1: <?php
  2: /**
  3:  * Copyright 2013-2014 Horde LLC (http://www.horde.org/)
  4:  *
  5:  * See the enclosed file COPYING for license information (GPL). If you
  6:  * did not receive this file, see http://www.horde.org/licenses/gpl.
  7:  *
  8:  * @category  Horde
  9:  * @copyright 2013-2014 Horde LLC
 10:  * @license   http://www.horde.org/licenses/gpl GPL
 11:  * @package   IMP
 12:  */
 13: 
 14: /**
 15:  * Permission handling for IMP.
 16:  *
 17:  * @author    Michael Slusarz <slusarz@horde.org>
 18:  * @category  Horde
 19:  * @copyright 2013-2014 Horde LLC
 20:  * @license   http://www.horde.org/licenses/gpl GPL
 21:  * @package   IMP
 22:  */
 23: class IMP_Perms
 24: {
 25:     /**
 26:      * Permission list.
 27:      *
 28:      * @var array
 29:      */
 30:     private $_perms;
 31: 
 32:     /**
 33:      * Constructor.
 34:      */
 35:     public function __construct()
 36:     {
 37:         $this->_perms = array(
 38:             'allow_folders' => array(
 39:                 'imaponly' => true,
 40:                 'title' => _("Allow folder navigation?"),
 41:                 'type' => 'boolean'
 42:             ),
 43:             'allow_remote' => array(
 44:                 'imaponly' => true,
 45:                 'title' => _("Allow remote account access?"),
 46:                 'type' => 'boolean'
 47:             ),
 48:             'create_mboxes' => array(
 49:                 'imaponly' => true,
 50:                 'title' => _("Allow mailbox creation?"),
 51:                 'type' => 'boolean'
 52:             ),
 53:             'max_bodysize' => array(
 54:                 'global' => true,
 55:                 'handle' => function($allowed, $opts) {
 56:                     return isset($opts['value'])
 57:                         ? (intval($allowed[0]) >= $opts['value'])
 58:                         : $allowed;
 59:                 },
 60:                 'title' => _("Maximum size (bytes) of compose body"),
 61:                 'type' => 'int'
 62:             ),
 63:             'max_recipients' => array(
 64:                 'global' => true,
 65:                 'handle' => function($allowed, $opts) {
 66:                     return isset($opts['value'])
 67:                         ? (intval($allowed[0]) >= $opts['value'])
 68:                         : $allowed;
 69:                 },
 70:                 'title' => _("Maximum Number of Recipients per Message"),
 71:                 'type' => 'int'
 72:             ),
 73:             'max_timelimit' => array(
 74:                 'global' => true,
 75:                 'handle' => function($allowed, $opts) {
 76:                     if (!isset($opts['value'])) {
 77:                         return $allowed;
 78:                     }
 79: 
 80:                     $sentmail = $GLOBALS['injector']->getInstance('IMP_Sentmail');
 81:                     if (!($sentmail instanceof IMP_Sentmail)) {
 82:                         Horde::log('The permission for the maximum number of recipients per time period has been enabled, but no backend for the sent-mail logging has been configured for IMP.', 'ERR');
 83:                         return true;
 84:                     }
 85: 
 86:                     $opts['value'] += $sentmail->numberOfRecipients($sentmail->limit_period, true);
 87: 
 88:                     return (intval($allowed[0]) >= $opts['value']);
 89:                 },
 90:                 'title' => _("Maximum Number of Recipients per Time Period"),
 91:                 'type' => 'int'
 92:             ),
 93:             'max_create_mboxes' => array(
 94:                 'handle' => function($allowed, $opts) {
 95:                     return (intval($allowed[0]) >= count($GLOBALS['injector']->getInstance('IMP_Ftree')));
 96:                 },
 97:                 'imaponly' => true,
 98:                 'title' => _("Maximum Number of Mailboxes"),
 99:                 'type' => 'int'
100:             )
101:         );
102:     }
103: 
104:     /**
105:      * @see Horde_Registry_Application#perms()
106:      */
107:     public function perms()
108:     {
109:         $perms = array(
110:             'backends' => array(
111:                 'title' => _("Backends")
112:             )
113:         );
114: 
115:         foreach ($this->_perms as $key => $val) {
116:             if (!empty($val['global'])) {
117:                 $perms[$key] = $val;
118:             }
119:         }
120: 
121:         // Run through every active backend.
122:         foreach (IMP_Imap::loadServerConfig() as $key => $val) {
123:             $bkey = 'backends:' . $key;
124: 
125:             $perms[$bkey] = array(
126:                 'title' => $val->name
127:             );
128: 
129:             foreach ($this->_perms as $key2 => $val2) {
130:                 if (empty($val2['global']) &&
131:                     (empty($val2['imaponly']) ||
132:                     ($val->protocol == 'imap'))) {
133:                     $perms[$bkey . ':' . $key2] = array(
134:                         'title' => $val2['title'],
135:                         'type' => $val2['type']
136:                     );
137:                 }
138:             }
139:         }
140: 
141:         return $perms;
142:     }
143: 
144:     /**
145:      * @see Horde_Registry_Application#hasPermission()
146:      */
147:     public function hasPermission($permission, $allowed, $opts)
148:     {
149:         if (($pos = strrpos($permission, ':')) !== false) {
150:             $permission = substr($permission, $pos + 1);
151:         }
152: 
153:         return isset($this->_perms[$permission]['handle'])
154:             ? (bool)call_user_func($this->_perms[$permission]['handle'], $allowed, $opts)
155:             : (bool)$allowed;
156:     }
157: 
158: }
159: