[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-cvs] property/inc/class.acl2.inc.php, 1.2
From: |
nomail |
Subject: |
[Phpgroupware-cvs] property/inc/class.acl2.inc.php, 1.2 |
Date: |
Wed, 2 Jun 2004 20:54:27 +0200 |
Update of /property/inc
Added Files:
Branch:
class.acl2.inc.php
date: 2004/06/02 18:54:27; author: sigurdne; state: Exp; lines: +658 -0
Log Message:
no message
=====================================================================
<?php
/**************************************************************************\
* phpGroupWare - property
*
* http://www.phpgroupware.org
*
*
*
* Facilities Management
*
* Written by Sigurd Nes [sigurdne at online.no]
*
*
------------------------------------------------------------------------ *
* Copyright 2000 - 2003 Free Software Foundation, Inc
*
* This program is part of the GNU project, see http://www.gnu.org/
*
*
------------------------------------------------------------------------ *
* This program is free software; you can redistribute it and/or modify
it *
* under the terms of the GNU General Public License as published by the
*
* Free Software Foundation; either version 2 of the License, or (at
your *
* option) any later version.
*
\**************************************************************************/
class acl2
{
var $account_id;
var $host_id;
var $app_id;
var $memberships = Array(0=>1); //group 0 is for all users
var $memberships_sql = ',0'; //group 0 is for all users
var $rights_cache = Array();
var $masks_cache = Array();
var $previous_location; // used for inheritance
var $db;
/*************************************************************************\
* These lines load up the templates class and set some default
values *
\*************************************************************************/
function acl2()
{
$expected_args[0] =
Array('name'=>'account_id','default'=>$GLOBALS['phpgw_info']['user']['account_id'],
'type'=>'number');
$expected_args[1] =
Array('name'=>'host_id','default'=>0, 'type'=>'number');
$expected_args[2] =
Array('name'=>'app_id','default'=>$GLOBALS['phpgw']->applications->data[$GLOBALS['phpgw_info']['flags']['currentapp']]['id'],
'type'=>'number');
$recieved_args = func_get_args();
$args = safe_args($expected_args,
$recieved_args,__LINE__,__FILE__);
$this->db = $GLOBALS['phpgw']->db;
$this->db2 = $this->db;
$this->account_id = $args['account_id'];
$this->host_id = $args['host_id'];
$this->app_id = $args['app_id'];
}
function get_memberships ()
{
$expected_args[0] =
Array('name'=>'account_id','default'=>$this->account_id, 'type'=>'number');
$recieved_args = func_get_args();
$args = safe_args($expected_args,
$recieved_args,__LINE__,__FILE__);
$sql = "SELECT acl_location,acl_rights FROM fm_acl2
WHERE (
acl_host='".$this->host_id."' and acl_appid = 0 and acl_account =
".$args['account_id'].")";
$this->db->query($sql,__LINE__,__FILE__);
while ($this->db->next_record())
{
if(!isset($this->memberships[$this->db->f('acl_location')]))
{
$this->memberships[$this->db->f('acl_location')] = $this->db->f('acl_rights');
$this->memberships_sql .=
','.$this->db->f('acl_location');
$this->get_memberships(Array('account_id'=>$this->db->f('acl_location')));
}
}
}
function cache_rights()
{
$expected_args[0] =
Array('name'=>'location','default'=>'##REQUIRED##', 'type'=>'alphanumeric');
$expected_args[1] =
Array('name'=>'app_id','default'=>$this->app_id, 'type'=>'number');
$expected_args[2] =
Array('name'=>'account_id','default'=>$this->account_id, 'type'=>'number');
$expected_args[3] =
Array('name'=>'grantor','default'=>False, 'type'=>'any');
$expected_args[4] =
Array('name'=>'no_effective','default'=>false, 'type'=>'any');
$recieved_args = func_get_args();
$args = safe_args($expected_args,
$recieved_args,__LINE__,__FILE__);
if(isset($this->rights_cache[$args['app_id']][$args['account_id']][$args['location']]))
{
return;
}
$sql = "SELECT
acl_rights,acl_type,acl_data,acl_location FROM fm_acl2 WHERE (acl_appid =
'".$args['app_id']."' ";
$sql .= " and (acl_account in
(".$args['account_id']."".$this->memberships_sql.'))';
$sql .= " and acl_location = '". $args['location'] .
