mirror of
https://github.com/EGroupware/egroupware.git
synced 2025-01-09 15:38:27 +01:00
- useing the check_perms function from contacts
- ui only calls bo and not longer contacts direct
This commit is contained in:
Ralf Becker
parent
10fad5e570
commit
08379d93b8
@ -68,7 +68,12 @@
|
|||||||
function boaddressbook($session=False)
|
function boaddressbook($session=False)
|
||||||
{
|
{
|
||||||
$this->so = CreateObject('addressbook.soaddressbook');
|
$this->so = CreateObject('addressbook.soaddressbook');
|
||||||
|
// make some fields of the contacts-object availible
|
||||||
$this->grants = &$this->so->grants;
|
$this->grants = &$this->so->grants;
|
||||||
|
$this->stock_contact_fields = &$this->so->contacts->stock_contact_fields;
|
||||||
|
$this->tel_types = &$this->so->contacts->tel_types;
|
||||||
|
$this->email_types = &$this->so->contacts->email_types;
|
||||||
|
$this->adr_types = &$this->so->contacts->adr_types;
|
||||||
|
|
||||||
if($session)
|
if($session)
|
||||||
{
|
{
|
||||||
@ -417,19 +422,9 @@
|
|||||||
*/
|
*/
|
||||||
function check_perms($addr,$rights)
|
function check_perms($addr,$rights)
|
||||||
{
|
{
|
||||||
$id = !is_array($addr) ? $addr : (isset($addr['id']) ? $addr['id'] : $addr['ab_id']);
|
$ret = $this->so->contacts->check_perms(False,$rights,$addr);
|
||||||
|
//echo "<p>boaddressbook::check_perms(".print_r($addr,True).",$rights) = ".($ret?'True':'False')."</p>\n";
|
||||||
if (!is_array($addr) || !isset($addr['owner']))
|
return $ret;
|
||||||
{
|
|
||||||
$a = $this->so->read_entry($id,array('owner'));
|
|
||||||
$owner = $a[0]['owner'];
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
$owner = $addr['owner'];
|
|
||||||
}
|
|
||||||
//echo "<p>boaddressbook::check_perms(id='$id',rights=$rights): grant[owner='$owner']='".$this->grants[$owner]."' => ".(($this->grants[$owner] & 4) ? 'True':'False')."</p>\n";
|
|
||||||
return $owner && !!($this->grants[$owner] & $rights);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function save_preferences($prefs,$other,$qfields,$fcat_id)
|
function save_preferences($prefs,$other,$qfields,$fcat_id)
|
||||||
|
|||||||
@ -56,7 +56,6 @@
|
|||||||
$this->fields = CreateObject('addressbook.uifields');
|
$this->fields = CreateObject('addressbook.uifields');
|
||||||
|
|
||||||
$this->bo = CreateObject('addressbook.boaddressbook',True);
|
$this->bo = CreateObject('addressbook.boaddressbook',True);
|
||||||
$this->contacts = CreateObject('phpgwapi.contacts');
|
|
||||||
$this->cat = CreateObject('phpgwapi.categories');
|
$this->cat = CreateObject('phpgwapi.categories');
|
||||||
$this->company = CreateObject('phpgwapi.categories','addressbook_company');
|
$this->company = CreateObject('phpgwapi.categories','addressbook_company');
|
||||||
$this->prefs = $GLOBALS['phpgw_info']['user']['preferences']['addressbook'];
|
$this->prefs = $GLOBALS['phpgw_info']['user']['preferences']['addressbook'];
|
||||||
@ -255,7 +254,7 @@
|
|||||||
|
|
||||||
/* $qfields = $contacts->stock_contact_fields + $extrafields + $customfields; */
|
/* $qfields = $contacts->stock_contact_fields + $extrafields + $customfields; */
|
||||||
/* create column list and the top row of the table based on user prefs */
|
/* create column list and the top row of the table based on user prefs */
|
||||||
while($column = each($this->contacts->stock_contact_fields))
|
while($column = each($this->bo->stock_contact_fields))
|
||||||
{
|
{
|
||||||
$test = strtolower($column[0]);
|
