From 55fc673dc5eee80dcb0ff116987097ee97886331 Mon Sep 17 00:00:00 2001
From: Ralf Becker <ralfbecker@outdoor-training.de>
Date: Thu, 19 Nov 2009 18:56:04 +0000
Subject: [PATCH] - new configurable invitation ACL: Require an ACL grant to
 invite other   users and groups:   * No: Every user can invite other users
 and groups (default and old     behavior)   * Groups: other users can allways
 be invited, only groups require an invite_grant   * Users + groups: inviting
 both allways requires an invite grant   One need to keep in mind, that
 setting an invitation ACL via a group,   gives each groupmember the right to
 invite the group / create a group   event. So the last option propable only
 works, if users manage   invitations grants on their own, or admin only sets
 it in small working   groups, where every member is allowed to invite the
 whole group.   --> calendar backend code removes participants a user is not
 allowed       to invite - new "only groupevents" filter, showing only real
 groupenvents not   events of groupmembers (added tooltips to explain filters)

---
 calendar/inc/class.calendar_bo.inc.php        | 22 ++++-
 calendar/inc/class.calendar_boupdate.inc.php  | 85 +++++++++++++++----
 calendar/inc/class.calendar_ui.inc.php        | 28 +++---
 calendar/inc/class.calendar_uiforms.inc.php   | 31 +++++--
 calendar/setup/egw_de.lang                    | 31 ++++++-
 calendar/setup/egw_en.lang                    | 29 +++++++
 calendar/templates/default/config.tpl         | 12 ++-
 .../templates/default/preference_acl_row.tpl  |  1 +
 .../templates/default/preference_colspan.tpl  |  1 +
 9 files changed, 203 insertions(+), 37 deletions(-)

diff --git a/calendar/inc/class.calendar_bo.inc.php b/calendar/inc/class.calendar_bo.inc.php
index 365ff4ed1c..8b8f438419 100644
--- a/calendar/inc/class.calendar_bo.inc.php
+++ b/calendar/inc/class.calendar_bo.inc.php
@@ -22,6 +22,10 @@ if (!defined('ACL_TYPE_IDENTIFER'))	// used to mark ACL-values for the debug_mes
  */
 define('EGW_ACL_READ_FOR_PARTICIPANTS',EGW_ACL_CUSTOM_1);
 define('EGW_ACL_FREEBUSY',EGW_ACL_CUSTOM_2);
+/**
+ * Allows to invite an other user (if configured to be used!)
+ */
+define('EGW_ACL_INVITE',EGW_ACL_CUSTOM_3);
 
 /**
  * Required (!) include, as we use the MCAL_* constants, BEFORE instanciating (and therefore autoloading) the class
@@ -154,6 +158,13 @@ class calendar_bo
 	 */
 	var $datetime;
 
+	/**
+	 * Does a user require an extra invite grant, to be able to invite an other user, default no
+	 *
+	 * @var boolean
+	 */
+	public $require_acl_invite = false;
+
 	/**
 	 * Constructor
 	 */
@@ -196,7 +207,9 @@ class calendar_bo
 		}
 		//echo "registered resources="; _debug_array($this->resources);
 
-		$this->config = config::read('calendar');
+		$this->config = config::read('calendar');	// only used for horizont, regular calendar config is under phpgwapi
+
+		$this->require_acl_invite = $GLOBALS['egw_info']['server']['require_acl_invite'];
 	}
 
 	/**
@@ -333,6 +346,8 @@ class calendar_bo
 			// for groups we have to include the members
 			if ($GLOBALS['egw']->accounts->get_type($user) == 'g')
 			{
+				if ($params['filter'] == 'no-enum-groups') continue;
+
 				$members = $GLOBALS['egw']->accounts->member($user);
 				if (is_array($members))
 				{
@@ -362,6 +377,11 @@ class calendar_bo
 				}
 			}
 		}
+		// replace (by so not understood filter 'no-enum-groups' with 'default' filter
+		if ($params['filter'] == 'no-enum-groups')
+		{
+			$params['filter'] = 'default';
+		}
 		// if we have no grants from the given user(s), we directly return no events / an empty array,
 		// as calling the so-layer without users would give the events of all users (!)
 		if (!count($users))
diff --git a/calendar/inc/class.calendar_boupdate.inc.php b/calendar/inc/class.calendar_boupdate.inc.php
index 6718b68561..995ed61116 100644
--- a/calendar/inc/class.calendar_boupdate.inc.php
+++ b/calendar/inc/class.calendar_boupdate.inc.php
@@ -119,7 +119,23 @@ class calendar_boupdate extends calendar_bo
 		{
 			return false;
 		}
-
+		if (!($new_event = !(int)$event['id']))
+		{
+			$old_event = $this->read((int)$event['id'],null,$ignore_acl);
+			// if no participants are set, set them from the old event, as we might need them to update recuring events
+			if (!isset($event['participants'])) $event['participants'] = $old_event['participants'];
+			//echo "old $event[id]="; _debug_array($old_event);
+		}
+		else
+		{
+			$event['created'] = $this->now_su;
+			$event['creator'] = $GLOBALS['egw_info']['user']['account_id'];
+		}
+		// do we need to check, if user is allowed to invite the invited participants
+		if ($this->require_acl_invite && ($removed = $this->remove_no_acl_invite($event,$old_event)))
+		{
+			// todo: report removed participants back to user
+		}
 		// check for conflicts only happens !$ignore_conflicts AND if start + end date are given
 		if (!$ignore_conflicts && !$event['non_blocking'] && isset($event['start']) && isset($event['end']))
 		{
@@ -250,18 +266,6 @@ class calendar_boupdate extends calendar_bo
 			$event['modified'] = $this->now_su;	// we are still in user-time
 			$event['modifier'] = $GLOBALS['egw_info']['user']['account_id'];
 		}
-		if (!($new_event = !(int)$event['id']))
-		{
-			$old_event = $this->read((int)$event['id'],null,$ignore_acl);
-			// if no participants are set, set them from the old event, as we might need them to update recuring events
-			if (!isset($event['participants'])) $event['participants'] = $old_event['participants'];
-			//echo "old $event[id]="; _debug_array($old_event);
-		}
-		else
-		{
-			$event['created'] = $this->now_su;
-			$event['creator'] = $GLOBALS['egw_info']['user']['account_id'];
-		}
 		//echo "saving $event[id]="; _debug_array($event);
 		$event2save = $event;
 
@@ -293,6 +297,53 @@ class calendar_boupdate extends calendar_bo
 		return $cal_id;
 	}
 
+	/**
+	 * Remove participants current user has no right to invite
+	 *
+	 * @param array &$event new event
+	 * @param array $old_event=null old event with already invited participants
+	 * @return array removed participants because of missing invite grants
+	 */
+	public function remove_no_acl_invite(array &$event,array $old_event=null)
+	{
+		if (!$this->require_acl_invite)
+		{
+			return array();	// nothing to check, everyone can invite everyone else
+		}
+		if ($event['id'] && is_null($old_event))
+		{
+			$old_event = $this->read($event['id']);
+		}
+		$removed = array();
+		foreach($event['participants'] as $uid => $status)
+		{
+			if ((is_null($old_event) || !in_array($old_event['participants'][$uid])) && !$this->check_acl_invite($uid))
+			{
+				unset($event['participants'][$uid]);	// remove participant
+				$removed[] = $uid;
+			}
+		}
+		echo "<p>".__METHOD__."($event[title],".($old_event?'$old_event':'NULL').") returning ".array2string($removed)."</p>";
+		return $removed;
+	}
+
+	/**
+	 * Check if current user is allowed to invite a given participant
+	 *
+	 * @param int|string $uid
+	 * @return boolean
+	 */
+	public function check_acl_invite($uid)
+	{
+		if (!is_numeric($uid)) return true;	// nothing implemented for resources so far
+
+		if ($this->require_acl_invite == 'group' && $GLOBALS['egw']->accounts->get_type($uid) != 'g')
+		{
+			return true;	// grant only required for groups
+		}
+		return $this->check_perms(EGW_ACL_INVITE,0,$uid);
+	}
+
 	/**
 	 * Check for added, modified or deleted participants AND notify them
 	 *
@@ -1080,7 +1131,7 @@ class calendar_boupdate extends calendar_bo
 		{
 			$this->categories = new categories($this->user,'calendar');
 		}
-		
+
 		if($cal_id && $cal_id > 0)
 		{
 			// preserve categories without users read access
@@ -1104,7 +1155,7 @@ class calendar_boupdate extends calendar_bo
 		{
 			$cat_name = trim($cat_name);
 			$cat_id = $this->categories->name2id($cat_name, 'X-');
-			
+
 			if (!$cat_id)
 			{
 				// some SyncML clients (mostly phones) add an X- to the category names
@@ -1120,7 +1171,7 @@ class calendar_boupdate extends calendar_bo
 				$cat_id_list[] = $cat_id;
 			}
 		}
-		
+
 		if(is_array($old_cats_preserve) && count($old_cats_preserve) > 0)
 		{
 			$cat_id_list = array_merge($cat_id_list, $old_cats_preserve);
@@ -1149,7 +1200,7 @@ class calendar_boupdate extends calendar_bo
 		$cat_list = array();
 		foreach($cat_id_list as $cat_id)
 		{
-			if ($cat_id && $this->categories->check_perms(EGW_ACL_READ, $cat_id) && 
+			if ($cat_id && $this->categories->check_perms(EGW_ACL_READ, $cat_id) &&
 					($cat_name = $this->categories->id2name($cat_id)) && $cat_name != '--')
 			{
 				$cat_list[] = $cat_name;
diff --git a/calendar/inc/class.calendar_ui.inc.php b/calendar/inc/class.calendar_ui.inc.php
index 10183541b6..b3e1512c67 100644
--- a/calendar/inc/class.calendar_ui.inc.php
+++ b/calendar/inc/class.calendar_ui.inc.php
@@ -578,6 +578,13 @@ class calendar_ui
 		}
 		$views .= "</tr></table>\n";
 
+		// hack to disable invite ACL column, if not enabled in config
+		if ($_GET['menuaction'] == 'preferences.uiaclprefs.index' &&
+			(!$this->bo->require_acl_invite || $this->bo->require_acl_invite == 'groups' && !($_REQUEST['owner'] < 0)))
+		{
+			$views .= "<style type='text/css'>\n\t.aclInviteColumn { display: none; }\n</style>\n";
+		}
+
 		$file[++$n] = array('text' => $views,'no_lang' => True,'link' => False,'icon' => False);
 
