public function setup() { parent::setup(); $GLOBALS['obm']['uid'] = 3; $this->mailObserver = new OBM_EventMailObserver(); OBM_EventFactory::getInstance()->attach($this->mailObserver); SMailer::set_default_transport(new Stato_StaticTransport()); OBM_Acl::initialize(); }
function Vcalendar_Writer_OBM($force=false) { $this->db = new DB_OBM; $this->lazyRead = true; if(!$force) { $this->rights = array_keys(OBM_Acl::getAllowedEntities($GLOBALS['obm']['uid'], 'calendar', 'write')); } else { $this->rights = true; } }
public static function search($searchPattern=null) { if($searchPattern !== null) { $query = " AND AddressBook.id= #INT($searchPattern)"; } $db = new DB_OBM; $addressBooks = array(); $db->xquery(' SELECT AddressBook.id, AddressBook.owner, AddressBook.name, AddressBook.is_default, AddressBook.syncable, 1 as entityright_access, 1 as entityright_read, 1 as entityright_write, 1 as entityright_admin, SyncedAddressbook.user_id as synced FROM AddressBook LEFT JOIN SyncedAddressbook ON SyncedAddressbook.addressbook_id = AddressBook.id AND SyncedAddressbook.user_id = '.$GLOBALS['obm']['uid'].' WHERE AddressBook.owner = '.$GLOBALS['obm']['uid'].' '.$query.' ORDER BY AddressBook.is_default DESC, AddressBook.name'); while($db->next_record()) { $addressBooks[$db->f('id')] = new OBM_AddressBook($db->f('id'), $db->f('name'), $db->f('is_default'), $db->f('owner'), $db->f('syncable'), $db->f('synced'), $db->f('entityright_access'), $db->f('entityright_read'), $db->f('entityright_write'),$db->f('entityright_admin')); } $columns = array('addressbookentity_addressbook_id', 'entityright_access', 'entityright_read', 'entityright_write', 'entityright_admin'); $db->xquery(' SELECT AddressBook.id, AddressBook.owner, AddressBook.name, AddressBook.is_default, AddressBook.syncable, Rights.entityright_access, Rights.entityright_read, Rights.entityright_write, Rights.entityright_admin, SyncedAddressbook.user_id as synced FROM AddressBook INNER JOIN ('.OBM_Acl::getAclSubselect($columns, 'addressbook', null, $GLOBALS['obm']['uid']).') AS Rights ON AddressBook.id = Rights.addressbookentity_addressbook_id LEFT JOIN SyncedAddressbook ON SyncedAddressbook.addressbook_id = AddressBook.id AND SyncedAddressbook.user_id = '.$GLOBALS['obm']['uid'].' WHERE 1=1 '.$query.' AND AddressBook.domain_id = '.$GLOBALS['obm']['domain_id'].' ORDER BY AddressBook.name'); while($db->next_record()) { if($addressBooks[$db->f('id')]) { if($db->f('entityright_access') == 1) $addressBooks[$db->f('id')]->access = 1; if($db->f('entityright_read') == 1) $addressBooks[$db->f('id')]->read = 1; if($db->f('entityright_write') == 1) $addressBooks[$db->f('id')]->write = 1; if($db->f('entityright_admin') == 1) $addressBooks[$db->f('id')]->admin = 1; } else { $addressBooks[$db->f('id')] = new OBM_AddressBook($db->f('id'), $db->f('name'), $db->f('is_default'), $db->f('owner'), $db->f('syncable'), $db->f('synced'), $db->f('entityright_access'), $db->f('entityright_read'), $db->f('entityright_write'),$db->f('entityright_admin')); } } return new OBM_AddressBookArray($addressBooks); }
$params = get_resource_params(); page_open(array('sess' => 'OBM_Session', 'auth' => $auth_class_name, 'perm' => 'OBM_Perm')); include_once("$obminclude/global_pref.inc"); require_once('resource_display.inc'); require_once('resource_query.inc'); require_once('resource_js.inc'); require_once("$obminclude/of/of_right.inc"); include_once("$obminclude/of/of_category.inc"); get_resource_action(); // If user has individual admin right on the selected resource, give access // if user does not have admin right on module, check for the resource right if (($params['resource_id'] > 0) && (! $perm->check_right('resource', $cright_write_admin))) { if (OBM_Acl::canAdmin($obm['uid'], 'resource', $params['resource_id'])) { $actions['resource']['rights_admin']['Right'] = $cright_read; $actions['resource']['rights_update']['Right'] = $cright_read; } } $perm->check_permissions($module, $action); if (! check_privacy($module, 'Resource', $action, $params['resource_id'], $obm['uid'])) { $display['msg'] = display_err_msg($l_error_visibility); $action = 'index'; } else { update_last_visit('resource', $params['resource_id'], $action); } page_close();
