[dev] Littles questions for using API's methods

Gerard Breiner gerard.breiner at ias.u-psud.fr
Wed Aug 8 13:09:17 UTC 2012 

Le 6 août 2012 à 21:40, Jan Schneider a écrit :

> 
> Zitat von Gerard Breiner <gerard.breiner at ias.u-psud.fr>:
> 
>> Le 6 août 2012 à 09:28, Jan Schneider a écrit :
>> 
>>> 
>>> Zitat von Gerard Breiner <gerard.breiner at ias.u-psud.fr>:
>>> 
>>>> Hello,
>>>> 
>>>> At this time I can export/import all main calendars kronolith to davical but it seems there is an issue about permission. In fact each of all ics files ì get has a SUMMARY:busy...
>>>> I found it is due to kronolith/lib/Event.php getTitle method in which it seems the current user has not permissions.
>>>> [CODE]
>>>> // We explicitly allow admin access here for the alarms notifications.
>>>>       if (!$GLOBALS['registry']->isAdmin() && $this->private && $this->creator != $user) {
>>>>             return _("busy");
>>>>            } elseif ($GLOBALS['registry']->isAdmin() || $this->hasPermission(Horde_Perms::READ, $user)) {
>>>>                  return strlen($this->title) ? $this->title : _("[Unnamed event]");
>>>>            }  else {
>>>>                       return _("busy");
>>>>            }
>>>> [/CODE]
>>>> 
>>>> Could you please indicate me  how to set up the permissions in my script :
>>>> 
>>>> [CODE]
>>>> #!/usr/bin/env php
>>>> <?php
>>>> set_include_path('/www/horde4/pear/php' . PATH_SEPARATOR . get_include_path());
>>>> if (file_exists(dirname(__FILE__) . '/../../kronolith/lib/Application.php')) {
>>>>   $baseDir = dirname(__FILE__) . '/../';
>>>> } else {
>>>>   require_once 'PEAR/Config.php';
>>>>   $baseDir = PEAR_Config::singleton()
>>>>       ->get('horde_dir', null, 'pear.horde.org') . '/kronolith/';
>>>> }
>>>> 
>>>> require_once dirname(__FILE__) . '/../lib/Application.php';
>>>> Horde_Registry::appInit('kronolith', array(
>>>>   'cli' => true
>>>> ));
>>>> // Call a Registry method.
>>>> // Retrieve a list of users associated with each calendar, and
>>>>   // thus a list of users who have used kronolith and
>>>>   // potentially have an agenda preference set.
>>>>   $calendars = $GLOBALS['kronolith_shares']->listAllShares();
>>>>   $users = array();
>>>>   foreach (array_keys($calendars) as $calendarId) {
>>>>       try {
>>>>           $calendar = $GLOBALS['kronolith_shares']->getShare($calendarId);
>>>>       } catch (Exception $e) {
>>>>           die($e->getMessage());
>>>>       }
>>>>       $users = array_merge($users, $calendar->listUsers(Horde_Perms::READ));
>>>>   }
>>>> // Remove duplicates.
>>>>   $users = array_unique($users);
>>>> natcasesort($users);
>>>> // Tell the registry that we are doing authentication ourselves.
>>>> define('AUTH_HANDLER', true);
>>> 
>>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>> This is H3 code.
>> So, what is the H4 code ?
> 
> I'm only talking about the last line. It's actually not necessary in H4 anymore, because the 'cli' flag for appInit() already disables authentication.

Understood.
> 
>> Something like this for getting users ? :
>> 
>> [CODE]
>> $db = $injector->getInstance('Horde_Db_Adapter');
>> if (!empty($options['debug'])) {
>>    $logger = new Horde_Log_Logger(new Horde_Log_Handler_Stream(STDOUT));
>>    $db->setLogger($logger);
>> $sql2 = 'SELECT DISTINCT share_owner  FROM kronolith_shares';
>> 
>> try {
>>    $useruids = $db->selectValues($sql2);
>> } catch (Horde_Db_Exception $e) {
>>    die($e->getMessage());
>> }
>> natcasesort($useruids);}
>> [/CODE]
>> That works but I suppose it is still H3?. ?
>> 
>> 
>>> 
>>>> $contentType = 'text/calendar';
>>>> foreach ($users as $user) {
>>>>  $registry->setAuth($user, array('password' => ''));
>>> 
>>>    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>> You are explicitely setting a user here that is *not* an admin.
>> 
>> Yes, but if I do understand,  the user may be other than admin if he has permission on the current event.
> 
> Correct.
> 
>> this is checked in kronolith/lib/Event.php getTitle()  line : [CODE] } elseif ($GLOBALS['registry']->isAdmin() || $this->hasPermission(Horde_Perms::READ, $user)) [/CODE]. If I put a negation on the "hasPermission" it works. It is this condition that put a "busy" for SUMMARY. Yet in my code I specified "Horde_Perms::READ"?.
> 
> Yes, and it should work.

I looked at in horde database... Fields perm_creator perm_default and perm_guest from kronolith_shares have a value 0 and for a few others perm_default  we have a value 6 that match for SHOW instead 4 for Horde_Perm::READ, if I did understood....
 

Maybe an error during the migration  from horde-webmail-1.2.8 to horde4
Yet when I did the migration I executed the scripts as following :

./pear/horde-db-migrate
./pear/horde-convert-datatree-groups-to-sql
./pear/horde-convert-datatree-perms-to-sql
./pear/horde-db-migrate     /* Executed a second time cause kronolith-shares and others has not been created the first one.
./pear/kronolith-convert-datatree-shares-to-sql
./pear/turba-convert-datatree-shares-to-sql
./pear/nag-convert-datatree-shares-to-sql
./pear/mnemo-convert-datatree-shares-to-sql 

I think there was not perms Horde_Perm::READ before the migration… That could explain these issue. Is there a way to put the perm Horde_Perm::READ for each of all events ? something like setPermission ?


> 
>>>>  $cals[$user] = $registry->call('calendar/listCalendars', array(true, HORDE_PERMS::READ));
>>>>  if ($cals[$user]['0'] != '') {
>>>>     if (strpbrk($user, '*') != true) {
>>>>      if ($user != 'mmiville')  {
>>>>          $export[$user] = $registry->call('calendar/exportCalendar', array($cals[$user]['0'], $contentType, Horde_Perms::READ));
> 
> The 3rd parameter doesn't exist.

Ok, I removed it.

Best regards.

Gérard Breiner

More information about the dev mailing list