 		// special views and view-options menu
@@ -696,17 +703,19 @@ class calendar_ui
 		// Filter all or hideprivate
 		$options = '';
 		foreach(array(
-			'default'     => lang('Not rejected'),
-			'accepted'    => lang('Accepted'),
-			'unknown'     => lang('Invitations'),
-			'tentative'   => lang('Tentative'),
-			'rejected'    => lang('Rejected'),
-			'owner'       => lang('Owner too'),
-			'all'         => lang('All incl. rejected'),
-			'hideprivate' => lang('Hide private infos'),
+			'default'     => array(lang('Not rejected'), lang('Show all status, but rejected')),
+			'accepted'    => array(lang('Accepted'), lang('Show only accepted events')),
+			'unknown'     => array(lang('Invitations'), lang('Show only invitations, not yet accepted or rejected')),
+			'tentative'   => array(lang('Tentative'), lang('Show only tentative accepted events')),
+			'rejected'    => array(lang('Rejected'),lang('Show only rejected events')),
+			'owner'       => array(lang('Owner too'),lang('Show also events just owned by selected user')),
+			'all'         => array(lang('All incl. rejected'),lang('Show all status incl. rejected events')),
+			'hideprivate' => array(lang('Hide private infos'),lang('Show all events, as if they were private')),
+			'no-enum-groups' => array(lang('only group-events'),lang('Do not include events of group members')),
 		) as $value => $label)
 		{
-			$options .= '<option value="'.$value.'"'.($this->filter == $value ? ' selected="selected"' : '').'>'.$label.'</options>'."\n";
+			list($label,$title) = $label;
+			$options .= '<option value="'.$value.'"'.($this->filter == $value ? ' selected="selected"' : '').' title="'.$title.'">'.$label.'</options>'."\n";
 		}
 		$file[] = $this->_select_box('Filter','filter',$options,$baseurl ? $baseurl.'&filter=' : '');
 
@@ -801,7 +810,6 @@ function load_cal(url,id) {
 			display_sidebox($appname,$menu_title,$file);
 		}
 
-
 		if ($GLOBALS['egw_info']['user']['apps']['preferences'])
 		{
 			$menu_title = lang('Preferences');
diff --git a/calendar/inc/class.calendar_uiforms.inc.php b/calendar/inc/class.calendar_uiforms.inc.php
index 2a408bbfb7..fb60cf22a0 100644
--- a/calendar/inc/class.calendar_uiforms.inc.php
+++ b/calendar/inc/class.calendar_uiforms.inc.php
@@ -121,6 +121,8 @@ class calendar_uiforms extends calendar_ui
 		{
 			if (isset($participants[$uid])) continue;	// already included
 
+			if (!$this->bo->check_acl_invite($uid)) continue;	// no right to invite --> ignored
+
 			if (is_numeric($uid))
 			{
 				$participants[$uid] = $participant_types['u'][$uid] =
@@ -137,6 +139,10 @@ class calendar_uiforms extends calendar_ui
 				}
 			}
 		}
+		if (!$participants)	// if all participants got removed, include current user
+		{
+			$participants[$this->user] = $participant_types['u'][$this->user] = calendar_so::combine_status('A','CHAIR');
+		}
 		return array(
 			'participant_types' => $participant_types,
 			'participants' => $participants,
@@ -241,6 +247,7 @@ class calendar_uiforms extends calendar_ui
 					case 'quantity':	// handled in new_resource
 					case 'role':		// handled in add, account or resource
 					case 'cal_resources':
+					case 'status_date':
 						break;
 
 					case 'add':
@@ -250,8 +257,8 @@ class calendar_uiforms extends calendar_ui
 							(preg_match('/^(.*<)?([a-z0-9_.-]+@[a-z0-9_.-]{5,})>?$/i',$email,$matches)))
 						{
 							$status = calendar_so::combine_status('U',$content['participants']['quantity'],$content['participants']['role']);
-							// check if email belongs to account or contact --> prefer them over just emails
-							if (($data = $GLOBALS['egw']->accounts->name2id($matches[2],'account_email')))
+							// check if email belongs to account or contact --> prefer them over just emails (if we are allowed to invite him)
+							if (($data = $GLOBALS['egw']->accounts->name2id($matches[2],'account_email')) && $this->bo->check_acl_invite($data))
 							{
 								$event['participants'][$data] = $event['participant_types']['u'][$data] = $status;
 							}
@@ -285,7 +292,7 @@ class calendar_uiforms extends calendar_ui
 						foreach($this->bo->resources as $type => $data) if ($data['app'] == $app) break;
 						$uid = $this->bo->resources[$type]['app'] == $app ? $type.$id : false;
 						// check if new entry is no account (or contact entry of an account)
-						if ($app != 'addressbook' || !($data = $GLOBALS['egw']->accounts->name2id($id,'person_id')))
+						if ($app != 'addressbook' || !($data = $GLOBALS['egw']->accounts->name2id($id,'person_id')) || !$this->bo->check_acl($data))
 						{
 							if ($uid && $id)
 							{
@@ -295,9 +302,10 @@ class calendar_uiforms extends calendar_ui
 									$event['participants'][$uid] = $event['participant_types'][$type][$id] =
 										calendar_so::combine_status($status,$content['participants']['quantity'],$content['participants']['role']);
 								}
-								else
+								elseif(!$msg_permission_denied_added)
 								{
 									$msg .= lang('Permission denied!');
+									$msg_permission_denied_added = true;
 								}
 							}
 							break;
@@ -306,8 +314,16 @@ class calendar_uiforms extends calendar_ui
 					case 'account':
 						foreach(is_array($data) ? $data : explode(',',$data) as $uid)
 						{
-							if ($uid) $event['participants'][$uid] = $event['participant_types']['u'][$uid] =
-								calendar_so::combine_status($uid == $this->bo->user ? 'A' : 'U',1,$content['participants']['role']);
+							if ($uid && $this->bo->check_acl_invite($uid))
+							{
+								$event['participants'][$uid] = $event['participant_types']['u'][$uid] =
+									calendar_so::combine_status($uid == $this->bo->user ? 'A' : 'U',1,$content['participants']['role']);
+							}
+							elseif($uid && !$msg_permission_denied_added)
+							{
+								$msg .= lang('Permission denied!');
+								$msg_permission_denied_added = true;
+							}
 						}
 						break;
 
@@ -332,8 +348,9 @@ class calendar_uiforms extends calendar_ui
 								$id = substr($uid,1);
 								$type = $uid[0];
 							}
-							if ($data['old_status'] != $status)
+							if ($data['old_status'] != $status && !(!$data['old_status'] && $status == 'G'))
 							{
+								//echo "<p>$uid: status changed '$data[old_status]' --> '$status<'/p>\n";
 								if ($this->bo->set_status($event['id'],$uid,$status,isset($content['edit_single']) ? $content['participants']['status_date'] : 0))
 								{
 									// refreshing the calendar-view with the changed participant-status
diff --git a/calendar/setup/egw_de.lang b/calendar/setup/egw_de.lang
index 53fce37e41..23b8ec8d9d 100644
--- a/calendar/setup/egw_de.lang
+++ b/calendar/setup/egw_de.lang
@@ -70,6 +70,7 @@ csv-filename	calendar	de	CSV-Dateiname
 custom fields	common	de	Benutzerdefinierte Felder
 custom_2	common	de	freebussy
 daily	calendar	de	Täglich
+day	calendar	de	Tat
 days	calendar	de	Tage
 days of the week for a weekly repeated event	calendar	de	Wochentage für wöchentlich wiederholten Termin
 days repeated	calendar	de	wiederholte Tage
@@ -92,6 +93,7 @@ disinvited	calendar	de	Ausgeladen
 display status of events	calendar	de	Status von Terminen anzeigen
 displayed view	calendar	de	Ansicht
 displays your default calendar view on the startpage (page you get when you enter egroupware or click on the homepage icon)?	calendar	de	Zeigt Ihre Standard-Kalender-Ansicht auf der Startseite angezeigt werden (die Seite die sich nach dem Login öffnet oder wenn Sie auf Home klicken)?
+do not include events of group members	calendar	de	Zeige nicht die Termine der Gruppenmitglieder
 do you want a weekview with or without weekend?	calendar	de	Wollen Sie eine Wochenansicht mit oder ohne Wochenende?
 do you want to be notified about new or changed appointments? you be notified about changes you make yourself.<br>you can limit the notifications to certain changes only. each item includes all the notification listed above it. all modifications include changes of title, description, participants, but no participant responses. if the owner of an event requested any notifcations, he will always get the participant responses like acceptions and rejections too.	calendar	de	Wollen Sie über neue oder geänderte Termine benachrichtigt werden? Sie werden nie über eigene Änderungen benachrichtig.<br>Sie können die Benachrichtigungen auf verschiedene Änderungen begrenzen. Jede Zeile enthält die Benachrichtigungen der darüberliegenden. Alle Änderungen umfasst den Title, die Beschreibung, Teilnehmer, aber keine Antworten der Teilnehmer. Wenn der Ersteller eines Event irgendeine Benachrichtigung will, erhält er automatisch auch die Antworten der Teilnehmer, wie Zusagen und Absagen.
 do you want to edit serialevent als exception? - ok = edit exception, abort = edit serial	calendar	de	Möchten Sie den Termin der Serie als Ausnahme bearbeiten? Klicken Sie OK um den Termin als Einzeltermin (Ausnahme) zu bearbeiten, Abbrechen um die Terminserie zu verändern.
@@ -102,6 +104,7 @@ download this event as ical	calendar	de	Termin als iCal herunterladen
 duration of the meeting	calendar	de	Dauer des Termins
 edit exception	calendar	de	Ausname bearbeiten
 edit series	calendar	de	Serie bearbeiten
+edit status or alarms for this particular day	calendar	de	Bearbeite Status oder Alarme für diesen speziellen Tag
 edit this event	calendar	de	Diesen Termin bearbeiten
 edit this series of recuring events	calendar	de	Diese Serie von wiederholenden Terminen bearbeiten
 empty for all	calendar	de	leer für alle
@@ -123,6 +126,7 @@ event deleted	calendar	de	Termin gelöscht
 event details follow	calendar	de	Details zum Termin folgen
 event saved	calendar	de	Termin gespeichert
 event will occupy the whole day	calendar	de	Termin nimmt den ganzen Tag ein
+every user can invite other users and groups	admin	de	Jeder Benutzer kann andere Benutzer und Gruppen einladen
 exception	calendar	de	Ausnahme
 exception created - you can now edit or delete it	calendar	de	Ausnahme erzeugt - Sie können sie jetzt bearbeiten oder löschen
 exceptions	calendar	de	Ausnahmen
@@ -156,6 +160,7 @@ group invitation	calendar	de	Gruppeneinladung
 group planner	calendar	de	Gruppenplaner
 group public only	calendar	de	Gruppen-Öffentlich
 groupmember(s) %1 not included, because you have no access.	calendar	de	Gruppenmitglied(er) %1 nicht enthalten, da Sie keinen Zugriff haben.
+groups: other users can allways be invited, only groups require an invite grant	admin	de	Gruppen: andere Benutzer können immer eingeladen werden, nur Gruppen benötigen eine Freigabe
 h	calendar	de	h
 here is your requested alarm.	calendar	de	Hier ist ihr bestellter Alarm.
 hide private infos	calendar	de	Private Informationen ausblenden
@@ -182,6 +187,7 @@ imports events into your calendar from a csv file. csv means 'comma seperated va
 interval	calendar	de	Intervall
 invalid email-address "%1" for user %2	calendar	de	Ungültige E-Mail-Adresse "%1" für Benutzer %2
 invitations	calendar	de	Einladungen
+invite	calendar	de	Einladen
 last	calendar	de	letzte
 lastname of person to notify	calendar	de	Nachname der zu benachrichtigenden Person
 length of the time interval	calendar	de	Länge des Zeitintervals
@@ -202,6 +208,7 @@ monthly (by date)	calendar	de	Monatlich (nach Datum)
 monthly (by day)	calendar	de	Monatlich (nach Wochentag)
 monthview	calendar	de	Monatsansicht
 multiple week view	calendar	de	Mehrwochenansicht
+needs action	calendar	de	Zu erledigen
 new search with the above parameters	calendar	de	neue Suche mit den obigen Parametern
 no events found	calendar	de	Keine Termine gefunden
 no filter	calendar	de	Kein Filter
@@ -210,6 +217,7 @@ no response	calendar	de	Keine Antwort
 non blocking	calendar	de	nicht blockierend
 not	calendar	de	nicht
 not rejected	calendar	de	Nicht abgesagt
+nothing to update, version is already %1.	calendar	de	Nichts upgedatet, Version ist bereits %1.
 notification messages for added events	calendar	de	Benachrichtigungstext für neue Termine
 notification messages for canceled events	calendar	de	Benachrichtigungstext für stornierte Termine
 notification messages for disinvited participants	calendar	de	Benachrichtigung für ausgeladene Teilnehmer
@@ -217,6 +225,7 @@ notification messages for modified events	calendar	de	Benachrichtigungstext für
 notification messages for your alarms	calendar	de	Benachrichtigungstext für Ihre Alarme
 notification messages for your responses	calendar	de	Benachrichtigungstext für Ihre Antworten
 number of records to read (%1)	calendar	de	Anzeil Datensätze zu lesen (%1)
+number of weeks to show	calendar	de	Anzahl Wochen anzuzeigen
 observance rule	calendar	de	Observance Rule
 occurence	calendar	de	Wiederholung
 old startdate	calendar	de	Altes Startdatum
@@ -229,6 +238,7 @@ on time change of more than 4 hours too	calendar	de	bei zeitlichen Änderungen g
 one month	calendar	de	ein Monat
 one week	calendar	de	eine Woche
 one year	calendar	de	ein Jahr
+only group-events	calendar	de	nur Gruppentermine
 only the initial date of that recuring event is checked!	calendar	de	Nur das Startdatum diese wiederholenden Termins wird geprüft!
 open todo's:	calendar	de	unerledigte Aufgaben:
 optional	calendar	de	Optional
@@ -263,6 +273,7 @@ repeating interval, eg. 2 to repeat every second week	calendar	de	Wiederholungsi
 repetition	calendar	de	Wiederholung
 repetitiondetails (or empty)	calendar	de	Details der Wiederholung (oder leer)
 requested	calendar	de	Erforderlich
+require an acl grant to invite other users and groups	admin	de	Freigabe um andere Benutzer oder Gruppen einzuladen erforderlich
 reset	calendar	de	Zurücksetzen
 resources	calendar	de	Ressourcen
 resources except conflicting ones	calendar	de	Ressourcen ausgenommen bereits gebuchte
@@ -270,6 +281,7 @@ resources with conflict detection	calendar	de	Ressourcen mit bereits gebuchten
 role	calendar	de	Rolle
 rule	calendar	de	Regel
 sat	calendar	de	Sa
+save event as exception - delete single occurrence - edit status or alarms for this particular day	calendar	de	Termin als Ausnahme speichern - Einzelne Ausnahme löschen - Status oder Alarm dieses Tages bearbeiten
 saves the changes made	calendar	de	Speichert die Änderungen
 saves the event ignoring the conflict	calendar	de	Speichert den Konflikt ignorierend den Termin
 scheduling conflict	calendar	de	Terminüberschneidung
@@ -287,10 +299,18 @@ should not loged in persons be able to see your freebusy information? you can se
 should not loged in persons be able to see your freebusy information? you can set an extra password, different from your normal password, to protect this informations. the freebusy information is in ical format and only include the times when you are busy. it does not include the event-name, description or locations. the url to your freebusy information is <a href="http://localhost/egroupware/calendar/freebusy.php?user=stivi" target="_blank">http://localhost/egroupware/calendar/freebusy.php?user=stivi</a>.	calendar	de	Sollten Ihre Free/Bussy Zeiten nicht so geschützt sein das diese Daten nur bestimmten Personen zugänglich gemacht werden können? Sie können dafür ein Passwort, abweichend fom eGroupware Passwort vergeben. Die freebusy Information sind im iCal Format und nur dann inkludiert, wenn Sie keine Zeit haben. Die Eventnamen oder  die Veranstaltungsorte werden nicht mit übertragen. Die URL zu den freebusy Information ist <a href="http://localhost/egroupware/calendar/freebusy.php?user=stivi" target="_blank">http://localhost/egroupware/calendar/freebusy.php?user=stivi</a>.
 should the planner display an empty row for users or categories without any appointment.	calendar	de	Soll der Planer eine leere Zeile für Benutzer oder Kategorien ohne einen Termin anzeigen.
 should the status of the event-participants (accept, reject, ...) be shown in brakets after each participants name ?	calendar	de	Soll der Status (Zugesagt,Abgesagt ...)der Termin- Teilnehmer in Klammern hinter jeden Teilnehmer angezeigt werden?
+show all events, as if they were private	calendar	de	Zeige alle Termine, so als wären sie privat
+show all status incl. rejected events	calendar	de	Zeige alle Status einschl. abgesagte Termine
+show all status, but rejected	calendar	de	Zeige alle Status außer abgesagte Termine
+show also events just owned by selected user	calendar	de	Zeige zusätzlich Termine die dem ausgewählten Benutzer nur gehören
 show birthdays from addressbook	admin	de	Zeige Geburtstage vom Adressbuch
 show default view on main screen	calendar	de	Standardansicht auf der Startseite anzeigen
 show empty rows in planner	calendar	de	Zeige leere Zeilen im Planer
 show list of upcoming events	calendar	de	Zeige eine Liste der kommenden Termine
+show only accepted events	calendar	de	Zeige nur zugesagte Termine
+show only invitations, not yet accepted or rejected	calendar	de	Zeige nur Einladungen, nicht bereits zu- oder abgesagte Termine
+show only rejected events	calendar	de	Zeige nur abgesagte Termine
+show only tentative accepted events	calendar	de	Zeige nur vorläufig zugesagte Termine
 show only the date, not the year	admin	de	Zeige nur das Datum nicht das Jahr
 show this month	calendar	de	Diesen Monat anzeigen
 show this week	calendar	de	Diese Woche anzeigen
@@ -302,7 +322,9 @@ startdate and -time of the search	calendar	de	Startdatum und -zeit der Suche
 startdate of the export	calendar	de	Startdatum des Exports
 startrecord	calendar	de	Startdatensatz
 status changed	calendar	de	Status geändert
