/** * get list of role memberships * * @param int $accountId * @param string $type * @return array of array with role ids * @throws Tinebase_Exception_NotFound */ public function getRoleMemberships($accountId, $type = Tinebase_Acl_Rights::ACCOUNT_TYPE_USER) { if ($type === Tinebase_Acl_Rights::ACCOUNT_TYPE_USER) { $accountId = Tinebase_Model_User::convertUserIdToInt($accountId); $groupMemberships = Tinebase_Group::getInstance()->getGroupMemberships($accountId); if (empty($groupMemberships)) { throw new Tinebase_Exception_NotFound('Any account must belong to at least one group. The account with accountId ' . $accountId . ' does not belong to any group.'); } $classCacheId = Tinebase_Helper::convertCacheId($accountId . implode('', $groupMemberships) . $type); } else { if ($type === Tinebase_Acl_Rights::ACCOUNT_TYPE_GROUP) { $accountId = Tinebase_Model_Group::convertGroupIdToInt($accountId); $classCacheId = Tinebase_Helper::convertCacheId($accountId . $type); } else { throw new Tinebase_Exception_InvalidArgument('Invalid type: ' . $type); } } if (isset($this->_classCache[__FUNCTION__][$classCacheId])) { return $this->_classCache[__FUNCTION__][$classCacheId]; } $select = $this->_getDb()->select()->distinct()->from(array('role_accounts' => SQL_TABLE_PREFIX . 'role_accounts'), array('role_id'))->where($this->_getDb()->quoteInto($this->_getDb()->quoteIdentifier('account_id') . ' = ?', $accountId) . ' AND ' . $this->_getDb()->quoteInto($this->_getDb()->quoteIdentifier('account_type') . ' = ?', $type)); if ($type === Tinebase_Acl_Rights::ACCOUNT_TYPE_USER) { $select->orwhere($this->_getDb()->quoteInto($this->_getDb()->quoteIdentifier('account_id') . ' IN (?)', $groupMemberships) . ' AND ' . $this->_getDb()->quoteInto($this->_getDb()->quoteIdentifier('account_type') . ' = ?', Tinebase_Acl_Rights::ACCOUNT_TYPE_GROUP)); } $stmt = $this->_getDb()->query($select); $memberships = $stmt->fetchAll(Zend_Db::FETCH_COLUMN); $this->_classCache[__FUNCTION__][$classCacheId] = $memberships; return $memberships; }
/** * try to convert id of group object and check if correct exceptions are thrown */ public function testConvertGroupIdToIntWithGroup() { $this->setExpectedException('Tinebase_Exception_InvalidArgument'); Tinebase_Model_Group::convertGroupIdToInt(new Tinebase_Model_Group(array('name' => 'tine20phpunit noid', 'description' => 'noid group'))); }
/** * returns ldap metadata of given group * * @param int $_groupId * @return array * * @todo remove obsolete code */ protected function _getGroupMetaData($_groupId) { $groupId = Tinebase_Model_Group::convertGroupIdToInt($_groupId); $filter = Zend_Ldap_Filter::equals($this->_options['groupUUIDAttribute'], Zend_Ldap::filterEscape($groupId)); $result = $this->_ldap->search($filter, $this->_options['groupsDn'], Zend_Ldap::SEARCH_SCOPE_SUB, array('objectclass', 'sambasid'))->getFirst(); return $result; /* } catch (Tinebase_Exception_NotFound $e) { throw new Exception("group with id $groupId not found"); } */ }
/** * returns ldap metadata of given group * * @param int $_groupId */ protected function _getMetaData($_groupId) { $metaData = array(); try { $groupId = Tinebase_Model_Group::convertGroupIdToInt($_groupId); $group = $this->_ldap->fetch($this->_options['groupsDn'], 'objectGUID=' . $groupId, array('objectclass')); $metaData['dn'] = $group['dn']; $metaData['objectClass'] = $group['objectclass']; unset($metaData['objectClass']['count']); } catch (Tinebase_Exception_NotFound $e) { throw new Exception("group with id {$groupId} not found"); } //if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . ' $data: ' . print_r($metaData, true)); return $metaData; }
/** * returns ldap metadata of given group * * @param string $_groupId * @return array * @throws Tinebase_Exception_NotFound * * @todo remove obsolete code */ protected function _getMetaData($_groupId) { $groupId = Tinebase_Model_Group::convertGroupIdToInt($_groupId); $filter = Zend_Ldap_Filter::equals($this->_groupUUIDAttribute, $this->_encodeGroupId($groupId)); $result = $this->getLdap()->search($filter, $this->_options['groupsDn'], $this->_groupSearchScope, array('objectclass', 'objectsid')); if (count($result) !== 1) { throw new Tinebase_Exception_NotFound("Group with id {$_groupId} not found."); } $group = $result->getFirst(); return array('dn' => $group['dn'], 'objectclass' => $group['objectclass'], 'objectsid' => Tinebase_Ldap::decodeSid($group['objectsid'][0])); }
