mirror of
https://github.com/verdigado/organization_folders.git
synced 2024-12-06 11:22:41 +01:00
added user-has-manager-permissions dav prop; added principal model and simplified the ACL code with it
This commit is contained in:
parent
72fbc9e20e
commit
8bfa9dfa29
11 changed files with 172 additions and 114 deletions
|
|
@ -8,16 +8,22 @@ use OCP\DB\QueryBuilder\IQueryBuilder;
|
|||
use OCP\IDBConnection;
|
||||
|
||||
use OCA\GroupFolders\ACL\Rule;
|
||||
use OCA\GroupFolders\ACL\UserMapping\IUserMapping;
|
||||
use OCA\GroupFolders\ACL\UserMapping\IUserMappingManager;
|
||||
use OCA\GroupFolders\ACL\RuleManager;
|
||||
use OCA\GroupFolders\Folder\FolderManager;
|
||||
|
||||
use OCA\OrganizationFolders\OrganizationProvider\OrganizationProviderManager;
|
||||
use OCA\OrganizationFolders\Model\Principal;
|
||||
use OCA\OrganizationFolders\Enum\PrincipalType;
|
||||
|
||||
class ACLManager {
|
||||
public function __construct(
|
||||
protected IDBConnection $db,
|
||||
protected FolderManager $folderManager,
|
||||
protected IUserMappingManager $userMappingManager,
|
||||
protected RuleManager $ruleManager,
|
||||
protected OrganizationProviderManager $organizationProviderManager
|
||||
) {
|
||||
}
|
||||
|
||||
|
|
@ -48,6 +54,38 @@ class ACLManager {
|
|||
return array_map($this->createRuleEntityFromRow(...), $rows);
|
||||
}
|
||||
|
||||
public function getMappingForPrincipal(Principal $principal): IUserMapping {
|
||||
if($principal->getType() === PrincipalType::USER) {
|
||||
return $this->userMappingManager->mappingFromId("user", $principal->getId());
|
||||
} else if($principal->getType() === PrincipalType::GROUP) {
|
||||
return $this->userMappingManager->mappingFromId("group", $principal->getId());
|
||||
} else if($principal->getType() === PrincipalType::ROLE) {
|
||||
[$organizationProviderId, $roleId] = explode(":", $principal->getId(), 2);
|
||||
|
||||
$organizationProvider = $this->organizationProviderManager->getOrganizationProvider($organizationProviderId);
|
||||
$role = $organizationProvider->getRole($roleId);
|
||||
|
||||
return $this->userMappingManager->mappingFromId("group", $role->getMembersGroup());
|
||||
} else {
|
||||
throw new \Exception("invalid resource member type");
|
||||
}
|
||||
}
|
||||
|
||||
public function createAclRuleForPrincipal(Principal $principal, int $fileId, int $mask, int $permissions): ?Rule {
|
||||
$mapping = $this->getMappingForPrincipal($principal);
|
||||
|
||||
if(is_null($mapping)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return new Rule(
|
||||
userMapping: $mapping,
|
||||
fileId: $fileId,
|
||||
mask: $mask,
|
||||
permissions: $permissions,
|
||||
);
|
||||
}
|
||||
|
||||
protected function ruleMappingComparison(Rule $rule1, Rule $rule2): int {
|
||||
$mapping1 = $rule1->getUserMapping();
|
||||
$mapping2 = $rule2->getUserMapping();
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue