extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2024-10-06 02:02:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix for group accessing calendar events. A few places I removed some extraneous code.

Browse Source
This commit is contained in:
skeeter 2001-11-29 03:12:01 +00:00
parent 1ebc3e04ba
commit 9165bf5f60
5 changed files with 157 additions and 136 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
calendar/inc/class.bocalendar.inc.php
View File

@ -82,8 +82,8 @@
)
);
var $debug = False;
// var $debug = True;
// var $debug = False;
var $debug = True;
var $so;
var $cached_events;
@ -122,6 +122,16 @@
{
$this->grants = $GLOBALS['phpgw']->acl->get_grants('calendar');
@reset($this->grants);
if($this->debug)
{
while(list($grantor,$rights) = each($this->grants))
{
echo '<!-- Grantor: '.$grantor.' Rights: '.$rights.' -->'."\n";
}
@reset($this->grantor);
}
if($this->debug) { echo '<!-- Read Use_Session : ('.$session.') -->'."\n"; }
if($session)
@ -330,6 +340,19 @@
}
}
function member_of_group()
{
$group_owners = $GLOBALS['phpgw']->accounts->membership($GLOBALS['phpgw_info']['user']['account_id']);
while($group_owners && list($index,$group_info) = each($group_owners))
{
if($this->owner = $group_info['account_id'])
{
return True;
}
}
return False;
}
function save_sessiondata($data)
{
if ($this->use_session)
@ -1098,7 +1121,13 @@
{
if($user == 0)
{
return !!($this->grants[$this->owner] & $needed);
$allowed = !!($this->grants[$this->owner] & $needed);
if($this->debug)
{
echo '<!-- Grantor: '.$this->owner.' Rights: '.$this->grants[$this->owner].' Allowed: '.$allowed.'-->'."\n";
}
return $allowed;
}
else
{

4
calendar/inc/class.socalendar.inc.php
View File

@ -110,10 +110,10 @@
$member[] = $group_info['account_id'];
}
@reset($member);
$sql .= ','.implode(',',$member).') ';
// $sql .= ','.implode(',',$member).') ';
// $sql .= 'AND (phpgw_cal.datetime <= '.$starttime.') ';
// $sql .= 'AND (((phpgw_cal_repeats.recur_enddate >= '.$starttime.') AND (phpgw_cal_repeats.recur_enddate <= '.$endtime.')) OR (phpgw_cal_repeats.recur_enddate=0))) '
$sql .= 'AND ((phpgw_cal_repeats.recur_enddate >= '.$starttime.') OR (phpgw_cal_repeats.recur_enddate=0))) '
$sql .= ') AND ((phpgw_cal_repeats.recur_enddate >= '.$starttime.') OR (phpgw_cal_repeats.recur_enddate=0))) '
. (strpos($this->filter,'private')?'AND phpgw_cal.is_public=0 ':'')
. ($this->cat_id?"AND phpgw_cal.category like '%".$this->cat_id."%' ":'')
. 'ORDER BY phpgw_cal.datetime ASC, phpgw_cal.edatetime ASC, phpgw_cal.priority ASC';

2
calendar/inc/class.socalendar_sql.inc.php
View File

@ -268,7 +268,7 @@ class socalendar_ extends socalendar__
$member[] = $group_info['account_id'];
}
@reset($member);
$user_where .= ','.implode(',',$member);
// $user_where .= ','.implode(',',$member);
$user_where .= ')) ';
if($this->debug)

15
calendar/inc/class.uicalendar.inc.php
View File

@ -522,18 +522,15 @@
$date = $date?$date:intval($GLOBALS['HTTP_GET_VARS']['date']);
// First, make sure they have permission to this entry
$continue_ok = True;
if ($cal_id < 1)
{
echo lang('Invalid entry id.').'</center>'."\n";
$continue_ok = False;
$GLOBALS['phpgw']->common->phpgw_exit(True);
}
if(!$this->bo->check_perms(PHPGW_ACL_READ))
{
echo lang('You do not have permission to read this record!').'</center>'."\n";
$continue_ok = False;
$GLOBALS['phpgw']->common->phpgw_exit(True);
}
@ -542,12 +539,9 @@
if(!isset($event['id']))
{
echo lang("Sorry, this event does not exist").'.'.'</center>'."\n";
$continue_ok = False;
$GLOBALS['phpgw']->common->phpgw_exit(True);
}
if($continue_ok)
{
$this->bo->repeating_events = Array();
$this->bo->cached_events = Array();
$this->bo->repeating_events[0] = $event;
@ -688,7 +682,6 @@
$p->set_var($var);
echo $p->fp('out','form_button').'</center>';
}
}
function edit($params='')
{
@ -1113,7 +1106,8 @@
unset($GLOBALS[\'phpgw_info\'][\'flags\'][\'nonavbar\']);
$GLOBALS[\'phpgw\']->common->phpgw_header();
$html = CreateObject(\'infolog.html\');
$html = CreateObject(\'calendar.html\');
// $html = CreateObject(\'infolog.html\');
$sbox = CreateObject(\'phpgwapi.sbox\');
$intervals_per_day = 3; // this should be configurable
@ -2378,7 +2372,7 @@
function view_event($event,$alarms=False)
{
if(!$event['participants'][$this->bo->owner])
if(!$event['participants'][$this->bo->owner] && !$this->bo->member_of_group())
{
return '<center>'.lang('You do not have permission to read this record!').'</center>';
}
@ -2824,7 +2818,6 @@
}
}
// if (isset($time[99]) && strlen($time[99]) > 0)
if (isset($time[99][0]))
{
$var = Array(
@ -2854,7 +2847,6 @@
{
// this might mean there's an overlap, or it could mean one event
// ends at 11:15 and another starts at 11:30.
// if (isset($time[$i]) && strlen($time[$i]))
if (isset($time[$i][$j]))
{
$p->set_var('event',$time[$i][$j]);
@ -2863,7 +2855,6 @@
}
$rowspan--;
}
// elseif (!isset($time[$i]) || !strlen($time[$i]))
elseif (!isset($time[$i][$j]))
{
$p->set_var('event','&nbsp;');

3
phpgwapi/inc/class.acl.inc.php
View File

@ -644,9 +644,10 @@
{
$grants[$grantor] = 0;
}
$grants[$grantor] |= $rights;
if(!!($rights & PHPGW_ACL_READ))
{
$grants[$grantor] = PHPGW_ACL_READ;
$grants[$grantor] |= PHPGW_ACL_READ;
}
}
while(list($nul,$grantors) = each($accounts[$grantor]))