mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-23 07:09:20 +01:00
- corrected lots of ACL problems with a new function
bo->rb_check_prevs(PHPGW_ACL_xyz,$cal_id_or_event) - edit is not longer forgetting the participant status
This commit is contained in:
parent
ea34fb8cb1
commit
d6bc8af79a
@ -383,9 +383,10 @@
|
|||||||
|
|
||||||
function read_entry($id)
|
function read_entry($id)
|
||||||
{
|
{
|
||||||
if($this->check_perms(PHPGW_ACL_READ))
|
if($this->rb_check_perms(PHPGW_ACL_READ,$id))
|
||||||
{
|
{
|
||||||
$event = $this->so->read_entry($id);
|
$event = $this->so->read_entry($id);
|
||||||
|
|
||||||
if(!isset($event['participants'][$this->owner]) && $this->user_is_a_member($event,$this->owner))
|
if(!isset($event['participants'][$this->owner]) && $this->user_is_a_member($event,$this->owner))
|
||||||
{
|
{
|
||||||
$this->so->add_attribute('participants','U',intval($this->owner));
|
$this->so->add_attribute('participants','U',intval($this->owner));
|
||||||
@ -399,12 +400,12 @@
|
|||||||
function delete_single($param)
|
function delete_single($param)
|
||||||
{
|
{
|
||||||
|
|
||||||
if($this->check_perms(PHPGW_ACL_DELETE))
|
if($this->rb_check_perms(PHPGW_ACL_DELETE,intval($param['id'])))
|
||||||
{
|
{
|
||||||
$temp_event = $this->get_cached_event();
|
$temp_event = $this->get_cached_event();
|
||||||
$event = $this->read_entry(intval($param['id']));
|
$event = $this->read_entry(intval($param['id']));
|
||||||
if($this->owner == $event['owner'])
|
//RB if($this->owner == $event['owner'])
|
||||||
{
|
//RB {
|
||||||
$exception_time = mktime($event['start']['hour'],$event['start']['min'],0,$param['month'],$param['day'],$param['year']) - $this->datetime->tz_offset;
|
$exception_time = mktime($event['start']['hour'],$event['start']['min'],0,$param['month'],$param['day'],$param['year']) - $this->datetime->tz_offset;
|
||||||
$event['recur_exception'][] = intval($exception_time);
|
$event['recur_exception'][] = intval($exception_time);
|
||||||
$this->so->cal->event = $event;
|
$this->so->cal->event = $event;
|
||||||
@ -419,7 +420,7 @@
|
|||||||
else
|
else
|
||||||
{
|
{
|
||||||
$cd = 60;
|
$cd = 60;
|
||||||
}
|
//RB }
|
||||||
}
|
}
|
||||||
$this->so->cal->event = $temp_event;
|
$this->so->cal->event = $temp_event;
|
||||||
unset($temp_event);
|
unset($temp_event);
|
||||||
@ -428,25 +429,26 @@
|
|||||||
|
|
||||||
function delete_entry($id)
|
function delete_entry($id)
|
||||||
{
|
{
|
||||||
if($this->check_perms(PHPGW_ACL_DELETE))
|
if($this->rb_check_perms(PHPGW_ACL_DELETE,$id))
|
||||||
{
|
{
|
||||||
$temp_event = $this->read_entry($id);
|
$temp_event = $this->read_entry($id);
|
||||||
if($this->owner == $temp_event['owner'])
|
//RB if($this->owner == $temp_event['owner'])
|
||||||
{
|
//RB {
|
||||||
$this->so->delete_entry($id);
|
$this->so->delete_entry($id);
|
||||||
$cd = 16;
|
$cd = 16;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
$cd = 60;
|
$cd = 60;
|
||||||
}
|
//RB }
|
||||||
}
|
}
|
||||||
return $cd;
|
return $cd;
|
||||||
}
|
}
|
||||||
|
|
||||||
function reinstate($params='')
|
function reinstate($params='')
|
||||||
{
|
{
|
||||||
