extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2025-02-17 02:41:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

* Calendar: fixed MyStylite bug #2434: context menu could be used to invite yourself to any event you can read

Browse Source
This commit is contained in:
Ralf Becker 2011-11-09 09:47:14 +00:00
parent caf84cdbc1
commit 0ec56da7a1
2 changed files with 18 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
calendar/inc/class.calendar_boupdate.inc.php
View File

@ -1029,8 +1029,10 @@ class calendar_boupdate extends calendar_bo
return EGW_ACL_EDIT & $resource['rights'];
}
if (!is_array($event) && !($event = $this->read($event))) return false;
// regular user and groups
return $this->check_perms(EGW_ACL_EDIT,0,$uid);
return isset($event['participants'][$uid]) && $this->check_perms(EGW_ACL_EDIT,0,$uid);
}
/**

24
calendar/inc/class.calendar_uilist.inc.php
View File

@ -461,6 +461,7 @@ class calendar_uilist extends calendar_ui
{
//echo '<p>' . __METHOD__ . "('$action',".print_r($checked,true).','.(int)$use_all.",...)</p>\n";
$success = $failed = 0;
$msg = null;
// Split out combined values
if(strpos($action, 'status') !== false) {
@ -527,7 +528,7 @@ class calendar_uilist extends calendar_ui
}
else
{
$failure++;
$failed++;
}
break;
case 'undelete':
@ -542,10 +543,11 @@ class calendar_uilist extends calendar_ui
break;
}
}
$failure++;
$failed++;
break;
case 'status':
if($id && $event = $this->bo->read($id, $recur_date))
$action_msg = lang('Status changed');
if($id && ($event = $this->bo->read($id, $recur_date)))
{
$old_status = $event['participants'][$GLOBALS['egw_info']['user']['account_id']];
calendar_so::split_status($old_status, $quantity, $role);
@ -556,11 +558,15 @@ class calendar_uilist extends calendar_ui
if ($this->bo->set_status($id,$GLOBALS['egw_info']['user']['account_id'],$new_status,$recur_date))
{
$success++;
$msg = lang('Status changed');
//$msg = lang('Status changed');
}
else
{
$failed++;
}
}
} else {
$failure++;
$failed++;
}
break;
case 'timesheet-add':
@ -578,7 +584,7 @@ class calendar_uilist extends calendar_ui
}
if(!$event)
{
$failure++;
$failed++;
continue;
}
$timesheet = array(
@ -620,7 +626,7 @@ class calendar_uilist extends calendar_ui
}
else
{
$failure++;
$failed++;
}
$msg = lang('Timesheet entries created for ');
break;
@ -628,8 +634,8 @@ class calendar_uilist extends calendar_ui
unset($app);
unset($app_id);
}
return ($failure == 0);
//error_log(__METHOD__."('$action', ".array2string($checked).', '.array2string($use_all).") sucess=$success, failed=$failed, action_msg='$action_msg', msg=".array2string($msg).' returning '.array2string(!$failed));
return !$failed;
}
public function get_javascript()