mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-22 14:41:29 +01:00
file_access_user implementation for timesheet
This commit is contained in:
parent
73486cc047
commit
7f47700c13
@ -5,7 +5,7 @@
|
|||||||
* @link http://www.egroupware.org
|
* @link http://www.egroupware.org
|
||||||
* @author Ralf Becker <RalfBecker-AT-outdoor-training.de>
|
* @author Ralf Becker <RalfBecker-AT-outdoor-training.de>
|
||||||
* @package timesheet
|
* @package timesheet
|
||||||
* @copyright (c) 2005-9 by Ralf Becker <RalfBecker-AT-outdoor-training.de>
|
* @copyright (c) 2005-11 by Ralf Becker <RalfBecker-AT-outdoor-training.de>
|
||||||
* @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
|
* @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
|
||||||
* @version $Id$
|
* @version $Id$
|
||||||
*/
|
*/
|
||||||
@ -19,8 +19,6 @@ if (!defined('TIMESHEET_APP'))
|
|||||||
* Business object of the TimeSheet
|
* Business object of the TimeSheet
|
||||||
*
|
*
|
||||||
* Uses eTemplate's so_sql as storage object (Table: egw_timesheet).
|
* Uses eTemplate's so_sql as storage object (Table: egw_timesheet).
|
||||||
*
|
|
||||||
* @todo Implement sorting&filtering by and searching of custom fields
|
|
||||||
*/
|
*/
|
||||||
class timesheet_bo extends so_sql_cf
|
class timesheet_bo extends so_sql_cf
|
||||||
{
|
{
|
||||||
@ -36,17 +34,17 @@ class timesheet_bo extends so_sql_cf
|
|||||||
* @var boolean
|
* @var boolean
|
||||||
*/
|
*/
|
||||||
var $quantity_sum=false;
|
var $quantity_sum=false;
|
||||||
/**
|
|
||||||
* Timestaps that need to be adjusted to user-time on reading or saving
|
|
||||||
*
|
|
||||||
* @var array
|
|
||||||
*/
|
|
||||||
var $user;
|
|
||||||
/**
|
/**
|
||||||
* current user
|
* current user
|
||||||
*
|
*
|
||||||
* @var int
|
* @var int
|
||||||
*/
|
*/
|
||||||
|
var $user;
|
||||||
|
/**
|
||||||
|
* Timestaps that need to be adjusted to user-time on reading or saving
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
var $timestamps = array(
|
var $timestamps = array(
|
||||||
'ts_start','ts_modified'
|
'ts_start','ts_modified'
|
||||||
);
|
);
|
||||||
@ -267,12 +265,12 @@ class timesheet_bo extends so_sql_cf
|
|||||||
* Rights are given via owner grants or role based acl
|
* Rights are given via owner grants or role based acl
|
||||||
*
|
*
|
||||||
* @param int $required EGW_ACL_READ, EGW_ACL_WRITE, EGW_ACL_ADD, EGW_ACL_DELETE, EGW_ACL_BUDGET, EGW_ACL_EDIT_BUDGET
|
* @param int $required EGW_ACL_READ, EGW_ACL_WRITE, EGW_ACL_ADD, EGW_ACL_DELETE, EGW_ACL_BUDGET, EGW_ACL_EDIT_BUDGET
|
||||||
* @param array/int $data=null project or project-id to use, default the project in $this->data
|
* @param array|int $data=null project or project-id to use, default the project in $this->data
|
||||||
|
* @param int $user=null for which user to check, default current user
|
||||||
* @return boolean true if the rights are ok, null if not found, false if no rights
|
* @return boolean true if the rights are ok, null if not found, false if no rights
|
||||||
*/
|
*/
|
||||||
function check_acl($required,$data=null)
|
function check_acl($required,$data=null,$user=null)
|
||||||
{
|
{
|
||||||
//error_log(__METHOD__."($required,".array2string($data).")");
|
|
||||||
if (is_null($data) || (int)$data == $this->data['ts_id'])
|
if (is_null($data) || (int)$data == $this->data['ts_id'])
|
||||||
{
|
{
|
||||||
$data =& $this->data;
|
$data =& $this->data;
|
||||||
@ -285,9 +283,19 @@ class timesheet_bo extends so_sql_cf
|
|||||||
|
|
||||||
if (!$data) return null; // entry not found
|
if (!$data) return null; // entry not found
|
||||||
}
|
}
|
||||||
$rights = $this->grants[$data['ts_owner']];
|
if (!$user) $user = $this->user;
|
||||||
|
if ($user == $this->user)
|
||||||
|
{
|
||||||
|
$grants = $this->grants;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
$grants = $GLOBALS['egw']->acl->get_grants(TIMESHEET_APP,true,$user);
|
||||||
|
}
|
||||||
|
$ret = $data && !!($grants[$data['ts_owner']] & $required);
|
||||||
|
|
||||||
return $data && !!($rights & $required);
|
//error_log(__METHOD__."($required,$data[ts_id],$user) returning ".array2string($ret));
|
||||||
|
return $ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -371,7 +379,7 @@ class timesheet_bo extends so_sql_cf
|
|||||||
*
|
*
|
||||||
* reimplemented to limit result to users we have grants from
|
* reimplemented to limit result to users we have grants from
|
||||||
*
|
*
|
||||||
* @param array/string $criteria array of key and data cols, OR a SQL query (content for WHERE), fully quoted (!)
