diff --git a/admin/inc/class.admin_acl.inc.php b/admin/inc/class.admin_acl.inc.php index 3edd9599fb..8cd3e68618 100644 --- a/admin/inc/class.admin_acl.inc.php +++ b/admin/inc/class.admin_acl.inc.php @@ -356,6 +356,10 @@ class admin_acl //error_log(__METHOD__."() $n: ".array2string($row)); } //error_log(__METHOD__."(".array2string($query).") returning ".$total); + + // Get updated apps permission + $rows['acl_apps'] = $GLOBALS['egw']->acl->get_app_list_for_id('run', acl::READ, $query['account_id']); + return $total; } @@ -405,7 +409,7 @@ class admin_acl self::check_access($account_id, $location); // throws exception, if no rights $acl = $GLOBALS['egw']->acl; - + if (!(int)$rights) // this also handles taking away all rights as delete { $acl->delete_repository($app, $location, $account_id); @@ -417,7 +421,7 @@ class admin_acl } if (!(int)$rights) { - if (count(ids) > 1) + if (count($ids) > 1) { $msg = lang('%1 ACL entries deleted.', count($ids)); } @@ -449,6 +453,7 @@ class admin_acl $content = array(); $account_id = isset($_GET['account_id']) && (int)$_GET['account_id'] ? (int)$_GET['account_id'] : $GLOBALS['egw_info']['user']['account_id']; + $acl_apps = $GLOBALS['egw']->acl->get_app_list_for_id('run', acl::READ, $account_id); $content['nm'] = array( 'get_rows' => 'admin_acl::get_rows', 'no_cat' => true, @@ -467,9 +472,10 @@ class admin_acl 'location' => 'acl_rights', 'owner' => $account_id, ), array(), true), + // Client side is much easier if we send an array + 'acl_apps' => $acl_apps ? $acl_apps : array() ); $user = common::grab_owner_name($content['nm']['account_id']); - $content['acl_apps'] = $GLOBALS['egw']->acl->get_app_list_for_id('run', acl::READ, $account_id); $sel_options = array( 'filter' => array( 'other' => lang('Access to %1 data by others', $user), diff --git a/admin/js/app.js b/admin/js/app.js index f392cf04b6..881ca87f9a 100644 --- a/admin/js/app.js +++ b/admin/js/app.js @@ -396,7 +396,7 @@ app.classes.admin = AppJS.extend( if(content.acl_location == 'run') { // These are the apps the account has access to - content.apps = this.et2.getArrayMgr('content').getEntry('acl_apps')||''; + content.apps = this.et2.getWidgetById('nm').getArrayMgr('content').getEntry('acl_apps')||[]; } else { @@ -449,7 +449,7 @@ app.classes.admin = AppJS.extend( if(_button_id != et2_dialog.OK_BUTTON) return; // Only send the request if they entered everything - if(_value.acl_appname && _value.acl_account && _value.acl_location) + if(_value.acl_account && (_value.acl_appname && _value.acl_location || _value.apps)) { var id = _value.acl_appname+':'+_value.acl_account+':'+_value.acl_location; var rights = 0; @@ -457,6 +457,41 @@ app.classes.admin = AppJS.extend( { rights += parseInt(_value.acl[i]); } + if(_value.apps && !_value.acl_appname) + { + id = []; + rights = 1; + var removed = []; + + // Loop through all apps, remove the ones with no permission + for(var app in sel_options.apps) + { + var run_id = app+":"+_value.acl_account+":run"; + if(_value.apps.indexOf(app) < 0 && content.apps.indexOf(app) >= 0) + { + removed.push(run_id); + } + else if (_value.apps.indexOf(app) >= 0 && content.apps.indexOf(app) < 0) + { + id.push(run_id) + } + } + + // Update value in list + var list = this.et2.getWidgetById('nm').getArrayMgr('content').getEntry('acl_apps',true); + list.length = 0; + for(var app in _value.apps) + { + list.push(_value.apps[app]); + } + + // Remove any removed + if(removed.length > 0) + { + this.egw.json(className+'::ajax_change_acl', [removed, 0], this._acl_callback,this,false,this) + .sendRequest(); + } + } this.egw.json(className+'::ajax_change_acl', [id, rights], this._acl_callback,this,false,this) .sendRequest(); }