Copyright 2009-2015 Horde LLC (http://www.horde.org/)
See the enclosed file COPYING for license information (GPL). If you
did not receive this file, see http://www.horde.org/licenses/gpl.
/**
* Adds a new resource to storage
*
* @param Kronolith_Resource_Base $resource
*
* @return unknown_type
*/
public static function addResource(Kronolith_Resource_Base $resource)
{
// Create a new calendar id.
$calendar = uniqid(mt_rand());
$resource->set('calendar', $calendar);
$driver = Kronolith::getDriver('Resource');
return $driver->save($resource);
}
/**
* Obtain the resource's internal identifier, taking into account whether or
* not we have validated/selected a resource for this group yet.
*
* @return string The id.
*/
public function getId()
{
if (!empty($this->_selectedResource)) {
return $this->_selectedResource->getId();
} else {
return parent::getId();
}
}
/**
*
*
* @param string $property The property to get
*
* @return mixed The value of $property
*/
public function get($property)
{
$property = str_replace('resource_', '', $property);
if ($property == 'calendar') {
return $this->_share->getName();
}
return parent::get($property);
}
/**
* Reads a submitted permissions form and updates the share permissions.
*
* @param Horde_Share_Object|Kronolith_Resource_Base $share The share to update.
*
* @return array A list of error messages.
* @throws Kronolith_Exception
*/
public static function readPermsForm($share)
{
$auth = $GLOBALS['injector']->getInstance('Horde_Core_Factory_Auth')->create();
$perm = $share->getPermission();
$errors = array();
if ($GLOBALS['conf']['share']['notify']) {
$identity = $GLOBALS['injector']->getInstance('Horde_Core_Factory_Identity')->create();
$mail = new Horde_Mime_Mail(array('From' => $identity->getDefaultFromAddress(true), 'User-Agent' => 'Kronolith ' . $GLOBALS['registry']->getVersion()));
$image = self::getImagePart('big_share.png');
$view = new Horde_View(array('templatePath' => KRONOLITH_TEMPLATES . '/share'));
new Horde_View_Helper_Text($view);
$view->identity = $identity;
$view->calendar = $share->get('name');
$view->imageId = $image->getContentId();
}
// Process owner and owner permissions.
if (!$share instanceof Kronolith_Resource_Base) {
$old_owner = $share->get('owner');
$new_owner_backend = Horde_Util::getFormData('owner_select', Horde_Util::getFormData('owner_input', $old_owner));
$new_owner = $GLOBALS['registry']->convertUsername($new_owner_backend, true);
// Only set new owner if this isn't a system calendar, and the
// owner actually changed and the new owner is set at all.
if (!is_null($old_owner) && $old_owner !== $new_owner && !empty($new_owner)) {
if ($old_owner != $GLOBALS['registry']->getAuth() && !$GLOBALS['registry']->isAdmin()) {
$errors[] = _("Only the owner or system administrator may change ownership or owner permissions for a share");
} elseif ($auth->hasCapability('list') && !$auth->exists($new_owner_backend)) {
$errors[] = sprintf(_("The user \"%s\" does not exist."), $new_owner_backend);
} else {
$share->set('owner', $new_owner);
$share->save();
if ($GLOBALS['conf']['share']['notify']) {
$view->ownerChange = true;
$multipart = self::buildMimeMessage($view, 'notification', $image);
$to = $GLOBALS['injector']->getInstance('Horde_Core_Factory_Identity')->create($new_owner)->getDefaultFromAddress(true);
$mail->addHeader('Subject', _("Ownership assignment"));
$mail->addHeader('To', $to);
$mail->setBasePart($multipart);
$mail->send($GLOBALS['injector']->getInstance('Horde_Mail'));
$view->ownerChange = false;
}
}
}
}
if ($GLOBALS['conf']['share']['notify']) {
if ($GLOBALS['conf']['share']['hidden']) {
$view->subscribe = Horde::url('calendars/subscribe.php', true)->add('calendar', $share->getName());
}
$multipart = self::buildMimeMessage($view, 'notification', $image);
}
if ($GLOBALS['registry']->isAdmin() || !empty($GLOBALS['conf']['share']['world'])) {
// Process default permissions.
