mirror of
https://github.com/EGroupware/egroupware.git
synced 2025-01-08 23:19:04 +01:00
* Addressbook: custom fields of accounts enabled via own-account-acl were not editable
This commit is contained in:
Ralf Becker
parent
ea0663d531
commit
af157c3218
@ -925,6 +925,11 @@ class addressbook_bo extends addressbook_so
|
|||||||
}
|
}
|
||||||
if (isset($contact['org_name'])) $contact['n_fileas'] = $this->fileas($contact, null, false);
|
if (isset($contact['org_name'])) $contact['n_fileas'] = $this->fileas($contact, null, false);
|
||||||
|
|
||||||
|
// Get old record for tracking changes
|
||||||
|
if (!isset($old) && $isUpdate)
|
||||||
|
{
|
||||||
|
$old = $this->read($contact['id']);
|
||||||
|
}
|
||||||
$to_write = $contact;
|
$to_write = $contact;
|
||||||
// (non-admin) user editing his own account, make sure he does not change fields he is not allowed to (eg. via SyncML or xmlrpc)
|
// (non-admin) user editing his own account, make sure he does not change fields he is not allowed to (eg. via SyncML or xmlrpc)
|
||||||
if (!$ignore_acl && !$contact['owner'] && !$this->is_admin($contact))
|
if (!$ignore_acl && !$contact['owner'] && !$this->is_admin($contact))
|
||||||
@ -933,16 +938,19 @@ class addressbook_bo extends addressbook_so
|
|||||||
{
|
{
|
||||||
if (!in_array($field,$this->own_account_acl) && !in_array($field,array('id','owner','account_id','modified','modifier')))
|
if (!in_array($field,$this->own_account_acl) && !in_array($field,array('id','owner','account_id','modified','modifier')))
|
||||||
{
|
{
|
||||||
unset($to_write[$field]); // user is now allowed to change that
|
// user is not allowed to change that
|
||||||
|
if ($old)
|
||||||
|
{
|
||||||
|
$to_write[$field] = $old[$field];
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
unset($to_write[$field]);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Get old record for tracking changes
|
|
||||||
if (!isset($old) && $isUpdate)
|
|
||||||
{
|
|
||||||
$old = $this->read($contact['id']);
|
|
||||||
}
|
|
||||||
// IF THE OLD ENTRY IS A ACCOUNT, dont allow to change the owner/location
|
// IF THE OLD ENTRY IS A ACCOUNT, dont allow to change the owner/location
|
||||||
// maybe we need that for id and account_id as well.
|
// maybe we need that for id and account_id as well.
|
||||||
if (is_array($old) && (!isset($old['owner']) || empty($old['owner'])))
|
if (is_array($old) && (!isset($old['owner']) || empty($old['owner'])))
|
||||||
|
|||||||
@ -150,9 +150,9 @@ class addressbook_tracking extends bo_tracking
|
|||||||
foreach(array('adr_one_countryname' => 'adr_one_countrycode', 'adr_two_countryname' => 'adr_two_countrycode') as $name => $code)
|
foreach(array('adr_one_countryname' => 'adr_one_countrycode', 'adr_two_countryname' => 'adr_two_countrycode') as $name => $code)
|
||||||
{
|
{
|
||||||
// Only codes involved, but old text name is automatically added when loaded
|
// Only codes involved, but old text name is automatically added when loaded
|
||||||
if($old[$code] && $data[$code])
|
if($old[$code] && $data[$code] && ($key = array_search($name, $changed_fields)) !== false)
|
||||||
{
|
{
|
||||||
unset($changed_fields[array_search($name, $changed_fields)]);
|
unset($changed_fields[$key]);
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -347,56 +347,56 @@ class etemplate_widget_customfields extends etemplate_widget_transformer
|
|||||||
$form_name = self::GLOBAL_ID;
|
$form_name = self::GLOBAL_ID;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!$this->is_readonly($cname, $form_name))
|
$all_readonly = $this->is_readonly($cname, $form_name);
|
||||||
|
$value_in = self::get_array($content, $form_name);
|
||||||
|
// if we have no id / use self::GLOBAL_ID, we have to set $value_in in global namespace for regular widgets validation to find
|
||||||
|
if (!$this->id) $content = array_merge($content, $value_in);
|
||||||
|
//error_log(__METHOD__."($cname, ...) form_name=$form_name, use-private={$this->attrs['use-private']}, value_in=".array2string($value_in));
|
||||||
|
$customfields =& $this->getElementAttribute(self::GLOBAL_VALS, 'customfields');
|
||||||
|
if(is_array($value_in))
|
||||||
{
|
{
|
||||||
$value_in = self::get_array($content, $form_name);
|
foreach($value_in as $field => $value)
|
||||||
// if we have no id / use self::GLOBAL_ID, we have to set $value_in in global namespace for regular widgets validation to find
|
|
||||||
if (!$this->id) $content = array_merge($content, $value_in);
|
|
||||||
//error_log(__METHOD__."($cname, ...) form_name=$form_name, use-private={$this->attrs['use-private']}, value_in=".array2string($value_in));
|
|
||||||
$customfields =& $this->getElementAttribute(self::GLOBAL_VALS, 'customfields');
|
|
||||||
if(is_array($value_in))
|
|
||||||
{
|
{
|
||||||
foreach($value_in as $field => $value)
|
$field_settings = $customfields[$fname=substr($field,1)];
|
||||||
|
|
||||||
|
if ((string)$this->attrs['use-private'] !== '' && // are only (non-)private fields requested
|
||||||
|
(boolean)$field_settings['private'] != ($this->attrs['use-private'] != '0'))
|
||||||
{
|
{
|
||||||
$field_settings = $customfields[$fname=substr($field,1)];
|
continue;
|
||||||
|
|
||||||
if ((string)$this->attrs['use-private'] !== '' && // are only (non-)private fields requested
|
|
||||||
(boolean)$field_settings['private'] != ($this->attrs['use-private'] != '0'))
|
|
||||||
{
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
// check if single field is set readonly, used in apps as it was only way to make cfs readonly in old eT
|
|
||||||
if ($this->is_readonly($form_name != self::GLOBAL_ID ? $form_name : $cname, $field))
|
|
||||||
{
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
// run validation method of widget implementing this custom field
|
|
||||||
$widget = $this->_widget($fname, $field_settings);
|
|
||||||
// widget has no validate method, eg. is only displaying stuff --> nothing to validate
|
|
||||||
if (!method_exists($widget, 'validate')) continue;
|
|
||||||
$widget->validate($form_name != self::GLOBAL_ID ? $form_name : $cname, $expand, $content, $validated);
|
|
||||||
if ($field_settings['needed'] && (is_array($value) ? !$value : (string)$value === ''))
|
|
||||||
{
|
|
||||||
self::set_validation_error($field,lang('Field must not be empty !!!'),'');
|
|
||||||
}
|
|
||||||
$field_name = $this->id[0] == self::$prefix && $customfields[substr($this->id,1)] ? $this->id : self::form_name($form_name != self::GLOBAL_ID ? $form_name : $cname, $field);
|
|
||||||
$valid =& self::get_array($validated, $field_name, true);
|
|
||||||
|
|
||||||
if (is_array($valid)) $valid = implode(',', $valid);
|
|
||||||
// NULL is valid for most fields, but not custom fields due to backend handling
|
|
||||||
// See so_sql_cf->save()
|
|
||||||
if (is_null($valid)) $valid = false;
|
|
||||||
//error_log(__METHOD__."() $field_name: ".array2string($value).' --> '.array2string($valid));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// check if single field is set readonly, used in apps as it was only way to make cfs readonly in old eT
|
||||||
|
// single fields set to false in $readonly overwrite a global __ALL__
|
||||||
|
$cf_readonly = $this->is_readonly($form_name != self::GLOBAL_ID ? $form_name : $cname, $field);
|
||||||
|
if ($cf_readonly || $all_readonly && $cf_readonly !== false)
|
||||||
|
{
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
// run validation method of widget implementing this custom field
|
||||||
|
$widget = $this->_widget($fname, $field_settings);
|
||||||
|
// widget has no validate method, eg. is only displaying stuff --> nothing to validate
|
||||||
|
if (!method_exists($widget, 'validate')) continue;
|
||||||
|
$widget->validate($form_name != self::GLOBAL_ID ? $form_name : $cname, $expand, $content, $validated);
|
||||||
|
if ($field_settings['needed'] && (is_array($value) ? !$value : (string)$value === ''))
|
||||||
|
{
|
||||||
|
self::set_validation_error($field,lang('Field must not be empty !!!'),'');
|
||||||
|
}
|
||||||
|
$field_name = $this->id[0] == self::$prefix && $customfields[substr($this->id,1)] ? $this->id : self::form_name($form_name != self::GLOBAL_ID ? $form_name : $cname, $field);
|
||||||
|
$valid =& self::get_array($validated, $field_name, true);
|
||||||
|
|
||||||
|
if (is_array($valid)) $valid = implode(',', $valid);
|
||||||
|
// NULL is valid for most fields, but not custom fields due to backend handling
|
||||||
|
// See so_sql_cf->save()
|
||||||
|
if (is_null($valid)) $valid = false;
|
||||||
|
//error_log(__METHOD__."() $field_name: ".array2string($value).' --> '.array2string($valid));
|
||||||
}
|
}
|
||||||
elseif ($this->type == 'customfields-types')
|
}
|
||||||
{
|
elseif ($this->type == 'customfields-types')
|
||||||
// Transformation doesn't handle validation
|
{
|
||||||
$valid =& self::get_array($validated, $this->id ? $form_name : $field, true);
|
// Transformation doesn't handle validation
|
||||||
if (true) $valid = $value_in;
|
$valid =& self::get_array($validated, $this->id ? $form_name : $field, true);
|
||||||
//error_log(__METHOD__."() $form_name $field: ".array2string($value).' --> '.array2string($value));
|
if (true) $valid = $value_in;
|
||||||
}
|
//error_log(__METHOD__."() $form_name $field: ".array2string($value).' --> '.array2string($value));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -200,8 +200,7 @@ var et2_customfields_list = et2_valueWidget.extend([et2_IDetachedDOM, et2_IInput
|
|||||||
'id': id,
|
'id': id,
|
||||||
'statustext': field.help,
|
'statustext': field.help,
|
||||||
'needed': field.needed,
|
'needed': field.needed,
|
||||||
'readonly': this.options.readonly ||
|
'readonly': this.getArrayMgr("readonlys").isReadOnly(id, null, this.options.readonly),
|
||||||
this.getArrayMgr("readonlys").isReadOnly(id),
|
|
||||||
'value': this.options.value[this.prefix+field_name]
|
'value': this.options.value[this.prefix+field_name]
|
||||||
};
|
};
|
||||||
// Can't have a required readonly, it will warn & be removed later, so avoid the warning
|
// Can't have a required readonly, it will warn & be removed later, so avoid the warning
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user