* Addressbook/Admin: allow members of group(s) specified in Addressbook: Site configuration to edit contact-data of accounts without being an admin

This commit is contained in:
Ralf Becker 2014-02-28 10:13:26 +00:00
parent 0c8bbdd6a0
commit 6d84dd976c
4 changed files with 32 additions and 3 deletions

View File

@ -455,4 +455,17 @@ class addressbook_hooks
{
return true;
}
/**
* Hook returning options for deny_acl groups
*
* @param array $config
*/
public static function allow_account_edit($config)
{
$accountsel = new uiaccountsel();
return '<input type="hidden" value="" name="newsettings[allow_account_edit]" />'.
$accountsel->selection('newsettings[allow_account_edit]', 'allow_account_edit', $config['allow_account_edit'], 'groups', 4);
}
}

View File

@ -344,6 +344,13 @@ class addressbook_so
// no add at the moment if (!$GLOBALS['egw']->acl->check('account_access',4,'admin')) $this->grants[0] |= EGW_ACL_ADD;
if (!$GLOBALS['egw']->acl->check('account_access',32,'admin')) $grants[0] |= EGW_ACL_DELETE;
}
// allow certain groups to edit contact-data of accounts
if ($GLOBALS['egw_info']['server']['allow_account_edit'] &&
array_intersect($GLOBALS['egw_info']['server']['allow_account_edit'],
$GLOBALS['egw']->accounts->memberships($user, true)))
{
$grants[0] |= EGW_ACL_READ|EGW_ACL_EDIT;
}
}
else
{

View File

@ -1943,7 +1943,7 @@ window.egw_LAB.wait(function() {
$readonlys['change_org'] = empty($content['org_name']) || $view;
// for editing the own account (by a non-admin), enable only the fields allowed via the "own_account_acl"
if (!$content['owner'] && !$this->is_admin($content))
if (!$content['owner'] && !$this->check_perms(EGW_ACL_EDIT, $content))
{
$this->_set_readonlys_for_own_account_acl($readonlys,$id);
}

View File

@ -71,11 +71,20 @@ select[multiple] { width:100%;}
</select>
</td>
</tr>
<tr class="th">
<td colspan="2">
&nbsp;<b>{lang_Security}</b>
</td>
</tr>
<tr class="row_on">
<td>&nbsp;<b>{lang_Security}</b>: {lang_How_many_contacts_should_non-admins_be_able_to_export}
<td>&nbsp;{lang_How_many_contacts_should_non-admins_be_able_to_export}
{lang_(empty_=_use_global_limit,_no_=_no_export_at_all)}:</td>
<td><input name="newsettings[contact_export_limit]" value="{value_contact_export_limit}" size="5"></td>
</tr>
<tr class="row_off">
<td>&nbsp;{lang_Allow_following_groups_to_edit_contact-data_of_accounts}:</td>
<td>{call_addressbook_hooks::allow_account_edit}</td>
</tr>
<tr class="th">
<td colspan="2">&nbsp;<b>{lang_History_logging}</b></td>
</tr>