Copyright 2001-2016 Horde LLC (http://www.horde.org/)
See the enclosed file COPYING for license information (LGPL). If you
did not receive this file, see http://www.horde.org/licenses/lgpl21.
/**
* Returns an array of all group permissions on a share.
*
* @param string $scope The name of the share root, e.g. the
* application that the share belongs to.
* @param string $shareName The share's name.
* @param string $groupName The group's name.
*
* @return array All group permissions for this share.
* @throws Horde_Exception
*/
public function listGroupPermissions($scope, $shareName, $groupName)
{
if (!$GLOBALS['registry']->isAdmin()) {
throw new Horde_Exception(_("You are not allowed to list share permissions."));
}
$perm_map = array(Horde_Perms::SHOW => 'show', Horde_Perms::READ => 'read', Horde_Perms::EDIT => 'edit', Horde_Perms::DELETE => 'delete');
$shares = $GLOBALS['injector']->getInstance('Horde_Core_Factory_Share')->create($scope);
$share = $shares->getShare($shareName);
$perm = $share->getPermission();
$permissions = $perm->getGroupPermissions();
if (empty($permissions[$groupName])) {
return array();
}
$group_permissions = array();
foreach (array_keys(Horde_Perms::integerToArray($permissions[$groupName])) as $permission) {
$group_permissions[] = $perm_map[$permission];
}
return $group_permissions;
}
/**
* Create a permission editing form.
*
* @param Horde_Perms_Permission $permission TODO
*/
public function setupEditForm($permission)
{
/* Initialise form if required. */
$this->_formInit();
$this->_form->setButtons(Horde_Core_Translation::t("Update"), true);
$this->_vars->set('perm_id', $this->_perms->getPermissionId($permission));
$this->_form->addHidden('', 'perm_id', 'text', false);
/* Get permission configuration. */
$this->_type = $permission->get('type');
$params = $this->_corePerms->getParams($permission->getName());
/* Default permissions. */
$perm_val = $permission->getDefaultPermissions();
$this->_form->setSection('default', Horde_Core_Translation::t("All Authenticated Users"), Horde_Themes_Image::tag('perms.png'), false);
/* We MUST use 'deflt' for the variable name because 'default' is a
* reserved word in JavaScript. */
if ($this->_type == 'matrix') {
/* Set up the columns for the permissions matrix. */
$cols = Horde_Perms::getPermsArray();
/* Define a single matrix row for default perms. */
$matrix = array(Horde_Perms::integerToArray($perm_val));
$this->_form->addVariable('', 'deflt', 'matrix', false, false, null, array($cols, array(0 => ''), $matrix));
} else {
$var = $this->_form->addVariable('', 'deflt', $this->_type, false, false, null, $params);
$var->setDefault($perm_val);
}
/* Guest permissions. */
$perm_val = $permission->getGuestPermissions();
$this->_form->setSection('guest', Horde_Core_Translation::t("Guest Permissions"), '', false);
if ($this->_type == 'matrix') {
/* Define a single matrix row for guest perms. */
$matrix = array(Horde_Perms::integerToArray($perm_val));
$this->_form->addVariable('', 'guest', 'matrix', false, false, null, array($cols, array(0 => ''), $matrix));
} else {
$var = $this->_form->addVariable('', 'guest', $this->_type, false, false, null, $params);
$var->setDefault($perm_val);
}
/* Object creator permissions. */
$perm_val = $permission->getCreatorPermissions();
$this->_form->setSection('creator', Horde_Core_Translation::t("Creator Permissions"), Horde_Themes_Image::tag('user.png'), false);
if ($this->_type == 'matrix') {
/* Define a single matrix row for creator perms. */
$matrix = array(Horde_Perms::integerToArray($perm_val));
$this->_form->addVariable('', 'creator', 'matrix', false, false, null, array($cols, array(0 => ''), $matrix));
} else {
$var = $this->_form->addVariable('', 'creator', $this->_type, false, false, null, $params);
$var->setDefault($perm_val);
}
/* Users permissions. */
$perm_val = $permission->getUserPermissions();
$this->_form->setSection('users', Horde_Core_Translation::t("Individual Users"), Horde_Themes_Image::tag('user.png'), false);
$auth = $GLOBALS['injector']->getInstance('Horde_Core_Factory_Auth')->create();
$user_list = array();
if ($auth->hasCapability('list')) {
/* The auth driver has list capabilities so set up an array which
* the matrix field type will recognise to set up an enum box for
* adding new users to the permissions matrix. */
$new_users = array();
try {
$user_list = $auth->listNames();
foreach ($user_list as $user => $name) {
if (!isset($perm_val[$user])) {
$new_users[$user] = $name;
}
}
} catch (Horde_Auth_Exception $e) {
$new_users = true;
}
} else {
/* No list capabilities, setting to true so that the matrix field
* type will offer a text input box for adding new users. */
$new_users = true;
}
if ($this->_type == 'matrix') {
/* Set up the matrix array, breaking up each permission integer
* into an array. The keys of this array will be the row
* headers. */
$rows = array();
$matrix = array();
foreach ($perm_val as $u_id => $u_perms) {
$rows[$u_id] = isset($user_list[$u_id]) ? $user_list[$u_id] : $u_id;
$matrix[$u_id] = Horde_Perms::integerToArray($u_perms);
}
$this->_form->addVariable('', 'u', 'matrix', false, false, null, array($cols, $rows, $matrix, $new_users));
} else {
if ($new_users) {
if (is_array($new_users)) {