|
* @param array|string $criteria array of key and data cols, OR a SQL query (content for WHERE), fully quoted (!)
|
||||||
* @param boolean/string $only_keys=true True returns only keys, False returns all cols. comma seperated list of keys to return
|
* @param boolean/string $only_keys=true True returns only keys, False returns all cols. comma seperated list of keys to return
|
||||||
* @param string $order_by='' fieldnames + {ASC|DESC} separated by colons ',', can also contain a GROUP BY (if it contains ORDER BY)
|
* @param string $order_by='' fieldnames + {ASC|DESC} separated by colons ',', can also contain a GROUP BY (if it contains ORDER BY)
|
||||||
* @param string/array $extra_cols='' string or array of strings to be added to the SELECT, eg. "count(*) as num"
|
* @param string/array $extra_cols='' string or array of strings to be added to the SELECT, eg. "count(*) as num"
|
||||||
@ -474,7 +482,7 @@ class timesheet_bo extends so_sql_cf
|
|||||||
*
|
*
|
||||||
* @param int $ts_id
|
* @param int $ts_id
|
||||||
* @param boolean $ignore_acl=false should the acl be checked
|
* @param boolean $ignore_acl=false should the acl be checked
|
||||||
* @return array/boolean array with timesheet entry, null if timesheet not found or false if no rights
|
* @return array|boolean array with timesheet entry, null if timesheet not found or false if no rights
|
||||||
*/
|
*/
|
||||||
function read($ts_id,$ignore_acl=false)
|
function read($ts_id,$ignore_acl=false)
|
||||||
{
|
{
|
||||||
@ -700,15 +708,17 @@ class timesheet_bo extends so_sql_cf
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check access to the projects file store
|
* Check access to the file store
|
||||||
*
|
*
|
||||||
* @param int $id id of entry
|
* @param int|array $id id of entry or entry array
|
||||||
* @param int $check EGW_ACL_READ for read and EGW_ACL_EDIT for write or delete access
|
* @param int $check EGW_ACL_READ for read and EGW_ACL_EDIT for write or delete access
|
||||||
|
* @param string $rel_path=null currently not used in InfoLog
|
||||||
|
* @param int $user=null for which user to check, default current user
|
||||||
* @return boolean true if access is granted or false otherwise
|
* @return boolean true if access is granted or false otherwise
|
||||||
*/
|
*/
|
||||||
function file_access($id,$check,$rel_path)
|
function file_access($id,$check,$rel_path=null,$user=null)
|
||||||
{
|
{
|
||||||
return $this->check_acl($check,$id);
|
return $this->check_acl($check,$id,$user);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -5,7 +5,7 @@
|
|||||||
* @link http://www.egroupware.org
|
* @link http://www.egroupware.org
|
||||||
* @author Ralf Becker <RalfBecker-AT-outdoor-training.de>
|
* @author Ralf Becker <RalfBecker-AT-outdoor-training.de>
|
||||||
* @package timesheet
|
* @package timesheet
|
||||||
* @copyright (c) 2005-9 by Ralf Becker <RalfBecker-AT-outdoor-training.de>
|
* @copyright (c) 2005-11 by Ralf Becker <RalfBecker-AT-outdoor-training.de>
|
||||||
* @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
|
* @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
|
||||||
* @version $Id$
|
* @version $Id$
|
||||||
*/
|
*/
|
||||||
@ -55,6 +55,7 @@ class timesheet_hooks
|
|||||||
'add_id' => 'link_id',
|
'add_id' => 'link_id',
|
||||||
'add_popup' => '600x425',
|
'add_popup' => '600x425',
|
||||||
'file_access'=> TIMESHEET_APP.'.timesheet_bo.file_access',
|
'file_access'=> TIMESHEET_APP.'.timesheet_bo.file_access',
|
||||||
|
'file_access_user' => true, // file_access supports 4th parameter $user
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user