if($this->check_perms(PHPGW_ACL_EDIT) && isset($params['cal_id']) && isset($params['reinstate_index']))
|
//RB if($this->check_perms(PHPGW_ACL_EDIT) && isset($params['cal_id']) && isset($params['reinstate_index']))
|
||||||
|
if($this->rb_check_perms(PHPGW_ACL_EDIT,$params['cal_id']) && isset($params['reinstate_index']))
|
||||||
{
|
{
|
||||||
$event = $this->so->read_entry($params['cal_id']);
|
$event = $this->so->read_entry($params['cal_id']);
|
||||||
@reset($params['reinstate_index']);
|
@reset($params['reinstate_index']);
|
||||||
@ -511,7 +513,7 @@
|
|||||||
|
|
||||||
function expunge()
|
function expunge()
|
||||||
{
|
{
|
||||||
if($this->check_perms(PHPGW_ACL_DELETE))
|
if($this->rb_check_perms(PHPGW_ACL_DELETE))
|
||||||
{
|
{
|
||||||
reset($this->so->cal->deleted_events);
|
reset($this->so->cal->deleted_events);
|
||||||
for($i=0;$i<count($this->so->cal->deleted_events);$i++)
|
for($i=0;$i<count($this->so->cal->deleted_events);$i++)
|
||||||
@ -573,7 +575,7 @@
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
if((!$l_cal['id'] && !$this->check_perms(PHPGW_ACL_ADD)) || ($l_cal['id'] && !$this->check_perms(PHPGW_ACL_EDIT)))
|
if((!$l_cal['id'] && !$this->rb_check_perms(PHPGW_ACL_ADD)) || ($l_cal['id'] && !$this->rb_check_perms(PHPGW_ACL_EDIT,$l_cal['id'])))
|
||||||
{
|
{
|
||||||
ExecMethod('calendar.uicalendar.index');
|
ExecMethod('calendar.uicalendar.index');
|
||||||
$GLOBALS['phpgw']->common->phpgw_exit();
|
$GLOBALS['phpgw']->common->phpgw_exit();
|
||||||
@ -656,14 +658,18 @@
|
|||||||
$part = Array();
|
$part = Array();
|
||||||
for($i=0;$i<count($parts);$i++)
|
for($i=0;$i<count($parts);$i++)
|
||||||
{
|
{
|
||||||
|
if (($accept_type = substr($parts[$i],-1,1)) == '0' || intval($accept_type) > 0)
|
||||||
|
{
|
||||||
|
$accept_type = 'U';
|
||||||
|
}
|
||||||
$acct_type = $GLOBALS['phpgw']->accounts->get_type(intval($parts[$i]));
|
$acct_type = $GLOBALS['phpgw']->accounts->get_type(intval($parts[$i]));
|
||||||
if($acct_type == 'u')
|
if($acct_type == 'u')
|
||||||
{
|
{
|
||||||
$part[$parts[$i]] = 1;
|
$part[intval($parts[$i])] = $accept_type;
|
||||||
}
|
}
|
||||||
elseif($acct_type == 'g')
|
elseif($acct_type == 'g')
|
||||||
{
|
{
|
||||||
$part[$parts[$i]] = 1;
|
$part[intval($parts[$i])] = $accept_type;
|
||||||
$groups[] = $parts[$i];
|
$groups[] = $parts[$i];
|
||||||
/* This pulls ALL users of a group and makes them as participants to the event */
|
/* This pulls ALL users of a group and makes them as participants to the event */
|
||||||
/* I would like to turn this back into a group thing. */
|
/* I would like to turn this back into a group thing. */
|
||||||
@ -676,7 +682,7 @@
|
|||||||
}
|
}
|
||||||
while($member = each($members))
|
while($member = each($members))
|
||||||
{
|
{
|
||||||
$part[$member[1]['account_id']] = 1;
|
$part[$member[1]['account_id']] = $accept_type;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -689,9 +695,9 @@
|
|||||||
if($part)
|
if($part)
|
||||||
{
|
{
|
||||||
@reset($part);
|
@reset($part);
|
||||||
while(list($key,$value) = each($part))
|
while(list($key,$accept_type) = each($part))
|
||||||
{
|
{
|
||||||
$this->so->add_attribute('participants','U',intval($key));
|