function update_calendar_action() { global $actions, $params, $path, $obm, $writable_calendars; if (!$writable_calendars) { unset($actions['calendar']['new']); } $id = $params['calendar_id']; if($id) { $event_info = get_calendar_event_info($id); $owner = $event_info['owner']; if ($owner != $obm['uid'] && !OBM_Acl::canWrite($obm['uid'], 'calendar', $owner)) { // Detail Update unset($actions['calendar']['detailupdate']); // Duplicate unset($actions['calendar']['duplicate']); $data = "<a href=\"$datas[0]\">$datas[0]</a>"; // Update unset($actions['calendar']['update']); // Check Delete unset($actions['calendar']['check_delete']); // Delete unset($actions['calendar']['delete']); } } }
| as published by the Free Software Foundation; version 2 | | of the License. | | | | This program is distributed in the hope that it will be useful, | | but WITHOUT ANY WARRANTY; without even the implied warranty of | | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | | GNU General Public License for more details. | +-------------------------------------------------------------------------+ | http://www.obm.org | +-------------------------------------------------------------------------+ */ include_once 'CronJob.class.php'; global $obminclude; include_once "{$obminclude}/of/of_acl.php"; include_once "{$obminclude}/of/of_category.inc"; OBM_Acl::initialize(); define('MAX_FTP_ERRORS', 3); class SatelliteBackup extends CronJob { /** * @var Logger */ var $logger; function mustExecute($date) { $delta = 24 * 60; //every days $instant = 2 * 60 % $delta; //at 2:00 $min = (int) ($date / 60); return $min % $delta === $instant;
function update_action_rights() { global $params, $actions, $path, $cright_read, $cright_write_admin, $obm, $profiles; $cright_forbidden = 32; $id = $params['contact_id']; if ($id > 0) { $c = get_contact_info($id); // Allow public contact handling only if write_admin right if ($c['privacy'] != 1) { $actions['contact']['detailupdate']['Right'] = $cright_write_admin; $actions['contact']['update']['Right'] = $cright_write_admin; $actions['contact']['insert']['Right'] = $cright_write_admin; $actions['contact']['check_delete']['Right'] = $cright_write_admin; $actions['contact']['delete']['Right'] = $cright_write_admin; } else { // update the admin rights on the current contact if ($c['usercreate'] == $obm['uid'] || OBM_Acl::canAdmin($obm['uid'], 'contact', $id)) { $actions['contact']['rights_admin']['Right'] = $cright_read; $actions['contact']['rights_update']['Right'] = $cright_read; } else { $actions['contact']['rights_admin']['Right'] = $cright_write_admin; $actions['contact']['rights_update']['Right'] = $cright_write_admin; } // update the update rights on the current contact if ($c['usercreate'] == $obm['uid'] || OBM_Acl::canWrite($obm['uid'], 'contact', $id)) { $actions['contact']['update']['Right'] = $cright_read; $actions['contact']['delete']['Right'] = $cright_read; $actions['contact']['detailupdate']['Right'] = $cright_read; $actions['contact']['check_delete']['Right'] = $cright_read; } else { $actions['contact']['update']['Right'] = $cright_forbidden; $actions['contact']['delete']['Right'] = $cright_forbidden; $actions['contact']['detailupdate']['Right'] = $cright_forbidden; $actions['contact']['check_delete']['Right'] = $cright_forbidden; } // update the read rights on the current contact if ($c['usercreate'] == $obm['uid'] || OBM_Acl::canRead($obm['uid'], 'contact', $id)) { $actions['contact']['detailconsult']['Right'] = $cright_read; } else { $actions['contact']['detailconsult']['Right'] = $cright_forbidden; } } } }
