| public static readPermsForm ( Horde_Share_Object | Kronolith_Resource_Base $share ) : array | ||
| $share | Horde_Share_Object | Kronolith_Resource_Base | The share to update. |
| 리턴 | array | A list of error messages. |
public static function readPermsForm($share)
{
$auth = $GLOBALS['injector']->getInstance('Horde_Core_Factory_Auth')->create();
$perm = $share->getPermission();
$errors = array();
if ($GLOBALS['conf']['share']['notify']) {
$identity = $GLOBALS['injector']->getInstance('Horde_Core_Factory_Identity')->create();
$mail = new Horde_Mime_Mail(array('From' => $identity->getDefaultFromAddress(true), 'User-Agent' => 'Kronolith ' . $GLOBALS['registry']->getVersion()));
$image = self::getImagePart('big_share.png');
$view = new Horde_View(array('templatePath' => KRONOLITH_TEMPLATES . '/share'));
new Horde_View_Helper_Text($view);
$view->identity = $identity;
$view->calendar = $share->get('name');
$view->imageId = $image->getContentId();
}
// Process owner and owner permissions.
if (!$share instanceof Kronolith_Resource_Base) {
$old_owner = $share->get('owner');
if ($old_owner) {
$new_owner_backend = Horde_Util::getFormData('owner_select', Horde_Util::getFormData('owner_input', $old_owner));
$new_owner = $GLOBALS['registry']->convertUsername($new_owner_backend, true);
} else {
$new_owner_backend = $new_owner = null;
}
// Only set new owner if this isn't a system calendar, and the
// owner actually changed and the new owner is set at all.
if (!is_null($old_owner) && $old_owner !== $new_owner && !empty($new_owner)) {
if ($old_owner != $GLOBALS['registry']->getAuth() && !$GLOBALS['registry']->isAdmin()) {
$errors[] = _("Only the owner or system administrator may change ownership or owner permissions for a share");
} elseif ($auth->hasCapability('list') && !$auth->exists($new_owner_backend)) {
$errors[] = sprintf(_("The user \"%s\" does not exist."), $new_owner_backend);
} else {
$share->set('owner', $new_owner);
$share->save();
if ($GLOBALS['conf']['share']['notify']) {
$view->ownerChange = true;
$multipart = self::buildMimeMessage($view, 'notification', $image);
$to = $GLOBALS['injector']->getInstance('Horde_Core_Factory_Identity')->create($new_owner)->getDefaultFromAddress(true);
$mail->addHeader('Subject', _("Ownership assignment"));
$mail->addHeader('To', $to);
$mail->setBasePart($multipart);
$mail->send($GLOBALS['injector']->getInstance('Horde_Mail'));
$view->ownerChange = false;
}
}
}
}
if ($GLOBALS['conf']['share']['notify']) {
if ($GLOBALS['conf']['share']['hidden']) {
$view->subscribe = Horde::url('calendars/subscribe.php', true)->add('calendar', $share->getName());
}
$multipart = self::buildMimeMessage($view, 'notification', $image);
}
if ($GLOBALS['registry']->isAdmin() || !empty($GLOBALS['conf']['share']['world'])) {
// Process default permissions.
if (Horde_Util::getFormData('default_show')) {
$perm->addDefaultPermission(Horde_Perms::SHOW, false);
} else {
$perm->removeDefaultPermission(Horde_Perms::SHOW, false);
}
if (Horde_Util::getFormData('default_read')) {
$perm->addDefaultPermission(Horde_Perms::READ, false);
} else {
$perm->removeDefaultPermission(Horde_Perms::READ, false);
}
if (Horde_Util::getFormData('default_edit')) {
$perm->addDefaultPermission(Horde_Perms::EDIT, false);
} else {
$perm->removeDefaultPermission(Horde_Perms::EDIT, false);
}
if (Horde_Util::getFormData('default_delete')) {
$perm->addDefaultPermission(Horde_Perms::DELETE, false);
} else {
$perm->removeDefaultPermission(Horde_Perms::DELETE, false);
}
if (Horde_Util::getFormData('default_delegate')) {
$perm->addDefaultPermission(self::PERMS_DELEGATE, false);
} else {
$perm->removeDefaultPermission(self::PERMS_DELEGATE, false);
}
// Process guest permissions.
if (Horde_Util::getFormData('guest_show')) {
$perm->addGuestPermission(Horde_Perms::SHOW, false);
} else {
$perm->removeGuestPermission(Horde_Perms::SHOW, false);
}
if (Horde_Util::getFormData('guest_read')) {
$perm->addGuestPermission(Horde_Perms::READ, false);
} else {
$perm->removeGuestPermission(Horde_Perms::READ, false);
}
if (Horde_Util::getFormData('guest_edit')) {
$perm->addGuestPermission(Horde_Perms::EDIT, false);
} else {
$perm->removeGuestPermission(Horde_Perms::EDIT, false);
}
if (Horde_Util::getFormData('guest_delete')) {
$perm->addGuestPermission(Horde_Perms::DELETE, false);
} else {
$perm->removeGuestPermission(Horde_Perms::DELETE, false);
}
if (Horde_Util::getFormData('guest_delegate')) {
$perm->addGuestPermission(self::PERMS_DELEGATE, false);
} else {
$perm->removeGuestPermission(self::PERMS_DELEGATE, false);
}
// Process creator permissions.
if (Horde_Util::getFormData('creator_show')) {
$perm->addCreatorPermission(Horde_Perms::SHOW, false);
} else {
$perm->removeCreatorPermission(Horde_Perms::SHOW, false);
}
if (Horde_Util::getFormData('creator_read')) {
$perm->addCreatorPermission(Horde_Perms::READ, false);
} else {
$perm->removeCreatorPermission(Horde_Perms::READ, false);
}
if (Horde_Util::getFormData('creator_edit')) {
$perm->addCreatorPermission(Horde_Perms::EDIT, false);
} else {
$perm->removeCreatorPermission(Horde_Perms::EDIT, false);
}
if (Horde_Util::getFormData('creator_delete')) {
$perm->addCreatorPermission(Horde_Perms::DELETE, false);
} else {
$perm->removeCreatorPermission(Horde_Perms::DELETE, false);
}
if (Horde_Util::getFormData('creator_delegate')) {
$perm->addCreatorPermission(self::PERMS_DELEGATE, false);
} else {
$perm->removeCreatorPermission(self::PERMS_DELEGATE, false);
}
}
// Process user permissions.
$u_names = Horde_Util::getFormData('u_names');
$u_show = Horde_Util::getFormData('u_show');
$u_read = Horde_Util::getFormData('u_read');
$u_edit = Horde_Util::getFormData('u_edit');
$u_delete = Horde_Util::getFormData('u_delete');
$u_delegate = Horde_Util::getFormData('u_delegate');
$current = $perm->getUserPermissions();
if ($GLOBALS['conf']['share']['notify']) {
$mail->addHeader('Subject', _("Access permissions"));
}
$perm->removeUserPermission(null, null, false);
foreach ($u_names as $key => $user_backend) {
// Apply backend hooks
$user = $GLOBALS['registry']->convertUsername($user_backend, true);
// If the user is empty, or we've already set permissions
// via the owner_ options, don't do anything here.
if (empty($user) || !$share instanceof Kronolith_Resource_Base && $user == $new_owner) {
continue;
}
if ($auth->hasCapability('list') && !$auth->exists($user_backend)) {
$errors[] = sprintf(_("The user \"%s\" does not exist."), $user_backend);
continue;
}
$has_perms = false;
if (!empty($u_show[$key])) {
$perm->addUserPermission($user, Horde_Perms::SHOW, false);
$has_perms = true;
}
if (!empty($u_read[$key])) {
$perm->addUserPermission($user, Horde_Perms::READ, false);
$has_perms = true;
}
if (!empty($u_edit[$key])) {
$perm->addUserPermission($user, Horde_Perms::EDIT, false);
$has_perms = true;
}
if (!empty($u_delete[$key])) {
$perm->addUserPermission($user, Horde_Perms::DELETE, false);
$has_perms = true;
}
if (!empty($u_delegate[$key])) {
$perm->addUserPermission($user, self::PERMS_DELEGATE, false);
$has_perms = true;
}
// Notify users that have been added.