"'";
if($args['grantor']>0)
{
$sql .= " and (grantor=" . $args['grantor'] .
")";
}
else
{
$sql .= " and (grantor is NULL)";
}
$sql .= ') ORDER BY acl_location, acl_type DESC';
$this->db->query($sql,__LINE__,__FILE__);
while($this->db->next_record())
{
if($this->rights_cache[$args['app_id']][$args['account_id']][$args['location']]
== 0)
{
$this->rights_cache[$args['app_id']][$args['account_id']][$this->db->f('acl_location')]
= 0;
}
if($this->masks_cache[$args['app_id']][$args['account_id']][$args['location']]
== 0)
{
$this->masks_cache[$args['app_id']][$args['account_id']][$this->db->f('acl_location')]
= 0;
}
if((int)$this->db->f('acl_type') == 0)
{
$this->rights_cache[$args['app_id']][$args['account_id']][$this->db->f('acl_location')]
=
$this->bit_set($this->rights_cache[$args['app_id']][$args['account_id']][$this->db->f('acl_location')],(int)$this->db->f('acl_rights'));
}
else
{
$this->masks_cache[$args['app_id']][$args['account_id']][$this->db->f('acl_location')]
=
$this->bit_set($this->rights_cache[$args['app_id']][$args['account_id']][$this->db->f('acl_location')],(int)$this->db->f('acl_rights'));
}
if(!$this->db->f('acl_rights'))
{
$this->rights_cache[$args['app_id']][$args['account_id']][$args['location']]=0;
$this->masks_cache[$args['app_id']][$args['account_id']][$args['location']]=0;
}
if(!$args['no_effective'])
{
$this->rights_cache[$args['app_id']][$args['account_id']][$this->db->f('acl_location')]
=
$this->bit_mask($this->rights_cache[$args['app_id']][$args['account_id']][$args['location']],
$this->masks_cache[$args['app_id']][$args['account_id']][$args['location']]);
}
}
}
function check_grant()
{
$expected_args[0] =
Array('name'=>'grantor','default'=>$this->account_id, 'type'=>'number');
$expected_args[1] =
Array('name'=>'location','default'=>'##REQUIRED##', 'type'=>'alphanumeric');
$expected_args[2] =
Array('name'=>'required','default'=>1, 'type'=>'number');
$expected_args[3] =
Array('name'=>'account_id','default'=>$this->account_id, 'type'=>'number');
$expected_args[4] =
Array('name'=>'app_id','default'=>$this->app_id, 'type'=>'number');
$expected_args[5] =
Array('name'=>'no_membership','default'=>false, 'type'=>'number');
$expected_args[6] =
Array('name'=>'acl_type','default'=>0, 'type'=>'number');
$expected_args[7] =
Array('name'=>'no_effective','default'=>false, 'type'=>'any');
$recieved_args = func_get_args();
$args = safe_args($expected_args,
$recieved_args,__LINE__,__FILE__);
if(!$args['no_membership'])
{
$memberships =
$GLOBALS['phpgw']->accounts->membership($args['account_id']);
while (is_array($memberships) &&
list(,$account) = each($memberships))
{
$member_of[] = $account['account_id'];
}
if($member_of)
{
$this->memberships_sql = ',' .
