/**
* Reads a submitted permissions form and updates the share permissions.
*
* @param Horde_Share_Object|Kronolith_Resource_Base $share The share to update.
*
* @return array A list of error messages.
* @throws Kronolith_Exception
*/
public static function readPermsForm($share)
{
$auth = $GLOBALS['injector']->getInstance('Horde_Core_Factory_Auth')->create();
$perm = $share->getPermission();
$errors = array();
if ($GLOBALS['conf']['share']['notify']) {
$identity = $GLOBALS['injector']->getInstance('Horde_Core_Factory_Identity')->create();
$mail = new Horde_Mime_Mail(array('From' => $identity->getDefaultFromAddress(true), 'User-Agent' => 'Kronolith ' . $GLOBALS['registry']->getVersion()));
$image = self::getImagePart('big_share.png');
$view = new Horde_View(array('templatePath' => KRONOLITH_TEMPLATES . '/share'));
new Horde_View_Helper_Text($view);
$view->identity = $identity;
$view->calendar = $share->get('name');
$view->imageId = $image->getContentId();
}
// Process owner and owner permissions.
if (!$share instanceof Kronolith_Resource_Base) {
$old_owner = $share->get('owner');
$new_owner_backend = Horde_Util::getFormData('owner_select', Horde_Util::getFormData('owner_input', $old_owner));
$new_owner = $GLOBALS['registry']->convertUsername($new_owner_backend, true);
// Only set new owner if this isn't a system calendar, and the
// owner actually changed and the new owner is set at all.
if (!is_null($old_owner) && $old_owner !== $new_owner && !empty($new_owner)) {
if ($old_owner != $GLOBALS['registry']->getAuth() && !$GLOBALS['registry']->isAdmin()) {
$errors[] = _("Only the owner or system administrator may change ownership or owner permissions for a share");
} elseif ($auth->hasCapability('list') && !$auth->exists($new_owner_backend)) {
$errors[] = sprintf(_("The user \"%s\" does not exist."), $new_owner_backend);
} else {
$share->set('owner', $new_owner);
$share->save();
if ($GLOBALS['conf']['share']['notify']) {
$view->ownerChange = true;
$multipart = self::buildMimeMessage($view, 'notification', $image);
$to = $GLOBALS['injector']->getInstance('Horde_Core_Factory_Identity')->create($new_owner)->getDefaultFromAddress(true);
$mail->addHeader('Subject', _("Ownership assignment"));
$mail->addHeader('To', $to);
$mail->setBasePart($multipart);
$mail->send($GLOBALS['injector']->getInstance('Horde_Mail'));
$view->ownerChange = false;
}
}
}
}
if ($GLOBALS['conf']['share']['notify']) {
if ($GLOBALS['conf']['share']['hidden']) {
$view->subscribe = Horde::url('calendars/subscribe.php', true)->add('calendar', $share->getName());
}
$multipart = self::buildMimeMessage($view, 'notification', $image);
}
if ($GLOBALS['registry']->isAdmin() || !empty($GLOBALS['conf']['share']['world'])) {
// Process default permissions.
if (Horde_Util::getFormData('default_show')) {
$perm->addDefaultPermission(Horde_Perms::SHOW, false);
} else {
$perm->removeDefaultPermission(Horde_Perms::SHOW, false);
}
if (Horde_Util::getFormData('default_read')) {
$perm->addDefaultPermission(Horde_Perms::READ, false);
} else {
$perm->removeDefaultPermission(Horde_Perms::READ, false);
}
if (Horde_Util::getFormData('default_edit')) {
$perm->addDefaultPermission(Horde_Perms::EDIT, false);
} else {
$perm->removeDefaultPermission(Horde_Perms::EDIT, false);
}
if (Horde_Util::getFormData('default_delete')) {
$perm->addDefaultPermission(Horde_Perms::DELETE, false);
} else {
$perm->removeDefaultPermission(Horde_Perms::DELETE, false);
}
if (Horde_Util::getFormData('default_delegate')) {
$perm->addDefaultPermission(self::PERMS_DELEGATE, false);
} else {
$perm->removeDefaultPermission(self::PERMS_DELEGATE, false);
}
// Process guest permissions.
if (Horde_Util::getFormData('guest_show')) {
$perm->addGuestPermission(Horde_Perms::SHOW, false);
} else {
$perm->removeGuestPermission(Horde_Perms::SHOW, false);
}
if (Horde_Util::getFormData('guest_read')) {
$perm->addGuestPermission(Horde_Perms::READ, false);
} else {
$perm->removeGuestPermission(Horde_Perms::READ, false);
}
if (Horde_Util::getFormData('guest_edit')) {
$perm->addGuestPermission(Horde_Perms::EDIT, false);
} else {
$perm->removeGuestPermission(Horde_Perms::EDIT, false);
}
if (Horde_Util::getFormData('guest_delete')) {
$perm->addGuestPermission(Horde_Perms::DELETE, false);
} else {
$perm->removeGuestPermission(Horde_Perms::DELETE, false);
}
if (Horde_Util::getFormData('guest_delegate')) {
$perm->addGuestPermission(self::PERMS_DELEGATE, false);
} else {
$perm->removeGuestPermission(self::PERMS_DELEGATE, false);
}
}
// Process creator permissions.
