From: Michael M Slusarz Date: Thu, 11 Feb 2010 20:56:29 +0000 (-0700) Subject: Use Horde_Injector to instantiate Horde_Perms X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=9f529bff639f1cafde6bae97fa3d6c7ee0112bce;p=horde.git Use Horde_Injector to instantiate Horde_Perms Resource savings - many pages don't need permissions checking, so only create Perms object if needed. --- diff --git a/agora/lib/Messages.php b/agora/lib/Messages.php index 79f7211ca..180147c29 100644 --- a/agora/lib/Messages.php +++ b/agora/lib/Messages.php @@ -1111,8 +1111,8 @@ class Agora_Messages { /* Check permissions */ if (Horde_Auth::isAdmin('agora:admin') || - ($GLOBALS['perms']->exists('agora:forums:' . $this->_scope) && - $GLOBALS['perms']->hasPermission('agora:forums:' . $this->_scope, Horde_Auth::getAuth(), Horde_Perms::DELETE))) { + ($GLOBALS['injector']->getInstance('Horde_Perms')->exists('agora:forums:' . $this->_scope) && + $GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission('agora:forums:' . $this->_scope, Horde_Auth::getAuth(), Horde_Perms::DELETE))) { $sql .= ' AND scope = ? '; $params[] = $this->_scope; } else { @@ -1164,11 +1164,11 @@ class Agora_Messages { public function getBanned() { $perm_name = 'agora:forums:' . $this->_scope . ':' . $this->_forum_id; - if (!$GLOBALS['perms']->exists($perm_name)) { + if (!$GLOBALS['injector']->getInstance('Horde_Perms')->exists($perm_name)) { return array(); } - $forum_perm = $GLOBALS['perms']->getPermission($perm_name); + $forum_perm = $GLOBALS['injector']->getInstance('Horde_Perms')->getPermission($perm_name); if (!($forum_perm instanceof Horde_Perms_Permission)) { return $forum_perm; } @@ -1198,15 +1198,14 @@ class Agora_Messages { */ public function updateBan($user, $forum_id = null, $action = 'add') { - global $perms; - if ($forum_id == null) { $forum_id = $this->_forum_id; } + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); $perm_name = 'agora:forums:' . $this->_scope . ':' . $forum_id; if (!$perms->exists($perm_name)) { - $forum_perm = &$perms->newPermission($perm_name); + $forum_perm = $perms->newPermission($perm_name); $perms->addPermission($forum_perm); } else { $forum_perm = $perms->getPermission($perm_name); @@ -1236,8 +1235,6 @@ class Agora_Messages { */ public function updateModerator($moderator, $forum_id = null, $action = 'add') { - global $perms; - if ($forum_id == null) { $forum_id = $this->_forum_id; } @@ -1265,8 +1262,9 @@ class Agora_Messages { /* Update permissions*/ $perm_name = 'agora:forums:' . $this->_scope . ':' . $forum_id; + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); if (!$perms->exists($perm_name)) { - $forum_perm = &$perms->newPermission($perm_name); + $forum_perm = $perms->newPermission($perm_name); $perms->addPermission($forum_perm); } else { $forum_perm = $perms->getPermission($perm_name); @@ -2170,8 +2168,6 @@ class Agora_Messages { */ public function hasPermission($perm = Horde_Perms::READ, $forum_id = null, $scope = null) { - global $perms; - // Allow all admins if (($forum_id === null && isset($this->_forum['author']) && $this->_forum['author'] == Horde_Auth::getAuth()) || Horde_Auth::isAdmin('agora:admin')) { @@ -2187,6 +2183,7 @@ class Agora_Messages { $scope = $this->_scope; } + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); if (!$perms->exists('agora:forums:' . $scope) && !$perms->exists('agora:forums:' . $scope . ':' . $forum_id)) { return ($perm & Horde_Perms::DELETE) ? false : true; diff --git a/ansel/gallery.php b/ansel/gallery.php index 599beddf6..fa57ed933 100644 --- a/ansel/gallery.php +++ b/ansel/gallery.php @@ -122,8 +122,8 @@ case 'modify': case 'save': // Check general permissions. if (!Horde_Auth::isAdmin() && - ($GLOBALS['perms']->exists('ansel') && - !$GLOBALS['perms']->hasPermission('ansel', Horde_Auth::getAuth(), Horde_Perms::EDIT))) { + ($GLOBALS['injector']->getInstance('Horde_Perms')->exists('ansel') && + !$GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission('ansel', Horde_Auth::getAuth(), Horde_Perms::EDIT))) { $notification->push(_("Access denied editing galleries."), 'horde.error'); header('Location: ' . Horde::applicationUrl('view.php?view=List', true)); exit; diff --git a/ansel/lib/Ansel.php b/ansel/lib/Ansel.php index ac209311c..7957125ec 100644 --- a/ansel/lib/Ansel.php +++ b/ansel/lib/Ansel.php @@ -639,8 +639,8 @@ class Ansel /* Let authenticated users create new galleries. */ if (Horde_Auth::isAdmin() || - (!$GLOBALS['perms']->exists('ansel') && Horde_Auth::getAuth()) || - $GLOBALS['perms']->hasPermission('ansel', Horde_Auth::getAuth(), Horde_Perms::EDIT)) { + (!$GLOBALS['injector']->getInstance('Horde_Perms')->exists('ansel') && Horde_Auth::getAuth()) || + $GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission('ansel', Horde_Auth::getAuth(), Horde_Perms::EDIT)) { $menu->add(Horde::applicationUrl(Horde_Util::addParameter('gallery.php', 'actionID', 'add')), _("_New Gallery"), 'add.png', null, null, null, (basename($_SERVER['PHP_SELF']) == 'gallery.php' && diff --git a/ansel/lib/Api.php b/ansel/lib/Api.php index 15375000c..59cfada55 100644 --- a/ansel/lib/Api.php +++ b/ansel/lib/Api.php @@ -410,7 +410,7 @@ class Ansel_Api extends Horde_Registry_Api public function removeImage($app = null, $gallery_id, $image_id) { /* Check global Ansel permissions */ - if (!($GLOBALS['perms']->getPermissions('ansel'))) { + if (!$GLOBALS['injector']->getInstance('Horde_Perms')->getPermissions('ansel')) { return PEAR::raiseError(_("Access denied deleting galleries.")); } @@ -450,8 +450,8 @@ class Ansel_Api extends Horde_Registry_Api public function createGallery($app = null, $attributes = array(), $perm = null, $parent = null) { if (!(Horde_Auth::isAdmin() || - (!$GLOBALS['perms']->exists('ansel') && Horde_Auth::getAuth()) || - $GLOBALS['perms']->hasPermission('ansel', Horde_Auth::getAuth(), Horde_Perms::EDIT))) { + (!$GLOBALS['injector']->getInstance('Horde_Perms')->exists('ansel') && Horde_Auth::getAuth()) || + $GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission('ansel', Horde_Auth::getAuth(), Horde_Perms::EDIT))) { return PEAR::raiseError(_("Access denied creating new galleries.")); } @@ -486,7 +486,7 @@ class Ansel_Api extends Horde_Registry_Api public function removeGallery($app = null, $gallery_id) { /* Check global Ansel permissions */ - if (!($GLOBALS['perms']->getPermissions('ansel'))) { + if (!$GLOBALS['injector']->getInstance('Horde_Perms')->getPermissions('ansel')) { return PEAR::raiseError(_("Access denied deleting galleries.")); } diff --git a/ansel/lib/Gallery.php b/ansel/lib/Gallery.php index f5ccadae4..50432169c 100644 --- a/ansel/lib/Gallery.php +++ b/ansel/lib/Gallery.php @@ -739,8 +739,7 @@ class Ansel_Gallery extends Horde_Share_Object_sql_hierarchical } - return $GLOBALS['perms']->hasPermission($this->getPermission(), - $userid, $permission, $creator); + return $GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission($this->getPermission(), $userid, $permission, $creator); } /** diff --git a/ansel/lib/Report.php b/ansel/lib/Report.php index 0a8a4b518..d9e59233d 100644 --- a/ansel/lib/Report.php +++ b/ansel/lib/Report.php @@ -65,11 +65,11 @@ class Ansel_Report { { $name = $GLOBALS['registry']->getApp() . ':admin'; - if ($GLOBALS['perms']->exists($name)) { + if ($GLOBALS['injector']->getInstance('Horde_Perms')->exists($name)) { return array(); } - $permission = $GLOBALS['perms']->getPermission($name); + $permission = $GLOBALS['injector']->getInstance('Horde_Perms')->getPermission($name); return $permission->getUserPermissions(PERM_DELETE); } diff --git a/babel/lib/Babel.php b/babel/lib/Babel.php index 6e58726ba..bc76ceca7 100644 --- a/babel/lib/Babel.php +++ b/babel/lib/Babel.php @@ -162,10 +162,9 @@ class Babel { */ function hasPermission($permission, $filter = null, $perm = null) { - global $perms; - $userId = Horde_Auth::getAuth(); $admin = ($userId == 'admin') ? true : false; + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); if ($admin || !