3 commits - lib/api lib/client lib/kolab_client_task.php lib/locale
Aleksander Machniak
machniak at kolabsys.com
Wed Sep 19 14:18:11 CEST 2012
lib/api/kolab_api_service_role.php | 2 +
lib/client/kolab_client_task_about.php | 6 +--
lib/client/kolab_client_task_main.php | 16 ++++-----
lib/client/kolab_client_task_settings.php | 53 ++++++++++++++++++++++++------
lib/kolab_client_task.php | 41 ++++++++++++++++++-----
lib/locale/en.php | 9 ++---
lib/locale/en_US.php | 9 ++---
7 files changed, 99 insertions(+), 37 deletions(-)
New commits:
commit 5f8b26ed45b08386c56d93c743bba9dc362309ec
Author: Aleksander Machniak <alec at alec.pl>
Date: Wed Sep 19 14:17:28 2012 +0200
Improved detection of task availability according to capabilities
Some code improvements
diff --git a/lib/client/kolab_client_task_main.php b/lib/client/kolab_client_task_main.php
index 7a7a1f0..8c50b10 100644
--- a/lib/client/kolab_client_task_main.php
+++ b/lib/client/kolab_client_task_main.php
@@ -30,8 +30,8 @@ class kolab_client_task_main extends kolab_client_task
'domain' => 'domains',
'role' => 'roles',
'resource' => 'resources',
- 'settings' => '',
- 'about' => '',
+ 'settings' => 'settings',
+ 'about' => 'about',
);
@@ -60,15 +60,15 @@ class kolab_client_task_main extends kolab_client_task
'search', 'search.loading', 'search.acchars');
// Create list of tasks for dashboard
- // @TODO: check capabilities
$capabilities = $this->capabilities();
-
- $this->menu = array();
+ $this->menu = array();
foreach ($this->_menu as $task => $api_task) {
- if ($api_task && !array_key_exists($api_task . '.list', $capabilities['actions'])) {
- //console("Skipping menu item $task for $api_task");
- continue;
+ if ($task != 'about' && !array_key_exists($api_task . '.list', $capabilities['actions'])) {
+ $task_class = 'kolab_client_task_' . $task;
+ if (!method_exists($task_class, 'is_enabled') || !$task_class::is_enabled($capabilities['actions'])) {
+ continue;
+ }
}
$this->menu[$task . '.default'] = 'menu.' . ($api_task ? $api_task : $task);
diff --git a/lib/client/kolab_client_task_settings.php b/lib/client/kolab_client_task_settings.php
index 03e0a34..8eb5caa 100644
--- a/lib/client/kolab_client_task_settings.php
+++ b/lib/client/kolab_client_task_settings.php
@@ -27,8 +27,8 @@ class kolab_client_task_settings extends kolab_client_task
protected $ajax_only = true;
protected $menu = array(
-// 'user.info' => 'settings.info',
- 'type_list' => 'type.list',
+ 'type_list' => 'types.list',
+ 'type_add' => 'type.add',
);
/**
@@ -39,8 +39,8 @@ class kolab_client_task_settings extends kolab_client_task
$this->output->set_object('task_navigation', $this->menu());
// $this->output->set_object('content', 'settings', true);
- $caps = $this->get_capability('actions');
- if (!empty($caps['user.edit']) || !empty($caps['user.info'])) {
+ $caps_actions = $this->get_capability('actions');
+ if (self::can_edit_self($caps_actions)) {
$this->action_info();
}
else {
@@ -49,6 +49,45 @@ class kolab_client_task_settings extends kolab_client_task
}
/**
+ * Checks if it's possible to edit data of current user
+ */
+ public static function can_edit_self($caps_actions)
+ {
+ // Disable user form for directory manager (see #1025)
+ if (preg_match('/^cn=([a-z ]+)/i', $_SESSION['user']['id'])) {
+ return false;
+ }
+
+ if (empty($caps_actions['user.info'])) {
+ return false;
+ }
+
+ // If we can do user.info, we can at least display
+ // the form, effective rights will be checked later
+ // there's a very small chance that user cannot view his data
+ return true;
+ }
+
+ /**
+ * Check if any of task actions is accessible for current user
+ *
+ * @return bool
+ */
+ public static function is_enabled($caps_actions)
+ {
+ // User form
+ if (self::can_edit_self($caps_actions)) {
+ return true;
+ }
+
+ if (!empty($caps_actions['types.list'])) {
+ return true;
+ }
+
+ return false;
+ }
+
+ /**
* Returns task menu output (overrides parent's menu method).
