fixed disabled apps were shown in run-rights, removed not anymore used admin_acl::acl function and its template, also added still commented observer method ment to replace app_refresh

This commit is contained in:
Ralf Becker 2014-06-25 10:47:26 +00:00
parent bfade1bbbc
commit c5ec3245d3
3 changed files with 55 additions and 168 deletions

View File

@ -23,7 +23,6 @@ class admin_acl
*/
public $public_functions = array(
'index' => true,
'acl' => true,
);
/**
@ -41,114 +40,6 @@ class admin_acl
$this->acl = $GLOBALS['egw']->acl;
}
/**
* Edit or add an ACL entry
*
* @param array $content
*/
public function acl(array $content=null)
{
$state = (array)egw_cache::getSession(__CLASS__, 'state');
$tpl = new etemplate_new('admin.acl.edit'); // auto-repeat of acl & label not working with etemplate_new!
if (!is_array($content))
{
if (isset($_GET['id']))
{
list($app, $account, $location) = explode(':', $_GET['id'], 3);
if (!($rights = $this->acl->get_specific_rights_for_account($account, $location, $app)))
{
egw_framework::window_close(lang('ACL entry not found!'));
}
}
else
{
$app = !empty($_GET['app']) && isset($GLOBALS['egw_info']['apps'][$_GET['app']]) ?
$_GET['app'] : $state['acl_appname'];
$location = $state['filter'] == 'run' ? 'run' : null;//$state['account_id'];
$account = $state['account_id'];//$state['filter'] == 'run' ? $state['account_id'] : $state['acl_account'];
$rights = 1;
}
$content = array(
'id' => $_GET['id'],
'acl_appname' => $app,
'acl_location' => $location,
'acl_account' => $account,
);
if ($location == 'run')
{
$content['apps'] = array_keys($this->acl->get_user_applications($account, false, false)); // false: only direct rights, no memberships
}
}
$acl_rights = $GLOBALS['egw']->hooks->process(array(
'location' => 'acl_rights',
'owner' => $content['account_id'],
));
if ($content['save'])
{
self::check_access($content['acl_account'], $content['acl_location']);
if ($content['acl_location'] == 'run')
{
$this->save_run_rights($content);
}
else
{
$this->save_rights($content);
}
egw_framework::window_close();
}
if ($content['acl_location'] == 'run')
{
$readonlys['acl_account'] = true;
}
else
{
$content['acl'] = $content['label'] = array();
foreach($state['filter'] == 'run' ? array(1 => 'run') : $acl_rights[$content['acl_appname']] as $right => $label)
{
$content['acl'][] = $rights & $right;
$content['right'][] = $right;
$content['label'][] = lang($label);
}
$sel_options['acl_appname'] = array();
foreach(array_keys($state['filter'] == 'run' ? $GLOBALS['egw_info']['apps'] : $acl_rights) as $app)
{
$sel_options['acl_appname'][$app] = lang($app);
}
natcasesort($sel_options['acl_appname']);
if (!empty($content['id']))
{
$readonlys['acl_appname'] = $readonlys['acl_account'] = $readonlys['acl_location'] = true;
}
else
{
$readonlys['acl_account'] = true;
}
// only user himself is allowed to grant private rights!
if ($content['acl_account'] != $GLOBALS['egw_info']['user']['account_id'])
{
$readonlys['acl[5]'] = true;
$content['preserve_rights'] = $rights & acl::PRIVAT;
}
else
{
unset($content['preserve_rights']);
}
}
// view only, if no rights
if (!self::check_access($content['acl_account'], $content['acl_location'], false))
{
$readonlys[__ALL__] = true;
$readonlys['cancel'] = false;
}
//error_log(__METHOD__."() _GET[id]=".array2string($_GET['id'])." --> content=".array2string($content));
$tpl->exec('admin.admin_acl.acl', $content, $sel_options, $readonlys, $content, 2);
}
/**
* Save run rights and refresh opener
*
@ -356,7 +247,7 @@ class admin_acl
//error_log(__METHOD__."() $n: ".array2string($row));
}
//error_log(__METHOD__."(".array2string($query).") returning ".$total);
return $total;
}
@ -423,7 +314,7 @@ class admin_acl
self::check_access($account_id, $location); // throws exception, if no rights
$acl = $GLOBALS['egw']->acl;
if (!(int)$rights) // this also handles taking away all rights as delete
{
$acl->delete_repository($app, $location, $account_id);

