[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-cvs] phpgwapi/inc class.acl.inc.php
|
From: |
Dave Hall |
|
Subject: |
[Phpgroupware-cvs] phpgwapi/inc class.acl.inc.php |
|
Date: |
Sat, 19 Aug 2006 11:57:48 +0000 |
CVSROOT: /cvsroot/phpgwapi
Module name: phpgwapi
Changes by: Dave Hall <skwashd> 06/08/19 11:57:48
Modified files:
inc : class.acl.inc.php
Log message:
more cleanups
CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/phpgwapi/inc/class.acl.inc.php?cvsroot=phpgwapi&r1=1.82&r2=1.83
Patches:
Index: class.acl.inc.php
===================================================================
RCS file: /cvsroot/phpgwapi/phpgwapi/inc/class.acl.inc.php,v
retrieving revision 1.82
retrieving revision 1.83
diff -u -b -r1.82 -r1.83
--- class.acl.inc.php 6 Aug 2006 04:51:25 -0000 1.82
+++ class.acl.inc.php 19 Aug 2006 11:57:48 -0000 1.83
@@ -6,7 +6,7 @@
* @license http://www.gnu.org/licenses/lgpl.html GNU Lesser General
Public License
* @package phpgwapi
* @subpackage accounts
- * @version $Id: class.acl.inc.php,v 1.82 2006/08/06 04:51:25 skwashd
Exp $
+ * @version $Id: class.acl.inc.php,v 1.83 2006/08/19 11:57:48 skwashd
Exp $
*/
/**
@@ -501,19 +501,21 @@
}
$rights = 0;
- reset ($this->data);
- while(list($idx,$value) = each($this->data))
+ if ( is_array($this->data) && count($this->data) )
{
- if ($this->data[$idx]['appname'] == $appname &&
- ($this->data[$idx]['location'] ==
$location ||
- $this->data[$idx]['location'] ==
'everywhere') &&
- $this->data[$idx]['account'] ==
$this->account_id)
+ foreach ( $this->data as $value )
{
- if ($this->data[$idx]['rights'] == 0)
+ if ($value['appname'] == $appname &&
+ ($value['location'] ==
$location ||
+ $value['location'] ==
'everywhere') &&
+ $value['account'] ==
$this->account_id)
+ {
+ if ($value['rights'] == 0)
{
return False;
}
- $rights |= $this->data[$idx]['rights'];
+ $rights |= $value['rights'];
+ }
}
}
return $rights;
@@ -542,20 +544,18 @@
*/
function get_location_list($app, $required)
{
- // User piece
- $sql = "SELECT acl_location, acl_rights FROM phpgw_acl
WHERE acl_appname = '$app' ";
- $sql .= " AND acl_account IN({$this->account_id}, 0";
// group 0 covers all users
+ $acct_ids = array(0, $this->account_id);// group 0
covers all users
$equalto =
$GLOBALS['phpgw']->accounts->membership($this->account_id);
if (is_array($equalto) && count($equalto) > 0)
{
foreach ( $equalto as $group )
{
- $sql .= ", {$group['account_id']}";
+ $acct_ids[] = $group['account_id'];
}
}
- $sql .= ')';
+ $sql = "SELECT acl_location, acl_rights FROM phpgw_acl
WHERE acl_appname = '$app' AND acl_account IN(" . implode(',', $acct_ids) .
')';
$this->db->query($sql ,__LINE__,__FILE__);
$rights = 0;
if ($this->db->num_rows() == 0 )
@@ -865,22 +865,24 @@
if ($location)
{
+ $location = $this->db->db_addslashes($location);
$at_location = " AND acl_location =
'$location'";
}
- $sql = "SELECT acl_account,acl_grantor, acl_rights FROM
phpgw_acl WHERE acl_appname = '$app' $at_location AND acl_grantor IS NOT NULL
AND acl_type = $type AND "
- . "acl_account in ";
- $security = "('". $this->account_id ."'";
+ $acct_ids = array($this->account_id);
+
$myaccounts = CreateObject('phpgwapi.accounts');
$my_memberships =
$myaccounts->membership($this->account_id);
unset($myaccounts);
- @reset($my_memberships);
- while($my_memberships && (list($key,$group) =
each($my_memberships)))
+ foreach ( $my_memberships as $key => $group )
{
- $security .= ",'" . $group['account_id'] . "'";
+ $acct_ids[] = $group['account_id'];
}
- $security .= ')';
- $this->db->query($sql . $security ,__LINE__,__FILE__);
+
+ $sql = "SELECT acl_account,acl_grantor, acl_rights FROM
phpgw_acl WHERE acl_appname = '$app' $at_location AND acl_grantor IS NOT NULL
AND acl_type = $type AND "
+ . 'acl_account IN (' . implode(',', $acct_ids)
. ')';
+
+ $this->db->query($sql, __LINE__, __FILE__);
$rights = 0;
$accounts = Array();
if ($this->db->num_rows() == 0 && $type==0)
@@ -892,15 +894,14 @@
{
$grantor = $this->db->f('acl_grantor');
$rights = $this->db->f('acl_rights');
- if(!isset($accounts[$grantor]))
- // cache the group-members for performance
+ if(!isset($accounts[$grantor]))// cache the
group-members for performance
{
+ $is_group[$grantor] = false;
// if $grantor is a group, get its
members
$members =
$this->get_ids_for_location($grantor,1,'phpgw_group');
if(!$members)
{
$accounts[$grantor] =
array($grantor);
- $is_group[$grantor] = false;
}
else
{
@@ -908,7 +909,7 @@
$is_group[$grantor] = True;
}
}
- if(@$is_group[$grantor])
+ if($is_group[$grantor])
{
// Don't allow to override private!
$rights &= (~ PHPGW_ACL_PRIVATE);
- [Phpgroupware-cvs] phpgwapi/inc class.acl.inc.php,
Dave Hall <=