public function testGetEntityRoles() { OBM_Acl::allow(1, 'cv', 1, 'admin'); OBM_Acl::allow(2, 'cv', 1, 'read'); OBM_Acl::allow(3, 'cv', 1, 'write'); $users = OBM_Acl::getEntityUsers('cv', 1); $this->assertEquals($users[1], array('id' => 1, 'label' => 'Admin Lastname Firstname', 'access' => 0, 'read' => 0, 'write' => 0, 'admin' => 1 )); $this->assertEquals($users[2], array('id' => 2, 'label' => 'Admin domainezz.com', 'access' => 0, 'read' => 1, 'write' => 0, 'admin' => 0 )); $this->assertEquals($users[3], array('id' => 3, 'label' => 'Doe John', 'access' => 0, 'read' => 0, 'write' => 1, 'admin' => 0 )); OBM_Acl::allowGroup(4, 'cv', 1, 'read'); $users = OBM_Acl::getEntityUsers('cv', 1); $this->assertEquals($users[1], array('id' => 1, 'label' => 'Admin Lastname Firstname', 'access' => 0, 'read' => 0, 'write' => 0, 'admin' => 1 )); $this->assertEquals($users[2], array('id' => 2, 'label' => 'Admin domainezz.com', 'access' => 0, 'read' => 1, 'write' => 0, 'admin' => 0 )); $this->assertEquals($users[3], array('id' => 3, 'label' => 'Doe John', 'access' => 0, 'read' => 1, 'write' => 1, 'admin' => 0 )); $consumers = OBM_Acl::getEntityConsumers('cv', 1); $this->assertEquals($consumers[0], array('id' => 4, 'label' => 'Developpeur', 'consumer' => 'group', 'access' => 0, 'read' => 1, 'write' => 0, 'admin' => 0 )); $this->assertEquals($consumers[1], array('id' => 2, 'label' => 'Admin domainezz.com', 'consumer' => 'user', 'access' => 0, 'read' => 1, 'write' => 0, 'admin' => 0 )); $this->assertEquals($consumers[2], array('id' => 1, 'label' => 'Admin Lastname Firstname', 'consumer' => 'user', 'access' => 0, 'read' => 0, 'write' => 0, 'admin' => 1 )); $this->assertEquals($consumers[3], array('id' => 3, 'label' => 'Doe John', 'consumer' => 'user', 'access' => 0, 'read' => 0, 'write' => 1, 'admin' => 0 )); }
/** * Send notification for updated resource reservation * * @param OBM_Event $old * @param OBM_Event $new * @param array $recipients * @access private * @return void */ private function sendCurrentResourceMail($old, $new, $recipients) { if (self::hasEventFullyChanged($old, $new)) { foreach ($recipients as $resource) { $resourceOwners = array_keys(OBM_Acl::getEntityWriters('resource', $resource->id)); if (!in_array($GLOBALS['obm']['uid'], $resourceOwners) && count($resourceOwners) > 0) { $this->mailer->sendResourceUpdate($new, $old, $resourceOwners, $resource); } } } }
public function testVcalendarGetSingleEventByExtId(){ // lmartin should get the event he owns (the 4) $GLOBALS['obm']['uid'] = 9; $GLOBALS['obm']['domain_id'] = 3; OBM_Acl::initialize(); $writerOBM = new Vcalendar_Writer_OBM(); $eventData = $writerOBM->getEventByExtId("double"); $this->assertEquals(4, $eventData->Record["event_id"]); // ytouzet should get the event he has rights on (the 4) $GLOBALS['obm']['uid'] = 10; $writerOBM = new Vcalendar_Writer_OBM(); $eventData = $writerOBM->getEventByExtId("double"); $this->assertEquals(4, $eventData->Record["event_id"]); // adupont should get the event which he participates (the 3) $GLOBALS['obm']['uid'] = 8; $writerOBM = new Vcalendar_Writer_OBM(); $eventData = $writerOBM->getEventByExtId("double"); $this->assertEquals(3, $eventData->Record["event_id"]); // someone without write rights, not owner nor participant should get the first event with "double" ext_id $GLOBALS['obm']['uid'] = 11; $writerOBM = new Vcalendar_Writer_OBM(); $eventData = $writerOBM->getEventByExtId("double"); $this->assertEquals(2, $eventData->Record["event_id"]); // With a single event matching an ext id, getEventByExtId should return this single event $GLOBALS['obm']['uid'] = 9; $writerOBM = new Vcalendar_Writer_OBM(); $eventData = $writerOBM->getEventByExtId("single"); $this->assertEquals(5, $eventData->Record["event_id"]); }