-submit to repository	calendar	de	Übertragen zu eGroupWare.org
+status for all future scheduled days changed	calendar	de	Status alle zukünftig geplanten Termine geändert
+status for this particular day changed	calendar	de	Status für diesen Tage geändert
+submit to repository	calendar	de	Übertragen zu EGroupware.org
 sun	calendar	de	So
 tentative	calendar	de	Vorläufige Zusage
 test import (show importable records <u>only</u> in browser)	calendar	de	Test Import (zeigt importierte Datensätze <u>nur</u> im Webbrowser an)
@@ -327,15 +349,20 @@ timeframe	calendar	de	Zeitrahmen
 timeframe to search	calendar	de	Zeitrahmen für die Suche
 timezone	calendar	de	Zeitzone
 timezone in which recurrences have identical time	calendar	de	Zeitzone in der Wiederholungen zu identischer Uhrzeit stattfinden
+timezones updated to version %1 (%2 records updated).	calendar	de	Zeitzonen aktualisiert zu Version %1 (%2 Datensätze aktualisiert).
 title of the event	calendar	de	Titel des Termin
 to many might exceed your execution-time-limit	calendar	de	zu viele können ihre Laufzeitbeschränkung überschreiten
 translation	calendar	de	Übersetzung
 tue	calendar	de	Di
 two weeks	calendar	de	zwei Wochen
+update timezones	calendar	de	Zeitzonen aktualisieren
 updated	calendar	de	Aktualisiert
 use end date	calendar	de	Enddatum benutzen
 use the selected time and close the popup	calendar	de	benutzt die ausgewählte Zeit und schließt das Popup
 user or group	calendar	de	Benutzer oder Gruppe
+users + groups: inviting both allways requires an invite grant	admin	de	Benutzer + Gruppen: Einladungen beider brauchen eine Freigabe
+view exception	calendar	de	Ausnahme anzeigen
+view series	calendar	de	Terminserie anzeigen
 view this event	calendar	de	Diesen Termin anzeigen
 views with fixed time intervals	calendar	de	Ansichten mit festen Zeitintervallen
 wed	calendar	de	Mi
@@ -355,6 +382,8 @@ whole day	calendar	de	ganztägig
 wk	calendar	de	KW
 work day ends on	calendar	de	Arbeitstag endet um
 work day starts on	calendar	de	Arbeitstag beginnt um
+workday	calendar	de	Arbeitstag
+workdays	calendar	de	Arbeitstage
 yearly	calendar	de	Jährlich
 yearview	calendar	de	Jahresansicht
 you are not allowed to book the resource selected:	calendar	de	Sie sind nicht berechtigt die ausgewählte Ressource zu buchen.
diff --git a/calendar/setup/egw_en.lang b/calendar/setup/egw_en.lang
index 8eb0b87051..13ac184018 100644
--- a/calendar/setup/egw_en.lang
+++ b/calendar/setup/egw_en.lang
@@ -70,6 +70,7 @@ csv-filename	calendar	en	CSV-Filename
 custom fields	common	en	Custom fields
 custom_2	common	en	freebussy
 daily	calendar	en	Daily
+day	calendar	en	day
 days	calendar	en	days
 days of the week for a weekly repeated event	calendar	en	Days of the week for a weekly repeated event
 days repeated	calendar	en	days repeated
@@ -92,6 +93,7 @@ disinvited	calendar	en	Disinvited
 display status of events	calendar	en	Display status of events
 displayed view	calendar	en	displayed view
 displays your default calendar view on the startpage (page you get when you enter egroupware or click on the homepage icon)?	calendar	en	Displays your default calendar view on the startpage (page you get when you enter eGroupWare or click on the homepage icon)?
+do not include events of group members	calendar	en	Do not include events of group members
 do you want a weekview with or without weekend?	calendar	en	Do you want a weekview with or without weekend?
 do you want to be notified about new or changed appointments? you be notified about changes you make yourself.<br>you can limit the notifications to certain changes only. each item includes all the notification listed above it. all modifications include changes of title, description, participants, but no participant responses. if the owner of an event requested any notifcations, he will always get the participant responses like acceptions and rejections too.	calendar	en	Do you want to be notified about new or changed appointments? You be notified about changes you make yourself.<br>You can limit the notifications to certain changes only. Each item includes all the notification listed above it. All modifications include changes of title, description, participants, but no participant responses. If the owner of an event requested any notifcations, he will always get the participant responses like acceptions and rejections too.
 do you want to edit serialevent als exception? - ok = edit exception, abort = edit serial	calendar	en	Do you want to change the event for this particular day, or for all days?\nOK = Make a one-time change (create an Exception)\nCANCEL = Change the event for all scheduled days
@@ -102,6 +104,7 @@ download this event as ical	calendar	en	Download this event as iCal
 duration of the meeting	calendar	en	Duration of the meeting
 edit exception	calendar	en	Edit exception
 edit series	calendar	en	Edit series
+edit status or alarms for this particular day	calendar	en	Edit status or alarms for this particular day
 edit this event	calendar	en	Edit this event
 edit this series of recuring events	calendar	en	Edit this series of recuring events
 empty for all	calendar	en	empty for all
@@ -123,6 +126,7 @@ event deleted	calendar	en	Event deleted
 event details follow	calendar	en	Event Details follow
 event saved	calendar	en	Event saved
 event will occupy the whole day	calendar	en	Event will occupy the whole day
+every user can invite other users and groups	admin	en	Every user can invite other users and groups
 exception	calendar	en	Exception
 exception created - you can now edit or delete it	calendar	en	Exception created - you can now edit or delete it
 exceptions	calendar	en	Exceptions
@@ -156,6 +160,7 @@ group invitation	calendar	en	Group invitation
 group planner	calendar	en	Group planner
