From a9f1b47ffa8a5c81841b0006064d571b260a8d64 Mon Sep 17 00:00:00 2001 From: Michael M Slusarz Date: Tue, 1 Jun 2010 01:05:01 -0600 Subject: [PATCH] Move isAdmin() from horde/Auth to horde/Core --- agora/editforum.php | 4 +-- agora/forums.php | 2 +- agora/lib/Agora.php | 2 +- agora/lib/Block/forums.php | 2 +- agora/lib/Block/threads.php | 2 +- agora/lib/Messages.php | 8 ++--- agora/moderators.php | 4 +-- agora/owner.php | 2 +- ansel/gallery.php | 10 +++--- ansel/lib/Ansel.php | 2 +- ansel/lib/Api.php | 2 +- ansel/lib/Gallery.php | 6 ++-- ansel/perms.php | 2 +- ansel/scripts/all_images_exif_to_tags.php | 2 +- beatnik/lib/Beatnik.php | 2 +- beatnik/lib/Driver.php | 2 +- folks/config/hooks.php.dist | 6 ++-- folks/lib/Api.php | 5 +-- folks/lib/Driver.php | 4 +-- folks/lib/Friends/shared.php | 8 ++--- folks/perms.php | 2 +- folks/scripts/mail.php | 2 +- framework/Auth/lib/Horde/Auth.php | 35 -------------------- framework/Block/lib/Horde/Block/Collection.php | 14 ++++---- framework/Core/lib/Horde.php | 2 +- framework/Core/lib/Horde/ErrorHandler.php | 2 +- framework/Core/lib/Horde/Registry.php | 42 +++++++++++++++++++++--- gollem/lib/Gollem.php | 2 +- gollem/permissions.php | 6 +--- horde/lib/Api.php | 45 +++++++++++++------------- horde/lib/Prefs/Ui.php | 2 +- horde/services/portal/sidebar.php | 6 ++-- horde/services/shares/edit.php | 8 ++--- horde/templates/shares/edit.inc | 2 +- ingo/lib/Application.php | 2 +- ingo/lib/Storage/Sql.php | 3 +- jonah/lib/Jonah.php | 2 +- kronolith/calendars/delete.php | 2 +- kronolith/calendars/edit.php | 2 +- kronolith/calendars/index.php | 2 +- kronolith/delete.php | 2 +- kronolith/lib/Ajax/Imple/TagActions.php | 6 ++-- kronolith/lib/Api.php | 6 ++-- kronolith/lib/Application.php | 3 +- kronolith/lib/Driver/Resource.php | 2 +- kronolith/lib/Driver/Sql.php | 2 +- kronolith/lib/Event.php | 4 +-- kronolith/lib/Event/Resource.php | 6 +--- kronolith/lib/Forms/CreateCalendar.php | 2 +- kronolith/lib/Forms/EditCalendar.php | 2 +- kronolith/lib/Kronolith.php | 8 ++--- kronolith/lib/Resource/Base.php | 8 ++--- kronolith/perms.php | 4 +-- kronolith/resources/create.php | 6 ++-- kronolith/resources/delete.php | 2 +- kronolith/resources/edit.php | 2 +- kronolith/resources/groups/create.php | 2 +- kronolith/resources/groups/delete.php | 2 +- kronolith/resources/groups/edit.php | 2 +- kronolith/resources/groups/index.php | 2 +- kronolith/resources/index.php | 2 +- kronolith/templates/chunks/permissions.inc | 2 +- kronolith/templates/panel.inc | 2 +- kronolith/templates/perms/perms.inc | 2 +- luxor/lib/Luxor.php | 2 +- mnemo/lib/Api.php | 6 ++-- nag/lib/Api.php | 13 ++++---- nag/lib/Application.php | 2 +- nag/lib/Forms/CreateTaskList.php | 2 +- nag/lib/Forms/EditTaskList.php | 2 +- nag/lib/Nag.php | 4 +-- nag/tasklists/delete.php | 2 +- nag/tasklists/edit.php | 2 +- nag/tasklists/index.php | 2 +- news/add.php | 3 +- news/admin/tabs.php | 2 +- news/delete.php | 2 +- news/delete_file.php | 2 +- news/files.php | 7 ++-- news/lib/Categories.php | 2 +- news/lib/Driver.php | 4 +-- news/lib/Driver/sql.php | 2 +- news/lib/Forms/Search.php | 2 +- news/lib/News.php | 6 ++-- news/lib/Search.php | 3 +- news/templates/edit/row.php | 2 +- operator/lib/Driver.php | 4 +-- operator/lib/Operator.php | 4 +-- shout/lib/Shout.php | 6 ++-- turba/lib/Api.php | 3 +- turba/lib/Application.php | 3 +- turba/lib/Driver/Sql.php | 2 +- vilma/lib/Vilma.php | 2 +- vilma/virtuals/delete.php | 2 +- vilma/virtuals/edit.php | 2 +- vilma/virtuals/index.php | 2 +- whups/admin/index.php | 2 +- whups/lib/Api.php | 2 +- whups/lib/Forms/AddComment.php | 2 +- whups/lib/Forms/Admin/Queue.php | 2 +- whups/lib/Forms/Admin/Reply.php | 2 +- whups/lib/Whups.php | 9 +++--- whups/ticket/queue.php | 2 +- wicked/lib/Page.php | 8 ++--- wicked/lib/Page/StandardPage.php | 4 +-- wicked/templates/display/standard.inc | 2 +- 106 files changed, 237 insertions(+), 243 deletions(-) diff --git a/agora/editforum.php b/agora/editforum.php index 877a5161a..80ed3d102 100644 --- a/agora/editforum.php +++ b/agora/editforum.php @@ -23,11 +23,11 @@ $vars = Horde_Variables::getDefaultVariables(); $vars->set('forum_id', $forum_id); /* Check permissions */ -if ($forum_id && !Horde_Auth::isAdmin('agora:admin')) { +if ($forum_id && !$registry->isAdmin(array('permission' => 'agora:admin'))) { $notification->push(sprintf(_("You don't have permissions to edit forum %s"), $registry->get('name', $scope)), 'horde.warning'); header('Location: ' . Horde::applicationUrl('forums.php', true)); exit; -} elseif (!Horde_Auth::isAdmin('agora:admin')) { +} elseif (!$registry->isAdmin(array('permission' => 'agora:admin'))) { $notification->push(sprintf(_("You don't have permissions to create a new forum in %s"), $registry->get('name', $scope)), 'horde.warning'); header('Location: ' . Horde::applicationUrl('forums.php', true)); exit; diff --git a/agora/forums.php b/agora/forums.php index 934aaf7a4..23702f273 100644 --- a/agora/forums.php +++ b/agora/forums.php @@ -19,7 +19,7 @@ $scope = Horde_Util::getGet('scope', 'agora'); $forums = Agora_Messages::singleton($scope); /* Set up actions */ -if (Horde_Auth::isAdmin()) { +if ($registry->isAdmin()) { $url = Horde::applicationUrl('forums.php'); foreach ($registry->listApps(array('hidden', 'notoolbar', 'active')) as $app) { if ($registry->hasMethod('hasComments', $app) && diff --git a/agora/lib/Agora.php b/agora/lib/Agora.php index 4de487e82..f3649cd18 100644 --- a/agora/lib/Agora.php +++ b/agora/lib/Agora.php @@ -261,7 +261,7 @@ class Agora { $menu->add($url, _("_Moderate"), 'moderate.png', $img_dir); } - if (Horde_Auth::isAdmin()) { + if ($GLOBALS['registry']->isAdmin()) { $menu->add(Horde::applicationUrl('moderators.php'), _("_Moderators"), 'hot.png', $img_dir); } diff --git a/agora/lib/Block/forums.php b/agora/lib/Block/forums.php index e6b1caa18..e6c97a2b6 100644 --- a/agora/lib/Block/forums.php +++ b/agora/lib/Block/forums.php @@ -44,7 +44,7 @@ class Horde_Block_agora_forums extends Horde_Block { /* Set up the forums object. */ $forums = array(Agora_Messages::singleton()); - if (Horde_Auth::isAdmin()) { + if ($GLOBALS['registry']->isAdmin()) { foreach ($registry->listApps(array('hidden', 'notoolbar', 'active')) as $scope) { if ($registry->hasMethod('hasComments', $scope) && $registry->callByPackage($scope, 'hasComments') === true) { diff --git a/agora/lib/Block/threads.php b/agora/lib/Block/threads.php index 2c8b168c2..e07558f44 100644 --- a/agora/lib/Block/threads.php +++ b/agora/lib/Block/threads.php @@ -40,7 +40,7 @@ class Horde_Block_agora_threads extends Horde_Block { $forum_id = array( 'name' => _("Forum"), 'type' => 'enum', - 'values' => $forums->getForums(0, false, 'forum_name', 0, !Horde_Auth::isAdmin()), + 'values' => $forums->getForums(0, false, 'forum_name', 0, !$GLOBALS['registry']->isAdmin()), ); /* Display the last X number of threads. */ diff --git a/agora/lib/Messages.php b/agora/lib/Messages.php index b7c4e2b80..ee548f867 100644 --- a/agora/lib/Messages.php +++ b/agora/lib/Messages.php @@ -1110,7 +1110,7 @@ class Agora_Messages { $params = array(1); /* Check permissions */ - if (Horde_Auth::isAdmin('agora:admin') || + if ($GLOBALS['registry']->isAdmin(array('permission' => 'agora:admin')) || ($GLOBALS['injector']->getInstance('Horde_Perms')->exists('agora:forums:' . $this->_scope) && $GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission('agora:forums:' . $this->_scope, Horde_Auth::getAuth(), Horde_Perms::DELETE))) { $sql .= ' AND scope = ? '; @@ -1811,14 +1811,14 @@ class Agora_Messages { $url = Agora::setAgoraId($forum_id, null, $edit_url, $forum['scope'], true); $forum['actions'][] = Horde::link($url, _("Post message")) . _("New Post") . ''; - if (Horde_Auth::isAdmin('agora:admin')) { + if ($GLOBALS['registry']->isAdmin(array('permission' => 'agora:admin'))) { /* Edit forum button. */ $url = Agora::setAgoraId($forum_id, null, $editforum_url, $forum['scope'], true); $forum['actions'][] = Horde::link($url, _("Edit forum")) . _("Edit") . ''; } } - if (Horde_Auth::isAdmin('agora:admin')) { + if ($GLOBALS['registry']->isAdmin(array('permission' => 'agora:admin'))) { /* Delete forum button. */ $url = Agora::setAgoraId($forum_id, null, $delete_url, $forum['scope'], true); $forum['actions'][] = Horde::link($url, _("Delete forum")) . _("Delete") . ''; @@ -2170,7 +2170,7 @@ class Agora_Messages { { // Allow all admins if (($forum_id === null && isset($this->_forum['author']) && $this->_forum['author'] == Horde_Auth::getAuth()) || - Horde_Auth::isAdmin('agora:admin')) { + $GLOBALS['registry']->isAdmin(array('permission' => 'agora:admin'))) { return true; } diff --git a/agora/moderators.php b/agora/moderators.php index f56d9f215..30dce9f4e 100644 --- a/agora/moderators.php +++ b/agora/moderators.php @@ -14,7 +14,7 @@ require_once dirname(__FILE__) . '/lib/Application.php'; Horde_Registry::appInit('agora'); -if (!Horde_Auth::isAdmin()) { +if (!$registry->isAdmin()) { header('Location: ' . Horde::applicationUrl('forums.php')); exit; } @@ -74,7 +74,7 @@ $form->addVariable(_("Moderator"), 'moderator', 'text', true); if ($messages->countForums() > 50) { $form->addVariable(_("Forum"), 'forum_id', 'int', true); } else { - $forums_enum = $messages->getForums(0, false, 'forum_name', 0, !Horde_Auth::isAdmin()); + $forums_enum = $messages->getForums(0, false, 'forum_name', 0, !$registry->isAdmin()); $form->addVariable(_("Forum"), 'forum_id', 'enum', true, false, false, array($forums_enum)); } diff --git a/agora/owner.php b/agora/owner.php index 043e0f826..b18ceb124 100644 --- a/agora/owner.php +++ b/agora/owner.php @@ -21,7 +21,7 @@ if (!Horde_Auth::isAuthenticated()) { /* Default to agora and current user if is not an admin. */ $scope = Horde_Util::getGet('scope', 'agora'); -$owner = Horde_Auth::isAdmin() ? Horde_Util::getGet('owner', Horde_Auth::getAuth()) : Horde_Auth::getAuth(); +$owner = $registry->isAdmin() ? Horde_Util::getGet('owner', Horde_Auth::getAuth()) : Horde_Auth::getAuth(); /* Get the sorting. */ $sort_by = Agora::getSortBy('threads'); diff --git a/ansel/gallery.php b/ansel/gallery.php index ad4ab18d5..768121ef1 100644 --- a/ansel/gallery.php +++ b/ansel/gallery.php @@ -120,9 +120,9 @@ case 'modify': case 'save': // Check general permissions. - if (!Horde_Auth::isAdmin() && - ($GLOBALS['injector']->getInstance('Horde_Perms')->exists('ansel') && - !$GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission('ansel', Horde_Auth::getAuth(), Horde_Perms::EDIT))) { + if (!$registry->isAdmin() && + ($injector->getInstance('Horde_Perms')->exists('ansel') && + !$injector->getInstance('Horde_Perms')->hasPermission('ansel', Horde_Auth::getAuth(), Horde_Perms::EDIT))) { $notification->push(_("Access denied editing galleries."), 'horde.error'); header('Location: ' . Horde::applicationUrl('view.php?view=List', true)); exit; @@ -272,8 +272,8 @@ case 'save': } // Clear the OtherGalleries widget cache - if ($GLOBALS['conf']['ansel_cache']['usecache']) { - $GLOBALS['injector']->getInstance('Horde_Cache')->expire('Ansel_OtherGalleries' . $gallery->get('owner')); + if ($conf['ansel_cache']['usecache']) { + $injector->getInstance('Horde_Cache')->expire('Ansel_OtherGalleries' . $gallery->get('owner')); } // Return to the last view. diff --git a/ansel/lib/Ansel.php b/ansel/lib/Ansel.php index 7cf055338..3c25fc12e 100644 --- a/ansel/lib/Ansel.php +++ b/ansel/lib/Ansel.php @@ -591,7 +591,7 @@ class Ansel } /* Let authenticated users create new galleries. */ - if (Horde_Auth::isAdmin() || + if ($GLOBALS['registry']->isAdmin() || (!$GLOBALS['injector']->getInstance('Horde_Perms')->exists('ansel') && Horde_Auth::getAuth()) || $GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission('ansel', Horde_Auth::getAuth(), Horde_Perms::EDIT)) { $menu->add(Horde::applicationUrl(Horde_Util::addParameter('gallery.php', 'actionID', 'add')), diff --git a/ansel/lib/Api.php b/ansel/lib/Api.php index c7aa5545d..da35f3599 100644 --- a/ansel/lib/Api.php +++ b/ansel/lib/Api.php @@ -436,7 +436,7 @@ class Ansel_Api extends Horde_Registry_Api */ public function createGallery($app = null, $attributes = array(), $perm = null, $parent = null) { - if (!(Horde_Auth::isAdmin() || + if (!($GLOBALS['registry']->isAdmin() || (!$GLOBALS['injector']->getInstance('Horde_Perms')->exists('ansel') && Horde_Auth::getAuth()) || $GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission('ansel', Horde_Auth::getAuth(), Horde_Perms::EDIT))) { diff --git a/ansel/lib/Gallery.php b/ansel/lib/Gallery.php index af87b7f6a..eb692ac2e 100644 --- a/ansel/lib/Gallery.php +++ b/ansel/lib/Gallery.php @@ -89,7 +89,7 @@ class Ansel_Gallery extends Horde_Share_Object_Sql_Hierarchical { if (Horde_Auth::getAuth() && (Horde_Auth::getAuth() == $this->data['share_owner'] || - Horde_Auth::isAdmin('ansel:admin'))) { + $GLOBALS['registry']->isAdmin(array('permission' => 'ansel:admin')))) { return true; } @@ -791,7 +791,7 @@ class Ansel_Gallery extends Horde_Share_Object_Sql_Hierarchical public function hasPermission($userid, $permission, $creator = null) { if ($userid == $this->data['share_owner'] || - Horde_Auth::isAdmin('ansel:admin')) { + $GLOBALS['registry']->isAdmin(array('permission' => 'ansel:admin'))) { return true; } @@ -841,7 +841,7 @@ class Ansel_Gallery extends Horde_Share_Object_Sql_Hierarchical { if (Horde_Auth::getAuth() && (Horde_Auth::getAuth() == $this->get('owner') || - Horde_Auth::isAdmin('ansel:admin'))) { + $GLOBALS['registry']->isAdmin(array('permission' => 'ansel:admin')))) { return false; } diff --git a/ansel/perms.php b/ansel/perms.php index d0a568ca5..84481ea04 100644 --- a/ansel/perms.php +++ b/ansel/perms.php @@ -69,7 +69,7 @@ case 'editforminherit': $old_owner = $share->get('owner'); $new_owner = Horde_Util::getFormData('owner', $old_owner); if ($old_owner !== $new_owner && !empty($new_owner)) { - if ($old_owner != Horde_Auth::getAuth() && !Horde_Auth::isAdmin()) { + if ($old_owner != Horde_Auth::getAuth() && !$registry->isAdmin()) { $notification->push(_("Only the owner or system administrator may change ownership or owner permissions for a share"), 'horde.error'); } else { $share->set('owner', $new_owner); diff --git a/ansel/scripts/all_images_exif_to_tags.php b/ansel/scripts/all_images_exif_to_tags.php index 4451d4210..e3b0556a0 100755 --- a/ansel/scripts/all_images_exif_to_tags.php +++ b/ansel/scripts/all_images_exif_to_tags.php @@ -66,7 +66,7 @@ if (!empty($username) && !empty($password)) { $cli->fatal(_("You must specify a valid username and password.")); } -if (!Horde_Auth::isAdmin()) { +if (!$registry->isAdmin()) { $cli->fatal(_("You must login with an administrative account.")); } diff --git a/beatnik/lib/Beatnik.php b/beatnik/lib/Beatnik.php index e46d7acb1..3bc1610e3 100644 --- a/beatnik/lib/Beatnik.php +++ b/beatnik/lib/Beatnik.php @@ -471,7 +471,7 @@ class Beatnik { */ function hasPermission($permname, $permmask = null, $numparents = 0) { - if (Horde_Auth::isAdmin()) { + if ($GLOBALS['registry']->isAdmin()) { return true; } diff --git a/beatnik/lib/Driver.php b/beatnik/lib/Driver.php index 087d986ce..f7100ce8f 100644 --- a/beatnik/lib/Driver.php +++ b/beatnik/lib/Driver.php @@ -64,7 +64,7 @@ class Beatnik_Driver { return array(); } - if (!Horde_Auth::isAdmin() && + if (!$GLOBALS['registry']->isAdmin() && !$GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission('beatnik:domains', Horde_Auth::getAuth(), $perms)) { foreach ($domains as $id => $domain) { if (!$GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission('beatnik:domains:' . $domain['zonename'], Horde_Auth::getAuth(), $perms)) { diff --git a/folks/config/hooks.php.dist b/folks/config/hooks.php.dist index ec6be97a0..e682c7b6b 100644 --- a/folks/config/hooks.php.dist +++ b/folks/config/hooks.php.dist @@ -214,8 +214,8 @@ class Folks_Hooks switch ($app) { case 'gollem': - - if (Horde_Auth::isAdmin() || $group->userIsInGroup($user_uid, 1, false)) { + if ($GLOBALS['registry']->isAdmin() || + $group->userIsInGroup($user_uid, 1, false)) { $_GET['backend_key'] = 'kjbnzi78'; require $GLOBALS['registry']->get('fileroot', 'gollem') . '/redirect.php'; exit; @@ -226,7 +226,7 @@ class Folks_Hooks break; case 'imp': - if (Horde_Auth::isAdmin() + if ($GLOBALS['registry']->isAdmin() || $group->userIsInGroup($user_uid, 1, false) || $group->userIsInGroup($user_uid, 2, false)) { diff --git a/folks/lib/Api.php b/folks/lib/Api.php index 68de93be3..fb136310f 100644 --- a/folks/lib/Api.php +++ b/folks/lib/Api.php @@ -25,7 +25,7 @@ class Folks_Api extends Horde_Registry_Api public function __construct() { - if (!Horde_Auth::isAdmin()) { + if (!$GLOBALS['registry']->isAdmin()) { $this->disabled = array('removeUser', 'userList'); } } @@ -299,7 +299,8 @@ class Folks_Api extends Horde_Registry_Api { if (empty($user)) { $user = Horde_Auth::getAuth(); - } elseif ($user !== Horde_Auth::getAuth() && !Horde_Auth::isAdmin('admin:' . $scope)) { + } elseif ($user !== Horde_Auth::getAuth() && + !$GLOBALS['registry']->isAdmin(array('permission' => 'admin:' . $scope))) { return PEAR::raiseError(_("You cannot log activities for other users.")); } diff --git a/folks/lib/Driver.php b/folks/lib/Driver.php index 4f6808c19..24f741531 100644 --- a/folks/lib/Driver.php +++ b/folks/lib/Driver.php @@ -314,7 +314,7 @@ class Folks_Driver { } $profile = $GLOBALS['cache']->get('folksProfile' . $user, $GLOBALS['conf']['cache']['default_lifetime']); - if ($profile || (Horde_Auth::isAdmin() && Horde_Util::getGet('debug'))) { + if ($profile || ($GLOBALS['registry']->isAdmin() && Horde_Util::getGet('debug'))) { $profile = unserialize($profile); @@ -452,7 +452,7 @@ class Folks_Driver { */ public function deleteUser($user) { - if (!Horde_Auth::isAdmin()) { + if (!$GLOBALS['registry']->isAdmin()) { return false; } diff --git a/folks/lib/Friends/shared.php b/folks/lib/Friends/shared.php index 181f9621a..69345af85 100644 --- a/folks/lib/Friends/shared.php +++ b/folks/lib/Friends/shared.php @@ -81,11 +81,11 @@ class Folks_Friends_shared extends Folks_Friends_sql { $GLOBALS['folks_shares'] = $GLOBALS['injector']->getInstance('Horde_Share')->getScope(); $share = $GLOBALS['folks_shares']->getShareById($group); - + // Only owners of a group can delete them if (!Horde_Auth::getAuth() || (Horde_Auth::getAuth() != $share->get('owner') && - !Horde_Auth::isAdmin('folks:admin'))) { + !$GLOBALS['registry']->isAdmin(array('permission' => 'folks:admin')))) { return PEAR::raiseError("You can rename only your own groups."); } @@ -117,7 +117,7 @@ class Folks_Friends_shared extends Folks_Friends_sql { // Only owners of a group can delete them if (!Horde_Auth::getAuth() || (Horde_Auth::getAuth() != $share->get('owner') && - !Horde_Auth::isAdmin('folks:admin'))) { + !$GLOBALS['registry']->isAdmin(array('permission' => 'folks:admin')))) { return PEAR::raiseError("You can delete only your own groups."); } @@ -172,4 +172,4 @@ class Folks_Friends_shared extends Folks_Friends_sql { return $share->getId(); } -} \ No newline at end of file +} diff --git a/folks/perms.php b/folks/perms.php index 284ca0e03..4a7ba0d96 100644 --- a/folks/perms.php +++ b/folks/perms.php @@ -52,7 +52,7 @@ case 'editform': $old_owner = $share->get('owner'); $new_owner = Horde_Auth::convertUsername(Horde_Util::getFormData('owner', $old_owner), true); if ($old_owner !== $new_owner && !empty($new_owner)) { - if ($old_owner != Horde_Auth::getAuth() && !Horde_Auth::isAdmin()) { + if ($old_owner != Horde_Auth::getAuth() && !$registry->isAdmin()) { $notification->push(_("Only the owner or system administrator may change ownership or owner permissions for a share"), 'horde.error'); } else { $share->set('owner', $new_owner); diff --git a/folks/scripts/mail.php b/folks/scripts/mail.php index 49a80915d..3291bb97a 100644 --- a/folks/scripts/mail.php +++ b/folks/scripts/mail.php @@ -75,7 +75,7 @@ if (!empty($username) && !empty($password)) { } // Only admins can run this operation -if (!Horde_Auth::isAdmin('folks:admin')) { +if (!