Author: ralfbecker
Date: Thu Nov 5 20:37:28 2009
New Revision: 28269
URL: http://www.egroupware.org/viewvc/egroupware?rev=28269&view=rev Log:
- inherit ACL and admin from parent categories
+ ACL get or'ed together (you can't take away rights)
+ admins only get inherited, if there's none defined in cat
- store state of category filter for select resource popup (not
currently used in stock EGroupware)
Modified: trunk/resources/inc/class.bo_acl.inc.php
URL: http://www.egroupware.org/viewvc/egroupware/trunk/resources/inc/class.bo_acl.inc.php?rev=28269&r1=28268&r2=28269&view=diff ==============================================================================
--- trunk/resources/inc/class.bo_acl.inc.php (original)
+++ trunk/resources/inc/class.bo_acl.inc.php Thu Nov 5 20:37:28 2009
@@ -1,6 +1,6 @@
<?php
/**
- * eGroupWare - resources
+ * EGroupWare - resources
*
* @license http://www.gnu.org/licenses/gpl.html GNU General Public License
* @package resources
@@ -11,15 +11,12 @@
/**
* ACL business object for resources
*
- * @package resources
+ * Category rights and admins get inherited from parent categories.
+ * Current rights and the ones inherited from parents get ORed together,
+ * while for admins the "closest" cat-admin will be used.
*/
class bo_acl
{
- /**
- * @var $permissions Holds alls permissions for resources of user
- */
- var $permissions;
-
var $acl;
var $start = 0;
var $query = '';
@@ -37,13 +34,17 @@
*/
var $egw_cats;
/**
+ * PHP4 constructor
+ *
+ * @param boolean $session
+ * @deprecated use __construct()
+ * @return bo_acl
+ */
+ function bo_acl($session=False)
+ {
+ self::__construct($session);
+ }
+
+ /**
* get list of cats where current user has given rights
*
* @author Cornelius Weiss <egw@...>
@@ -106,9 +119,9 @@
* @param int $cat_id
* @return mixed name of category
*/
- function get_cat_name($cat_id)
- {
- return $this->egw_cats->id2name($cat_id);
+ static public function get_cat_name($cat_id)
+ {
+ return $GLOBALS['egw']->categories->id2name($cat_id);
}
/**
@@ -118,9 +131,9 @@
* @param int $cat_id
* @return int userid of cat admin
*/
- function get_cat_admin($cat_id)
- {
- $cat_rights = $this->get_rights($cat_id);
+ static public function get_cat_admin($cat_id)
+ {
+ $cat_rights = self::get_rights($cat_id);
foreach ($cat_rights as $userid => $right)
{
if ($right & EGW_ACL_CAT_ADMIN)
@@ -128,21 +141,63 @@
return $userid;
}
}
+ // check for an inherited cat admin
+ if (($parent = $GLOBALS['egw']->categories->id2name($cat_id,'parent')))
+ {
+ return self::get_cat_admin($parent);
+ }
return lang('none');
}
/**
- * cheks one of the following rights for current user:
- *
- * EGW_ACL_READ, EGW_ACL_ADD, EGW_ACL_EDIT, EGW_ACL_DELETE, EGW_ACL_DIRECT_BOOKING
- *
- * @param int $cat_id
- * @param int $right
- * @return bool user is permitted or not for right
- */
- function is_permitted($cat_id,$right)
- {
- return $this->permissions['L'.$cat_id] & $right;
+ * Permissions including inherited ones
+ *
+ * @var array cat_id => rights
+ */
+ static private $permissions;
+ static private $resource_acl;
+
+ /**
+ * Get permissions of current user on a given category
+ *
+ * @param int $cat_id
+ * @return int
+ */
+ static public function get_permissions($cat_id)
+ {
+ if (!isset(self::$permissions[$cat_id]))
+ {
+ if (is_null(self::$resource_acl))
+ {
+ self::$resource_acl = $GLOBALS['egw']->acl->get_all_location_rights($GLOBALS['egw_info']['user']['account_id'],'resources',true);
+ }
+ self::$permissions[$cat_id] = (int)self::$resource_acl['L'.$cat_id];
+ if (($parent = $GLOBALS['egw']->categories->id2name($cat_id,'parent')))
+ {
+ self::$permissions[$cat_id] |= self::get_permissions($parent);
+ }
+ }
+ //echo "<p>".__METHOD__."($cat_id) = ".self::$permissions[$cat_id]."</p>\n";
+ return self::$permissions[$cat_id];
+ }
+
+ /**
+ * checks one of the following rights for current user:
+ *
+ * EGW_ACL_READ, EGW_ACL_ADD, EGW_ACL_EDIT, EGW_ACL_DELETE, EGW_ACL_DIRECT_BOOKING
+ *
+ * @param int $cat_id
+ * @param int $right
+ * @return boolean user is permitted or not for right
+ */
+ static public function is_permitted($cat_id,$right)
+ {
+ if (!isset(self::$permissions[$cat_id]))
+ {
+ self::get_permissions($cat_id);
+ }
+ //echo "<p>".__METHOD__."($cat_id,$right) = ".self::$permissions[$cat_id]." & $right = ".(self::$permissions[$cat_id] & $right)."</p>\n";
+ return (boolean) (self::$permissions[$cat_id] & $right);
}
/**
@@ -151,7 +206,7 @@
* @param int $cat_id
* @return array userid => right
*/
- function get_rights($cat_id)
+ static public function get_rights($cat_id)
{
return $GLOBALS['egw']->acl->get_all_rights('L'.$cat_id,'resources');
}
Modified: trunk/resources/inc/class.bo_resources.inc.php
URL: http://www.egroupware.org/viewvc/egroupware/trunk/resources/inc/class.bo_resources.inc.php?rev=28269&r1=28268&r2=28269&view=diff ==============================================================================
--- trunk/resources/inc/class.bo_resources.inc.php (original)
+++ trunk/resources/inc/class.bo_resources.inc.php Thu Nov 5 20:37:28 2009
@@ -27,6 +27,16 @@
* @var so_resources
*/
var $so;
+ /**
+ * Instance of resources acl class
+ *
+ * @var bo_acl
+ */
+ var $acl;
+ /**
+ * Instance of categories class for resources
+ */
+ var $cats;
function bo_resources()
{
@@ -48,6 +58,16 @@
*/
function get_rows($query,&$rows,&$readonlys)
{
+ if ($query['store_state']) // request to store state in session and filter in prefs?
+ {
+ egw_cache::setSession('resources',$query['store_state'],$query);
+ //echo "<p>".__METHOD__."() query[filter]=$query[filter], prefs[resources][filter]={$GLOBALS['egw_info']['user']['preferences']['resources']['filter']}</p>\n";
+ if ($query['filter'] != $GLOBALS['egw_info']['user']['preferences']['resources']['filter'])
+ {
+ $GLOBALS['egw']->preferences->add('resources','filter',$query['filter'],'user');
+ $GLOBALS['egw']->preferences->save_repository();
+ }
+ }
if ($this->debug) _debug_array($query);
$criteria = array('name' => $query['search'], 'short_description' => $query['search'], 'inventory_number' => $query['search']);
$read_onlys = 'res_id,name,short_description,quantity,useable,bookable,buyable,cat_id,location,storage_info';
if (!is_array($content))
{
- $content['nm'] = array(
- 'header_left' => 'resources.resource_select.header',
- 'show_bookable' => true,
- 'get_rows' => 'resources.bo_resources.get_rows',
- 'filter_label' => 'Category',
- 'filter_help' => lang('Select a category'),
- 'options-filter'=> array(''=>lang('all categories'))+(array)$this->bo->acl->get_cats(EGW_ACL_READ),
- 'no_filter2' => true,
- 'filter_no_lang'=> true,
- 'no_cat' => true,
- 'rows' => array('js_id' => 1),
- 'csv_fields' => false,
- 'default_cols' => 'name,cat_id,quantity', // I columns to use if there's no user or default pref
- );
+ if (!($content['nm'] = egw_cache::getSession('resources','get_rows')))
+ {
+ $content['nm'] = array(
+ 'header_left' => 'resources.resource_select.header',
+ 'show_bookable' => true,
+ 'get_rows' => 'resources.bo_resources.get_rows',
+ 'filter_label' => 'Category',
+ 'filter_help' => lang('Select a category'),
+ 'options-filter'=> array(''=>lang('all categories'))+(array)$this->bo->acl->get_cats(EGW_ACL_READ),
+ 'no_filter2' => true,
+ 'filter_no_lang'=> true,
+ 'no_cat' => true,
+ 'rows' => array('js_id' => 1),
+ 'csv_fields' => false,
+ 'default_cols' => 'name,cat_id,quantity', // I columns to use if there's no user or default pref
+ 'store_state' => 'get_rows', // store in session as for location get_rows
+ );
+ $content['nm']['filter'] = $GLOBALS['egw_info']['user']['preferences']['resources']['filter'];
+ }
}
$sel_options = array();
$no_button = array();
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________
eGroupWare-cvs mailing list
eGroupWare-cvs@... https://lists.sourceforge.net/lists/listinfo/egroupware-cvs