 group public only	calendar	en	group public only
 groupmember(s) %1 not included, because you have no access.	calendar	en	Groupmember(s) %1 not included, because you have no access.
+groups: other users can allways be invited, only groups require an invite grant	admin	en	Groups: other users can allways be invited, only groups require an invite grant
 h	calendar	en	h
 here is your requested alarm.	calendar	en	Here is your requested alarm.
 hide private infos	calendar	en	Hide private infos
@@ -182,6 +187,7 @@ imports events into your calendar from a csv file. csv means 'comma seperated va
 interval	calendar	en	Interval
 invalid email-address "%1" for user %2	calendar	en	Invalid email-address "%1" for user %2
 invitations	calendar	en	Invitations
+invite	calendar	en	invite
 last	calendar	en	Last
 lastname of person to notify	calendar	en	Lastname of person to notify
 length of the time interval	calendar	en	Length of the time interval
@@ -202,6 +208,7 @@ monthly (by date)	calendar	en	Monthly (by date)
 monthly (by day)	calendar	en	Monthly (by day)
 monthview	calendar	en	Monthview
 multiple week view	calendar	en	Multiple week view
+needs action	calendar	en	Needs action
 new search with the above parameters	calendar	en	new search with the above parameters
 no events found	calendar	en	No events found
 no filter	calendar	en	No filter
@@ -210,6 +217,7 @@ no response	calendar	en	No response
 non blocking	calendar	en	non blocking
 not	calendar	en	not
 not rejected	calendar	en	Not rejected
+nothing to update, version is already %1.	calendar	en	Nothing to update, version is already %1.
 notification messages for added events	calendar	en	Notification messages for added events
 notification messages for canceled events	calendar	en	Notification messages for canceled events
 notification messages for disinvited participants	calendar	en	Notification messages for disinvited participants
@@ -217,6 +225,7 @@ notification messages for modified events	calendar	en	Notification messages for
 notification messages for your alarms	calendar	en	Notification messages for your alarms
 notification messages for your responses	calendar	en	Notification messages for your responses
 number of records to read (%1)	calendar	en	Number of records to read (%1)
+number of weeks to show	calendar	en	Number of weeks to show
 observance rule	calendar	en	Observance Rule
 occurence	calendar	en	Occurence
 old startdate	calendar	en	Old Startdate
@@ -229,6 +238,7 @@ on time change of more than 4 hours too	calendar	en	on time change of more than
 one month	calendar	en	one month
 one week	calendar	en	one week
 one year	calendar	en	one year
+only group-events	calendar	en	only group-events
 only the initial date of that recuring event is checked!	calendar	en	Only the initial date of that recuring event is checked!
 open todo's:	calendar	en	open ToDo's:
 optional	calendar	en	Optional
@@ -263,6 +273,7 @@ repeating interval, eg. 2 to repeat every second week	calendar	en	repeating inte
 repetition	calendar	en	Repetition
 repetitiondetails (or empty)	calendar	en	Repetitiondetails (or empty)
 requested	calendar	en	Requested
+require an acl grant to invite other users and groups	admin	en	Require an ACL grant to invite other users and groups
 reset	calendar	en	Reset
 resources	calendar	en	Resources
 resources except conflicting ones	calendar	en	Resources except conflicting ones
@@ -270,6 +281,7 @@ resources with conflict detection	calendar	en	Resources with conflict detection
 role	calendar	en	Role
 rule	calendar	en	Rule
 sat	calendar	en	Sat
+save event as exception - delete single occurrence - edit status or alarms for this particular day	calendar	en	Save event as exception - Delete single occurrence - Edit status or alarms for this particular day
 saves the changes made	calendar	en	saves the changes made
 saves the event ignoring the conflict	calendar	en	Saves the event ignoring the conflict
 scheduling conflict	calendar	en	Scheduling conflict
@@ -287,10 +299,18 @@ should not loged in persons be able to see your freebusy information? you can se
 should not loged in persons be able to see your freebusy information? you can set an extra password, different from your normal password, to protect this informations. the freebusy information is in ical format and only include the times when you are busy. it does not include the event-name, description or locations. the url to your freebusy information is <a href="http://localhost/egroupware/calendar/freebusy.php?user=stivi" target="_blank">http://localhost/egroupware/calendar/freebusy.php?user=stivi</a>.	calendar	en	Should not loged in persons be able to see your freebusy information? You can set an extra password, different from your normal password, to protect this informations. The freebusy information is in iCal format and only include the times when you are busy. It does not include the event-name, description or locations. The URL to your freebusy information is <a href="http://localhost/egroupware/calendar/freebusy.php?user=stivi" target="_blank">http://localhost/egroupware/calendar/freebusy.php?user=stivi</a>.
 should the planner display an empty row for users or categories without any appointment.	calendar	en	Should the planner display an empty row for users or categories without any appointment.
 should the status of the event-participants (accept, reject, ...) be shown in brakets after each participants name ?	calendar	en	Should the status of the event-participants (accept, reject, ...) be shown in brakets after each participants name ?
+show all events, as if they were private	calendar	en	Show all events, as if they were private
+show all status incl. rejected events	calendar	en	Show all status incl. rejected events
+show all status, but rejected	calendar	en	Show all status, but rejected