View File

@ -120,6 +120,48 @@ app.classes.admin = AppJS.extend(
this.nm.set_disabled(!!_url);
},
/**
* Observer method receives update notifications from all applications
*
* App is responsible for only reacting to "messages" it is interested in!
*
* @param {string} _msg message (already translated) to show, eg. 'Entry deleted'
* @param {string} _app application name
* @param {(string|number)} _id id of entry to refresh or null
* @param {string} _type either 'update', 'edit', 'delete', 'add' or null
* - update: request just modified data from given rows. Sorting is not considered,
* so if the sort field is changed, the row will not be moved.
* - edit: rows changed, but sorting may be affected. Requires full reload.
* - delete: just delete the given rows clientside (no server interaction neccessary)
* - add: requires full reload for proper sorting
* @param {string} _msg_type 'error', 'warning' or 'success' (default)
* @param {string} _targetapp which app's window should be refreshed, default current
* @return {false|*} false to stop regular refresh, thought all observers are run
*/
/* as replacement for register_app_refresh in et2_ready, would allow to retire app_refresh stuff ...
observer: function(_msg, _app, _id, _type, _msg_type, _targetapp)
{
switch(_app)
{
case 'admin':
// group deleted, added or updated
if (_id < 0)
{
var tree = this.et2.getWidgetById('tree');
switch(_type)
{
case 'delete':
tree.deleteItem('/groups/'+_id, false);
return false; // --> no regular refresh
default: // add, update, edit, null
tree.refreshItem('/groups');
return false; // --> no regular refresh
}
}
}
},*/
/**
* Special handling for egw_refresh() in admin, to refresh the iframe when
* the framework detects a simple refresh can be used (same URL).
@ -334,7 +376,7 @@ app.classes.admin = AppJS.extend(
// For edit, set some data from the list since it's already there
var content = _senders[0].id ? jQuery.extend({}, egw.dataGetUIDdata(_senders[0].id).data) : {};
switch(_action.id)
{
case 'delete':
@ -365,7 +407,7 @@ app.classes.admin = AppJS.extend(
_acl_dialog: function(content, sel_options)
{
if(typeof content == 'undefined') content = {};
// Determine which application we're running as
var app = egw.app_name(); // can be either admin or preferences!
if (app != 'admin') app = 'preferences';
@ -375,7 +417,7 @@ app.classes.admin = AppJS.extend(
// Select options are already here, just pull them and pass along
sel_options = jQuery.extend({}, this.et2.getArrayMgr('sel_options').data||{}, {
'apps': this.et2.getArrayMgr('sel_options').getEntry('acl_appname')
'apps': this.et2.getArrayMgr('sel_options').getEntry('filter2')
},sel_options);
// Some defaults
@ -401,7 +443,7 @@ app.classes.admin = AppJS.extend(
{
// These are the apps the account has access to
// Fetch current values from server
this.egw.json(className+'::ajax_get_app_list', [content.acl_account], function(data) {content.apps = data},this,false,this)
this.egw.json(className+'::ajax_get_app_list', [content.acl_account], function(data) {content.apps = data;},this,false,this)
.sendRequest();
}
else
@ -432,7 +474,7 @@ app.classes.admin = AppJS.extend(
content.label.push(egw.lang(acl_rights[content.acl_appname][right]));
}
}
// Make sure selected values are there, account might not be in a default group
// so not in cache
if(content.acl_account)
@ -454,7 +496,7 @@ app.classes.admin = AppJS.extend(
}
}
if(content.acl_location)
{
{
sel_options.acl_location = jQuery.extend({},sel_options.acl_location);
this.egw.link_title('home-accounts', content.acl_location, function(title) {sel_options.acl_location[content.acl_location] = title;});
}
@ -467,7 +509,7 @@ app.classes.admin = AppJS.extend(
// Restore account if it's readonly in dialog
if(!_value.acl_account) _value.acl_account = content.acl_account;
// Only send the request if they entered everything
if(_value.acl_account && (_value.acl_appname && _value.acl_location || _value.apps))
{
@ -493,7 +535,7 @@ app.classes.admin = AppJS.extend(
}
else if (_value.apps.indexOf(app) >= 0 && content.apps.indexOf(app) < 0)
{
id.push(run_id)
id.push(run_id);
}
}
@ -522,6 +564,9 @@ app.classes.admin = AppJS.extend(
/**
* Change handler for ACL edit dialog application selectbox.
* Re-creates the dialog with the current values
*
* @param input
* @param widget
*/
acl_reopen_dialog: function(input, widget)
{

View File

@ -1,49 +0,0 @@
<?xml version="1.0"?>
<!-- $Id$ -->
<overlay>
<template id="admin.acl.edit" template="" lang="" group="0" version="1.9.001">
<grid>
<columns>
<column/>
<column/>
</columns>
<rows>
<row disabled="@acl_location=run" part="header">
<description value="Application"/>
<menulist>
<menupopup id="acl_appname" needed="1" onchange="app.admin.acl_reopen_dialog" options="Select one"/>
</menulist>
</row>
<row part="header">
<description value="Data from" for="acl_account"/>
<menulist>
<menupopup type="select-account" id="acl_account" account_type="both" needed="1" onchange="app.admin.acl_reopen_dialog"/>
</menulist>
</row>
<row disabled="@acl_location=run" part="header">
<description value="Access by" for="acl_location"/>
<menulist>
<menupopup type="select-account" id="acl_location" account_type="both"/>
</menulist>
</row>
<row valign="top" disabled="@acl_location=run">
<description value="Rights"/>
<grid>
<columns>
<column/>
</columns>
<rows>
<row>
<checkbox label="@label[$row]" id="acl[$row]" options="{$cont[right][$row]},0" span="all"/>
</row>
</rows>
</grid>
</row>
<row disabled="!@acl_location=run">
<description value="Applications" for="apps"/>
<listbox type="select-app" id="apps" rows="8" options=",enabled,,,,,0"/>
</row>
</rows>
</grid>
</template>
</overlay>