$this->so->add_attribute('participants',$accept_type,intval($key));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -851,8 +857,38 @@
|
|||||||
return mktime($time['hour'],$time['min'],$time['sec'],$time['month'],$time['mday'],$time['year']);
|
return mktime($time['hour'],$time['min'],$time['sec'],$time['month'],$time['mday'],$time['year']);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function rb_check_perms($needed,$event=0)
|
||||||
|
{
|
||||||
|
if (is_int($event) && $event == 0)
|
||||||
|
{
|
||||||
|
$owner = $this->owner;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (!is_array($event))
|
||||||
|
{
|
||||||
|
$event = $this->so->read_entry((int) $event);
|
||||||
|
}
|
||||||
|
if (!is_array($event))
|
||||||
|
{
|
||||||
|
return False;
|
||||||
|
}
|
||||||
|
$owner = $event['owner'];
|
||||||
|
$privat = $event['public'] == False || $event['public'] == 0;
|
||||||
|
}
|
||||||
|
$user = $GLOBALS['phpgw_info']['user']['account_id'];
|
||||||
|
$grants = $this->grants[$owner];
|
||||||
|
|
||||||
|
$access = $user == $owner || $grants & $needed && (!$privat || $grants & PHPGW_ACL_PRIVAT);
|
||||||
|
//echo "<p>rb_check_perms for user $user and needed_acl $needed: event=$event[title]: owner=$owner, privat=$privat, grants=$grants ==> access=$access</p>\n";
|
||||||
|
|
||||||
|
return $access;
|
||||||
|
}
|
||||||
|
|
||||||
function can_user_edit($event)
|
function can_user_edit($event)
|
||||||
{
|
{
|
||||||
|
return $this->rb_check_perms(PHPGW_ACL_EDIT,$event);
|
||||||
|
|
||||||
$can_edit = False;
|
$can_edit = False;
|
||||||
|
|
||||||
if(($event['owner'] == $this->owner) && ($this->check_perms(PHPGW_ACL_EDIT) == True))
|
if(($event['owner'] == $this->owner) && ($this->check_perms(PHPGW_ACL_EDIT) == True))
|
||||||
@ -1197,7 +1233,7 @@
|
|||||||
return $status;
|
return $status;
|
||||||
}
|
}
|
||||||
|
|
||||||
function is_private($event,$owner)
|
function is_private($event,$owner) //RB_NEED_WORK
|
||||||
{
|
{
|
||||||
if($owner == 0)
|
if($owner == 0)
|
||||||
{
|
{
|
||||||
|
@ -495,7 +495,7 @@ class socalendar_ extends socalendar__
|
|||||||
@reset($event['participants']);
|
@reset($event['participants']);
|
||||||
while (list($key,$value) = @each($event['participants']))
|
while (list($key,$value) = @each($event['participants']))
|
||||||
{
|
{
|
||||||
if(intval($key) == intval($this->user))
|
if(intval($key) == $event['owner']/*RB intval($this->user)*/)
|
||||||
{
|
{
|
||||||
$value = 'A';
|
$value = 'A';
|
||||||
}
|
}
|
||||||
|
@ -627,7 +627,8 @@
|
|||||||
$GLOBALS['phpgw']->common->phpgw_exit(True);
|
$GLOBALS['phpgw']->common->phpgw_exit(True);
|
||||||
}
|
}
|
||||||
|
|
||||||
if(!$this->bo->check_perms(PHPGW_ACL_READ))
|
//RB if(!$this->bo->check_perms(PHPGW_ACL_READ))
|
||||||
|
if(!$this->bo->rb_check_perms(PHPGW_ACL_READ,$cal_id))
|
||||||
{
|
{
|
||||||
echo lang('You do not have permission to read this record!').'</center>'."\n";
|
echo lang('You do not have permission to read this record!').'</center>'."\n";
|
||||||
$GLOBALS['phpgw']->common->phpgw_exit(True);
|
$GLOBALS['phpgw']->common->phpgw_exit(True);
|
||||||
@ -677,9 +678,11 @@
|
