From 2dbe3e785ec4426b949179175e5b23f5d7af89b8 Mon Sep 17 00:00:00 2001
From: nathangray <nathangray.bsc+github@gmail.com>
Date: Tue, 7 Mar 2017 11:08:26 -0700
Subject: [PATCH] Calendar - Remove contacts matching accounts user has no
 access to so nobody selects it thinking they are selecting the user account

---
 ...ss.calendar_owner_etemplate_widget.inc.php | 53 +++++++++++++------
 1 file changed, 38 insertions(+), 15 deletions(-)

diff --git a/calendar/inc/class.calendar_owner_etemplate_widget.inc.php b/calendar/inc/class.calendar_owner_etemplate_widget.inc.php
index 52298f582d..51959bae01 100644
--- a/calendar/inc/class.calendar_owner_etemplate_widget.inc.php
+++ b/calendar/inc/class.calendar_owner_etemplate_widget.inc.php
@@ -146,6 +146,11 @@ class calendar_owner_etemplate_widget extends Etemplate\Widget\Taglist
 			array_diff_key($_REQUEST, array_flip(array('menuaction','query')));
 		$results = array();
 
+		// Contacts matching accounts the user does not have permission for cause
+		// confusion as user selects the contact and there's nothing there, so
+		// we remove those contacts
+		$remove_contacts = array();
+
 		$resources = array_merge(array('' => $bo->resources['']),$bo->resources);
 		foreach($resources as $type => $data)
 		{
@@ -159,34 +164,52 @@ class calendar_owner_etemplate_widget extends Etemplate\Widget\Taglist
 				$_results += Api\Accounts::link_query($query, $account_options);
 				if (!empty($_REQUEST['checkgrants']))
 				{
-					$_results = array_intersect_key($_results, $GLOBALS['egw']->acl->get_grants('calendar'));
+					$grants = $GLOBALS['egw']->acl->get_grants('calendar');
+					$remove_contacts = array_diff_key($_results, $grants);
+					$_results = array_intersect_key($_results, $grants);
 				}
 			}
+			// App provides a custom search function
 			else if ($data['app'] && $data['search'])
 			{
 				$_results = call_user_func_array($data['search'], array($query, $options));
 			}
+			// Use standard link registry
 			else if ($data['app'] && Link::get_registry($data['app'], 'query'))
 			{
 				$_results = Link::query($data['app'], $query,$options);
 			}
-			if ($type == 'l')
+
+			// There are always special cases
+			switch ($type)
 			{
-				// Include mailing lists
-				$contacts_obj = new Api\Contacts();
-				$lists = array_filter(
-					$contacts_obj->get_lists(Api\Acl::READ),
-					function($element) use($query) {
-						return (stripos($element, $query) !== false);
+				case 'c':
+					// Remove contacts matching excluded accounts
+					foreach($_results as $key => $title)
+					{
+						if(in_array($title, $remove_contacts) || is_array($title) && in_array($title['label'], $remove_contacts))
+						{
+							unset($_results[$key]);
+						}
 					}
-				);
-				foreach($lists as $list_id => $list)
-				{
-					$_results[$list_id] = array(
-						'label' => $list,
-						'resources' => $bo->enum_mailing_list($type.$list_id)
+					break;
+				case 'l':
+					// Include mailing lists
+					$contacts_obj = new Api\Contacts();
+					$lists = array_filter(
+						$contacts_obj->get_lists(Api\Acl::READ),
+						function($element) use($query) {
+							return (stripos($element, $query) !== false);
+						}
 					);
-				}
+					foreach($lists as $list_id => $list)
+					{
+						$_results[$list_id] = array(
+							'label' => $list,
+							'resources' => $bo->enum_mailing_list($type.$list_id)
+						);
+					}
+					break;
 			}
 			if(!$_results)
 			{