if ($GLOBALS['conf']['share']['notify'] && !isset($current[$user]) && $has_perms) {
$to = $GLOBALS['injector']->getInstance('Horde_Core_Factory_Identity')->create($user)->getDefaultFromAddress(true);
$mail->addHeader('To', $to);
$mail->setBasePart($multipart);
$mail->send($GLOBALS['injector']->getInstance('Horde_Mail'));
}
}
// Process group permissions.
$g_names = Horde_Util::getFormData('g_names');
$g_show = Horde_Util::getFormData('g_show');
$g_read = Horde_Util::getFormData('g_read');
$g_edit = Horde_Util::getFormData('g_edit');
$g_delete = Horde_Util::getFormData('g_delete');
$g_delegate = Horde_Util::getFormData('g_delegate');
$current = $perm->getGroupPermissions();
$perm->removeGroupPermission(null, null, false);
foreach ($g_names as $key => $group) {
if (empty($group)) {
continue;
}
$has_perms = false;
if (!empty($g_show[$key])) {
$perm->addGroupPermission($group, Horde_Perms::SHOW, false);
$has_perms = true;
}
if (!empty($g_read[$key])) {
$perm->addGroupPermission($group, Horde_Perms::READ, false);
$has_perms = true;
}
if (!empty($g_edit[$key])) {
$perm->addGroupPermission($group, Horde_Perms::EDIT, false);
$has_perms = true;
}
if (!empty($g_delete[$key])) {
$perm->addGroupPermission($group, Horde_Perms::DELETE, false);
$has_perms = true;
}
if (!empty($g_delegate[$key])) {
$perm->addGroupPermission($group, self::PERMS_DELEGATE, false);
$has_perms = true;
}
// Notify users that have been added.
if ($GLOBALS['conf']['share']['notify'] && !isset($current[$group]) && $has_perms) {
$groupOb = $GLOBALS['injector']->getInstance('Horde_Group')->getData($group);
if (!empty($groupOb['email'])) {
$mail->addHeader('To', $groupOb['name'] . ' <' . $groupOb['email'] . '>');
$mail->setBasePart($multipart);
$mail->send($GLOBALS['injector']->getInstance('Horde_Mail'));
}
}
}
try {
$share->setPermission($perm);
} catch (Horde_Share_Exception $e) {
throw new Kronolith_Exception($e);
}
return $errors;
} /**
* TODO
*/
public function saveCalendar()
{
global $calendar_manager, $injector, $notification, $prefs, $registry, $session;
$calendar_id = $this->vars->calendar;
$result = new stdClass();
switch ($this->vars->type) {
case 'internal':
$info = array();
foreach (array('name', 'color', 'description', 'tags', 'system') as $key) {
$info[$key] = $this->vars->{$key};
}
// Create a calendar.
if (!$calendar_id) {
if (!$registry->getAuth() || $prefs->isLocked('default_share')) {
return $result;
}
try {
$calendar = Kronolith::addShare($info);
Kronolith::readPermsForm($calendar);
if ($calendar->hasPermission($registry->getAuth(), Horde_Perms::SHOW)) {
$wrapper = new Kronolith_Calendar_Internal(array('share' => $calendar));
$result->saved = true;
$result->id = $calendar->getName();
$result->calendar = $wrapper->toHash();
}
} catch (Exception $e) {
$notification->push($e, 'horde.error');
return $result;
}
$notification->push(sprintf(_("The calendar \"%s\" has been created."), $info['name']), 'horde.success');
break;
}
// Update a calendar.