@implode(",",$member_of);
}
}
$this->cache_rights($args['location'],$args['app_id'],$args['account_id'],$args['grantor'],$args['no_effective']);
if($args['acl_type']==0)
{
return
$this->bit_check($this->rights_cache[$args['app_id']][$args['account_id']][$args['location']],$args['required']);
}
else
{
return
$this->bit_check($this->masks_cache[$args['app_id']][$args['account_id']][$args['location']],$args['required']);
}
}
function check()
{
$expected_args[0] =
Array('name'=>'location','default'=>'##REQUIRED##', 'type'=>'alphanumeric');
$expected_args[1] =
Array('name'=>'required','default'=>1, 'type'=>'number');
$expected_args[2] =
Array('name'=>'account_id','default'=>$this->account_id, 'type'=>'number');
$expected_args[3] =
Array('name'=>'app_id','default'=>$this->app_id, 'type'=>'number');
$expected_args[4] =
Array('name'=>'no_membership','default'=>false, 'type'=>'number');
$expected_args[5] =
Array('name'=>'acl_type','default'=>0, 'type'=>'number');
$expected_args[6] =
Array('name'=>'no_effective','default'=>false, 'type'=>'any');
$recieved_args = func_get_args();
$args = safe_args($expected_args,
$recieved_args,__LINE__,__FILE__);
if(!$args['no_membership'])
{
$memberships =
$GLOBALS['phpgw']->accounts->membership($args['account_id']);
while (is_array($memberships) &&
list(,$account) = each($memberships))
{
$member_of[] = $account['account_id'];
}
if($member_of)
{
$this->memberships_sql = ',' .
@implode(",",$member_of);
}
}
$this->cache_rights($args['location'],$args['app_id'],$args['account_id'],False,$args['no_effective']);
if($args['acl_type']==0)
{
return
$this->bit_check($this->rights_cache[$args['app_id']][$args['account_id']][$args['location']],$args['required']);
}
else
{
return
$this->bit_check($this->masks_cache[$args['app_id']][$args['account_id']][$args['location']],$args['required']);
}
}
/*!
@function add
@abstract Adds ACL record to $acl->data
@discussion Adds ACL record to $acl->data. <br>
Syntax: array add() <br>
Example1: acl->add();
@param $appname default False derives value from
$phpgw_info['flags']['currentapp']
@param $location location
@param $rights rights
*/
function add()
{
$expected_args[0] =
Array('name'=>'location','default'=>'##REQUIRED##', 'type'=>'alphanumeric');
$expected_args[1] =
Array('name'=>'rights','default'=>1, 'type'=>'number');
$expected_args[2] =
Array('name'=>'account_id','default'=>$this->account_id, 'type'=>'number');
$expected_args[3] = Array('name'=>'type','default'=>0,
'type'=>'number');
$expected_args[4] =
Array('name'=>'app_id','default'=>$this->app_id, 'type'=>'number');
$expected_args[5] =
Array('name'=>'data','default'=>NULL, 'type'=>'any');
$recieved_args = func_get_args();
$args = safe_args($expected_args,
$recieved_args,__LINE__,__FILE__);
$sql = "SELECT acl_rights FROM fm_acl2 WHERE (acl_appid
= '".$args['app_id']."' ";
$sql .= " and acl_account = ".$args['account_id'];
$sql .= " and acl_location = '".$args['location']."'
and acl_type=".$args['type']." and grantor is NULL)";
$this->db->query($sql,__LINE__,__FILE__);
if($this->db->num_rows() != 0)
{
$this->db->next_record();
$newrights = $this->bit_set($args['rights'],
(int)$this->db->f('acl_rights'));
$sql = "UPDATE fm_acl2 SET acl_rights
=".$newrights;
$sql .= " WHERE acl_host=".$this->host_id." AND
acl_appid=".$args['app_id']." AND acl_account=".$args['account_id']." AND
acl_location='".$args['location']."' AND acl_type=".$args['type'];
}
else
{
$sql = "INSERT INTO fm_acl2
(acl_host,acl_appid,acl_account,acl_location,acl_rights,acl_type,acl_data)
VALUES
(".$this->host_id.",".$args['app_id'].",".$args['account_id'].",'".$args['location']."',".$args['rights'].",".$args['type'].",'".$args['data']."')";
}
$this->db->query($sql,__LINE__,__FILE__);
$this->rights_cache = Array();
$this->masks_cache = Array();
}
function set_grant() //inheritance is saved to the database
{
$expected_args[0] =
Array('name'=>'location','default'=>'##REQUIRED##', 'type'=>'alphanumeric');
$expected_args[1] =
Array('name'=>'rights','default'=>1, 'type'=>'number');
$expected_args[2] =
Array('name'=>'account_id','default'=>$this->account_id, 'type'=>'number');
$expected_args[3] = Array('name'=>'type','default'=>0,
'type'=>'number');
$expected_args[4] =
Array('name'=>'grantor','default'=>NULL, 'type'=>'any');
$expected_args[5] =
Array('name'=>'app_id','default'=>$this->app_id, 'type'=>'number');
$expected_args[6] =
Array('name'=>'data','default'=>NULL, 'type'=>'any');
$recieved_args = func_get_args();
$args = safe_args($expected_args,
$recieved_args,__LINE__,__FILE__);
if($args['grantor'])
{
$grantor = $args['grantor'];
$grantor_type = 'g';
}
else
{
$grantor =
$GLOBALS['phpgw_info']['user']['account_id'];
}
$sql = "SELECT acl_rights, acl_location FROM fm_acl2
WHERE (acl_appid = '".$args['app_id']."' ";
$sql .= " and acl_account = ".$args['account_id'];
$sql .= " and acl_location = '".$args['location']."'
