diff --git a/admin/inc/class.uiaccounts.inc.php b/admin/inc/class.uiaccounts.inc.php
index bfada15bbd..c6f5df18f7 100755
--- a/admin/inc/class.uiaccounts.inc.php
+++ b/admin/inc/class.uiaccounts.inc.php
@@ -113,6 +113,11 @@
function list_users($param_cd='')
{
+ if ($GLOBALS['phpgw']->acl->check('account_access',1,'admin'))
+ {
+ $GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/admin/index.php'));
+ }
+
if(!$param_cd)
{
$cd = $param_cd;
@@ -151,11 +156,20 @@
'lang_view' => lang('view'),
'actionurl' => $GLOBALS['phpgw']->link('/index.php','menuaction=admin.uiaccounts.add_user'),
'accounts_url' => $url,
- 'lang_add' => lang('add'),
'lang_search' => lang('search')
);
$p->set_var($var);
+ if (! $GLOBALS['phpgw']->acl->check('account_access',4,'admin'))
+ {
+ $p->set_var('input_add','');
+ }
+
+ if (! $GLOBALS['phpgw']->acl->check('account_access',2,'admin'))
+ {
+ $p->set_var('input_search',lang('Search') . ' ');
+ }
+
$account_info = $GLOBALS['phpgw']->accounts->get_list('accounts',$start,$sort,$order,$query);
if (! count($account_info))
@@ -165,23 +179,62 @@
}
else
{
+ if (! $GLOBALS['phpgw']->acl->check('account_access',8,'admin'))
+ {
+ $can_view = True;
+ }
+
+ if (! $GLOBALS['phpgw']->acl->check('account_access',16,'admin'))
+ {
+ $can_edit = True;
+ }
+
+ if (! $GLOBALS['phpgw']->acl->check('account_access',32,'admin'))
+ {
+ $can_delete = True;
+ }
+
while (list($null,$account) = each($account_info))
{
$this->nextmatchs->template_alternate_row_color($p);
- $var = Array(
- 'row_loginid' => $account['account_lid'],
- 'row_firstname' => (!$account['account_firstname']?' ':$account['account_firstname']),
- 'row_lastname' => (!$account['account_lastname']?' ':$account['account_lastname']),
- 'row_edit' => $this->row_action('edit','user',$account['account_id']),
- 'row_delete' => ($GLOBALS['phpgw_info']['user']['userid'] != $account['account_lid']?$this->row_action('delete','user',$account['account_id']):' '),
- 'row_view' => $this->row_action('view','user',$account['account_id'])
+ $var = array(
+ 'row_loginid' => $account['account_lid'],
+ 'row_firstname' => (!$account['account_firstname']?' ':$account['account_firstname']),
+ 'row_lastname' => (!$account['account_lastname']?' ':$account['account_lastname'])
);
$p->set_var($var);
+
+ if ($can_edit)
+ {
+ $p->set_var('row_edit',$this->row_action('edit','user',$account['account_id']));
+ }
+ else
+ {
+ $p->set_var('row_edit',' ');
+ }
+
+ if ($can_delete)
+ {
+ $p->set_var('row_delete',($GLOBALS['phpgw_info']['user']['userid'] != $account['account_lid']?$this->row_action('delete','user',$account['account_id']):' '));
+ }
+ else
+ {
+ $p->set_var('row_delete',' ');
+ }
+
+ if ($can_view)
+ {
+ $p->set_var('row_view',$this->row_action('view','user',$account['account_id']));
+ }
+ else
+ {
+ $p->set_var('row_view',' ');
+ }
$p->parse('rows','row',True);
}
} // End else
- $p->pparse('out','list');
+ $p->pfp('out','list');
}
function add_group()
@@ -197,7 +250,14 @@
function add_user()
{
- $this->create_edit_user(0);
+ if ($GLOBALS['phpgw']->acl->check('account_access',4,'admin'))
+ {
+ $this->list_users();
+ }
+ else
+ {
+ $this->create_edit_user(0);
+ }
}
function delete_group()
@@ -276,11 +336,10 @@
function delete_user()
{
-
- if($GLOBALS['phpgw_info']['user']['account_id'] == $GLOBALS['HTTP_GET_VARS']['account_id'])
+ if ($GLOBALS['phpgw']->acl->check('account_access',32,'admin') || $GLOBALS['phpgw_info']['user']['account_id'] == $GLOBALS['HTTP_GET_VARS']['account_id'])
{
