From: Jan Schneider Date: Tue, 9 Mar 2010 18:46:24 +0000 (+0100) Subject: Save permissions, yay. X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=b62658ff91b6fd2995188921acfa63a8a044b38c;p=horde.git Save permissions, yay. --- diff --git a/kronolith/js/kronolith.js b/kronolith/js/kronolith.js index 2a2a37976..2d80767dd 100644 --- a/kronolith/js/kronolith.js +++ b/kronolith/js/kronolith.js @@ -2616,6 +2616,9 @@ KronolithCore = { cal.fg = r.response.color; cal.name = data.name; cal.desc = data.description; + if (r.response.perms) { + cal.perms = r.response.perms; + } this.getCalendarList(type, cal.owner).select('div').each(function(element) { if (element.retrieve('calendar') == data.calendar) { element @@ -2639,6 +2642,9 @@ KronolithCore = { owner: true, show: true }; + if (r.response.perms) { + cal.perms = r.response.perms; + } Kronolith.conf.calendars[type][r.response.calendar] = cal; this.insertCalendarInList(type, r.response.calendar, cal); } diff --git a/kronolith/lib/Ajax/Application.php b/kronolith/lib/Ajax/Application.php index 7ad47a3df..072d75989 100644 --- a/kronolith/lib/Ajax/Application.php +++ b/kronolith/lib/Ajax/Application.php @@ -480,6 +480,7 @@ class Kronolith_Ajax_Application extends Horde_Ajax_Application_Base $GLOBALS['notification']->push($e, 'horde.error'); return $result; } + Kronolith::readPermsForm($calendar); $GLOBALS['notification']->push(sprintf(_("The calendar \"%s\" has been created."), $info['name']), 'horde.success'); $result->calendar = $calendar->getName(); break; @@ -500,6 +501,8 @@ class Kronolith_Ajax_Application extends Horde_Ajax_Application_Base return $result; } + Kronolith::readPermsForm($calendar); + $result->perms = $calendar->getPermission()->data; if ($calendar->get('name') != $original_name) { $GLOBALS['notification']->push(sprintf(_("The calendar \"%s\" has been renamed to \"%s\"."), $original_name, $calendar->get('name')), 'horde.success'); } else { diff --git a/kronolith/lib/Kronolith.php b/kronolith/lib/Kronolith.php index 5f662de4f..21a99a369 100644 --- a/kronolith/lib/Kronolith.php +++ b/kronolith/lib/Kronolith.php @@ -1493,6 +1493,220 @@ class Kronolith } /** + * Reads a submitted permissions form and updates the share permissions. + * + * @param Horde_Share_Object $share The share to update. + * + * @return array A list of error messages. + * @throws Kronolith_Exception + */ + public static function readPermsForm($share) + { + $auth = Horde_Auth::singleton($GLOBALS['conf']['auth']['driver']); + $perm = $share->getPermission(); + $errors = array(); + + // Process owner and owner permissions. + $old_owner = $share->get('owner'); + $new_owner_backend = Horde_Util::getFormData('owner_select', Horde_Util::getFormData('owner_input', $old_owner)); + $new_owner = Horde_Auth::convertUsername($new_owner_backend, true); + if ($old_owner !== $new_owner && !empty($new_owner)) { + if ($old_owner != Horde_Auth::getAuth() && !Horde_Auth::isAdmin()) { + $errors[] = _("Only the owner or system administrator may change ownership or owner permissions for a share"); + } elseif ($auth->hasCapability('list') && !