and acl_type=".$args['type']." and grantor = $grantor)";
$this->db->query($sql,__LINE__,__FILE__);
while($this->db->next_record())
{
if((int)$args['rights'] == 0)
{
$sql = "DELETE FROM fm_acl2";
}
else
{
$sql = "UPDATE fm_acl2 SET acl_rights
=".$args['rights'];
}
$sql .= " WHERE acl_host=".$this->host_id." AND
acl_appid=".$args['app_id']." AND acl_account=".$args['account_id']." AND
acl_location='".$this->db->f('acl_location')."' AND acl_type=".$args['type'] .
" AND grantor = $grantor";
$this->db2->query($sql,__LINE__,__FILE__);
$updated_locations[]=$this->db->f('acl_location');
}
$sql = "SELECT id FROM fm_acl_location WHERE (id like
'%".$args['location']."%') AND allow_grant=1";
$this->db->query($sql,__LINE__,__FILE__);
while($this->db->next_record())
{
$add_locations[]=$this->db->f('id');
}
if($updated_locations)
{
$add_locations = array_diff($add_locations,
$updated_locations);
}
$add_locations =
explode("-",implode("-",$add_locations));
if(is_array($add_locations) && count($add_locations)>0)
{
for ($i=0;$i<count($add_locations);$i++)
{
for ($j=0;$j<($i+1);$j++)
{
$location
=$add_locations[$j];
}
if(strlen($location)>=strlen($args['location']))
{
if($args['rights'] != 0)
{
$sql = "SELECT
acl_rights FROM fm_acl2 WHERE (acl_appid = '".$args['app_id']."' ";
$sql .= " and
acl_account = ".$args['account_id'];
$sql .= " and
acl_location = '$location' and acl_type=".$args['type']. " AND grantor =
$grantor)";
$this->db->query($sql,__LINE__,__FILE__);
if($this->db->num_rows() == 0)
{
$sql = "INSERT
INTO fm_acl2
(acl_host,acl_appid,acl_account,acl_location,acl_rights,acl_type,acl_data,grantor,grantor_type)
VALUES
(".$this->host_id.",".$args['app_id'].",".$args['account_id'].",'".$location."',".$args['rights'].",".$args['type'].",'".$args['data']."',$grantor,'$grantor_type')";
$this->db2->query($sql,__LINE__,__FILE__);
}
else
{
$sql = "UPDATE
fm_acl2 SET acl_rights =".$args['rights'];
$sql .= " WHERE
acl_host=".$this->host_id." AND acl_appid=".$args['app_id']." AND
acl_account=".$args['account_id']." AND acl_location='".$location."' AND
acl_type=".$args['type'] . " AND grantor = $grantor";
$this->db2->query($sql,__LINE__,__FILE__);
}
}
}
unset($location);
}
}
$this->rights_cache = Array();
$this->masks_cache = Array();
}
function set() //inheritance is saved to the database
{
$expected_args[0] =
Array('name'=>'location','default'=>'##REQUIRED##', 'type'=>'alphanumeric');
$expected_args[1] =
Array('name'=>'rights','default'=>1, 'type'=>'number');
$expected_args[2] =
Array('name'=>'account_id','default'=>$this->account_id, 'type'=>'number');
$expected_args[3] = Array('name'=>'type','default'=>0,
'type'=>'number');
$expected_args[4] =
Array('name'=>'app_id','default'=>$this->app_id, 'type'=>'number');
$expected_args[5] =
Array('name'=>'data','default'=>NULL, 'type'=>'any');
$recieved_args = func_get_args();
$args = safe_args($expected_args,
$recieved_args,__LINE__,__FILE__);
$sql = "SELECT acl_rights, acl_location FROM fm_acl2
WHERE (acl_appid = '".$args['app_id']."' ";
$sql .= " and acl_account = ".$args['account_id'];
$sql .= " and acl_location = '".$args['location']."'
