PageRenderTime 56ms CodeModel.GetById 30ms RepoModel.GetById 1ms app.codeStats 0ms

/lib/Sabre/DAVACL/Property/Acl.php

https://github.com/KOLANICH/SabreDAV
PHP | 212 lines | 104 code | 45 blank | 63 comment | 10 complexity | 61921ef88426ff6b58544cd9d45bb168 MD5 | raw file
Possible License(s): BSD-3-Clause
  1. <?php
  2. namespace Sabre\DAVACL\Property;
  3. use Sabre\DAV;
  4. /**
  5. * This class represents the {DAV:}acl property
  6. *
  7. * @copyright Copyright (C) 2007-2013 fruux GmbH (https://fruux.com/).
  8. * @author Evert Pot (http://evertpot.com/)
  9. * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
  10. */
  11. class Acl extends DAV\Property {
  12. /**
  13. * List of privileges
  14. *
  15. * @var array
  16. */
  17. private $privileges;
  18. /**
  19. * Whether or not the server base url is required to be prefixed when
  20. * serializing the property.
  21. *
  22. * @var boolean
  23. */
  24. private $prefixBaseUrl;
  25. /**
  26. * Constructor
  27. *
  28. * This object requires a structure similar to the return value from
  29. * Sabre\DAVACL\Plugin::getACL().
  30. *
  31. * Each privilege is a an array with at least a 'privilege' property, and a
  32. * 'principal' property. A privilege may have a 'protected' property as
  33. * well.
  34. *
  35. * The prefixBaseUrl should be set to false, if the supplied principal urls
  36. * are already full urls. If this is kept to true, the servers base url
  37. * will automatically be prefixed.
  38. *
  39. * @param bool $prefixBaseUrl
  40. * @param array $privileges
  41. */
  42. public function __construct(array $privileges, $prefixBaseUrl = true) {
  43. $this->privileges = $privileges;
  44. $this->prefixBaseUrl = $prefixBaseUrl;
  45. }
  46. /**
  47. * Returns the list of privileges for this property
  48. *
  49. * @return array
  50. */
  51. public function getPrivileges() {
  52. return $this->privileges;
  53. }
  54. /**
  55. * Serializes the property into a DOMElement
  56. *
  57. * @param DAV\Server $server
  58. * @param \DOMElement $node
  59. * @return void
  60. */
  61. public function serialize(DAV\Server $server,\DOMElement $node) {
  62. $doc = $node->ownerDocument;
  63. foreach($this->privileges as $ace) {
  64. $this->serializeAce($doc, $node, $ace, $server);
  65. }
  66. }
  67. /**
  68. * Unserializes the {DAV:}acl xml element.
  69. *
  70. * @param \DOMElement $dom
  71. * @param array $propertyMap
  72. * @return Acl
  73. */
  74. static public function unserialize(\DOMElement $dom, array $propertyMap) {
  75. $privileges = array();
  76. $xaces = $dom->getElementsByTagNameNS('urn:DAV','ace');
  77. for($ii=0; $ii < $xaces->length; $ii++) {
  78. $xace = $xaces->item($ii);
  79. $principal = $xace->getElementsByTagNameNS('urn:DAV','principal');
  80. if ($principal->length !== 1) {
  81. throw new DAV\Exception\BadRequest('Each {DAV:}ace element must have one {DAV:}principal element');
  82. }
  83. $principal = Principal::unserialize($principal->item(0), $propertyMap);
  84. switch($principal->getType()) {
  85. case Principal::HREF :
  86. $principal = $principal->getHref();
  87. break;
  88. case Principal::AUTHENTICATED :
  89. $principal = '{DAV:}authenticated';
  90. break;
  91. case Principal::UNAUTHENTICATED :
  92. $principal = '{DAV:}unauthenticated';
  93. break;
  94. case Principal::ALL :
  95. $principal = '{DAV:}all';
  96. break;
  97. }
  98. $protected = false;
  99. if ($xace->getElementsByTagNameNS('urn:DAV','protected')->length > 0) {
  100. $protected = true;
  101. }
  102. $grants = $xace->getElementsByTagNameNS('urn:DAV','grant');
  103. if ($grants->length < 1) {
  104. throw new DAV\Exception\NotImplemented('Every {DAV:}ace element must have a {DAV:}grant element. {DAV:}deny is not yet supported');
  105. }
  106. $grant = $grants->item(0);
  107. $xprivs = $grant->getElementsByTagNameNS('urn:DAV','privilege');
  108. for($jj=0; $jj<$xprivs->length; $jj++) {
  109. $xpriv = $xprivs->item($jj);
  110. $privilegeName = null;
  111. for ($kk=0;$kk<$xpriv->childNodes->length;$kk++) {
  112. $childNode = $xpriv->childNodes->item($kk);
  113. if ($t = DAV\XMLUtil::toClarkNotation($childNode)) {
  114. $privilegeName = $t;
  115. break;
  116. }
  117. }
  118. if (is_null($privilegeName)) {
  119. throw new DAV\Exception\BadRequest('{DAV:}privilege elements must have a privilege element contained within them.');
  120. }
  121. $privileges[] = array(
  122. 'principal' => $principal,
  123. 'protected' => $protected,
  124. 'privilege' => $privilegeName,
  125. );
  126. }
  127. }
  128. return new self($privileges);
  129. }
  130. /**
  131. * Serializes a single access control entry.
  132. *
  133. * @param \DOMDocument $doc
  134. * @param \DOMElement $node
  135. * @param array $ace
  136. * @param DAV\Server $server
  137. * @return void
  138. */
  139. private function serializeAce($doc,$node,$ace, DAV\Server $server) {
  140. $xace = $doc->createElementNS('DAV:','d:ace');
  141. $node->appendChild($xace);
  142. $principal = $doc->createElementNS('DAV:','d:principal');
  143. $xace->appendChild($principal);
  144. switch($ace['principal']) {
  145. case '{DAV:}authenticated' :
  146. $principal->appendChild($doc->createElementNS('DAV:','d:authenticated'));
  147. break;
  148. case '{DAV:}unauthenticated' :
  149. $principal->appendChild($doc->createElementNS('DAV:','d:unauthenticated'));
  150. break;
  151. case '{DAV:}all' :
  152. $principal->appendChild($doc->createElementNS('DAV:','d:all'));
  153. break;
  154. default:
  155. $principal->appendChild($doc->createElementNS('DAV:','d:href',($this->prefixBaseUrl?$server->getBaseUri():'') . $ace['principal'] . '/'));
  156. }
  157. $grant = $doc->createElementNS('DAV:','d:grant');
  158. $xace->appendChild($grant);
  159. $privParts = null;
  160. preg_match('/^{([^}]*)}(.*)$/',$ace['privilege'],$privParts);
  161. $xprivilege = $doc->createElementNS('DAV:','d:privilege');
  162. $grant->appendChild($xprivilege);
  163. $xprivilege->appendChild($doc->createElementNS($privParts[1],'d:'.$privParts[2]));
  164. if (isset($ace['protected']) && $ace['protected'])
  165. $xace->appendChild($doc->createElement('d:protected'));
  166. }
  167. }