$auth->exists($new_owner_backend)) { + $errors[] = sprintf(_("The user \"%s\" does not exist."), $new_owner_backend); + } else { + $share->set('owner', $new_owner); + $share->save(); + } + } + + if (Horde_Auth::isAdmin() || + !empty($GLOBALS['conf']['share']['world'])) { + // Process default permissions. + if (Horde_Util::getFormData('default_show')) { + $perm->addDefaultPermission(Horde_Perms::SHOW, false); + } else { + $perm->removeDefaultPermission(Horde_Perms::SHOW, false); + } + if (Horde_Util::getFormData('default_read')) { + $perm->addDefaultPermission(Horde_Perms::READ, false); + } else { + $perm->removeDefaultPermission(Horde_Perms::READ, false); + } + if (Horde_Util::getFormData('default_edit')) { + $perm->addDefaultPermission(Horde_Perms::EDIT, false); + } else { + $perm->removeDefaultPermission(Horde_Perms::EDIT, false); + } + if (Horde_Util::getFormData('default_delete')) { + $perm->addDefaultPermission(Horde_Perms::DELETE, false); + } else { + $perm->removeDefaultPermission(Horde_Perms::DELETE, false); + } + if (Horde_Util::getFormData('default_delegate')) { + $perm->addDefaultPermission(Kronolith::PERMS_DELEGATE, false); + } else { + $perm->removeDefaultPermission(Kronolith::PERMS_DELEGATE, false); + } + + // Process guest permissions. + if (Horde_Util::getFormData('guest_show')) { + $perm->addGuestPermission(Horde_Perms::SHOW, false); + } else { + $perm->removeGuestPermission(Horde_Perms::SHOW, false); + } + if (Horde_Util::getFormData('guest_read')) { + $perm->addGuestPermission(Horde_Perms::READ, false); + } else { + $perm->removeGuestPermission(Horde_Perms::READ, false); + } + if (Horde_Util::getFormData('guest_edit')) { + $perm->addGuestPermission(Horde_Perms::EDIT, false); + } else { + $perm->removeGuestPermission(Horde_Perms::EDIT, false); + } + if (Horde_Util::getFormData('guest_delete')) { + $perm->addGuestPermission(Horde_Perms::DELETE, false); + } else { + $perm->removeGuestPermission(Horde_Perms::DELETE, false); + } + if (Horde_Util::getFormData('guest_delegate')) { + $perm->addGuestPermission(Kronolith::PERMS_DELEGATE, false); + } else { + $perm->removeGuestPermission(Kronolith::PERMS_DELEGATE, false); + } + } + + // Process creator permissions. + if (Horde_Util::getFormData('creator_show')) { + $perm->addCreatorPermission(Horde_Perms::SHOW, false); + } else { + $perm->removeCreatorPermission(Horde_Perms::SHOW, false); + } + if (Horde_Util::getFormData('creator_read')) { + $perm->addCreatorPermission(Horde_Perms::READ, false); + } else { + $perm->removeCreatorPermission(Horde_Perms::READ, false); + } + if (Horde_Util::getFormData('creator_edit')) { + $perm->addCreatorPermission(Horde_Perms::EDIT, false); + } else { + $perm->removeCreatorPermission(Horde_Perms::EDIT, false); + } + if (Horde_Util::getFormData('creator_delete')) { + $perm->addCreatorPermission(Horde_Perms::DELETE, false); + } else { + $perm->removeCreatorPermission(Horde_Perms::DELETE, false); + } + if (Horde_Util::getFormData('creator_delegate')) { + $perm->addCreatorPermission(Kronolith::PERMS_DELEGATE, false); + } else { + $perm->removeCreatorPermission(Kronolith::PERMS_DELEGATE, false); + } + + // Process user permissions. + $u_names = Horde_Util::getFormData('u_names'); + $u_show = Horde_Util::getFormData('u_show'); + $u_read = Horde_Util::getFormData('u_read'); + $u_edit = Horde_Util::getFormData('u_edit'); + $u_delete = Horde_Util::getFormData('u_delete'); + $u_delegate = Horde_Util::getFormData('u_delegate'); + + foreach ($u_names as $key => $user_backend) { + // Apply backend hooks + $user = Horde_Auth::convertUsername($user_backend, true); + // If the user is empty, or we've already set permissions + // via the owner_ options, don't do anything here. + if (empty($user) || $user == $new_owner) { + continue; + } + if ($auth->hasCapability('list') && !