|||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
|
||||||
if($this->bo->owner == $event['owner'] || $this->bo->member_of_group($this->bo->owner))
|
//RB: this is handled by the acl
|
||||||
{
|
//RB if($this->bo->owner == $event['owner'] || $this->bo->member_of_group($this->bo->owner))
|
||||||
if ($this->bo->check_perms(PHPGW_ACL_EDIT,$event['owner']))
|
//RB {
|
||||||
|
//RB if ($this->bo->rb_check_perms(PHPGW_ACL_EDIT,$event['owner']))
|
||||||
|
if ($this->bo->rb_check_perms(PHPGW_ACL_EDIT,$event))
|
||||||
{
|
{
|
||||||
if($event['recur_type'] != MCAL_RECUR_NONE)
|
if($event['recur_type'] != MCAL_RECUR_NONE)
|
||||||
{
|
{
|
||||||
@ -724,7 +727,8 @@
|
|||||||
echo $p->fp('out','form_button');
|
echo $p->fp('out','form_button');
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($this->bo->check_perms(PHPGW_ACL_DELETE,$event['owner']))
|
//RB if ($this->bo->check_perms(PHPGW_ACL_DELETE,$event['owner']))
|
||||||
|
if ($this->bo->rb_check_perms(PHPGW_ACL_DELETE,$event))
|
||||||
{
|
{
|
||||||
if($event['recur_type'] != MCAL_RECUR_NONE)
|
if($event['recur_type'] != MCAL_RECUR_NONE)
|
||||||
{
|
{
|
||||||
@ -770,7 +774,7 @@
|
|||||||
echo $p->fp('out','form_button');
|
echo $p->fp('out','form_button');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
//RB}
|
||||||
|
|
||||||
$var = Array(
|
$var = Array(
|
||||||
'action_url_button' => $this->page('export'),
|
'action_url_button' => $this->page('export'),
|
||||||
@ -786,7 +790,7 @@
|
|||||||
|
|
||||||
function edit($params='')
|
function edit($params='')
|
||||||
{
|
{
|
||||||
if(!$this->bo->check_perms(PHPGW_ACL_EDIT))
|
if(!$this->bo->check_perms(PHPGW_ACL_EDIT))//RB_NEED_WORK
|
||||||
{
|
{
|
||||||
$this->no_edit();
|
$this->no_edit();
|
||||||
}
|
}
|
||||||
@ -912,11 +916,11 @@
|
|||||||
|
|
||||||
function reinstate_list($params='')
|
function reinstate_list($params='')
|
||||||
{
|
{
|
||||||
if(!$this->bo->check_perms(PHPGW_ACL_EDIT))
|
if(!$this->bo->check_perms(PHPGW_ACL_EDIT))//RB_NEED_WORK
|
||||||
{
|
{
|
||||||
$this->no_edit();
|
$this->no_edit();
|
||||||
}
|
}
|
||||||
elseif(!$this->bo->check_perms(PHPGW_ACL_ADD))
|
elseif(!$this->bo->check_perms(PHPGW_ACL_ADD))//RB_NEED_WORK
|
||||||
{
|
{
|
||||||
$this->index();
|
$this->index();
|
||||||
}
|
}
|
||||||
@ -936,7 +940,7 @@
|
|||||||
$GLOBALS['phpgw']->common->phpgw_exit(True);
|
$GLOBALS['phpgw']->common->phpgw_exit(True);
|
||||||
}
|
}
|
||||||
|
|
||||||
if(!$this->bo->check_perms(PHPGW_ACL_READ))
|
if(!$this->bo->check_perms(PHPGW_ACL_READ))//RB_NEED_WORK
|
||||||
{
|
{
|
||||||
echo lang('You do not have permission to read this record!').'</center>'."\n";
|
echo lang('You do not have permission to read this record!').'</center>'."\n";
|
||||||
$GLOBALS['phpgw']->common->phpgw_exit(True);
|
$GLOBALS['phpgw']->common->phpgw_exit(True);
|
||||||
@ -999,11 +1003,11 @@
|
|||||||
|
|
||||||
function reinstate($params='')
|
function reinstate($params='')
|
||||||
{
|
{
|
||||||
if(!$this->bo->check_perms(PHPGW_ACL_EDIT))
|
if(!$this->bo->check_perms(PHPGW_ACL_EDIT))//RB_NEED_WORK
|
||||||
{
|
{
|
||||||
$this->no_edit();
|
$this->no_edit();
|
||||||
}
|
}
|
||||||
elseif(!$this->bo->check_perms(PHPGW_ACL_ADD))