$test = strtolower($column[0]);
|
||||||
if(isset($this->prefs[$test]) && $this->prefs[$test])
|
if(isset($this->prefs[$test]) && $this->prefs[$test])
|
||||||
@ -515,7 +514,7 @@
|
|||||||
$GLOBALS['phpgw']->template->set_var('row_vcard_link',$GLOBALS['phpgw']->link('/index.php',
|
$GLOBALS['phpgw']->template->set_var('row_vcard_link',$GLOBALS['phpgw']->link('/index.php',
|
||||||
'menuaction=addressbook.uivcard.out&ab_id='.$entries[$i]['id']));
|
'menuaction=addressbook.uivcard.out&ab_id='.$entries[$i]['id']));
|
||||||
/* echo '<br>: ' . $contacts->grants[$myowner] . ' - ' . $myowner; */
|
/* echo '<br>: ' . $contacts->grants[$myowner] . ' - ' . $myowner; */
|
||||||
if ($this->contacts->check_perms($this->contacts->grants[$myowner],PHPGW_ACL_EDIT) || $myowner == $GLOBALS['phpgw_info']['user']['account_id'])
|
if ($this->bo->check_perms($entries[$i],PHPGW_ACL_EDIT))
|
||||||
{
|
{
|
||||||
$GLOBALS['phpgw']->template->set_var('row_edit','<a href="' . $GLOBALS['phpgw']->link('/index.php',
|
$GLOBALS['phpgw']->template->set_var('row_edit','<a href="' . $GLOBALS['phpgw']->link('/index.php',
|
||||||
'menuaction=addressbook.uiaddressbook.edit&ab_id='.$entries[$i]['id']) . '">' . lang('Edit') . '</a>');
|
'menuaction=addressbook.uiaddressbook.edit&ab_id='.$entries[$i]['id']) . '">' . lang('Edit') . '</a>');
|
||||||
@ -580,7 +579,7 @@
|
|||||||
{
|
{
|
||||||
list($addnew) = $this->bo->read_entry(array(
|
list($addnew) = $this->bo->read_entry(array(
|
||||||
'id' => $_GET['ab_id'],
|
'id' => $_GET['ab_id'],
|
||||||
'fields' => $this->contacts->stock_contact_fields
|
'fields' => $this->bo->stock_contact_fields
|
||||||
));
|
));
|
||||||
|
|
||||||
$addnew['note'] .= "\n".lang("Copied by %1, from record #%2.",$GLOBALS['phpgw']->accounts->id2name($addnew['owner']),$addnew['id']);
|
$addnew['note'] .= "\n".lang("Copied by %1, from record #%2.",$GLOBALS['phpgw']->accounts->id2name($addnew['owner']),$addnew['id']);
|
||||||
@ -613,6 +612,7 @@
|
|||||||
|
|
||||||
$GLOBALS['phpgw']->template->set_file(array('add' => 'add.tpl'));
|
$GLOBALS['phpgw']->template->set_file(array('add' => 'add.tpl'));
|
||||||
|
|
||||||
|
$GLOBALS['phpgw_info']['flags']['app_header'] = lang('Addressbook').' - '.lang('Add');
|
||||||
$GLOBALS['phpgw']->common->phpgw_header();
|
$GLOBALS['phpgw']->common->phpgw_header();
|
||||||
echo parse_navbar();
|
echo parse_navbar();
|
||||||
|
|
||||||
@ -639,7 +639,7 @@
|
|||||||
/* _debug_array($_fields);exit; */
|
/* _debug_array($_fields);exit; */
|
||||||
$check = $this->bo->read_entry(array('id' => $_fields['ab_id'], 'fields' => array('owner' => 'owner','tid' => 'tid')));
|
$check = $this->bo->read_entry(array('id' => $_fields['ab_id'], 'fields' => array('owner' => 'owner','tid' => 'tid')));
|
||||||
|
|
||||||
if (($this->contacts->grants[$check[0]['owner']] & PHPGW_ACL_EDIT) && $check[0]['owner'] != $GLOBALS['phpgw_info']['user']['account_id'])
|
if ($this->bo->check_perms($check[0],PHPGW_ACL_EDIT))
|
||||||
{
|
{
|
||||||
$userid = $check[0]['owner'];
|
$userid = $check[0]['owner'];
|
||||||
}
|
}
|
||||||
@ -663,13 +663,13 @@
|
|||||||
/* First, make sure they have permission to this entry */
|
/* First, make sure they have permission to this entry */
|
||||||
$check = $this->bo->read_entry(array('id' => $_GET['ab_id'], 'fields' => array('owner' => 'owner','tid' => 'tid')));
|
$check = $this->bo->read_entry(array('id' => $_GET['ab_id'], 'fields' => array('owner' => 'owner','tid' => 'tid')));
|