$perms->exists('babel:' . $permission)) { return true; diff --git a/beatnik/lib/Beatnik.php b/beatnik/lib/Beatnik.php index 9553507bf..5e412a30d 100644 --- a/beatnik/lib/Beatnik.php +++ b/beatnik/lib/Beatnik.php @@ -457,10 +457,10 @@ class Beatnik { $user = 0; $superadmin = 0; - $superadmin = $GLOBALS['perms']->hasPermission('beatnik:domains', Horde_Auth::getAuth(), $permmask); + $superadmin = $GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission('beatnik:domains', Horde_Auth::getAuth(), $permmask); while ($numparents >= 0) { - $tmpuser = $GLOBALS['perms']->hasPermission($permname, Horde_Auth::getAuth(), $permmask); + $tmpuser = $GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission($permname, Horde_Auth::getAuth(), $permmask); $user = $user | $tmpuser; if ($numparents > 0) { diff --git a/beatnik/lib/Driver.php b/beatnik/lib/Driver.php index ccfcf2a03..f3e4bf552 100644 --- a/beatnik/lib/Driver.php +++ b/beatnik/lib/Driver.php @@ -65,9 +65,9 @@ class Beatnik_Driver { } if (!Horde_Auth::isAdmin() && - !$GLOBALS['perms']->hasPermission('beatnik:domains', Horde_Auth::getAuth(), $perms)) { + !$GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission('beatnik:domains', Horde_Auth::getAuth(), $perms)) { foreach ($domains as $id => $domain) { - if (!$GLOBALS['perms']->hasPermission('beatnik:domains:' . $domain['zonename'], Horde_Auth::getAuth(), $perms)) { + if (!$GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission('beatnik:domains:' . $domain['zonename'], Horde_Auth::getAuth(), $perms)) { unset($domains[$id]); } } diff --git a/chora/lib/Chora.php b/chora/lib/Chora.php index 446bd616c..3caf089a3 100644 --- a/chora/lib/Chora.php +++ b/chora/lib/Chora.php @@ -167,8 +167,8 @@ class Chora */ static public function checkPerms($key) { - return (!$GLOBALS['perms']->exists('chora:sourceroots:' . $key) || - $GLOBALS['perms']->hasPermission('chora:sourceroots:' . $key, Horde_Auth::getAuth(), Horde_Perms::READ | Horde_Perms::SHOW)); + return (!$GLOBALS['injector']->getInstance('Horde_Perms')->exists('chora:sourceroots:' . $key) || + $GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission('chora:sourceroots:' . $key, Horde_Auth::getAuth(), Horde_Perms::READ | Horde_Perms::SHOW)); } /** diff --git a/folks/lib/Friends.php b/folks/lib/Friends.php index ad0e3a920..9144b5cea 100644 --- a/folks/lib/Friends.php +++ b/folks/lib/Friends.php @@ -519,11 +519,11 @@ class Folks_Friends { */ private function _getAdmins() { - if (!$GLOBALS['perms']->exists('folks:admin')) { + if (!$GLOBALS['injector']->getInstance('Horde_Perms')->exists('folks:admin')) { return array(); } - $permission = $GLOBALS['perms']->getPermission('folks:admin'); + $permission = $GLOBALS['injector']->getInstance('Horde_Perms')->getPermission('folks:admin'); return array_merge($permission->getUserPermissions(PERM_DELETE), $GLOBALS['conf']['auth']['admins']); diff --git a/folks/lib/Notification.php b/folks/lib/Notification.php index ee7a72cc9..b78d18f39 100644 --- a/folks/lib/Notification.php +++ b/folks/lib/Notification.php @@ -164,8 +164,8 @@ class Folks_Notification { { $name = $GLOBALS['registry']->getApp() . ':admin'; - if ($GLOBALS['perms']->exists($name)) { - $permission = $GLOBALS['perms']->getPermission($name); + if ($GLOBALS['injector']->getInstance('Horde_Perms')->exists($name)) { + $permission = $GLOBALS['injector']->getInstance('Horde_Perms')->getPermission($name); if ($permission instanceof PEAR_Error) { return $permission; } else { diff --git a/framework/Auth/lib/Horde/Auth.php b/framework/Auth/lib/Horde/Auth.php index 85eadb97d..04b9666bd 100644 --- a/framework/Auth/lib/Horde/Auth.php +++ b/framework/Auth/lib/Horde/Auth.php @@ -854,7 +854,7 @@ class Horde_Auth if (is_null($permlevel)) { $permlevel = Horde_Perms::EDIT; } - return $GLOBALS['perms']->hasPermission($permission, $user, $permlevel); + return $GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission($permission, $user, $permlevel); } return false; diff --git a/framework/Core/lib/Horde.php b/framework/Core/lib/Horde.php index f1b385086..1b7aaf1dd 100644 --- a/framework/Core/lib/Horde.php +++ b/framework/Core/lib/Horde.php @@ -2089,7 +2089,7 @@ HTML; */ static public function hasPermission($permission) { - global $perms; + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); if (!$perms->exists('horde:' . $permission)) { return true; diff --git a/framework/Core/lib/Horde/Registry.php b/framework/Core/lib/Horde/Registry.php index e5366caac..0160213c5 100644 --- a/framework/Core/lib/Horde/Registry.php +++ b/framework/Core/lib/Horde/Registry.php @@ -314,9 +314,6 @@ class Horde_Registry throw new Horde_Exception(_("This system is currently deactivated.")); } - /* Create the global permissions object. */ - $GLOBALS['perms'] = $injector->getInstance('Horde_Perms'); - /* Initialize notification object. Always attach status listener by * default. */ $GLOBALS['notification'] = Horde_Notification::singleton(); @@ -1155,8 +1152,8 @@ class Horde_Registry /* Otherwise, allow access for admins, for apps that do not have any * explicit permissions, or for apps that allow the given permission. */ return Horde_Auth::isAdmin() || - !$GLOBALS['perms']->exists($app) || - $GLOBALS['perms']->hasPermission($app, Horde_Auth::getAuth(), $perms); + !$GLOBALS['injector']->getInstance('Horde_Perms')->exists($app) || + $GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission($app, Horde_Auth::getAuth(), $perms); } /** diff --git a/framework/Prefs/lib/Horde/Prefs/Ui.php b/framework/Prefs/lib/Horde/Prefs/Ui.php index 839309914..34dd3c9ff 100644 --- a/framework/Prefs/lib/Horde/Prefs/Ui.php +++ b/framework/Prefs/lib/Horde/Prefs/Ui.php @@ -292,7 +292,7 @@ class Horde_Prefs_Ui static public function generateHeader($app, $prefGroups = null, $group = null, $chunk = false) { - global $notification, $perms, $prefs, $registry; + global $notification, $prefs, $registry; $title = _("User Options"); if ($group == 'identities' && !$prefs->isLocked('default_identity')) { diff --git a/framework/Share/Share.php b/framework/Share/Share.php index ca977f280..70addd92d 100644 --- a/framework/Share/Share.php +++ b/framework/Share/Share.php @@ -485,7 +485,7 @@ class Horde_Share { } $perm = $share->getPermission(); - return $GLOBALS['perms']->getPermissions($perm, $user); + return $GLOBALS['injector']->getInstance('Horde_Perms')->getPermissions($perm, $user); } /** diff --git a/framework/Share/Share/datatree.php b/framework/Share/Share/datatree.php index d9a1492dc..282366d9e 100644 --- a/framework/Share/Share/datatree.php +++ b/framework/Share/Share/datatree.php @@ -438,8 +438,7 @@ class Horde_Share_Object_datatree extends Horde_Share_Object { return true; } - return $GLOBALS['perms']->hasPermission($this->getPermission(), - $userid, $permission, $creator); + return $GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission($this->getPermission(), $userid, $permission, $creator); } /** diff --git a/framework/Share/Share/sql.php b/framework/Share/Share/sql.php index b146e3eaa..b873899da 100644 --- a/framework/Share/Share/sql.php +++ b/framework/Share/Share/sql.php @@ -1149,8 +1149,7 @@ class Horde_Share_Object_sql extends Horde_Share_Object { return true; } - return $GLOBALS['perms']->hasPermission($this->getPermission(), - $userid, $permission, $creator); + return $GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission($this->getPermission(), $userid, $permission, $creator); } /** diff --git a/framework/Share/tests/kolab_createdefault.phpt b/framework/Share/tests/kolab_createdefault.phpt index 4332ae640..dcb5270fe 100644 --- a/framework/Share/tests/kolab_createdefault.phpt +++ b/framework/Share/tests/kolab_createdefault.phpt @@ -14,10 +14,10 @@ $test->assertTrue($world['auth']->authenticate('wrobel@example.org', $test->prepareNewFolder($world['storage'], 'Contacts', 'contact', true); require_once dirname(__FILE__) . '/../Share.php'; - + $shares = Horde_Share::singleton('kronolith', 'kolab'); -class Perms_mock +class Perms_mock { function &newPermission($name) { $perms = array( diff --git a/gollem/lib/Gollem.php b/gollem/lib/Gollem.php index 13f089c3c..d8712c44c 100644 --- a/gollem/lib/Gollem.php +++ b/gollem/lib/Gollem.php @@ -649,8 +649,8 @@ class Gollem switch ($filter) { case 'backend': $backendTag = 'gollem:backends:' . $backend; - return (!