/** * Finds out what rights the given user has to this object. * * @see Horde_Perms::getPermissions * * @param mixed $share The share that should be checked for the users * permissions. * @param string $user The user to check for. * * @return mixed A bitmask of permissions, a permission value, or an array * of permission values the user has, depending on the * permission type and whether the permission value is * ambiguous. False if there is no such permsission. */ public function getPermissions($share, $user = null) { if (!$share instanceof Horde_Share_Object) { $share = $this->getShare($share); } return $this->_permsObject->getPermissions($share->getPermission(), $user); }
/** * Constructor. * * @param array $params Configuration parameters (in addition to base * Horde_Perms parameters): * <pre> * 'db' - (Horde_Db_Adapter) [REQUIRED] The DB instance. * 'table' - (string) The name of the perms table. * DEFAULT: 'horde_perms' * </pre> * * @throws Horde_Perms_Exception */ public function __construct($params = array()) { if (!isset($params['db'])) { throw new Horde_Perms_Exception('Missing db parameter.'); } $this->_db = $params['db']; unset($params['db']); $this->_params = array_merge(array('table' => 'horde_perms'), $this->_params, $params); parent::__construct($params); }
/** * Finds out if the user has the specified rights to the given object, * specific to a certain application. * * @param string $permission The permission to check. * @param array $opts Additional options: * <pre> * 'app' - (string) The app to check. * DEFAULT: The current pushed app. * 'opts' - (array) Additional options to pass to the app function. * DEFAULT: None * </pre> * * @return mixed The specified permissions. */ public function hasAppPermission($permission, $opts = array()) { $app = isset($opts['app']) ? $opts['app'] : $this->_registry->getApp(); if ($this->_perms->exists($app . ':' . $permission)) { $perms = $this->_perms->getPermissions($app . ':' . $permission, $this->_registry->getAuth()); if ($perms === false) { return false; } $args = array($permission, $perms, isset($opts['opts']) ? $opts['opts'] : array()); try { return $this->_registry->callAppMethod($app, 'hasPermission', array('args' => $args)); } catch (Horde_Exception $e) { } } return true; }
/** * Create a permission editing form. * * @param Horde_Perms_Permission $permission TODO */ public function setupEditForm($permission) { /* Initialise form if required. */ $this->_formInit(); $this->_form->setButtons(Horde_Core_Translation::t("Update"), true); $this->_vars->set('perm_id', $this->_perms->getPermissionId($permission)); $this->_form->addHidden('', 'perm_id', 'text', false); /* Get permission configuration. */ $this->_type = $permission->get('type'); $params = $this->_corePerms->getParams($permission->getName()); /* Default permissions. */ $perm_val = $permission->getDefaultPermissions(); $this->_form->setSection('default', Horde_Core_Translation::t("All Authenticated Users"), Horde_Themes_Image::tag('perms.png'), false); /* We MUST use 'deflt' for the variable name because 'default' is a * reserved word in JavaScript. */ if ($this->_type == 'matrix') { /* Set up the columns for the permissions matrix. */ $cols = Horde_Perms::getPermsArray(); /* Define a single matrix row for default perms. */ $matrix = array(Horde_Perms::integerToArray($perm_val)); $this->_form->addVariable('', 'deflt', 'matrix', false, false, null, array($cols, array(0 => ''), $matrix)); } else { $var = $this->_form->addVariable('', 'deflt', $this->_type, false, false, null, $params); $var->setDefault($perm_val); } /* Guest permissions. */ $perm_val = $permission->getGuestPermissions(); $this->_form->setSection('guest', Horde_Core_Translation::t("Guest Permissions"), '', false); if ($this->_type == 'matrix') { /* Define a single matrix row for guest perms. */ $matrix = array(Horde_Perms::integerToArray($perm_val)); $this->_form->addVariable('', 'guest', 'matrix', false, false, null, array($cols, array(0 => ''), $matrix)); } else { $var = $this->_form->addVariable('', 'guest', $this->_type, false, false, null, $params); $var->setDefault($perm_val); } /* Object creator permissions. */ $perm_val = $permission->getCreatorPermissions(); $this->_form->setSection('creator', Horde_Core_Translation::t("Creator Permissions"), Horde_Themes_Image::tag('user.png'), false); if ($this->_type == 'matrix') { /* Define a single matrix row for creator perms. */ $matrix = array(Horde_Perms::integerToArray($perm_val)); $this->_form->addVariable('', 'creator', 'matrix', false, false, null, array($cols, array(0 => ''), $matrix)); } else { $var = $this->_form->addVariable('', 