and acl_type=".$args['type']." AND grantor is NULL)";
$this->db->query($sql,__LINE__,__FILE__);
while($this->db->next_record())
{
if((int)$args['rights'] == 0)
{
$sql = "DELETE FROM fm_acl2";
}
else
{
$sql = "UPDATE fm_acl2 SET acl_rights
=".$args['rights'];
}
$sql .= " WHERE acl_host=".$this->host_id." AND
acl_appid=".$args['app_id']." AND acl_account=".$args['account_id']." AND
acl_location='".$this->db->f('acl_location')."' AND acl_type=".$args['type'] .
' AND grantor is NULL';
$this->db2->query($sql,__LINE__,__FILE__);
$updated_locations[]=$this->db->f('acl_location');
}
$sql = "SELECT id FROM fm_acl_location WHERE (id like
'%".$args['location']."%')";
$this->db->query($sql,__LINE__,__FILE__);
while($this->db->next_record())
{
$add_locations[]=$this->db->f('id');
}
if($updated_locations)
{
$add_locations = array_diff($add_locations,
$updated_locations);
}
$add_locations =
explode("-",implode("-",$add_locations));
if(is_array($add_locations) && count($add_locations)>0)
{
for ($i=0;$i<count($add_locations);$i++)
{
for ($j=0;$j<($i+1);$j++)
{
$location
=$add_locations[$j];
}
if(strlen($location)>=strlen($args['location']))
{
if($args['rights'] != 0)
{
$sql = "SELECT
acl_rights FROM fm_acl2 WHERE (acl_appid = '".$args['app_id']."' ";
$sql .= " and
acl_account = ".$args['account_id'];
$sql .= " and
acl_location = '$location' and acl_type=".$args['type']." AND grantor is NULL
)";
$this->db->query($sql,__LINE__,__FILE__);
if($this->db->num_rows() == 0)
{
$sql = "INSERT
INTO fm_acl2
(acl_host,acl_appid,acl_account,acl_location,acl_rights,acl_type,acl_data)
VALUES
(".$this->host_id.",".$args['app_id'].",".$args['account_id'].",'".$location."',".$args['rights'].",".$args['type'].",'".$args['data']."')";
$this->db2->query($sql,__LINE__,__FILE__);
}
else
{
$sql = "UPDATE
fm_acl2 SET acl_rights =".$args['rights'];
$sql .= " WHERE
acl_host=".$this->host_id." AND acl_appid=".$args['app_id']." AND
acl_account=".$args['account_id']." AND acl_location='".$location."' AND
acl_type=".$args['type'] . ' AND grantor is NULL';
$this->db2->query($sql,__LINE__,__FILE__);
}
}
}
unset($location);
}
}
$this->rights_cache = Array();
$this->masks_cache = Array();
}
function remove()
{
$expected_args[0] =
Array('name'=>'location','default'=>'##REQUIRED##', 'type'=>'alphanumeric');
$expected_args[1] =
Array('name'=>'rights','default'=>1, 'type'=>'number');
$expected_args[2] =
Array('name'=>'account_id','default'=>$this->account_id, 'type'=>'number');
$expected_args[3] = Array('name'=>'type','default'=>0,
'type'=>'number');
$expected_args[4] =
Array('name'=>'app_id','default'=>$this->app_id, 'type'=>'number');
$expected_args[5] =
Array('name'=>'data','default'=>NULL, 'type'=>'any');
$recieved_args = func_get_args();
$args = safe_args($expected_args,
$recieved_args,__LINE__,__FILE__);
$sql = "SELECT acl_rights FROM fm_acl2 WHERE (acl_appid
= '".$args['app_id']."' ";
$sql .= " and acl_account = ".$args['account_id'];
$sql .= " and acl_location = '".$args['location']."'