$registry->isAdmin(array('permission' => 'folks:admin'))) { $cli->fatal('ADMIN ONLY'); } diff --git a/framework/Auth/lib/Horde/Auth.php b/framework/Auth/lib/Horde/Auth.php index 19a041622..f145be26e 100644 --- a/framework/Auth/lib/Horde/Auth.php +++ b/framework/Auth/lib/Horde/Auth.php @@ -791,41 +791,6 @@ class Horde_Auth } /** - * Is the current user an administrator? - * - * @param string $permission Allow users with this permission admin access - * in the current context. - * @param integer $permlevel The level of permissions to check for. - * Defaults to Horde_Perms::EDIT. - * @param string $user The user to check. Defaults to - * self::getAuth(). - * - * @return boolean Whether or not this is an admin user. - */ - static public function isAdmin($permission = null, $permlevel = null, - $user = null) - { - if (is_null($user)) { - $user = self::getAuth(); - } - - if ($user && - @is_array($GLOBALS['conf']['auth']['admins']) && - in_array($user, $GLOBALS['conf']['auth']['admins'])) { - return true; - } - - if (!is_null($permission)) { - if (is_null($permlevel)) { - $permlevel = Horde_Perms::EDIT; - } - return $GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission($permission, $user, $permlevel); - } - - return false; - } - - /** * Runs the pre/post-authenticate hook and parses the result. * * @param string $userId The userId who has been authorized. diff --git a/framework/Block/lib/Horde/Block/Collection.php b/framework/Block/lib/Horde/Block/Collection.php index 2510c1f66..145d8b70b 100644 --- a/framework/Block/lib/Horde/Block/Collection.php +++ b/framework/Block/lib/Horde/Block/Collection.php @@ -141,13 +141,15 @@ class Horde_Block_Collection public function getBlock($app, $name, $params = null, $row = null, $col = null) { - if (($GLOBALS['registry']->get('status', $app) == 'inactive') || - (($GLOBALS['registry']->get('status', $app) == 'admin') && - !Horde_Auth::isAdmin())) { + global $registry; + + if (($registry->get('status', $app) == 'inactive') || + (($registry->get('status', $app) == 'admin') && + !$registry->isAdmin())) { throw new Horde_Exception(sprintf('%s is not activated.', $GLOBALS['registry']->get('name', $app))); } - $path = $GLOBALS['registry']->get('fileroot', $app) . '/lib/Block/' . $name . '.php'; + $path = $registry->get('fileroot', $app) . '/lib/Block/' . $name . '.php'; if (is_readable($path)) { include_once $path; } @@ -157,10 +159,10 @@ class Horde_Block_Collection throw new Horde_Exception(sprintf('%s not found.', $class)); } - $pushed = $GLOBALS['registry']->pushApp($app); + $pushed = $registry->pushApp($app); $ob = new $class($params, $row, $col); if ($pushed) { - $GLOBALS['registry']->popApp($app); + $registry->popApp($app); } return $ob; diff --git a/framework/Core/lib/Horde.php b/framework/Core/lib/Horde.php index 9f9c11fd5..d26906fa5 100644 --- a/framework/Core/lib/Horde.php +++ b/framework/Core/lib/Horde.php @@ -95,7 +95,7 @@ class Horde static public function fatal($error, $file = null, $line = null, $log = true) { - $admin = Horde_Auth::isAdmin(); + $admin = $GLOBALS['registry']->isAdmin(); $cli = Horde_Cli::runningFromCLI(); $errortext = '

' . _("A fatal error has occurred") . '

'; diff --git a/framework/Core/lib/Horde/ErrorHandler.php b/framework/Core/lib/Horde/ErrorHandler.php index c70669470..ff0ec1313 100644 --- a/framework/Core/lib/Horde/ErrorHandler.php +++ b/framework/Core/lib/Horde/ErrorHandler.php @@ -180,7 +180,7 @@ class Horde_ErrorHandler */ public static function dump($errors) { - if (!Horde_Auth::isAdmin()) { + if (!$GLOBALS['registry']->isAdmin()) { return; } diff --git a/framework/Core/lib/Horde/Registry.php b/framework/Core/lib/Horde/Registry.php index cd6267dd6..ac48f7f01 100644 --- a/framework/Core/lib/Horde/Registry.php +++ b/framework/Core/lib/Horde/Registry.php @@ -182,7 +182,7 @@ class Horde_Registry try { $GLOBALS['registry']->pushApp($app, array('check_perms' => ($args['authentication'] != 'none'), 'logintasks' => !$args['nologintasks'])); - if ($args['admin'] && !Horde_Auth::isAdmin()) { + if ($args['admin'] && !$GLOBALS['registry']->isAdmin()) { throw new Horde_Exception('Not an admin'); } } catch (Horde_Exception $e) { @@ -481,7 +481,7 @@ class Horde_Registry if (($app['status'] != 'inactive') && isset($app['provides']) && - (($app['status'] != 'admin') || Horde_Auth::isAdmin())) { + (($app['status'] != 'admin') || $this->isAdmin())) { if (is_array($app['provides'])) { foreach ($app['provides'] as $interface) { $this->_cache['interfaces'][$interface] = $appName; @@ -531,7 +531,7 @@ class Horde_Registry /* Generate api/type cache. */ $status = array('active', 'notoolbar', 'hidden'); - if (Horde_Auth::isAdmin()) { + if ($this->isAdmin()) { $status[] = 'admin'; } @@ -1065,7 +1065,7 @@ class Horde_Registry /* Bail out if application is not present or inactive. */ if (!isset($this->applications[$app]) || $this->applications[$app]['status'] == 'inactive' || - ($this->applications[$app]['status'] == 'admin' && !Horde_Auth::isAdmin())) { + ($this->applications[$app]['status'] == 'admin' && !$this->isAdmin())) { throw new Horde_Exception($app . ' is not activated.', self::NOT_ACTIVE); } @@ -1224,7 +1224,7 @@ class Horde_Registry /* Otherwise, allow access for admins, for apps that do not have any * explicit permissions, or for apps that allow the given permission. */ - return Horde_Auth::isAdmin() || + return $this->isAdmin() || ($GLOBALS['injector']->getInstance('Horde_Perms')->exists($app) ? $GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission($app, Horde_Auth::getAuth(), $perms) : (bool)Horde_Auth::getAuth()); @@ -1588,4 +1588,36 @@ class Horde_Registry } } + /** + * Is a user an administrator? + * + * @param array $options Options: + * 
+     * 'permission' - (string) Allow users with this permission admin access
+     *                in the current context.
+     * @param integer $permlevel  The level of permissions to check for.
+     *                            Defaults to Horde_Perms::EDIT.
+     *
+ * @param string $user The user to check. Defaults to + * self::getAuth(). + * + * @return boolean Whether or not this is an admin user. + */ + public function isAdmin(array $options = array()) + { + $user = isset($options['user']) + ? $options['user'] + : Horde_Auth::getAuth(); + + if ($user && + @is_array($GLOBALS['conf']['auth']['admins']) && + in_array($user, $GLOBALS['conf']['auth']['admins'])) { + return true; + } + + return isset($options['permission']) + ? $GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission($options['permission'], $user, isset($options['permlevel']) ? $options['permlevel'] : Horde_Perms::EDIT) + : false; + } + } diff --git a/gollem/lib/Gollem.php b/gollem/lib/Gollem.php index 501b08524..b586c2b76 100644 --- a/gollem/lib/Gollem.php +++ b/gollem/lib/Gollem.php @@ -679,7 +679,7 @@ class Gollem if (!empty($_SESSION['gollem'])) { $backend_key = $_SESSION['gollem']['backend_key']; - if (Horde_Auth::isAdmin()) { + if ($GLOBALS['registry']->isAdmin()) { $menu->add(Horde_Util::addParameter(Horde::applicationUrl('permissions.php'), 'backend', $backend_key), _("_Permissions"), 'perms.png', Horde_Themes::img(null, 'horde')); } diff --git a/gollem/permissions.php b/gollem/permissions.php index e1b9193c3..794382271 100644 --- a/gollem/permissions.php +++ b/gollem/permissions.php @@ -9,11 +9,7 @@ */ require_once dirname(__FILE__) . '/lib/Application.php'; -Horde_Registry::appInit('gollem'); - -if (!Horde_Auth::isAdmin()) { - Horde_Auth::authenticateFailure('gollem', $e); -} +Horde_Registry::appInit('gollem', array('admin' => true)); if (!Gollem::getBackends('all')) { $title = _("Gollem Backend Permissions Administration"); diff --git a/horde/lib/Api.php b/horde/lib/Api.php index 5b047628b..2d44c67cd 100644 --- a/horde/lib/Api.php +++ b/horde/lib/Api.php @@ -200,7 +200,8 @@ class Horde_Api extends Horde_Registry_Api */ public function removeUserData($user) { - if (!Horde_Auth::isAdmin() && $user != Horde_Auth::getAuth()) { + if (!$GLOBALS['registry']->isAdmin() && + $user != Horde_Auth::getAuth()) { return PEAR::raiseError(_("You are not allowed to remove user data.")); } @@ -267,7 +268,7 @@ class Horde_Api extends Horde_Registry_Api */ public function removeUserDataFromAllApplications($user) { - if (!Auth::isAdmin() && $user != Auth::getAuth()) { + if (!$GLOBALS['registry']->isAdmin() && $user != Auth::getAuth()) { return PEAR::raiseError(_("You are not allowed to remove user data.")); } @@ -311,7 +312,7 @@ class Horde_Api extends Horde_Registry_Api */ public function addGroup($name, $parent = null) { - if (!Horde_Auth::isAdmin()) { + if (!$GLOBALS['registry']->isAdmin()) { return PEAR::raiseError(_("You are not allowed to add groups.")); } @@ -340,7 +341,7 @@ class Horde_Api extends Horde_Registry_Api */ public function removeGroup($name) { - if (!Horde_Auth::isAdmin()) { + if (!$GLOBALS['registry']->isAdmin()) { return PEAR::raiseError(_("You are not allowed to delete groups.")); } @@ -366,7 +367,7 @@ class Horde_Api extends Horde_Registry_Api */ public function addUserToGroup($name, $user) { - if (!Horde_Auth::isAdmin()) { + if (!$GLOBALS['registry']->isAdmin()) { return PEAR::raiseError(_("You are not allowed to change groups.")); } @@ -392,7 +393,7 @@ class Horde_Api extends Horde_Registry_Api */ public function addUsersToGroup($name, $users) { - if (!Horde_Auth::isAdmin()) { + if (!$GLOBALS['registry']->isAdmin()) { return PEAR::raiseError(_("You are not allowed to change groups.")); } @@ -422,7 +423,7 @@ class Horde_Api extends Horde_Registry_Api */ public function removeUserFromGroup($name, $user) { - if (!Horde_Auth::isAdmin()) { + if (!$GLOBALS['registry']->isAdmin()) { return PEAR::raiseError(_("You are not allowed to change groups.")); } @@ -448,7 +449,7 @@ class Horde_Api extends Horde_Registry_Api */ public function removeUsersFromGroup($name, $users) { - if (!Horde_Auth::isAdmin()) { + if (!$GLOBALS['registry']->isAdmin()) { return PEAR::raiseError(_("You are not allowed to change groups.")); } @@ -481,7 +482,7 @@ class Horde_Api extends Horde_Registry_Api */ public function listUsersOfGroup($name) { - if (!Horde_Auth::isAdmin()) { + if (!$GLOBALS['registry']->isAdmin()) { return PEAR::raiseError(_("You are not allowed to list users of groups.")); } @@ -508,7 +509,7 @@ class Horde_Api extends Horde_Registry_Api */ public function addShare($scope, $shareName, $shareTitle, $userName) { - if (!Horde_Auth::isAdmin()) { + if (!$GLOBALS['registry']->isAdmin()) { return PEAR::raiseError(_("You are not allowed to add shares.")); } @@ -536,7 +537,7 @@ class Horde_Api extends Horde_Registry_Api */ public function removeShare($scope, $shareName) { - if (!Horde_Auth::isAdmin()) { + if (!$GLOBALS['registry']->isAdmin()) { return PEAR::raiseError(_("You are not allowed to delete shares.")); } @@ -564,7 +565,7 @@ class Horde_Api extends Horde_Registry_Api */ public function listSharesOfOwner($scope, $userName) { - if (!Horde_Auth::isAdmin()) { + if (!$GLOBALS['registry']->isAdmin()) { return PEAR::raiseError(_("You are not allowed to list shares.")); } @@ -589,9 +590,9 @@ class Horde_Api extends Horde_Registry_Api * @param array $permissions A list of permissions (show, read, edit, delete). */ public function addUserPermissions($scope, $shareName, $userName, - $permissions) + $permissions) { - if (!Horde_Auth::isAdmin()) { + if (!