$GLOBALS['perms']->exists($backendTag) || - $GLOBALS['perms']->hasPermission($backendTag, $userID, $permission)); + return (!$GLOBALS['injector']->getInstance('Horde_Perms')->exists($backendTag) || + $GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission($backendTag, $userID, $permission)); } return false; @@ -902,7 +902,7 @@ class Gollem if ($perms != 'all') { foreach (array_keys($backends) as $key) { - $exists = $GLOBALS['perms']->exists('gollem:backends:' . $key); + $exists = $GLOBALS['injector']->getInstance('Horde_Perms')->exists('gollem:backends:' . $key); /* Don't list if the perms don't exist for this backend and we * want backends with perms only OR if the perms exist for * this backend and we only want backends which have none. */ diff --git a/gollem/permissions.php b/gollem/permissions.php index d5ac801af..e1b9193c3 100644 --- a/gollem/permissions.php +++ b/gollem/permissions.php @@ -30,11 +30,13 @@ if (!Gollem::getBackends('all')) { $key = Horde_Util::getFormData('backend', Gollem::getPreferredBackend()); $app = $registry->getApp(); $backendTag = $app . ':backends:' . $key; +$perms = $GLOBALS['injector']->getInstance('Horde_Perms'); + if ($perms->exists($backendTag)) { $permission = $perms->getPermission($backendTag); $perm_id = $perms->getPermissionId($permission); } else { - $permission =& $perms->newPermission($backendTag); + $permission = $perms->newPermission($backendTag); $result = $perms->addPermission($permission, $app); if ($result instanceof PEAR_Error) { $notification->push(sprintf(_("Unable to create backend permission: %s"), $result->getMessage()), 'horde.error'); diff --git a/horde/admin/perms/addchild.php b/horde/admin/perms/addchild.php index e4b2a364f..bf6d9ef66 100644 --- a/horde/admin/perms/addchild.php +++ b/horde/admin/perms/addchild.php @@ -14,6 +14,7 @@ Horde_Registry::appInit('horde', array('admin' => true)); /* Set up the form variables. */ $vars = Horde_Variables::getDefaultVariables(); +$perms = $GLOBALS['injector']->getInstance('Horde_Perms'); $perm_id = $vars->get('perm_id'); try { @@ -32,12 +33,12 @@ $ui->setupAddForm($permission); if ($ui->validateAddForm($info)) { if ($info['perm_id'] == Horde_Perms::ROOT) { - $child = &$perms->newPermission($info['child']); + $child = $perms->newPermission($info['child']); $result = $perms->addPermission($child); } else { - $pOb = &$perms->getPermissionById($info['perm_id']); + $pOb = $perms->getPermissionById($info['perm_id']); $name = $pOb->getName() . ':' . str_replace(':', '.', $info['child']); - $child = &$perms->newPermission($name); + $child = $perms->newPermission($name); $result = $perms->addPermission($child); } if (is_a($result, 'PEAR_Error')) { diff --git a/horde/admin/perms/delete.php b/horde/admin/perms/delete.php index faa30003f..73ac74451 100644 --- a/horde/admin/perms/delete.php +++ b/horde/admin/perms/delete.php @@ -14,9 +14,10 @@ Horde_Registry::appInit('horde', array('admin' => true)); /* Set up the form variables. */ $vars = Horde_Variables::getDefaultVariables(); +$perms = $GLOBALS['injector']->getInstance('Horde_Perms'); $perm_id = $vars->get('perm_id'); $category = $vars->get('category'); -$permission = &$perms->getPermissionById($perm_id); +$permission = $perms->getPermissionById($perm_id); /* If the permission fetched is an error return to permissions list. */ if (is_a($permission, 'PEAR_Error')) { diff --git a/horde/admin/perms/edit.php b/horde/admin/perms/edit.php index 7931f2279..9a617348d 100644 --- a/horde/admin/perms/edit.php +++ b/horde/admin/perms/edit.php @@ -13,13 +13,14 @@ require_once dirname(__FILE__) . '/../../lib/Application.php'; Horde_Registry::appInit('horde', array('admin' => true)); /* Set up the form variables. */ -$vars = &Horde_Variables::getDefaultVariables(); +$vars = Horde_Variables::getDefaultVariables(); +$perms = $GLOBALS['injector']->getInstance('Horde_Perms'); $perm_id = $vars->get('perm_id'); $category = $vars->get('category'); /* See if we need to (and are supposed to) autocreate the permission. */ if ($category !== null) { - $permission = &$perms->getPermission($category); + $permission = $perms->getPermission($category); if (is_a($permission, 'PEAR_Error') && Horde_Util::getFormData('autocreate')) { /* Check to see if the permission we are copying from exists before we @@ -30,7 +31,7 @@ if ($category !== null) { } $parent = $vars->get('parent'); - $permission = &$perms->newPermission($category); + $permission = $perms->newPermission($category); $result = $perms->addPermission($permission, $parent); if (!is_a($result, 'PEAR_Error')) { $form = 'edit.inc'; @@ -40,7 +41,7 @@ if ($category !== null) { if ($copyFrom) { /* We have autocreated the permission and we have been told to * copy an existing permission for the defaults. */ - $copyFromObj = &$perms->getPermission($copyFrom); + $copyFromObj = $perms->getPermission($copyFrom); $permission->addGuestPermission($copyFromObj->getGuestPermissions(), false); $permission->addDefaultPermission($copyFromObj->getDefaultPermissions(), false); $permission->addCreatorPermission($copyFromObj->getCreatorPermissions(), false); @@ -73,7 +74,7 @@ if ($category !== null) { } $vars->set('perm_id', $perm_id); } else { - $permission = &$perms->getPermissionById($perm_id); + $permission = $perms->getPermissionById($perm_id); } /* If the permission fetched is an error return to the permissions list. */ diff --git a/horde/config/hooks.php.dist b/horde/config/hooks.php.dist index 27311f94b..2a77ebe62 100644 --- a/horde/config/hooks.php.dist +++ b/horde/config/hooks.php.dist @@ -726,8 +726,8 @@ class Horde_Hooks // } // // Update the ACLS -// $perms = $share->getPermission(); -// $users = $perms->getUserPermissions(); +// $perms = $GLOBALS['share']->getPermission(); +// $users = $GLOBALS['injector']->getInstance('Horde_Perms')->getUserPermissions(); // foreach ($users as $user => $perm) { // $acl = Net_IMSP_Utils::permsToACL($perm); // $result = Net_IMSP_Utils::setACL($_SESSION['imsp_config'], $bookName, $user, $acl); diff --git a/horde/lib/Api.php b/horde/lib/Api.php index 501d83a2f..ebbb3b47e 100644 --- a/horde/lib/Api.php +++ b/horde/lib/Api.php @@ -184,7 +184,7 @@ class Horde_Api extends Horde_Registry_Api return PEAR::raiseError(_("You are not allowed to remove user data.")); } - global $conf, $perms; + global $conf; /* Error flag */ $haveError = false; @@ -211,6 +211,7 @@ class Horde_Api extends Horde_Registry_Api } /* Remove the user from all application permissions */ + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); $tree = $perms->getTree(); if (is_a($tree, 'PEAR_Error')) { Horde::logMessage($tree, __FILE__, __LINE__, PEAR_LOG_ERR); diff --git a/horde/lib/Application.php b/horde/lib/Application.php index d661dc906..9e113f530 100644 --- a/horde/lib/Application.php +++ b/horde/lib/Application.php @@ -61,9 +61,10 @@ class Horde_Application extends Horde_Registry_Application $out['initial_application_options'] = array(); $apps = $GLOBALS['registry']->listApps(array('active')); foreach ($apps as $a) { + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); if (file_exists($GLOBALS['registry']->get('fileroot', $a)) && - (($GLOBALS['perms']->exists($a) && ($GLOBALS['perms']->hasPermission($a, Horde_Auth::getAuth(), Horde_Perms::READ) || Horde_Auth::isAdmin())) || - !$GLOBALS['perms']->exists($a))) { + (($perms->exists($a) && ($perms->hasPermission($a, Horde_Auth::getAuth(), Horde_Perms::READ) || Horde_Auth::isAdmin())) || + !