $rights)
 		{
-			if ($account_id != $account && ($rights & EGW_ACL_READ) &&
+			if ($account_id != $account && ($rights & Api\Acl::READ) &&
 				($account_lid = $this->accounts->id2name($account_id)) &&
 				$this->accounts->visible($account_lid))	// only add visible accounts, gives error in iCal otherwise
 			{
 				$set[] = Api\CalDAV::mkprop('href', $this->base_uri.'/principals/'.
 					($account_id < 0 ? 'groups/' : 'users/').
-					$account_lid.'/'.$app.'-proxy-'.($rights & EGW_ACL_EDIT ? 'write' : 'read').'/');
+					$account_lid.'/'.$app.'-proxy-'.($rights & Api\Acl::EDIT ? 'write' : 'read').'/');
 			}
 		}
 		return $set;
@ -1694,13 +1694,13 @@ class Principals extends Handler
 	/**
 	 * Check if user has the neccessary rights on an entry
 	 *
-	 * @param int $acl EGW_ACL_READ, EGW_ACL_EDIT or EGW_ACL_DELETE
+	 * @param int $acl Api\Acl::READ, Api\Acl::EDIT or Api\Acl::DELETE
 	 * @param array|int $entry entry-array or id
 	 * @return boolean null if entry does not exist, false if no access, true if access permitted
 	 */
 	function check_access($acl,$entry)
 	{
-		if ($acl != EGW_ACL_READ)
+		if ($acl != Api\Acl::READ)
 		{
 			return false;
 		}
--- a/api/src/Categories.php
+++ b/api/src/Categories.php
@ -238,7 +238,7 @@ class Categories
 			}
 			// check for read permission
-			if(!$this->check_perms(EGW_ACL_READ, $cat, $globals === 'all_no_acl'))
+			if(!$this->check_perms(Acl::READ, $cat, $globals === 'all_no_acl'))
 			{
 				continue;
 			}
@ -470,7 +470,7 @@ class Categories
 	 * Checks category permissions for a given list of commaseparated category ids
 	 * and truncates it by the ones the user does not have the requested permission on
 	 *
-	 * @param int $needed necessary ACL right: EGW_ACL_{READ|EDIT|DELETE}
+	 * @param int $needed necessary ACL right: Acl::{READ|EDIT|DELETE}
 	 * @param string $cat_list commaseparated list of category ids
 	 * @return string truncated commaseparated list of category ids
 	 */
@ -487,7 +487,7 @@ class Categories
 		{
 			foreach($cat_arr as $id=>$cat_id)
 			{
-				if (!$this->check_perms($needed, $cat_id, false, $needed == EGW_ACL_READ))	// allow reading all global cats
+				if (!$this->check_perms($needed, $cat_id, false, $needed == Acl::READ))	// allow reading all global cats
 				{
 					unset($cat_arr[$id]);
 				}
@ -503,7 +503,7 @@ class Categories
 	 *
 	 * If the access of a category is set to private, one needs a private grant for the application
 	 *
-	 * @param int $needed necessary ACL right: EGW_ACL_{READ|EDIT|DELETE}
+	 * @param int $needed necessary ACL right: Acl::{READ|EDIT|DELETE}
 	 * @param mixed $category category as array or the category_id
 	 * @param boolean $no_acl_check =false if true, grants are NOT checked, gives access to all non-private categories of all users
 	 * @param boolean $allow_global_read if true, global cats are allowed (independent of app) for reading
@ -525,7 +525,7 @@ class Categories
 		}
 		// Read access to global categories
-		if ($needed == EGW_ACL_READ && (($is_global=array_intersect(explode(',',$category['owner']),$this->global_owners)) ||
+		if ($needed == Acl::READ && (($is_global=array_intersect(explode(',',$category['owner']),$this->global_owners)) ||
 			$no_acl_check && $category['access'] == 'public') &&	// no_acl_check only means public cats
