mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-22 23:00:56 +01:00
Update acl code including prefs manager
This commit is contained in:
parent
6af32de6f0
commit
db2739bbb3
@ -1,6 +1,6 @@
|
||||
<?php
|
||||
/**************************************************************************\
|
||||
* phpGroupWare - Calendar *
|
||||
* phpGroupWare - Addressbook *
|
||||
* http://www.phpgroupware.org *
|
||||
* -------------------------------------------- *
|
||||
* This program is free software; you can redistribute it and/or modify it *
|
||||
@ -11,47 +11,58 @@
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
$phpgw_info["flags"] = array("currentapp" => "addressbook", "enable_nextmatchs_class" => True, "noappheader" => True, "noappfooter" => True);
|
||||
include("../header.inc.php");
|
||||
$phpgw_info['flags'] = array('currentapp' => 'addressbook', 'enable_nextmatchs_class' => True, 'noappheader' => True, 'noappfooter' => True);
|
||||
include('../header.inc.php');
|
||||
|
||||
$private_acl = True;
|
||||
|
||||
if($private_acl == True)
|
||||
{
|
||||
define(PHPGW_ACL_PRIVATE,16);
|
||||
}
|
||||
|
||||
function check_acl($label,$id,$acl,$rights,$right)
|
||||
{
|
||||
global $phpgw_info, $p;
|
||||
|
||||
$p->set_var($acl,$label.$phpgw_info['flags']['currentapp'].'['.$id.']['.$right.']');
|
||||
if ($rights & $right) {
|
||||
$p->set_var($acl.'_selected',' checked');
|
||||
} else {
|
||||
$p->set_var($acl.'_selected','');
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
function display_row($bg_color,$label,$id,$name) {
|
||||
global $p;
|
||||
global $phpgw;
|
||||
global $phpgw_info;
|
||||
global $acl;
|
||||
global $private_acl;
|
||||
|
||||
$p->set_var('row_color',$bg_color);
|
||||
$p->set_var('user',$name);
|
||||
$rights = $acl->get_rights($label.$id,$phpgw_info["flags"]["currentapp"]);
|
||||
$p->set_var('read',$label.$phpgw_info["flags"]["currentapp"].'['.$id.']['.PHPGW_ACL_READ.']');
|
||||
if ($rights & PHPGW_ACL_READ) {
|
||||
$p->set_var('read_selected',' checked');
|
||||
} else {
|
||||
$p->set_var('read_selected','');
|
||||
}
|
||||
$p->set_var('add',$label.$phpgw_info["flags"]["currentapp"].'['.$id.']['.PHPGW_ACL_ADD.']');
|
||||
if ($rights & PHPGW_ACL_ADD) {
|
||||
$p->set_var('add_selected',' checked');
|
||||
} else {
|
||||
$p->set_var('add_selected','');
|
||||
}
|
||||
$p->set_var('edit',$label.$phpgw_info["flags"]["currentapp"].'['.$id.']['.PHPGW_ACL_EDIT.']');
|
||||
if ($rights & PHPGW_ACL_EDIT) {
|
||||
$p->set_var('edit_selected',' checked');
|
||||
} else {
|
||||
$p->set_var('edit_selected','');
|
||||
}
|
||||
$p->set_var('delete',$label.$phpgw_info["flags"]["currentapp"].'['.$id.']['.PHPGW_ACL_DELETE.']');
|
||||
if ($rights & PHPGW_ACL_DELETE) {
|
||||
$p->set_var('delete_selected',' checked');
|
||||
} else {
|
||||
$p->set_var('delete_selected','');
|
||||
$rights = $acl->get_rights($id,$phpgw_info['flags']['currentapp']);
|
||||
|
||||
check_acl($label,$id,'read',$rights,PHPGW_ACL_READ);
|
||||
|
||||
check_acl($label,$id,'add',$rights,PHPGW_ACL_ADD);
|
||||
|
||||
check_acl($label,$id,'edit',$rights,PHPGW_ACL_EDIT);
|
||||
|
||||
check_acl($label,$id,'delete',$rights,PHPGW_ACL_DELETE);
|
||||
|
||||
if($private_acl == True)
|
||||
{
|
||||
check_acl($label,$id,'private',$rights,PHPGW_ACL_PRIVATE);
|
||||
}
|