if (Horde_Util::getFormData('default_show')) {
$perm->addDefaultPermission(Horde_Perms::SHOW, false);
} else {
$perm->removeDefaultPermission(Horde_Perms::SHOW, false);
}
if (Horde_Util::getFormData('default_read')) {
$perm->addDefaultPermission(Horde_Perms::READ, false);
} else {
$perm->removeDefaultPermission(Horde_Perms::READ, false);
}
if (Horde_Util::getFormData('default_edit')) {
$perm->addDefaultPermission(Horde_Perms::EDIT, false);
} else {
$perm->removeDefaultPermission(Horde_Perms::EDIT, false);
}
if (Horde_Util::getFormData('default_delete')) {
$perm->addDefaultPermission(Horde_Perms::DELETE, false);
} else {
$perm->removeDefaultPermission(Horde_Perms::DELETE, false);
}
if (Horde_Util::getFormData('default_delegate')) {
$perm->addDefaultPermission(self::PERMS_DELEGATE, false);
} else {
$perm->removeDefaultPermission(self::PERMS_DELEGATE, false);
}
// Process guest permissions.
if (Horde_Util::getFormData('guest_show')) {
$perm->addGuestPermission(Horde_Perms::SHOW, false);
} else {
$perm->removeGuestPermission(Horde_Perms::SHOW, false);
}
if (Horde_Util::getFormData('guest_read')) {
$perm->addGuestPermission(Horde_Perms::READ, false);
} else {
$perm->removeGuestPermission(Horde_Perms::READ, false);
}
if (Horde_Util::getFormData('guest_edit')) {
$perm->addGuestPermission(Horde_Perms::EDIT, false);
} else {
$perm->removeGuestPermission(Horde_Perms::EDIT, false);
}
if (Horde_Util::getFormData('guest_delete')) {
$perm->addGuestPermission(Horde_Perms::DELETE, false);
} else {
$perm->removeGuestPermission(Horde_Perms::DELETE, false);
}
if (Horde_Util::getFormData('guest_delegate')) {
$perm->addGuestPermission(self::PERMS_DELEGATE, false);
} else {
$perm->removeGuestPermission(self::PERMS_DELEGATE, false);
}
}
// Process creator permissions.
if (Horde_Util::getFormData('creator_show')) {
$perm->addCreatorPermission(Horde_Perms::SHOW, false);
} else {
$perm->removeCreatorPermission(Horde_Perms::SHOW, false);
}
if (Horde_Util::getFormData('creator_read')) {
$perm->addCreatorPermission(Horde_Perms::READ, false);
} else {
$perm->removeCreatorPermission(Horde_Perms::READ, false);
}
if (Horde_Util::getFormData('creator_edit')) {
$perm->addCreatorPermission(Horde_Perms::EDIT, false);
} else {
$perm->removeCreatorPermission(Horde_Perms::EDIT, false);
}
if (Horde_Util::getFormData('creator_delete')) {
$perm->addCreatorPermission(Horde_Perms::DELETE, false);
} else {
$perm->removeCreatorPermission(Horde_Perms::DELETE, false);
}
if (Horde_Util::getFormData('creator_delegate')) {
$perm->addCreatorPermission(self::PERMS_DELEGATE, false);
} else {
$perm->removeCreatorPermission(self::PERMS_DELEGATE, false);
}
// Process user permissions.
$u_names = Horde_Util::getFormData('u_names');
$u_show = Horde_Util::getFormData('u_show');
$u_read = Horde_Util::getFormData('u_read');
$u_edit = Horde_Util::getFormData('u_edit');
$u_delete = Horde_Util::getFormData('u_delete');
$u_delegate = Horde_Util::getFormData('u_delegate');
$current = $perm->getUserPermissions();
if ($GLOBALS['conf']['share']['notify']) {
$mail->addHeader('Subject', _("Access permissions"));
}
$perm->removeUserPermission(null, null, false);
foreach ($u_names as $key => $user_backend) {
// Apply backend hooks
$user = $GLOBALS['registry']->convertUsername($user_backend, true);
// If the user is empty, or we've already set permissions
// via the owner_ options, don't do anything here.
if (empty($user) || $user == $new_owner) {
continue;
}
if ($auth->hasCapability('list') && !$auth->exists($user_backend)) {
$errors[] = sprintf(_("The user \"%s\" does not exist."), $user_backend);
continue;
}
$has_perms = false;
if (!empty($u_show[$key])) {
$perm->addUserPermission($user, Horde_Perms::SHOW, false);
$has_perms = true;
}
if (!empty($u_read[$key])) {
$perm->addUserPermission($user, Horde_Perms::READ, false);
$has_perms = true;
}
if (!empty($u_edit[$key])) {
$perm->addUserPermission($user, Horde_Perms::EDIT, false);
$has_perms = true;
}
if (!empty($u_delete[$key])) {
$perm->addUserPermission($user, Horde_Perms::DELETE, false);
$has_perms = true;
}
if (!empty($u_delegate[$key])) {
$perm->addUserPermission($user, self::PERMS_DELEGATE, false);
$has_perms = true;
}
// Notify users that have been added.
if ($GLOBALS['conf']['share']['notify'] && !isset($current[$user]) && $has_perms) {
$to = $GLOBALS['injector']->getInstance('Horde_Core_Factory_Identity')->create($user)->getDefaultFromAddress(true);
$mail->addHeader('To', $to);
$mail->setBasePart($multipart);
$mail->send($GLOBALS['injector']->getInstance('Horde_Mail'));
}
}
// Process group permissions.
