oc-notes: Implement edit own and delete own permissions
By storing the PidTagCreatorName on creation and checking when trying to edit or delete an specific message.pull/209/head
parent
76e586deca
commit
1ca1a273d9
|
@ -25,6 +25,16 @@
|
|||
|
||||
#import "MAPIStoreFolder.h"
|
||||
|
||||
extern NSString *MAPIStoreRightReadItems;
|
||||
extern NSString *MAPIStoreRightCreateItems;
|
||||
extern NSString *MAPIStoreRightEditOwn;
|
||||
extern NSString *MAPIStoreRightEditAll;
|
||||
extern NSString *MAPIStoreRightDeleteOwn;
|
||||
extern NSString *MAPIStoreRightDeleteAll;
|
||||
extern NSString *MAPIStoreRightCreateSubfolders;
|
||||
extern NSString *MAPIStoreRightFolderOwner;
|
||||
extern NSString *MAPIStoreRightFolderContact;
|
||||
|
||||
@interface MAPIStoreDBFolder : MAPIStoreFolder
|
||||
|
||||
@end
|
||||
|
|
|
@ -51,15 +51,15 @@
|
|||
|
||||
static Class EOKeyValueQualifierK, SOGoCacheGCSFolderK, MAPIStoreDBFolderK;
|
||||
|
||||
static NSString *MAPIStoreRightReadItems = @"RightsReadItems";
|
||||
static NSString *MAPIStoreRightCreateItems = @"RightsCreateItems";
|
||||
static NSString *MAPIStoreRightEditOwn = @"RightsEditOwn";
|
||||
static NSString *MAPIStoreRightEditAll = @"RightsEditAll";
|
||||
static NSString *MAPIStoreRightDeleteOwn = @"RightsDeleteOwn";
|
||||
static NSString *MAPIStoreRightDeleteAll = @"RightsDeleteAll";
|
||||
static NSString *MAPIStoreRightCreateSubfolders = @"RightsCreateSubfolders";
|
||||
static NSString *MAPIStoreRightFolderOwner = @"RightsFolderOwner";
|
||||
static NSString *MAPIStoreRightFolderContact = @"RightsFolderContact";
|
||||
NSString *MAPIStoreRightReadItems = @"RightsReadItems";
|
||||
NSString *MAPIStoreRightCreateItems = @"RightsCreateItems";
|
||||
NSString *MAPIStoreRightEditOwn = @"RightsEditOwn";
|
||||
NSString *MAPIStoreRightEditAll = @"RightsEditAll";
|
||||
NSString *MAPIStoreRightDeleteOwn = @"RightsDeleteOwn";
|
||||
NSString *MAPIStoreRightDeleteAll = @"RightsDeleteAll";
|
||||
NSString *MAPIStoreRightCreateSubfolders = @"RightsCreateSubfolders";
|
||||
NSString *MAPIStoreRightFolderOwner = @"RightsFolderOwner";
|
||||
NSString *MAPIStoreRightFolderContact = @"RightsFolderContact";
|
||||
|
||||
@implementation MAPIStoreDBFolder
|
||||
|
||||
|
@ -355,8 +355,7 @@ static NSString *MAPIStoreRightFolderContact = @"RightsFolderContact";
|
|||
|
||||
- (BOOL) subscriberCanModifyMessages
|
||||
{
|
||||
return ([self _testRoleForActiveUser: MAPIStoreRightEditAll]
|
||||
|| [self _testRoleForActiveUser: MAPIStoreRightEditOwn]);
|
||||
return [self _testRoleForActiveUser: MAPIStoreRightEditAll];
|
||||
}
|
||||
|
||||
- (BOOL) subscriberCanReadMessages
|
||||
|
@ -377,8 +376,7 @@ static NSString *MAPIStoreRightFolderContact = @"RightsFolderContact";
|
|||
|
||||
- (BOOL) subscriberCanDeleteMessages
|
||||
{
|
||||
return ([self _testRoleForActiveUser: MAPIStoreRightDeleteAll]
|
||||
|| [self _testRoleForActiveUser: MAPIStoreRightDeleteOwn]);
|
||||
return [self _testRoleForActiveUser: MAPIStoreRightDeleteAll];
|
||||
}
|
||||
|
||||
- (BOOL) subscriberCanCreateSubFolders
|
||||
|
|
|
@ -27,6 +27,9 @@
|
|||
#import <Foundation/NSString.h>
|
||||
#import <Foundation/NSValue.h>
|
||||
#import <NGExtensions/NSObject+Logs.h>
|
||||
#import <NGObjWeb/WOContext+SoObjects.h>
|
||||
#import <SOGo/SOGoFolder.h>
|
||||
#import <SOGo/SOGoUser.h>
|
||||
|