||||
|
||||
$p->parse('row','acl_row',True);
|
||||
}
|
||||
|
||||
if(!isset($owner) || !$phpgw_info["user"]["apps"]["admin"]) {
|
||||
$owner = $phpgw_info["user"]["account_id"];
|
||||
if(!isset($owner) || !$phpgw_info['user']['apps']['admin']) {
|
||||
$owner = $phpgw_info['user']['account_id'];
|
||||
}
|
||||
$groups = $phpgw->accounts->memberships($owner);
|
||||
$acl = CreateObject('phpgwapi.acl',intval($owner));
|
||||
@ -60,10 +71,10 @@
|
||||
if ($submit) {
|
||||
$to_remove = unserialize(urldecode($processed));
|
||||
for($i=0;$i<count($to_remove);$i++) {
|
||||
$acl->delete($phpgw_info["flags"]["currentapp"],$to_remove[$i]);
|
||||
$acl->delete($phpgw_info['flags']['currentapp'],$to_remove[$i]);
|
||||
}
|
||||
// Group records
|
||||
$group_variable = 'g_'.$phpgw_info["flags"]["currentapp"];
|
||||
$group_variable = 'g_'.$phpgw_info['flags']['currentapp'];
|
||||
|
||||
@reset($$group_variable);
|
||||
while(list($group_id,$acllist) = each($$group_variable)) {
|
||||
@ -71,11 +82,11 @@
|
||||
while(list($right,$permission) = each($acllist)) {
|
||||
$totalacl += $right;
|
||||
}
|
||||
$acl->add($phpgw_info["flags"]["currentapp"],'g_'.$group_id,$totalacl);
|
||||
$acl->add($phpgw_info['flags']['currentapp'],$group_id,$totalacl);
|
||||
}
|
||||
|
||||
// User records
|
||||
$user_variable = 'u_'.$phpgw_info["flags"]["currentapp"];
|
||||
$user_variable = 'u_'.$phpgw_info['flags']['currentapp'];
|
||||
|
||||
@reset($$user_variable);
|
||||
while(list($user_id,$acllist) = each($$user_variable)) {
|
||||
@ -83,9 +94,9 @@
|
||||
while(list($right,$permission) = each($acllist)) {
|
||||
$totalacl += $right;
|
||||
}
|
||||
$acl->add($phpgw_info["flags"]["currentapp"],'u_'.$user_id,$totalacl);
|
||||
$acl->add($phpgw_info['flags']['currentapp'],$user_id,$totalacl);
|
||||
}
|
||||
$acl->save_repository();
|
||||
$acl->save_repository();
|
||||
}
|
||||
|
||||
$processed = Array();
|
||||
@ -114,7 +125,7 @@
|
||||
}
|
||||
|
||||
if(!isset($maxm)) {
|
||||
$maxm = $phpgw_info["user"]["preferences"]["common"]["maxmatchs"];
|
||||
$maxm = $phpgw_info['user']['preferences']['common']['maxmatchs'];
|
||||
}
|
||||
|
||||
if(!isset($totalentries)) {
|
||||
@ -125,17 +136,26 @@
|
||||
$totalentries += intval($db->f(0));
|
||||
}
|
||||
|
||||
$p = CreateObject('phpgwapi.Template',$phpgw_info["server"]["app_tpl"]);
|
||||
$p->set_file(array('preferences' => 'preference_acl.tpl',
|
||||
'row_colspan' => 'preference_colspan.tpl',
|
||||
'acl_row' => 'preference_acl_row.tpl'));
|
||||
$p = CreateObject('phpgwapi.Template',$phpgw_info['server']['app_tpl']);
|
||||
if($private_acl == True)
|
||||
{
|
||||
$p->set_file(array('preferences' => 'preference_acl.tpl',
|
||||
'row_colspan' => 'preference_colspan_private.tpl',
|
||||
'acl_row' => 'preference_acl_row_private.tpl'));
|
||||
}
|
||||
else
|
||||
{
|
||||
$p->set_file(array('preferences' => 'preference_acl.tpl',
|
||||
'row_colspan' => 'preference_colspan.tpl',
|
||||
'acl_row' => 'preference_acl_row.tpl'));
|
||||
}
|
||||
|
||||
// $p->set_var('errors','<p><center><b>This does nothing at this time!<br>Strictly as a template for use!</b></center>');
|
||||
$p->set_var('errors','');
|
||||
$p->set_var('title','<p><b>'.lang($phpgw_info["flags"]["currentapp"]." preferences").' - '.lang("acl").':</b><hr><p>');
|
||||