$u_n = Horde_Util::getFormData('u_n');
$u_n = empty($u_n['u']) ? null : $u_n['u'];
$user_html = '<select name="u_n[u]"><option value="">' . Horde_Core_Translation::t("-- select --") . '</option>';
foreach ($new_users as $new_user => $name) {
$user_html .= '<option value="' . $new_user . '"';
$user_html .= $u_n == $new_user ? ' selected="selected"' : '';
$user_html .= '>' . htmlspecialchars($name) . '</option>';
}
$user_html .= '</select>';
} else {
$user_html = '<input type="text" name="u_n[u]" />';
}
$this->_form->addVariable($user_html, 'u_n[v]', $this->_type, false, false, null, $params);
}
foreach ($perm_val as $u_id => $u_perms) {
$var = $this->_form->addVariable($u_id, 'u_v[' . $u_id . ']', $this->_type, false, false, null, $params);
$var->setDefault($u_perms);
}
}
/* Groups permissions. */
$perm_val = $permission->getGroupPermissions();
$this->_form->setSection('groups', Horde_Core_Translation::t("Groups"), Horde_Themes_Image::tag('group.png'), false);
try {
$group_list = $GLOBALS['injector']->getInstance('Horde_Group')->listAll();
} catch (Horde_Group_Exception $e) {
$GLOBALS['notification']->push($e);
$group_list = array();
}
if (!empty($group_list)) {
/* There is an available list of groups so set up an array which
* the matrix field type will recognise to set up an enum box for
* adding new groups to the permissions matrix. */
$new_groups = array();
foreach ($group_list as $groupId => $group) {
if (!isset($perm_val[$groupId])) {
$new_groups[$groupId] = $group;
}
}
} else {
/* Do not offer a text box to add new groups. */
$new_groups = false;
}
if ($this->_type == 'matrix') {
/* Set up the matrix array, break up each permission integer into
* an array. The keys of this array will be the row headers. */
$rows = array();
$matrix = array();
foreach ($perm_val as $g_id => $g_perms) {
$rows[$g_id] = isset($group_list[$g_id]) ? $group_list[$g_id] : $g_id;
$matrix[$g_id] = Horde_Perms::integerToArray($g_perms);
}
$this->_form->addVariable('', 'g', 'matrix', false, false, null, array($cols, $rows, $matrix, $new_groups));
} else {
if ($new_groups) {
if (is_array($new_groups)) {
$g_n = Horde_Util::getFormData('g_n');
$g_n = empty($g_n['g']) ? null : $g_n['g'];
$group_html = '<select name="g_n[g]"><option value="">' . Horde_Core_Translation::t("-- select --") . '</option>';
foreach ($new_groups as $groupId => $group) {
$group_html .= '<option value="' . $groupId . '"';
$group_html .= $g_n == $groupId ? ' selected="selected"' : '';
$group_html .= '>' . htmlspecialchars($group) . '</option>';
}
$group_html .= '</select>';
} else {
$group_html = '<input type="text" name="g_n[g]" />';
}
$this->_form->addVariable($group_html, 'g_n[v]', $this->_type, false, false, null, $params);
}
foreach ($perm_val as $g_id => $g_perms) {
$var = $this->_form->addVariable(isset($group_list[$g_id]) ? $group_list[$g_id] : $g_id, 'g_v[' . $g_id . ']', $this->_type, false, false, null, $params);
$var->setDefault($g_perms);
}
}
/* Set form title. */
$this->_form->setTitle(sprintf(Horde_Core_Translation::t("Edit permissions for \"%s\""), $this->_corePerms->getTitle($permission->getName())));
}
/**
* Updates the permissions based on data passed in the array.
*
* @param array $perms An array containing the permissions which are to
* be updated.
*/
public function updatePermissions($perms)
{
$type = $this->get('type');
if ($type == 'matrix') {
/* Array of permission types to iterate through. */
$perm_types = Horde_Perms::getPermsArray();
}
foreach ($perms as $perm_class => $perm_values) {
switch ($perm_class) {
case 'default':
case 'guest':
case 'creator':
if ($type == 'matrix') {
foreach ($perm_types as $val => $label) {
if (!empty($perm_values[$val])) {
$this->setPerm($perm_class, $val, false);
} else {
$this->unsetPerm($perm_class, $val, false);
}
}
} elseif (!empty($perm_values)) {
$this->setPerm($perm_class, $perm_values, false);
} else {
$this->unsetPerm($perm_class, null, false);
}
break;
case 'u':
case 'g':
$permId = array('class' => $perm_class == 'u' ? 'users' : 'groups');
/* Figure out what names that are stored in this permission
* class have not been submitted for an update, ie. have been
* removed entirely. */
$current_names = isset($this->data[$permId['class']]) ? array_keys($this->data[$permId['class']]) : array();
$updated_names = array_keys($perm_values);
$removed_names = array_diff($current_names, $updated_names);
/* Remove any names that have been completely unset. */
foreach ($removed_names as $name) {
unset($this->data[$permId['class']][$name]);
}
/* If nothing to actually update finish with this case. */
if (is_null($perm_values)) {
continue;
}
/* Loop through the names and update permissions for each. */
// @todo for Horde 6 - allow integer 0 values?
foreach ($perm_values as $name => $name_values) {
$permId['name'] = $name;
if ($type == 'matrix') {
foreach ($perm_types as $val => $label) {
if ($name_values[$val] === '0' || !empty($name_values[$val])) {
$this->setPerm($permId, $val, false);
} else {
$this->unsetPerm($permId, $val, false);
}
}
} elseif ($name_values === '0' || !empty($name_values)) {
$this->setPerm($permId, $name_values, false);
} else {
$this->unsetPerm($permId, null, false);
}
}
break;
}
}
}