$g_names = Horde_Util::getFormData('g_names');
$g_show = Horde_Util::getFormData('g_show');
$g_read = Horde_Util::getFormData('g_read');
$g_edit = Horde_Util::getFormData('g_edit');
$g_delete = Horde_Util::getFormData('g_delete');
$g_delegate = Horde_Util::getFormData('g_delegate');
$current = $perm->getGroupPermissions();
$perm->removeGroupPermission(null, null, false);
foreach ($g_names as $key => $group) {
if (empty($group)) {
continue;
}
$has_perms = false;
if (!empty($g_show[$key])) {
$perm->addGroupPermission($group, Horde_Perms::SHOW, false);
$has_perms = true;
}
if (!empty($g_read[$key])) {
$perm->addGroupPermission($group, Horde_Perms::READ, false);
$has_perms = true;
}
if (!empty($g_edit[$key])) {
$perm->addGroupPermission($group, Horde_Perms::EDIT, false);
$has_perms = true;
}
if (!empty($g_delete[$key])) {
$perm->addGroupPermission($group, Horde_Perms::DELETE, false);
$has_perms = true;
}
if (!empty($g_delegate[$key])) {
$perm->addGroupPermission($group, self::PERMS_DELEGATE, false);
$has_perms = true;
}
// Notify users that have been added.
if ($GLOBALS['conf']['share']['notify'] && !isset($current[$group]) && $has_perms) {
$groupOb = $GLOBALS['injector']->getInstance('Horde_Group')->getData($group);
if (!empty($groupOb['email'])) {
$mail->addHeader('To', $groupOb['name'] . ' <' . $groupOb['email'] . '>');
$mail->setBasePart($multipart);
$mail->send($GLOBALS['injector']->getInstance('Horde_Mail'));
}
}
}
try {
$share->setPermission($perm);
} catch (Horde_Share_Exception $e) {
throw new Kronolith_Exception($e);
}
return $errors;
}
/**
* Removes a resource from storage, along with any events in the resource's
* calendar.
*
* @param Kronolith_Resource_Base $resource The kronolith resource to remove
*
* @throws Kronolith_Exception, Horde_Exception_PermissionDenied
*/
public function delete($resource)
{
// @todo
if (!$GLOBALS['registry']->isAdmin() && !$GLOBALS['injector']->getInstance('Horde_Core_Perms')->hasAppPermission('resource_management')) {
throw new Horde_Exception_PermissionDenied();
}
if (!$resource->getId()) {
throw new Kronolith_Exception(_("Resource not valid."));
}
// Get group memberships and remove from group.
$groups = $this->getGroupMemberships($resource->getId());
foreach ($groups as $id) {
$rg = $this->getResource($id);
$members = $rg->get('members');
unset($members[array_search($resource->getId(), $members)]);
$rg->set('members', $members);
$rg->save();
}
$this->_deleteResourceCalendar($resource->get('calendar'));
try {
$GLOBALS['injector']->getInstance('Kronolith_Shares')->removeShare($resource->share());
} catch (Horde_Share_Exception $e) {
throw new Kronolith_Exception($e);
}
}
/**
* Removes a resource from storage, along with any events in the resource's
* calendar.
*
* @param Kronolith_Resource_Base $resource The kronolith resource to remove
*
* @throws Kronolith_Exception, Horde_Exception_PermissionDenied
*/
public function delete($resource)
{
if (!$GLOBALS['registry']->isAdmin() && !$GLOBALS['injector']->getInstance('Horde_Core_Perms')->hasAppPermission('resource_management')) {
throw new Horde_Exception_PermissionDenied();
}
if (!$resource->getId()) {
throw new Kronolith_Exception(_("Resource not valid."));
}
// Get group memberships and remove from group.
$groups = $this->getGroupMemberships($resource->getId());
foreach ($groups as $id) {
$rg = $this->getResource($id);
$members = $rg->get('members');
unset($members[array_search($resource->getId(), $members)]);
$rg->set('members', $members);
$rg->save();
}
$this->_deleteResourceCalendar($resource->get('calendar'));
try {
$query = 'DELETE FROM ' . $this->_params['table'] . ' WHERE resource_id = ?';
$this->_db->delete($query, array($resource->getId()));
} catch (Horde_Db_Exception $e) {
throw new Kronolith_Exception($e);
}
}