 			($category['appname'] == self::GLOBAL_APPNAME || $category['appname'] == $this->app_name ||
 			$is_global && $allow_global_read))
@ -558,7 +558,7 @@ class Categories
 		foreach(explode(',',$category['owner']) as $owner)
 		{
 			$owner_grant = $owner_grant || (($this->grants[$owner] & $needed) &&
-				($category['access'] == 'public' ||  ($this->grants[$owner] & EGW_ACL_PRIVATE)));
+				($category['access'] == 'public' ||  ($this->grants[$owner] & Acl::PRIVAT)));
 		}
 		return $acl_grant && $owner_grant;
 	}
@ -704,7 +704,7 @@ class Categories
 		if (isset($values['old_parent']) && (int)$values['old_parent'] != (int)$values['parent'])
 		{
 			$ret = $this->check_consistency4update($values);
-			if ($ret !== true) throw new Exception\WrongUserinput($ret);
+			if ($ret !== true) throw new Exception\WrongUserInput($ret);
 			// everything seems in order -> proceed
 			$values['level'] = ($values['parent'] ? $this->id2name($values['parent'],'level')+1:0);
 			$this->adapt_level_in_subtree($values);
@ -717,7 +717,7 @@ class Categories
 			if ($values['parent'] > 0)
 			{
 				$ret = $this->check_consistency4update($values);
-				if ($ret !== true) throw new Exception\WrongUserinput($ret);
+				if ($ret !== true) throw new Exception\WrongUserInput($ret);
 				// everything seems in order -> proceed
 				$values['main']  = $this->id2name($values['parent'],'main');
@ -1056,7 +1056,7 @@ class Categories
 		static $cat2color = array();
 		// ACL check
-		$cats = $GLOBALS['egw']->categories->check_list(EGW_ACL_READ, $_cats);
+		$cats = $GLOBALS['egw']->categories->check_list(Acl::READ, $_cats);
 		if (!$cats) return null;
--- a/api/src/Config.php
+++ b/api/src/Config.php
@ -66,7 +66,7 @@ class Config
 	/**
 	 * reads the whole repository for $this->appname, appname has to be set via the constructor
 	 *
-	 * You can also use the static config::read($app) method, without instanciating the class.
+	 * You can also use the static Config::read($app) method, without instanciating the class.
 	 *
 	 * @return array the whole config-array for that app
 	 */
@ -95,7 +95,7 @@ class Config
 				if (!isset($this->config_data[$name]))	// has been deleted
 				{
 					self::save_value($name, null, $this->appname, false);
-					//self::$db->delete(config::TABLE,array('config_app'=>$this->appname,'config_name'=>$name),__LINE__,__FILE__);
+					//self::$db->delete(self::TABLE,array('config_app'=>$this->appname,'config_name'=>$name),__LINE__,__FILE__);
 				}
 			}
@ -126,9 +126,8 @@ class Config
 	{
 		if (!$app && (!isset($this) || !is_a($this,__CLASS__)))
 		{
-			throw new Exception\WrongParameter('$app parameter required for static call of config::save_value($name,$value,$app)!');
+			throw new Exception\WrongParameter('$app parameter required for static call of Config::save_value($name,$value,$app)!');
 		}
 		//echo "<p>config::save_value('$name','".print_r($value,True)."','$app')</p>\n";
 		if (!$app || isset($this) && is_a($this,__CLASS__) && $app == $this->appname)
 		{
 			$app = $this->appname;
@ -138,7 +137,7 @@ class Config
 		{
 			self::init_static();
 		}
-		//echo "<p>config::save_value('$name','".print_r($value,True)."','$app')</p>\n";
+
 		if (isset(self::$configs[$app][$name]) && self::$configs[$app][$name] === $value)
 		{
 			return True;	// no change ==> exit
@ -147,13 +146,13 @@ class Config
 		if (!isset($value) || $value === '')
