1<?php
2	/***************************************************************************\
3	* phpGroupWare - Web Content Manager                                        *
4	* http://www.phpgroupware.org                                               *
5	* -------------------------------------------------                         *
6	* This program is free software; you can redistribute it and/or modify it   *
7	* under the terms of the GNU General Public License as published by the     *
8	* Free Software Foundation; either version 2 of the License, or (at your    *
9	* option) any later version.                                                *
10	\***************************************************************************/
11
12define('SITEMGR_ACL_IS_ADMIN',1);
13
14	class ACL_BO
15	{
16		var $acl;
17		var $acl_so;
18		var $logged_in_user;
19
20		function ACL_BO()
21		{
22			$this->logged_in_user = $GLOBALS['phpgw_info']['user']['account_id'];
23			$this->acct = CreateObject('phpgwapi.accounts',$this->logged_in_user);
24			$this->acl = CreateObject('phpgwapi.acl',$this->logged_in_user);
25			$this->acl_so = CreateObject('sitemgr.ACL_SO');
26		}
27
28		function is_admin($site_id=False)
29		{
30			if (!$site_id)
31			{
32				$site_id = CURRENT_SITE_ID;
33			}
34			return $this->acl_so->get_permission('L'.$site_id) & SITEMGR_ACL_IS_ADMIN;
35		}
36
37		function set_adminlist($site_id,$account_list)
38		{
39			$this->remove_location($site_id);
40			while (list($null,$account_id) = @each($account_list))
41			{
42				$this->acl->add_repository('sitemgr','L'.$site_id,$account_id,SITEMGR_ACL_IS_ADMIN);
43			}
44		}
45
46		function remove_location($category_id)
47		{
48			// Used when a category_id is deleted
49			$this->acl_so->remove_location('L'.$category_id);
50		}
51
52		function copy_permissions($fromcat,$tocat)
53		{
54			$this->remove_location($tocat);
55			$this->acl_so->copy_rights('L'.$fromcat,'L'.$tocat);
56		}
57
58		function grant_permissions($user, $category_id, $can_read, $can_write)
59		{
60			$rights = 0;
61			if($can_read)
62			{
63				$rights = PHPGW_ACL_READ;
64			}
65			if($can_write)
66			{
67				$rights = ($rights | PHPGW_ACL_ADD);
68			}
69
70			if ($rights == 0)
71			{
72				return $this->acl->delete_repository('sitemgr','L'.$category_id,$user);
73			}
74			else
75			{
76				return $this->acl->add_repository('sitemgr','L'.$category_id,$user,$rights);
77			}
78		}
79
80		function get_user_permission_list($category_id)
81		{
82			return $this->get_permission_list($category_id, 'accounts');
83		}
84
85		function get_group_permission_list($category_id)
86		{
87			return $this->get_permission_list($category_id, 'groups');
88		}
89
90		function get_permission_list($category_id, $acct_type='')
91		{
92			/*
93			   Though this is not the place for making database lookups, particularly
94			   ones that look for things in the phpgwapi tables, the stupid get_rights
95			   and get_specific_rights and other lookup functions DON'T WORK.
96			*/
97			$users = $GLOBALS['phpgw']->accounts->get_list($acct_type);
98
99			$permissions = Array();
100
101			reset($users);
102			while(list($k,$v) = each($users))
103			{
104				$account_id = $v['account_id'];
105				//unset($this->acl);
106				//$this->acl = CreateObject('phpgwapi.acl',$account_id);
107				//$rights = $this->acl->get_specific_rights('L'.$category_id,'sitemgr');
108				$rights = $this->acl_so->get_rights($account_id, 'L'.$category_id);
109				$permissions[$account_id] = $rights;
110			}
111			return $permissions;
112		}
113
114		//at this moment there are only implicit permissions for the toplevel site_category, is this a problem?
115		//everybody can read it, only admins can write it.
116		function can_read_category($category_id)
117		{
118			if ($this->is_admin() || ($category_id == CURRENT_SITE_ID))
119			{
120				return true;
121			}
122			else
123			{
124				//$this->acl = CreateObject('phpgwapi.acl',$this->logged_in_user);
125				//return ($this->acl->get_rights('L'.$category_id,'sitemgr') & PHPGW_ACL_READ);
126				return ($this->acl_so->get_permission('L'.$category_id) & PHPGW_ACL_READ);
127			}
128		}
129
130		function can_write_category($category_id)
131		{
132			if ($this->is_admin())
133			{
134				return true;
135			}
136			elseif ($category_id != CURRENT_SITE_ID)
137			{
138				//$this->acl = CreateObject('phpgwapi.acl',$this->logged_in_user);
139				//return ($this->acl->get_rights($account_id,'L'.$category_id) & PHPGW_ACL_ADD);
140				// if category_id = 0, we are in site-wide scope, and only admin can add content
141				return $this->acl_so->get_permission('L'.$category_id) & PHPGW_ACL_ADD;
142			}
143			else
144			{
145				return False;
146			}
147		}
148
149		function get_group_list()
150		{
151			return $this->acct->get_list('groups');
152		}
153
154		function get_simple_group_list()
155		{
156			return $this->get_simple_list('groups');
157		}
158
159		function get_simple_list($acct_type='')
160		{
161			$full_details = $this->acct->get_list($acct_type);
162			reset($full_details);
163			$group=array();
164			while(list($k,$v) = each($full_details))
165			{
166				$group['i'.$v['account_id']] = array();
167			}
168			return $group;
169		}
170
171		function get_simple_user_list()
172		{
173			return $this->get_simple_list('accounts');
174		}
175
176		function get_user_list()
177		{
178			return $this->acct->get_list('accounts');
179		}
180	}
181?>
182