Copyright 2001-2016 Horde LLC (http://www.horde.org/)
See the enclosed file COPYING for license information (LGPL). If you
did not receive this file, see http://www.horde.org/licenses/lgpl21.
/**
* Finds out what rights the given user has to this object.
*
* @see Horde_Perms::getPermissions
*
* @param mixed $share The share that should be checked for the users
* permissions.
* @param string $user The user to check for.
*
* @return mixed A bitmask of permissions, a permission value, or an array
* of permission values the user has, depending on the
* permission type and whether the permission value is
* ambiguous. False if there is no such permsission.
*/
public function getPermissions($share, $user = null)
{
if (!$share instanceof Horde_Share_Object) {
$share = $this->getShare($share);
}
return $this->_permsObject->getPermissions($share->getPermission(), $user);
}
/**
* Constructor.
*
* @param array $params Configuration parameters (in addition to base
* Horde_Perms parameters):
* <pre>
* 'db' - (Horde_Db_Adapter) [REQUIRED] The DB instance.
* 'table' - (string) The name of the perms table.
* DEFAULT: 'horde_perms'
* </pre>
*
* @throws Horde_Perms_Exception
*/
public function __construct($params = array())
{
if (!isset($params['db'])) {
throw new Horde_Perms_Exception('Missing db parameter.');
}
$this->_db = $params['db'];
unset($params['db']);
$this->_params = array_merge(array('table' => 'horde_perms'), $this->_params, $params);
parent::__construct($params);
}
/**
* Finds out if the user has the specified rights to the given object,
* specific to a certain application.
*
* @param string $permission The permission to check.
* @param array $opts Additional options:
* <pre>
* 'app' - (string) The app to check.
* DEFAULT: The current pushed app.
* 'opts' - (array) Additional options to pass to the app function.
* DEFAULT: None
* </pre>
*
* @return mixed The specified permissions.
*/
public function hasAppPermission($permission, $opts = array())
{
$app = isset($opts['app']) ? $opts['app'] : $this->_registry->getApp();
if ($this->_perms->exists($app . ':' . $permission)) {
$perms = $this->_perms->getPermissions($app . ':' . $permission, $this->_registry->getAuth());
if ($perms === false) {
return false;
}
$args = array($permission, $perms, isset($opts['opts']) ? $opts['opts'] : array());
try {
return $this->_registry->callAppMethod($app, 'hasPermission', array('args' => $args));
} catch (Horde_Exception $e) {
}
}
return true;
}
/**
* Create a permission editing form.
*
* @param Horde_Perms_Permission $permission TODO
*/
public function setupEditForm($permission)
{
/* Initialise form if required. */
$this->_formInit();
$this->_form->setButtons(Horde_Core_Translation::t("Update"), true);
$this->_vars->set('perm_id', $this->_perms->getPermissionId($permission));
$this->_form->addHidden('', 'perm_id', 'text', false);
/* Get permission configuration. */
$this->_type = $permission->get('type');
$params = $this->_corePerms->getParams($permission->getName());
/* Default permissions. */
$perm_val = $permission->getDefaultPermissions();
$this->_form->setSection('default', Horde_Core_Translation::t("All Authenticated Users"), Horde_Themes_Image::tag('perms.png'), false);
/* We MUST use 'deflt' for the variable name because 'default' is a
* reserved word in JavaScript. */
if ($this->_type == 'matrix') {
/* Set up the columns for the permissions matrix. */
$cols = Horde_Perms::getPermsArray();
/* Define a single matrix row for default perms. */
$matrix = array(Horde_Perms::integerToArray($perm_val));
$this->_form->addVariable('', 'deflt', 'matrix', false, false, null, array($cols, array(0 => ''), $matrix));
} else {
$var = $this->_form->addVariable('', 'deflt', $this->_type, false, false, null, $params);
$var->setDefault($perm_val);
}
/* Guest permissions. */
$perm_val = $permission->getGuestPermissions();
$this->_form->setSection('guest', Horde_Core_Translation::t("Guest Permissions"), '', false);
if ($this->_type == 'matrix') {
/* Define a single matrix row for guest perms. */
$matrix = array(Horde_Perms::integerToArray($perm_val));
$this->_form->addVariable('', 'guest', 'matrix', false, false, null, array($cols, array(0 => ''), $matrix));
} else {
$var = $this->_form->addVariable('', 'guest', $this->_type, false, false, null, $params);
$var->setDefault($perm_val);
}
/* Object creator permissions. */
$perm_val = $permission->getCreatorPermissions();
$this->_form->setSection('creator', Horde_Core_Translation::t("Creator Permissions"), Horde_Themes_Image::tag('user.png'), false);
if ($this->_type == 'matrix') {
/* Define a single matrix row for creator perms. */
$matrix = array(Horde_Perms::integerToArray($perm_val));
