From db2739bbb3b17d4ba93f08e82560a70384fa50cc Mon Sep 17 00:00:00 2001 From: Miles Lott Date: Tue, 13 Feb 2001 03:20:33 +0000 Subject: [PATCH] Update acl code including prefs manager --- addressbook/acl_preferences.php | 131 +++++++++++++++++++------------- addressbook/delete.php | 18 ++--- addressbook/edit.php | 4 +- addressbook/index.php | 21 ++--- addressbook/vcardout.php | 2 +- addressbook/view.php | 9 ++- 6 files changed, 105 insertions(+), 80 deletions(-) diff --git a/addressbook/acl_preferences.php b/addressbook/acl_preferences.php index 72bb7bb353..b2a0f952ed 100755 --- a/addressbook/acl_preferences.php +++ b/addressbook/acl_preferences.php @@ -1,6 +1,6 @@ "addressbook", "enable_nextmatchs_class" => True, "noappheader" => True, "noappfooter" => True); - include("../header.inc.php"); + $phpgw_info['flags'] = array('currentapp' => 'addressbook', 'enable_nextmatchs_class' => True, 'noappheader' => True, 'noappfooter' => True); + include('../header.inc.php'); + + $private_acl = True; + + if($private_acl == True) + { + define(PHPGW_ACL_PRIVATE,16); + } + + function check_acl($label,$id,$acl,$rights,$right) + { + global $phpgw_info, $p; + + $p->set_var($acl,$label.$phpgw_info['flags']['currentapp'].'['.$id.']['.$right.']'); + if ($rights & $right) { + $p->set_var($acl.'_selected',' checked'); + } else { + $p->set_var($acl.'_selected',''); + } + } + function display_row($bg_color,$label,$id,$name) { global $p; global $phpgw; global $phpgw_info; global $acl; + global $private_acl; $p->set_var('row_color',$bg_color); $p->set_var('user',$name); - $rights = $acl->get_rights($label.$id,$phpgw_info["flags"]["currentapp"]); - $p->set_var('read',$label.$phpgw_info["flags"]["currentapp"].'['.$id.']['.PHPGW_ACL_READ.']'); - if ($rights & PHPGW_ACL_READ) { - $p->set_var('read_selected',' checked'); - } else { - $p->set_var('read_selected',''); - } - $p->set_var('add',$label.$phpgw_info["flags"]["currentapp"].'['.$id.']['.PHPGW_ACL_ADD.']'); - if ($rights & PHPGW_ACL_ADD) { - $p->set_var('add_selected',' checked'); - } else { - $p->set_var('add_selected',''); - } - $p->set_var('edit',$label.$phpgw_info["flags"]["currentapp"].'['.$id.']['.PHPGW_ACL_EDIT.']'); - if ($rights & PHPGW_ACL_EDIT) { - $p->set_var('edit_selected',' checked'); - } else { - $p->set_var('edit_selected',''); - } - $p->set_var('delete',$label.$phpgw_info["flags"]["currentapp"].'['.$id.']['.PHPGW_ACL_DELETE.']'); - if ($rights & PHPGW_ACL_DELETE) { - $p->set_var('delete_selected',' checked'); - } else { - $p->set_var('delete_selected',''); + $rights = $acl->get_rights($id,$phpgw_info['flags']['currentapp']); + + check_acl($label,$id,'read',$rights,PHPGW_ACL_READ); + + check_acl($label,$id,'add',$rights,PHPGW_ACL_ADD); + + check_acl($label,$id,'edit',$rights,PHPGW_ACL_EDIT); + + check_acl($label,$id,'delete',$rights,PHPGW_ACL_DELETE); + + if($private_acl == True) + { + check_acl($label,$id,'private',$rights,PHPGW_ACL_PRIVATE); } + $p->parse('row','acl_row',True); } - if(!isset($owner) || !$phpgw_info["user"]["apps"]["admin"]) { - $owner = $phpgw_info["user"]["account_id"]; + if(!isset($owner) || !$phpgw_info['user']['apps']['admin']) { + $owner = $phpgw_info['user']['account_id']; } $groups = $phpgw->accounts->memberships($owner); $acl = CreateObject('phpgwapi.acl',intval($owner)); @@ -60,10 +71,10 @@ if ($submit) { $to_remove = unserialize(urldecode($processed)); for($i=0;$idelete($phpgw_info["flags"]["currentapp"],$to_remove[$i]); + $acl->delete($phpgw_info['flags']['currentapp'],$to_remove[$i]); } // Group records - $group_variable = 'g_'.$phpgw_info["flags"]["currentapp"]; + $group_variable = 'g_'.