mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-11-25 09:23:28 +01:00
Hopefully a fix for acl issues, and the strip_html loop
This commit is contained in:
parent
bd30af4d61
commit
de68820130
@ -23,6 +23,51 @@
|
||||
'add_email' => True,
|
||||
'update_entry' => True
|
||||
);
|
||||
var $soap_functions = array(
|
||||
'read_entries' => array(
|
||||
'in' => array(
|
||||
'int',
|
||||
'int',
|
||||
'struct',
|
||||
'string',
|
||||
'int'
|
||||
),
|
||||
'out' => array(
|
||||
'array'
|
||||
)
|
||||
),
|
||||
'read_entry' => array(
|
||||
'in' => array(
|
||||
'int',
|
||||
'struct'
|
||||
),
|
||||
'out' => array(
|
||||
'array'
|
||||
)
|
||||
),
|
||||
'read_last_entry' => array(
|
||||
'in' => array(
|
||||
'struct'
|
||||
),
|
||||
'out' => array(
|
||||
'array'
|
||||
)
|
||||
),
|
||||
'add_entry' => array(
|
||||
'in' => array(
|
||||
'int',
|
||||
'struct'
|
||||
),
|
||||
'out' => array()
|
||||
),
|
||||
'update_entry' => array(
|
||||
'in' => array(
|
||||
'int',
|
||||
'struct'
|
||||
),
|
||||
'out' => array()
|
||||
)
|
||||
);
|
||||
|
||||
var $debug = False;
|
||||
|
||||
@ -43,6 +88,8 @@
|
||||
global $phpgw;
|
||||
|
||||
$this->so = CreateObject('addressbook.soaddressbook');
|
||||
$this->rights = $this->so->rights;
|
||||
$this->grants = $this->so->grants;
|
||||
|
||||
if($session)
|
||||
{
|
||||
@ -94,28 +141,38 @@
|
||||
{
|
||||
global $phpgw;
|
||||
|
||||
if ($dirty == ''){$dirty = array();}
|
||||
if ($dirty == '')
|
||||
{
|
||||
$dirty = array();
|
||||
}
|
||||
for($i=0;$i<count($dirty);$i++)
|
||||
{
|
||||
while (list($name,$value) = each($dirty[$i]))
|
||||
if(gettype($dirty[$i]) == 'array')
|
||||
{
|
||||
$cleaned[$i][$name] = $phpgw->strip_html($dirty[$i][$name]);
|
||||
while (list($name,$value) = @each($dirty[$i]))
|
||||
{
|
||||
$cleaned[$i][$name] = $phpgw->strip_html($dirty[$i][$name]);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
$cleaned[$i] == $phpgw->strip_html($dirty[$i]);
|
||||
}
|
||||
}
|
||||
return $cleaned;
|
||||
}
|
||||
|
||||
function read_entries($start,$limit,$qcols,$qfilter,$userid='')
|
||||
function read_entries($start,$limit,$qcols,$qfilter)
|
||||
{
|
||||
$entries = $this->so->read_entries($start,$limit,$qcols,$this->query,$qfilter,$this->sort,$this->order,$userid);
|
||||
$entries = $this->so->read_entries($start,$limit,$qcols,$this->query,$qfilter,$this->sort,$this->order);
|
||||
$this->total = $this->so->contacts->total_records;
|
||||
if($this->debug) { echo '<br>Total records="' . $this->total . '"'; }
|
||||
return $this->strip_html($entries);
|
||||
}
|
||||
|
||||
function read_entry($id,$fields,$userid='')
|
||||
function read_entry($id,$fields)
|
||||
{
|
||||
$entry = $this->so->read_entry($id,$fields,$userid);
|
||||
$entry = $this->so->read_entry($id,$fields);
|
||||
return $this->strip_html($entry);
|
||||
}
|
||||
|
||||
@ -152,7 +209,11 @@
|
||||
$vcard = CreateObject('phpgwapi.vcard');
|
||||
$entry = $vcard->in_file($filename);
|
||||
/* _debug_array($entry);exit; */
|
||||
$this->so->add_entry($phpgw_info['user']['account_id'],$entry,'private','','n');
|
||||
$entry['owner'] = $phpgw_info['user']['account_id'];
|
||||
$entry['access'] = 'private';
|
||||
$entry['tid'] = 'n';
|
||||
/* _debug_array($entry);exit; */
|
||||
$this->so->add_entry($entry);
|
||||
$ab_id = $this->get_lastid();
|
||||
|
||||
/* Delete the temp file. */
|
||||
@ -189,33 +250,9 @@
|
||||