$auth->exists($user_backend)) { + $errors[] = sprintf(_("The user \"%s\" does not exist."), $user_backend); + continue; + } + + if (!empty($u_show[$key])) { + $perm->addUserPermission($user, Horde_Perms::SHOW, false); + } else { + $perm->removeUserPermission($user, Horde_Perms::SHOW, false); + } + if (!empty($u_read[$key])) { + $perm->addUserPermission($user, Horde_Perms::READ, false); + } else { + $perm->removeUserPermission($user, Horde_Perms::READ, false); + } + if (!empty($u_edit[$key])) { + $perm->addUserPermission($user, Horde_Perms::EDIT, false); + } else { + $perm->removeUserPermission($user, Horde_Perms::EDIT, false); + } + if (!empty($u_delete[$key])) { + $perm->addUserPermission($user, Horde_Perms::DELETE, false); + } else { + $perm->removeUserPermission($user, Horde_Perms::DELETE, false); + } + if (!empty($u_delegate[$key])) { + $perm->addUserPermission($user, Kronolith::PERMS_DELEGATE, false); + } else { + $perm->removeUserPermission($user, Kronolith::PERMS_DELEGATE, false); + } + } + + // Process group permissions. + $g_names = Horde_Util::getFormData('g_names'); + $g_show = Horde_Util::getFormData('g_show'); + $g_read = Horde_Util::getFormData('g_read'); + $g_edit = Horde_Util::getFormData('g_edit'); + $g_delete = Horde_Util::getFormData('g_delete'); + $g_delegate = Horde_Util::getFormData('g_delegate'); + + foreach ($g_names as $key => $group) { + if (empty($group)) { + continue; + } + + if (!empty($g_show[$key])) { + $perm->addGroupPermission($group, Horde_Perms::SHOW, false); + } else { + $perm->removeGroupPermission($group, Horde_Perms::SHOW, false); + } + if (!empty($g_read[$key])) { + $perm->addGroupPermission($group, Horde_Perms::READ, false); + } else { + $perm->removeGroupPermission($group, Horde_Perms::READ, false); + } + if (!empty($g_edit[$key])) { + $perm->addGroupPermission($group, Horde_Perms::EDIT, false); + } else { + $perm->removeGroupPermission($group, Horde_Perms::EDIT, false); + } + if (!empty($g_delete[$key])) { + $perm->addGroupPermission($group, Horde_Perms::DELETE, false); + } else { + $perm->removeGroupPermission($group, Horde_Perms::DELETE, false); + } + if (!empty($g_delegate[$key])) { + $perm->addGroupPermission($group, Kronolith::PERMS_DELEGATE, false); + } else { + $perm->removeGroupPermission($group, Kronolith::PERMS_DELEGATE, false); + } + } + + $result = $share->setPermission($perm, false); + if ($result instanceof PEAR_Error) { + throw new Kronolith_Exception($result); + } else { + $result = $share->save(); + if ($result instanceof PEAR_Error) { + throw new Kronolith_Exception($result); + } + } + + return $errors; + } + + /** * Subscribes to a remote calendar. * * @param array $info Hash with calendar information. diff --git a/kronolith/perms.php b/kronolith/perms.php index e9aa7284f..a7dd8ac2c 100644 --- a/kronolith/perms.php +++ b/kronolith/perms.php @@ -56,210 +56,21 @@ case 'editform': Horde_Auth::getAuth() != $share->get('owner'))) { exit('permission denied'); } - $perm = $share->getPermission(); - - // Process owner and owner permissions. - $old_owner = $share->get('owner'); - $new_owner_backend = Horde_Util::getFormData('owner_select', Horde_Util::getFormData('owner_input', $old_owner)); - $new_owner = Horde_Auth::convertUsername($new_owner_backend, true); - if ($old_owner !== $new_owner && !empty($new_owner)) { - if ($old_owner != Horde_Auth::getAuth() && !Horde_Auth::isAdmin()) { - $notification->push(_("Only the owner or system administrator may change ownership or owner permissions for a share"), 'horde.error'); - } elseif ($auth->hasCapability('list') && !