Apply ACL to definition list - only show definitions user can use

This commit is contained in:
Nathan Gray 2011-05-18 14:46:57 +00:00
parent 678efd6ced
commit 86ced579db
4 changed files with 32 additions and 4 deletions

View File

@ -136,7 +136,7 @@ class importexport_definition implements importexport_iface_egw_record {
* @return array * @return array
*/ */
private function get_allowed_users() { private function get_allowed_users() {
return explode(',',$this->definition['allowed_users']); return explode(',',substr($this->definition['allowed_users'],1,-1));
} }
/** /**
@ -145,7 +145,7 @@ class importexport_definition implements importexport_iface_egw_record {
* @param array $_allowed_users * @param array $_allowed_users
*/ */
private function set_allowed_users( $_allowed_users ) { private function set_allowed_users( $_allowed_users ) {
$this->definition['allowed_users'] = implode(',',(array)$_allowed_users); $this->definition['allowed_users'] = ','.implode(',',(array)$_allowed_users) .',';
} }
/** /**

View File

@ -42,9 +42,29 @@ class importexport_definitions_bo {
public function get_rows(&$query, &$rows, &$readonlys) public function get_rows(&$query, &$rows, &$readonlys)
{ {
// Filter only definitions user is allowed to use
if(!$GLOBALS['egw_info']['user']['apps']['admin']) {
$this_membership = $GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'], true);
$this_membership[] = $GLOBALS['egw_info']['user']['account_id'];
$sql .= ' (';
$read = array();
foreach($this_membership as $id)
{
$read[] = 'allowed_users '.
$GLOBALS['egw']->db->capabilities['case_insensitive_like'].' '.
$GLOBALS['egw']->db->quote('%,'.str_replace('_','\\_',$id) .',%');
}
$sql .= implode(' OR ', $read);
$sql .= ') ';
$query['col_filter'][] = $sql;
}
$total = $this->so_sql->get_rows($query, $rows, $readonlys); $total = $this->so_sql->get_rows($query, $rows, $readonlys);
$ro_count = 0; $ro_count = 0;
foreach($rows as $row) { foreach($rows as &$row) {
// Strip off leading + trailing ,
$row['allowed_users'] = substr($row['allowed_users'],1,-1);
$readonlys["edit[{$row['definition_id']}]"] = $readonlys["delete[{$row['definition_id']}]"] = $readonlys["edit[{$row['definition_id']}]"] = $readonlys["delete[{$row['definition_id']}]"] =
($row['owner'] != $GLOBALS['egw_info']['user']['account_id']) && ($row['owner'] != $GLOBALS['egw_info']['user']['account_id']) &&
!$GLOBALS['egw_info']['user']['apps']['admin']; !$GLOBALS['egw_info']['user']['apps']['admin'];

View File

@ -10,7 +10,7 @@
*/ */
$setup_info['importexport']['name'] = 'importexport'; $setup_info['importexport']['name'] = 'importexport';
$setup_info['importexport']['version'] = '1.9.002'; $setup_info['importexport']['version'] = '1.9.003';
$setup_info['importexport']['app_order'] = 2; $setup_info['importexport']['app_order'] = 2;
$setup_info['importexport']['enable'] = 2; $setup_info['importexport']['enable'] = 2;
$setup_info['importexport']['tables'] = array('egw_importexport_definitions'); $setup_info['importexport']['tables'] = array('egw_importexport_definitions');

View File

@ -60,3 +60,11 @@ function importexport_upgrade1_9_001()
// Not needed - did it wrong // Not needed - did it wrong
return $GLOBALS['setup_info']['importexport']['currentver'] = '1.9.002'; return $GLOBALS['setup_info']['importexport']['currentver'] = '1.9.002';
} }
function importexport_upgrade1_9_002()
{
$sql = 'UPDATE egw_importexport_definitions SET allowed_users = '.
$GLOBALS['egw_setup']->db->concat("','", 'allowed_users', "','");
$GLOBALS['egw_setup']->oProc->query($sql, __LINE__, __FILE__);
return $GLOBALS['setup_info']['importexport']['currentver'] = '1.9.003';
}