||||||
|
|
||||||
if ( !$this->contacts->check_perms($this->contacts->grants[$check[0]['owner']],PHPGW_ACL_EDIT) &&
|
if ( !$this->bo->check_perms($check[0],PHPGW_ACL_EDIT))
|
||||||
($check[0]['owner'] != $GLOBALS['phpgw_info']['user']['account_id']) )
|
|
||||||
{
|
{
|
||||||
Header('Location: ' . $GLOBALS['phpgw']->link('/index.php','menuaction=addressbook.uiaddressbook.index'));
|
Header('Location: ' . $GLOBALS['phpgw']->link('/index.php','menuaction=addressbook.uiaddressbook.index'));
|
||||||
$GLOBALS['phpgw']->common->phpgw_exit();
|
$GLOBALS['phpgw']->common->phpgw_exit();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$GLOBALS['phpgw_info']['flags']['app_header'] = lang('Addressbook').' - '.lang('Edit');
|
||||||
$GLOBALS['phpgw']->common->phpgw_header();
|
$GLOBALS['phpgw']->common->phpgw_header();
|
||||||
echo parse_navbar();
|
echo parse_navbar();
|
||||||
|
|
||||||
@ -682,7 +682,7 @@
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* merge in extra fields */
|
/* merge in extra fields */
|
||||||
$qfields = $this->contacts->stock_contact_fields + $this->extrafields + $customfields;
|
$qfields = $this->bo->stock_contact_fields + $this->extrafields + $customfields;
|
||||||
$fields = $this->bo->read_entry(array('id' => $_GET['ab_id'], 'fields' => $qfields));
|
$fields = $this->bo->read_entry(array('id' => $_GET['ab_id'], 'fields' => $qfields));
|
||||||
|
|
||||||
$this->addressbook_form('edit','menuaction=addressbook.uiaddressbook.edit',lang('Edit'),$fields[0],$customfields);
|
$this->addressbook_form('edit','menuaction=addressbook.uiaddressbook.edit',lang('Edit'),$fields[0],$customfields);
|
||||||
@ -698,7 +698,7 @@
|
|||||||
$GLOBALS['phpgw']->template->set_var('cancel_link','<form method="POST" action="'
|
$GLOBALS['phpgw']->template->set_var('cancel_link','<form method="POST" action="'
|
||||||
. $GLOBALS['phpgw']->link('/index.php','menuaction=addressbook.uiaddressbook.index') . '">');
|
. $GLOBALS['phpgw']->link('/index.php','menuaction=addressbook.uiaddressbook.index') . '">');
|
||||||
|
|
||||||
if (($this->contacts->grants[$check[0]['owner']] & PHPGW_ACL_DELETE) || $check[0]['owner'] == $GLOBALS['phpgw_info']['user']['account_id'])
|
if (($this->bo->grants[$check[0]['owner']] & PHPGW_ACL_DELETE) || $check[0]['owner'] == $GLOBALS['phpgw_info']['user']['account_id'])
|
||||||
{
|
{
|
||||||
$GLOBALS['phpgw']->template->set_var('delete_link','<form method="POST" action="'.$GLOBALS['phpgw']->link('/index.php','menuaction=addressbook.uiaddressbook.delete') . '">');
|
$GLOBALS['phpgw']->template->set_var('delete_link','<form method="POST" action="'.$GLOBALS['phpgw']->link('/index.php','menuaction=addressbook.uiaddressbook.delete') . '">');
|
||||||
$GLOBALS['phpgw']->template->set_var('delete_button','<input type="submit" name="delete" value="' . lang('Delete') . '">');
|
$GLOBALS['phpgw']->template->set_var('delete_button','<input type="submit" name="delete" value="' . lang('Delete') . '">');
|
||||||
@ -722,7 +722,7 @@
|
|||||||
|
|
||||||
$check = $this->bo->read_entry(array('id' => $ab_id, 'fields' => array('owner' => 'owner','tid' => 'tid')));
|
$check = $this->bo->read_entry(array('id' => $ab_id, 'fields' => array('owner' => 'owner','tid' => 'tid')));
|
||||||
|
|
||||||
if (!(($this->contacts->grants[$check[0]['owner']] & PHPGW_ACL_DELETE) || $check[0]['owner'] == $GLOBALS['phpgw_info']['user']['account_id']))
|
