forked from horde/kronolith
-
Notifications
You must be signed in to change notification settings - Fork 0
/
perms.php
128 lines (111 loc) · 3.69 KB
/
perms.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
<?php
/**
* Copyright 2002-2017 Horde LLC (http://www.horde.org/)
*
* See the enclosed file LICENSE for license information (GPL). If you
* did not receive this file, see http://www.horde.org/licenses/gpl.
*
* @author Chuck Hagenbuch <chuck@horde.org>
* @author Jan Schneider <jan@horde.org>
*/
require_once __DIR__ . '/lib/Application.php';
Horde_Registry::appInit('kronolith');
if (Kronolith::showAjaxView()) {
Horde::url('', true)->redirect();
}
// Exit if the user shouldn't be able to change share permissions.
if (!empty($conf['share']['no_sharing'])) {
throw new Horde_Exception_PermissionDenied();
}
$shares = $injector->getInstance('Horde_Core_Factory_Share')->create();
$groups = $injector->getInstance('Horde_Group');
$auth = $injector->getInstance('Horde_Core_Factory_Auth')->create();
$vars = $injector->getInstance('Horde_Variables');
$reload = false;
switch ($vars->get('actionID', 'edit')) {
case 'edit':
try {
$shareid = $vars->cid;
if (!$shareid) {
throw new Horde_Exception_NotFound();
}
$share = $shares->getShareById($shareid);
$perm = $share->getPermission();
} catch (Horde_Exception_NotFound $e) {
if (($category = $vars->share) !== null) {
try {
$share = $shares->getShare($category);
$perm = $share->getPermission();
} catch (Horde_Share_Exception $e) {
$notification->push($e->getMessage(), 'horde.error');
}
}
}
if (!$registry->getAuth() ||
(isset($share) &&
!$registry->isAdmin() &&
($registry->getAuth() != $share->get('owner')))) {
throw new Horde_Exception_PermissionDenied();
}
break;
case 'editform':
$session->checkToken($vars->token);
try {
$share = $shares->getShareById($vars->cid);
} catch (Horde_Share_Exception $e) {
$notification->push(_("Attempt to edit a non-existent share."), 'horde.error');
}
if (empty($share)) {
break;
}
if (!$registry->getAuth() ||
(!$registry->isAdmin() &&
($registry->getAuth() != $share->get('owner')))) {
throw new Horde_Exception_PermissionDenied();
}
try {
$errors = Kronolith::readPermsForm($share);
if ($errors) {
foreach ($errors as $error) {
$notification->push($error, 'horde.error');
}
} elseif ($vars->save_and_finish) {
echo Horde::wrapInlineScript(array('window.close();'));
exit;
}
$notification->push(sprintf(_("Updated \"%s\"."), $share->get('name')), 'horde.success');
} catch (Exception $e) {
$notification->push($e, 'horde.error');
}
$perm = $share->getPermission();
break;
}
$title = ($share instanceof Horde_Share_Object)
? sprintf(_("Edit permissions for \"%s\""), $share->get('name'))
: _("Edit permissions");
$userList = array();
if ($auth->hasCapability('list') &&
($conf['auth']['list_users'] == 'list' ||
$conf['auth']['list_users'] == 'both')) {
try {
$userList = $auth->listNames();
} catch (Horde_Auth_Exception $e) {
Horde::log($e, 'ERR');
}
}
try {
$groupList = $groups->listAll(empty($conf['share']['any_group'])
? $registry->getAuth()
: null);
asort($groupList);
} catch (Horde_Group_Exception $e) {
Horde::log($e, 'NOTICE');
$groupList = array();
}
$page_output->topbar = $page_output->sidebar = false;
$page_output->header(array(
'title' => $title
));
$notification->notify(array('listeners' => 'status'));
require KRONOLITH_TEMPLATES . '/perms/perms.inc';
$page_output->footer();