+show also events just owned by selected user	calendar	en	Show also events just owned by selected user
 show birthdays from addressbook	admin	en	Show birthdays from addressbook
 show default view on main screen	calendar	en	show default view on main screen
 show empty rows in planner	calendar	en	Show empty rows in Planner
 show list of upcoming events	calendar	en	show list of upcoming events
+show only accepted events	calendar	en	Show only accepted events
+show only invitations, not yet accepted or rejected	calendar	en	Show only invitations, not yet accepted or rejected
+show only rejected events	calendar	en	Show only rejected events
+show only tentative accepted events	calendar	en	Show only tentative accepted events
 show only the date, not the year	admin	en	Show only the date, not the year
 show this month	calendar	en	show this month
 show this week	calendar	en	show this week
@@ -302,6 +322,8 @@ startdate and -time of the search	calendar	en	Startdate and -time of the search
 startdate of the export	calendar	en	Startdate of the export
 startrecord	calendar	en	Startrecord
 status changed	calendar	en	Status changed
+status for all future scheduled days changed	calendar	en	Status for all future scheduled days changed
+status for this particular day changed	calendar	en	Status for this particular day changed
 submit to repository	calendar	en	Submit to Repository
 sun	calendar	en	Sun
 tentative	calendar	en	Tentative
@@ -327,15 +349,20 @@ timeframe	calendar	en	Timeframe
 timeframe to search	calendar	en	Timeframe to search
 timezone	calendar	en	Timezone
 timezone in which recurrences have identical time	calendar	en	Timezone in which recurrences have identical time
+timezones updated to version %1 (%2 records updated).	calendar	en	Timezones updated to version %1 (%2 records updated).
 title of the event	calendar	en	Title of the event
 to many might exceed your execution-time-limit	calendar	en	to many might exceed your execution-time-limit
 translation	calendar	en	Translation
 tue	calendar	en	Tue
 two weeks	calendar	en	two weeks
+update timezones	calendar	en	Update timezones
 updated	calendar	en	Updated
 use end date	calendar	en	use end date
 use the selected time and close the popup	calendar	en	use the selected time and close the popup
 user or group	calendar	en	User or group
+users + groups: inviting both allways requires an invite grant	admin	en	Users + groups: inviting both allways requires an invite grant
+view exception	calendar	en	View exception
+view series	calendar	en	View series
 view this event	calendar	en	View this event
 views with fixed time intervals	calendar	en	Views with fixed time intervals
 wed	calendar	en	Wed
@@ -355,6 +382,8 @@ whole day	calendar	en	whole day
 wk	calendar	en	Wk
 work day ends on	calendar	en	work day ends on
 work day starts on	calendar	en	work day starts on
+workday	calendar	en	workday
+workdays	calendar	en	workdays
 yearly	calendar	en	Yearly
 yearview	calendar	en	yearview
 you are not allowed to book the resource selected:	calendar	en	You are not allowed to book the resource selected:
diff --git a/calendar/templates/default/config.tpl b/calendar/templates/default/config.tpl
index 550576b8f7..873d47fcf3 100644
--- a/calendar/templates/default/config.tpl
+++ b/calendar/templates/default/config.tpl
@@ -34,7 +34,7 @@
    </tr>
    <!-- lock setting -->
    <tr class="row_on">
-   <td>{lang_setting_lock_time_calender}:</td>
+    <td>{lang_setting_lock_time_calender}:</td>
     <td><input name="newsettings[Lock_Time_Calender]" value="{value_Lock_Time_Calender}" size="40"></td>
    </tr>
    <tr class="row_off">
@@ -47,6 +47,16 @@
     </td>
    </tr>
    <tr class="row_on">
+    <td>{lang_Require_an_ACL_grant_to_invite_other_users_and_groups}:</td>
+    <td>
+     <select name="newsettings[require_acl_invite]">
+      <option value="">{lang_No}: {lang_Every_user_can_invite_other_users_and_groups}</option>
+      <option value="groups"{selected_require_acl_invite_groups}>{lang_Groups:_other_users_can_allways_be_invited,_only_groups_require_an_invite_grant}</option>
+      <option value="all"{selected_require_acl_invite_all}>{lang_Users_+_groups:_inviting_both_allways_requires_an_invite_grant}</option>
+     </select>
+    </td>
+   </tr>
+   <tr class="th">
     <td colspan="2"><b>{lang_Birthdays}</b></td>
    </tr>
    <tr class="row_off">
diff --git a/calendar/templates/default/preference_acl_row.tpl b/calendar/templates/default/preference_acl_row.tpl
index 6cb7ca8ddf..2f004a94c4 100755
--- a/calendar/templates/default/preference_acl_row.tpl
+++ b/calendar/templates/default/preference_acl_row.tpl
@@ -2,6 +2,7 @@
    <tr class="{row_class}">
     <td>{user}</td>
     <td align="center"><input type="checkbox" name="{custom_2}" value="Y"{custom_2_selected}></td>
+    <td class="aclInviteColumn" align="center"><input type="checkbox" name="{custom_3}" value="Y"{custom_3_selected}></td>
     <td align="center"><input type="checkbox" name="{read}" value="Y"{read_selected}></td>
     <td align="center"><input type="checkbox" name="{add}" value="Y"{add_selected}></td>
     <td align="center"><input type="checkbox" name="{edit}" value="Y"{edit_selected}></td>
diff --git a/calendar/templates/default/preference_colspan.tpl b/calendar/templates/default/preference_colspan.tpl
index 97c9822545..31389c2a4f 100755
--- a/calendar/templates/default/preference_colspan.tpl
+++ b/calendar/templates/default/preference_colspan.tpl
@@ -1,6 +1,7 @@
   <tr class="th">
     <td>{string}</td>
     <td align="center">{lang_freebusy}</td>
+    <td class="aclInviteColumn" align="center">{lang_invite}</td>
     <td align="center">{lang_read}</td>
     <td align="center">{lang_add}</td>
     <td align="center">{lang_edit}</td>