4 * This class represents the {DAV:}acl property
8 * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
9 * @author Evert Pot (http://www.rooftopsolutions.nl/)
10 * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
12 class Sabre_DAVACL_Property_Acl extends Sabre_DAV_Property {
22 * Whether or not the server base url is required to be prefixed when
23 * serializing the property.
27 private $prefixBaseUrl;
32 * This object requires a structure similar to the return value from
33 * Sabre_DAVACL_Plugin::getACL().
35 * Each privilege is a an array with at least a 'privilege' property, and a
36 * 'principal' property. A privilege may have a 'protected' property as
39 * The prefixBaseUrl should be set to false, if the supplied principal urls
40 * are already full urls. If this is kept to true, the servers base url
41 * will automatically be prefixed.
43 * @param bool $prefixBaseUrl
44 * @param array $privileges
46 public function __construct(array $privileges, $prefixBaseUrl = true) {
48 $this->privileges = $privileges;
49 $this->prefixBaseUrl = $prefixBaseUrl;
54 * Returns the list of privileges for this property
58 public function getPrivileges() {
60 return $this->privileges;
65 * Serializes the property into a DOMElement
67 * @param Sabre_DAV_Server $server
68 * @param DOMElement $node
71 public function serialize(Sabre_DAV_Server $server,DOMElement $node) {
73 $doc = $node->ownerDocument;
74 foreach($this->privileges as $ace) {
76 $this->serializeAce($doc, $node, $ace, $server);
83 * Unserializes the {DAV:}acl xml element.
85 * @param DOMElement $dom
86 * @return Sabre_DAVACL_Property_Acl
88 static public function unserialize(DOMElement $dom) {
90 $privileges = array();
91 $xaces = $dom->getElementsByTagNameNS('DAV:','ace');
92 for($ii=0; $ii < $xaces->length; $ii++) {
94 $xace = $xaces->item($ii);
95 $principal = $xace->getElementsByTagNameNS('DAV:','principal');
96 if ($principal->length !== 1) {
97 throw new Sabre_DAV_Exception_BadRequest('Each {DAV:}ace element must have one {DAV:}principal element');
99 $principal = Sabre_DAVACL_Property_Principal::unserialize($principal->item(0));
101 switch($principal->getType()) {
102 case Sabre_DAVACL_Property_Principal::HREF :
103 $principal = $principal->getHref();
105 case Sabre_DAVACL_Property_Principal::AUTHENTICATED :
106 $principal = '{DAV:}authenticated';
108 case Sabre_DAVACL_Property_Principal::UNAUTHENTICATED :
109 $principal = '{DAV:}unauthenticated';
111 case Sabre_DAVACL_Property_Principal::ALL :
112 $principal = '{DAV:}all';
119 if ($xace->getElementsByTagNameNS('DAV:','protected')->length > 0) {
123 $grants = $xace->getElementsByTagNameNS('DAV:','grant');
124 if ($grants->length < 1) {
125 throw new Sabre_DAV_Exception_NotImplemented('Every {DAV:}ace element must have a {DAV:}grant element. {DAV:}deny is not yet supported');
127 $grant = $grants->item(0);
129 $xprivs = $grant->getElementsByTagNameNS('DAV:','privilege');
130 for($jj=0; $jj<$xprivs->length; $jj++) {
132 $xpriv = $xprivs->item($jj);
134 $privilegeName = null;
136 for ($kk=0;$kk<$xpriv->childNodes->length;$kk++) {
138 $childNode = $xpriv->childNodes->item($kk);
139 if ($t = Sabre_DAV_XMLUtil::toClarkNotation($childNode)) {
144 if (is_null($privilegeName)) {
145 throw new Sabre_DAV_Exception_BadRequest('{DAV:}privilege elements must have a privilege element contained within them.');
148 $privileges[] = array(
149 'principal' => $principal,
150 'protected' => $protected,
151 'privilege' => $privilegeName,
158 return new self($privileges);
163 * Serializes a single access control entry.
165 * @param DOMDocument $doc
166 * @param DOMElement $node
168 * @param Sabre_DAV_Server $server
171 private function serializeAce($doc,$node,$ace, $server) {
173 $xace = $doc->createElementNS('DAV:','d:ace');
174 $node->appendChild($xace);
176 $principal = $doc->createElementNS('DAV:','d:principal');
177 $xace->appendChild($principal);
178 switch($ace['principal']) {
179 case '{DAV:}authenticated' :
180 $principal->appendChild($doc->createElementNS('DAV:','d:authenticated'));
182 case '{DAV:}unauthenticated' :
183 $principal->appendChild($doc->createElementNS('DAV:','d:unauthenticated'));
186 $principal->appendChild($doc->createElementNS('DAV:','d:all'));
189 $principal->appendChild($doc->createElementNS('DAV:','d:href',($this->prefixBaseUrl?$server->getBaseUri():'') . $ace['principal'] . '/'));
192 $grant = $doc->createElementNS('DAV:','d:grant');
193 $xace->appendChild($grant);
197 preg_match('/^{([^}]*)}(.*)$/',$ace['privilege'],$privParts);
199 $xprivilege = $doc->createElementNS('DAV:','d:privilege');
200 $grant->appendChild($xprivilege);
202 $xprivilege->appendChild($doc->createElementNS($privParts[1],'d:'.$privParts[2]));
204 if (isset($ace['protected']) && $ace['protected'])
205 $xace->appendChild($doc->createElement('d:protected'));