- Header('Location: '.$GLOBALS['phpgw']->link('/index.php','menuaction=admin.uiaccounts.list_users'));
- $GLOBALS['phpgw']->common->phpgw_exit();
+ $this->list_users();
+ return False;
}
unset($GLOBALS['phpgw_info']['flags']['noheader']);
@@ -348,6 +407,12 @@
function edit_user($cd='',$account_id='')
{
+ if ($GLOBALS['phpgw']->acl->check('account_access',16,'admin'))
+ {
+ $this->list_users();
+ return False;
+ }
+
$cdid = $cd;
settype($cd,'integer');
$cd = ($GLOBALS['HTTP_GET_VARS']['cd']?$GLOBALS['HTTP_GET_VARS']['cd']:intval($cdid));
@@ -358,9 +423,10 @@
// todo
// not needed if i use the same file for new users too
- if (!$account_id)
+ if (! $account_id)
{
- Header('Location: ' . $GLOBALS['phpgw']->link('/index.php','menuaction=admin.uiaccounts.list_users'));
+ $this->list_users();
+ return False;
}
else
{
@@ -370,9 +436,10 @@
function view_user()
{
- if (!$GLOBALS['HTTP_GET_VARS']['account_id'])
+ if ($GLOBALS['phpgw']->acl->check('account_access',8,'admin') || ! $GLOBALS['HTTP_GET_VARS']['account_id'])
{
- Header('Location: ' . $phpgw->link('/index.php','menuaction=admin.uiaccounts.list_users'));
+ $this->list_users();
+ return False;
}
unset($GLOBALS['phpgw_info']['flags']['noheader']);
unset($GLOBALS['phpgw_info']['flags']['nonavbar']);
diff --git a/admin/inc/class.uimenuclass.inc.php b/admin/inc/class.uimenuclass.inc.php
index e3b069765a..0046c6954f 100644
--- a/admin/inc/class.uimenuclass.inc.php
+++ b/admin/inc/class.uimenuclass.inc.php
@@ -38,8 +38,8 @@
}
// $file must be in the following format:
- // $file = Array(
- // 'Login History' => array('/index.php','menuaction=admin.uiaccess_history.list')
+ // $file = array(
+ // 'Login History' => array('/index.php','menuaction=admin.uiaccess_history.list')
// );
// This allows extra data to be sent along
function display_section($_menuData)
@@ -65,7 +65,8 @@
$this->t->set_var('th_bg',$GLOBALS['phpgw_info']['theme']['th_bg']);
$this->t->set_var('link_done',$GLOBALS['phpgw']->link('/index.php','menuaction=admin.uiaccounts.list_users'));
- $this->t->set_var('lang_done',lang('back'));
+ $this->t->set_var('lang_done',lang('Back'));
+
$this->t->set_var('row_on',$this->rowColor[0]);
$this->t->parse('out','menu_links');
@@ -79,23 +80,21 @@
switch ($_hookname)
{
case 'edit_user':
- $GLOBALS['menuData'][] = Array
- (
- 'description' => 'userdata',
- 'url' => '/index.php',
- 'extradata' => 'menuaction=admin.uiaccounts.edit_user'
+ $GLOBALS['menuData'][] = array(
+ 'description' => 'User Data',
+ 'url' => '/index.php',
+ 'extradata' => 'menuaction=admin.uiaccounts.edit_user'
);
break;
case 'view_user':
- $GLOBALS['menuData'][] = Array
- (
- 'description' => 'userdata',
- 'url' => '/index.php',
- 'extradata' => 'menuaction=admin.uiaccounts.view_user'
+ $GLOBALS['menuData'][] = array(
+ 'description' => 'User Data',
+ 'url' => '/index.php',
+ 'extradata' => 'menuaction=admin.uiaccounts.view_user'
);
break;
}
-
+
$GLOBALS['phpgw']->common->hook($_hookname);
if (count($GLOBALS['menuData']) > 1)
diff --git a/admin/inc/hook_acl_manager.inc.php b/admin/inc/hook_acl_manager.inc.php
new file mode 100644
index 0000000000..42a72f78c9
--- /dev/null
+++ b/admin/inc/hook_acl_manager.inc.php
@@ -0,0 +1,96 @@
+ 'Deny to site configuration',
+ 'rights' => array(
+ 'List config settings' => 1,
+ 'Change config settings' => 2
+ )
+ );
+
+ $GLOBALS['acl_manager']['admin']['account_access'] = array(
+ 'name' => 'Deny access to user accounts',
+ 'rights' => array(
+ 'Account list' => 1,
+ 'Search accounts' => 2,
+ 'Add account' => 4,
+ 'View account' => 8,
+ 'Edit account' => 16,
+ 'Delete account' => 32,
+ )
+ );
+
+ $GLOBALS['acl_manager']['admin']['group_access'] = array(
+ 'name' => 'Deny access to groups',
+ 'rights' => array(
+ 'Group list' => 1,
+ 'Search groups' => 2,
+ 'Add group' => 4,
+ 'View group' => 8,
+ 'Edit group' => 16,
+ 'Delete group' => 32
+ )
+ );
+
+ $GLOBALS['acl_manager']['admin']['peer_server_access'] = array(
+ 'name' => 'Deny access to peer servers',
+ 'rights' => array(
+ 'Peer server list' => 1,
+ 'Search peer servers' => 2,
+ 'Add peer server' => 4,
+ 'View peer server' => 8,
+ 'Edit peer server' => 16,
+ 'Delete peer server' => 32
+ )
+ );
+
+ $GLOBALS['acl_manager']['admin']['applications_access'] = array(
+ 'name' => 'Deny access to applications',
+ 'rights' => array(
+ 'Applications list' => 1,
+ 'Add application' => 2,
+ 'Edit application' => 4,
+ 'Delete application' => 8
+ )
+ );
+
+ $GLOBALS['acl_manager']['admin']['global_categories_access'] = array(
+ 'name' => 'Deny access to global categories',
+ 'rights' => array(
+ 'Categories list' => 1,
+ 'Search categories' => 2,
+ 'Add category' => 4,
+ 'View category' => 8,
+ 'Edit category' => 16,
+ 'Delete category' => 32
+ )
+ );
+
+ $GLOBALS['acl_manager']['admin']['mainscreen_message_access'] = array(
+ 'name' => 'Deny access to mainscreen message',
+ 'rights' => array(
+ 'Main screen message' => 1,
+ 'Login message' => 2
+ )
+ );
+
+ $GLOBALS['acl_manager']['admin']['current_sessions_access'] = array(
+ 'name' => 'Deny access to current sessions',
+ 'rights' => array(
+ 'List current sessions' => 1,
+ 'Show current action' => 2,
+ 'Show session IP address' => 4,
+ 'Kill session' => 8
+ )
+ );
diff --git a/admin/inc/hook_admin.inc.php b/admin/inc/hook_admin.inc.php
index a0f02de61a..8848d64310 100644
--- a/admin/inc/hook_admin.inc.php
+++ b/admin/inc/hook_admin.inc.php
@@ -11,20 +11,51 @@
/* $Id$ */
- $file = array(
- 'Site Configuration' => $phpgw->link('/admin/config.php','appname=admin'),
- 'Peer Servers' => $phpgw->link('/admin/servers.php'),
- 'User Accounts' => $phpgw->link('/index.php','menuaction=admin.uiaccounts.list_users'),
- 'User Groups' => $phpgw->link('/index.php','menuaction=admin.uiaccounts.list_groups'),
- 'Applications' => $phpgw->link('/admin/applications.php'),
- 'Global Categories' => $phpgw->link('/admin/categories.php'),
- 'Change Main Screen Message' => $phpgw->link('/admin/mainscreen_message.php'),
- 'View Sessions' => $phpgw->link('/index.php','menuaction=admin.uicurrentsessions.list_sessions'),
- 'View Access Log' => $phpgw->link('/index.php','menuaction=admin.uiaccess_history.list_history'),
- 'View Error Log' => $phpgw->link('/admin/log.php'),
- 'phpInfo' => $phpgw->link('/admin/phpinfo.php')
- );
+ if (! $GLOBALS['phpgw']->acl->check('site_config_access',1,'admin'))
+ {
+ $file['Site Configuration'] = $phpgw->link('/admin/config.php','appname=admin');
+ }
+
+ if (! $GLOBALS['phpgw']->acl->check('peer_server_access',1,'admin'))
+ {
+ $file['Peer Servers'] = $phpgw->link('/admin/servers.php');
+ }
+
+ if (! $GLOBALS['phpgw']->acl->check('account_access',1,'admin'))
+ {
+ $file['User Accounts'] = $phpgw->link('/index.php','menuaction=admin.uiaccounts.list_users');
+ }
+
+ if (! $GLOBALS['phpgw']->acl->check('group_access',1,'admin'))
+ {
+ $file['User Groups'] = $phpgw->link('/index.php','menuaction=admin.uiaccounts.list_groups');
+ }
+
+ if (! $GLOBALS['phpgw']->acl->check('applications_access',1,'admin'))
+ {
