Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
Z
zimbra
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Iterations
Wiki
Requirements
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Locked files
Build
Pipelines
Jobs
Pipeline schedules
Test cases
Artifacts
Deploy
Releases
Container registry
Model registry
Operate
Environments
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Code review analytics
Issue analytics
Insights
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
lib
unicaen
zimbra
Commits
ce3cc221
Commit
ce3cc221
authored
10 years ago
by
David Surville
Browse files
Options
Downloads
Patches
Plain Diff
Ajout de la gestion des droits Zimbra (ACE)
parent
4055bf14
No related branches found
No related tags found
No related merge requests found
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
Module.php
+1
-1
1 addition, 1 deletion
Module.php
src/UnicaenZimbra/Entity/Right.php
+336
-0
336 additions, 0 deletions
src/UnicaenZimbra/Entity/Right.php
src/UnicaenZimbra/Service/Right.php
+39
-0
39 additions, 0 deletions
src/UnicaenZimbra/Service/Right.php
with
376 additions
and
1 deletion
Module.php
+
1
−
1
View file @
ce3cc221
...
...
@@ -53,7 +53,7 @@ class Module implements ConfigProviderInterface, ServiceProviderInterface
$services
=
array
(
'Account'
,
'Alias'
,
'Cos'
,
'DistributionList'
,
'Domain'
,
'Filter'
,
'Folder'
,
'Gal'
,
'Identity'
,
'MailBox'
,
'Resource'
,
'Server'
'Identity'
,
'MailBox'
,
'Resource'
,
'Right'
,
'Server'
);
$processus
=
array
(
'BoiteGenerique'
...
...
This diff is collapsed.
Click to expand it.
src/UnicaenZimbra/Entity/Right.php
0 → 100644
+
336
−
0
View file @
ce3cc221
<?php
namespace
UnicaenZimbra\Entity
;
use
UnicaenZimbra\Entity\Entity
as
ZimbraEntity
;
use
Application\Exception
;
/**
* @version $Id$
*
* Gestion des droits sur les différents éléments Zimbra
*
* @author David Surville <david.surville at unicaen.fr>
*/
class
Right
{
const
TARGET_ACCOUNT
=
'account'
;
const
TARGET_CALRESOURCE
=
'calresource'
;
const
TARGET_COS
=
'cos'
;
const
TARGET_DL
=
'dl'
;
// distribution list
const
TARGET_GROUP
=
'group'
;
// dynamic group
const
TARGET_DOMAIN
=
'domain'
;
const
TARGET_SERVER
=
'server'
;
const
TARGET_UCSERVICE
=
'ucservice'
;
// UC service
const
TARGET_XMPPCOMPONENT
=
'xmppcomponent'
;
// XMPP component
const
TARGET_ZIMLET
=
'zimlet'
;
const
TARGET_CONFIG
=
'config'
;
const
TARGET_GLOBAL
=
'global'
;
// global grant
const
GRANTEE_USR
=
'usr'
;
// internal user
const
GRANTEE_GRP
=
'grp'
;
// internal group (distribution list)
const
GRANTEE_EGP
=
'egp'
;
// external AD group
const
GRANTEE_ALL
=
'all'
;
// all Zimbra authenticated users
const
GRANTEE_DOM
=
'dom'
;
// domain
const
GRANTEE_GST
=
'gst'
;
// non-Zimbra email address and password - might not yet supported
const
GRANTEE_KEY
=
'key'
;
// non-Zimbra email address/external user and access key
const
GRANTEE_PUB
=
'pub'
;
// public authenticated and unauthenticated access
const
GRANTEE_EMAIL
=
'email'
;
// email adress
/**
* id Zimbra ou nom de la cible
*
* @var string
*/
private
$target
;
/**
* type de la cible
*
* @var string
* @see self::TARGET_*
*/
private
$targetType
;
/**
* sélecteur de la cible
*
* @var string
*/
private
$targetBy
=
'id'
;
/**
* id Zimbra ou nom du bénéficiaire (requis pour : usr grp egp dom gst key email)
