1<?php 2 /***************************************************************************\ 3 * phpGroupWare - Web Content Manager * 4 * http://www.phpgroupware.org * 5 * ------------------------------------------------- * 6 * This program is free software; you can redistribute it and/or modify it * 7 * under the terms of the GNU General Public License as published by the * 8 * Free Software Foundation; either version 2 of the License, or (at your * 9 * option) any later version. * 10 \***************************************************************************/ 11 12define('SITEMGR_ACL_IS_ADMIN',1); 13 14 class ACL_BO 15 { 16 var $acl; 17 var $acl_so; 18 var $logged_in_user; 19 20 function ACL_BO() 21 { 22 $this->logged_in_user = $GLOBALS['phpgw_info']['user']['account_id']; 23 $this->acct = CreateObject('phpgwapi.accounts',$this->logged_in_user); 24 $this->acl = CreateObject('phpgwapi.acl',$this->logged_in_user); 25 $this->acl_so = CreateObject('sitemgr.ACL_SO'); 26 } 27 28 function is_admin($site_id=False) 29 { 30 if (!$site_id) 31 { 32 $site_id = CURRENT_SITE_ID; 33 } 34 return $this->acl_so->get_permission('L'.$site_id) & SITEMGR_ACL_IS_ADMIN; 35 } 36 37 function set_adminlist($site_id,$account_list) 38 { 39 $this->remove_location($site_id); 40 while (list($null,$account_id) = @each($account_list)) 41 { 42 $this->acl->add_repository('sitemgr','L'.$site_id,$account_id,SITEMGR_ACL_IS_ADMIN); 43 } 44 } 45 46 function remove_location($category_id) 47 { 48 // Used when a category_id is deleted 49 $this->acl_so->remove_location('L'.$category_id); 50 } 51 52 function copy_permissions($fromcat,$tocat) 53 { 54 $this->remove_location($tocat); 55 $this->acl_so->copy_rights('L'.$fromcat,'L'.$tocat); 56 } 57 58 function grant_permissions($user, $category_id, $can_read, $can_write) 59 { 60 $rights = 0; 61 if($can_read) 62 { 63 $rights = PHPGW_ACL_READ; 64 } 65 if($can_write) 66 { 67 $rights = ($rights | PHPGW_ACL_ADD); 68 } 69 70 if ($rights == 0) 71 { 72 return $this->acl->delete_repository('sitemgr','L'.$category_id,$user); 73 } 74 else 75 { 76 return $this->acl->add_repository('sitemgr','L'.$category_id,$user,$rights); 77 } 78 } 79 80 function get_user_permission_list($category_id) 81 { 82 return $this->get_permission_list($category_id, 'accounts'); 83 } 84 85 function get_group_permission_list($category_id) 86 { 87 return $this->get_permission_list($category_id, 'groups'); 88 } 89 90 function get_permission_list($category_id, $acct_type='') 91 { 92 /* 93 Though this is not the place for making database lookups, particularly 94 ones that look for things in the phpgwapi tables, the stupid get_rights 95 and get_specific_rights and other lookup functions DON'T WORK. 96 */ 97 $users = $GLOBALS['phpgw']->accounts->get_list($acct_type); 98 99 $permissions = Array(); 100 101 reset($users); 102 while(list($k,$v) = each($users)) 103 { 104 $account_id = $v['account_id']; 105 //unset($this->acl); 106 //$this->acl = CreateObject('phpgwapi.acl',$account_id); 107 //$rights = $this->acl->get_specific_rights('L'.$category_id,'sitemgr'); 108 $rights = $this->acl_so->get_rights($account_id, 'L'.$category_id); 109 $permissions[$account_id] = $rights; 110 } 111 return $permissions; 112 } 113 114 //at this moment there are only implicit permissions for the toplevel site_category, is this a problem? 115 //everybody can read it, only admins can write it. 116 function can_read_category($category_id) 117 { 118 if ($this->is_admin() || ($category_id == CURRENT_SITE_ID)) 119 { 120 return true; 121 } 122 else 123 { 124 //$this->acl = CreateObject('phpgwapi.acl',$this->logged_in_user); 125 //return ($this->acl->get_rights('L'.$category_id,'sitemgr') & PHPGW_ACL_READ); 126 return ($this->acl_so->get_permission('L'.$category_id) & PHPGW_ACL_READ); 127 } 128 } 129 130 function can_write_category($category_id) 131 { 132 if ($this->is_admin()) 133 { 134 return true; 135 } 136 elseif ($category_id != CURRENT_SITE_ID) 137 { 138 //$this->acl = CreateObject('phpgwapi.acl',$this->logged_in_user); 139 //return ($this->acl->get_rights($account_id,'L'.$category_id) & PHPGW_ACL_ADD); 140 // if category_id = 0, we are in site-wide scope, and only admin can add content 141 return $this->acl_so->get_permission('L'.$category_id) & PHPGW_ACL_ADD; 142 } 143 else 144 { 145 return False; 146 } 147 } 148 149 function get_group_list() 150 { 151 return $this->acct->get_list('groups'); 152 } 153 154 function get_simple_group_list() 155 { 156 return $this->get_simple_list('groups'); 157 } 158 159 function get_simple_list($acct_type='') 160 { 161 $full_details = $this->acct->get_list($acct_type); 162 reset($full_details); 163 $group=array(); 164 while(list($k,$v) = each($full_details)) 165 { 166 $group['i'.$v['account_id']] = array(); 167 } 168 return $group; 169 } 170 171 function get_simple_user_list() 172 { 173 return $this->get_simple_list('accounts'); 174 } 175 176 function get_user_list() 177 { 178 return $this->acct->get_list('accounts'); 179 } 180 } 181?> 182