Overview

Packages

  • IMP
  • None

Classes

  • IMP
  • IMP_Ajax_Application
  • IMP_Ajax_Imple_ContactAutoCompleter
  • IMP_Ajax_Imple_PassphraseDialog
  • IMP_Ajax_Queue
  • IMP_Api
  • IMP_Auth
  • IMP_Block_Newmail
  • IMP_Block_Summary
  • IMP_Compose
  • IMP_Compose_Exception
  • IMP_Compose_Stationery
  • IMP_Contents
  • IMP_Crypt_Pgp
  • IMP_Crypt_Smime
  • IMP_Dimp
  • IMP_Exception
  • IMP_Factory_AuthImap
  • IMP_Factory_Compose
  • IMP_Factory_Contents
  • IMP_Factory_Flags
  • IMP_Factory_Identity
  • IMP_Factory_Imap
  • IMP_Factory_Imaptree
  • IMP_Factory_Mail
  • IMP_Factory_Mailbox
  • IMP_Factory_MailboxList
  • IMP_Factory_MimeViewer
  • IMP_Factory_Pgp
  • IMP_Factory_Quota
  • IMP_Factory_Search
  • IMP_Factory_Sentmail
  • IMP_Factory_Smime
  • IMP_Filter
  • IMP_Flag_Base
  • IMP_Flag_Imap
  • IMP_Flag_Imap_Answered
  • IMP_Flag_Imap_Deleted
  • IMP_Flag_Imap_Draft
  • IMP_Flag_Imap_Flagged
  • IMP_Flag_Imap_Forwarded
  • IMP_Flag_Imap_Junk
  • IMP_Flag_Imap_NotJunk
  • IMP_Flag_Imap_Seen
  • IMP_Flag_System_Attachment
  • IMP_Flag_System_Encrypted
  • IMP_Flag_System_HighPriority
  • IMP_Flag_System_List
  • IMP_Flag_System_LowPriority
  • IMP_Flag_System_Match_Address
  • IMP_Flag_System_Match_Flag
  • IMP_Flag_System_Match_Header
  • IMP_Flag_System_Personal
  • IMP_Flag_System_Signed
  • IMP_Flag_System_Unseen
  • IMP_Flag_User
  • IMP_Flags
  • IMP_Imap
  • IMP_Imap_Acl
  • IMP_Imap_Exception
  • IMP_Imap_PermanentFlags
  • IMP_Imap_Thread
  • IMP_Imap_Tree
  • IMP_Indices
  • IMP_Indices_Form
  • IMP_LoginTasks_SystemTask_GarbageCollection
  • IMP_LoginTasks_SystemTask_Upgrade
  • IMP_LoginTasks_SystemTask_UpgradeAuth
  • IMP_LoginTasks_Task_Autocreate
  • IMP_LoginTasks_Task_DeleteAttachmentsMonthly
  • IMP_LoginTasks_Task_DeleteSentmailMonthly
  • IMP_LoginTasks_Task_FilterOnLogin
  • IMP_LoginTasks_Task_PurgeSentmail
  • IMP_LoginTasks_Task_PurgeSpam
  • IMP_LoginTasks_Task_PurgeTrash
  • IMP_LoginTasks_Task_RecoverDraft
  • IMP_LoginTasks_Task_RenameSentmailMonthly
  • IMP_Mailbox
  • IMP_Mailbox_List
  • IMP_Mailbox_List_Track
  • IMP_Maillog
  • IMP_Menu_Dimp
  • IMP_Message
  • IMP_Mime_Status
  • IMP_Mime_Viewer_Alternative
  • IMP_Mime_Viewer_Appledouble
  • IMP_Mime_Viewer_Audio
  • IMP_Mime_Viewer_Enriched
  • IMP_Mime_Viewer_Externalbody
  • IMP_Mime_Viewer_Html
  • IMP_Mime_Viewer_Images
  • IMP_Mime_Viewer_Itip
  • IMP_Mime_Viewer_Mdn
  • IMP_Mime_Viewer_Partial
  • IMP_Mime_Viewer_Pdf
  • IMP_Mime_Viewer_Pgp
  • IMP_Mime_Viewer_Plain
  • IMP_Mime_Viewer_Related
  • IMP_Mime_Viewer_Rfc822
  • IMP_Mime_Viewer_Smil
  • IMP_Mime_Viewer_Smime
  • IMP_Mime_Viewer_Status
  • IMP_Mime_Viewer_Vcard
  • IMP_Mime_Viewer_Video
  • IMP_Mime_Viewer_Zip
  • IMP_Notification_Event_Status
  • IMP_Notification_Handler_Decorator_ImapAlerts
  • IMP_Notification_Handler_Decorator_NewmailNotify
  • IMP_Notification_Listener_AjaxStatus
  • Imp_Prefs_Identity
  • IMP_Prefs_Ui
  • IMP_Quota
  • IMP_Quota_Base
  • IMP_Quota_Command
  • IMP_Quota_Hook
  • IMP_Quota_Imap
  • IMP_Quota_Maildir
  • IMP_Quota_Mdaemon
  • IMP_Quota_Mercury32
  • IMP_Quota_Null
  • IMP_Quota_Sql
  • IMP_Search
  • IMP_Search_Element
  • IMP_Search_Element_Attachment
  • IMP_Search_Element_Autogenerated
  • IMP_Search_Element_Bulk
  • IMP_Search_Element_Contacts
  • IMP_Search_Element_Date
  • IMP_Search_Element_Flag
  • IMP_Search_Element_Header