*
* @var string
*/
private
$grantee
;
/**
* type du bénéficiaire
*
* @var string
* @see self::GRANTEE_*
*/
private
$granteeType
;
/**
* sélecteur du bénéficiaire
*
* @var string
*/
private
$granteeBy
=
'id'
;
/**
* mot de passe ou clé d'accès (requis pour : gst key)
*
* @var string
*/
private
$granteeSecret
=
null
;
/**
* droit
* Value is of the form : {right-name} | {inline-right} where
* {right-name} = a system defined right name
* {inline-right} = {op}.{target-type}.{attr-name}
* {op} = set | get
* {attr-name} = a valid attribute name on the specified target type
*
* @var string
*/
private
$right
;
/**
* deny - negative right
*
* @var boolean
*/
private
$rightDeny
=
false
;
/**
* can delegate
*
* @var boolean
*/
private
$rightCanDelegate
=
false
;
/**
*
* @var boolean
*/
private
$rightDisinheritSubGroups
=
false
;
/**
*
* @var boolean
*/
private
$rightSubDomain
=
false
;
/**
* méthodes de la classe
*
* @var array
*/
private
$publicFields
=
array
(
'target'
,
'targetType'
,
'targetBy'
,
'grantee'
,
'granteeType'
,
'granteeBy'
,
'granteeSecret'
,
'right'
,
'rightDeny'
,
'rightCanDelegate'
,
'rightDisinheritSubGroups'
,
'rightSubDomain'
);
private
$targetAuthorized
=
array
(
'UnicaenZimbra\Entity\Account'
=>
self
::
TARGET_ACCOUNT
,
'UnicaenZimbra\Entity\Resource'
=>
self
::
TARGET_CALRESOURCE
,
'UnicaenZimbra\Entity\Cos'
=>
self
::
TARGET_COS
,
'UnicaenZimbra\Entity\DistributionList'
=>
self
::
TARGET_DL
,
'UnicaenZimbra\Entity\Domain'
=>
self
::
TARGET_DOMAIN
,
'UnicaenZimbra\Entity\Server'
=>
self
::
TARGET_SERVER
);
private
$granteeAuthorized
=
array
(
'UnicaenZimbra\Entity\Account'
=>
self
::
GRANTEE_USR
,
'UnicaenZimbra\Entity\DistributionList'
=>
self
::
GRANTEE_GRP
,
'UnicaenZimbra\Entity\Domain'
=>
self
::
GRANTEE_DOM
);
/**
* Getter (magic)
*
* @param string $name
* @return mixed
*/
public
function
__get
(
$name
)
{
if
(
!
in_array
(
$name
,
$this
->
publicFields
))
throw
new
Exception
(
sprintf
(
"La propriété '%s' est inconnue ou n'est pas accessible"
,
$name
));
return
$this
->
$name
;
}
/**
* Getter
*
* @param string $name
* @return mixed
*/
public
function
get
(
$name
)
{
return
$this
->
__get
(
$name
);
}
/**
* Setter (magic)
*
* @param string $name
* @param mixed $value
*/
public
function
__set
(
$name
,
$value
)
{
if
(
!
in_array
(
$name
,
$this
->
publicFields
))
throw
new
Exception
(
sprintf
(
"La propriété '%s' est inconnue ou n'est pas modifiable"
,
$name
));
$this
->
$name
=
$value
;
}
/**
* Setter
*
* @param string $name
* @param mixed $value
* @return \UnicaenZimbra\Entity\Right
*/
public
function
set
(
$name
,
$value
)
{
$this
->
__set
(
$name
,
$value
);
return
$this
;
}
/**
* Retourne la liste des attributs avec leur valeur formatée pour Zimbra
*
* @return array
*/
public
function
getConvertedToXml
()
{
foreach
(
array
(
'target'
,
'grantee'
,
'right'
)
as
$tag
)
{
if
(
null
!=
$this
->
$tag
)
{
$params
[
$tag
]
=
$this
->
_makeZimbraAttributes
(
$tag
);
}
}
return
$params
;
}
/**
* Formate la liste des attributs avec leur valeur pour Zimbra
*
* @param string $tag
* @return array
*/
private
function
_makeZimbraAttributes
(
$tag
)
{
$attributes
=
array
();
foreach
(
$this
->
publicFields
as
$attr
)
{
if
(
preg_match
(
sprintf
(
'/(%s)(.+)/'
,
$tag
),
$attr
,
$matches
))
{
if
(
!