try {
$calendar = $injector->getInstance('Kronolith_Shares')->getShare($calendar_id);
$original_name = $calendar->get('name');
$original_owner = $calendar->get('owner');
Kronolith::updateShare($calendar, $info);
Kronolith::readPermsForm($calendar);
if (!$info['system'] && $calendar->get('owner') != $original_owner || $info['system'] && !is_null($original_owner)) {
$result->deleted = true;
}
if ($calendar->hasPermission($registry->getAuth(), Horde_Perms::SHOW) || is_null($calendar->get('owner')) && $registry->isAdmin()) {
$wrapper = new Kronolith_Calendar_Internal(array('share' => $calendar));
$result->saved = true;
$result->id = $calendar->getName();
$result->calendar = $wrapper->toHash();
}
} catch (Exception $e) {
$notification->push($e, 'horde.error');
return $result;
}
if ($calendar->get('name') != $original_name) {
$notification->push(sprintf(_("The calendar \"%s\" has been renamed to \"%s\"."), $original_name, $calendar->get('name')), 'horde.success');
} else {
$notification->push(sprintf(_("The calendar \"%s\" has been saved."), $original_name), 'horde.success');
}
break;
case 'tasklists':
$calendar = array();
foreach (array('name', 'color', 'description') as $key) {
$calendar[$key] = $this->vars->{$key};
}
// Create a task list.
if (!$calendar_id) {
if (!$registry->getAuth() || $prefs->isLocked('default_share')) {
return $result;
}
try {
$tasklistId = $registry->tasks->addTasklist($calendar['name'], $calendar['description'], $calendar['color']);
$tasklists = $registry->tasks->listTasklists(true);
if (!isset($tasklists[$tasklistId])) {
$notification->push(_("Added task list not found."), 'horde.error');
return $result;
}
$tasklist = $tasklists[$tasklistId];
Kronolith::readPermsForm($tasklist);
if ($tasklist->hasPermission($registry->getAuth(), Horde_Perms::SHOW)) {
$wrapper = new Kronolith_Calendar_External_Tasks(array('api' => 'tasks', 'name' => $tasklistId, 'share' => $tasklist));
// Update external calendars caches.
$all_external = $session->get('kronolith', 'all_external_calendars');
$all_external[] = array('a' => 'tasks', 'n' => $tasklistId, 'd' => $tasklist->get('name'));
$session->set('kronolith', 'all_external_calendars', $all_external);
$display_external = $calendar_manager->get(Kronolith::DISPLAY_EXTERNAL_CALENDARS);
$display_external[] = 'tasks/' . $tasklistId;
$calendar_manager->set(Kronolith::DISPLAY_EXTERNAL_CALENDARS, $display_external);
$prefs->setValue('display_external_cals', serialize($display_external));
$all_external = $calendar_manager->get(Kronolith::ALL_EXTERNAL_CALENDARS);
$all_external['tasks/' . $tasklistId] = $wrapper;
$calendar_manager->set(Kronolith::ALL_EXTERNAL_CALENDARS, $all_external);
$result->saved = true;
$result->id = 'tasks/' . $tasklistId;
$result->calendar = $wrapper->toHash();
}
} catch (Exception $e) {
$notification->push($e, 'horde.error');
return $result;
}
$notification->push(sprintf(_("The task list \"%s\" has been created."), $calendar['name']), 'horde.success');
break;
}
// Update a task list.