/** * get group by id * * @param string $_name * @return Tinebase_Model_Group * @throws Tinebase_Exception_Record_NotDefined */ public function getGroupById($_groupId) { $groupdId = Tinebase_Model_Group::convertGroupIdToInt($_groupId); $result = $this->getGroupByPropertyFromSqlBackend('id', $groupdId); return $result; }
/** * add grants to container * * @todo check that grant is not already given to container/type/accout combi * @param int|Tinebase_Model_Container $_containerId * @param int $_accountId * @param array $_grants list of grants to add * @return boolean * @throws Tinebase_Exception_AccessDenied */ public function addGrants($_containerId, $_accountType, $_accountId, array $_grants, $_ignoreAcl = FALSE) { $containerId = Tinebase_Model_Container::convertContainerIdToInt($_containerId); if ($_ignoreAcl !== TRUE and !$this->hasGrant(Tinebase_Core::getUser(), $_containerId, Tinebase_Model_Grants::GRANT_ADMIN)) { throw new Tinebase_Exception_AccessDenied('Permission to manage grants on container denied.'); } switch ($_accountType) { case Tinebase_Acl_Rights::ACCOUNT_TYPE_USER: $accountId = Tinebase_Model_User::convertUserIdToInt($_accountId); break; case Tinebase_Acl_Rights::ACCOUNT_TYPE_GROUP: $accountId = Tinebase_Model_Group::convertGroupIdToInt($_accountId); break; case Tinebase_Acl_Rights::ACCOUNT_TYPE_ANYONE: $accountId = '0'; break; default: throw new Tinebase_Exception_InvalidArgument('invalid $_accountType'); break; } $containerGrants = $this->getGrantsOfContainer($containerId, TRUE); $containerGrants->addIndices(array('account_type', 'account_id')); $existingGrants = $containerGrants->filter('account_type', $_accountType)->filter('account_id', $_accountId)->getFirstRecord(); $id = Tinebase_Record_Abstract::generateUID(); foreach ($_grants as $grant) { if ($existingGrants === NULL || !$existingGrants->{$grant}) { $data = array('id' => $id, 'container_id' => $containerId, 'account_type' => $_accountType, 'account_id' => $accountId, 'account_grant' => $grant); $this->_getContainerAclTable()->insert($data); } } $this->_setRecordMetaDataAndUpdate($containerId, 'update'); return true; }
/** * get group by id * * @param string $_name * @return Tinebase_Model_Group * @throws Tinebase_Exception_Record_NotDefined */ public function getGroupById($_groupId) { $groupdId = Tinebase_Model_Group::convertGroupIdToInt($_groupId); $select = $this->_getSelect(); $select->where($this->_db->quoteIdentifier($this->_tableName . '.id') . ' = ?', $groupdId); $stmt = $this->_db->query($select); $queryResult = $stmt->fetch(); $stmt->closeCursor(); if (!$queryResult) { throw new Tinebase_Exception_Record_NotDefined('Group not found.'); } $result = new Tinebase_Model_Group($queryResult, TRUE); return $result; }
/** * try to convert id of group object and check if correct exceptions are thrown */ public function testConvertGroupIdToIntWithGroup() { $this->setExpectedException('Tinebase_Exception_InvalidArgument'); Tinebase_Model_Group::convertGroupIdToInt($this->objects['noIdGroup']); }
/** * returns ldap metadata of given group * * @param string $_groupId * @return array * @throws Tinebase_Exception_NotFound * * @todo remove obsolete code */ protected function _getMetaData($_groupId) { $groupId = Tinebase_Model_Group::convertGroupIdToInt($_groupId); $filter = Zend_Ldap_Filter::equals($this->_groupUUIDAttribute, Zend_Ldap::filterEscape($groupId)); $result = $this->_ldap->search($filter, $this->_options['groupsDn'], $this->_groupSearchScope, array('objectclass')); if (count($result) !== 1) { throw new Tinebase_Exception_NotFound("Group with id {$_groupId} not found."); } return $result->getFirst(); }