$GLOBALS['registry']->isAdmin()) { return PEAR::raiseError(_("You are not allowed to change shares.")); } @@ -626,9 +627,9 @@ class Horde_Api extends Horde_Registry_Api * @param array $permissions A list of permissions (show, read, edit, delete). */ public function addGroupPermissions($scope, $shareName, $groupName, - $permissions) + $permissions) { - if (!Horde_Auth::isAdmin()) { + if (!$GLOBALS['registry']->isAdmin()) { return PEAR::raiseError(_("You are not allowed to change shares.")); } @@ -668,7 +669,7 @@ class Horde_Api extends Horde_Registry_Api */ public function removeUserPermissions($scope, $shareName, $userName) { - if (!Horde_Auth::isAdmin()) { + if (!$GLOBALS['registry']->isAdmin()) { return PEAR::raiseError(_("You are not allowed to change shares.")); } @@ -695,7 +696,7 @@ class Horde_Api extends Horde_Registry_Api */ public function removeGroupPermissions($scope, $shareName, $groupName) { - if (!Horde_Auth::isAdmin()) { + if (!$GLOBALS['registry']->isAdmin()) { return PEAR::raiseError(_("You are not allowed to change shares.")); } @@ -729,7 +730,7 @@ class Horde_Api extends Horde_Registry_Api */ public function listUserPermissions($scope, $shareName, $userName) { - if (!Horde_Auth::isAdmin()) { + if (!$GLOBALS['registry']->isAdmin()) { return PEAR::raiseError(_("You are not allowed to list share permissions.")); } @@ -770,7 +771,7 @@ class Horde_Api extends Horde_Registry_Api */ public function listGroupPermissions($scope, $shareName, $groupName) { - if (!Horde_Auth::isAdmin()) { + if (!$GLOBALS['registry']->isAdmin()) { return PEAR::raiseError(_("You are not allowed to list share permissions.")); } @@ -811,7 +812,7 @@ class Horde_Api extends Horde_Registry_Api */ public function listUsersOfShare($scope, $shareName, $permissions) { - if (!Horde_Auth::isAdmin()) { + if (!$GLOBALS['registry']->isAdmin()) { return PEAR::raiseError(_("You are not allowed to list users of shares.")); } @@ -844,7 +845,7 @@ class Horde_Api extends Horde_Registry_Api */ public function listGroupsOfShare($scope, $shareName, $permissions) { - if (!Horde_Auth::isAdmin()) { + if (!$GLOBALS['registry']->isAdmin()) { return PEAR::raiseError(_("You are not allowed to list groups of shares.")); } diff --git a/horde/lib/Prefs/Ui.php b/horde/lib/Prefs/Ui.php index 5629bec5e..61ffd6d99 100644 --- a/horde/lib/Prefs/Ui.php +++ b/horde/lib/Prefs/Ui.php @@ -29,7 +29,7 @@ class Horde_Prefs_Ui foreach ($apps as $a) { $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); if (file_exists($registry->get('fileroot', $a)) && - (($perms->exists($a) && ($perms->hasPermission($a, Horde_Auth::getAuth(), Horde_Perms::READ) || Horde_Auth::isAdmin())) || + (($perms->exists($a) && ($perms->hasPermission($a, Horde_Auth::getAuth(), Horde_Perms::READ) || $registry->isAdmin())) || !$perms->exists($a))) { $out[$a] = $registry->get('name', $a); } diff --git a/horde/services/portal/sidebar.php b/horde/services/portal/sidebar.php index a1d034c06..ca1644689 100644 --- a/horde/services/portal/sidebar.php +++ b/horde/services/portal/sidebar.php @@ -34,7 +34,7 @@ function canSee($app, $params, &$hasChildren) // Initialize variables we'll keep using in successive calls on // the first call. if (is_null($isAdmin)) { - $isAdmin = Horde_Auth::isAdmin(); + $isAdmin = $registry->isAdmin(); $user = Horde_Auth::getAuth(); } @@ -114,7 +114,7 @@ function buildMenu() } // Add the administration menu if the user is an admin. - if (Horde_Auth::isAdmin()) { + if ($registry->isAdmin()) { $menu['administration'] = array('name' => _("Administration"), 'icon' => (string)Horde_Themes::img('administration.png'), 'status' => 'heading'); @@ -157,7 +157,7 @@ function buildMenu() * application, and if the application is active. * Administrators always see all applications. */ try { - if ((Horde_Auth::isAdmin() && $params['status'] != 'inactive') || + if (($registry->isAdmin() && $params['status'] != 'inactive') || ($registry->hasPermission($application) && ($params['status'] == 'active'))) { $prefs_apps[$application] = _($params['name']); diff --git a/horde/services/shares/edit.php b/horde/services/shares/edit.php index 95499b763..e3b91333a 100644 --- a/horde/services/shares/edit.php +++ b/horde/services/shares/edit.php @@ -58,7 +58,7 @@ case 'edit': if (!Horde_Auth::getAuth() || (isset($share) && - !Horde_Auth::isAdmin() && + !$registry->isAdmin() && Horde_Auth::getAuth() != $share->get('owner'))) { exit('permission denied'); } @@ -73,7 +73,7 @@ case 'editform': if (!empty($share)) { if (!Horde_Auth::getAuth() || - (!Horde_Auth::isAdmin() && + (!$registry->isAdmin() && Horde_Auth::getAuth() != $share->get('owner'))) { exit('permission denied'); } @@ -84,7 +84,7 @@ case 'editform': $new_owner_backend = Horde_Util::getFormData('owner_select', Horde_Util::getFormData('owner_input', $old_owner)); $new_owner = Horde_Auth::convertUsername($new_owner_backend, true); if ($old_owner !== $new_owner && !empty($new_owner)) { - if ($old_owner != Horde_Auth::getAuth() && !Horde_Auth::isAdmin()) { + if ($old_owner != Horde_Auth::getAuth() && !$registry->isAdmin()) { $notification->push(_("Only the owner or system administrator may change ownership or owner permissions for a share"), 'horde.error'); } elseif ($auth->hasCapability('list') && !$auth->exists($new_owner_backend)) { $notification->push(sprintf(_("The user \"%s\" does not exist."), $new_owner_backend), 'horde.error'); @@ -94,7 +94,7 @@ case 'editform': } } - if (Horde_Auth::isAdmin() || + if ($registry->isAdmin() || !empty($GLOBALS['conf']['share']['world'])) { // Process default permissions. if (Horde_Util::getFormData('default_show')) { diff --git a/horde/templates/shares/edit.inc b/horde/templates/shares/edit.inc index df6a9d37f..772b14bb9 100644 --- a/horde/templates/shares/edit.inc +++ b/horde/templates/shares/edit.inc @@ -50,7 +50,7 @@ if (isset($userperms[$owner])) { - +isAdmin() || !empty($GLOBALS['conf']['share']['world'])): ?>   diff --git a/ingo/lib/Application.php b/ingo/lib/Application.php index 826919eac..ffc3f09bc 100644 --- a/ingo/lib/Application.php +++ b/ingo/lib/Application.php @@ -161,7 +161,7 @@ class Ingo_Application extends Horde_Registry_Application */ public function removeUserData($user) { - if (!Horde_Auth::isAdmin() && + if (!$GLOBALS['registry']->isAdmin() && ($user != Horde_Auth::getAuth())) { throw new Horde_Auth_Exception(_("You are not allowed to remove user data.")); } diff --git a/ingo/lib/Storage/Sql.php b/ingo/lib/Storage/Sql.php index 4ef3e4bb1..e52aef05f 100644 --- a/ingo/lib/Storage/Sql.php +++ b/ingo/lib/Storage/Sql.php @@ -391,7 +391,8 @@ class Ingo_Storage_Sql extends Ingo_Storage */ public function removeUserData($user) { - if (!Horde_Auth::isAdmin() && $user != Horde_Auth::getAuth()) { + if (!$GLOBALS['registry']->isAdmin() && + $user != Horde_Auth::getAuth()) { throw new Ingo_Exception(_("Permission Denied")); } diff --git a/jonah/lib/Jonah.php b/jonah/lib/Jonah.php index 85031479d..06b039ed9 100644 --- a/jonah/lib/Jonah.php +++ b/jonah/lib/Jonah.php @@ -117,7 +117,7 @@ class Jonah { */ function checkPermissions($filter, $permission = Horde_Perms::READ, $in = null) { - if (Horde_Auth::isAdmin('jonah:admin', $permission)) { + if ($GLOBALS['registry']->isAdmin(array('permission' => 'jonah:admin', 'permlevel' => $permission))) { if (empty($in)) { // Calls with no $in parameter are checking whether this user // has permission. Since this user is an admin, they always diff --git a/kronolith/calendars/delete.php b/kronolith/calendars/delete.php index e69b7a36e..281cf894c 100644 --- a/kronolith/calendars/delete.php +++ b/kronolith/calendars/delete.php @@ -34,7 +34,7 @@ try { exit; } if ($calendar->get('owner') != Horde_Auth::getAuth() && - (!is_null($calendar->get('owner')) || !Horde_Auth::isAdmin())) { + (!is_null($calendar->get('owner')) || !$registry->isAdmin())) { $notification->push(_("You are not allowed to delete this calendar."), 'horde.error'); header('Location: ' . Horde::applicationUrl('calendars/', true)); exit; diff --git a/kronolith/calendars/edit.php b/kronolith/calendars/edit.php index b165eb57c..c77947bec 100644 --- a/kronolith/calendars/edit.php +++ b/kronolith/calendars/edit.php @@ -28,7 +28,7 @@ try { exit; } if ($calendar->get('owner') != Horde_Auth::getAuth() && - (!is_null($calendar->get('owner')) || !Horde_Auth::isAdmin())) { + (!is_null($calendar->get('owner')) || !$registry->isAdmin())) { $notification->push(_("You are not allowed to change this calendar."), 'horde.error'); header('Location: ' . Horde::applicationUrl('calendars/', true)); exit; diff --git a/kronolith/calendars/index.php b/kronolith/calendars/index.php index 020ce6cad..81f323d69 100644 --- a/kronolith/calendars/index.php +++ b/kronolith/calendars/index.php @@ -51,7 +51,7 @@ foreach ($my_calendars as $calendar) { $calendars[$calendar->getName()] = $calendar; $sorted_calendars[$calendar->getName()] = $calendar->get('name'); } -if (Horde_Auth::isAdmin()) { +if ($registry->isAdmin()) { $system_calendars = $kronolith_shares->listSystemShares(); foreach ($system_calendars as $calendar) { $calendars[$calendar->getName()] = $calendar; diff --git a/kronolith/delete.php b/kronolith/delete.php index 0202aa412..130614940 100644 --- a/kronolith/delete.php +++ b/kronolith/delete.php @@ -37,7 +37,7 @@ if ($eventID = Horde_Util::getFormData('eventID')) { $have_perms = true; } } else { - if (!Horde_Auth::isAdmin()) { + if (!