|
elseif(!$this->bo->check_perms(PHPGW_ACL_ADD))//RB_NEED_WORK
|
||||||
{
|
{
|
||||||
$this->index();
|
$this->index();
|
||||||
}
|
}
|
||||||
@ -1032,7 +1036,7 @@
|
|||||||
|
|
||||||
function add($cd=0,$readsess=0)
|
function add($cd=0,$readsess=0)
|
||||||
{
|
{
|
||||||
if(!$this->bo->check_perms(PHPGW_ACL_ADD))
|
if(!$this->bo->rb_check_perms(PHPGW_ACL_ADD))
|
||||||
{
|
{
|
||||||
$this->index();
|
$this->index();
|
||||||
}
|
}
|
||||||
@ -1092,7 +1096,8 @@
|
|||||||
|
|
||||||
$date = sprintf("%04d%02d%02d",$this->bo->year,$this->bo->month,$this->bo->day);
|
$date = sprintf("%04d%02d%02d",$this->bo->year,$this->bo->month,$this->bo->day);
|
||||||
$event = $this->bo->read_entry(intval($GLOBALS['HTTP_GET_VARS']['cal_id']));
|
$event = $this->bo->read_entry(intval($GLOBALS['HTTP_GET_VARS']['cal_id']));
|
||||||
if(($GLOBALS['HTTP_GET_VARS']['cal_id'] > 0) && ($event['owner'] == $this->bo->owner) && $this->bo->check_perms(PHPGW_ACL_DELETE))
|
//if(($GLOBALS['HTTP_GET_VARS']['cal_id'] > 0) && ($event['owner'] == $this->bo->owner) && $this->bo->check_perms(PHPGW_ACL_DELETE))
|
||||||
|
if ($this->bo->rb_check_perms(PHPGW_ACL_DELETE,$event))
|
||||||
{
|
{
|
||||||
|
|
||||||
if(isset($GLOBALS['HTTP_POST_VARS']['delete_type']) && $GLOBALS['HTTP_POST_VARS']['delete_type'] == 'single')
|
if(isset($GLOBALS['HTTP_POST_VARS']['delete_type']) && $GLOBALS['HTTP_POST_VARS']['delete_type'] == 'single')
|
||||||
@ -1205,7 +1210,7 @@
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if(!$this->bo->check_perms(PHPGW_ACL_EDIT))
|
if(!$this->bo->rb_check_perms(PHPGW_ACL_EDIT))
|
||||||
{
|
{
|
||||||
$this->no_edit();
|
$this->no_edit();
|
||||||
return;
|
return;
|
||||||
@ -1229,7 +1234,7 @@
|
|||||||
|
|
||||||
function set_action()
|
function set_action()
|
||||||
{
|
{
|
||||||
if(!$this->bo->check_perms(PHPGW_ACL_EDIT))
|
if(!$this->bo->rb_check_perms(PHPGW_ACL_EDIT))
|
||||||
{
|
{
|
||||||
$this->no_edit();
|
$this->no_edit();
|
||||||
return;
|
return;
|
||||||
@ -1539,7 +1544,7 @@
|
|||||||
@reset($users);
|
@reset($users);
|
||||||
while ($user = each($users))
|
while ($user = each($users))
|
||||||
{
|
{
|
||||||
if(($GLOBALS['phpgw']->accounts->exists($user[0]) && $this->bo->check_perms(PHPGW_ACL_READ,$user[0])) || $GLOBALS['phpgw']->accounts->get_type($user[0]) == 'g')
|
if(($GLOBALS['phpgw']->accounts->exists($user[0]) && $this->bo->check_perms(PHPGW_ACL_READ,$user[0])) || $GLOBALS['phpgw']->accounts->get_type($user[0]) == 'g')//RB_NEED_WORK
|
||||||
{
|
{
|
||||||
$str .= ' <option value="'.$user[0].'">('.$GLOBALS['phpgw']->accounts->get_type($user[0]).') '.$user[1].'</option>'."\n";
|
$str .= ' <option value="'.$user[0].'">('.$GLOBALS['phpgw']->accounts->get_type($user[0]).') '.$user[1].'</option>'."\n";
|
||||||
}
|
}
|
||||||
@ -1581,14 +1586,14 @@
|
|||||||
$members = $acct->member(intval($participants[$i]));
|
$members = $acct->member(intval($participants[$i]));
|
||||||
while($members != False && list($index,$member) = each($members))
|
while($members != False && list($index,$member) = each($members))
|
||||||
{
|
{
|
||||||
if($this->bo->check_perms(PHPGW_ACL_READ,$member['account_id']) && !isset($parts[$member['account_id']]))
