From 6d84dd976ce67bbfb91b4e780d8fae5f9fb1e6af Mon Sep 17 00:00:00 2001 From: Ralf Becker Date: Fri, 28 Feb 2014 10:13:26 +0000 Subject: [PATCH] * Addressbook/Admin: allow members of group(s) specified in Addressbook: Site configuration to edit contact-data of accounts without being an admin --- addressbook/inc/class.addressbook_hooks.inc.php | 13 +++++++++++++ addressbook/inc/class.addressbook_so.inc.php | 7 +++++++ addressbook/inc/class.addressbook_ui.inc.php | 4 ++-- addressbook/templates/default/config.tpl | 11 ++++++++++- 4 files changed, 32 insertions(+), 3 deletions(-) diff --git a/addressbook/inc/class.addressbook_hooks.inc.php b/addressbook/inc/class.addressbook_hooks.inc.php index f8630b686b..b1f67677b1 100644 --- a/addressbook/inc/class.addressbook_hooks.inc.php +++ b/addressbook/inc/class.addressbook_hooks.inc.php @@ -455,4 +455,17 @@ class addressbook_hooks { return true; } + + /** + * Hook returning options for deny_acl groups + * + * @param array $config + */ + public static function allow_account_edit($config) + { + $accountsel = new uiaccountsel(); + + return ''. + $accountsel->selection('newsettings[allow_account_edit]', 'allow_account_edit', $config['allow_account_edit'], 'groups', 4); + } } diff --git a/addressbook/inc/class.addressbook_so.inc.php b/addressbook/inc/class.addressbook_so.inc.php index a5f1b0a0ce..9bda483a4b 100755 --- a/addressbook/inc/class.addressbook_so.inc.php +++ b/addressbook/inc/class.addressbook_so.inc.php @@ -344,6 +344,13 @@ class addressbook_so // no add at the moment if (!$GLOBALS['egw']->acl->check('account_access',4,'admin')) $this->grants[0] |= EGW_ACL_ADD; if (!$GLOBALS['egw']->acl->check('account_access',32,'admin')) $grants[0] |= EGW_ACL_DELETE; } + // allow certain groups to edit contact-data of accounts + if ($GLOBALS['egw_info']['server']['allow_account_edit'] && + array_intersect($GLOBALS['egw_info']['server']['allow_account_edit'], + $GLOBALS['egw']->accounts->memberships($user, true))) + { + $grants[0] |= EGW_ACL_READ|EGW_ACL_EDIT; + } } else { diff --git a/addressbook/inc/class.addressbook_ui.inc.php b/addressbook/inc/class.addressbook_ui.inc.php index b13cc374c7..dd37a631cf 100644 --- a/addressbook/inc/class.addressbook_ui.inc.php +++ b/addressbook/inc/class.addressbook_ui.inc.php @@ -1555,7 +1555,7 @@ window.egw_LAB.wait(function() { // disable customfields column, if we have no customefield(s) if (!$this->customfields/* || !$this->prefs['no_auto_hide'] && !$customfields*/) $rows['no_customfields'] = true; - + $rows['order'] = $order; $rows['call_popup'] = $this->config['call_popup']; $rows['customfields'] = array_values($this->customfields); @@ -1943,7 +1943,7 @@ window.egw_LAB.wait(function() { $readonlys['change_org'] = empty($content['org_name']) || $view; // for editing the own account (by a non-admin), enable only the fields allowed via the "own_account_acl" - if (!$content['owner'] && !$this->is_admin($content)) + if (!$content['owner'] && !$this->check_perms(EGW_ACL_EDIT, $content)) { $this->_set_readonlys_for_own_account_acl($readonlys,$id); } diff --git a/addressbook/templates/default/config.tpl b/addressbook/templates/default/config.tpl index 94e7718ccf..6cef9d1b1e 100644 --- a/addressbook/templates/default/config.tpl +++ b/addressbook/templates/default/config.tpl @@ -71,11 +71,20 @@ select[multiple] { width:100%;} + + +  {lang_Security} + + -  {lang_Security}: {lang_How_many_contacts_should_non-admins_be_able_to_export} +  {lang_How_many_contacts_should_non-admins_be_able_to_export} {lang_(empty_=_use_global_limit,_no_=_no_export_at_all)}: + +  {lang_Allow_following_groups_to_edit_contact-data_of_accounts}: + {call_addressbook_hooks::allow_account_edit} +  {lang_History_logging}