$this->_form->addVariable('', 'creator', 'matrix', false, false, null, array($cols, array(0 => ''), $matrix));
} else {
$var = $this->_form->addVariable('', 'creator', $this->_type, false, false, null, $params);
$var->setDefault($perm_val);
}
/* Users permissions. */
$perm_val = $permission->getUserPermissions();
$this->_form->setSection('users', Horde_Core_Translation::t("Individual Users"), Horde_Themes_Image::tag('user.png'), false);
$auth = $GLOBALS['injector']->getInstance('Horde_Core_Factory_Auth')->create();
$user_list = array();
if ($auth->hasCapability('list')) {
/* The auth driver has list capabilities so set up an array which
* the matrix field type will recognise to set up an enum box for
* adding new users to the permissions matrix. */
$new_users = array();
try {
$user_list = $auth->listNames();
foreach ($user_list as $user => $name) {
if (!isset($perm_val[$user])) {
$new_users[$user] = $name;
}
}
} catch (Horde_Auth_Exception $e) {
$new_users = true;
}
} else {
/* No list capabilities, setting to true so that the matrix field
* type will offer a text input box for adding new users. */
$new_users = true;
}
if ($this->_type == 'matrix') {
/* Set up the matrix array, breaking up each permission integer
* into an array. The keys of this array will be the row
* headers. */
$rows = array();
$matrix = array();
foreach ($perm_val as $u_id => $u_perms) {
$rows[$u_id] = isset($user_list[$u_id]) ? $user_list[$u_id] : $u_id;
$matrix[$u_id] = Horde_Perms::integerToArray($u_perms);
}
$this->_form->addVariable('', 'u', 'matrix', false, false, null, array($cols, $rows, $matrix, $new_users));
} else {
if ($new_users) {
if (is_array($new_users)) {
$u_n = Horde_Util::getFormData('u_n');
$u_n = empty($u_n['u']) ? null : $u_n['u'];
$user_html = '<select name="u_n[u]"><option value="">' . Horde_Core_Translation::t("-- select --") . '</option>';
foreach ($new_users as $new_user => $name) {
$user_html .= '<option value="' . $new_user . '"';
$user_html .= $u_n == $new_user ? ' selected="selected"' : '';
$user_html .= '>' . htmlspecialchars($name) . '</option>';
}
$user_html .= '</select>';
} else {
$user_html = '<input type="text" name="u_n[u]" />';
}
$this->_form->addVariable($user_html, 'u_n[v]', $this->_type, false, false, null, $params);
}
foreach ($perm_val as $u_id => $u_perms) {
$var = $this->_form->addVariable($u_id, 'u_v[' . $u_id . ']', $this->_type, false, false, null, $params);
$var->setDefault($u_perms);
}
}
/* Groups permissions. */
$perm_val = $permission->getGroupPermissions();
$this->_form->setSection('groups', Horde_Core_Translation::t("Groups"), Horde_Themes_Image::tag('group.png'), false);
try {
$group_list = $GLOBALS['injector']->getInstance('Horde_Group')->listAll();
} catch (Horde_Group_Exception $e) {
$GLOBALS['notification']->push($e);
$group_list = array();
}
if (!empty($group_list)) {
/* There is an available list of groups so set up an array which
* the matrix field type will recognise to set up an enum box for
* adding new groups to the permissions matrix. */
$new_groups = array();
foreach ($group_list as $groupId => $group) {
if (!isset($perm_val[$groupId])) {
$new_groups[$groupId] = $group;
}
}
} else {
/* Do not offer a text box to add new groups. */
$new_groups = false;
}
if ($this->_type == 'matrix') {
/* Set up the matrix array, break up each permission integer into
* an array. The keys of this array will be the row headers. */
$rows = array();
$matrix = array();
foreach ($perm_val as $g_id => $g_perms) {
$rows[$g_id] = isset($group_list[$g_id]) ? $group_list[$g_id] : $g_id;
$matrix[$g_id] = Horde_Perms::integerToArray($g_perms);
}
$this->_form->addVariable('', 'g', 'matrix', false, false, null, array($cols, $rows, $matrix, $new_groups));
} else {
if ($new_groups) {
if (is_array($new_groups)) {
$g_n = Horde_Util::getFormData('g_n');
$g_n = empty($g_n['g']) ? null : $g_n['g'];
$group_html = '<select name="g_n[g]"><option value="">' . Horde_Core_Translation::t("-- select --") . '</option>';
foreach ($new_groups as $groupId => $group) {
$group_html .= '<option value="' . $groupId . '"';
$group_html .= $g_n == $groupId ? ' selected="selected"' : '';
$group_html .= '>' . htmlspecialchars($group) . '</option>';
}
$group_html .= '</select>';
} else {
$group_html = '<input type="text" name="g_n[g]" />';
}
$this->_form->addVariable($group_html, 'g_n[v]', $this->_type, false, false, null, $params);
}
foreach ($perm_val as $g_id => $g_perms) {
$var = $this->_form->addVariable(isset($group_list[$g_id]) ? $group_list[$g_id] : $g_id, 'g_v[' . $g_id . ']', $this->_type, false, false, null, $params);
$var->setDefault($g_perms);
}
}
/* Set form title. */
$this->_form->setTitle(sprintf(Horde_Core_Translation::t("Edit permissions for \"%s\""), $this->_corePerms->getTitle($permission->getName())));
}