|
if($this->bo->check_perms(PHPGW_ACL_READ,$member['account_id']) && !isset($parts[$member['account_id']]))//RB_NEED_WORK
|
||||||
{
|
{
|
||||||
$parts[$member['account_id']] = 1;
|
$parts[$member['account_id']] = 1;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case 'u':
|
case 'u':
|
||||||
if($this->bo->check_perms(PHPGW_ACL_READ,$participants[$i]) && !isset($parts[$participants[$i]]))
|
if($this->bo->check_perms(PHPGW_ACL_READ,$participants[$i]) && !isset($parts[$participants[$i]]))//RB_NEED_WORK
|
||||||
{
|
{
|
||||||
$parts[$participants[$i]] = 1;
|
$parts[$participants[$i]] = 1;
|
||||||
}
|
}
|
||||||
@ -1813,7 +1818,7 @@
|
|||||||
function header()
|
function header()
|
||||||
{
|
{
|
||||||
$cols = 8;
|
$cols = 8;
|
||||||
if($this->bo->check_perms(PHPGW_ACL_PRIVATE) == True)
|
if($this->bo->check_perms(PHPGW_ACL_PRIVATE) == True)//RB_NEED_WORK
|
||||||
{
|
{
|
||||||
$cols++;
|
$cols++;
|
||||||
}
|
}
|
||||||
@ -1967,7 +1972,7 @@
|
|||||||
|
|
||||||
function no_edit()
|
function no_edit()
|
||||||
{
|
{
|
||||||
if(!$isset($GLOBALS['phpgw_info']['flags']['noheader']))
|
if(isset($GLOBALS['phpgw_info']['flags']['noheader']))
|
||||||
{
|
{
|
||||||
unset($GLOBALS['phpgw_info']['flags']['noheader']);
|
unset($GLOBALS['phpgw_info']['flags']['noheader']);
|
||||||
unset($GLOBALS['phpgw_info']['flags']['nonavbar']);
|
unset($GLOBALS['phpgw_info']['flags']['nonavbar']);
|
||||||
@ -1982,8 +1987,11 @@
|
|||||||
function link_to_entry($event,$month,$day,$year)
|
function link_to_entry($event,$month,$day,$year)
|
||||||
{
|
{
|
||||||
$str = '';
|
$str = '';
|
||||||
$is_private = $this->bo->is_private($event,$event['owner']);
|
//RB $is_private = $this->bo->is_private($event,$event['owner']);
|
||||||
$editable = ((!$this->bo->printer_friendly) && (($is_private && $this->bo->check_perms(PHPGW_ACL_PRIVATE)) || !$is_private));
|
//RB $editable = ((!$this->bo->printer_friendly) && (($is_private && $this->bo->check_perms(PHPGW_ACL_PRIVATE)) || !$is_private));
|
||||||
|
//RB editable means here, ok to set a link to view
|
||||||
|
$editable = !$this->bo->printer_friendly && $this->bo->rb_check_perms(PHPGW_ACL_READ,$event);
|
||||||
|
$is_private = !$event['public'] && !$this->bo->rb_check_perms(PHPGW_ACL_READ,$event);
|
||||||
$p = CreateObject('phpgwapi.Template',$this->template_dir);
|
$p = CreateObject('phpgwapi.Template',$this->template_dir);
|
||||||
$p->set_unknowns('remove');
|
$p->set_unknowns('remove');
|
||||||
$p->set_file(
|
$p->set_file(
|
||||||
@ -2581,7 +2589,8 @@
|
|||||||
|
|
||||||
function view_event($event,$alarms=False)
|
function view_event($event,$alarms=False)
|
||||||
{
|
{
|
||||||
if((!$event['participants'][$this->bo->owner] && !$this->bo->member_of_group()) || (!$event['public'] && !$this->bo->check_perms(PHPGW_ACL_PRIVATE)))
|
//RB if((!$event['participants'][$this->bo->owner] && !$this->bo->member_of_group()) || (!$event['public'] && !$this->bo->check_perms(PHPGW_ACL_PRIVATE)))
|
||||||
|
if((!$event['participants'][$this->bo->owner] && !$this->bo->rb_check_perms(PHPGW_ACL_READ,$event)))
|
||||||
{
|
{
|
||||||