$registry->isAdmin()) { $notification->push(_("You do not have permission to delete this event."), 'horde.warning'); } else { $have_perms = true; diff --git a/kronolith/lib/Ajax/Imple/TagActions.php b/kronolith/lib/Ajax/Imple/TagActions.php index b6bac1451..af263f681 100644 --- a/kronolith/lib/Ajax/Imple/TagActions.php +++ b/kronolith/lib/Ajax/Imple/TagActions.php @@ -43,8 +43,6 @@ class Kronolith_Ajax_Imple_TagActions extends Horde_Ajax_Imple_Base */ public function handle($args, $post) { - global $ansel_storage; - $request = $args['action']; $content = array('id' => $post['resource'], 'type' => $post['type']); $tags = rawurldecode($post['tags']); @@ -60,7 +58,9 @@ class Kronolith_Ajax_Imple_TagActions extends Horde_Ajax_Imple_Base // $owner is null for system-owned shares, so an admin has perms, // otherwise, make sure the resource owner is the current user - $perm = empty($owner) ? Horde_Auth::isAdmin() : $owner == Horde_Auth::getAuth(); + $perm = empty($owner) + ? $GLOBALS['registry']->isAdmin() + : $owner == Horde_Auth::getAuth(); if ($perm) { $tagger = Kronolith::getTagger(); diff --git a/kronolith/lib/Api.php b/kronolith/lib/Api.php index 12b3d01be..a83fdd2e2 100644 --- a/kronolith/lib/Api.php +++ b/kronolith/lib/Api.php @@ -841,7 +841,7 @@ class Kronolith_Api extends Horde_Registry_Api $events = $kronolith_driver->getByUID($uid, null, true); $event = null; - if (Horde_Auth::isAdmin()) { + if ($GLOBALS['registry']->isAdmin()) { $event = $events[0]; } @@ -849,7 +849,7 @@ class Kronolith_Api extends Horde_Registry_Api if (empty($event)) { $ownerCalendars = Kronolith::listCalendars(true, Horde_Perms::DELETE); foreach ($events as $ev) { - if (Horde_Auth::isAdmin() || isset($ownerCalendars[$ev->calendar])) { + if ($GLOBALS['registry']->isAdmin() || isset($ownerCalendars[$ev->calendar])) { $event = $ev; break; } @@ -1136,7 +1136,7 @@ class Kronolith_Api extends Horde_Registry_Api require_once 'Horde/Group.php'; $current_user = Horde_Auth::getAuth(); - if ((empty($user) || $user != $current_user) && !Horde_Auth::isAdmin()) { + if ((empty($user) || $user != $current_user) && !$GLOBALS['registry']->isAdmin()) { throw new Horde_Exception_PermissionDenied(); } diff --git a/kronolith/lib/Application.php b/kronolith/lib/Application.php index 9b19b774b..1934be5f8 100644 --- a/kronolith/lib/Application.php +++ b/kronolith/lib/Application.php @@ -430,7 +430,8 @@ class Kronolith_Application extends Horde_Registry_Application */ public function removeUserData($user) { - if (!Horde_Auth::isAdmin() && $user != Horde_Auth::getAuth()) { + if (!$GLOBALS['registry']->isAdmin() && + $user != Horde_Auth::getAuth()) { throw new Kronolith_Exception(_("You are not allowed to remove user data.")); } diff --git a/kronolith/lib/Driver/Resource.php b/kronolith/lib/Driver/Resource.php index 16b9aec37..47d8013a5 100644 --- a/kronolith/lib/Driver/Resource.php +++ b/kronolith/lib/Driver/Resource.php @@ -166,7 +166,7 @@ class Kronolith_Driver_Resource extends Kronolith_Driver_Sql public function listResources($perms = Horde_Perms::READ, $filter = array()) { if (($perms & (Horde_Perms::EDIT | Horde_Perms::DELETE)) && - !Horde_Auth::isAdmin()) { + !$GLOBALS['registry']->isAdmin()) { return array(); } diff --git a/kronolith/lib/Driver/Sql.php b/kronolith/lib/Driver/Sql.php index 2b547ec2f..1e9520598 100644 --- a/kronolith/lib/Driver/Sql.php +++ b/kronolith/lib/Driver/Sql.php @@ -979,7 +979,7 @@ class Kronolith_Driver_Sql extends Kronolith_Driver { throw new Kronolith_Exception('to be refactored'); - if (!Horde_Auth::isAdmin()) { + if (!$GLOBALS['registry']->isAdmin()) { throw new Horde_Exception_PermissionDenied(); } diff --git a/kronolith/lib/Event.php b/kronolith/lib/Event.php index 8b002f8c2..2d68ace5c 100644 --- a/kronolith/lib/Event.php +++ b/kronolith/lib/Event.php @@ -1753,10 +1753,10 @@ abstract class Kronolith_Event $end = $this->end->format($twentyFour ? 'G:i' : 'g:ia'); // We explicitly allow admin access here for the alarms notifications. - if (!Horde_Auth::isAdmin() && $this->private && + if (!$GLOBALS['registry']->isAdmin() && $this->private && $this->creator != $user) { return _("busy"); - } elseif (Horde_Auth::isAdmin() || $this->hasPermission(Horde_Perms::READ, $user)) { + } elseif ($GLOBALS['registry']->isAdmin() || $this->hasPermission(Horde_Perms::READ, $user)) { return strlen($this->title) ? $this->title : _("[Unnamed event]"); } else { return _("busy"); diff --git a/kronolith/lib/Event/Resource.php b/kronolith/lib/Event/Resource.php index f42944a1f..bc059c79f 100644 --- a/kronolith/lib/Event/Resource.php +++ b/kronolith/lib/Event/Resource.php @@ -209,11 +209,7 @@ class Kronolith_Event_Resource extends Kronolith_Event */ public function hasPermission($permission, $user = null) { - if (Horde_Auth::isAdmin()) { - return true; - } - - return false; + return $GLOBALS['registry']->isAdmin(); } } diff --git a/kronolith/lib/Forms/CreateCalendar.php b/kronolith/lib/Forms/CreateCalendar.php index b95e7fd2a..c9ae419b4 100755 --- a/kronolith/lib/Forms/CreateCalendar.php +++ b/kronolith/lib/Forms/CreateCalendar.php @@ -25,7 +25,7 @@ class Kronolith_CreateCalendarForm extends Horde_Form $this->addVariable(_("Color"), 'color', 'colorpicker', false); $this->addVariable(_("Description"), 'description', 'longtext', false, false, null, array(4, 60)); $this->addVariable(_("Tags"), 'tags', 'text', false); - if (Horde_Auth::isAdmin()) { + if ($GLOBALS['registry']->isAdmin()) { $this->addVariable(_("System Calendar"), 'system', 'boolean', false, false, _("System calendars don't have an owner. Only administrators can change the calendar settings and permissions.")); } diff --git a/kronolith/lib/Forms/EditCalendar.php b/kronolith/lib/Forms/EditCalendar.php index 8c525a4d8..5dff62dd1 100644 --- a/kronolith/lib/Forms/EditCalendar.php +++ b/kronolith/lib/Forms/EditCalendar.php @@ -32,7 +32,7 @@ class Kronolith_EditCalendarForm extends Horde_Form $this->addVariable(_("Color"), 'color', 'colorpicker', false); $this->addVariable(_("Description"), 'description', 'longtext', false, false, null, array(4, 60)); $this->addVariable(_("Tags"), 'tags', 'text', false); - if (Horde_Auth::isAdmin()) { + if ($GLOBALS['registry']->isAdmin()) { $this->addVariable(_("System Calendar"), 'system', 'boolean', false, false, _("System calendars don't have an owner. Only administrators can change the calendar settings and permissions.")); } diff --git a/kronolith/lib/Kronolith.php b/kronolith/lib/Kronolith.php index 982937f6d..81559fc0b 100644 --- a/kronolith/lib/Kronolith.php +++ b/kronolith/lib/Kronolith.php @@ -1528,7 +1528,7 @@ class Kronolith { if (!Horde_Auth::getAuth() || ($calendar->get('owner') != Horde_Auth::getAuth() && - (!is_null($calendar->get('owner')) || !Horde_Auth::isAdmin()))) { + (!is_null($calendar->get('owner')) || !$GLOBALS['registry']->isAdmin()))) { throw new Kronolith_Exception(_("You are not allowed to change this calendar.")); } @@ -1563,7 +1563,7 @@ class Kronolith if (!Horde_Auth::getAuth() || ($calendar->get('owner') != Horde_Auth::getAuth() && - (!is_null($calendar->get('owner')) || !Horde_Auth::isAdmin()))) { + (!is_null($calendar->get('owner')) || !$GLOBALS['registry']->isAdmin()))) { throw new Kronolith_Exception(_("You are not allowed to delete this calendar.")); } @@ -1613,7 +1613,7 @@ class Kronolith $new_owner_backend = Horde_Util::getFormData('owner_select', Horde_Util::getFormData('owner_input', $old_owner)); $new_owner = Horde_Auth::convertUsername($new_owner_backend, true); if ($old_owner !== $new_owner && !empty($new_owner)) { - if ($old_owner != Horde_Auth::getAuth() && !Horde_Auth::isAdmin()) { + if ($old_owner != Horde_Auth::getAuth() && !$GLOBALS['registry']->isAdmin()) { $errors[] = _("Only the owner or system administrator may change ownership or owner permissions for a share"); } elseif ($auth->hasCapability('list') && !$auth->exists($new_owner_backend)) { $errors[] = sprintf(_("The user \"%s\" does not exist."), $new_owner_backend); @@ -1640,7 +1640,7 @@ class Kronolith } } - if (Horde_Auth::isAdmin() || + if ($GLOBALS['registry']->isAdmin() || !empty($GLOBALS['conf']['share']['world'])) { // Process default permissions. if (Horde_Util::getFormData('default_show')) { diff --git a/kronolith/lib/Resource/Base.php b/kronolith/lib/Resource/Base.php index e8ff47a46..5e66c3da4 100644 --- a/kronolith/lib/Resource/Base.php +++ b/kronolith/lib/Resource/Base.php @@ -93,11 +93,7 @@ abstract class Kronolith_Resource_Base */ public function hasPermission($user, $permission = Horde_Perms::READ, $restrict = null) { - if (Horde_Auth::isAdmin()) { - return true; - } - - return false; + return $GLOBALS['registry']->isAdmin(); } /** @@ -219,4 +215,4 @@ abstract class Kronolith_Resource_Base */ abstract public function getResponseType(); -} \ No newline at end of file +} diff --git a/kronolith/perms.php b/kronolith/perms.php index f1b99ca03..187e65ec0 100644 --- a/kronolith/perms.php +++ b/kronolith/perms.php @@ -44,7 +44,7 @@ case 'edit': if (!Horde_Auth::getAuth() || (isset($share) && - !Horde_Auth::isAdmin() && + !$registry->isAdmin() && Horde_Auth::getAuth() != $share->get('owner'))) { exit('permission denied'); } @@ -54,7 +54,7 @@ case 'editform': try { $share = $shares->getShareById(Horde_Util::getFormData('cid')); if (!Horde_Auth::getAuth() || - (!Horde_Auth::isAdmin() && + (!$registry->isAdmin() && Horde_Auth::getAuth() != $share->get('owner'))) { exit('permission denied'); } diff --git a/kronolith/resources/create.php b/kronolith/resources/create.php index 4067c552e..557775ea0 100644 --- a/kronolith/resources/create.php +++ b/kronolith/resources/create.php @@ -11,14 +11,14 @@ require_once dirname(__FILE__) . '/../lib/Application.php'; Horde_Registry::appInit('kronolith'); -require_once KRONOLITH_BASE . '/lib/Forms/CreateResource.php'; - // Exit if this isn't an authenticated, administrative user -if (!Horde_Auth::isAdmin()) { +if (!$registry->isAdmin()) { header('Location: ' . Horde::applicationUrl($prefs->getValue('defaultview') . '.php', true)); exit; } +require_once KRONOLITH_BASE . '/lib/Forms/CreateResource.php'; + $vars = Horde_Variables::getDefaultVariables(); $form = new Kronolith_CreateResourceForm($vars); diff --git a/kronolith/resources/delete.php b/kronolith/resources/delete.php index c2015c3f7..ddef5c238 100644 --- a/kronolith/resources/delete.php +++ b/kronolith/resources/delete.php @@ -14,7 +14,7 @@ Horde_Registry::appInit('kronolith'); require_once KRONOLITH_BASE . '/lib/Forms/DeleteResource.php'; // Exit if this isn't an authenticated administrative user. -if (!Horde_Auth::isAdmin()) { +if (!$registry->isAdmin()) { header('Location: ' . Horde::applicationUrl($prefs->getValue('defaultview') . '.php', true)); exit; } diff --git a/kronolith/resources/edit.php b/kronolith/resources/edit.php index 41d271e96..c465a91fd 100644 --- a/kronolith/resources/edit.php +++ b/kronolith/resources/edit.php @@ -14,7 +14,7 @@ Horde_Registry::appInit('kronolith'); require_once KRONOLITH_BASE . '/lib/Forms/EditResource.php'; // Exit if this isn't an authenticated administrative user. -if (!Horde_Auth::isAdmin()) { +if (!