$calendar_id = substr($calendar_id, 6);
try {
$registry->tasks->updateTasklist($calendar_id, $calendar);
$tasklists = $registry->tasks->listTasklists(true, Horde_Perms::EDIT);
$tasklist = $tasklists[$calendar_id];
$original_owner = $tasklist->get('owner');
Kronolith::readPermsForm($tasklist);
if ($tasklist->get('owner') != $original_owner) {
$result->deleted = true;
}
if ($tasklist->hasPermission($registry->getAuth(), Horde_Perms::SHOW)) {
$wrapper = new Kronolith_Calendar_External_Tasks(array('api' => 'tasks', 'name' => $calendar_id, 'share' => $tasklist));
$result->saved = true;
$result->calendar = $wrapper->toHash();
}
} catch (Exception $e) {
$notification->push($e, 'horde.error');
return $result;
}
if ($tasklist->get('name') != $calendar['name']) {
$notification->push(sprintf(_("The task list \"%s\" has been renamed to \"%s\"."), $tasklist->get('name'), $calendar['name']), 'horde.success');
} else {
$notification->push(sprintf(_("The task list \"%s\" has been saved."), $tasklist->get('name')), 'horde.success');
}
break;
case 'remote':
$calendar = array();
foreach (array('name', 'desc', 'url', 'color', 'user', 'password') as $key) {
$calendar[$key] = $this->vars->{$key};
}
try {
Kronolith::subscribeRemoteCalendar($calendar, $calendar_id);
} catch (Exception $e) {
$notification->push($e, 'horde.error');
return $result;
}
if ($calendar_id) {
$notification->push(sprintf(_("The calendar \"%s\" has been saved."), $calendar['name']), 'horde.success');
} else {
$notification->push(sprintf(_("You have been subscribed to \"%s\" (%s)."), $calendar['name'], $calendar['url']), 'horde.success');
$result->id = $calendar['url'];
}
$wrapper = new Kronolith_Calendar_Remote($calendar);
$result->saved = true;
$result->calendar = $wrapper->toHash();
break;
case 'resource':
foreach (array('name', 'desc', 'response_type') as $key) {
$info[$key] = $this->vars->{$key};
}
if (!$calendar_id) {
// New resource
if (!$registry->isAdmin() && !$injector->getInstance('Horde_Core_Perms')->hasAppPermission('resource_management')) {
$notification->push(_("You are not allowed to create new resources."), 'horde.error');
return $result;
}
$resource = Kronolith_Resource::addResource($info);
Kronolith::readPermsForm($resource);
$resource->save();
} else {
try {
$rdriver = Kronolith::getDriver('Resource');
$resource = $rdriver->getResource($rdriver->getResourceIdByCalendar($calendar_id));
if (!$resource->hasPermission($registry->getAuth(), Horde_Perms::EDIT)) {
$notification->push(_("You are not allowed to edit this resource."), 'horde.error');
return $result;
}
foreach (array('name', 'desc', 'response_type', 'email') as $key) {
$resource->set($key, $this->vars->{$key});
}
Kronolith::readPermsForm($resource);
$resource->save();
} catch (Kronolith_Exception $e) {
$notification->push($e->getMessage(), 'horde.error');
return $result;
}
}
$wrapper = new Kronolith_Calendar_Resource(array('resource' => $resource));
$result->calendar = $wrapper->toHash();
$result->saved = true;
$result->id = $resource->get('calendar');
$notification->push(sprintf(_("The resource \"%s\" has been saved."), $resource->get('name'), 'horde.success'));
break;
case 'resourcegroup':
$info = array('group' => true);
foreach (array('name', 'desc', 'members') as $key) {
$info[$key] = $this->vars->{$key};
}
if (empty($calendar_id)) {
// New resource group.
$resource = Kronolith_Resource::addResource($info);
} else {
$driver = Kronolith::getDriver('Resource');
$resource = $driver->getResource($calendar_id);
$resource->set('name', $this->vars->name);
$resource->set('desc', $this->vars->description);
$resource->set('members', $this->vars->members);
$resource->save();
}
$wrapper = new Kronolith_Calendar_ResourceGroup(array('resource' => $resource));
$result->calendar = $wrapper->toHash();
$result->saved = true;
$result->id = $resource->get('calendar');
$notification->push(sprintf(_("The resource group \"%s\" has been saved."), $resource->get('name'), 'horde.success'));
break;
}
return $result;
}