if (!(($this->bo->grants[$check[0]['owner']] & PHPGW_ACL_DELETE) || $check[0]['owner'] == $GLOBALS['phpgw_info']['user']['account_id']))
|
||||||
{
|
{
|
||||||
Header('Location: ' . $GLOBALS['phpgw']->link('/index.php','menuaction=addressbook.uiaddressbook.index'));
|
Header('Location: ' . $GLOBALS['phpgw']->link('/index.php','menuaction=addressbook.uiaddressbook.index'));
|
||||||
$GLOBALS['phpgw']->common->phpgw_exit();
|
$GLOBALS['phpgw']->common->phpgw_exit();
|
||||||
@ -758,18 +758,7 @@
|
|||||||
$referer = urldecode($_GET['referer']);
|
$referer = urldecode($_GET['referer']);
|
||||||
|
|
||||||
/* First, make sure they have permission to this entry */
|
/* First, make sure they have permission to this entry */
|
||||||
$check = $this->bo->read_entry(array('id' => $ab_id, 'fields' => array('owner' => 'owner','tid' => 'tid')));
|
if (!$ab_id || !$this->bo->check_perms($ab_id,PHPGW_ACL_READ))
|
||||||
|
|
||||||
$tmp = $check[0]['owner'];
|
|
||||||
$perms = $this->contacts->check_perms($this->contacts->grants[$tmp],PHPGW_ACL_READ);
|
|
||||||
|
|
||||||
if ( (!$perms) && ($check[0]['owner'] != $GLOBALS['phpgw_info']['user']['account_id']) )
|
|
||||||
{
|
|
||||||
Header('Location: ' . $GLOBALS['phpgw']->link('/index.php','menuaction=addressbook.uiaddressbook.index'));
|
|
||||||
$GLOBALS['phpgw']->common->phpgw_exit();
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!$ab_id)
|
|
||||||
{
|
{
|
||||||
Header('Location: ' . $GLOBALS['phpgw']->link('/index.php','menuaction=addressbook.uiaddressbook.index'));
|
Header('Location: ' . $GLOBALS['phpgw']->link('/index.php','menuaction=addressbook.uiaddressbook.index'));
|
||||||
$GLOBALS['phpgw']->common->phpgw_exit();
|
$GLOBALS['phpgw']->common->phpgw_exit();
|
||||||
@ -795,7 +784,7 @@
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* _debug_array($this->prefs); */
|
/* _debug_array($this->prefs); */
|
||||||
while (list($column,$x) = each($this->contacts->stock_contact_fields))
|
while (list($column,$x) = each($this->bo->stock_contact_fields))
|
||||||
{
|
{
|
||||||
if (isset($this->prefs[$column]) && $this->prefs[$column])
|
if (isset($this->prefs[$column]) && $this->prefs[$column])
|
||||||
{
|
{
|
||||||
@ -805,7 +794,7 @@
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* merge in extra fields */
|
/* merge in extra fields */
|
||||||
$qfields = $this->contacts->stock_contact_fields + $this->extrafields + $customfields;
|
$qfields = $this->bo->stock_contact_fields + $this->extrafields + $customfields;
|
||||||
|
|
||||||
$fields = $this->bo->read_entry(array('id' => $ab_id, 'fields' => $qfields));
|
$fields = $this->bo->read_entry(array('id' => $ab_id, 'fields' => $qfields));
|
||||||
|
|
||||||
@ -951,7 +940,7 @@
|
|||||||
$GLOBALS['phpgw']->template->set_var('lang_category',lang('Category'));
|
$GLOBALS['phpgw']->template->set_var('lang_category',lang('Category'));
|
||||||
$GLOBALS['phpgw']->template->set_var('catname',$catname);
|
$GLOBALS['phpgw']->template->set_var('catname',$catname);
|
||||||
|
|
||||||
if (($this->contacts->grants[$record_owner] & PHPGW_ACL_EDIT) || ($record_owner == $GLOBALS['phpgw_info']['user']['account_id']))
|
if (($this->bo->grants[$record_owner] & PHPGW_ACL_EDIT) || ($record_owner == $GLOBALS['phpgw_info']['user']['account_id']))
|
||||||
{
|
{
|
||||||
$extra_vars = array('cd' => 16,'query' => $this->query,'cat_id' => $this->cat_id);
|
$extra_vars = array('cd' => 16,'query' => $this->query,'cat_id' => $this->cat_id);
|
||||||
|
|
||||||
@ -1009,7 +998,7 @@
|
|||||||