$registry->isAdmin()) { header('Location: ' . Horde::applicationUrl($prefs->getValue('defaultview') . '.php', true)); exit; } diff --git a/kronolith/resources/groups/create.php b/kronolith/resources/groups/create.php index 063fe23e6..05b3652ff 100644 --- a/kronolith/resources/groups/create.php +++ b/kronolith/resources/groups/create.php @@ -14,7 +14,7 @@ Horde_Registry::appInit('kronolith'); require_once KRONOLITH_BASE . '/lib/Forms/CreateResourceGroup.php'; // Exit if this isn't an authenticated, administrative user -if (!Horde_Auth::isAdmin()) { +if (!$registry->isAdmin()) { header('Location: ' . Horde::applicationUrl($prefs->getValue('defaultview') . '.php', true)); exit; } diff --git a/kronolith/resources/groups/delete.php b/kronolith/resources/groups/delete.php index d2e3f6d50..1003c4061 100644 --- a/kronolith/resources/groups/delete.php +++ b/kronolith/resources/groups/delete.php @@ -14,7 +14,7 @@ Horde_Registry::appInit('kronolith'); require_once KRONOLITH_BASE . '/lib/Forms/DeleteResourceGroup.php'; // Exit if this isn't an authenticated administrative user. -if (!Horde_Auth::isAdmin()) { +if (!$registry->isAdmin()) { header('Location: ' . Horde::applicationUrl($prefs->getValue('defaultview') . '.php', true)); exit; } diff --git a/kronolith/resources/groups/edit.php b/kronolith/resources/groups/edit.php index 161164f90..9c2bf752c 100644 --- a/kronolith/resources/groups/edit.php +++ b/kronolith/resources/groups/edit.php @@ -14,7 +14,7 @@ Horde_Registry::appInit('kronolith'); require_once KRONOLITH_BASE . '/lib/Forms/EditResourceGroup.php'; // Exit if this isn't an authenticated administrative user. -if (!Horde_Auth::isAdmin()) { +if (!$registry->isAdmin()) { header('Location: ' . Horde::applicationUrl($prefs->getValue('defaultview') . '.php', true)); exit; } diff --git a/kronolith/resources/groups/index.php b/kronolith/resources/groups/index.php index 22a68e4b8..400503159 100644 --- a/kronolith/resources/groups/index.php +++ b/kronolith/resources/groups/index.php @@ -40,7 +40,7 @@ function performAction(action, rid)

- +isAdmin()): ?>
" /> diff --git a/kronolith/resources/index.php b/kronolith/resources/index.php index 6afc017a2..42ddd1bcd 100644 --- a/kronolith/resources/index.php +++ b/kronolith/resources/index.php @@ -39,7 +39,7 @@ function performAction(action, rid)

- +isAdmin()): ?> " /> diff --git a/kronolith/templates/chunks/permissions.inc b/kronolith/templates/chunks/permissions.inc index a2088330a..ff28fdd90 100644 --- a/kronolith/templates/chunks/permissions.inc +++ b/kronolith/templates/chunks/permissions.inc @@ -93,7 +93,7 @@ if (count($groups) > 1) { - + isAdmin() || !empty($GLOBALS['conf']['share']['world'])): ?> diff --git a/kronolith/templates/panel.inc b/kronolith/templates/panel.inc index 0762f782a..4023f297f 100644 --- a/kronolith/templates/panel.inc +++ b/kronolith/templates/panel.inc @@ -68,7 +68,7 @@ $tagger = Kronolith::getTagger();


- + isAdmin() ? _("[Manage Resource Calendars]") : _("[Resource Calendars]"))?>

diff --git a/kronolith/templates/perms/perms.inc b/kronolith/templates/perms/perms.inc index c66374663..ffc7ea47e 100644 --- a/kronolith/templates/perms/perms.inc +++ b/kronolith/templates/perms/perms.inc @@ -40,7 +40,7 @@ - +isAdmin() || !empty($GLOBALS['conf']['share']['world'])): ?>   diff --git a/luxor/lib/Luxor.php b/luxor/lib/Luxor.php index 91110f318..1c6e912f6 100644 --- a/luxor/lib/Luxor.php +++ b/luxor/lib/Luxor.php @@ -286,7 +286,7 @@ class Luxor { global $source; - if (Horde_Auth::isAdmin()) { + if ($GLOBALS['registry']->isAdmin()) { return false; } diff --git a/mnemo/lib/Api.php b/mnemo/lib/Api.php index b428f82c7..0ae020809 100644 --- a/mnemo/lib/Api.php +++ b/mnemo/lib/Api.php @@ -27,7 +27,7 @@ class Mnemo_Api extends Horde_Registry_Api { */ public function removeUserData($user) { - if (!Horde_Auth::isAdmin() && $user != Horde_Auth::getAuth()) { + if (!$GLOBALS['registry']->isAdmin() && $user != Horde_Auth::getAuth()) { return PEAR::raiseError(_("You are not allowed to remove user data.")); } @@ -373,7 +373,7 @@ class Mnemo_Api extends Horde_Registry_Api { return $memo; } - if (!Horde_Auth::isAdmin() && + if (!$GLOBALS['registry']->isAdmin() && !array_key_exists($memo['memolist_id'], Mnemo::listNotepads(false, Horde_Perms::DELETE))) { return PEAR::raiseError(_("Permission Denied")); @@ -440,4 +440,4 @@ class Mnemo_Api extends Horde_Registry_Api { return PEAR::raiseError(sprintf(_("Unsupported Content-Type: %s"),$contentType)); } } -} \ No newline at end of file +} diff --git a/nag/lib/Api.php b/nag/lib/Api.php index 0d25b83f8..7cba2b99c 100644 --- a/nag/lib/Api.php +++ b/nag/lib/Api.php @@ -861,7 +861,7 @@ class Nag_Api extends Horde_Registry_Api !empty($task->private), Horde_Auth::getAuth(), isset($task->assignee) ? $task->assignee : null); - + /* array index 0 is id, 1 is uid */ return $results[1]; } @@ -876,7 +876,7 @@ class Nag_Api extends Horde_Registry_Api */ public function addTask($task) { - if (!Horde_Auth::isAdmin() && + if (!$GLOBALS['registry']->isAdmin() && !array_key_exists($task['tasklist'], Nag::listTasklists(false, Horde_Perms::EDIT))) { return PEAR::raiseError(_("Permission Denied")); @@ -1103,7 +1103,7 @@ class Nag_Api extends Horde_Registry_Api return $task; } - if (!Horde_Auth::isAdmin() && + if (!$GLOBALS['registry']->isAdmin() && !array_key_exists($task->tasklist, Nag::listTasklists(false, Horde_Perms::DELETE))) { return PEAR::raiseError(_("Permission Denied")); @@ -1120,7 +1120,7 @@ class Nag_Api extends Horde_Registry_Api */ public function deleteTask($tasklist, $id) { - if (!Horde_Auth::isAdmin() && + if (!$GLOBALS['registry']->isAdmin() && !array_key_exists($tasklist, Nag::listTasklists(false, Horde_Perms::DELETE))) { return PEAR::raiseError(_("Permission Denied")); @@ -1240,7 +1240,7 @@ class Nag_Api extends Horde_Registry_Api */ public function updateTask($tasklist, $id, $task) { - if (!Horde_Auth::isAdmin() && + if (!$GLOBALS['registry']->isAdmin() && !array_key_exists($tasklist, Nag::listTasklists(false, Horde_Perms::EDIT))) { return PEAR::raiseError(_("Permission Denied")); @@ -1372,7 +1372,8 @@ class Nag_Api extends Horde_Registry_Api { require_once 'Horde/Group.php'; - if ((empty($user) || $user != Horde_Auth::getAuth()) && !Horde_Auth::isAdmin()) { + if ((empty($user) || $user != Horde_Auth::getAuth()) && + !$GLOBALS['registry']->isAdmin()) { return PEAR::raiseError(_("Permission Denied")); } diff --git a/nag/lib/Application.php b/nag/lib/Application.php index aed9603cd..62488792f 100644 --- a/nag/lib/Application.php +++ b/nag/lib/Application.php @@ -234,7 +234,7 @@ class Nag_Application extends Horde_Registry_Application */ public function removeUserData($user) { - if (!Horde_Auth::isAdmin() && $user != Horde_Auth::getAuth()) { + if (!$GLOBALS['registry']->isAdmin() && $user != Horde_Auth::getAuth()) { return PEAR::raiseError(_("You are not allowed to remove user data.")); } diff --git a/nag/lib/Forms/CreateTaskList.php b/nag/lib/Forms/CreateTaskList.php index 2f3302ca4..ccdeb9875 100644 --- a/nag/lib/Forms/CreateTaskList.php +++ b/nag/lib/Forms/CreateTaskList.php @@ -30,7 +30,7 @@ class Nag_CreateTaskListForm extends Horde_Form { $this->addVariable(_("Name"), 'name', 'text', true); $this->addVariable(_("Color"), 'color', 'colorpicker', false); $this->addVariable(_("Description"), 'description', 'longtext', false, false, null, array(4, 60)); - if (Horde_Auth::isAdmin()) { + if ($GLOBALS['registry']->isAdmin()) { $this->addVariable(_("System Task List"), 'system', 'boolean', false, false, _("System task lists don't have an owner. Only administrators can change the task list settings and permissions.")); } diff --git a/nag/lib/Forms/EditTaskList.php b/nag/lib/Forms/EditTaskList.php index a4b88d068..c7499dab7 100644 --- a/nag/lib/Forms/EditTaskList.php +++ b/nag/lib/Forms/EditTaskList.php @@ -36,7 +36,7 @@ class Nag_EditTaskListForm extends Horde_Form { $this->addHidden('', 't', 'text', true); $this->addVariable(_("Task List Name"), 'name', 'text', true); $this->addVariable(_("Task List Description"), 'description', 'longtext', false, false, null, array(4, 60)); - if (Horde_Auth::isAdmin()) { + if ($GLOBALS['registry']->isAdmin()) { $this->addVariable(_("System Task List"), 'system', 'boolean', false, false, _("System task lists don't have an owner. Only administrators can change the task list settings and permissions.")); } diff --git a/nag/lib/Nag.php b/nag/lib/Nag.php index ece4d2b39..51899b107 100644 --- a/nag/lib/Nag.php +++ b/nag/lib/Nag.php @@ -469,7 +469,7 @@ class Nag { if (!Horde_Auth::getAuth() || ($tasklist->get('owner') != Horde_Auth::getAuth() && - (!is_null($tasklist->get('owner')) || !Horde_Auth::isAdmin()))) { + (!is_null($tasklist->get('owner')) || !$GLOBALS['registry']->isAdmin()))) { return PEAR::raiseError(_("You are not allowed to change this task list.")); } @@ -496,7 +496,7 @@ class Nag if (!Horde_Auth::getAuth() || ($tasklist->get('owner') != Horde_Auth::getAuth() && - (!is_null($tasklist->get('owner')) || !Horde_Auth::isAdmin()))) { + (!is_null($tasklist->get('owner')) || !$GLOBALS['registry']->isAdmin()))) { return PEAR::raiseError(_("You are not allowed to delete this task list.")); } diff --git a/nag/tasklists/delete.php b/nag/tasklists/delete.php index b3ccb0ea1..df83ef7c7 100644 --- a/nag/tasklists/delete.php +++ b/nag/tasklists/delete.php @@ -32,7 +32,7 @@ try { exit; } if ($tasklist->get('owner') != Horde_Auth::getAuth() && - (!is_null($tasklist->get('owner')) || !Horde_Auth::isAdmin())) { + (!is_null($tasklist->get('owner')) || !$GLOBALS['registry']->isAdmin())) { $notification->push(_("You are not allowed to delete this task list."), 'horde.error'); header('Location: ' . Horde::applicationUrl('tasklists/', true)); exit; diff --git a/nag/tasklists/edit.php b/nag/tasklists/edit.php index dd264ef70..4c7e375ca 100644 --- a/nag/tasklists/edit.php +++ b/nag/tasklists/edit.php @@ -26,7 +26,7 @@ try { exit; } if ($tasklist->get('owner') != Horde_Auth::getAuth() && - (!is_null($tasklist->get('owner')) || !Horde_Auth::isAdmin())) { + (!is_null($tasklist->get('owner')) || !