extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-07 16:44:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

using new categories check_perms() method on vcard export (prevent exposing private categories) and merge given categories with existing ones on vcard import

Browse Source
This commit is contained in:
Christian Binder 2009-11-18 07:46:01 +00:00
parent cdd50f6b55
commit 0b4313adba
2 changed files with 39 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
addressbook/inc/class.addressbook_bo.inc.php
View File

@ -1505,12 +1505,39 @@ class addressbook_bo extends addressbook_so
var $categories; var $categories;
function find_or_add_categories($catname_list) /**
* Find existing categories in database by name or add categories that do not exist yet
* currently used for vcard import
*
* @param array $catname_list names of the categories which should be found or added
* @param int $contact_id=null match against existing contact and expand the returned category ids
* by the ones the user normally does not see due to category permissions - used to preserve categories
* @return array category ids (found, added and preserved categories)
*/
function find_or_add_categories($catname_list, $contact_id=null)
{ {
if (!is_object($this->categories)) if (!is_object($this->categories))
{ {
$this->categories = new categories($this->owner,'addressbook'); $this->categories = new categories($this->owner,'addressbook');
} }
if($contact_id)
{
// preserve categories without users read access
$old_contact = $this->read($contact_id);
$old_categories = explode(',',$old_contact['cat_id']);
$old_cats_preserve = array();
if(is_array($old_categories) && count($old_categories) > 0)
{
foreach($old_categories as $cat_id)
{
if(!$this->categories->check_perms(EGW_ACL_READ, $cat_id))
{
$old_cats_preserve[] = $cat_id;
}
}
}
}
$cat_id_list = array(); $cat_id_list = array();
foreach($catname_list as $cat_name) foreach($catname_list as $cat_name)
@ -1533,12 +1560,18 @@ class addressbook_bo extends addressbook_so
$cat_id_list[] = $cat_id; $cat_id_list[] = $cat_id;
} }
} }
if(is_array($old_cats_preserve) && count($old_cats_preserve) > 0)
{
$cat_id_list = array_merge($cat_id_list, $old_cats_preserve);
}
if (count($cat_id_list) > 1) if (count($cat_id_list) > 1)
{ {
$cat_id_list = array_unique($cat_id_list); $cat_id_list = array_unique($cat_id_list);
sort($cat_id_list, SORT_NUMERIC); sort($cat_id_list, SORT_NUMERIC);
} }
return $cat_id_list; return $cat_id_list;
} }
@ -1556,7 +1589,8 @@ class addressbook_bo extends addressbook_so
$cat_list = array(); $cat_list = array();
foreach($cat_id_list as $cat_id) foreach($cat_id_list as $cat_id)
{ {
if ($cat_id && ($cat_name = $this->categories->id2name($cat_id)) && $cat_name != '--') if ($cat_id && $this->categories->check_perms(EGW_ACL_READ, $cat_id) &&
($cat_name = $this->categories->id2name($cat_id)) && $cat_name != '--')
{ {
$cat_list[] = $cat_name; $cat_list[] = $cat_name;
} }

6
addressbook/inc/class.addressbook_vcal.inc.php
View File

@ -119,7 +119,7 @@ class addressbook_vcal extends addressbook_bo
*/ */
function addVCard($_vcard, $_abID=null, $merge=false) function addVCard($_vcard, $_abID=null, $merge=false)
{ {
if(!$contact = $this->vcardtoegw($_vcard)) if(!$contact = $this->vcardtoegw($_vcard, $_abID))
{ {
return false; return false;
} }
@ -415,7 +415,7 @@ class addressbook_vcal extends addressbook_bo
if (is_array($_supportedFields)) $this->supportedFields = $_supportedFields; if (is_array($_supportedFields)) $this->supportedFields = $_supportedFields;
} }
function vcardtoegw($_vcard) function vcardtoegw($_vcard, $_abID)
{ {
// the horde class does the charset conversion. DO NOT CONVERT HERE. // the horde class does the charset conversion. DO NOT CONVERT HERE.
// be as flexible as possible // be as flexible as possible
@ -825,7 +825,7 @@ class addressbook_vcal extends addressbook_bo
break; break;
case 'cat_id': case 'cat_id':
$contact[$fieldName] = implode(',',$this->find_or_add_categories($vcardValues[$vcardKey]['values'])); $contact[$fieldName] = implode(',',$this->find_or_add_categories($vcardValues[$vcardKey]['values'], $_abID));
break; break;
case 'jpegphoto': case 'jpegphoto':