is_null
(
$this
->
$attr
))
{
$attributes
[
strtolower
(
$matches
[
2
])]
=
Entity
::
convertToXml
(
$this
->
$attr
);
}
}
}
return
$result
[]
=
array
(
'@attributes'
=>
$attributes
,
'@content'
=>
$this
->
$tag
,
);
}
/**
* L'entité transmise devient la cible du droit
*
* @param \UnicaenZimbra\Entity\Entity $target
* @return \UnicaenZimbra\Entity\Right
* @throws Exception
*/
public
function
setTarget
(
ZimbraEntity
$target
)
{
$this
->
targetType
=
$this
->
targetAuthorized
[
get_class
(
$target
)];
if
(
null
==
$this
->
targetType
)
throw
new
Exception
(
sprintf
(
"Types d'entité autorisés pour la cible : %s"
,
implode
(
'|'
,
array_values
(
$this
->
targetAuthorized
))));
$this
->
target
=
$target
->
getId
();
return
$this
;
}
/**
* L'entité transmise devient le bénéficiaire du droit
*
* @param \UnicaenZimbra\Entity\Entity $grantee
* @return \UnicaenZimbra\Entity\Right
* @throws Exception
*/
public
function
setGrantee
(
ZimbraEntity
$grantee
)
{
$this
->
granteeType
=
$this
->
granteeAuthorized
[
get_class
(
$grantee
)];
if
(
null
==
$this
->
granteeType
)
throw
new
Exception
(
sprintf
(
"Types d'entité autorisés pour la bénéficiaire : %s"
,
implode
(
'|'
,
array_values
(
$this
->
granteeAuthorized
))));
$this
->
grantee
=
$grantee
->
getId
();
return
$this
;
}
/**
* A system define right name
* Ex. : invite, viewFreeBusy
*
* @param string $rightName
* @return \UnicaenZimbra\Entity\Right
*/
public
function
setRightByRightName
(
$rightName
)
{
$this
->
right
=
$rightName
;
return
$this
;
}
/**
* Inline right
* {inline-right} = {op}.{target-type}.{attr-name}
* {op} = set | get
* {attr-name} = a valid attribute name on the specified target type
*
* @param string $op
* @param string $attrName
* @return \UnicaenZimbra\Entity\Right
* @throws Exception
*/
public
function
setRightByInlineRight
(
$op
,
$attrName
)
{
if
(
null
==
$this
->
targetType
)
throw
new
Exception
(
"Vous devez spécifier le type de la cible 'targetType' pour utiliser cette méthode"
);
if
(
!
in_array
(
$op
,
array
(
'get'
,
'set'
)))
throw
new
Exception
(
"Opération incorrecte, valeurs autorisées : get|set"
);
$this
->
right
=
$op
.
$this
->
targetType
.
$attrName
;
return
$this
;
}
}
This diff is collapsed.
Click to expand it.
src/UnicaenZimbra/Service/Right.php
0 → 100644
+
39
−
0
View file @
ce3cc221
<?php
namespace
UnicaenZimbra\Service
;
use
UnicaenZimbra\Entity\Right
as
RightEntity
;
/**
* @version $Id$
*
* Service de droits Zimbra
*
* @author David Surville <david.surville at unicaen.fr>
*/
class
Right
extends
Service
{
/**
* Grant a right on a target to an individual or group grantee.
*
* @param \UnicaenZimbra\Entity\Right $right
* @return boolean
*/
public
function
grantRight
(
RightEntity
$right
)
{
$params
=
$right
->
getConvertedToXml
();
$this
->
getZimbra
()
->
request
(
'GrantRightRequest'
,
array
(),
$params
);
$this
->
count
=
1
;
return
true
;
}
public
function
revokeRight
(
RightEntity
$right
)
{
$params
=
$right
->
getConvertedToXml
();
$this
->
getZimbra
()
->
request
(
'RevokeRightRequest'
,
array
(),
$params
);
$this
->
count
=
1
;
return
true
;
}
}
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment