/**
* Returns a list of privileges the current user has
* on a particular node.
*
* Either a uri or a DAV\INode may be passed.
*
* null will be returned if the node doesn't support ACLs.
*
* @param string|DAV\INode $node
* @return array
*/
function getCurrentUserPrivilegeSet($node)
{
if (is_string($node)) {
$node = $this->server->tree->getNodeForPath($node);
}
$acl = $this->getACL($node);
$collected = [];
$isAuthenticated = $this->getCurrentUserPrincipal() !== null;
foreach ($acl as $ace) {
$principal = $ace['principal'];
switch ($principal) {
case '{DAV:}owner':
$owner = $node->getOwner();
if ($owner && $this->principalMatchesPrincipal($owner)) {
$collected[] = $ace;
}
break;
// 'all' matches for every user
// 'all' matches for every user
case '{DAV:}all':
$collected[] = $ace;
break;
case '{DAV:}authenticated':
// Authenticated users only
if ($isAuthenticated) {
$collected[] = $ace;
}
break;
case '{DAV:}unauthenticated':
// Unauthenticated users only
if (!$isAuthenticated) {
$collected[] = $ace;
}
break;
default:
if ($this->principalMatchesPrincipal($ace['principal'])) {
$collected[] = $ace;
}
break;
}
}
// Now we deduct all aggregated privileges.
$flat = $this->getFlatPrivilegeSet($node);
$collected2 = [];
while (count($collected)) {
$current = array_pop($collected);
$collected2[] = $current['privilege'];
if (!isset($flat[$current['privilege']])) {
// Ignoring privileges that are not in the supported-privileges list.
$this->server->getLogger()->debug('A node has the "' . $current['privilege'] . '" in its ACL list, but this privilege was not reported in the supportedPrivilegeSet list. This will be ignored.');
continue;
}
foreach ($flat[$current['privilege']]['aggregates'] as $subPriv) {
$collected2[] = $subPriv;
$collected[] = $flat[$subPriv];
}
}
return array_values(array_unique($collected2));
}