||||
#import "MAPIStoreContext.h"
|
||||
#import "MAPIStorePropertySelectors.h"
|
||||
|
@ -346,6 +349,16 @@
|
|||
/* Update PredecessorChangeList accordingly */
|
||||
[self _updatePredecessorChangeList];
|
||||
|
||||
if (isNew)
|
||||
{
|
||||
NSString *lastModifierName;
|
||||
|
||||
lastModifierName = (NSString *)[properties objectForKey: MAPIPropertyKey (PidTagLastModifierName)];
|
||||
if ([lastModifierName length] > 0)
|
||||
[properties setObject: lastModifierName
|
||||
forKey: MAPIPropertyKey (PidTagCreatorName)];
|
||||
}
|
||||
|
||||
// [self logWithFormat: @"Saving %@", [self description]];
|
||||
// [self logWithFormat: @"%d props in dict", [properties count]];
|
||||
|
||||
|
@ -364,20 +377,77 @@
|
|||
return [msgClass isEqualToString: @"IPM.Microsoft.ScheduleData.FreeBusy"];
|
||||
}
|
||||
|
||||
/* TODO: differentiate between the "Own" and "All" cases */
|
||||
//-----------------------------
|
||||
// Permissions
|
||||
//-----------------------------
|
||||
|
||||
- (BOOL) subscriberCanReadMessage
|
||||
{
|
||||
return [(MAPIStoreFolder *) container subscriberCanReadMessages];
|
||||
// || [self _messageIsFreeBusy]);
|
||||
}
|
||||
|
||||
- (SOGoUser *) _ownerUser
|
||||
{
|
||||
NSString *ownerName;
|
||||
SOGoUser *ownerUser = nil;
|
||||
|
||||
ownerName = [properties objectForKey: MAPIPropertyKey (PidTagCreatorName)];
|
||||
if ([ownerName length] > 0)
|
||||
ownerUser = [SOGoUser userWithLogin: ownerName];
|
||||
|
||||
return ownerUser;
|
||||
}
|
||||
|
||||
- (NSArray *) activeUserRoles
|
||||
{
|
||||
/* Override because of this exception: NSInvalidArgumentException,
|
||||
reason: [SOGoMAPIDBMessage-aclsForUser:] should be overridden by
|
||||
subclass */
|
||||
if (!activeUserRoles)
|
||||
{
|
||||
SOGoUser *activeUser;
|
||||
|
||||
activeUser = [[self context] activeUser];
|
||||
activeUserRoles = [[container aclFolder] aclsForUser: [activeUser login]];
|
||||
[activeUserRoles retain];
|
||||
}
|
||||
|
||||
return activeUserRoles;
|
||||
}
|
||||
|
||||
- (BOOL) subscriberCanModifyMessage
|
||||
{
|
||||
return ((isNew
|
||||
&& [(MAPIStoreFolder *) container subscriberCanCreateMessages])
|
||||
|| (!isNew
|
||||
&& [(MAPIStoreFolder *) container subscriberCanModifyMessages]));
|
||||
// || [self _messageIsFreeBusy]);
|
||||
BOOL rc;
|
||||
NSArray *roles;
|
||||
|
||||
roles = [self activeUserRoles];
|
||||
|
||||
if (isNew)
|
||||
rc = [(MAPIStoreFolder *) container subscriberCanCreateMessages];
|
||||
else
|
||||
rc = [roles containsObject: MAPIStoreRightEditAll];
|
||||
|
||||
/* Check if the message is owned and it has permission to edit it */
|
||||
if (!rc && [roles containsObject: MAPIStoreRightEditOwn])
|
||||
rc = [[[container context] activeUser] isEqual: [self _ownerUser]];
|
||||
|
||||
return rc;
|
||||
}
|
||||
|
||||
- (BOOL) subscriberCanDeleteMessage
|
||||
{
|
||||
BOOL rc;
|
||||
NSArray *roles;
|
||||
|
||||
roles = [self activeUserRoles];
|
||||
|
||||
rc = [roles containsObject: MAPIStoreRightDeleteAll];
|
||||
|
||||
/* Check if the message is owned and it has permission to delete it */
|
||||
if (!rc && [roles containsObject: MAPIStoreRightDeleteOwn])
|
||||
rc = [[[container context] activeUser] isEqual: [self _ownerUser]];
|
||||
|
||||
return rc;
|
||||
}
|
||||
|
||||
- (NSDate *) creationTime
|
||||
|
|
Loading…
Reference in New Issue