mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-24 15:49:06 +01:00
Fix for group accessing calendar events. A few places I removed some extraneous code.
This commit is contained in:
parent
1ebc3e04ba
commit
9165bf5f60
@ -82,8 +82,8 @@
|
||||
)
|
||||
);
|
||||
|
||||
var $debug = False;
|
||||
// var $debug = True;
|
||||
// var $debug = False;
|
||||
var $debug = True;
|
||||
|
||||
var $so;
|
||||
var $cached_events;
|
||||
@ -122,6 +122,16 @@
|
||||
{
|
||||
$this->grants = $GLOBALS['phpgw']->acl->get_grants('calendar');
|
||||
|
||||
@reset($this->grants);
|
||||
if($this->debug)
|
||||
{
|
||||
while(list($grantor,$rights) = each($this->grants))
|
||||
{
|
||||
echo '<!-- Grantor: '.$grantor.' Rights: '.$rights.' -->'."\n";
|
||||
}
|
||||
@reset($this->grantor);
|
||||
}
|
||||
|
||||
if($this->debug) { echo '<!-- Read Use_Session : ('.$session.') -->'."\n"; }
|
||||
|
||||
if($session)
|
||||
@ -330,6 +340,19 @@
|
||||
}
|
||||
}
|
||||
|
||||
function member_of_group()
|
||||
{
|
||||
$group_owners = $GLOBALS['phpgw']->accounts->membership($GLOBALS['phpgw_info']['user']['account_id']);
|
||||
while($group_owners && list($index,$group_info) = each($group_owners))
|
||||
{
|
||||
if($this->owner = $group_info['account_id'])
|
||||
{
|
||||
return True;
|
||||
}
|
||||
}
|
||||
return False;
|
||||
}
|
||||
|
||||
function save_sessiondata($data)
|
||||
{
|
||||
if ($this->use_session)
|
||||
@ -1098,7 +1121,13 @@
|
||||
{
|
||||
if($user == 0)
|
||||
{
|
||||
return !!($this->grants[$this->owner] & $needed);
|
||||
$allowed = !!($this->grants[$this->owner] & $needed);
|
||||
if($this->debug)
|
||||
{
|
||||
echo '<!-- Grantor: '.$this->owner.' Rights: '.$this->grants[$this->owner].' Allowed: '.$allowed.'-->'."\n";
|
||||
}
|
||||
|
||||
return $allowed;
|
||||
}
|
||||
else
|
||||
{
|
||||
|
@ -110,10 +110,10 @@
|
||||
$member[] = $group_info['account_id'];
|
||||
}
|
||||
@reset($member);
|
||||
$sql .= ','.implode(',',$member).') ';
|
||||
// $sql .= ','.implode(',',$member).') ';
|
||||
// $sql .= 'AND (phpgw_cal.datetime <= '.$starttime.') ';
|
||||
// $sql .= 'AND (((phpgw_cal_repeats.recur_enddate >= '.$starttime.') AND (phpgw_cal_repeats.recur_enddate <= '.$endtime.')) OR (phpgw_cal_repeats.recur_enddate=0))) '
|
||||
$sql .= 'AND ((phpgw_cal_repeats.recur_enddate >= '.$starttime.') OR (phpgw_cal_repeats.recur_enddate=0))) '
|
||||
$sql .= ') AND ((phpgw_cal_repeats.recur_enddate >= '.$starttime.') OR (phpgw_cal_repeats.recur_enddate=0))) '
|
||||
. (strpos($this->filter,'private')?'AND phpgw_cal.is_public=0 ':'')
|
||||
. ($this->cat_id?"AND phpgw_cal.category like '%".$this->cat_id."%' ":'')
|
||||
. 'ORDER BY phpgw_cal.datetime ASC, phpgw_cal.edatetime ASC, phpgw_cal.priority ASC';
|
||||
|
@ -268,7 +268,7 @@ class socalendar_ extends socalendar__
|
||||
$member[] = $group_info['account_id'];
|
||||
}
|
||||
@reset($member);
|
||||
$user_where .= ','.implode(',',$member);
|
||||
// $user_where .= ','.implode(',',$member);
|
||||
$user_where .= ')) ';
|
||||
|
||||