and acl_type=".$args['type']." and grantor is NULL)";
$this->db->query($sql,__LINE__,__FILE__);
if($this->db->num_rows() != 0)
{
$this->db->next_record();
$newrights =
$this->bit_mask((int)$this->db->f('acl_rights'),$args['rights']);
if ($newrights != 0)
{
$sql = "UPDATE fm_acl2 SET acl_rights
=".$newrights;
}
else
{
$sql = "DELETE FROM fm_acl2";
}
$sql .= " WHERE acl_host=".$this->host_id." AND
acl_appid=".$args['app_id']." AND acl_account=".$args['account_id']." AND
acl_location LIKE '%".$args['location']."%' AND acl_type=".$args['type'] . '
and grantor is NULL';
$this->db->query($sql,__LINE__,__FILE__);
$this->rights_cache = Array();
$this->masks_cache = Array();
}
}
function remove_grant()
{
$expected_args[0] =
Array('name'=>'location','default'=>'##REQUIRED##', 'type'=>'alphanumeric');
$expected_args[1] =
Array('name'=>'rights','default'=>1, 'type'=>'number');
$expected_args[2] =
Array('name'=>'account_id','default'=>$this->account_id, 'type'=>'number');
$expected_args[3] = Array('name'=>'type','default'=>0,
'type'=>'number');
$expected_args[4] =
Array('name'=>'grantor','default'=>NULL, 'type'=>'any');
$expected_args[5] =
Array('name'=>'app_id','default'=>$this->app_id, 'type'=>'number');
$expected_args[6] =
Array('name'=>'data','default'=>NULL, 'type'=>'any');
$recieved_args = func_get_args();
$args = safe_args($expected_args,
$recieved_args,__LINE__,__FILE__);
if($args['grantor'])
{
$grantor = $args['grantor'];
}
else
{
$grantor =
$GLOBALS['phpgw_info']['user']['account_id'];
}
$sql = "SELECT acl_rights FROM fm_acl2 WHERE (acl_appid
= '".$args['app_id']."' ";
$sql .= " and acl_account = ".$args['account_id'];
$sql .= " and acl_location = '".$args['location']."'
and acl_type=".$args['type']." and grantor = $grantor)";
$this->db->query($sql,__LINE__,__FILE__);
if($this->db->num_rows() != 0)
{
$this->db->next_record();
$newrights =
$this->bit_mask((int)$this->db->f('acl_rights'),$args['rights']);
if ($newrights != 0)
{
$sql = "UPDATE fm_acl2 SET acl_rights
=".$newrights;
}
else
{
$sql = "DELETE FROM fm_acl2";
}
$sql .= " WHERE acl_host=".$this->host_id." AND
acl_appid=".$args['app_id']." AND acl_account=".$args['account_id']." AND
acl_location LIKE '%".$args['location']."%' AND acl_type=".$args['type'] . "
and grantor = $grantor";
$this->db->query($sql,__LINE__,__FILE__);
$this->rights_cache = Array();
$this->masks_cache = Array();
}
}
/*************************************************************************\
* Non-standard functions. Should only be used for ACL
management needs *
\*************************************************************************/
function check_specific()
{
$expected_args[0] =
Array('name'=>'location','default'=>'##REQUIRED##', 'type'=>'alphanumeric');
$expected_args[1] =
Array('name'=>'required','default'=>1, 'type'=>'number');
$expected_args[2] =
Array('name'=>'account_id','default'=>$this->account_id, 'type'=>'number');
$expected_args[3] =
Array('name'=>'app_id','default'=>$this->app_id, 'type'=>'number');
$recieved_args = func_get_args();
$args = safe_args($expected_args,
$recieved_args,__LINE__,__FILE__);
$sql = "SELECT acl_rights,acl_type,acl_data FROM
fm_acl2 WHERE (acl_appid = '".$args['app_id']."' ";
$sql .= " and acl_account = ".$args['account_id'];
$sql .= " and acl_location = '".$args['location']."'
