$acl_app, 'enable_nextmatchs_class' => True, 'noappheader' => True, 'noappfooter' => True ); /* // header from calendar-app resets $owner if(isset($owner)) { $save_my_owner = $owner; } */ $phpgw_info['flags'] = $phpgw_flags; include('../header.inc.php'); if ($acl_app_not_passed) { $GLOBALS['phpgw']->log->message(array( 'text' => 'F-BadmenuactionVariable, failed to pass acl_app.', 'line' => __LINE__, 'file' => __FILE__ )); $GLOBALS['phpgw']->log->commit(); } if ($GLOBALS['phpgw_info']['server']['deny_user_grants_access']) { echo '' . lang('Access not permitted') . ''; $phpgw->common->phpgw_exit(True); } /* if(isset($save_my_owner) && $phpgw_info['user']['apps']['admin']) { $owner = $save_my_owner; unset($save_my_owner); } elseif(@isset($save_my_owner)) { echo ''.lang('You do not have permission to set ACL\'s in this mode!').''; $phpgw->common->phpgw_footer(); } */ function check_acl($label,$id,$acl,$rights,$right,$is_group=False) { global $phpgw_info, $p; $p->set_var($acl,$label.$phpgw_info['flags']['currentapp'].'['.$id.'_'.$right.']'); $rights_set = (($rights & $right)?' checked':''); if ($is_group) { // This is so you can't select it in the GUI $rights_set .= ' disabled'; } $p->set_var($acl.'_selected',$rights_set); } function display_row($bg_color,$label,$id,$name,$is_group) { global $phpgw, $phpgw_info, $acl, $p; $p->set_var('row_color',$bg_color); $p->set_var('user',$name); $rights = $acl->get_rights($id,$phpgw_info['flags']['currentapp']); // vv This is new $grantors = $acl->get_ids_for_location($id,$rights,$phpgw_info['flags']['currentapp']); $is_group_set = False; while(@$grantors && list($key,$grantor) = each($grantors)) { if($phpgw->accounts->get_type($grantor) == 'g') { $is_group_set = True; } } // ^^ This is new check_acl($label,$id,'read',$rights,PHPGW_ACL_READ,($is_group_set && ($rights & PHPGW_ACL_READ) && !$is_group?$is_group_set:False)); check_acl($label,$id,'add',$rights,PHPGW_ACL_ADD,($is_group_set && ($rights & PHPGW_ACL_ADD && !$is_group)?$is_group_set:False)); check_acl($label,$id,'edit',$rights,PHPGW_ACL_EDIT,($is_group_set && ($rights & PHPGW_ACL_EDIT && !$is_group)?$is_group_set:False)); check_acl($label,$id,'delete',$rights,PHPGW_ACL_DELETE,($is_group_set && ($rights & PHPGW_ACL_DELETE && !$is_group)?$is_group_set:False)); check_acl($label,$id,'private',$rights,PHPGW_ACL_PRIVATE,$is_group); $p->parse('row','acl_row',True); } if(!isset($owner) || !$phpgw_info['user']['apps']['admin']) { $owner = $phpgw_info['user']['account_id']; } $acct = CreateObject('phpgwapi.accounts',$owner); $groups = $acct->get_list('groups'); $users = $acct->get_list('accounts'); $owner_name = $acct->id2name($owner); // get owner name for title if($is_group = $acct->get_type($owner) == 'g') { $owner_name = lang('Group').' ('.$owner_name.')'; } unset($acct); $acl = CreateObject('phpgwapi.acl',intval($owner)); $acl->read_repository(); if ($submit) { $to_remove = unserialize(urldecode($processed)); for($i=0;$idelete($phpgw_info['flags']['currentapp'],$to_remove[$i]); } /* Group records */ $group_variable = 'g_'.$phpgw_info['flags']['currentapp']; if (!$$group_variable) { $$group_variable = array(); } @reset($$group_variable); $totalacl = array(); while(list($rowinfo,$perm) = each($$group_variable)) { list($group_id,$rights) = split('_',$rowinfo); $totalacl[$group_id] += $rights; } @reset($totalacl); while(list($group_id,$rights) = @each($totalacl)) { if($is_group) { $rights &= ~PHPGW_ACL_PRIVATE; /* Don't allow group-grants to grant private */ } $acl->add($phpgw_info['flags']['currentapp'],$group_id,$rights); } /* User records */ $user_variable = 'u_'.$phpgw_info['flags']['currentapp']; if (!