*
* @return string HTML output
@@ -85,12 +124,6 @@ class kolab_client_task_settings extends kolab_client_task
*/
public function action_info()
{
- // Disable for directory manager (see #1025)
- if (preg_match('/^cn=([a-z ]+)/i', $_SESSION['user']['id'])) {
- $this->output->command('set_watermark', 'content');
- return;
- }
-
$_POST['id'] = $_SESSION['user']['id'];
$user_task = new kolab_client_task_user($this->output);
$user_task->action_info();
diff --git a/lib/kolab_client_task.php b/lib/kolab_client_task.php
index 27f7c53..b2edadf 100644
--- a/lib/kolab_client_task.php
+++ b/lib/kolab_client_task.php
@@ -658,6 +658,36 @@ class kolab_client_task
}
/**
+ * Returns effective rights for the specified object
+ *
+ * @param string $type Object type
+ * @param string $id Object identifier
+ *
+ * @return array Two element array with 'attribute' and 'entry' elements
+ */
+ protected function effective_rights($type, $id = null)
+ {
+ $caps = $this->get_capability('actions');
+
+ if (empty($caps[$type . '.effective_rights'])) {
+ return array(
+ 'attribute' => array(),
+ 'entry' => array(),
+ );
+ }
+
+ // Get the rights on the entry and attribute level
+ $result = $this->api->get($type . '.effective_rights', array($type => $id));
+
+ $result = array(
+ 'attribute' => $result->get('attributeLevelRights'),
+ 'entry' => $result->get('entryLevelRights'),
+ );
+
+ return $result;
+ }
+
+ /**
* Returns execution time in seconds
*
* @param string Execution time
@@ -922,14 +952,9 @@ class kolab_client_task
}
// Get the rights on the entry and attribute level
- $result = $this->api->get($name . ".effective_rights", array($name => $data['id']));
- $attribute_rights = $result->get('attributeLevelRights');
- $entry_rights = $result->get('entryLevelRights');
-
- $data['effective_rights'] = array(
- 'attribute' => $attribute_rights,
- 'entry' => $entry_rights,
- );
+ $data['effective_rights'] = $this->effective_rights($name, $data['id']);
+ $attribute_rights = $data['effective_rights']['attribute'];
+ $entry_rights = $data['effective_rights']['entry'];
// See if "administrators" (those who can delete and add back on the entry
// level) may override the automatically generated contents of auto_form_fields.
commit f8a39bf87385a71b18ea2194510fb1f888fd21cc
Author: Aleksander Machniak <alec at alec.pl>
Date: Wed Sep 19 14:15:04 2012 +0200
Define role.effective_rights capability
diff --git a/lib/api/kolab_api_service_role.php b/lib/api/kolab_api_service_role.php
index 1158f03..0deecf9 100644
--- a/lib/api/kolab_api_service_role.php
+++ b/lib/api/kolab_api_service_role.php
@@ -64,6 +64,8 @@ class kolab_api_service_role extends kolab_api_service
$rights['members_list'] = "r";
}
+ $rights['effective_rights'] = "r";
+
return $rights;
}
commit 1de1f6c2cb3323baa715b0eb2e67520610241b1a
Author: Aleksander Machniak <alec at alec.pl>
Date: Wed Sep 19 11:33:06 2012 +0200
Fix some labels
diff --git a/lib/client/kolab_client_task_about.php b/lib/client/kolab_client_task_about.php
index 5380581..0a2ce41 100644
--- a/lib/client/kolab_client_task_about.php
+++ b/lib/client/kolab_client_task_about.php
@@ -27,9 +27,9 @@ class kolab_client_task_about extends kolab_client_task
protected $ajax_only = true;
protected $menu = array(
- 'kolab' => 'menu.kolab',