'creator', $this->_type, false, false, null, $params); $var->setDefault($perm_val); } /* Users permissions. */ $perm_val = $permission->getUserPermissions(); $this->_form->setSection('users', Horde_Core_Translation::t("Individual Users"), Horde_Themes_Image::tag('user.png'), false); $auth = $GLOBALS['injector']->getInstance('Horde_Core_Factory_Auth')->create(); $user_list = array(); if ($auth->hasCapability('list')) { /* The auth driver has list capabilities so set up an array which * the matrix field type will recognise to set up an enum box for * adding new users to the permissions matrix. */ $new_users = array(); try { $user_list = $auth->listNames(); foreach ($user_list as $user => $name) { if (!isset($perm_val[$user])) { $new_users[$user] = $name; } } } catch (Horde_Auth_Exception $e) { $new_users = true; } } else { /* No list capabilities, setting to true so that the matrix field * type will offer a text input box for adding new users. */ $new_users = true; } if ($this->_type == 'matrix') { /* Set up the matrix array, breaking up each permission integer * into an array. The keys of this array will be the row * headers. */ $rows = array(); $matrix = array(); foreach ($perm_val as $u_id => $u_perms) { $rows[$u_id] = isset($user_list[$u_id]) ? $user_list[$u_id] : $u_id; $matrix[$u_id] = Horde_Perms::integerToArray($u_perms); } $this->_form->addVariable('', 'u', 'matrix', false, false, null, array($cols, $rows, $matrix, $new_users)); } else { if ($new_users) { if (is_array($new_users)) { $u_n = Horde_Util::getFormData('u_n'); $u_n = empty($u_n['u']) ? null : $u_n['u']; $user_html = '<select name="u_n[u]"><option value="">' . Horde_Core_Translation::t("-- select --") . '</option>'; foreach ($new_users as $new_user => $name) { $user_html .= '<option value="' . $new_user . '"'; $user_html .= $u_n == $new_user ? ' selected="selected"' : ''; $user_html .= '>' . htmlspecialchars($name) . '</option>'; } $user_html .= '</select>'; } else { $user_html = '<input type="text" name="u_n[u]" />'; } $this->_form->addVariable($user_html, 'u_n[v]', $this->_type, false, false, null, $params); } foreach ($perm_val as $u_id => $u_perms) { $var = $this->_form->addVariable($u_id, 'u_v[' . $u_id . ']', $this->_type, false, false, null, $params); $var->setDefault($u_perms); } } /* Groups permissions. */ $perm_val = $permission->getGroupPermissions(); $this->_form->setSection('groups', Horde_Core_Translation::t("Groups"), Horde_Themes_Image::tag('group.png'), false); try { $group_list = $GLOBALS['injector']->getInstance('Horde_Group')->listAll(); } catch (Horde_Group_Exception $e) { $GLOBALS['notification']->push($e); $group_list = array(); } if (!empty($group_list)) { /* There is an available list of groups so set up an array which * the matrix field type will recognise to set up an enum box for * adding new groups to the permissions matrix. */ $new_groups = array(); foreach ($group_list as $groupId => $group) { if (!isset($perm_val[$groupId])) { $new_groups[$groupId] = $group; } } } else { /* Do not offer a text box to add new groups. */ $new_groups = false; } if ($this->_type == 'matrix') { /* Set up the matrix array, break up each permission integer into * an array. The keys of this array will be the row headers. */ $rows = array(); $matrix = array(); foreach ($perm_val as $g_id => $g_perms) { $rows[$g_id] = isset($group_list[$g_id]) ? $group_list[$g_id] : $g_id; $matrix[$g_id] = Horde_Perms::integerToArray($g_perms); } $this->_form->addVariable('', 'g', 'matrix', false, false, null, array($cols, $rows, $matrix, $new_groups)); } else { if ($new_groups) { if (is_array($new_groups)) { $g_n = Horde_Util::getFormData('g_n'); $g_n = empty($g_n['g']) ? null : $g_n['g']; $group_html = '<select name="g_n[g]"><option value="">' . Horde_Core_Translation::t("-- select --") . '</option>'; foreach ($new_groups as $groupId => $group) { $group_html .= '<option value="' . $groupId . '"'; $group_html .= $g_n == $groupId ? ' selected="selected"' : ''; $group_html .= '>' . htmlspecialchars($group) . '</option>'; } $group_html .= '</select>'; } else { $group_html = '<input type="text" name="g_n[g]" />'; } $this->_form->addVariable($group_html, 'g_n[v]', $this->_type, false, false, null, $params); } foreach ($perm_val as $g_id => $g_perms) { $var = $this->_form->addVariable(isset($group_list[$g_id]) ? $group_list[$g_id] : $g_id, 'g_v[' . $g_id . ']', $this->_type, false, false, null, $params); $var->setDefault($g_perms); } } /* Set form title. */ $this->_form->setTitle(sprintf(Horde_Core_Translation::t("Edit permissions for \"%s\""), $this->_corePerms->getTitle($permission->getName()))); }