if($this->debug)
|
||||
|
@ -522,18 +522,15 @@
|
||||
$date = $date?$date:intval($GLOBALS['HTTP_GET_VARS']['date']);
|
||||
|
||||
// First, make sure they have permission to this entry
|
||||
$continue_ok = True;
|
||||
if ($cal_id < 1)
|
||||
{
|
||||
echo lang('Invalid entry id.').'</center>'."\n";
|
||||
$continue_ok = False;
|
||||
$GLOBALS['phpgw']->common->phpgw_exit(True);
|
||||
}
|
||||
|
||||
if(!$this->bo->check_perms(PHPGW_ACL_READ))
|
||||
{
|
||||
echo lang('You do not have permission to read this record!').'</center>'."\n";
|
||||
$continue_ok = False;
|
||||
$GLOBALS['phpgw']->common->phpgw_exit(True);
|
||||
}
|
||||
|
||||
@ -542,12 +539,9 @@
|
||||
if(!isset($event['id']))
|
||||
{
|
||||
echo lang("Sorry, this event does not exist").'.'.'</center>'."\n";
|
||||
$continue_ok = False;
|
||||
$GLOBALS['phpgw']->common->phpgw_exit(True);
|
||||
}
|
||||
|
||||
if($continue_ok)
|
||||
{
|
||||
$this->bo->repeating_events = Array();
|
||||
$this->bo->cached_events = Array();
|
||||
$this->bo->repeating_events[0] = $event;
|
||||
@ -688,7 +682,6 @@
|
||||
$p->set_var($var);
|
||||
echo $p->fp('out','form_button').'</center>';
|
||||
}
|
||||
}
|
||||
|
||||
function edit($params='')
|
||||
{
|
||||
@ -1113,7 +1106,8 @@
|
||||
unset($GLOBALS[\'phpgw_info\'][\'flags\'][\'nonavbar\']);
|
||||
$GLOBALS[\'phpgw\']->common->phpgw_header();
|
||||
|
||||
$html = CreateObject(\'infolog.html\');
|
||||
$html = CreateObject(\'calendar.html\');
|
||||
// $html = CreateObject(\'infolog.html\');
|
||||
$sbox = CreateObject(\'phpgwapi.sbox\');
|
||||
|
||||
$intervals_per_day = 3; // this should be configurable
|
||||
@ -2378,7 +2372,7 @@
|
||||
|
||||
function view_event($event,$alarms=False)
|
||||
{
|
||||
if(!$event['participants'][$this->bo->owner])
|
||||
if(!$event['participants'][$this->bo->owner] && !$this->bo->member_of_group())
|
||||
{
|
||||
return '<center>'.lang('You do not have permission to read this record!').'</center>';
|
||||
}
|
||||
@ -2824,7 +2818,6 @@
|
||||
}
|
||||
}
|
||||
|
||||
// if (isset($time[99]) && strlen($time[99]) > 0)
|
||||
if (isset($time[99][0]))
|
||||
{
|
||||
$var = Array(
|
||||
@ -2854,7 +2847,6 @@
|
||||
{
|
||||
// this might mean there's an overlap, or it could mean one event
|
||||
// ends at 11:15 and another starts at 11:30.
|
||||
// if (isset($time[$i]) && strlen($time[$i]))
|
||||
if (isset($time[$i][$j]))
|
||||
{
|
||||
$p->set_var('event',$time[$i][$j]);
|
||||
@ -2863,7 +2855,6 @@
|
||||
}
|
||||
$rowspan--;
|
||||
}
|
||||
// elseif (!isset($time[$i]) || !strlen($time[$i]))
|
||||
elseif (!isset($time[$i][$j]))
|
||||
{
|
||||
$p->set_var('event',' ');
|
||||
|
@ -644,9 +644,10 @@
|
||||
{
|
||||
$grants[$grantor] = 0;
|
||||
}
|
||||
$grants[$grantor] |= $rights;
|
||||
if(!!($rights & PHPGW_ACL_READ))
|
||||
{
|
||||
$grants[$grantor] = PHPGW_ACL_READ;
|
||||
$grants[$grantor] |= PHPGW_ACL_READ;
|
||||
}
|
||||
}
|
||||
while(list($nul,$grantors) = each($accounts[$grantor]))
|
||||
|
Loading…
Reference in New Issue
Block a user