$phpgw_info['flags']['currentapp']; @reset($$group_variable); while(list($group_id,$acllist) = each($$group_variable)) { @@ -71,11 +82,11 @@ while(list($right,$permission) = each($acllist)) { $totalacl += $right; } - $acl->add($phpgw_info["flags"]["currentapp"],'g_'.$group_id,$totalacl); + $acl->add($phpgw_info['flags']['currentapp'],$group_id,$totalacl); } // User records - $user_variable = 'u_'.$phpgw_info["flags"]["currentapp"]; + $user_variable = 'u_'.$phpgw_info['flags']['currentapp']; @reset($$user_variable); while(list($user_id,$acllist) = each($$user_variable)) { @@ -83,9 +94,9 @@ while(list($right,$permission) = each($acllist)) { $totalacl += $right; } - $acl->add($phpgw_info["flags"]["currentapp"],'u_'.$user_id,$totalacl); + $acl->add($phpgw_info['flags']['currentapp'],$user_id,$totalacl); } - $acl->save_repository(); + $acl->save_repository(); } $processed = Array(); @@ -114,7 +125,7 @@ } if(!isset($maxm)) { - $maxm = $phpgw_info["user"]["preferences"]["common"]["maxmatchs"]; + $maxm = $phpgw_info['user']['preferences']['common']['maxmatchs']; } if(!isset($totalentries)) { @@ -125,17 +136,26 @@ $totalentries += intval($db->f(0)); } - $p = CreateObject('phpgwapi.Template',$phpgw_info["server"]["app_tpl"]); - $p->set_file(array('preferences' => 'preference_acl.tpl', - 'row_colspan' => 'preference_colspan.tpl', - 'acl_row' => 'preference_acl_row.tpl')); + $p = CreateObject('phpgwapi.Template',$phpgw_info['server']['app_tpl']); + if($private_acl == True) + { + $p->set_file(array('preferences' => 'preference_acl.tpl', + 'row_colspan' => 'preference_colspan_private.tpl', + 'acl_row' => 'preference_acl_row_private.tpl')); + } + else + { + $p->set_file(array('preferences' => 'preference_acl.tpl', + 'row_colspan' => 'preference_colspan.tpl', + 'acl_row' => 'preference_acl_row.tpl')); + } // $p->set_var('errors','

This does nothing at this time!
Strictly as a template for use!
'); $p->set_var('errors',''); $p->set_var('title','

'.lang($phpgw_info["flags"]["currentapp"]." preferences").' - '.lang("acl").':

'); $p->set_var('action_url',$phpgw->link('')); - $p->set_var('bg_color',$phpgw_info["theme"]["th_bg"]); + $p->set_var('bg_color',$phpgw_info['theme']['th_bg']); $p->set_var('submit_lang',lang('submit')); $common_hidden_vars = ' '."\n" @@ -148,13 +168,18 @@ $p->set_var('common_hidden_vars_form',$common_hidden_vars); if(isset($query_result) && $query_result) - $common_hidden_vars .= "\n"; + $common_hidden_vars .= ''."\n"; $p->set_var('common_hidden_vars',$common_hidden_vars); $p->set_var(array('read_lang' => lang('Read'), 'add_lang' => lang('Add'), 'edit_lang' => lang('Edit'), 'delete_lang' => lang('Delete'))); + + if($private_acl == True) + { + $p->set_var('private_lang',lang('Private')); + } if(intval($s_groups) <> count($groups)) { $p->set_var('string',lang('Groups')); @@ -165,15 +190,15 @@ $group = $groups[$k]; $go = True; if($query) { - if(!strpos(' '.$group["account_id"].' ',$query)) { + if(!strpos(' '.$group['account_id'].' ',$query)) { $go = False; } } if($go) { $tr_color = $phpgw->nextmatchs->alternate_row_color($tr_color); - display_row($tr_color,'g_',$group["account_id"],$group["account_name"]); + display_row($tr_color,'g_',$group['account_id'],$group['account_name']); $s_groups++; - $processed[] = 'g_'.$group["account_id"]; + $processed[] = $group['account_id']; $total++; if($total == $maxm) break; } @@ -195,17 +220,17 @@ while($db->next_record()) { $go = True; if($query) { - $name = ' '.$db->f("account_firstname").' '.$db->f("account_lastname").' '.$db->f("account_lid").' '; + $name = ' '.$db->f('account_firstname').' '.$db->f('account_lastname').' '.