$perms->exists($a))) { $out['initial_application_options'][$a] = $GLOBALS['registry']->get('name', $a); } } diff --git a/imp/folders.php b/imp/folders.php index 652bbce02..4edc38881 100644 --- a/imp/folders.php +++ b/imp/folders.php @@ -401,7 +401,7 @@ if ($a_template->get('javascript')) { $a_template->set('go', _("Go")); } -$a_template->set('create_folder', !empty($GLOBALS['conf']['hooks']['permsdenied']) || ($GLOBALS['perms']->hasAppPermission('create_folders') && $GLOBALS['perms']->hasAppPermission('max_folders'))); +$a_template->set('create_folder', !empty($GLOBALS['conf']['hooks']['permsdenied']) || ($GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('create_folders') && $GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('max_folders'))); if ($prefs->getValue('subscribe')) { $a_template->set('subscribe', true); $subToggleText = ($showAll) ? _("Hide Unsubscribed") : _("Show Unsubscribed"); diff --git a/imp/lib/Compose.php b/imp/lib/Compose.php index 1da1b9094..3ed84f8d7 100644 --- a/imp/lib/Compose.php +++ b/imp/lib/Compose.php @@ -761,7 +761,7 @@ class IMP_Compose return; } - $timelimit = $GLOBALS['perms']->hasAppPermission('max_timelimit'); + $timelimit = $GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('max_timelimit'); if ($timelimit !== true) { if ($conf['sentmail']['driver'] == 'none') { Horde::logMessage('The permission for the maximum number of recipients per time period has been enabled, but no backend for the sent-mail logging has been configured for IMP.', __FILE__, __LINE__, PEAR_LOG_ERR); @@ -969,7 +969,7 @@ class IMP_Compose /* Count recipients if necessary. We need to split email groups * because the group members count as separate recipients. */ if ($exceed) { - $max_recipients = $GLOBALS['perms']->hasAppPermission('max_recipients'); + $max_recipients = $GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('max_recipients'); if ($max_recipients !== true) { $num_recipients = 0; foreach ($addrlist as $recipient) { diff --git a/imp/lib/Folder.php b/imp/lib/Folder.php index 61aefdc78..e1d97860c 100644 --- a/imp/lib/Folder.php +++ b/imp/lib/Folder.php @@ -218,7 +218,7 @@ class IMP_Folder global $conf, $notification; /* Check permissions. */ - if (!$GLOBALS['perms']->hasAppPermission('create_folders')) { + if (!$GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('create_folders')) { try { $message = Horde::callHook('perms_denied', array('imp:create_folders')); } catch (Horde_Exception_HookNotSet $e) { @@ -226,11 +226,11 @@ class IMP_Folder } $notification->push($message, 'horde.error', array('content.raw')); return false; - } elseif (!$GLOBALS['perms']->hasAppPermission('max_folders')) { + } elseif (!$GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('max_folders')) { try { $message = Horde::callHook('perms_denied', array('imp:max_folders')); } catch (Horde_Exception_HookNotSet $e) { - $message = @htmlspecialchars(sprintf(_("You are not allowed to create more than %d folders."), $GLOBALS['perms']->hasAppPermission('max_folders', array('opts' => array('value' => true)))), ENT_COMPAT, Horde_Nls::getCharset()); + $message = @htmlspecialchars(sprintf(_("You are not allowed to create more than %d folders."), $GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('max_folders', array('opts' => array('value' => true)))), ENT_COMPAT, Horde_Nls::getCharset()); } $notification->push($message, 'horde.error', array('content.raw')); return false; diff --git a/imp/lib/IMP.php b/imp/lib/IMP.php index 90e6b94a6..44432972d 100644 --- a/imp/lib/IMP.php +++ b/imp/lib/IMP.php @@ -163,8 +163,8 @@ class IMP if (!empty($options['new_folder']) && (!empty($GLOBALS['conf']['hooks']['permsdenied']) || - ($GLOBALS['perms']->hasAppPermission('create_folders') && - $GLOBALS['perms']->hasAppPermission('max_folders')))) { + ($GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('create_folders') && + $GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('max_folders')))) { $text .= "\n" . '\n" . "\n"; diff --git a/ingo/filters.php b/ingo/filters.php index 4b3d7c8c8..973dd2159 100644 --- a/ingo/filters.php +++ b/ingo/filters.php @@ -29,6 +29,9 @@ $vars = Horde_Variables::getDefaultVariables(); $edit_allowed = Ingo::hasSharePermission(Horde_Perms::EDIT); $delete_allowed = Ingo::hasSharePermission(Horde_Perms::DELETE); +/* Permissions. */ +$perms = $GLOBALS['injector']->getInstance('Horde_Perms'); + /* Perform requested actions. */ switch ($vars->actionID) { case 'rule_down': @@ -57,7 +60,7 @@ case 'rule_enable': break; case 'rule_copy': - if (!$GLOBALS['perms']->hasAppPermission('allow_rules')) { + if (!$perms->hasAppPermission('allow_rules')) { try { $message = Horde::callHook('perms_denied', array('ingo:allow_rules')); } catch (Horde_Exception_HookNotSet $e) { @@ -65,12 +68,12 @@ case 'rule_enable': } $notification->push($message, 'horde.error', array('content.raw')); break 2; - } elseif ($GLOBALS['perms']->hasAppPermission('max_rules') !== true && - $GLOBALS['perms']->hasAppPermission('max_rules') <= count($filters->getFilterList())) { + } elseif ($perms->hasAppPermission('max_rules') !== true && + $perms->hasAppPermission('max_rules') <= count($filters->getFilterList())) { try { $message = Horde::callHook('perms_denied', array('ingo:max_rules')); } catch (Horde_Exception_HookNotSet $e) { - $message = @htmlspecialchars(sprintf(_("You are not allowed to create more than %d rules."), $GLOBALS['perms']->hasAppPermission('max_rules')), ENT_COMPAT, Horde_Nls::getCharset()); + $message = @htmlspecialchars(sprintf(_("You are not allowed to create more than %d rules."), $perms->hasAppPermission('max_rules')), ENT_COMPAT, Horde_Nls::getCharset()); } $notification->push($message, 'horde.error', array('content.raw')); break 2; @@ -259,8 +262,8 @@ if (count($filter_list) == 0) { /* Create copy link. */ if (!is_null($copyurl) && (!empty($conf['hooks']['permsdenied']) || - $GLOBALS['perms']->hasAppPermission('max_rules') === true || - $GLOBALS['perms']->hasAppPermission('max_rules') > count($filter_list))) { + $perms->hasAppPermission('max_rules') === true || + $perms->hasAppPermission('max_rules') > count($filter_list))) { $entry['copylink'] = Horde::link($copyurl, sprintf(_("Copy %s"), $name)); $entry['copyimg'] = Horde::img('copy.png', sprintf(_("Copy %s"), $name)); } else { @@ -316,9 +319,9 @@ if (count($filter_list) == 0) { $actions = $ingo_script->availableActions(); $createrule = (!empty($actions) && (!empty($conf['hooks']['permsdenied']) || - ($GLOBALS['perms']->hasAppPermission('allow_rules') && - ($GLOBALS['perms']->hasAppPermission('max_rules') === true || - $GLOBALS['perms']->hasAppPermission('max_rules') > count($filter_list))))); + ($perms->hasAppPermission('allow_rules') && + ($perms->hasAppPermission('max_rules') === true || + $perms->hasAppPermission('max_rules') > count($filter_list))))); $canapply = $ingo_script->canApply(); require INGO_TEMPLATES . '/filters/footer.inc'; if ($on_demand && $edit_allowed) { diff --git a/ingo/rule.php b/ingo/rule.php index 03b61c82a..166a5bf8b 100644 --- a/ingo/rule.php +++ b/ingo/rule.php @@ -15,7 +15,8 @@ require_once dirname(__FILE__) . '/lib/Application.php'; Horde_Registry::appInit('ingo'); /* Check rule permissions. */ -if (!$GLOBALS['perms']->hasAppPermission('allow_rules')) { +$perms = $GLOBALS['injector']->getInstance('Horde_Perms'); +if (!$perms->hasAppPermission('allow_rules')) { try { $message = Horde::callHook('perms_denied', array('ingo:allow_rules')); } catch (Horde_Exception_HookNotSet $e) { @@ -127,8 +128,8 @@ case 'rule_delete': /* Save the rule. */ if ($vars->actionID == 'rule_save' && $valid) { if (!isset($vars->edit)) { - if ($GLOBALS['perms']->hasAppPermission('max_rules') !== true && - $GLOBALS['perms']->hasAppPermission('max_rules') <= count($filters->getFilterList())) { + if ($perms->hasAppPermission('max_rules') !