$auth->exists($new_owner_backend)) { - $notification->push(sprintf(_("The user \"%s\" does not exist."), $new_owner_backend), 'horde.error'); - } else { - $share->set('owner', $new_owner); - $share->save(); - } - } - - if (Horde_Auth::isAdmin() || - !empty($GLOBALS['conf']['share']['world'])) { - // Process default permissions. - if (Horde_Util::getFormData('default_show')) { - $perm->addDefaultPermission(Horde_Perms::SHOW, false); - } else { - $perm->removeDefaultPermission(Horde_Perms::SHOW, false); - } - if (Horde_Util::getFormData('default_read')) { - $perm->addDefaultPermission(Horde_Perms::READ, false); - } else { - $perm->removeDefaultPermission(Horde_Perms::READ, false); - } - if (Horde_Util::getFormData('default_edit')) { - $perm->addDefaultPermission(Horde_Perms::EDIT, false); - } else { - $perm->removeDefaultPermission(Horde_Perms::EDIT, false); - } - if (Horde_Util::getFormData('default_delete')) { - $perm->addDefaultPermission(Horde_Perms::DELETE, false); - } else { - $perm->removeDefaultPermission(Horde_Perms::DELETE, false); - } - if (Horde_Util::getFormData('default_delegate')) { - $perm->addDefaultPermission(Kronolith::PERMS_DELEGATE, false); - } else { - $perm->removeDefaultPermission(Kronolith::PERMS_DELEGATE, false); - } - - // Process guest permissions. - if (Horde_Util::getFormData('guest_show')) { - $perm->addGuestPermission(Horde_Perms::SHOW, false); - } else { - $perm->removeGuestPermission(Horde_Perms::SHOW, false); - } - if (Horde_Util::getFormData('guest_read')) { - $perm->addGuestPermission(Horde_Perms::READ, false); - } else { - $perm->removeGuestPermission(Horde_Perms::READ, false); - } - if (Horde_Util::getFormData('guest_edit')) { - $perm->addGuestPermission(Horde_Perms::EDIT, false); - } else { - $perm->removeGuestPermission(Horde_Perms::EDIT, false); - } - if (Horde_Util::getFormData('guest_delete')) { - $perm->addGuestPermission(Horde_Perms::DELETE, false); - } else { - $perm->removeGuestPermission(Horde_Perms::DELETE, false); - } - if (Horde_Util::getFormData('guest_delegate')) { - $perm->addGuestPermission(Kronolith::PERMS_DELEGATE, false); - } else { - $perm->removeGuestPermission(Kronolith::PERMS_DELEGATE, false); - } - } - - // Process creator permissions. - if (Horde_Util::getFormData('creator_show')) { - $perm->addCreatorPermission(Horde_Perms::SHOW, false); - } else { - $perm->removeCreatorPermission(Horde_Perms::SHOW, false); - } - if (Horde_Util::getFormData('creator_read')) { - $perm->addCreatorPermission(Horde_Perms::READ, false); - } else { - $perm->removeCreatorPermission(Horde_Perms::READ, false); - } - if (Horde_Util::getFormData('creator_edit')) { - $perm->addCreatorPermission(Horde_Perms::EDIT, false); - } else { - $perm->removeCreatorPermission(Horde_Perms::EDIT, false); - } - if (Horde_Util::getFormData('creator_delete')) { - $perm->addCreatorPermission(Horde_Perms::DELETE, false); - } else { - $perm->removeCreatorPermission(Horde_Perms::DELETE, false); - } - if (Horde_Util::getFormData('creator_delegate')) { - $perm->addCreatorPermission(Kronolith::PERMS_DELEGATE, false); - } else { - $perm->removeCreatorPermission(Kronolith::PERMS_DELEGATE, false); - } - - // Process user permissions. - $u_names = Horde_Util::getFormData('u_names'); - $u_show = Horde_Util::getFormData('u_show'); - $u_read = Horde_Util::getFormData('u_read'); - $u_edit = Horde_Util::getFormData('u_edit'); - $u_delete = Horde_Util::getFormData('u_delete'); - $u_delegate = Horde_Util::getFormData('u_delegate'); - - foreach ($u_names as $key => $user_backend) { - // Apply backend hooks - $user = Horde_Auth::convertUsername($user_backend, true); - // If the user is empty, or we've already set permissions - // via the owner_ options, don't do anything here. - if (empty($user) || $user == $new_owner) { - continue; - } - if ($auth->hasCapability('list') && !