Monotone-Parent: ffee2e191d0b888d3bfb2c7d6d16836788f668d0

Monotone-Revision: 575cf41d358a8719c8b0d9a19301b8c29bbb1c30

Monotone-Author: wsourdeau@inverse.ca
Monotone-Date: 2007-11-29T16:14:11
Monotone-Branch: ca.inverse.sogo

ChangeLog

@@ -1,3 +1,9 @@
+2007-11-29  Wolfgang Sourdeau  <wsourdeau@inverse.ca>
+
+	* SoObjects/SOGo/SOGoObject.m ([SOGoObject -subscriptionRoles]):
+	new method that returns the roles that qualifies for adding the
+	special "authorized subscribed" sogo role.
+
 2007-11-27  Wolfgang Sourdeau  <wsourdeau@inverse.ca>
 
 	* SoObjects/SOGo/SOGoContentObject.m ([SOGoContentObject

SoObjects/Appointments/SOGoAppointmentFolder.m

@@ -775,6 +775,24 @@ static NSNumber   *sharedYes = nil;
   return privacySqlString;
 }
 
+- (NSArray *) subscriptionRoles
+{
+  return [NSArray arrayWithObjects:
+		    SOGoRole_ObjectCreator, SOGoRole_ObjectEraser,
+		  SOGoCalendarRole_PublicResponder,
+		  SOGoCalendarRole_PublicModifier,
+		  SOGoCalendarRole_PublicViewer,
+		  SOGoCalendarRole_PublicDAndTViewer,
+		  SOGoCalendarRole_PrivateResponder,
+		  SOGoCalendarRole_PrivateModifier,
+		  SOGoCalendarRole_PrivateViewer,
+		  SOGoCalendarRole_PrivateDAndTViewer,
+		  SOGoCalendarRole_ConfidentialResponder,
+		  SOGoCalendarRole_ConfidentialModifier,
+		  SOGoCalendarRole_ConfidentialViewer,
+		  SOGoCalendarRole_ConfidentialDAndTViewer, nil];
+}
+
 - (NSString *) roleForComponentsWithAccessClass: (iCalAccessClass) accessClass
 					forUser: (NSString *) uid
 {

SoObjects/Appointments/product.plist

@@ -39,7 +39,6 @@
 	"ViewDAndT" = ( "Organizer", "Participant", "ComponentDAndTViewer" );
 	"ModifyComponent" = ( "Owner", "Organizer" );
 	"RespondToComponent" = ( "Participant" );
-	"Access Object" = ( "Owner", "Organizer", "Participant", "ComponentModifier", "ComponentResponder", "ComponentViewer", "ComponentDAndTViewer" );
       };
     };
     SOGoAppointmentObject = {

SoObjects/Contacts/SOGoContactLDAPFolder.m

@@ -26,21 +26,21 @@
 
 #import <NGObjWeb/NSException+HTTP.h>
 #import <NGObjWeb/WOApplication.h>
-#import <NGObjWeb/WOContext.h>
 #import <NGObjWeb/WOContext+SoObjects.h>
+#import <NGObjWeb/WORequest.h>
 #import <NGObjWeb/WOResponse.h>
 #import <NGObjWeb/SoObject.h>
+#import <NGObjWeb/SoSelectorInvocation.h>
 #import <NGObjWeb/SoUser.h>
+#import <NGExtensions/NSString+misc.h>
 #import <EOControl/EOSortOrdering.h>
 #import <SaxObjC/XMLNamespaces.h>
 
+#import <SoObjects/SOGo/SOGoPermissions.h>
 #import <SoObjects/SOGo/LDAPSource.h>
 #import <SoObjects/SOGo/NSString+Utilities.h>
 #import "SOGoContactLDIFEntry.h"
 #import "SOGoContactLDAPFolder.h"
-#import <NGExtensions/NSString+misc.h>
-#import <NGObjWeb/WORequest.h>
-#import <NGObjWeb/SoSelectorInvocation.h>
 
 @class WOContext;
 
@@ -303,6 +303,11 @@
   return @"nobody";
 }
 
+- (NSArray *) subscriptionRoles
+{
+  return [NSArray arrayWithObject: SoRole_Authenticated];
+}
+
 /* TODO: this might change one day when we support LDAP acls */
 - (NSArray *) aclsForUser: (NSString *) uid
 {

SoObjects/Mailer/SOGoMailFolder.m

@@ -544,6 +544,16 @@ static NSString *defaultUserID =  @"anyone";
   [mailboxACL retain];
 }
 
+- (NSArray *) subscriptionRoles
+{
+  return [NSArray arrayWithObjects: SOGoRole_ObjectViewer,
+		  SOGoMailRole_SeenKeeper, SOGoMailRole_Writer,
+		  SOGoRole_ObjectCreator, SOGoMailRole_Poster,
+		  SOGoRole_FolderCreator, SOGoRole_FolderEraser,
+		  SOGoRole_ObjectEraser, SOGoMailRole_Expunger,
+		  SOGoMailRole_Administrator, nil];
+}
+
 - (NSArray *) aclUsers
 {
   NSArray *users;

SoObjects/Mailer/product.plist

@@ -19,8 +19,6 @@
         "Add Documents, Images, and Files" = ( "Owner", "ObjectCreator" );
         "Delete Objects" = ( "Owner", "ObjectEraser" );
         "WebDAV Access" = ( "Owner", "AuthorizedSubscriber" );
-        "ReadAcls" = ( "Owner", "AuthorizedSubscriber" );
-        "SaveAcls" = ( "Owner" );
       };
     };
     SOGoMailAccount = {
@@ -31,8 +29,6 @@
         "Add Documents, Images, and Files" = ( "Owner", "ObjectCreator" );
         "Delete Objects" = ( "Owner", "ObjectEraser" );
         "WebDAV Access" = ( "Owner", "AuthorizedSubscriber" );
-        "ReadAcls" = ( "Owner", "AuthorizedSubscriber" );
-        "SaveAcls" = ( "Owner" );
       };
     };
     SOGoSharedMailAccount = {
@@ -46,8 +42,6 @@
         "Add Documents, Images, and Files" = ( "Owner", "ObjectCreator" );
         "Delete Objects" = ( "Owner", "ObjectEraser" );
         "WebDAV Access" = ( "Owner", "ObjectViewer" );
-        "ReadAcls" = ( "Owner", "ObjectViewer" );
-        "SaveAcls" = ( "Owner", "MailAdministrator" );
       };
     };
     SOGoSharedInboxFolder = {

SoObjects/SOGo/SOGoFolder.m

@@ -30,6 +30,7 @@
 
 #import "NSString+Utilities.h"
 
+#import "SOGoPermissions.h"
 #import "SOGoFolder.h"
 
 @implementation SOGoFolder
@@ -241,6 +242,13 @@
 
 /* acls */
 
+- (NSArray *) subscriptionRoles
+{
+  return [NSArray arrayWithObjects: SoRole_Owner, SOGoRole_ObjectViewer,
+		  SOGoRole_ObjectEditor, SOGoRole_ObjectCreator,
+ SOGoRole_ObjectEraser, nil];
+}
+
 - (NSArray *) aclsForUser: (NSString *) uid
 {
   return nil;

SoObjects/SOGo/SOGoGCSFolder.m

@@ -452,10 +452,7 @@ static NSString *defaultUserID = @"<default>";
 
   acls = [NSMutableArray array];
   if ([records count] > 0)
-    {
-      [acls addObject: SOGoRole_AuthorizedSubscriber];
-      [acls addObjectsFromArray: [records valueForKey: @"c_role"]];
-    }
+    [acls addObjectsFromArray: [records valueForKey: @"c_role"]];
 
   return acls;
 }

SoObjects/SOGo/SOGoObject.h

@@ -111,6 +111,8 @@
 
 /* acls */
 
+- (NSArray *) subscriptionRoles;
+
 - (NSArray *) aclUsers;
 - (NSArray *) aclsForUser: (NSString *) uid;
 - (void) setRoles: (NSArray *) roles

SoObjects/SOGo/SOGoObject.m

@@ -830,6 +830,12 @@ static BOOL kontactGroupDAV = YES;
 
 /* acls */
 
+/* roles required to obtain the "authorized subscriber" role */
+- (NSArray *) subscriptionRoles
+{
+  return [container subscriptionRoles];
+}
+
 - (NSArray *) aclUsers
 {
   [self subclassResponsibility: _cmd];

SoObjects/SOGo/SOGoUser.m

@@ -604,8 +604,11 @@ NSString *SOGoWeekStartFirstFullWeek = @"FirstFullWeek";
   if ([object isKindOfClass: [SOGoObject class]])
     {
       sogoRoles = [(SOGoObject *) object aclsForUser: login];
-      if (sogoRoles)
+      if ([sogoRoles count])
         [rolesForObject addObjectsFromArray: sogoRoles];
+      sogoRoles = [(SOGoObject *) object subscriptionRoles];
+      if ([sogoRoles firstObjectCommonWithArray: rolesForObject])
+	[rolesForObject addObject: SOGoRole_AuthorizedSubscriber];
     }
 
   return rolesForObject;

UI/MainUI/product.plist

@@ -21,7 +21,7 @@
       defaultRoles = {
 	"View" = ( "Owner", "ObjectViewer" );
 	"Change Images And Files"  = ( "Owner", "ObjectEditor" );
-	"Access Object" = ( "Owner", "ObjectViewer", "ObjectEditor", "ObjectCreator", "ObjectEraser" );
+	"Access Object" = ( "Owner", "AuthorizedSubscriber" );
 	"Access Contents Information" = ( "Owner", "ObjectViewer" );
         "Add Documents, Images, and Files" = ( "Owner", "ObjectCreator" );
 	"Add Folders" = ( "Owner", "FolderCreator" );
@@ -51,7 +51,6 @@
 	};
       };
     };
-
     SOGoFolder = {
       superclass = "SOGoObject";
       protectedBy = "Access Object";