== true && + $perms->hasAppPermission('max_rules') <= count($filters->getFilterList())) { header('Location: ' . Horde::applicationUrl('filters.php', true)); exit; } @@ -167,12 +168,12 @@ default: exit; } if (!isset($vars->edit)) { - if ($GLOBALS['perms']->hasAppPermission('max_rules') !== true && - $GLOBALS['perms']->hasAppPermission('max_rules') <= count($filters->getFilterList())) { + if ($perms->hasAppPermission('max_rules') !== true && + $perms->hasAppPermission('max_rules') <= count($filters->getFilterList())) { try { $message = Horde::callHook('perms_denied', array('ingo:max_rules')); } catch (Horde_Exception_HookNotSet $e) { - $message = @htmlspecialchars(sprintf(_("You are not allowed to create more than %d rules."), $GLOBALS['perms']->hasAppPermission('max_rules')), ENT_COMPAT, Horde_Nls::getCharset()); + $message = @htmlspecialchars(sprintf(_("You are not allowed to create more than %d rules."), $perms->hasAppPermission('max_rules')), ENT_COMPAT, Horde_Nls::getCharset()); } $notification->push($message, 'horde.error', array('content.raw')); header('Location: ' . Horde::applicationUrl('filters.php', true)); diff --git a/kronolith/add.php b/kronolith/add.php index eec54d6fb..5675c9464 100644 --- a/kronolith/add.php +++ b/kronolith/add.php @@ -25,8 +25,8 @@ if (!Horde_Util::getFormData('cancel')) { } elseif ($user == Horde_Auth::getAuth() && !$share->hasPermission(Horde_Auth::getAuth(), Horde_Perms::EDIT, Horde_Auth::getAuth())) { $notification->push(sprintf(_("You do not have permission to add events to %s."), $share->get('name')), 'horde.warning'); - } elseif ($GLOBALS['perms']->hasAppPermission('max_events') === true || - $GLOBALS['perms']->hasAppPermission('max_events') > Kronolith::countEvents()) { + } elseif ($GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('max_events') === true || + $GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('max_events') > Kronolith::countEvents()) { $event = Kronolith::getDriver(null, $calendar_id)->getEvent(); $event->readForm(); try { diff --git a/kronolith/data.php b/kronolith/data.php index 319855204..8cf6578e8 100644 --- a/kronolith/data.php +++ b/kronolith/data.php @@ -34,12 +34,14 @@ $templates = array( Horde_Data::IMPORT_MAPPED => array($registry->get('templates', 'horde') . '/data/csvmap.inc'), Horde_Data::IMPORT_DATETIME => array($registry->get('templates', 'horde') . '/data/datemap.inc') ); -if ($GLOBALS['perms']->hasAppPermission('max_events') !== true && - $GLOBALS['perms']->hasAppPermission('max_events') <= Kronolith::countEvents()) { + +$perms = $GLOBALS['injector']->getInstance('Horde_Perms'); +if ($perms->hasAppPermission('max_events') !== true && + $perms->hasAppPermission('max_events') <= Kronolith::countEvents()) { try { $message = Horde::callHook('perms_denied', array('kronolith:max_events')); } catch (Horde_Exception_HookNotSet $e) { - $message = @htmlspecialchars(sprintf(_("You are not allowed to create more than %d events."), $GLOBALS['perms']->hasAppPermission('max_events')), ENT_COMPAT, Horde_Nls::getCharset()); + $message = @htmlspecialchars(sprintf(_("You are not allowed to create more than %d events."), $perms->hasAppPermission('max_events')), ENT_COMPAT, Horde_Nls::getCharset()); } $notification->push($message, 'horde.warning', array('content.raw')); $templates[Horde_Data::IMPORT_FILE] = array(KRONOLITH_TEMPLATES . '/data/export.inc'); @@ -222,7 +224,7 @@ if (!$error) { if (is_array($next_step)) { $events = array(); $error = false; - $max_events = $GLOBALS['perms']->hasAppPermission('max_events'); + $max_events = $perms->hasAppPermission('max_events'); if ($max_events !== true) { $num_events = Kronolith::countEvents(); } @@ -249,7 +251,7 @@ if (is_array($next_step)) { try { $message = Horde::callHook('perms_denied', array('kronolith:max_events')); } catch (Horde_Exception_HookNotSet $e) { - $message = @htmlspecialchars(sprintf(_("You are not allowed to create more than %d events."), $GLOBALS['perms']->hasAppPermission('max_events')), ENT_COMPAT, Horde_Nls::getCharset()); + $message = @htmlspecialchars(sprintf(_("You are not allowed to create more than %d events."), $perms->hasAppPermission('max_events')), ENT_COMPAT, Horde_Nls::getCharset()); } $notification->push($message, 'horde.error', array('content.raw')); break; diff --git a/kronolith/edit.php b/kronolith/edit.php index 5d784da2b..4b8ac5917 100644 --- a/kronolith/edit.php +++ b/kronolith/edit.php @@ -26,12 +26,13 @@ function _save(&$event) function _check_max() { - if ($GLOBALS['perms']->hasAppPermission('max_events') !== true && - $GLOBALS['perms']->hasAppPermission('max_events') <= Kronolith::countEvents()) { + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); + if ($perms->hasAppPermission('max_events') !== true && + $perms->hasAppPermission('max_events') <= Kronolith::countEvents()) { try { $message = Horde::callHook('perms_denied', array('kronolith:max_events')); } catch (Horde_Exception_HookNotSet $e) { - $message = @htmlspecialchars(sprintf(_("You are not allowed to create more than %d events."), $GLOBALS['perms']->hasAppPermission('max_events')), ENT_COMPAT, Horde_Nls::getCharset()); + $message = @htmlspecialchars(sprintf(_("You are not allowed to create more than %d events."), $perms->hasAppPermission('max_events')), ENT_COMPAT, Horde_Nls::getCharset()); } $GLOBALS['notification']->push($message, 'horde.error', array('content.raw')); return false; diff --git a/kronolith/lib/Kronolith.php b/kronolith/lib/Kronolith.php index e714bc1a3..318d14aa7 100644 --- a/kronolith/lib/Kronolith.php +++ b/kronolith/lib/Kronolith.php @@ -2399,8 +2399,8 @@ class Kronolith $menu->add(Horde::applicationUrl($prefs->getValue('defaultview') . '.php'), _("_Today"), 'today.png', null, null, null, '__noselection'); if (self::getDefaultCalendar(Horde_Perms::EDIT) && (!empty($conf['hooks']['permsdenied']) || - $GLOBALS['perms']->hasAppPermission('max_events') === true || - $GLOBALS['perms']->hasAppPermission('max_events') > self::countEvents())) { + $GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('max_events') === true || + $GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('max_events') > self::countEvents())) { $menu->add(Horde::applicationUrl('new.php')->add('url', Horde::selfUrl(true, false, true)), _("_New Event"), 'new.png'); } if ($browser->hasFeature('dom')) { diff --git a/kronolith/lib/View/Day.php b/kronolith/lib/View/Day.php index 427a88945..d9c6f2282 100644 --- a/kronolith/lib/View/Day.php +++ b/kronolith/lib/View/Day.php @@ -75,8 +75,8 @@ class Kronolith_View_Day extends Kronolith_Day { $first_row = true; $addLinks = Kronolith::getDefaultCalendar(Horde_Perms::EDIT) && (!empty($GLOBALS['conf']['hooks']['permsdenied']) || - $GLOBALS['perms']->hasAppPermission('max_events') === true || - $GLOBALS['perms']->hasAppPermission('max_events') > Kronolith::countEvents()); + $GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('max_events') === true || + $GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('max_events') > Kronolith::countEvents()); $showLocation = Kronolith::viewShowLocation(); $showTime = Kronolith::viewShowTime(); diff --git a/kronolith/lib/View/EditEvent.php b/kronolith/lib/View/EditEvent.php index 96e2056cb..dddef579c 100644 --- a/kronolith/lib/View/EditEvent.php +++ b/kronolith/lib/View/EditEvent.php @@ -79,8 +79,8 @@ class Kronolith_View_EditEvent { $buttons = array(); if (!$this->event->hasPermission(Horde_Perms::EDIT) && (!empty($GLOBALS['conf']['hooks']['permsdenied']) || - $GLOBALS['perms']->hasAppPermission('max_events') === true || - $GLOBALS['perms']->hasAppPermission('max_events') > Kronolith::countEvents())) { + $GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('max_events') === true || + $GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('max_events') > Kronolith::countEvents())) { $buttons[] = ''; } else { if ($this->event->hasPermission(Horde_Perms::EDIT)) { @@ -89,8 +89,8 @@ class Kronolith_View_EditEvent { if ($this->event->initialized) { if (!