$auth->exists($user_backend)) { - $notification->push(sprintf(_("The user \"%s\" does not exist."), $user_backend), 'horde.error'); - continue; - } - - if (!empty($u_show[$key])) { - $perm->addUserPermission($user, Horde_Perms::SHOW, false); - } else { - $perm->removeUserPermission($user, Horde_Perms::SHOW, false); - } - if (!empty($u_read[$key])) { - $perm->addUserPermission($user, Horde_Perms::READ, false); - } else { - $perm->removeUserPermission($user, Horde_Perms::READ, false); - } - if (!empty($u_edit[$key])) { - $perm->addUserPermission($user, Horde_Perms::EDIT, false); - } else { - $perm->removeUserPermission($user, Horde_Perms::EDIT, false); - } - if (!empty($u_delete[$key])) { - $perm->addUserPermission($user, Horde_Perms::DELETE, false); - } else { - $perm->removeUserPermission($user, Horde_Perms::DELETE, false); - } - if (!empty($u_delegate[$key])) { - $perm->addUserPermission($user, Kronolith::PERMS_DELEGATE, false); - } else { - $perm->removeUserPermission($user, Kronolith::PERMS_DELEGATE, false); - } - } - - // Process group permissions. - $g_names = Horde_Util::getFormData('g_names'); - $g_show = Horde_Util::getFormData('g_show'); - $g_read = Horde_Util::getFormData('g_read'); - $g_edit = Horde_Util::getFormData('g_edit'); - $g_delete = Horde_Util::getFormData('g_delete'); - $g_delegate = Horde_Util::getFormData('g_delegate'); - - foreach ($g_names as $key => $group) { - if (empty($group)) { - continue; - } - - if (!empty($g_show[$key])) { - $perm->addGroupPermission($group, Horde_Perms::SHOW, false); - } else { - $perm->removeGroupPermission($group, Horde_Perms::SHOW, false); - } - if (!empty($g_read[$key])) { - $perm->addGroupPermission($group, Horde_Perms::READ, false); - } else { - $perm->removeGroupPermission($group, Horde_Perms::READ, false); - } - if (!empty($g_edit[$key])) { - $perm->addGroupPermission($group, Horde_Perms::EDIT, false); - } else { - $perm->removeGroupPermission($group, Horde_Perms::EDIT, false); - } - if (!empty($g_delete[$key])) { - $perm->addGroupPermission($group, Horde_Perms::DELETE, false); - } else { - $perm->removeGroupPermission($group, Horde_Perms::DELETE, false); - } - if (!empty($g_delegate[$key])) { - $perm->addGroupPermission($group, Kronolith::PERMS_DELEGATE, false); - } else { - $perm->removeGroupPermission($group, Kronolith::PERMS_DELEGATE, false); - } - } - - $result = $share->setPermission($perm, false); - if ($result instanceof PEAR_Error) { - $notification->push($result, 'horde.error'); - } else { - $result = $share->save(); - if ($result instanceof PEAR_Error) { - $notification->push($result, 'horde.error'); - } else { - if (Horde_Util::getFormData('save_and_finish')) { - echo Horde::wrapInlineScript(array('window.close();')); - exit; + try { + $errors = Kronolith::readPermsForm($share); + if ($errors) { + foreach ($errors as $error) { + $notification->push($error, 'horde.error'); } - $notification->push(sprintf(_("Updated \"%s\"."), $share->get('name')), 'horde.success'); + } elseif (Horde_Util::getFormData('save_and_finish')) { + echo Horde::wrapInlineScript(array('window.close();')); + exit; } + $notification->push(sprintf(_("Updated \"%s\"."), $share->get('name')), 'horde.success'); + } catch (Exception $e) { + $notification->push($e, 'horde.error'); } + $perm = $share->getPermission(); } break; }