$$user_variable) { $$user_variable = array(); } @reset($$user_variable); $totalacl = array(); while(list($rowinfo,$perm) = each($$user_variable)) { list($user_id,$rights) = split('_',$rowinfo); $totalacl[$user_id] += $rights; } @reset($totalacl); while(list($user_id,$rights) = @each($totalacl)) { if($is_group) { $rights &= ~ PHPGW_ACL_PRIVATE; /* Don't allow group-grants to grant private */ } $acl->add($phpgw_info['flags']['currentapp'],$user_id,$rights); } $acl->save_repository(); } $processed = Array(); $total = 0; if(!isset($start)) { $start = 0; } if(!$start) { $s_groups = 0; $s_users = 0; } if(!isset($s_groups)) { $s_groups = 0; } if(!isset($s_users)) { $s_users = 0; } if(!isset($query)) { $query = ""; } if(!isset($maxm)) { $maxm = $phpgw_info['user']['preferences']['common']['maxmatchs']; } if(!isset($totalentries)) { $totalentries = count($groups) + count($users); if($totalentries < $maxm) { $maxm = $totalentries; } } $p = CreateObject('phpgwapi.Template',PHPGW_APP_TPL); $templates = Array ( 'preferences' => 'preference_acl.tpl', 'row_colspan' => 'preference_colspan.tpl', 'acl_row' => 'preference_acl_row.tpl' ); $p->set_file($templates); if ($submit) { $p->set_var('errors',lang('ACL grants have been updated')); } $common_hidden_vars = ' '."\n" . ' '."\n" . ' '."\n" . ' '."\n" . ' '."\n" . ' '."\n" . ' '."\n"; $var = Array( 'errors' => '', 'title' => '

'.lang($phpgw_info['flags']['currentapp'].' preferences').' - '.lang('acl').': '.$owner_name.'

', 'action_url' => $phpgw->link('/preferences/acl_preferences.php','acl_app=' . $acl_app), 'bg_color' => $phpgw_info['theme']['th_bg'], 'submit_lang' => lang('submit'), 'common_hidden_vars_form' => $common_hidden_vars ); $p->set_var($var); if(isset($query_result) && $query_result) { $common_hidden_vars .= ''."\n"; } $p->set_var('common_hidden_vars',$common_hidden_vars); $var = Array( 'read_lang' => lang('Read'), 'add_lang' => lang('Add'), 'edit_lang' => lang('Edit'), 'delete_lang' => lang('Delete') ); $p->set_var($var); $p->set_var('private_lang',lang('Private')); if(intval($s_groups) <> count($groups)) { $p->set_var('string',lang('Groups')); $p->parse('row','row_colspan',True); reset($groups); for($k=0;$knextmatchs->alternate_row_color($tr_color); display_row($tr_color,'g_',$group['account_id'],$group['account_lid'],$is_group); $s_groups++; $processed[] = $group['account_id']; $total++; if($total == $maxm) { break; } } } } if($total <> $maxm) { if($users) { $p->set_var('string',ucfirst(lang('Users'))); $p->parse('row','row_colspan',True); $tr_color = $phpgw->nextmatchs->alternate_row_color($tr_color); for($k=$s_users;$k<$totalentries || $k==count($users);$k++) { $user = $users[$k]; //echo '
acctid: '.$user['account_id']; if ($user['account_id']) { $go = True; } else { $go = False; } if($query) { $name = ' '.$user['account_firstname'].' '.$user['account_lastname'].' '.$user['account_lid'].' '; if(!strpos($name,$query)) { $go = False; } } if($go && $user['account_id'] != $owner) // Need to be $owner not $phpgw_info['user']['account_id'] { // or the admin can't get special grants from a group $tr_color = $phpgw->nextmatchs->alternate_row_color($tr_color); display_row($tr_color,'u_',$user['account_id'],$phpgw->common->display_fullname($user['account_lid'],$user['account_firstname'],$user['account_lastname']),$is_group); $s_users++; $processed[] = $user['account_id']; $total++; if($total == $maxm) { break; } } } } } $extra_parms = '&acl_app=' . $acl_app . '&s_users='.$s_users.'&s_groups='.$s_groups . '&maxm=' . $maxm . '&totalentries=' . $totalentries . '&total=' . ($start + $total) . '&owner='.$owner; $var = Array( 'nml' => $phpgw->nextmatchs->left('/preferences/acl_preferences.php',$start,$totalentries,$extra_parms), 'nmr' => $phpgw->nextmatchs->right('/preferences/acl_preferences.php',$start,$totalentries,$extra_parms), 'search_value' => (isset($query) && $query?$query:''), 'search' => lang('search'), 'processed' => urlencode(serialize($processed)) ); $p->set_var($var); $p->pfp('out','preferences'); $phpgw->common->phpgw_footer(); ?>