$db->f('account_lid').' '; if(!strpos($name,$query)) { $go = False; } } if($go) { $tr_color = $phpgw->nextmatchs->alternate_row_color($tr_color); - $id = $db->f("account_id"); + $id = $db->f('account_id'); display_row($tr_color,'u_',$id,$phpgw->common->grab_owner_name($id)); $s_users++; - $processed[] = 'u_'.$id; + $processed[] = $id; $total++; if($total == $maxm) break; } @@ -214,13 +239,13 @@ } } - $extra_parms = "&s_users=".$s_users."&s_groups=".$s_groups."&maxm=".$maxm."&totalentries=".$totalentries."&total=".($start + $total)."&owner=".$owner; + $extra_parms = '&s_users='.$s_users.'&s_groups='.$s_groups.'&maxm='.$maxm.'&totalentries='.$totalentries.'&total='.($start + $total).'&owner='.$owner; - $p->set_var("nml",$phpgw->nextmatchs->left("",$start,$totalentries,$extra_parms)); - $p->set_var("nmr",$phpgw->nextmatchs->right("",$start,$totalentries,$extra_parms)); + $p->set_var('nml',$phpgw->nextmatchs->left('',$start,$totalentries,$extra_parms)); + $p->set_var('nmr',$phpgw->nextmatchs->right('',$start,$totalentries,$extra_parms)); - $p->set_var("search_value",(isset($query) && $query?$query:"")); - $p->set_var("search",lang("search")); + $p->set_var('search_value',(isset($query) && $query?$query:'')); + $p->set_var('search',lang('search')); $p->set_var('processed',urlencode(serialize($processed))); $p->pparse('out','preferences'); diff --git a/addressbook/delete.php b/addressbook/delete.php index 2253d3aea3..414bde2911 100755 --- a/addressbook/delete.php +++ b/addressbook/delete.php @@ -17,7 +17,7 @@ } $phpgw_info["flags"]["currentapp"] = "addressbook"; - $phpgw_info["flags"]["enable_addressbook_class"] = True; + $phpgw_info["flags"]["enable_contacts_class"] = True; include("../header.inc.php"); if (! $ab_id) { @@ -25,20 +25,17 @@ } $this = CreateObject("phpgwapi.contacts"); + $fields = $this->read_single_entry($ab_id,array("owner" => "owner")); + $owner = $fields[0]["owner"]; - #$t = new Template($phpgw_info["server"]["app_tpl"]); $t = new Template($phpgw->common->get_tpl_dir("addressbook")); $t->set_file(array("delete" => "delete.tpl")); - $rights = $phpgw->acl->get_rights('u_'.$owner,$phpgw_info["flags"]["currentapp"]); + $rights = $phpgw->acl->get_rights($owner,$phpgw_info["flags"]["currentapp"]); if ( ($rights & PHPGW_ACL_DELETE) || ($owner == $phpgw_info["user"]["account_id"]) ) { + $phpgw->common->phpgw_header(); + echo parse_navbar(); if ($confirm != "true") { - $fields = $this->read($ab_id, array("owner" => $owner)); - - if ($fields["owner"] != $phpgw_info["user"]["account_id"]) { - @Header("Location: " . $phpgw->link($phpgw_info["server"]["webserver_url"] . "/addressbook/")); - } - $t->set_var(lang_sure,lang("Are you sure you want to delete this entry ?")); $t->set_var(no_link,$phpgw->link("view.php","&ab_id=$ab_id&order=$order&sort=$sort&filter=$filter&start=$start&query=$query")); $t->set_var(lang_no,lang("NO")); @@ -50,7 +47,8 @@ } else { $this->account_id=$phpgw_info["user"]["account_id"]; $this->delete($ab_id); - $phpgw->redirect($phpgw->session->link($phpgw_info["server"]["webserver_url"]. "/addressbook/","cd=16&order=$order&sort=$sort&filter=$filter&start=$start&query=$query")); + @Header("Location: " . $phpgw->link($phpgw_info["server"]["webserver_url"]. "/addressbook/","cd=16&order=$order&sort=$sort&filter=$filter&start=$start&query=$query")); + } } else { $phpgw->redirect($phpgw->session->link($phpgw_info["server"]["webserver_url"]. "/addressbook/","cd=16&order=$order&sort=$sort&filter=$filter&start=$start&query=$query")); diff --git a/addressbook/edit.php b/addressbook/edit.php index ec4cac0bad..e51443fec8 100755 --- a/addressbook/edit.php +++ b/addressbook/edit.php @@ -17,7 +17,7 @@ } $phpgw_info["flags"]["currentapp"] = "addressbook"; - $phpgw_info["flags"]["enable_addressbook_class"] = True; + $phpgw_info["flags"]["enable_contacts_class"] = True; include("../header.inc.php"); $t = new Template($phpgw->common->get_tpl_dir("addressbook")); @@ -47,7 +47,7 @@ form("","edit.php","Edit",$fields[0]); } else { //verify edit capabilities - $rights = $phpgw->acl->get_rights('u_'.