$GLOBALS['registry']->isAdmin())) { $notification->push(_("You are not allowed to change this task list."), 'horde.error'); header('Location: ' . Horde::applicationUrl('tasklists/', true)); exit; diff --git a/nag/tasklists/index.php b/nag/tasklists/index.php index 2e2b0984d..3574baf8c 100644 --- a/nag/tasklists/index.php +++ b/nag/tasklists/index.php @@ -47,7 +47,7 @@ $sorted_tasklists = array(); foreach ($tasklists as $tasklist) { $sorted_tasklists[$tasklist->getName()] = $tasklist->get('name'); } -if (Horde_Auth::isAdmin()) { +if ($registry->isAdmin()) { $system_tasklists = $nag_shares->listSystemShares(); foreach ($system_tasklists as $tasklist) { $tasklists[$tasklist->getName()] = $tasklist; diff --git a/news/add.php b/news/add.php index 11fd755e9..786372120 100644 --- a/news/add.php +++ b/news/add.php @@ -215,8 +215,7 @@ if ($conf['attributes']['attachments']) { } } -if (Horde_Auth::isAdmin('news:admin')) { - +if ($registry->isAdmin(array('permission' => 'news:admin'))) { $form->setSection('admin', _("Admin"), '', true); $form->addVariable(_("News administrator options"), 'content', 'header', false); diff --git a/news/admin/tabs.php b/news/admin/tabs.php index 895be1832..53bcc4883 100644 --- a/news/admin/tabs.php +++ b/news/admin/tabs.php @@ -11,7 +11,7 @@ */ /* Only admin should be using this. */ -if (!Horde_Auth::isAdmin('news:admin')) { +if (!$registry->isAdmin(array('permission' => 'news:admin'))) { $notification->push(_("You are not authorised for this action."), 'horde.warning'); Horde_Auth::authenticateFailure('news'); } diff --git a/news/delete.php b/news/delete.php index 30e8974a4..ff0368425 100644 --- a/news/delete.php +++ b/news/delete.php @@ -15,7 +15,7 @@ require_once dirname(__FILE__) . '/lib/base.php'; -if (!Horde_Auth::isAdmin('news:admin')) { +if (!$registry->isAdmin(array('permission' => 'news:admin'))) { $notification->push(_("Only admin can delete a news.")); header('Location: ' . Horde::applicationUrl('edit.php')); exit; diff --git a/news/delete_file.php b/news/delete_file.php index cc686b75a..4078fcd07 100644 --- a/news/delete_file.php +++ b/news/delete_file.php @@ -15,7 +15,7 @@ require_once dirname(__FILE__) . '/lib/base.php'; -if (!Horde_Auth::isAdmin('news:admin')) { +if (!$registry->isAdmin(array('permission' => 'news:admin'))) { $notification->push(_("Only admin can delete a news.")); header('Location: ' . Horde::applicationUrl('edit.php')); exit; diff --git a/news/files.php b/news/files.php index a169d9a78..b3403539e 100644 --- a/news/files.php +++ b/news/files.php @@ -27,10 +27,9 @@ $file_size = Horde_Util::getFormData('file_size'); /* Run through action handlers. */ switch ($actionID) { case 'download_file': - $data = News::getFile($file_id); if ($data instanceof PEAR_Error) { - if (Horde_Auth::isAdmin('news:admin')) { + if ($registry->isAdmin(array('permission' => 'news:admin'))) { throw new Horde_Exception_Prior($data); } else { header('HTTP/1.0 404 Not Found'); @@ -47,7 +46,7 @@ case 'view_file': $data = News::getFile($file_id); if ($data instanceof PEAR_Error) { - if (Horde_Auth::isAdmin('news:admin')) { + if ($registry->isAdmin(array('permission' => 'news:admin'))) { throw new Horde_Exception_Prior($data); } else { header('HTTP/1.0 404 Not Found'); @@ -105,7 +104,7 @@ break; case 'download_zip': $data = News::getFile($file_id); if ($data instanceof PEAR_Error) { - if (Horde_Auth::isAdmin('news:admin')) { + if ($registry->isAdmin(array('permission' => 'news:admin'))) { throw new Horde_Exception_Prior($data); } else { header('HTTP/1.0 404 Not Found'); diff --git a/news/lib/Categories.php b/news/lib/Categories.php index 799a18bf4..270ce0003 100644 --- a/news/lib/Categories.php +++ b/news/lib/Categories.php @@ -240,7 +240,7 @@ class News_Categories { $cats = $this->getCategories(); $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); - if (Horde_Auth::isAdmin('news:admin') || + if ($GLOBALS['registry']->isAdmin(array('permission' => 'news:admin')) || $perms->hasPermission('news', Horde_Auth::getAuth(), $perm)) { return $cats; } diff --git a/news/lib/Driver.php b/news/lib/Driver.php index 2385cfd0d..bd27be06e 100644 --- a/news/lib/Driver.php +++ b/news/lib/Driver.php @@ -55,7 +55,7 @@ class News_Driver { public function get($id) { // Admins bypass the cache (can read nonpublished and locked news) - if (!Horde_Auth::isAdmin('news:admin')) { + if (!$GLOBALS['registry']->isAdmin(array('permission' => 'news:admin'))) { $key = 'news_' . News::getLang() . '_' . $id; $data = $GLOBALS['cache']->get($key, $GLOBALS['conf']['cache']['default_lifetime']); if ($data) { @@ -68,7 +68,7 @@ class News_Driver { return $data; } - if (!Horde_Auth::isAdmin('news:admin')) { + if (!$GLOBALS['registry']->isAdmin(array('permission' => 'news:admin'))) { $GLOBALS['cache']->set($key, serialize($data)); } diff --git a/news/lib/Driver/sql.php b/news/lib/Driver/sql.php index 4d0de1a13..cef316f0b 100644 --- a/news/lib/Driver/sql.php +++ b/news/lib/Driver/sql.php @@ -71,7 +71,7 @@ class News_Driver_sql extends News_Driver { ' WHERE n.id = ? AND n.id=l.id AND l.lang = ?'; /** TODO Allow for now to allow static linked news, but not shown in list - if (!Horde_Auth::isAdmin('news:admin')) { + if (!$registry->isAdmin(array('permission' => 'news:admin'))) { $query .= ' AND n.status = ' . News::CONFIRMED; } */ diff --git a/news/lib/Forms/Search.php b/news/lib/Forms/Search.php index 09f978603..85059a137 100644 --- a/news/lib/Forms/Search.php +++ b/news/lib/Forms/Search.php @@ -49,7 +49,7 @@ class News_Search extends Horde_Form { $this->addVariable(_("Unpublish"), 'unpublish', 'datetime', false, false, false, $GLOBALS['news']->datetimeParams()); $this->addVariable(_("User"), 'user', 'text', false, false, false); - if (Horde_Auth::isAdmin()) { + if ($GLOBALS['registry']->isAdmin()) { $this->addVariable(_("Editor"), 'editor', 'text', false, false, false); } diff --git a/news/lib/News.php b/news/lib/News.php index e64373448..a4a88fc25 100644 --- a/news/lib/News.php +++ b/news/lib/News.php @@ -191,7 +191,7 @@ class News { return ''; } - if (Horde_Auth::isAdmin('news:admin')) { + if ($GLOBALS['registry']->isAdmin(array('permission' => 'news:admin'))) { $delete_img = Horde::img('delete.png', _("Delete"), ' style="width: 16px height: 16px"'); $delete_url = Horde::applicationUrl('delete_file.php'); } @@ -211,7 +211,7 @@ class News { $html .= Horde::link(Horde_Util::addParameter($view_url, 'actionID', 'download_file'), sprintf(_("Dowload %s"), $file['file_name'])) . $dowload_img . ' ' . "\n"; $html .= Horde::link(Horde_Util::addParameter($view_url, 'actionID', 'view_file'), sprintf(_("Preview %s"), $file['file_name']), '', '_file_view'); $html .= Horde::img(Horde_Mime_Viewer::getIcon($file['file_type']), $file['file_name'], 'width="16" height="16"', '') . ' '; - if (Horde_Auth::isAdmin('news:admin')) { + if ($GLOBALS['registry']->isAdmin(array('permission' => 'news:admin'))) { $html .= Horde::link(Horde_Util::addParameter($delete_url, $file), sprintf(_("Delete %s"), $file['file_name'])) . $delete_img . ' ' . "\n"; } $html .= $file['file_name'] . ' ' . "\n"; @@ -458,7 +458,7 @@ class News { $menu->add(Horde::applicationUrl('cloud.php'), _("Tag cloud"), 'colorpicker.png', $img_dir); } - if (Horde_Auth::isAdmin('news:admin')) { + if ($GLOBALS['registry']->isAdmin(array('permission' => 'news:admin'))) { $menu->add(Horde::applicationUrl('edit.php'), _("Editorship"), 'config.png', $img_dir); $menu->add(Horde::applicationUrl('admin/categories/index.php'), _("Administration"), 'administration.png', $img_dir); } diff --git a/news/lib/Search.php b/news/lib/Search.php index 1c483d4a2..969d2474c 100644 --- a/news/lib/Search.php +++ b/news/lib/Search.php @@ -52,10 +52,9 @@ class News_Search extends Horde_Form { $this->addVariable(_("Unpublish"), 'unpublish', 'datetime', false, false, false, News::datetimeParams()); $this->addVariable(_("User"), 'user', 'text', false, false, false); - if (Horde_Auth::isAdmin()) { + if ($GLOBALS['registry']->isAdmin()) { $this->addVariable(_("Editor"), 'editor', 'text', false, false, false); } - } /** diff --git a/news/templates/edit/row.php b/news/templates/edit/row.php index 48852137f..3b21102a4 100644 --- a/news/templates/edit/row.php +++ b/news/templates/edit/row.php @@ -10,7 +10,7 @@ echo Horde::link(Horde_Util::addParameter($browse_url, 'id', $row['id']), _("Inf Horde::img('devel.png', _("Info"), '', $img_dir). '  '; /* admins options */ -if (Horde_Auth::isAdmin() || isset($allowed_cats[$row['category1']]) || isset($allowed_cats[$row['category2']])) { +if ($registry->isAdmin() || isset($allowed_cats[$row['category1']]) || isset($allowed_cats[$row['category2']])) { if ($row['status'] == News::CONFIRMED) { $url = Horde_Util::addParameter($browse_url, array('page' => $page, 'actionID' => 'deactivate', 'id' => $row['id'])); diff --git a/operator/lib/Driver.php b/operator/lib/Driver.php index 5aee87099..e6e9b0e38 100644 --- a/operator/lib/Driver.php +++ b/operator/lib/Driver.php @@ -45,7 +45,7 @@ class Operator_Driver { } $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); - if (Horde_Auth::isAdmin() || + if ($GLOBALS['registry']->isAdmin() || $perms->hasPermission('operator:accountcodes', Horde_Auth::getAuth(), Horde_Perms::READ) || @@ -82,7 +82,7 @@ class Operator_Driver { $permentry = 'operator:accountcodes:' . $accountcode; } $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); - if (Horde_Auth::isAdmin() || + if ($GLOBALS['registry']->isAdmin() || $perms->hasPermission('operator:accountcodes', Horde_Auth::getAuth(), Horde_Perms::READ) || diff --git a/operator/lib/Operator.php b/operator/lib/Operator.php index 70b170655..6c6b37cac 100644 --- a/operator/lib/Operator.php +++ b/operator/lib/Operator.php @@ -101,7 +101,7 @@ class Operator { $keys = $values = $operator->driver->getAccountCodes(); $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); - if (Horde_Auth::isAdmin() || + if ($GLOBALS['registry']->isAdmin() || $perms->hasPermission('operator:accountcodes', Horde_Auth::getAuth(), Horde_Perms::READ)) { @@ -134,7 +134,7 @@ class Operator { $permitem = 'operator:accountcodes:' . $accountcode; } - if (Horde_Auth::isAdmin() || + if ($GLOBALS['registry']->isAdmin() || $perms->hasPermission($permitem, Horde_Auth::getAuth(), Horde_Perms::SHOW)) { $accountcodes[$accountcode] = $values[$index]; } diff --git a/shout/lib/Shout.php b/shout/lib/Shout.php index e9d6ab1c2..97f34c2af 100644 --- a/shout/lib/Shout.php +++ b/shout/lib/Shout.php @@ -45,7 +45,7 @@ class Shout $menu->add(Horde::applicationUrl('conferences.php'), _("Conferences"), "conference.png"); /* Administration. */ - if (Horde_Auth::isAdmin('shout:admin')) { + if ($GLOBALS['registry']->isAdmin(array('permission' => 'shout:admin'))) { $menu->add(Horde::applicationUrl('admin.php'), _("_Admin"), 'admin.png'); } @@ -72,7 +72,9 @@ class Shout */ static public function checkRights($permname, $permmask = null, $numparents = 0) { - if (Horde_Auth::isAdmin()) { return true; } + if ($GLOBALS['registry']->isAdmin()) { + return true; + } if ($permmask === null) { $permmask = Horde_Perms::SHOW | Horde_Perms::READ; diff --git a/turba/lib/Api.php b/turba/lib/Api.php index 7c56b292f..56848b55d 100644 --- a/turba/lib/Api.php +++ b/turba/lib/Api.php @@ -976,7 +976,8 @@ class Turba_Api extends Horde_Registry_Api throw new Horde_Exception(sprintf(_("Connection failed: %s"), $driver->getMessage())); } - if (!Horde_Auth::isAdmin() && !