 		{
 			if (isset(self::$configs[$app])) unset(self::$configs[$app][$name]);
-			self::$db->delete(config::TABLE,array('config_app'=>$app,'config_name'=>$name),__LINE__,__FILE__);
+			self::$db->delete(self::TABLE,array('config_app'=>$app,'config_name'=>$name),__LINE__,__FILE__);
 		}
 		else
 		{
 			self::$configs[$app][$name] = $value;
 			if(is_array($value)) $value = json_encode($value);
-			self::$db->insert(config::TABLE,array('config_value'=>$value),array('config_app'=>$app,'config_name'=>$name),__LINE__,__FILE__);
+			self::$db->insert(self::TABLE,array('config_value'=>$value),array('config_app'=>$app,'config_name'=>$name),__LINE__,__FILE__);
 		}
 		if ($update_cache)
 		{
@ -176,7 +175,7 @@ class Config
 		{
 			self::init_static();
 		}
-		self::$db->delete(config::TABLE,array('config_app' => $this->appname),__LINE__,__FILE__);
+		self::$db->delete(self::TABLE,array('config_app' => $this->appname),__LINE__,__FILE__);
 		unset(self::$configs[$this->appname]);
 		Cache::setInstance(__CLASS__, 'configs', self::$configs);
@ -345,7 +344,7 @@ class Config
 		if (!(self::$configs = Cache::getInstance(__CLASS__, 'configs')) || !is_array(self::$configs['phpgwapi']))
 		{
 			self::$configs = array();
-			foreach(self::$db->select(config::TABLE,'*',false,__LINE__,__FILE__) as $row)
+			foreach(self::$db->select(self::TABLE,'*',false,__LINE__,__FILE__) as $row)
 			{
 				self::$configs[$row['config_app']][$row['config_name']] = self::unserialize($row['config_value']);
 				//error_log(__METHOD__."() configs[$row[config_app]][$row[config_name]]=".array2string(self::$configs[$row['config_app']][$row['config_name']]));
--- a/api/src/Contacts.php
+++ b/api/src/Contacts.php
@ -334,13 +334,13 @@ class Contacts extends Contacts\Storage
 	/**
 	 * Get the availible addressbooks of the user
 	 *
-	 * @param int $required =EGW_ACL_READ required rights on the addressbook or multiple rights or'ed together,
+	 * @param int $required =Acl::READ required rights on the addressbook or multiple rights or'ed together,
 	 * 	to return only addressbooks fullfilling all the given rights
 	 * @param string $extra_label first label if given (already translated)
 	 * @param int $user =null account_id or null for current user
 	 * @return array with owner => label pairs
 	 */
-	function get_addressbooks($required=EGW_ACL_READ,$extra_label=null,$user=null)
+	function get_addressbooks($required=Acl::READ,$extra_label=null,$user=null)
 	{
 		if (is_null($user))
 		{
@ -371,11 +371,11 @@ class Contacts extends Contacts\Storage
 			asort($to_sort);
 			$addressbooks += $to_sort;
 		}
-		if ($required != EGW_ACL_ADD &&	// do NOT allow to set accounts as default addressbook (AB can add accounts)
+		if ($required != Acl::ADD &&	// do NOT allow to set accounts as default addressbook (AB can add accounts)
 			!$preferences['addressbook']['hide_accounts'] && (
 				($grants[0] & $required) == $required ||
 				$preferences['common']['account_selection'] == 'groupmembers' &&
-				$this->account_repository != 'ldap' && ($required & EGW_ACL_READ)))
+				$this->account_repository != 'ldap' && ($required & Acl::READ)))
 		{
 			$addressbooks[0] = lang('Accounts');
 		}
@ -808,7 +808,7 @@ class Contacts extends Contacts\Storage
 			$id = is_array($c) ? $c['id'] : $c;
 			$ok = false;
-			if ($this->check_perms(EGW_ACL_DELETE,$c,$deny_account_delete))
