/** * Returns a list of ACE's for this node. * * Each ACE has the following properties: * * 'privilege', a string such as {DAV:}read or {DAV:}write. These are * currently the only supported privileges * * 'principal', a url to the principal who owns the node * * 'protected' (optional), indicating that this ACE is not allowed to * be updated. * * @return array */ public function getACL() { $readprincipal = $this->getOwner(); $writeprincipal = $this->getOwner(); $createprincipal = $this->getOwner(); $deleteprincipal = $this->getOwner(); $uid = OCA\Contacts\Addressbook::extractUserID($this->getOwner()); $readWriteACL = array(array('privilege' => '{DAV:}read', 'principal' => 'principals/' . OCP\User::getUser(), 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => 'principals/' . OCP\User::getUser(), 'protected' => true)); if ($uid != OCP\USER::getUser()) { $sharedAddressbook = OCP\Share::getItemSharedWithBySource('addressbook', $this->addressBookInfo['id']); if ($sharedAddressbook) { if ($sharedAddressbook['permissions'] & OCP\PERMISSION_CREATE && $sharedAddressbook['permissions'] & OCP\PERMISSION_UPDATE && $sharedAddressbook['permissions'] & OCP\PERMISSION_DELETE) { return $readWriteACL; } if ($sharedAddressbook['permissions'] & OCP\PERMISSION_CREATE) { $createprincipal = 'principals/' . OCP\USER::getUser(); } if ($sharedAddressbook['permissions'] & OCP\PERMISSION_READ) { $readprincipal = 'principals/' . OCP\USER::getUser(); } if ($sharedAddressbook['permissions'] & OCP\PERMISSION_UPDATE) { $writeprincipal = 'principals/' . OCP\USER::getUser(); } if ($sharedAddressbook['permissions'] & OCP\PERMISSION_DELETE) { $deleteprincipal = 'principals/' . OCP\USER::getUser(); } } } else { return parent::getACL(); } return array(array('privilege' => '{DAV:}read', 'principal' => $readprincipal, 'protected' => true), array('privilege' => '{DAV:}write-content', 'principal' => $writeprincipal, 'protected' => true), array('privilege' => '{DAV:}bind', 'principal' => $createprincipal, 'protected' => true), array('privilege' => '{DAV:}unbind', 'principal' => $deleteprincipal, 'protected' => true)); }
/** * Returns a list of ACE's for this node. * * Each ACE has the following properties: * * 'privilege', a string such as {DAV:}read or {DAV:}write. These are * currently the only supported privileges * * 'principal', a url to the principal who owns the node * * 'protected' (optional), indicating that this ACE is not allowed to * be updated. * * @return array */ public function getACL() { $readprincipal = $this->getOwner(); $writeprincipal = $this->getOwner(); $createprincipal = $this->getOwner(); $deleteprincipal = $this->getOwner(); $uid = $this->carddavBackend->userIDByPrincipal($this->getOwner()); $readWriteACL = array(array('privilege' => '{DAV:}read', 'principal' => 'principals/' . \OCP\User::getUser(), 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => 'principals/' . \OCP\User::getUser(), 'protected' => true)); if ($uid !== \OCP\User::getUser()) { list($backendName, $id) = explode('::', $this->addressBookInfo['id']); $sharedAddressbook = \OCP\Share::getItemSharedWithBySource('addressbook', $id); if ($sharedAddressbook) { if ($sharedAddressbook['permissions'] & \OCP\PERMISSION_CREATE && $sharedAddressbook['permissions'] & \OCP\PERMISSION_UPDATE && $sharedAddressbook['permissions'] & \OCP\PERMISSION_DELETE) { return $readWriteACL; } if ($sharedAddressbook['permissions'] & \OCP\PERMISSION_CREATE) { $createprincipal = 'principals/' . \OCP\User::getUser(); } if ($sharedAddressbook['permissions'] & \OCP\PERMISSION_READ) { $readprincipal = 'principals/' . \OCP\User::getUser(); } if ($sharedAddressbook['permissions'] & \OCP\PERMISSION_UPDATE) { $writeprincipal = 'principals/' . \OCP\User::getUser(); } if ($sharedAddressbook['permissions'] & \OCP\PERMISSION_DELETE) { $deleteprincipal = 'principals/' . \OCP\User::getUser(); } } } else { return parent::getACL(); } return array(array('privilege' => '{DAV:}read', 'principal' => $readprincipal, 'protected' => true), array('privilege' => '{DAV:}write-content', 'principal' => $writeprincipal, 'protected' => true), array('privilege' => '{DAV:}bind', 'principal' => $createprincipal, 'protected' => true), array('privilege' => '{DAV:}unbind', 'principal' => $deleteprincipal, 'protected' => true)); }
function testACLMethods() { $this->assertEquals('principals/user1', $this->ab->getOwner()); $this->assertNull($this->ab->getGroup()); $this->assertEquals(array(array('privilege' => '{DAV:}read', 'principal' => 'principals/user1', 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => 'principals/user1', 'protected' => true)), $this->ab->getACL()); }