$this->event->recurs() && (!empty($conf['hooks']['permsdenied']) || - $GLOBALS['perms']->hasAppPermission('max_events') === true || - $GLOBALS['perms']->hasAppPermission('max_events') > Kronolith::countEvents())) { + $GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('max_events') === true || + $GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('max_events') > Kronolith::countEvents())) { $buttons[] = ''; } } diff --git a/kronolith/lib/View/Month.php b/kronolith/lib/View/Month.php index 95e2762b7..bcb4a5ecd 100644 --- a/kronolith/lib/View/Month.php +++ b/kronolith/lib/View/Month.php @@ -120,8 +120,8 @@ class Kronolith_View_Month { $twentyFour = $prefs->getValue('twentyFour'); $addLinks = Kronolith::getDefaultCalendar(Horde_Perms::EDIT) && (!empty($GLOBALS['conf']['hooks']['permsdenied']) || - $GLOBALS['perms']->hasAppPermission('max_events') === true || - $GLOBALS['perms']->hasAppPermission('max_events') > Kronolith::countEvents()); + $GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('max_events') === true || + $GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('max_events') > Kronolith::countEvents()); if ($sidebyside) { require KRONOLITH_TEMPLATES . '/month/head_side_by_side.inc'; diff --git a/kronolith/new.php b/kronolith/new.php index b4c77244a..06425ed09 100644 --- a/kronolith/new.php +++ b/kronolith/new.php @@ -15,12 +15,14 @@ Horde_Registry::appInit('kronolith'); $url = Horde::applicationUrl($prefs->getValue('defaultview') . '.php', true) ->add(array('month' => Horde_Util::getFormData('month'), 'year' => Horde_Util::getFormData('year'))); -if ($GLOBALS['perms']->hasAppPermission('max_events') !== true && - $GLOBALS['perms']->hasAppPermission('max_events') <= Kronolith::countEvents()) { + +$perms = $GLOBALS['injector']->getInstance('Horde_Perms'); +if ($perms->hasAppPermission('max_events') !== true && + $perms->hasAppPermission('max_events') <= Kronolith::countEvents()) { try { $message = Horde::callHook('perms_denied', array('kronolith:max_events')); } catch (Horde_Exception_HookNotSet $e) { - $message = @htmlspecialchars(sprintf(_("You are not allowed to create more than %d events."), $GLOBALS['perms']->hasAppPermission('max_events')), ENT_COMPAT, Horde_Nls::getCharset()); + $message = @htmlspecialchars(sprintf(_("You are not allowed to create more than %d events."), $perms->hasAppPermission('max_events')), ENT_COMPAT, Horde_Nls::getCharset()); } $notification->push($message, 'horde.error', array('content.raw')); header('Location: ' . $url); diff --git a/kronolith/templates/edit/edit.inc b/kronolith/templates/edit/edit.inc index 6783a9a13..f7e55cc14 100644 --- a/kronolith/templates/edit/edit.inc +++ b/kronolith/templates/edit/edit.inc @@ -27,8 +27,8 @@ recurs() && (!empty($conf['hooks']['permsdenied']) || - $GLOBALS['perms']->hasAppPermission('max_events') === true || - $GLOBALS['perms']->hasAppPermission('max_events') > Kronolith::countEvents())): ?> + $GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('max_events') === true || + $GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('max_events') > Kronolith::countEvents())): ?> diff --git a/kronolith/templates/week/head.inc b/kronolith/templates/week/head.inc index 354b2f6e8..d91516fd3 100644 --- a/kronolith/templates/week/head.inc +++ b/kronolith/templates/week/head.inc @@ -20,8 +20,8 @@ echo $this->link(1)->link(array('title' => _("Next week"), 'class' => 'iconNav', hasAppPermission('max_events') === true || - $GLOBALS['perms']->hasAppPermission('max_events') > Kronolith::countEvents())) { + $GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('max_events') === true || + $GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('max_events') > Kronolith::countEvents())) { echo Horde::applicationUrl('new.php') ->add(array('date' => $day->dateString(), 'url' => $this->link(0, true))) diff --git a/nag/data.php b/nag/data.php index 17f94e2d2..d6162f988 100644 --- a/nag/data.php +++ b/nag/data.php @@ -35,12 +35,14 @@ $templates = array( Horde_Data::IMPORT_MAPPED => array($registry->get('templates', 'horde') . '/data/csvmap.inc'), Horde_Data::IMPORT_DATETIME => array($registry->get('templates', 'horde') . '/data/datemap.inc') ); -if ($GLOBALS['perms']->hasAppPermission('max_tasks') !== true && - $GLOBALS['perms']->hasAppPermission('max_tasks') <= Nag::countTasks()) { + +$perms = $GLOBALS['injector']->getInstance('Horde_Perms'); +if ($perms->hasAppPermission('max_tasks') !== true && + $perms->hasAppPermission('max_tasks') <= Nag::countTasks()) { try { $message = Horde::callHook('perms_denied', array('nag:max_tasks')); } catch (Horde_Exception_HookNotSet $e) { - $message = @htmlspecialchars(sprintf(_("You are not allowed to create more than %d tasks."), $GLOBALS['perms']->hasAppPermission('max_tasks')), ENT_COMPAT, Horde_Nls::getCharset()); + $message = @htmlspecialchars(sprintf(_("You are not allowed to create more than %d tasks."), $perms->hasAppPermission('max_tasks')), ENT_COMPAT, Horde_Nls::getCharset()); } $notification->push($message, 'horde.warning', array('content.raw')); $templates[Horde_Data::IMPORT_FILE] = array(NAG_TEMPLATES . '/data/export.inc'); @@ -159,7 +161,7 @@ if (is_array($next_step)) { /* Create a Nag storage instance. */ $storage = Nag_Driver::singleton($_SESSION['import_data']['target']); - $max_tasks = $GLOBALS['perms']->hasAppPermission('max_tasks'); + $max_tasks = $perms->hasAppPermission('max_tasks'); $num_tasks = Nag::countTasks(); $result = null; foreach ($next_step as $row) { @@ -167,7 +169,7 @@ if (is_array($next_step)) { try { $message = Horde::callHook('perms_denied', array('nag:max_tasks')); } catch (Horde_Exception_HookNotSet $e) { - $message = @htmlspecialchars(sprintf(_("You are not allowed to create more than %d tasks."), $GLOBALS['perms']->hasAppPermission('max_tasks')), ENT_COMPAT, Horde_Nls::getCharset()); + $message = @htmlspecialchars(sprintf(_("You are not allowed to create more than %d tasks."), $perms->hasAppPermission('max_tasks')), ENT_COMPAT, Horde_Nls::getCharset()); } $notification->push($message, 'horde.error', array('content.raw')); break; diff --git a/nag/lib/Nag.php b/nag/lib/Nag.php index e9b27f493..d40e7a888 100644 --- a/nag/lib/Nag.php +++ b/nag/lib/Nag.php @@ -748,8 +748,8 @@ class Nag $menu->add(Horde::applicationUrl('list.php'), _("_List Tasks"), 'nag.png', null, null, null, basename($_SERVER['PHP_SELF']) == 'index.php' ? 'current' : null); if (Nag::getDefaultTasklist(Horde_Perms::EDIT) && (!empty($conf['hooks']['permsdenied']) || - $GLOBALS['perms']->hasAppPermission('max_tasks') === true || - $GLOBALS['perms']->hasAppPermission('max_tasks') > Nag::countTasks())) { + $GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('max_tasks') === true || + $GLOBALS['injector']->getInstance('Horde_Perms')->hasAppPermission('max_tasks') > Nag::countTasks())) { $menu->add(Horde::applicationUrl(Horde_Util::addParameter('task.php', 'actionID', 'add_task')), _("_New Task"), 'add.png', null, null, null, Horde_Util::getFormData('task') ? '__noselection' : null); if ($GLOBALS['browser']->hasFeature('dom')) { $menu->add('', _("_Quick Add"), 'add.png', null, null, 'Nag.quickAddPanel.show(); $(\'quickText\').focus(); return false;', Horde_Util::getFormData('task') ? 'quickAdd __noselection' : 'quickAdd'); diff --git a/nag/task.php b/nag/task.php index e0de64739..02abbe0b4 100644 --- a/nag/task.php +++ b/nag/task.php @@ -62,12 +62,13 @@ if (is_null($actionID)) { switch ($actionID) { case 'add_task': /* Check permissions. */ - if ($GLOBALS['perms']->hasAppPermission('max_tasks') !== true && - $GLOBALS['perms']->hasAppPermission('max_tasks') <= Nag::countTasks()) { + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); + if ($perms->hasAppPermission('max_tasks') !