From 72b4870a4c1e6b6cccefc0935231be7910eae104 Mon Sep 17 00:00:00 2001
From: jengo <jengo@alumni.egroupware.org>
Date: Sat, 24 Mar 2001 11:11:45 +0000
Subject: [PATCH] Started working on edit ACL, its not complete

---
 addressbook/edit.php                       | 49 +++++++++++++---------
 addressbook/inc/class.contacts_sql.inc.php |  3 +-
 addressbook/inc/functions.inc.php          |  5 ++-
 addressbook/templates/default/form.tpl     |  8 ++++
 4 files changed, 44 insertions(+), 21 deletions(-)

diff --git a/addressbook/edit.php b/addressbook/edit.php
index d06677b184..12260f11bd 100755
--- a/addressbook/edit.php
+++ b/addressbook/edit.php
@@ -12,26 +12,41 @@
 
 /* $Id$ */
 
-	if ($submit || ! $ab_id) {
-		$phpgw_info["flags"] = array(
-			"noheader" => True,
-			"nonavbar" => True
-		);
+	$phpgw_info['flags'] = array(
+		'noheader'              => True,
+		'nonavbar'              => True,
+		'currentapp'            => 'addressbook',
+		// is this really needed ?
+		'enable_contacts_class' => True
+	);
+
+	include('../header.inc.php');
+
+	$this = CreateObject('phpgwapi.contacts');
+
+	// First, make sure they have permission to this entry
+	$phpgw->db->query("select owner from phpgw_addressbook where id='$ab_id'");
+	$phpgw->db->next_record();
+
+	if (! $this->check_perms($this->grants[$phpgw->db->f('owner')],PHPGW_ACL_EDIT) && $phpgw->db->f('owner') != $phpgw_info['user']['account_id'])
+	{
+		Header("Location: " . $phpgw->link('/addressbook/index.php',"cd=16&order=$order&sort=$sort&filter=$filter&start=$start&query=$query"));
+		$phpgw->common->phpgw_exit();
 	}
 
-	$phpgw_info["flags"]["currentapp"] = "addressbook";
-	$phpgw_info["flags"]["enable_contacts_class"] = True;
-	include("../header.inc.php");
-
 	$t = new Template($phpgw->common->get_tpl_dir("addressbook"));
-	$t->set_file(array( "edit"	=> "edit.tpl"));
+	$t->set_file(array("edit"	=> "edit.tpl"));
 
 	if (! $ab_id) {
 		Header("Location: " . $phpgw->link('/addressbook/index.php',"cd=16&order=$order&sort=$sort&filter=$filter&start=$start&query=$query"));
 		$phpgw->common->phpgw_exit();
 	}
 
-	$this = CreateObject("phpgwapi.contacts");
+	if (! $submit)
+	{
+		$phpgw->common->phpgw_header();
+		echo parse_navbar();
+	}
 
 	// Read in user custom fields, if any
 	$phpgw->preferences->read_repository();
@@ -51,14 +66,10 @@
 			"address2" => "address2",
 			"address3" => "address3"
 		);
-		if ($rights & PHPGW_ACL_EDIT) {
-			$qfields = $this->stock_contact_fields + $extrafields + $customfields;
-			$fields = addressbook_read_entry($ab_id,$qfields);
-			addressbook_form("","edit.php","Edit",$fields[0],$customfields);
-		} else {
-			Header("Location: " . $phpgw->link('/addressbook/index.php',"cd=16&order=$order&sort=$sort&filter=$filter&start=$start&query=$query"));
-			$phpgw->common->phpgw_exit();
-		}
+
+		$qfields = $this->stock_contact_fields + $extrafields + $customfields;
+		$fields = addressbook_read_entry($ab_id,$qfields);
+		addressbook_form("","edit.php","Edit",$fields[0],$customfields);
 	} else {
 		if ($url == "http://") {
 			$url = "";
diff --git a/addressbook/inc/class.contacts_sql.inc.php b/addressbook/inc/class.contacts_sql.inc.php
index c3923e7636..8b111ece1e 100644
--- a/addressbook/inc/class.contacts_sql.inc.php
+++ b/addressbook/inc/class.contacts_sql.inc.php
@@ -211,6 +211,7 @@
 			return $return_fields;
 		}
 
+
 		function read_last_entry($fields="")
 		{
 			if (!$fields || empty($fields)) { $fields = $this->stock_contact_fields; }
@@ -521,7 +522,7 @@
 				if ($field_s == ",") {
 					unset($field_s);
 				}
-				$this->db->query("update $this->std_table set owner='$owner', access='$access' $fields_s where "
+				$this->db->query("update $this->std_table set access='$access' $fields_s where "
 					. "id='$id'",__LINE__,__FILE__);
 			}
 
diff --git a/addressbook/inc/functions.inc.php b/addressbook/inc/functions.inc.php
index dd4599c378..052e26323f 100755
--- a/addressbook/inc/functions.inc.php
+++ b/addressbook/inc/functions.inc.php
@@ -12,6 +12,8 @@
 
 /* $Id$ */
 
+	// I don't think this is needed anymore
+
 	// Perform acl check, set $rights
 	if(!isset($owner)) { $owner = 0; } 
 
@@ -450,8 +452,9 @@
 		$t->set_var("lang_pubkey",lang("Public Key"));
 		$t->set_var("pubkey",$pubkey);
 
+		$t->set_var('lang_private',lang('Private'));
 		if ($customfields) {
-			$t->set_var("lang_custom",lang("Custom Fields").':');
+			$t->set_var('lang_custom',lang('Custom Fields').':');
 		} else {
 			$t->set_var("lang_custom",'');
 		}
diff --git a/addressbook/templates/default/form.tpl b/addressbook/templates/default/form.tpl
index f5b5730b1c..4eec2e011b 100755
--- a/addressbook/templates/default/form.tpl
+++ b/addressbook/templates/default/form.tpl
@@ -313,6 +313,14 @@
       {notes}
     </font></td>
   </tr>
+
+  <tr>
+    <td><font size="-1">{lang_private}:</font></td>
+    <td colspan="3">
+     <input type="checkbox" name="access" value="True"{access_check}>
+    </td>
+  </tr>
+
   <tr>
 	<td><font color="#000000" face="" size="-1">{lang_custom}</font></td>
 	<td></td>