+			if ($this->check_perms(Acl::DELETE,$c,$deny_account_delete))
 			{
 				if (!($old = $this->read($id))) return false;
 				// check if we only mark contacts as deleted, or really delete them
@ -895,7 +895,7 @@ class Contacts extends Contacts\Storage
 		{
 			$contact['private'] = 0;
 		}
-		if(!$ignore_acl && !$this->check_perms($isUpdate ? EGW_ACL_EDIT : EGW_ACL_ADD,$contact))
+		if(!$ignore_acl && !$this->check_perms($isUpdate ? Acl::EDIT : Acl::ADD,$contact))
 		{
 			$this->error = 'access denied';
 			return false;
@ -1087,7 +1087,7 @@ class Contacts extends Contacts\Storage
 		{
 			$data = null;	// not found
 		}
-		elseif (!$ignore_acl && !$this->check_perms(EGW_ACL_READ,$data))
+		elseif (!$ignore_acl && !$this->check_perms(Acl::READ,$data))
 		{
 			$data = false;	// no view perms
 		}
@ -1118,7 +1118,7 @@ class Contacts extends Contacts\Storage
 	 * If the access of a contact is set to private, one need a private grant for a personal addressbook
 	 * or the group membership for a group-addressbook
 	 *
-	 * @param int $needed necessary ACL right: EGW_ACL_{READ|EDIT|DELETE}
+	 * @param int $needed necessary ACL right: Acl::{READ|EDIT|DELETE}
 	 * @param mixed $contact contact as array or the contact-id
 	 * @param boolean $deny_account_delete =false if true never allow to delete accounts
 	 * @param int $user =null for which user to check, default current user
@ -1147,17 +1147,17 @@ class Contacts extends Contacts\Storage
 		$owner = $contact['owner'];
 		// allow the user to edit his own account
-		if (!$owner && $needed == EGW_ACL_EDIT && $contact['account_id'] == $user && $this->own_account_acl)
+		if (!$owner && $needed == Acl::EDIT && $contact['account_id'] == $user && $this->own_account_acl)
 		{
 			$access = true;
 		}
 		// dont allow to delete own account (as admin handels it too)
-		elseif (!$owner && $needed == EGW_ACL_DELETE && ($deny_account_delete || $contact['account_id'] == $user))
+		elseif (!$owner && $needed == Acl::DELETE && ($deny_account_delete || $contact['account_id'] == $user))
 		{
 			$access = false;
 		}
 		// for reading accounts (owner == 0) and account_selection == groupmembers, check if current user and contact are groupmembers
-		elseif ($owner == 0 && $needed == EGW_ACL_READ &&
+		elseif ($owner == 0 && $needed == Acl::READ &&
 			$GLOBALS['egw_info']['user']['preferences']['common']['account_selection'] == 'groupmembers' &&
 			!isset($GLOBALS['egw_info']['user']['apps']['admin']))
 		{
@ -1166,7 +1166,7 @@ class Contacts extends Contacts\Storage
 		else
 		{
 			$access = ($grants[$owner] & $needed) &&
-				(!$contact['private'] || ($grants[$owner] & EGW_ACL_PRIVATE) || in_array($owner,$memberships));
+				(!$contact['private'] || ($grants[$owner] & Acl::PRIVAT) || in_array($owner,$memberships));
 		}
 		//error_log(__METHOD__."($needed,$contact[id],$deny_account_delete,$user) returning ".array2string($access));
 		return $access;
@ -1176,7 +1176,7 @@ class Contacts extends Contacts\Storage
 	 * Check access to the file store
 	 *
 	 * @param int|array $id id of entry or entry array
-	 * @param int $check EGW_ACL_READ for read and EGW_ACL_EDIT for write or delete access
+	 * @param int $check Acl::READ for read and Acl::EDIT for write or delete access
 	 * @param string $rel_path =null currently not used in InfoLog
 	 * @param int $user =null for which user to check, default current user
 	 * @return boolean true if access is granted or false otherwise
@ -1410,7 +1410,7 @@ class Contacts extends Contacts\Storage
 			}
 			if ($fields)
 			{
-				if (!$this->check_perms(EGW_ACL_EDIT,$member) || !$this->save($member))
+				if (!$this->check_perms(Acl::EDIT,$member) || !$this->save($member))
 				{
 					++$failed_members;
 				}
@ -1765,7 +1765,7 @@ class Contacts extends Contacts\Storage
 			$target = $contacts[0];
 			unset($contacts[0]);
 		}
-		if (!$this->check_perms(EGW_ACL_EDIT,$target))
+		if (!$this->check_perms(Acl::EDIT,$target))
 		{
 			echo $this->error = 'No edit permission for the target contact!';
 			return 0;
@ -1809,7 +1809,7 @@ class Contacts extends Contacts\Storage
 		$success = 1;
 		foreach($contacts as $contact)
 		{
-			if (!$this->check_perms(EGW_ACL_DELETE,$contact))
+			if (!$this->check_perms(Acl::DELETE,$contact))
 			{
 				continue;
 			}
@ -1875,7 +1875,7 @@ class Contacts extends Contacts\Storage
 	 */
 	function add_list($keys,$owner,$contacts=array(),array &$data=array())
 	{
-		if (!$this->check_list(null,EGW_ACL_ADD|EGW_ACL_EDIT,$owner)) return false;
+		if (!$this->check_list(null,Acl::ADD|Acl::EDIT,$owner)) return false;
 		try {
 			$ret = parent::add_list($keys,$owner,$contacts,$data);
@ -1899,7 +1899,7 @@ class Contacts extends Contacts\Storage
 	 */
 	function add2list($contact,$list,array $existing=null)
 	{
-		if (!$this->check_list($list,EGW_ACL_EDIT)) return false;
+		if (!$this->check_list($list,Acl::EDIT)) return false;
 		unset(self::$list_cache[$list]);
@ -1915,7 +1915,7 @@ class Contacts extends Contacts\Storage
 	 */
 	function remove_from_list($contact,$list=null)
 	{
-		if ($list && !$this->check_list($list,EGW_ACL_EDIT)) return false;
+		if ($list && !$this->check_list($list,Acl::EDIT)) return false;
 		if ($list)
 		{
@ -1937,7 +1937,7 @@ class Contacts extends Contacts\Storage
 	 */
 	function delete_list($list)
 	{
-		if (!$this->check_list($list,EGW_ACL_DELETE)) return false;
+		if (!$this->check_list($list,Acl::DELETE)) return false;
 		foreach((array)$list as $l)
 		{
@ -2050,7 +2050,7 @@ class Contacts extends Contacts\Storage
 			{
 				foreach ($old_categories as $cat_id)
 				{
-					if (!$this->categories->check_perms(EGW_ACL_READ, $cat_id))
+					if (!$this->categories->check_perms(Acl::READ, $cat_id))
 					{
 						$old_cats_preserve[] = $cat_id;
 					}
@ -2108,7 +2108,7 @@ class Contacts extends Contacts\Storage
 		$cat_list = array();
 		foreach($cat_id_list as $cat_id)
 		{
-			if ($cat_id && $this->categories->check_perms(EGW_ACL_READ, $cat_id) &&
+			if ($cat_id && $this->categories->check_perms(Acl::READ, $cat_id) &&
 					($cat_name = $this->categories->id2name($cat_id)) && $cat_name != '--')
 			{
 				$cat_list[] = $cat_name;
--- a/api/src/Contacts/Storage.php
+++ b/api/src/Contacts/Storage.php
@ -344,20 +344,20 @@ class Storage
 			// ToDo: be more specific for 'groupmembers', they should be able to see the groupmembers
 			if (!in_array($preferences['common']['account_selection'], array('none','groupmembers')))
 			{
-				$grants[0] = EGW_ACL_READ;
+				$grants[0] = Api\Acl::READ;
 			}
 			// add account grants for admins (only for current user!)
 			if ($user == $this->user && $this->is_admin())	// admin rights can be limited by ACL!
 			{
-				$grants[0] = EGW_ACL_READ;	// admins always have read-access
+				$grants[0] = Api\Acl::READ;	// admins always have read-access
-				if (!$GLOBALS['egw']->acl->check('account_access',16,'admin')) $grants[0] |= EGW_ACL_EDIT;
+				if (!$GLOBALS['egw']->acl->check('account_access',16,'admin')) $grants[0] |= Api\Acl::EDIT;
-				if (!$GLOBALS['egw']->acl->check('account_access',4,'admin'))  $grants[0] |= EGW_ACL_ADD;
+				if (!$GLOBALS['egw']->acl->check('account_access',4,'admin'))  $grants[0] |= Api\Acl::ADD;
-				if (!$GLOBALS['egw']->acl->check('account_access',32,'admin')) $grants[0] |= EGW_ACL_DELETE;
+				if (!$GLOBALS['egw']->acl->check('account_access',32,'admin')) $grants[0] |= Api\Acl::DELETE;
 			}
 			// allow certain groups to edit contact-data of accounts
 			if (self::allow_account_edit($user))
 			{
-				$grants[0] |= EGW_ACL_READ|EGW_ACL_EDIT;
+				$grants[0] |= Api\Acl::READ|Api\Acl::EDIT;
 			}
 		}
 		else
@ -985,12 +985,12 @@ class Storage
 	/**
 	 * Get the availible distribution lists for a user
 	 *
-	 * @param int $required =EGW_ACL_READ required rights on the list or multiple rights or'ed together,
+	 * @param int $required =Api\Acl::READ required rights on the list or multiple rights or'ed together,
 	 * 	to return only lists fullfilling all the given rights
 	 * @param string $extra_labels =null first labels if given (already translated)
 	 * @return array with id => label pairs or false if backend does not support lists
 	 */
-	function get_lists($required=EGW_ACL_READ,$extra_labels=null)
+	function get_lists($required=Api\Acl::READ,$extra_labels=null)
 	{
 		if (!method_exists($this->somain,'get_lists')) return false;
--- a/api/src/DateTime.php
+++ b/api/src/DateTime.php
@ -556,7 +556,7 @@ class DateTime extends \DateTime
 				self::$server_timezone = new DateTimeZone('Europe/Berlin');
 			}
 			error_log(__METHOD__."() invalid server_timezone='{$GLOBALS['egw_info']['server']['server_timezone']}' setting now '".self::$server_timezone->getName()."'!");
-			config::save_value('server_timezone',$GLOBALS['egw_info']['server']['server_timezone'] = self::$server_timezone->getName(),'phpgwapi');
+			Config::save_value('server_timezone',$GLOBALS['egw_info']['server']['server_timezone'] = self::$server_timezone->getName(),'phpgwapi');
 		}
 		if (!isset($GLOBALS['egw_info']['user']['preferences']['common']['tz']))
 		{
--- a/api/src/Egw.php
+++ b/api/src/Egw.php
@ -371,7 +371,7 @@ class Egw extends Egw\Base
 					{
 						$GLOBALS['egw']->session->destroy($sessionid);
 					}
-					throw new Exception\Redirect(egw::link('/logout.php'));
+					throw new Exception\Redirect(self::link('/logout.php'));
 				}
 				if ($currentapp == 'admin' || $GLOBALS['egw_info']['flags']['admin_only'])
 				{
--- a/api/src/Etemplate/Widget/Taglist.php
+++ b/api/src/Etemplate/Widget/Taglist.php
@ -124,7 +124,7 @@ class Taglist extends Etemplate\Widget
 				}
 				if($this->type == 'taglist-email' && $this->attrs['include_lists'] && is_numeric($val))
 				{
-					$lists = $GLOBALS['egw']->contacts->get_lists(EGW_ACL_READ);
+					$lists = $GLOBALS['egw']->contacts->get_lists(Api\Acl::READ);
 					if(!array_key_exists($val, $lists))
 					{
 						self::set_validation_error($form_name,lang("'%1' is NOT allowed ('%2')!",$val,implode("','",array_keys($lists))),'');
--- a/api/src/Link.php
+++ b/api/src/Link.php
@ -1581,7 +1581,7 @@ class Link extends Link\Storage
 	 * @param string $app
 	 * @param int|string $id