== true && + $perms->hasAppPermission('max_tasks') <= Nag::countTasks()) { try { $message = Horde::callHook('perms_denied', array('nag:max_tasks')); } catch (Horde_Exception_HookNotSet $e) { - $message = @htmlspecialchars(sprintf(_("You are not allowed to create more than %d tasks."), $GLOBALS['perms']->hasAppPermission('max_tasks')), ENT_COMPAT, Horde_Nls::getCharset()); + $message = @htmlspecialchars(sprintf(_("You are not allowed to create more than %d tasks."), $perms->hasAppPermission('max_tasks')), ENT_COMPAT, Horde_Nls::getCharset()); } $notification->push($message, 'horde.error', array('content.raw')); header('Location: ' . Horde::applicationUrl('list.php', true)); @@ -157,8 +158,9 @@ case 'save_task': $info['tasklist_id']); } else { /* Check permissions. */ - if ($GLOBALS['perms']->hasAppPermission('max_tasks') !== true && - $GLOBALS['perms']->hasAppPermission('max_tasks') <= Nag::countTasks()) { + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); + if ($perms->hasAppPermission('max_tasks') !== true && + $perms->hasAppPermission('max_tasks') <= Nag::countTasks()) { header('Location: ' . Horde::applicationUrl('list.php', true)); exit; } diff --git a/news/lib/Categories.php b/news/lib/Categories.php index 6bea1f4f0..9bb385654 100644 --- a/news/lib/Categories.php +++ b/news/lib/Categories.php @@ -238,16 +238,18 @@ class News_Categories { public function getAllowed($perm = Horde_Perms::SHOW) { $cats = $this->getCategories(); + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); + if (Horde_Auth::isAdmin('news:admin') || - $GLOBALS['perms']->hasPermission('news', Horde_Auth::getAuth(), $perm)) { + $perms->hasPermission('news', Horde_Auth::getAuth(), $perm)) { return $cats; } foreach ($cats as $key => $value) { // user has access? - if (!$GLOBALS['perms']->hasPermission('news:categories', Horde_Auth::getAuth(), $perm) && // master - !$GLOBALS['perms']->hasPermission('news:categories:' . $key, Horde_Auth::getAuth(), $perm) && // child - !$GLOBALS['perms']->hasPermission('news:categories:' . $this->_nodes[$key]['category_parentid'], Horde_Auth::getAuth(), $perm) // father + if (!$perms->hasPermission('news:categories', Horde_Auth::getAuth(), $perm) && // master + !$perms->hasPermission('news:categories:' . $key, Horde_Auth::getAuth(), $perm) && // child + !$perms->hasPermission('news:categories:' . $this->_nodes[$key]['category_parentid'], Horde_Auth::getAuth(), $perm) // father ) { unset($cats[$key]); } diff --git a/operator/lib/Driver.php b/operator/lib/Driver.php index 7644a83cc..0495ac919 100644 --- a/operator/lib/Driver.php +++ b/operator/lib/Driver.php @@ -43,11 +43,13 @@ class Operator_Driver { } else { $permentry = 'operator:accountcodes:' . $accountcode; } + if (Horde_Auth::isAdmin() || - $GLOBALS['perms']->hasPermission('operator:accountcodes', + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); + $perms->hasPermission('operator:accountcodes', Horde_Auth::getAuth(), Horde_Perms::READ) || - $GLOBALS['perms']->hasPermission($permentry, Horde_Auth::getAuth(), + $perms->hasPermission($permentry, Horde_Auth::getAuth(), Horde_Perms::READ)) { return $this->_getRecords($start, $end, $accountcode, $dcontext, $rowstart, $rowlimit); @@ -80,10 +82,11 @@ class Operator_Driver { $permentry = 'operator:accountcodes:' . $accountcode; } if (Horde_Auth::isAdmin() || - $GLOBALS['perms']->hasPermission('operator:accountcodes', + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); + $perms->hasPermission('operator:accountcodes', Horde_Auth::getAuth(), Horde_Perms::READ) || - $GLOBALS['perms']->hasPermission($permentry, Horde_Auth::getAuth(), + $perms->hasPermission($permentry, Horde_Auth::getAuth(), Horde_Perms::READ)) { return $this->_getMonthlyCallStats($start, $end, $accountcode, $dcontext); diff --git a/operator/lib/Operator.php b/operator/lib/Operator.php index 6d6963f13..d811382f0 100644 --- a/operator/lib/Operator.php +++ b/operator/lib/Operator.php @@ -99,16 +99,17 @@ class Operator { // Set up arrays for filtering $keys = $values = $operator->driver->getAccountCodes(); + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); if (Horde_Auth::isAdmin() || - $GLOBALS['perms']->hasPermission('operator:accountcodes', + $perms->hasPermission('operator:accountcodes', Horde_Auth::getAuth(), Horde_Perms::READ)) { $permfilter = false; } if (!$permfilter || - $GLOBALS['perms']->hasPermission('operator:accountcodes:%', + $perms->hasPermission('operator:accountcodes:%', Horde_Auth::getAuth(), Horde_Perms::READ)) { @@ -134,9 +135,7 @@ class Operator { } if (Horde_Auth::isAdmin() || - $GLOBALS['perms']->hasPermission($permitem, - Horde_Auth::getAuth(), - Horde_Perms::SHOW)) { + $perms->hasPermission($permitem, Horde_Auth::getAuth(), Horde_Perms::SHOW)) { $accountcodes[$accountcode] = $values[$index]; } } diff --git a/shout/lib/Shout.php b/shout/lib/Shout.php index bcdf0d5a3..ebbf77744 100644 --- a/shout/lib/Shout.php +++ b/shout/lib/Shout.php @@ -106,11 +106,12 @@ class Shout $user = 0; $superadmin = 0; - $superadmin = $GLOBALS['perms']->hasPermission('shout:superadmin', + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); + $superadmin = $perms->hasPermission('shout:superadmin', Horde_Auth::getAuth(), $permmask); while ($numparents >= 0) { - $tmpuser = $GLOBALS['perms']->hasPermission($permname, + $tmpuser = $perms->hasPermission($permname, Horde_Auth::getAuth(), $permmask); $user = $user | $tmpuser; diff --git a/turba/lib/Driver.php b/turba/lib/Driver.php index e155d1140..e5471fc36 100644 --- a/turba/lib/Driver.php +++ b/turba/lib/Driver.php @@ -2287,15 +2287,11 @@ class Turba_Driver */ function hasPermission($perm) { - if (!$GLOBALS['perms']->exists('turba:sources:' . $this->name)) { - // Assume we have permissions if they're not - // explicitly set. - return true; - } else { - return $GLOBALS['perms']->hasPermission('turba:sources:' . $this->name, - Horde_Auth::getAuth(), - $perm); - } + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); + return $perms->exists('turba:sources:' . $this->name) + ? $perms->hasPermission('turba:sources:' . $this->name, Horde_Auth::getAuth(), $perm) + // Assume we have permissions if they're not explicitly set. + : true; } /** diff --git a/turba/lib/Turba.php b/turba/lib/Turba.php index 22563a3ae..4f1fa94bd 100644 --- a/turba/lib/Turba.php +++ b/turba/lib/Turba.php @@ -295,17 +295,16 @@ class Turba { */ function getExtendedPermission($addressBook, $permission) { - global $perms; - // We want to check the base source as extended permissions // are enforced per backend, not per share. $key = $addressBook->name . ':' . $permission; - if (!$GLOBALS['perms']->exists('turba:sources:' . $key)) { + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); + if (!$perms->exists('turba:sources:' . $key)) { return true; } - $allowed = $GLOBALS['perms']->getPermissions('turba:sources:' . $key); + $allowed = $perms->getPermissions('turba:sources:' . $key); if (is_array($allowed)) { switch ($permission) { case 'max_contacts': diff --git a/vilma/lib/Vilma.php b/vilma/lib/Vilma.php index af82b28ca..f1383eeed 100644 --- a/vilma/lib/Vilma.php +++ b/vilma/lib/Vilma.php @@ -37,11 +37,11 @@ class Vilma { $user = 0; $superadmin = 0; - $superadmin = $GLOBALS['perms']->hasPermission('vilma:domains', - Horde_Auth::getAuth(), $permmask); + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); + $superadmin = $perms->hasPermission('vilma:domains', + Horde_Auth::getAuth(), $permmask); - $user = $GLOBALS['perms']->hasPermission($permname, Horde_Auth::getAuth(), - $permmask); + $user = $perms->hasPermission($permname, Horde_Auth::getAuth(), $permmask); return ($superadmin | $user); } diff --git a/whups/admin/index.php b/whups/admin/index.php index 3dc9cbaa6..4c4390bfd 100644 --- a/whups/admin/index.php +++ b/whups/admin/index.php @@ -356,13 +356,14 @@ case 'editqueuestep2form': if (!is_a($result, 'PEAR_Error')) { $notification->push(_("The queue has been modified."), 'horde.success'); + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); if (!