if (Horde_Util::getFormData('creator_show')) {
$perm->addCreatorPermission(Horde_Perms::SHOW, false);
} else {
$perm->removeCreatorPermission(Horde_Perms::SHOW, false);
}
if (Horde_Util::getFormData('creator_read')) {
$perm->addCreatorPermission(Horde_Perms::READ, false);
} else {
$perm->removeCreatorPermission(Horde_Perms::READ, false);
}
if (Horde_Util::getFormData('creator_edit')) {
$perm->addCreatorPermission(Horde_Perms::EDIT, false);
} else {
$perm->removeCreatorPermission(Horde_Perms::EDIT, false);
}
if (Horde_Util::getFormData('creator_delete')) {
$perm->addCreatorPermission(Horde_Perms::DELETE, false);
} else {
$perm->removeCreatorPermission(Horde_Perms::DELETE, false);
}
if (Horde_Util::getFormData('creator_delegate')) {
$perm->addCreatorPermission(self::PERMS_DELEGATE, false);
} else {
$perm->removeCreatorPermission(self::PERMS_DELEGATE, false);
}
// Process user permissions.
$u_names = Horde_Util::getFormData('u_names');
$u_show = Horde_Util::getFormData('u_show');
$u_read = Horde_Util::getFormData('u_read');
$u_edit = Horde_Util::getFormData('u_edit');
$u_delete = Horde_Util::getFormData('u_delete');
$u_delegate = Horde_Util::getFormData('u_delegate');
$current = $perm->getUserPermissions();
if ($GLOBALS['conf']['share']['notify']) {
$mail->addHeader('Subject', _("Access permissions"));
}
$perm->removeUserPermission(null, null, false);
foreach ($u_names as $key => $user_backend) {
// Apply backend hooks
$user = $GLOBALS['registry']->convertUsername($user_backend, true);
// If the user is empty, or we've already set permissions
// via the owner_ options, don't do anything here.
if (empty($user) || $user == $new_owner) {
continue;
}
if ($auth->hasCapability('list') && !$auth->exists($user_backend)) {
$errors[] = sprintf(_("The user \"%s\" does not exist."), $user_backend);
continue;
}
$has_perms = false;
if (!empty($u_show[$key])) {
$perm->addUserPermission($user, Horde_Perms::SHOW, false);
$has_perms = true;
}
if (!empty($u_read[$key])) {
$perm->addUserPermission($user, Horde_Perms::READ, false);
$has_perms = true;
}
if (!empty($u_edit[$key])) {
$perm->addUserPermission($user, Horde_Perms::EDIT, false);
$has_perms = true;
}
if (!empty($u_delete[$key])) {
$perm->addUserPermission($user, Horde_Perms::DELETE, false);
$has_perms = true;
}
if (!empty($u_delegate[$key])) {
$perm->addUserPermission($user, self::PERMS_DELEGATE, false);
$has_perms = true;
}
// Notify users that have been added.
if ($GLOBALS['conf']['share']['notify'] && !isset($current[$user]) && $has_perms) {
$to = $GLOBALS['injector']->getInstance('Horde_Core_Factory_Identity')->create($user)->getDefaultFromAddress(true);
$mail->addHeader('To', $to);
$mail->setBasePart($multipart);
$mail->send($GLOBALS['injector']->getInstance('Horde_Mail'));
}
}
// Process group permissions.
$g_names = Horde_Util::getFormData('g_names');
$g_show = Horde_Util::getFormData('g_show');
$g_read = Horde_Util::getFormData('g_read');
$g_edit = Horde_Util::getFormData('g_edit');
$g_delete = Horde_Util::getFormData('g_delete');
$g_delegate = Horde_Util::getFormData('g_delegate');
$current = $perm->getGroupPermissions();
$perm->removeGroupPermission(null, null, false);
foreach ($g_names as $key => $group) {
if (empty($group)) {
continue;
}
$has_perms = false;
if (!empty($g_show[$key])) {
$perm->addGroupPermission($group, Horde_Perms::SHOW, false);
$has_perms = true;
}
if (!empty($g_read[$key])) {
$perm->addGroupPermission($group, Horde_Perms::READ, false);
$has_perms = true;
}
if (!empty($g_edit[$key])) {
$perm->addGroupPermission($group, Horde_Perms::EDIT, false);
$has_perms = true;
}
if (!empty($g_delete[$key])) {
$perm->addGroupPermission($group, Horde_Perms::DELETE, false);
$has_perms = true;
}
if (!empty($g_delegate[$key])) {
$perm->addGroupPermission($group, self::PERMS_DELEGATE, false);
$has_perms = true;
}
// Notify users that have been added.
if ($GLOBALS['conf']['share']['notify'] && !isset($current[$group]) && $has_perms) {
$groupOb = $GLOBALS['injector']->getInstance('Horde_Group')->getData($group);
if (!empty($groupOb['email'])) {
$mail->addHeader('To', $groupOb['name'] . ' <' . $groupOb['email'] . '>');
$mail->setBasePart($multipart);
$mail->send($GLOBALS['injector']->getInstance('Horde_Mail'));
}
}
}
try {
$share->setPermission($perm);
} catch (Horde_Share_Exception $e) {
throw new Kronolith_Exception($e);
}
return $errors;
}
