/**
* creates a new container
*
* @param Tinebase_Model_Container $_container the new container
* @param Tinebase_Record_RecordSet $_grants the grants for the new folder
* @param bool $_ignoreAcl
* @return Tinebase_Model_Container the newly created container
* @throws Tinebase_Exception_Record_Validation
* @throws Tinebase_Exception_AccessDenied
*/
public function addContainer(Tinebase_Model_Container $_container, $_grants = NULL, $_ignoreAcl = FALSE)
{
$_container->isValid(TRUE);
if ($_ignoreAcl !== TRUE) {
switch ($_container->type) {
case Tinebase_Model_Container::TYPE_PERSONAL:
// is the user allowed to create personal container?
break;
case Tinebase_Model_Container::TYPE_SHARED:
$application = Tinebase_Application::getInstance()->getApplicationById($_container->application_id);
$appName = (string) $application;
$manageRight = FALSE;
// check for MANAGE_SHARED_FOLDERS right
$appAclClassName = $appName . '_Acl_Rights';
if (@class_exists($appAclClassName)) {
$appAclObj = call_user_func(array($appAclClassName, 'getInstance'));
$allRights = $appAclObj->getAllApplicationRights();
if (in_array(Tinebase_Acl_Rights::MANAGE_SHARED_FOLDERS, $allRights)) {
$manageRight = Tinebase_Core::getUser()->hasRight($appName, Tinebase_Acl_Rights::MANAGE_SHARED_FOLDERS);
}
}
if (!$manageRight && !Tinebase_Core::getUser()->hasRight($appName, Tinebase_Acl_Rights::ADMIN)) {
throw new Tinebase_Exception_AccessDenied('Permission to add shared container denied.');
}
break;
default:
throw new Tinebase_Exception_InvalidArgument('Can add personal or shared folders only when ignoring ACL.');
break;
}
}
if (!empty($_container->owner_id)) {
$accountId = $_container->owner_id instanceof Tinebase_Model_User ? $_container->owner_id->getId() : $_container->owner_id;
} else {
$accountId = is_object(Tinebase_Core::getUser()) ? Tinebase_Core::getUser()->getId() : NULL;
}
if ($_grants === NULL || count($_grants) == 0) {
$creatorGrants = array('account_id' => $accountId, 'account_type' => Tinebase_Acl_Rights::ACCOUNT_TYPE_USER, Tinebase_Model_Grants::GRANT_READ => true, Tinebase_Model_Grants::GRANT_ADD => true, Tinebase_Model_Grants::GRANT_EDIT => true, Tinebase_Model_Grants::GRANT_DELETE => true, Tinebase_Model_Grants::GRANT_EXPORT => true, Tinebase_Model_Grants::GRANT_SYNC => true, Tinebase_Model_Grants::GRANT_ADMIN => true);
if ($_container->type === Tinebase_Model_Container::TYPE_SHARED && !Tinebase_Config::getInstance()->get(Tinebase_Config::ANYONE_ACCOUNT_DISABLED)) {
// add all grants to creator and
// add read grants to any other user
$grants = new Tinebase_Record_RecordSet('Tinebase_Model_Grants', array($creatorGrants, array('account_id' => '0', 'account_type' => Tinebase_Acl_Rights::ACCOUNT_TYPE_ANYONE, Tinebase_Model_Grants::GRANT_READ => true, Tinebase_Model_Grants::GRANT_EXPORT => true, Tinebase_Model_Grants::GRANT_SYNC => true)), TRUE);
} else {
// add all grants to creator only
$grants = new Tinebase_Record_RecordSet('Tinebase_Model_Grants', array($creatorGrants), TRUE);
}
} else {
$grants = $_grants;
}
$event = new Tinebase_Event_Container_BeforeCreate();
$event->accountId = $accountId;
$event->container = $_container;
$event->grants = $grants;
Tinebase_Event::fireEvent($event);
Tinebase_Timemachine_ModificationLog::setRecordMetaData($_container, 'create');
$container = $this->create($_container);
$this->setGrants($container->getId(), $grants, TRUE, FALSE);
return $container;
}