$perms->exists('whups:queues:' . $vars->get('queue') . ':update')) { - $p = &$perms->newPermission('whups:queues:' + $p = $perms->newPermission('whups:queues:' . $vars->get('queue') . ':update'); $perms->addPermission($p); } if (!$perms->exists('whups:queues:' . $vars->get('queue') . ':assign')) { - $p = &$perms->newPermission('whups:queues:' + $p = $perms->newPermission('whups:queues:' . $vars->get('queue') . ':assign'); $perms->addPermission($p); } diff --git a/whups/lib/Driver.php b/whups/lib/Driver.php index 96a01ef02..94a85c71f 100644 --- a/whups/lib/Driver.php +++ b/whups/lib/Driver.php @@ -285,12 +285,13 @@ class Whups_Driver { */ function deleteQueue($queueId) { - $perm = &$GLOBALS['perms']->getPermission("whups:queues:$queueId"); + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); + $perm = $perms->getPermission("whups:queues:$queueId"); if (is_a($perm, 'PEAR_Error')) { return; } - return $GLOBALS['perms']->removePermission($perm, true); + return $perms->removePermission($perm, true); } /** @@ -303,12 +304,13 @@ class Whups_Driver { */ function deleteReply($reply) { - $perm = &$GLOBALS['perms']->getPermission("whups:replies:$reply"); + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); + $perm = $perms->getPermission("whups:replies:$reply"); if (is_a($perm, 'PEAR_Error')) { return; } - return $GLOBALS['perms']->removePermission($perm, true); + return $perms->removePermission($perm, true); } /** diff --git a/whups/lib/Forms/AddComment.php b/whups/lib/Forms/AddComment.php index 1f991d1b0..e4bcb43d0 100644 --- a/whups/lib/Forms/AddComment.php +++ b/whups/lib/Forms/AddComment.php @@ -24,7 +24,7 @@ class AddCommentForm extends Horde_Form { /* Group restrictions. */ if (Horde_Auth::isAdmin('whups:admin') || - $GLOBALS['perms']->hasPermission('whups:hiddenComments', Horde_Auth::getAuth(), Horde_Perms::EDIT)) { + $GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission('whups:hiddenComments', Horde_Auth::getAuth(), Horde_Perms::EDIT)) { $groups = &Group::singleton(); $mygroups = $groups->getGroupMemberships(Horde_Auth::getAuth()); if ($mygroups) { diff --git a/whups/lib/Ticket.php b/whups/lib/Ticket.php index 665bcaee3..2cf2bd4f0 100644 --- a/whups/lib/Ticket.php +++ b/whups/lib/Ticket.php @@ -538,10 +538,10 @@ class Whups_Ticket { function addCommentPerms($commentId, $group) { if (!empty($group)) { - $perm = &$GLOBALS['perms']->newPermission('whups:comments:' - . $commentId); + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); + $perm = $perms->newPermission('whups:comments:' . $commentId); $perm->addGroupPermission($group, Horde_Perms::READ, false); - return $GLOBALS['perms']->addPermission($perm); + return $perms->addPermission($perm); } } diff --git a/whups/lib/Whups.php b/whups/lib/Whups.php index e789d47b8..83b97dd17 100644 --- a/whups/lib/Whups.php +++ b/whups/lib/Whups.php @@ -338,8 +338,6 @@ class Whups { */ function hasPermission($in, $filter, $permission, $user = null) { - global $perms; - if (is_null($user)) { $user = Horde_Auth::getAuth(); } @@ -352,6 +350,8 @@ class Whups { $admin = Horde_Auth::isAdmin('whups:admin', $permission, $user); } + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); + switch ($filter) { case 'queue': if ($admin) { @@ -413,13 +413,12 @@ class Whups { function permissionsFilter($in, $filter, $permission = Horde_Perms::READ, $user = null, $creator = null) { - global $perms; - if (is_null($user)) { $user = Horde_Auth::getAuth(); } $admin = Horde_Auth::isAdmin('whups:admin', $permission, $user); + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); $out = array(); switch ($filter) { diff --git a/whups/ticket/comment.php b/whups/ticket/comment.php index 24f4be505..a86bfe378 100644 --- a/whups/ticket/comment.php +++ b/whups/ticket/comment.php @@ -25,7 +25,7 @@ if ($tid = $vars->get('transaction')) { $private = false; foreach ($history[$tid]['changes'] as $change) { if (!empty($change['private'])) { - if (!$GLOBALS['perms']->hasPermission('whups:comments:' . $change['value'], Horde_Auth::getAuth(), Horde_Perms::READ)) { + if (!$GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission('whups:comments:' . $change['value'], Horde_Auth::getAuth(), Horde_Perms::READ)) { $private = true; break; } diff --git a/whups/ticket/queue.php b/whups/ticket/queue.php index eaf4555c3..08e99637d 100644 --- a/whups/ticket/queue.php +++ b/whups/ticket/queue.php @@ -32,7 +32,7 @@ class SetQueueStep1Form extends Horde_Form { /* Group restrictions. */ if (Horde_Auth::isAdmin('whups:admin', Horde_Perms::EDIT) || - $GLOBALS['perms']->hasPermission('whups:hiddenComments', + $GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission('whups:hiddenComments', Horde_Auth::getAuth(), Horde_Perms::EDIT)) { $groups = &Group::singleton(); $mygroups = $groups->getGroupMemberships(Horde_Auth::getAuth()); diff --git a/whups/ticket/update.php b/whups/ticket/update.php index 23d6e7ac1..e7ee12ce7 100644 --- a/whups/ticket/update.php +++ b/whups/ticket/update.php @@ -34,7 +34,7 @@ if ($tid = $vars->get('transaction')) { // the reply. foreach ($history[$tid]['changes'] as $change) { if (!empty($change['private'])) { - $permission = $GLOBALS['perms']->getPermission('whups:comments:' . $change['value']); + $permission = $GLOBALS['injector']->getInstance('Horde_Perms')->getPermission('whups:comments:' . $change['value']); if (!is_a($permission, 'PEAR_Error')) { $group_id = array_shift(array_keys($permission->getGroupPermissions())); $vars->set('group', $group_id); diff --git a/wicked/lib/Page.php b/wicked/lib/Page.php index 45966e282..b57087047 100644 --- a/wicked/lib/Page.php +++ b/wicked/lib/Page.php @@ -62,7 +62,7 @@ class Page { */ function getPermissions($pageName = null) { - global $perms, $wicked; + global $wicked; if (is_null($pageName)) { $pageName = $this->pageName(); @@ -70,6 +70,8 @@ class Page { $pageId = $wicked->getPageId($pageName); $permName = 'wicked:pages:' . $pageId; + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); + if ($pageId !== false && $perms->exists($permName)) { return $perms->getPermissions($permName); } elseif ($perms->exists('wicked:pages')) { @@ -111,8 +113,9 @@ class Page { return true; } - global $perms; $permName = 'wicked:pages'; + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); + if ($perms->exists($permName)) { return $perms->getPermissions($permName) & Horde_Perms::EDIT; } else { diff --git a/wicked/lib/Page/StandardPage.php b/wicked/lib/Page/StandardPage.php index 5ba2c7cd4..ef71e1d29 100644 --- a/wicked/lib/Page/StandardPage.php +++ b/wicked/lib/Page/StandardPage.php @@ -50,13 +50,14 @@ class StandardPage extends Page { return; } - global $wicked, $notification, $perms; + global $wicked, $notification; $page = $wicked->retrieveByName($pagename); // Make sure 'wicked' permission exists. Set reasonable defaults if // necessary. + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); if (!$perms->exists('wicked')) { - $perm = &$perms->newPermission('wicked'); + $perm = $perms->newPermission('wicked'); $perm->addGuestPermission(Horde_Perms::SHOW | Horde_Perms::READ, false); $perm->addDefaultPermission(Horde_Perms::SHOW | Horde_Perms::READ | Horde_Perms::EDIT | Horde_Perms::DELETE, false); $perms->addPermission($perm); @@ -65,8 +66,8 @@ class StandardPage extends Page { // Make sure 'wicked:pages' exists. Copy from 'wicked' if it does not // exist. if (!$perms->exists('wicked:pages')) { - $perm = &$perms->newPermission('wicked:pages'); - $copyFrom = &$perms->getPermission('wicked'); + $perm = $perms->newPermission('wicked:pages'); + $copyFrom = $perms->getPermission('wicked'); $perm->addGuestPermission($copyFrom->getGuestPermissions(), false); $perm->addDefaultPermission($copyFrom->getDefaultPermissions(), false); $perm->addCreatorPermission($copyFrom->getCreatorPermissions(), false);