|
||||
$p->set_var('action_url',$phpgw->link(''));
|
||||
$p->set_var('bg_color',$phpgw_info["theme"]["th_bg"]);
|
||||
$p->set_var('bg_color',$phpgw_info['theme']['th_bg']);
|
||||
$p->set_var('submit_lang',lang('submit'));
|
||||
|
||||
$common_hidden_vars = ' <input type="hidden" name="s_groups" value="'.$s_groups.'">'."\n"
|
||||
@ -148,13 +168,18 @@
|
||||
$p->set_var('common_hidden_vars_form',$common_hidden_vars);
|
||||
|
||||
if(isset($query_result) && $query_result)
|
||||
$common_hidden_vars .= "<input type=\"hidden\" name=\"query_result\" value=\"".$query_result."\">\n";
|
||||
$common_hidden_vars .= '<input type="hidden" name="query_result" value="'.$query_result.'">'."\n";
|
||||
|
||||
$p->set_var('common_hidden_vars',$common_hidden_vars);
|
||||
$p->set_var(array('read_lang' => lang('Read'),
|
||||
'add_lang' => lang('Add'),
|
||||
'edit_lang' => lang('Edit'),
|
||||
'delete_lang' => lang('Delete')));
|
||||
|
||||
if($private_acl == True)
|
||||
{
|
||||
$p->set_var('private_lang',lang('Private'));
|
||||
}
|
||||
|
||||
if(intval($s_groups) <> count($groups)) {
|
||||
$p->set_var('string',lang('Groups'));
|
||||
@ -165,15 +190,15 @@
|
||||
$group = $groups[$k];
|
||||
$go = True;
|
||||
if($query) {
|
||||
if(!strpos(' '.$group["account_id"].' ',$query)) {
|
||||
if(!strpos(' '.$group['account_id'].' ',$query)) {
|
||||
$go = False;
|
||||
}
|
||||
}
|
||||
if($go) {
|
||||
$tr_color = $phpgw->nextmatchs->alternate_row_color($tr_color);
|
||||
display_row($tr_color,'g_',$group["account_id"],$group["account_name"]);
|
||||
display_row($tr_color,'g_',$group['account_id'],$group['account_name']);
|
||||
$s_groups++;
|
||||
$processed[] = 'g_'.$group["account_id"];
|
||||
$processed[] = $group['account_id'];
|
||||
$total++;
|
||||
if($total == $maxm) break;
|
||||
}
|
||||
@ -195,17 +220,17 @@
|
||||
while($db->next_record()) {
|
||||
$go = True;
|
||||
if($query) {
|
||||
$name = ' '.$db->f("account_firstname").' '.$db->f("account_lastname").' '.$db->f("account_lid").' ';
|
||||
$name = ' '.$db->f('account_firstname').' '.$db->f('account_lastname').' '.$db->f('account_lid').' ';
|
||||
if(!strpos($name,$query)) {
|
||||
$go = False;
|
||||
}
|
||||
}
|
||||
if($go) {
|
||||
$tr_color = $phpgw->nextmatchs->alternate_row_color($tr_color);
|
||||
$id = $db->f("account_id");
|
||||
$id = $db->f('account_id');
|
||||
display_row($tr_color,'u_',$id,$phpgw->common->grab_owner_name($id));
|
||||
$s_users++;
|
||||
$processed[] = 'u_'.$id;
|
||||
$processed[] = $id;
|
||||
$total++;
|
||||
if($total == $maxm) break;
|
||||
}
|
||||
@ -214,13 +239,13 @@
|
||||
}
|
||||
}
|
||||
|
||||
$extra_parms = "&s_users=".$s_users."&s_groups=".$s_groups."&maxm=".$maxm."&totalentries=".$totalentries."&total=".($start + $total)."&owner=".$owner;
|
||||
$extra_parms = '&s_users='.$s_users.'&s_groups='.$s_groups.'&maxm='.$maxm.'&totalentries='.$totalentries.'&total='.($start + $total).'&owner='.$owner;
|
||||
|
||||
$p->set_var("nml",$phpgw->nextmatchs->left("",$start,$totalentries,$extra_parms));
|
||||
$p->set_var("nmr",$phpgw->nextmatchs->right("",$start,$totalentries,$extra_parms));
|
||||
$p->set_var('nml',$phpgw->nextmatchs->left('',$start,$totalentries,$extra_parms));
|
||||
$p->set_var('nmr',$phpgw->nextmatchs->right('',$start,$totalentries,$extra_parms));
|
||||
|