+ $file['Applications'] = $phpgw->link('/admin/applications.php');
+ }
+
+ if (! $GLOBALS['phpgw']->acl->check('global_categories_access',1,'admin'))
+ {
+ $file['Global Categories'] = $phpgw->link('/admin/categories.php');
+ }
+
+ if (! $GLOBALS['phpgw']->acl->check('mainscreen_message_access',1,'admin'))
+ {
+ $file['Change Main Screen Message'] = $phpgw->link('/admin/mainscreen_message.php');
+ }
+
+ if (! $GLOBALS['phpgw']->acl->check('current_sessions_access',1,'admin'))
+ {
+ $file['View Sessions'] = $phpgw->link('/index.php','menuaction=admin.uicurrentsessions.list_sessions');
+ }
+
+ // These need to be added still
+ $file['View Access Log'] = $phpgw->link('/index.php','menuaction=admin.uiaccess_history.list_history');
+ $file['View Error Log'] = $phpgw->link('/admin/log.php');
+ $file['phpInfo'] = $phpgw->link('/admin/phpinfo.php');
//Do not modify below this line
display_section('admin','admin',$file);
-?>
+?>
\ No newline at end of file
diff --git a/admin/inc/hook_view_account.inc.php b/admin/inc/hook_view_account.inc.php
new file mode 100644
index 0000000000..40e7004ebc
--- /dev/null
+++ b/admin/inc/hook_view_account.inc.php
@@ -0,0 +1,30 @@
+ 'Login History',
+ 'url' => '/index.php',
+ 'extradata' => 'menuaction=admin.uiaccess_history.list_history'
+ );
+
+ $GLOBALS['menuData'][] = array(
+ 'description' => 'ACL Rights',
+ 'url' => '/index.php',
+ 'extradata' => 'menuaction=admin.uiaclmanager.list_apps'
+ );
+
+ //Do not modify below this line
+// global $menuData;
+
+// $GLOBALS['menuData'][] = $data;
+?>
\ No newline at end of file
diff --git a/admin/inc/hook_view_user.inc.php b/admin/inc/hook_view_user.inc.php
index 87e82c6c59..a451d73603 100755
--- a/admin/inc/hook_view_user.inc.php
+++ b/admin/inc/hook_view_user.inc.php
@@ -1,12 +1,25 @@
'Login History',
- 'url' => '/index.php',
- 'extradata' => 'menuaction=admin.uiaccess_history.list_history'
+ /**************************************************************************\
+ * phpGroupWare - Administration *
+ * http://www.phpgroupware.org *
+ * -------------------------------------------- *
+ * This program is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU General Public License as published by the *
+ * Free Software Foundation; either version 2 of the License, or (at your *
+ * option) any later version. *
+ \**************************************************************************/
+
+ /* $Id$ */
+
+ $GLOBALS['menuData'][] = array(
+ 'description' => 'Login History',
+ 'url' => '/index.php',
+ 'extradata' => 'menuaction=admin.uiaccess_history.list_history'
);
- //Do not modify below this line
- $GLOBALS['menuData'][] = $data;
-?>
+ $GLOBALS['menuData'][] = array(
+ 'description' => 'ACL Rights',
+ 'url' => '/index.php',
+ 'extradata' => 'menuaction=admin.uiaclmanager.list_apps'
+ );
+?>
\ No newline at end of file
diff --git a/admin/templates/default/account_form.tpl b/admin/templates/default/account_form.tpl
index 08b0fffbd9..243b2b5174 100644
--- a/admin/templates/default/account_form.tpl
+++ b/admin/templates/default/account_form.tpl
@@ -5,8 +5,10 @@
- {rows}
-
+ |
+ {rows}
+ |
+
@@ -32,9 +34,7 @@
{lang_groups} |
- {groups_select} |
- {lang_file_space} |
- {account_file_space}{account_file_space_select} |
+ {groups_select} |
diff --git a/admin/templates/default/accounts.tpl b/admin/templates/default/accounts.tpl
index 7661d5a2d8..dec12d314c 100644
--- a/admin/templates/default/accounts.tpl
+++ b/admin/templates/default/accounts.tpl
@@ -28,12 +28,12 @@
|