  • IMP_Search_Element_Mailinglist
  • IMP_Search_Element_Or
  • IMP_Search_Element_Personal
  • IMP_Search_Element_Recipient
  • IMP_Search_Element_Size
  • IMP_Search_Element_Text
  • IMP_Search_Element_Within
  • IMP_Search_Filter
  • IMP_Search_Filter_Attachment
  • IMP_Search_Filter_Autogenerated
  • IMP_Search_Filter_Builtin
  • IMP_Search_Filter_Bulk
  • IMP_Search_Filter_Contacts
  • IMP_Search_Filter_Mailinglist
  • IMP_Search_Filter_Personal
  • IMP_Search_Query
  • IMP_Search_Vfolder
  • IMP_Search_Vfolder_Builtin
  • IMP_Search_Vfolder_Vinbox
  • IMP_Search_Vfolder_Vtrash
  • IMP_Sentmail
  • IMP_Sentmail_Base
  • IMP_Sentmail_Null
  • IMP_Sentmail_Sql
  • IMP_Spam
  • IMP_Test
  • IMP_Tree_Flist
  • IMP_Tree_Jquerymobile
  • IMP_Tree_Simplehtml
  • IMP_Ui_Compose
  • IMP_Ui_Editor
  • IMP_Ui_Folder
  • IMP_Ui_Headers
  • IMP_Ui_Imageview
  • IMP_Ui_Mailbox
  • IMP_Ui_Message
  • IMP_Ui_Mimp
  • IMP_Ui_Search
  • IMP_Views_Compose
  • IMP_Views_ListMessages
  • IMP_Views_ShowMessage
  • Overview
  • Package
  • Class
  • Tree
  1: <?php
  2: /**
  3:  * Contains functions related to managing IMAP Access Control Lists.
  4:  *
  5:  * Copyright 2003-2012 Horde LLC (http://www.horde.org/)
  6:  *
  7:  * See the enclosed file COPYING for license information (GPL). If you
  8:  * did not receive this file, see http://www.horde.org/licenses/gpl.
  9:  *
 10:  * @author   Chris Hastie <imp@oak-wood.co.uk>
 11:  * @author   Michael Slusarz <slusarz@horde.org>
 12:  * @category Horde
 13:  * @license  http://www.horde.org/licenses/gpl GPL
 14:  * @package  IMP
 15:  */
 16: class IMP_Imap_Acl
 17: {
 18:     /**
 19:      * Constructor.
 20:      *
 21:      * @throws IMP_Exception
 22:      */
 23:     public function __construct()
 24:     {
 25:         if (!$GLOBALS['session']->get('imp', 'imap_acl')) {
 26:             throw new IMP_Exception(_("ACLs not configured for this server."));
 27:         }
 28: 
 29:         if (!$GLOBALS['injector']->getInstance('IMP_Factory_Imap')->create()->queryCapability('ACL')) {
 30:             throw new IMP_Exception(_("Server does not support ACLs."));
 31:         }
 32:     }
 33: 
 34:     /**
 35:      * Retrieve the existing ACLs for a mailbox from the server.
 36:      *
 37:      * @param IMP_Mailbox $mbox  The mailbox to get the ACL for.
 38:      * @param boolean $user      Return only the current user's rights?
 39:      *
 40:      * @return array  If $user is false, see Horde_Imap_Client_Base::getACL().
 41:      *                If $user is true, see
 42:      *                Horde_Imap_Client_Base::getMyACLRights().
 43:      * @throws IMP_Exception
 44:      */
 45:     public function getACL(IMP_Mailbox $mbox, $user = false)
 46:     {
 47:         try {
 48:             $imp_imap = $GLOBALS['injector']->getInstance('IMP_Factory_Imap')->create();
 49:             return $user
 50:                 ? $imp_imap->getMyACLRights($mbox)
 51:                 : $imp_imap->getACL($mbox);
 52:         } catch (IMP_Imap_Exception $e) {
 53:             throw new IMP_Exception(_("Could not retrieve ACL"));
 54:         }
 55:     }
 56: 
 57:     /**
 58:      * Adds rights to an ACL on the server.
 59:      *
 60:      * @param IMP_Mailbox $mbox  The mailbox on which to edit the ACL.
 61:      * @param string $user       The user to grant rights to.
 62:      * @param string $rights     The rights to add.
 63:      *
 64:      * @throws IMP_Exception
 65:      */
 66:     public function addRights(IMP_Mailbox $mbox, $user, $rights)
 67:     {
 68:         if (!strlen($rights)) {
 69:             return;
 70:         }
 71: 
 72:         try {
 73:             $GLOBALS['injector']->getInstance('IMP_Factory_Imap')->create()->setACL($mbox, $user, array(
 74:                 'rights' => $rights
 75:             ));
 76:         } catch (IMP_Imap_Exception $e) {
 77:             throw new IMP_Exception(sprintf(_("Could not add rights for user \"%s\" for the mailbox \"%s\"."), $user, $mbox));
 78:         }
 79:     }
 80: 
 81:     /**
 82:      * Removes rights to an ACL on the server.
 83:      *
 84:      * @param IMP_Mailbox $mbox  The mailbox on which to edit the ACL.
 85:      * @param string $user       The user to remove rights from.
 86:      * @param string $rights     The rights to remove.  If empty, removes the
 87:      *                           entire ACL.
 88:      *
 89:      * @throws IMP_Exception
 90:      */
 91:     public function removeRights(IMP_Mailbox $mbox, $user, $rights)
 92:     {
 93:         try {
 94:             $GLOBALS['injector']->getInstance('IMP_Factory_Imap')->create()->setACL($mbox, $user, array(
 95:                 'remove' => true,
 96:                 'rights' => $rights
 97:             ));
 98:         } catch (IMP_Imap_Exception $e) {
 99:             throw new IMP_Exception(sprintf(_("Could not remove rights for user \"%s\" for the mailbox \"%s\"."), $user, $mbox));
100:         }
101:     }
102: 
103:     /**
104:      * Can the current user edit the ACL for this mailbox?
105:      *
106:      * @param IMP_Mailbox $mbox  The mailbox name.
107:      *
108:      * @return boolean  True if the current user has administrative rights.
109:      */
110:     public function canEdit(IMP_Mailbox $mbox)
111:     {
112:         $rights = $this->getRightsMbox($mbox, $GLOBALS['injector']->getInstance('IMP_Factory_Imap')->create()->getParam('username'));
113:         return $rights[Horde_Imap_Client::ACL_ADMINISTER];
114:     }
115: 
116:     /**
117:      * Return master list of ACL rights.
118:      *
119:      * @return array  A list of ACL rights. Keys are the right identifiers,
120:      *                values are arrays containing two entries: 'desc' and
121:      *                'title'.
122:      */
123:     public function getRights()
124:     {
125:         return array(
126:             Horde_Imap_Client::ACL_LOOKUP => array(
127:                 'desc' => _("User can see the mailbox"),
128:                 'title' => _("List")
129:             ),
130:             Horde_Imap_Client::ACL_READ => array(
131:                 'desc' => _("Read messages"),
132:                 'title' => _("Read")
133:             ),
134:             Horde_Imap_Client::ACL_SEEN => array(
135:                 'desc' => _("Mark with Seen/Unseen flags"),
136:                 'title' => _("Mark (Seen)")
137:             ),
138:             Horde_Imap_Client::ACL_WRITE => array(
139:                 'desc' => _("Mark with other flags (e.g. Important/Answered)"),
140:                 'title' => _("Mark (Other)")
141:             ),
142:             Horde_Imap_Client::ACL_INSERT => array(
143:                 'desc' => _("Insert messages"),
144:                 'title' => _("Insert")
145:             ),
146:             Horde_Imap_Client::ACL_POST => array(
147:                 'desc' => _("Post to this mailbox (not enforced by IMAP)"),
148:                 'title' => _("Post")
149:             ),
150:             Horde_Imap_Client::ACL_ADMINISTER => array(
151:                 'desc' => _("Set permissions for other users"),
152:                 'title' => _("Administer")
153:             ),
154:             Horde_Imap_Client::ACL_CREATEMBOX => array(
155:                 'desc' => _("Create subfolders"),
156:                 'title' => _("Create Folders")
157:             ),
158:             Horde_Imap_Client::ACL_DELETEMBOX => array(
159:                 'desc' => _("Delete subfolders"),
160:                 'title' => _("Delete Folders")
161:             ),
162:             Horde_Imap_Client::ACL_DELETEMSGS => array(
163:                 'desc' => _("Delete messages"),
164:                 'title' => _("Delete")
165:             ),
166:             Horde_Imap_Client::ACL_EXPUNGE => array(
167:                 'desc' => _("Purge messages"),
168:                 'title' => _("Purge")
169:             )
170:         );
171:     }
172: 
173:     /**
174:      * Return list of rights available on the server.
175:      *
176:      * @param IMP_Mailbox $mbox  The mailbox name.
177:      * @param string $user       The ACL identifier (user) to query.
178:      *
179:      * @return Horde_Imap_Client_Data_AclRights  An ACL rights object.
180:      */
181:     public function getRightsMbox(IMP_Mailbox $mbox, $user)
182:     {
183:         try {
184:             return $GLOBALS['injector']->getInstance('IMP_Factory_Imap')->create()->listACLRights($mbox, $user);
185:         } catch (IMP_Imap_Exception $e) {
186:             return new Horde_Imap_Client_Data_AclRights(array(), array_keys($this->getRights()));
187:         }
188:     }
189: 
190: }
191: 
API documentation generated by ApiGen