1<?php 2 3namespace Sabre\DAVACL; 4 5use Sabre\DAV\Exception\InvalidResourceType; 6use Sabre\DAV\Exception\Forbidden; 7use Sabre\DAV\IExtendedCollection; 8use Sabre\DAV\MkCol; 9 10/** 11 * Principals Collection 12 * 13 * This collection represents a list of users. 14 * The users are instances of Sabre\DAVACL\Principal 15 * 16 * @copyright Copyright (C) 2007-2015 fruux GmbH (https://fruux.com/). 17 * @author Evert Pot (http://evertpot.com/) 18 * @license http://sabre.io/license/ Modified BSD License 19 */ 20class PrincipalCollection extends AbstractPrincipalCollection implements IExtendedCollection, IACL { 21 22 /** 23 * This method returns a node for a principal. 24 * 25 * The passed array contains principal information, and is guaranteed to 26 * at least contain a uri item. Other properties may or may not be 27 * supplied by the authentication backend. 28 * 29 * @param array $principal 30 * @return \Sabre\DAV\INode 31 */ 32 function getChildForPrincipal(array $principal) { 33 34 return new Principal($this->principalBackend, $principal); 35 36 } 37 38 /** 39 * Creates a new collection. 40 * 41 * This method will receive a MkCol object with all the information about 42 * the new collection that's being created. 43 * 44 * The MkCol object contains information about the resourceType of the new 45 * collection. If you don't support the specified resourceType, you should 46 * throw Exception\InvalidResourceType. 47 * 48 * The object also contains a list of WebDAV properties for the new 49 * collection. 50 * 51 * You should call the handle() method on this object to specify exactly 52 * which properties you are storing. This allows the system to figure out 53 * exactly which properties you didn't store, which in turn allows other 54 * plugins (such as the propertystorage plugin) to handle storing the 55 * property for you. 56 * 57 * @param string $name 58 * @param MkCol $mkCol 59 * @throws Exception\InvalidResourceType 60 * @return void 61 */ 62 function createExtendedCollection($name, MkCol $mkCol) { 63 64 if (!$mkCol->hasResourceType('{DAV:}principal')) { 65 throw new InvalidResourceType('Only resources of type {DAV:}principal may be created here'); 66 } 67 68 $this->principalBackend->createPrincipal( 69 $this->principalPrefix . '/' . $name, 70 $mkCol 71 ); 72 73 } 74 75 /** 76 * Returns the owner principal 77 * 78 * This must be a url to a principal, or null if there's no owner 79 * 80 * @return string|null 81 */ 82 function getOwner() { 83 return null; 84 } 85 86 /** 87 * Returns a group principal 88 * 89 * This must be a url to a principal, or null if there's no owner 90 * 91 * @return string|null 92 */ 93 function getGroup() { 94 return null; 95 } 96 97 /** 98 * Returns a list of ACE's for this node. 99 * 100 * Each ACE has the following properties: 101 * * 'privilege', a string such as {DAV:}read or {DAV:}write. These are 102 * currently the only supported privileges 103 * * 'principal', a url to the principal who owns the node 104 * * 'protected' (optional), indicating that this ACE is not allowed to 105 * be updated. 106 * 107 * @return array 108 */ 109 function getACL() { 110 return [ 111 [ 112 'principal' => '{DAV:}authenticated', 113 'privilege' => '{DAV:}read', 114 'protected' => true, 115 ], 116 ]; 117 } 118 119 /** 120 * Updates the ACL 121 * 122 * This method will receive a list of new ACE's as an array argument. 123 * 124 * @param array $acl 125 * @return void 126 */ 127 function setACL(array $acl) { 128 129 throw new Forbidden('Updating ACLs is not allowed on this node'); 130 131 } 132 133 /** 134 * Returns the list of supported privileges for this node. 135 * 136 * The returned data structure is a list of nested privileges. 137 * See Sabre\DAVACL\Plugin::getDefaultSupportedPrivilegeSet for a simple 138 * standard structure. 139 * 140 * If null is returned from this method, the default privilege set is used, 141 * which is fine for most common usecases. 142 * 143 * @return array|null 144 */ 145 function getSupportedPrivilegeSet() { 146 147 return null; 148 149 } 150 151} 152