return '<center>'.lang('You do not have permission to read this record!').'</center>';
|
return '<center>'.lang('You do not have permission to read this record!').'</center>';
|
||||||
}
|
}
|
||||||
@ -2706,7 +2715,7 @@
|
|||||||
{
|
{
|
||||||
if($GLOBALS['phpgw']->accounts->exists($user))
|
if($GLOBALS['phpgw']->accounts->exists($user))
|
||||||
{
|
{
|
||||||
$str .= ($str?'<br>':'').$GLOBALS['phpgw']->common->grab_owner_name($user).' ('.($this->bo->check_perms(PHPGW_ACL_EDIT,$user)?'<a href="'.$this->page('edit_status','&cal_id='.$event['id'].'&owner='.$user).'">'.$this->bo->get_long_status($short_status).'</a>':$this->bo->get_long_status($short_status)).')'."\n";
|
$str .= ($str?'<br>':'').$GLOBALS['phpgw']->common->grab_owner_name($user).' ('.($this->bo->check_perms(PHPGW_ACL_EDIT,$user)?'<a href="'.$this->page('edit_status','&cal_id='.$event['id'].'&owner='.$user).'">'.$this->bo->get_long_status($short_status).'</a>':$this->bo->get_long_status($short_status)).')'."\n";//RB_NEED_WORK
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$var[] = Array(
|
$var[] = Array(
|
||||||
@ -3125,7 +3134,7 @@
|
|||||||
$open_link = ' - ';
|
$open_link = ' - ';
|
||||||
$close_link = '';
|
$close_link = '';
|
||||||
|
|
||||||
if(!$this->bo->printer_friendly && $this->bo->check_perms(PHPGW_ACL_ADD))
|
if(!$this->bo->printer_friendly && $this->bo->rb_check_perms(PHPGW_ACL_ADD))
|
||||||
{
|
{
|
||||||
$new_hour = intval(substr($dtime,0,strpos($dtime,':')));
|
$new_hour = intval(substr($dtime,0,strpos($dtime,':')));
|
||||||
if ($this->bo->prefs['common']['timeformat'] == '12' && $i > 12)
|
if ($this->bo->prefs['common']['timeformat'] == '12' && $i > 12)
|
||||||
@ -3357,7 +3366,7 @@
|
|||||||
'calendar_action' => ($event['id']?lang('Calendar - Edit'):lang('Calendar - Add')),
|
'calendar_action' => ($event['id']?lang('Calendar - Edit'):lang('Calendar - Add')),
|
||||||
'action_url' => $GLOBALS['phpgw']->link('/index.php',Array('menuaction'=>'calendar.bocalendar.update')),
|
'action_url' => $GLOBALS['phpgw']->link('/index.php',Array('menuaction'=>'calendar.bocalendar.update')),
|
||||||
'common_hidden' => '<input type="hidden" name="cal[id]" value="'.$event['id'].'">'."\n"
|
'common_hidden' => '<input type="hidden" name="cal[id]" value="'.$event['id'].'">'."\n"
|
||||||
. '<input type="hidden" name="cal[owner]" value="'.$this->bo->owner.'">'."\n"
|
. '<input type="hidden" name="cal[owner]" value="'.$event['owner']/*RB else owner changes if someone with edit-acl edits entry $this->bo->owner*/.'">'."\n"
|
||||||
. '<input type="hidden" name="cal[uid]" value="'.$event['uid'].'">'."\n"
|
. '<input type="hidden" name="cal[uid]" value="'.$event['uid'].'">'."\n"
|
||||||
. ($GLOBALS['HTTP_GET_VARS']['cal_id'] && $event['id'] == 0?'<input type="hidden" name="cal[reference]" value="'.$GLOBALS['HTTP_GET_VARS']['cal_id'].'">'."\n":
|
. ($GLOBALS['HTTP_GET_VARS']['cal_id'] && $event['id'] == 0?'<input type="hidden" name="cal[reference]" value="'.$GLOBALS['HTTP_GET_VARS']['cal_id'].'">'."\n":
|
||||||
(@isset($event['reference'])?'<input type="hidden" name="cal[reference]" value="'.$event['reference'].'">'."\n":''))
|