||||
$p->set_var("search_value",(isset($query) && $query?$query:""));
|
||||
$p->set_var("search",lang("search"));
|
||||
$p->set_var('search_value',(isset($query) && $query?$query:''));
|
||||
$p->set_var('search',lang('search'));
|
||||
|
||||
$p->set_var('processed',urlencode(serialize($processed)));
|
||||
$p->pparse('out','preferences');
|
||||
|
@ -17,7 +17,7 @@
|
||||
}
|
||||
|
||||
$phpgw_info["flags"]["currentapp"] = "addressbook";
|
||||
$phpgw_info["flags"]["enable_addressbook_class"] = True;
|
||||
$phpgw_info["flags"]["enable_contacts_class"] = True;
|
||||
include("../header.inc.php");
|
||||
|
||||
if (! $ab_id) {
|
||||
@ -25,20 +25,17 @@
|
||||
}
|
||||
|
||||
$this = CreateObject("phpgwapi.contacts");
|
||||
$fields = $this->read_single_entry($ab_id,array("owner" => "owner"));
|
||||
$owner = $fields[0]["owner"];
|
||||
|
||||
#$t = new Template($phpgw_info["server"]["app_tpl"]);
|
||||
$t = new Template($phpgw->common->get_tpl_dir("addressbook"));
|
||||
$t->set_file(array("delete" => "delete.tpl"));
|
||||
|
||||
$rights = $phpgw->acl->get_rights('u_'.$owner,$phpgw_info["flags"]["currentapp"]);
|
||||
$rights = $phpgw->acl->get_rights($owner,$phpgw_info["flags"]["currentapp"]);
|
||||
if ( ($rights & PHPGW_ACL_DELETE) || ($owner == $phpgw_info["user"]["account_id"]) ) {
|
||||
$phpgw->common->phpgw_header();
|
||||
echo parse_navbar();
|
||||
if ($confirm != "true") {
|
||||
$fields = $this->read($ab_id, array("owner" => $owner));
|
||||
|
||||
if ($fields["owner"] != $phpgw_info["user"]["account_id"]) {
|
||||
@Header("Location: " . $phpgw->link($phpgw_info["server"]["webserver_url"] . "/addressbook/"));
|
||||
}
|
||||
|
||||
$t->set_var(lang_sure,lang("Are you sure you want to delete this entry ?"));
|
||||
$t->set_var(no_link,$phpgw->link("view.php","&ab_id=$ab_id&order=$order&sort=$sort&filter=$filter&start=$start&query=$query"));
|
||||
$t->set_var(lang_no,lang("NO"));
|
||||
@ -50,7 +47,8 @@
|
||||
} else {
|
||||
$this->account_id=$phpgw_info["user"]["account_id"];
|
||||
$this->delete($ab_id);
|
||||
$phpgw->redirect($phpgw->session->link($phpgw_info["server"]["webserver_url"]. "/addressbook/","cd=16&order=$order&sort=$sort&filter=$filter&start=$start&query=$query"));
|
||||
@Header("Location: " . $phpgw->link($phpgw_info["server"]["webserver_url"]. "/addressbook/","cd=16&order=$order&sort=$sort&filter=$filter&start=$start&query=$query"));
|
||||
|
||||
}
|
||||
} else {
|
||||
$phpgw->redirect($phpgw->session->link($phpgw_info["server"]["webserver_url"]. "/addressbook/","cd=16&order=$order&sort=$sort&filter=$filter&start=$start&query=$query"));
|
||||
|
@ -17,7 +17,7 @@
|
||||
}
|
||||
|
||||
$phpgw_info["flags"]["currentapp"] = "addressbook";
|
||||
$phpgw_info["flags"]["enable_addressbook_class"] = True;
|
||||
$phpgw_info["flags"]["enable_contacts_class"] = True;
|
||||
include("../header.inc.php");
|
||||
|
||||
$t = new Template($phpgw->common->get_tpl_dir("addressbook"));
|
||||
@ -47,7 +47,7 @@
|
||||
form("","edit.php","Edit",$fields[0]);
|
||||
} else {
|
||||
//verify edit capabilities
|
||||
$rights = $phpgw->acl->get_rights('u_'.$owner,$phpgw_info["flags"]["currentapp"]);
|
||||
$rights = $phpgw->acl->get_rights($owner,$phpgw_info["flags"]["currentapp"]);
|
||||
if ( ($rights & PHPGW_ACL_EDIT) || ($owner == $phpgw_info["user"]["account_id"]) ) {
|
||||
if ($url == "http://") {
|
||||
$url = "";
|
||||
|
@ -12,17 +12,19 @@
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
$phpgw_info["flags"] = array("currentapp" =>
|
||||
"addressbook","enable_contacts_class" => True,
|
||||
"enable_nextmatchs_class" => True);
|
||||
$phpgw_info["flags"] = array(
|
||||
"currentapp" => "addressbook",
|
||||
"enable_contacts_class" => True,
|
||||
"enable_nextmatchs_class" => True);
|
||||
|
||||
include("../header.inc.php");
|
||||
|
||||
#$t = new Template($phpgw_info["server"]["app_tpl"]);
|
||||
$t = new Template($phpgw->common->get_tpl_dir("addressbook"));
|
||||
$t->set_file(array( "addressbook_header" => "header.tpl",
|
||||
"column" => "column.tpl",
|
||||
"row" => "row.tpl",
|
||||
"addressbook_footer" => "footer.tpl" ));
|
||||
$t->set_file(array(
|
||||
"addressbook_header" => "header.tpl",
|
||||
"column" => "column.tpl",
|
||||
"row" => "row.tpl",
|
||||
"addressbook_footer" => "footer.tpl" ));
|
||||
|
||||
$this = CreateObject("phpgwapi.contacts");
|
||||
|
||||
@ -50,7 +52,6 @@
|
||||
$offset = 30;
|
||||
}
|
||||
|
||||
// insert acl stuff here in lieu of old access perms
|
||||
// following sets up the filter for read, then restores the filter string for later checking
|
||||
if ($filter == "none") { $filter = ""; }
|
||||
$savefilter = $filter;
|
||||
@ -108,7 +109,7 @@
|
||||
|
||||
// Show the entries
|
||||
for ($i=0;$i<count($entries);$i++) { // each entry
|
||||
$rights = $phpgw->acl->get_rights('u_'.$entries[$i]["owner"],$phpgw_info["flags"]["currentapp"]);
|
||||
$rights = $phpgw->acl->get_rights($entries[$i]["owner"],$phpgw_info["flags"]["currentapp"]);
|
||||
if ( ($rights & PHPGW_ACL_READ) || ($entries[$i]["owner"] == $phpgw_info["user"]["account_id"]) ) {
|
||||
//if ( ($entries[$i]["access"] == $filter) ||
|
||||
// ($entries[$i]["access"] == "," . $filter . ",") ||
|
||||
|
@ -34,7 +34,7 @@
|
||||
|
||||
$fields = $this->read_single_entry($ab_id,$this->stock_contact_fields);
|
||||
|
||||
$rights = $phpgw->acl->get_rights('u_'.$fields[0]["owner"],$phpgw_info["flags"]["currentapp"]);
|
||||
$rights = $phpgw->acl->get_rights($fields[0]["owner"],$phpgw_info["flags"]["currentapp"]);
|
||||
if ( ($rights & PHPGW_ACL_READ) || ($fields[0]["owner"] == $phpgw_info["user"]["account_id"]) ) {
|
||||
|
||||
$email = $fields[0]["d_email"];
|
||||
|
@ -16,9 +16,10 @@
|
||||
$phpgw_info["flags"] = array("noheader" => True, "nonavbar" => True);
|
||||
}
|
||||
|
||||
$phpgw_info["flags"] = array("currentapp" => "addressbook",
|
||||
"enable_contacts_class" => True,
|
||||
"enable_nextmatchs_class" => True);
|
||||
$phpgw_info["flags"] = array(
|
||||
"currentapp" => "addressbook",
|
||||
"enable_contacts_class" => True,
|
||||
"enable_nextmatchs_class" => True);
|
||||
|
||||
include("../header.inc.php");
|
||||
|
||||
@ -53,7 +54,7 @@
|
||||
|
||||
$owner = $fields[0]["owner"];
|
||||
|
||||
$rights = $phpgw->acl->get_rights('u_'.$owner,$phpgw_info["flags"]["currentapp"]);
|
||||
$rights = $phpgw->acl->get_rights($owner,$phpgw_info["flags"]["currentapp"]);
|
||||
if ( ($rights & PHPGW_ACL_READ) || ($owner == $phpgw_info["user"]["account_id"]) ) {
|
||||
|
||||
$view_header = "<p> <b>" . lang("Address book - view") . "</b><hr><p>";
|
||||
|
Loading…
Reference in New Issue
Block a user