$driver->hasPermission(Horde_Perms::DELETE)) { + if (!$GLOBALS['registry']->isAdmin() && + !$driver->hasPermission(Horde_Perms::DELETE)) { continue; } diff --git a/turba/lib/Application.php b/turba/lib/Application.php index 05f7f0a7f..d6103a33d 100644 --- a/turba/lib/Application.php +++ b/turba/lib/Application.php @@ -379,7 +379,8 @@ class Turba_Application extends Horde_Registry_Application */ public function removeUserData($user) { - if (!Horde_Auth::isAdmin() && $user != Horde_Auth::getAuth()) { + if (!$GLOBALS['registry']->isAdmin() && + $user != Horde_Auth::getAuth()) { return PEAR::raiseError(_("You are not allowed to remove user data.")); } diff --git a/turba/lib/Driver/Sql.php b/turba/lib/Driver/Sql.php index 6f1425690..b05ae78f0 100644 --- a/turba/lib/Driver/Sql.php +++ b/turba/lib/Driver/Sql.php @@ -543,7 +543,7 @@ class Turba_Driver_Sql extends Turba_Driver function removeUserData($user) { // Make sure we are being called by an admin. - if (!Horde_Auth::isAdmin()) { + if (!$GLOBALS['registry']->isAdmin()) { return PEAR::raiseError(_("Permission denied")); } diff --git a/vilma/lib/Vilma.php b/vilma/lib/Vilma.php index 328de4524..3d6f5a304 100644 --- a/vilma/lib/Vilma.php +++ b/vilma/lib/Vilma.php @@ -25,7 +25,7 @@ class Vilma { function hasPermission($domain, $permmask = null) { // FIXME Should this really be the case? Superadmin is more granular - if (Horde_Auth::isAdmin()) { + if ($GLOBALS['registry']->isAdmin()) { return true; } diff --git a/vilma/virtuals/delete.php b/vilma/virtuals/delete.php index 0634ff53b..a1a9fa5b2 100644 --- a/vilma/virtuals/delete.php +++ b/vilma/virtuals/delete.php @@ -13,7 +13,7 @@ require_once VILMA_BASE . '/lib/base.php'; require_once 'Horde/Form.php'; /* Only admin should be using this. */ -if (!Horde_Auth::isAdmin()) { +if (!$registry->isAdmin()) { Horde_Auth::authenticateFailure('vilma', $e); } diff --git a/vilma/virtuals/edit.php b/vilma/virtuals/edit.php index 5495081d9..a0229692e 100644 --- a/vilma/virtuals/edit.php +++ b/vilma/virtuals/edit.php @@ -14,7 +14,7 @@ require_once 'Horde/Form.php'; require_once 'Horde/Form/Action.php'; /* Only admin should be using this. */ -if (!Horde_Auth::isAdmin() && !Vilma::isDomainAdmin()) { +if (!$registry->isAdmin() && !Vilma::isDomainAdmin()) { Horde_Auth::authenticateFailure('vilma', $e); } diff --git a/vilma/virtuals/index.php b/vilma/virtuals/index.php index a3b635b89..11fccc876 100644 --- a/vilma/virtuals/index.php +++ b/vilma/virtuals/index.php @@ -12,7 +12,7 @@ require_once VILMA_BASE . '/lib/base.php'; /* Only admin should be using this. */ -if (!Horde_Auth::isAdmin() && !Vilma::isDomainAdmin()) { +if (!$registry->isAdmin() && !Vilma::isDomainAdmin()) { Horde_Auth::authenticateFailure('vilma', $e); } diff --git a/whups/admin/index.php b/whups/admin/index.php index 4c4390bfd..4d6391f9d 100644 --- a/whups/admin/index.php +++ b/whups/admin/index.php @@ -11,7 +11,7 @@ require_once dirname(__FILE__) . '/../lib/Application.php'; Horde_Registry::appInit('whups'); -if (!Horde_Auth::isAdmin('whups:admin')) { +if (!$registry->isAdmin(array('permission' => 'whups:admin'))) { Horde_Auth::authenticateFailure('whups', $e); } diff --git a/whups/lib/Api.php b/whups/lib/Api.php index 1bb90f694..979461784 100644 --- a/whups/lib/Api.php +++ b/whups/lib/Api.php @@ -78,7 +78,7 @@ class Whups_Api extends Horde_Registry_Api */ public function addQueue($name) { - if (Horde_Auth::isAdmin('whups:admin')) { + if ($GLOBALS['registry']->isAdmin(array('permission' => 'whups:admin'))) { return $GLOBALS['whups_driver']->addQueue($name, ''); } else { return PEAR::raiseError('You must be an administrator to perform this action.'); diff --git a/whups/lib/Forms/AddComment.php b/whups/lib/Forms/AddComment.php index e4bcb43d0..76ba7c70f 100644 --- a/whups/lib/Forms/AddComment.php +++ b/whups/lib/Forms/AddComment.php @@ -23,7 +23,7 @@ class AddCommentForm extends Horde_Form { $this->addVariable(_("Watch this ticket"), 'add_watch', 'boolean', false); /* Group restrictions. */ - if (Horde_Auth::isAdmin('whups:admin') || + if ($GLOBALS['registry']->isAdmin(array('permission' => 'whups:admin')) || $GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission('whups:hiddenComments', Horde_Auth::getAuth(), Horde_Perms::EDIT)) { $groups = &Group::singleton(); $mygroups = $groups->getGroupMemberships(Horde_Auth::getAuth()); diff --git a/whups/lib/Forms/Admin/Queue.php b/whups/lib/Forms/Admin/Queue.php index 77256c230..b950cb543 100644 --- a/whups/lib/Forms/Admin/Queue.php +++ b/whups/lib/Forms/Admin/Queue.php @@ -137,7 +137,7 @@ class EditQueueStep2Form extends Horde_Form { array($userlink)); /* Permissions link. */ - if (Horde_Auth::isAdmin('whups:admin', Horde_Perms::EDIT)) { + if ($GLOBALS['registry']->isAdmin(array('permission' => 'whups:admin', 'permlevel' => Horde_Perms::EDIT))) { $permslink = array( 'text' => _("Edit the permissions on this queue"), 'url' => Horde_Util::addParameter(Horde_Util::addParameter(Horde::url($GLOBALS['registry']->get('webroot', 'horde') . '/admin/perms/edit.php'), 'category', "whups:queues:$queue"), 'autocreate', '1')); diff --git a/whups/lib/Forms/Admin/Reply.php b/whups/lib/Forms/Admin/Reply.php index b13049055..4ce02630a 100644 --- a/whups/lib/Forms/Admin/Reply.php +++ b/whups/lib/Forms/Admin/Reply.php @@ -74,7 +74,7 @@ class EditReplyStep2Form extends Horde_Form { $ptext->setDefault($info['reply_text']); /* Permissions link. */ - if (Horde_Auth::isAdmin('whups:admin', Horde_Perms::EDIT)) { + if ($GLOBALS['registry']->isAdmin(array('permission' => 'whups:admin', 'permlevel' => Horde_Perms::EDIT))) { $permslink = array( 'text' => _("Edit the permissions on this form reply"), 'url' => Horde_Util::addParameter(Horde_Util::addParameter(Horde::url($GLOBALS['registry']->get('webroot', 'horde') . '/admin/perms/edit.php'), 'category', "whups:replies:$reply"), 'autocreate', '1')); diff --git a/whups/lib/Whups.php b/whups/lib/Whups.php index 15b52501e..0f5aa8907 100644 --- a/whups/lib/Whups.php +++ b/whups/lib/Whups.php @@ -345,11 +345,12 @@ class Whups { if ($permission == 'update' || $permission == 'assign' || $permission == 'requester') { - $admin = Horde_Auth::isAdmin('whups:admin', Horde_Perms::EDIT, $user); + $admin_perm = Horde_Perms::EDIT; } else { - $admin = Horde_Auth::isAdmin('whups:admin', $permission, $user); + $admin_perm = Horde_Perms::EDIT; } + $admin = $GLOBALS['registry']->isAdmin(array('permission' => 'whups:admin', 'permlevel' => $admin_perm, 'user' => $user)); $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); switch ($filter) { @@ -417,7 +418,7 @@ class Whups { $user = Horde_Auth::getAuth(); } - $admin = Horde_Auth::isAdmin('whups:admin', $permission, $user); + $admin = $GLOBALS['registry']->isAdmin(array('permission' => 'whups:admin', 'permlevel' => $permission, 'user' => $user)); $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); $out = array(); @@ -768,7 +769,7 @@ class Whups { $menu->add(Horde::applicationUrl('reports.php'), _("_Reports"), 'reports.png'); /* Administration. */ - if (Horde_Auth::isAdmin('whups:admin')) { + if ($GLOBALS['registry']->isAdmin(array('permission' => 'whups:admin'))) { $menu->add(Horde::applicationUrl('admin/'), _("_Admin"), 'admin.png'); } diff --git a/whups/ticket/queue.php b/whups/ticket/queue.php index 08e99637d..ceaf835af 100644 --- a/whups/ticket/queue.php +++ b/whups/ticket/queue.php @@ -31,7 +31,7 @@ class SetQueueStep1Form extends Horde_Form { $this->addVariable(_("Comment"), 'newcomment', 'longtext', false); /* Group restrictions. */ - if (Horde_Auth::isAdmin('whups:admin', Horde_Perms::EDIT) || + if ($GLOBALS['registry']->isAdmin(array('permission' => 'whups:admin', 'permlevel' => Horde_Perms::EDIT)) || $GLOBALS['injector']->getInstance('Horde_Perms')->hasPermission('whups:hiddenComments', Horde_Auth::getAuth(), Horde_Perms::EDIT)) { $groups = &Group::singleton(); diff --git a/wicked/lib/Page.php b/wicked/lib/Page.php index 51f083612..d9052e53a 100644 --- a/wicked/lib/Page.php +++ b/wicked/lib/Page.php @@ -109,7 +109,7 @@ class Page { return false; } - if (Horde_Auth::isAdmin()) { + if ($GLOBALS['registry']->isAdmin()) { return true; } @@ -128,7 +128,7 @@ class Page { return false; } - if (Horde_Auth::isAdmin()) { + if ($GLOBALS['registry']->isAdmin()) { return true; } @@ -142,7 +142,7 @@ class Page { return false; } - if (Horde_Auth::isAdmin()) { + if ($GLOBALS['registry']->isAdmin()) { return true; } @@ -153,7 +153,7 @@ class Page { // All other modes require READ permissions. default: - if (Horde_Auth::isAdmin()) { + if ($GLOBALS['registry']->isAdmin()) { return true; } diff --git a/wicked/lib/Page/StandardPage.php b/wicked/lib/Page/StandardPage.php index 444bb16c7..2ccfe8790 100644 --- a/wicked/lib/Page/StandardPage.php +++ b/wicked/lib/Page/StandardPage.php @@ -138,7 +138,7 @@ class StandardPage extends Page { if ($GLOBALS['browser']->isRobot()) { return false; } - if (Horde_Auth::isAdmin()) { + if ($GLOBALS['registry']->isAdmin()) { return true; } if (($this->getPermissions() & Horde_Perms::EDIT) == 0) { @@ -147,7 +147,7 @@ class StandardPage extends Page { break; case WICKED_MODE_UNLOCKING: - if (Horde_Auth::isAdmin()) { + if ($GLOBALS['registry']->isAdmin()) { return true; } if ($this->_lock) { diff --git a/wicked/templates/display/standard.inc b/wicked/templates/display/standard.inc index 21135390a..fabc4ae1b 100644 --- a/wicked/templates/display/standard.inc +++ b/wicked/templates/display/standard.inc @@ -88,7 +88,7 @@ if ($this->allows(WICKED_MODE_HISTORY)) { 'widget', '', '', _("Hi_story")); } -if (Horde_Auth::isAdmin()) { +if ($registry->isAdmin()) { separator(); $permsurl = Horde::url($GLOBALS['registry']->get('webroot', 'horde') . '/admin/perms/edit.php'); $permsurl = Horde_Util::addParameter( -- 2.11.0