 	 * @param string $title title string or null
-	 * @param int $file_access =null EGW_ACL_READ, EGW_ACL_EDIT or both or'ed together
+	 * @param int $file_access =null Acl::READ, Acl::EDIT or both or'ed together
 	 */
 	public static function set_cache($app,$id,$title,$file_access=null)
 	{
@ -1682,12 +1682,12 @@ class Link extends Link\Storage
 	 * @ToDo $rel_path is not yet implemented, as no app use it currently
 	 * @param string $app
 	 * @param string|int $id id of entry
-	 * @param int $required =EGW_ACL_READ EGW_ACL_{READ|EDIT}
+	 * @param int $required =Acl::READ Acl::{READ|EDIT}
 	 * @param string $rel_path =null
 	 * @param int $user =null default null = current user
 	 * @return boolean true if access granted, false otherwise
 	 */
-	static function file_access($app,$id,$required=EGW_ACL_READ,$rel_path=null,$user=null)
+	static function file_access($app,$id,$required=Acl::READ,$rel_path=null,$user=null)
 	{
 		// are we called for an other user
 		if ($user && $user != $GLOBALS['egw_info']['user']['account_id'])
@ -1709,15 +1709,15 @@ class Link extends Link\Storage
 		$cache =& self::get_cache($app,$id,'file_access');
-		if (!isset($cache) || $required == EGW_ACL_EDIT && !($cache & $required))
+		if (!isset($cache) || $required == Acl::EDIT && !($cache & $required))
 		{
 			if(($method = self::get_registry($app,'file_access')))
 			{
-				$cache |= ExecMethod2($method,$id,$required,$rel_path) ? $required|EGW_ACL_READ : 0;
+				$cache |= ExecMethod2($method,$id,$required,$rel_path) ? $required|Acl::READ : 0;
 			}
 			else
 			{
-				$cache |= self::title($app,$id) ? EGW_ACL_READ|EGW_ACL_EDIT : 0;
+				$cache |= self::title($app,$id) ? Acl::READ|Acl::EDIT : 0;
 			}
 			//error_log(__METHOD__."($app,$id,$required,$rel_path) got $cache --> ".($cache & $required ? 'true' : 'false'));
 		}
--- a/api/src/Mail/Account.php
+++ b/api/src/Mail/Account.php
@ -892,7 +892,7 @@ class Account implements \ArrayAccess
 	/**
 	 * Check which rights current user has on mail-account
 	 *
-	 * @param int $rights EGW_ACL_(READ|EDIT|DELETE)
+	 * @param int $rights Api\Acl::(READ|EDIT|DELETE)
 	 * @param array|Account $account account array or object
 	 * @return boolean
 	 */
@ -920,12 +920,12 @@ class Account implements \ArrayAccess
 			{
 				switch($rights)
 				{
-					case EGW_ACL_READ:
+					case Api\Acl::READ:
 						$access = true;
 						break;
-					case EGW_ACL_EDIT:
+					case Api\Acl::EDIT:
-					case EGW_ACL_DELETE:
+					case Api\Acl::DELETE:
 						// users have only edit/delete rights on accounts marked as user-editable AND belonging to them personally
 						if (!$account['acc_user_editable'])
 						{
--- a/api/src/Mailer.php
+++ b/api/src/Mailer.php
@ -541,7 +541,7 @@ class Mailer extends Horde_Mime_Mail
 			if (!isset($flowed)) $flowed = $this->_body && $this->_body->getType() != 'multipart/encrypted';
 			// check if flowed is disabled in mail site configuration
-			if (($config = config::read('mail')) && $config['disable_rfc3676_flowed'])
+			if (($config = Config::read('mail')) && $config['disable_rfc3676_flowed'])
 			{
 				$flowed = false;
 			}
--- a/api/src/Session.php
+++ b/api/src/Session.php
@ -937,7 +937,7 @@ class Session
 		$this->account_id = $GLOBALS['egw']->accounts->name2id($this->account_lid,'account_lid','u');
 		if (!$this->account_id)
 		{
-			if (self::ERROR_LOG_DEBUG) error_log("*** session::verify($sessionid) !accounts::name2id('$this->account_lid')");