$owner,$phpgw_info["flags"]["currentapp"]); + $rights = $phpgw->acl->get_rights($owner,$phpgw_info["flags"]["currentapp"]); if ( ($rights & PHPGW_ACL_EDIT) || ($owner == $phpgw_info["user"]["account_id"]) ) { if ($url == "http://") { $url = ""; diff --git a/addressbook/index.php b/addressbook/index.php index 6416f9a504..0dc682bf1c 100755 --- a/addressbook/index.php +++ b/addressbook/index.php @@ -12,17 +12,19 @@ /* $Id$ */ - $phpgw_info["flags"] = array("currentapp" => - "addressbook","enable_contacts_class" => True, - "enable_nextmatchs_class" => True); + $phpgw_info["flags"] = array( + "currentapp" => "addressbook", + "enable_contacts_class" => True, + "enable_nextmatchs_class" => True); + include("../header.inc.php"); - #$t = new Template($phpgw_info["server"]["app_tpl"]); $t = new Template($phpgw->common->get_tpl_dir("addressbook")); - $t->set_file(array( "addressbook_header" => "header.tpl", - "column" => "column.tpl", - "row" => "row.tpl", - "addressbook_footer" => "footer.tpl" )); + $t->set_file(array( + "addressbook_header" => "header.tpl", + "column" => "column.tpl", + "row" => "row.tpl", + "addressbook_footer" => "footer.tpl" )); $this = CreateObject("phpgwapi.contacts"); @@ -50,7 +52,6 @@ $offset = 30; } - // insert acl stuff here in lieu of old access perms // following sets up the filter for read, then restores the filter string for later checking if ($filter == "none") { $filter = ""; } $savefilter = $filter; @@ -108,7 +109,7 @@ // Show the entries for ($i=0;$iacl->get_rights('u_'.$entries[$i]["owner"],$phpgw_info["flags"]["currentapp"]); + $rights = $phpgw->acl->get_rights($entries[$i]["owner"],$phpgw_info["flags"]["currentapp"]); if ( ($rights & PHPGW_ACL_READ) || ($entries[$i]["owner"] == $phpgw_info["user"]["account_id"]) ) { //if ( ($entries[$i]["access"] == $filter) || // ($entries[$i]["access"] == "," . $filter . ",") || diff --git a/addressbook/vcardout.php b/addressbook/vcardout.php index 7a1f9fafec..2f91472cbc 100644 --- a/addressbook/vcardout.php +++ b/addressbook/vcardout.php @@ -34,7 +34,7 @@ $fields = $this->read_single_entry($ab_id,$this->stock_contact_fields); - $rights = $phpgw->acl->get_rights('u_'.$fields[0]["owner"],$phpgw_info["flags"]["currentapp"]); + $rights = $phpgw->acl->get_rights($fields[0]["owner"],$phpgw_info["flags"]["currentapp"]); if ( ($rights & PHPGW_ACL_READ) || ($fields[0]["owner"] == $phpgw_info["user"]["account_id"]) ) { $email = $fields[0]["d_email"]; diff --git a/addressbook/view.php b/addressbook/view.php index 3bff5edbb7..5023d113c0 100755 --- a/addressbook/view.php +++ b/addressbook/view.php @@ -16,9 +16,10 @@ $phpgw_info["flags"] = array("noheader" => True, "nonavbar" => True); } - $phpgw_info["flags"] = array("currentapp" => "addressbook", - "enable_contacts_class" => True, - "enable_nextmatchs_class" => True); + $phpgw_info["flags"] = array( + "currentapp" => "addressbook", + "enable_contacts_class" => True, + "enable_nextmatchs_class" => True); include("../header.inc.php"); @@ -53,7 +54,7 @@ $owner = $fields[0]["owner"]; - $rights = $phpgw->acl->get_rights('u_'.$owner,$phpgw_info["flags"]["currentapp"]); + $rights = $phpgw->acl->get_rights($owner,$phpgw_info["flags"]["currentapp"]); if ( ($rights & PHPGW_ACL_READ) || ($owner == $phpgw_info["user"]["account_id"]) ) { $view_header = "

 " . lang("Address book - view") . "

";