amorfo77/sogo
1
0
Fork 0
mirror of https://github.com/inverse-inc/sogo.git synced 2026-05-29 15:15:37 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #249 from zentyal/ejhernandez/proper-fix-user-many-groups-calendar-sharing

Browse Source 
Keep all roles in calendar folder ACLs
This commit is contained in:
Jesús García Sáez
2016-02-15 20:53:14 +01:00
parent c99fd1d93c 15779c2cfb
commit b62d58d4d7
1 changed files with 55 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files
SoObjects/Appointments/SOGoAppointmentFolder.m
+55 -39
View File
@@ -3300,12 +3300,60 @@ firstInstanceCalendarDateRange: (NGCalendarDateRange *) fir
}
/* acls */
/* Compare two permissions to set first the highest access right, if unknown, then
do nothing */
static NSComparisonResult _comparePermissions (id perm1, id perm2, void *context)
{
static NSDictionary *permMap = nil;
NSNumber *num_1, *num_2;
if (!permMap)
{
NSMutableArray *numberObjs;
NSUInteger i, max = 16;
numberObjs = [NSMutableArray arrayWithCapacity: max];
for (i = 0; i < max; i++)
[numberObjs addObject: [NSNumber numberWithInteger: i]];
/* Build the map to compare easily */
permMap = [[NSDictionary alloc] initWithObjects: numberObjs
forKeys: [NSArray arrayWithObjects:
SOGoRole_ObjectEraser,
SOGoRole_ObjectCreator,
SOGoRole_ObjectEditor,
SOGoCalendarRole_ConfidentialModifier,
SOGoCalendarRole_ConfidentialResponder,
SOGoCalendarRole_ConfidentialViewer,
SOGoCalendarRole_ConfidentialDAndTViewer,
SOGoCalendarRole_PrivateModifier,
SOGoCalendarRole_PrivateResponder,
SOGoCalendarRole_PrivateViewer,
SOGoCalendarRole_PrivateDAndTViewer,
SOGoCalendarRole_PublicModifier,
SOGoCalendarRole_PublicResponder,
SOGoCalendarRole_PublicViewer,
SOGoCalendarRole_PublicDAndTViewer,
SOGoCalendarRole_FreeBusyReader, nil]];
[permMap retain];
}
num_1 = [permMap objectForKey: perm1];
if (!num_1)
num_1 = [NSNumber numberWithInteger: 255];
num_2 = [permMap objectForKey: perm2];
if (!num_2)
num_2 = [NSNumber numberWithInteger: 255];
return [num_1 compare: num_2];
}
- (NSArray *) aclsForUser: (NSString *) uid
forObjectAtPath: (NSArray *) objectPathArray
{
NSMutableArray *aclsForUser;
NSArray *superAcls;
static NSArray *rolesClassifications = nil;
superAcls = [super aclsForUser: uid forObjectAtPath: objectPathArray];
if ([uid isEqualToString: [self defaultUserID]])
@@ -3321,44 +3369,12 @@ firstInstanceCalendarDateRange: (NGCalendarDateRange *) fir
}
else
{
aclsForUser = [NSMutableArray array];
if (!rolesClassifications)
{
rolesClassifications =
[NSArray arrayWithObjects:
[NSArray arrayWithObjects:
SOGoCalendarRole_PublicModifier,
SOGoCalendarRole_PublicResponder,
SOGoCalendarRole_PublicViewer,
SOGoCalendarRole_PublicDAndTViewer,
nil],
[NSArray arrayWithObjects:
SOGoCalendarRole_ConfidentialModifier,
SOGoCalendarRole_ConfidentialResponder,
SOGoCalendarRole_ConfidentialViewer,
SOGoCalendarRole_ConfidentialDAndTViewer,
nil],
[NSArray arrayWithObjects:
SOGoCalendarRole_PrivateModifier,
SOGoCalendarRole_PrivateResponder,
SOGoCalendarRole_PrivateViewer,
SOGoCalendarRole_PrivateDAndTViewer,
nil],
[NSArray arrayWithObject: SOGoRole_ObjectCreator],
[NSArray arrayWithObject: SOGoRole_ObjectEraser],
nil];
[rolesClassifications retain];
}
// When a user is a member of many groups for which there are access rights, multiple access rights
// can be returned for each classification. In this case, we only keep the highest access right.
int i, count = [rolesClassifications count];
NSString *role;
for (i = 0; i < count; i++)
{
role = [[rolesClassifications objectAtIndex: i] firstObjectCommonWithArray: superAcls];
if (role)
[aclsForUser addObject: role];
}
/* Sort setting the highest access right first, so in the case
of a user member of several groups, the highest access right
is checked first, for instance, in
[SOGoAppointmentFolder:roleForComponentsWithAccessClass:forUser] */
aclsForUser = (NSMutableArray *) [superAcls sortedArrayUsingFunction: _comparePermissions
context: NULL];
}
return aclsForUser;