+			if (self::ERROR_LOG_DEBUG) error_log("*** Session::verify($sessionid) !accounts::name2id('$this->account_lid')");
 			return false;
 		}
@ -955,7 +955,7 @@ class Session
 		if ($GLOBALS['egw']->accounts->is_expired($GLOBALS['egw_info']['user']))
 		{
-			if (self::ERROR_LOG_DEBUG) error_log("*** session::verify($sessionid) accounts is expired");
+			if (self::ERROR_LOG_DEBUG) error_log("*** Session::verify($sessionid) accounts is expired");
 			return false;
 		}
 		$this->passwd = base64_decode(Cache::getSession('phpgwapi', 'password'));
@ -966,7 +966,7 @@ class Session
 		}
 		if ($this->account_domain != $GLOBALS['egw_info']['user']['domain'])
 		{
-			if (self::ERROR_LOG_DEBUG) error_log("*** session::verify($sessionid) wrong domain");
+			if (self::ERROR_LOG_DEBUG) error_log("*** Session::verify($sessionid) wrong domain");
 			return false;
 		}
@ -975,7 +975,7 @@ class Session
 			if (strtoupper(substr(PHP_OS,0,3)) != 'WIN' && (!$GLOBALS['egw_info']['user']['session_ip'] ||
 				$GLOBALS['egw_info']['user']['session_ip'] != $this->getuser_ip()))
 			{
-				if (self::ERROR_LOG_DEBUG) error_log("*** session::verify($sessionid) wrong IP");
+				if (self::ERROR_LOG_DEBUG) error_log("*** Session::verify($sessionid) wrong IP");
 				return false;
 			}
 		}
@ -988,7 +988,7 @@ class Session
 		}
 		if (!$this->account_lid)
 		{
-			if (self::ERROR_LOG_DEBUG) error_log("*** session::verify($sessionid) !account_lid");
+			if (self::ERROR_LOG_DEBUG) error_log("*** Session::verify($sessionid) !account_lid");
 			return false;
 		}
@ -1007,13 +1007,13 @@ class Session
 			$_REQUEST[self::EGW_SESSION_NAME] === $this->sessionid &&
 			(!isset($_COOKIE[self::EGW_SESSION_NAME]) || $_COOKIE[self::EGW_SESSION_NAME] !== $_REQUEST[self::EGW_SESSION_NAME]))
 		{
-			if (self::ERROR_LOG_DEBUG) error_log("--> session::verify($sessionid) SUCCESS, but NO required cookies set --> setting them now");
+			if (self::ERROR_LOG_DEBUG) error_log("--> Session::verify($sessionid) SUCCESS, but NO required cookies set --> setting them now");
 			self::egw_setcookie(self::EGW_SESSION_NAME,$this->sessionid);
 			self::egw_setcookie('kp3',$this->kp3);
 			self::egw_setcookie('domain',$this->account_domain);
 		}
-		if (self::ERROR_LOG_DEBUG) error_log("--> session::verify($sessionid) SUCCESS");
+		if (self::ERROR_LOG_DEBUG) error_log("--> Session::verify($sessionid) SUCCESS");
 		return true;
 	}
--- a/api/src/Vfs/Links/StreamWrapper.php
+++ b/api/src/Vfs/Links/StreamWrapper.php
@ -111,8 +111,8 @@ class StreamWrapper extends LinksParent
 		// which gives him then read AND write access to the file store of the entry
 		else
 		{
-			// vfs & stream-wrapper use posix rights, Api\Link::file_access uses EGW_ACL_{EDIT|READ}!
+			// vfs & stream-wrapper use posix rights, Api\Link::file_access uses Api\Acl::{EDIT|READ}!
-			$required = $check & Vfs::WRITABLE ? EGW_ACL_EDIT : EGW_ACL_READ;
+			$required = $check & Vfs::WRITABLE ? Api\Acl::EDIT : Api\Acl::READ;
 			$access = Api\Link::file_access($app,$id,$required,$rel_path,Vfs::$user);
 			$what = "from Api\Link::file_access('$app',$id,$required,'$rel_path,".Vfs::$user.")";
 		}
--- a/api/src/Vfs/Sqlfs/StreamWrapper.php
+++ b/api/src/Vfs/Sqlfs/StreamWrapper.php
@ -1855,7 +1855,7 @@ class StreamWrapper implements Vfs\StreamWrapperIface
 		{
 			return false;
 		}
-		if (!Vfs::check_access($path,EGW_ACL_EDIT,$stat))
+		if (!Vfs::check_access($path,Api\Acl::EDIT,$stat))
 		{
 			return false;	// permission denied
 		}