1: <?php
2: 3: 4: 5: 6: 7: 8: 9: 10: 11: 12: 13: 14: 15:
16: class IMP_Imap_Acl
17: {
18: 19: 20: 21: 22:
23: public function __construct()
24: {
25: if (!$GLOBALS['session']->get('imp', 'imap_acl')) {
26: throw new IMP_Exception(_("ACLs not configured for this server."));
27: }
28:
29: if (!$GLOBALS['injector']->getInstance('IMP_Factory_Imap')->create()->queryCapability('ACL')) {
30: throw new IMP_Exception(_("Server does not support ACLs."));
31: }
32: }
33:
34: 35: 36: 37: 38: 39: 40: 41: 42: 43: 44:
45: public function getACL(IMP_Mailbox $mbox, $user = false)
46: {
47: try {
48: $imp_imap = $GLOBALS['injector']->getInstance('IMP_Factory_Imap')->create();
49: return $user
50: ? $imp_imap->getMyACLRights($mbox)
51: : $imp_imap->getACL($mbox);
52: } catch (IMP_Imap_Exception $e) {
53: throw new IMP_Exception(_("Could not retrieve ACL"));
54: }
55: }
56:
57: 58: 59: 60: 61: 62: 63: 64: 65:
66: public function addRights(IMP_Mailbox $mbox, $user, $rights)
67: {
68: if (!strlen($rights)) {
69: return;
70: }
71:
72: try {
73: $GLOBALS['injector']->getInstance('IMP_Factory_Imap')->create()->setACL($mbox, $user, array(
74: 'rights' => $rights
75: ));
76: } catch (IMP_Imap_Exception $e) {
77: throw new IMP_Exception(sprintf(_("Could not add rights for user \"%s\" for the mailbox \"%s\"."), $user, $mbox));
78: }
79: }
80:
81: 82: 83: 84: 85: 86: 87: 88: 89: 90:
91: public function removeRights(IMP_Mailbox $mbox, $user, $rights)
92: {
93: try {
94: $GLOBALS['injector']->getInstance('IMP_Factory_Imap')->create()->setACL($mbox, $user, array(
95: 'remove' => true,
96: 'rights' => $rights
97: ));
98: } catch (IMP_Imap_Exception $e) {
99: throw new IMP_Exception(sprintf(_("Could not remove rights for user \"%s\" for the mailbox \"%s\"."), $user, $mbox));
100: }
101: }
102:
103: 104: 105: 106: 107: 108: 109:
110: public function canEdit(IMP_Mailbox $mbox)
111: {
112: $rights = $this->getRightsMbox($mbox, $GLOBALS['injector']->getInstance('IMP_Factory_Imap')->create()->getParam('username'));
113: return $rights[Horde_Imap_Client::ACL_ADMINISTER];
114: }
115:
116: 117: 118: 119: 120: 121: 122:
123: public function getRights()
124: {
125: return array(
126: Horde_Imap_Client::ACL_LOOKUP => array(
127: 'desc' => _("User can see the mailbox"),
128: 'title' => _("List")
129: ),
130: Horde_Imap_Client::ACL_READ => array(
131: 'desc' => _("Read messages"),
132: 'title' => _("Read")
133: ),
134: Horde_Imap_Client::ACL_SEEN => array(
135: 'desc' => _("Mark with Seen/Unseen flags"),
136: 'title' => _("Mark (Seen)")
137: ),
138: Horde_Imap_Client::ACL_WRITE => array(
139: 'desc' => _("Mark with other flags (e.g. Important/Answered)"),
140: 'title' => _("Mark (Other)")
141: ),
142: Horde_Imap_Client::ACL_INSERT => array(
143: 'desc' => _("Insert messages"),
144: 'title' => _("Insert")
145: ),
146: Horde_Imap_Client::ACL_POST => array(
147: 'desc' => _("Post to this mailbox (not enforced by IMAP)"),
148: 'title' => _("Post")
149: ),
150: Horde_Imap_Client::ACL_ADMINISTER => array(
151: 'desc' => _("Set permissions for other users"),
152: 'title' => _("Administer")
153: ),
154: Horde_Imap_Client::ACL_CREATEMBOX => array(
155: 'desc' => _("Create subfolders"),
156: 'title' => _("Create Folders")
157: ),
158: Horde_Imap_Client::ACL_DELETEMBOX => array(
159: 'desc' => _("Delete subfolders"),
160: 'title' => _("Delete Folders")
161: ),
162: Horde_Imap_Client::ACL_DELETEMSGS => array(
163: 'desc' => _("Delete messages"),
164: 'title' => _("Delete")
165: ),
166: Horde_Imap_Client::ACL_EXPUNGE => array(
167: 'desc' => _("Purge messages"),
168: 'title' => _("Purge")
169: )
170: );
171: }
172:
173: 174: 175: 176: 177: 178: 179: 180:
181: public function getRightsMbox(IMP_Mailbox $mbox, $user)
182: {
183: try {
184: return $GLOBALS['injector']->getInstance('IMP_Factory_Imap')->create()->listACLRights($mbox, $user);
185: } catch (IMP_Imap_Exception $e) {
186: return new Horde_Imap_Client_Data_AclRights(array(), array_keys($this->getRights()));
187: }
188: }
189:
190: }
191: