extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-07 16:44:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

using new categories check_perms() method on vcard export (prevent exposing private categories) and merge given categories with existing ones on vcard import

Browse Source
This commit is contained in:
Christian Binder 2009-11-18 07:46:01 +00:00
parent cdd50f6b55
commit 0b4313adba
2 changed files with 39 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
addressbook/inc/class.addressbook_bo.inc.php
View File

@ -1505,12 +1505,39 @@ class addressbook_bo extends addressbook_so
var $categories;
function find_or_add_categories($catname_list)
/**
* Find existing categories in database by name or add categories that do not exist yet
* currently used for vcard import
*
* @param array $catname_list names of the categories which should be found or added
* @param int $contact_id=null match against existing contact and expand the returned category ids
* by the ones the user normally does not see due to category permissions - used to preserve categories
* @return array category ids (found, added and preserved categories)
*/
function find_or_add_categories($catname_list, $contact_id=null)
{
if (!is_object($this->categories))
{
$this->categories = new categories($this->owner,'addressbook');
}
if($contact_id)
{
// preserve categories without users read access
$old_contact = $this->read($contact_id);
$old_categories = explode(',',$old_contact['cat_id']);
$old_cats_preserve = array();
if(is_array($old_categories) && count($old_categories) > 0)
{
foreach($old_categories as $cat_id)
{
if(!$this->categories->check_perms(EGW_ACL_READ, $cat_id))
{
$old_cats_preserve[] = $cat_id;
}
}
}
}
$cat_id_list = array();
foreach($catname_list as $cat_name)
@ -1533,12 +1560,18 @@ class addressbook_bo extends addressbook_so
$cat_id_list[] = $cat_id;
}
}
if(is_array($old_cats_preserve) && count($old_cats_preserve) > 0)
{
$cat_id_list = array_merge($cat_id_list, $old_cats_preserve);
}
if (count($cat_id_list) > 1)
{
$cat_id_list = array_unique($cat_id_list);
sort($cat_id_list, SORT_NUMERIC);
}
return $cat_id_list;
}
@ -1556,7 +1589,8 @@ class addressbook_bo extends addressbook_so
$cat_list = array();
foreach($cat_id_list as $cat_id)
{
if ($cat_id && ($cat_name = $this->categories->id2name($cat_id)) && $cat_name != '--')
if ($cat_id && $this->categories->check_perms(EGW_ACL_READ, $cat_id) &&
($cat_name = $this->categories->id2name($cat_id)) && $cat_name != '--')
{
$cat_list[] = $cat_name;
}

6
addressbook/inc/class.addressbook_vcal.inc.php
View File

@ -119,7 +119,7 @@ class addressbook_vcal extends addressbook_bo
*/
function addVCard($_vcard, $_abID=null, $merge=false)
{
if(!$contact = $this->vcardtoegw($_vcard))
if(!$contact = $this->vcardtoegw($_vcard, $_abID))
{
return false;
}
@ -415,7 +415,7 @@ class addressbook_vcal extends addressbook_bo
if (is_array($_supportedFields)) $this->supportedFields = $_supportedFields;
}
function vcardtoegw($_vcard)
function vcardtoegw($_vcard, $_abID)
{
// the horde class does the charset conversion. DO NOT CONVERT HERE.
// be as flexible as possible
@ -825,7 +825,7 @@ class addressbook_vcal extends addressbook_bo
break;
case 'cat_id':
$contact[$fieldName] = implode(',',$this->find_or_add_categories($vcardValues[$vcardKey]['values']));
$contact[$fieldName] = implode(',',$this->find_or_add_categories($vcardValues[$vcardKey]['values'], $_abID));
break;
case 'jpegphoto':