(@isset($event['reference'])?'<input type="hidden" name="cal[reference]" value="'.$event['reference'].'">'."\n":''))
|
||||||
@ -3468,17 +3477,18 @@
|
|||||||
if(!isset($GLOBALS['phpgw_info']['server']['deny_user_grants_access']) || !$GLOBALS['phpgw_info']['server']['deny_user_grants_access'])
|
if(!isset($GLOBALS['phpgw_info']['server']['deny_user_grants_access']) || !$GLOBALS['phpgw_info']['server']['deny_user_grants_access'])
|
||||||
{
|
{
|
||||||
$accounts = $GLOBALS['phpgw']->acl->get_ids_for_location('run',1,'calendar');
|
$accounts = $GLOBALS['phpgw']->acl->get_ids_for_location('run',1,'calendar');
|
||||||
$users = Array();
|
|
||||||
$this->build_part_list($users,$accounts,$this->bo->owner);
|
|
||||||
|
|
||||||
|
$users = Array();
|
||||||
|
$this->build_part_list($users,$accounts,$event['owner']); //RB was $this->bo->owner);
|
||||||
|
// if the calendar of a group was selected all participants of this group got removed from the participants list
|
||||||
$str = '';
|
$str = '';
|
||||||
@asort($users);
|
@asort($users);
|
||||||
@reset($users);
|
@reset($users);
|
||||||
while (list($id,$user_array) = each($users))
|
while (list($id,$user_array) = each($users))
|
||||||
{
|
{
|
||||||
if($id != intval($this->bo->owner))
|
if($id != intval($event['owner']/*RB$this->bo->owner*/))
|
||||||
{
|
{
|
||||||
$str .= ' <option value="' . $id . '"'.($event['participants'][$id]?' selected':'').'>('.$user_array['type'].') '.$user_array['name'].'</option>'."\n";
|
$str .= ' <option value="' . $id . $event['participants'][$id] . '"'.($event['participants'][$id]?' selected':'').'>('.$user_array['type'].') '.$user_array['name'].'</option>'."\n";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$var[] = Array(
|
$var[] = Array(
|
||||||
@ -3487,7 +3497,7 @@
|
|||||||
);
|
);
|
||||||
|
|
||||||
// I Participate
|
// I Participate
|
||||||
if((($event['id'] > 0) && isset($event['participants'][$this->bo->owner])) || !$event['id'])
|
if((($event['id'] > 0) && isset($event['participants'][$event['owner']/*RB$this->bo->owner*/])) || !$event['id'])
|
||||||
{
|
{
|
||||||
$checked = ' checked';
|
$checked = ' checked';
|
||||||
}
|
}
|
||||||
@ -3496,8 +3506,8 @@
|
|||||||
$checked = '';
|
$checked = '';
|
||||||
}
|
}
|
||||||
$var[] = Array(
|
$var[] = Array(
|
||||||
'field' => $GLOBALS['phpgw']->common->grab_owner_name($this->bo->owner).' '.lang('Participates'),
|
'field' => $GLOBALS['phpgw']->common->grab_owner_name($event['owner']/*RB$this->bo->owner*/).' '.lang('Participates'),
|
||||||
'data' => '<input type="checkbox" name="participants[]" value="'.$this->bo->owner.'"'.$checked.'>'
|
'data' => '<input type="checkbox" name="participants[]" value="'.$event['owner'].$event['participants'][$event['owner']]/*RB$this->bo->owner*/.'"'.$checked.'>'
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -3689,7 +3699,7 @@
|
|||||||
$extra = '';
|
$extra = '';
|
||||||
}
|
}
|
||||||
|
|
||||||
if(!$this->bo->printer_friendly && $this->bo->check_perms(PHPGW_ACL_ADD))
|
if(!$this->bo->printer_friendly && $this->bo->rb_check_perms(PHPGW_ACL_ADD))
|
||||||
{
|
{
|
||||||
$new_event = True;
|
$new_event = True;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user