- 'kolabsys' => 'menu.kolabsys',
- 'technology' => 'menu.technology',
+ 'kolab' => 'about.kolab',
+ 'kolabsys' => 'about.kolabsys',
+ 'technology' => 'about.technology',
);
public function action_default()
diff --git a/lib/locale/en.php b/lib/locale/en.php
index a9d4fac..0da1aa0 100644
--- a/lib/locale/en.php
+++ b/lib/locale/en.php
@@ -1,8 +1,12 @@
<?php
$LANG['about.community'] = 'This is the Community Edition of the <b>Kolab Server</b>.';
-$LANG['about.warranty'] = 'It comes with absolutely <b>no warranties</b> and is typically run entirely self supported. You can find help & information on the community <a href="http://kolab.org">web site</a> & <a href="http://wiki.kolab.org">wiki</a>.';
+$LANG['about.kolab'] = 'Kolab';
+$LANG['about.kolabsys'] = 'Kolab Systems';
$LANG['about.support'] = 'Professional support is available from <a href="http://kolabsys.com">Kolab Systems</a>.';
+$LANG['about.technology'] = 'Technology';
+$LANG['about.warranty'] = 'It comes with absolutely <b>no warranties</b> and is typically run entirely self supported. You can find help & information on the community <a href="http://kolab.org">web site</a> & <a href="http://wiki.kolab.org">wiki</a>.';
+
$LANG['creatorsname'] = 'Created by';
$LANG['days'] = 'days';
$LANG['debug'] = 'Debug info';
@@ -58,12 +62,9 @@ $LANG['MB'] = 'MB';
$LANG['menu.about'] = 'About';
$LANG['menu.domains'] = 'Domains';
$LANG['menu.groups'] = 'Groups';
-$LANG['menu.kolab'] = 'Kolab';
-$LANG['menu.kolabsys'] = 'Kolab Systems';
$LANG['menu.resources'] = 'Resources';
$LANG['menu.roles'] = 'Roles';
$LANG['menu.settings'] = 'Settings';
-$LANG['menu.technology'] = 'Technology';
$LANG['menu.users'] = 'Users';
$LANG['modifiersname'] = 'Modified by';
diff --git a/lib/locale/en_US.php b/lib/locale/en_US.php
index 760f513..7b56ba1 100644
--- a/lib/locale/en_US.php
+++ b/lib/locale/en_US.php
@@ -1,8 +1,12 @@
<?php
$LANG['about.community'] = 'This is the Community Edition of the <b>Kolab Server</b>.';
-$LANG['about.warranty'] = 'It comes with absolutely <b>no warranties</b> and is typically run entirely self supported. You can find help & information on the community <a href="http://kolab.org">web site</a> & <a href="http://wiki.kolab.org">wiki</a>.';
+$LANG['about.kolab'] = 'Kolab';
+$LANG['about.kolabsys'] = 'Kolab Systems';
$LANG['about.support'] = 'Professional support is available from <a href="http://kolabsys.com">Kolab Systems</a>.';
+$LANG['about.technology'] = 'Technology';
+$LANG['about.warranty'] = 'It comes with absolutely <b>no warranties</b> and is typically run entirely self supported. You can find help & information on the community <a href="http://kolab.org">web site</a> & <a href="http://wiki.kolab.org">wiki</a>.';
+
$LANG['creatorsname'] = 'Created by';
$LANG['days'] = 'days';
$LANG['debug'] = 'Debug info';
@@ -56,12 +60,9 @@ $LANG['MB'] = 'MB';
$LANG['menu.about'] = 'About';
$LANG['menu.domains'] = 'Domains';
$LANG['menu.groups'] = 'Groups';
-$LANG['menu.kolab'] = 'Kolab';
-$LANG['menu.kolabsys'] = 'Kolab Systems';
$LANG['menu.resources'] = 'Resources';
$LANG['menu.roles'] = 'Roles';
$LANG['menu.settings'] = 'Settings';
-$LANG['menu.technology'] = 'Technology';
$LANG['menu.users'] = 'Users';
$LANG['modifiersname'] = 'Modified by';
More information about the commits
mailing list