$customfields[$y['name']] = $y['name'];
|
$customfields[$y['name']] = $y['name'];
|
||||||
}
|
}
|
||||||
|
|
||||||
$qfields = $this->contacts->stock_contact_fields + $this->extrafields + $customfields;
|
$qfields = $this->bo->stock_contact_fields + $this->extrafields + $customfields;
|
||||||
|
|
||||||
if ($_POST['cancel'])
|
if ($_POST['cancel'])
|
||||||
{
|
{
|
||||||
@ -1408,7 +1397,7 @@
|
|||||||
/* Preferred phone number radio buttons */
|
/* Preferred phone number radio buttons */
|
||||||
$pref[0] = '<font size="-2">';
|
$pref[0] = '<font size="-2">';
|
||||||
$pref[1] = '(' . lang('pref') . ')</font>';
|
$pref[1] = '(' . lang('pref') . ')</font>';
|
||||||
while (list($name,$val) = each($this->contacts->tel_types))
|
while (list($name,$val) = each($this->bo->tel_types))
|
||||||
{
|
{
|
||||||
$str[$name] = "\n".' <input type="radio" name="entry[tel_prefer]" value="'.$name.'"';
|
$str[$name] = "\n".' <input type="radio" name="entry[tel_prefer]" value="'.$name.'"';
|
||||||
if ($name == $preferred)
|
if ($name == $preferred)
|
||||||
@ -1483,7 +1472,7 @@
|
|||||||
$time_zone .= '</select>' . "\n";
|
$time_zone .= '</select>' . "\n";
|
||||||
|
|
||||||
$email_type = '<select name=entry[email_type]>';
|
$email_type = '<select name=entry[email_type]>';
|
||||||
while ($type = each($this->contacts->email_types))
|
while ($type = each($this->bo->email_types))
|
||||||
{
|
{
|
||||||
$email_type .= '<option value="' . $type[0] . '"';
|
$email_type .= '<option value="' . $type[0] . '"';
|
||||||
if ($type[0] == $emailtype) { $email_type .= ' selected'; }
|
if ($type[0] == $emailtype) { $email_type .= ' selected'; }
|
||||||
@ -1491,9 +1480,9 @@
|
|||||||
}
|
}
|
||||||
$email_type .= '</select>';
|
$email_type .= '</select>';
|
||||||
|
|
||||||
reset($this->contacts->email_types);
|
reset($this->bo->email_types);
|
||||||
$hemail_type = '<select name=entry[hemail_type]>';
|
$hemail_type = '<select name=entry[hemail_type]>';
|
||||||
while ($type = each($this->contacts->email_types))
|
while ($type = each($this->bo->email_types))
|
||||||
{
|
{
|
||||||
$hemail_type .= '<option value="' . $type[0] . '"';
|
$hemail_type .= '<option value="' . $type[0] . '"';
|
||||||
if ($type[0] == $hemailtype) { $hemail_type .= ' selected'; }
|
if ($type[0] == $hemailtype) { $hemail_type .= ' selected'; }
|
||||||
@ -1501,8 +1490,8 @@
|
|||||||
}
|
}
|
||||||
$hemail_type .= '</select>';
|
$hemail_type .= '</select>';
|
||||||
|
|
||||||
reset($this->contacts->adr_types);
|
reset($this->bo->adr_types);
|
||||||
while (list($type,$val) = each($this->contacts->adr_types))
|
while (list($type,$val) = each($this->bo->adr_types))
|
||||||
{
|
{
|
||||||
$badrtype .= "\n".'<INPUT type="checkbox" name="entry[one_'.$type.']"';
|
$badrtype .= "\n".'<INPUT type="checkbox" name="entry[one_'.$type.']"';
|
||||||
$ot = 'one_'.$type;
|
$ot = 'one_'.$type;
|
||||||
@ -1514,8 +1503,8 @@
|
|||||||
$badrtype .= '>'.$val;
|
$badrtype .= '>'.$val;
|
||||||
}
|
}
|
||||||
|
|
||||||
reset($this->contacts->adr_types);
|
reset($this->bo->adr_types);
|
||||||
while (list($type,$val) = each($this->contacts->adr_types))
|
while (list($type,$val) = each($this->bo->adr_types))
|
||||||
{
|
{
|
||||||
$hadrtype .= "\n".'<INPUT type="checkbox" name="entry[two_'.$type.']"';
|
$hadrtype .= "\n".'<INPUT type="checkbox" name="entry[two_'.$type.']"';
|
||||||
$tt = 'two_'.$type;
|
$tt = 'two_'.$type;
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user