and acl_type=0)";
$this->db->query($sql,__LINE__,__FILE__);
$rights = 0;
while ($this->db->next_record())
{
$rights =
$this->bit_set($rights,(int)$this->db->f('acl_rights'));
}
return $this->bit_check($rights,$args['required']);
}
/* I dont feel this function will be needed, and plan to remove
it when certain.
function check_location()
{
$expected_args[0] =
Array('name'=>'location','default'=>'##REQUIRED##', 'type'=>'alphanumeric');
$expected_args[1] =
Array('name'=>'required','default'=>1, 'type'=>'number');
$expected_args[2] =
Array('name'=>'app_id','default'=>$this->app_id, 'type'=>'number');
$recieved_args = func_get_args();
$args = safe_args($expected_args,
$recieved_args,__LINE__,__FILE__);
$sql = "SELECT acl_rights,acl_type,acl_data FROM
fm_acl2 WHERE (acl_appid = '".$args['app_id']."' ";
$sql .= " and (acl_account in
(".$this->account_id.",".$this->memberships_sql.'))';
$sql .= " and acl_location = '".$args['location']."'
and acl_type=0)";
$this->db->query($sql,__LINE__,__FILE__);
$rights = 0;
while ($this->db->next_record())
{
$rights =
$this->bit_set($rights,(int)$this->db->f('acl_rights'));
}
return $this->bit_check($rights,$args['required']);
}
*/
function get_grants($app='',$location='')
{
if ($app=='')
{
$app =
$GLOBALS['phpgw_info']['flags']['currentapp'];
}
$app_id =
$GLOBALS['phpgw']->applications->data[$app]['id'];
$sql = "select grantor,grantor_type, acl_rights from
fm_acl2 where acl_appid = $app_id AND acl_type=0 and acl_location =
'$location' AND grantor is NOT NULL AND"
. " fm_acl2.acl_account in ";
$security = "(". $this->account_id ."";
$myaccounts = CreateObject('phpgwapi.accounts');
$my_memberships =
$myaccounts->membership($this->account_id);
// unset($myaccounts);
@reset($my_memberships);
while($my_memberships && list($key,$group) =
each($my_memberships))
{
$security .= "," . $group['account_id'];
}
$security .= ')';
$this->db2->query($sql . $security ,__LINE__,__FILE__);
$rights = 0;
$accounts = Array();
if ($this->db2->num_rows() == 0)
{
$grants[$GLOBALS['phpgw_info']['user']['account_id']] = 31;
return $grants;
}
while ($this->db2->next_record())
{
$grantor = $this->db2->f('grantor');
$rights = $this->db2->f('acl_rights');
$grantor_type = $this->db2->f('grantor_type');
if($grantor_type =='g')
{
$grantor_members =
$myaccounts->member($grantor);
foreach($grantor_members as $grantor)
{
$accounts[$grantor['account_id']] = array($grantor['account_id']);
if(!isset($grants[$grantor['account_id']]))
{
$grants[$grantor['account_id']] = 0;
}
$grants[$grantor['account_id']]
|= $rights;
reset($accounts[$grantor['account_id']]);
}
}
else
{
$accounts[$grantor] = Array($grantor);
foreach($accounts[$grantor] as
$grantors)
{
if(!isset($grants[$grantors]))
{
$grants[$grantors] = 0;
}
$grants[$grantors] |= $rights;
}
reset($accounts[$grantor]);
}
}
$grants[$GLOBALS['phpgw_info']['user']['account_id']] =
31;
return $grants;
}
/*************************************************************************\
* Support functions
*
\*************************************************************************/
/*!
@function bit_set
@abstract add/turn_on new bit to current value
*/
function bit_set($rights, $new)
{
return $rights |= $new;
}
/*!
@function bit_mask
@abstract mask/turn_off new bit from current value
*/
function bit_mask($rights, $mask)
{
return $rights &= ~$mask;
}
/*!
@function bit_check
@abstract check if required bit is set/turned_on in the rights
*/
function bit_check($rights, $required)
{
return ($rights & $required);
}
}
?>
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Phpgroupware-cvs] property/inc/class.acl2.inc.php, 1.2,
nomail <=