. $phpgw->link('/index.php',"menuaction=addressbook.uiaddressbook.view&ab_id=$ab_id&referer=$referer"));
|
||||
}
|
||||
|
||||
function OLDcopy_entry($ab_id)
|
||||
function add_entry($fields)
|
||||
{
|
||||
global $phpgw,$phpgw_info;
|
||||
|
||||
$addnew = $this->read_entry($ab_id,$this->so->contacts->stock_contact_fields,$phpgw_info['user']['account_id']);
|
||||
|
||||
$addnew[0]['note'] .= "\nCopied from ".$phpgw->accounts->id2name($addnew[0]['owner']).", record #".$addnew[0]['id'].".";
|
||||
$addnew[0]['owner'] = $phpgw_info['user']['account_id'];
|
||||
$addnew[0]['id'] = '';
|
||||
$fields = $addnew[0];
|
||||
|
||||
if ($addnew['tid'])
|
||||
{
|
||||
$this->so->add_entry($fields['owner'],$fields,$fields['access'],$fields['cat_id'],$fields['tid']);
|
||||
}
|
||||
else
|
||||
{
|
||||
$this->so->add_entry($fields['owner'],$fields,$fields['access'],$fields['cat_id']);
|
||||
}
|
||||
|
||||
$ab_id = $this->get_lastid();
|
||||
Header("Location: " . $phpgw->link('/index.php',"menuaction=addressbook.uiaddressbook.edit&ab_id=$ab_id"));
|
||||
}
|
||||
|
||||
function add_entry($userid,$fields)
|
||||
{
|
||||
return $this->so->add_entry($userid,$fields);
|
||||
return $this->so->add_entry($fields);
|
||||
}
|
||||
|
||||
function get_lastid()
|
||||
@ -223,9 +260,9 @@
|
||||
return $this->so->get_lastid();
|
||||
}
|
||||
|
||||
function update_entry($userid,$fields)
|
||||
function update_entry($fields)
|
||||
{
|
||||
return $this->so->update_entry($userid,$fields);
|
||||
return $this->so->update_entry($fields);
|
||||
}
|
||||
|
||||
function delete_entry($ab_id)
|
||||
@ -239,7 +276,7 @@
|
||||
$phpgw->preferences->read_repository();
|
||||
if (is_array($prefs))
|
||||
{
|
||||
/* _debug_array($prefs);exit; */
|
||||
/* _debug_array($prefs);exit; */
|
||||
while (list($pref,$x) = each($qfields))
|
||||
{
|
||||
/* echo '<br>checking: ' . $pref . '=' . $prefs[$pref]; */
|
||||
|
@ -16,12 +16,36 @@
|
||||
{
|
||||
var $contacts;
|
||||
var $rights;
|
||||
var $grants;
|
||||
var $owner;
|
||||
|
||||
function soaddressbook()
|
||||
{
|
||||
global $rights;
|
||||
global $phpgw,$phpgw_info,$owner;
|
||||
|
||||
if(!isset($owner)) { $owner = 0; }
|
||||
|
||||
$grants = $phpgw->acl->get_grants('addressbook');
|
||||
if(!isset($owner) || !$owner)
|
||||
{
|
||||
$owner = $phpgw_info['user']['account_id'];
|
||||
$rights = PHPGW_ACL_READ + PHPGW_ACL_ADD + PHPGW_ACL_EDIT + PHPGW_ACL_DELETE + 16;
|
||||
}
|
||||
else
|
||||
{
|
||||
if($grants[$owner])
|
||||
{
|
||||
$rights = $grants[$owner];
|
||||
if (!($rights & PHPGW_ACL_READ))
|
||||
{
|
||||
$owner = $phpgw_info['user']['account_id'];
|
||||
$rights = PHPGW_ACL_READ + PHPGW_ACL_ADD + PHPGW_ACL_EDIT + PHPGW_ACL_DELETE + 16;
|
||||
}
|
||||
}
|
||||
}
|
||||
$this->rights = $rights;
|
||||
$this->grants = $grants;
|
||||
$this->owner = $owner;
|
||||
}
|
||||
|
||||
function makeobj()
|
||||
@ -49,7 +73,7 @@
|
||||
}
|
||||
else
|
||||
{
|
||||
$rtrn = array('No access' => 'No access');
|
||||
$rtrn = array(0 => array('No access' => 'No access'));
|
||||
return $rtrn;
|
||||
}
|
||||
}
|
||||
|
@ -73,7 +73,7 @@
|
||||
$this->filter = $this->bo->filter;
|
||||
$this->cat_id = $this->bo->cat_id;
|
||||
if($this->debug) { $this->_debug_sqsof(); }
|
||||
/* _debug_array($this); */
|
||||
/* _debug_array($this); */
|
||||
}
|
||||
|
||||
function _debug_sqsof()
|
||||
@ -416,7 +416,7 @@
|
||||
else
|
||||
{
|
||||
/* read the entry list */
|
||||
$entries = $this->bo->read_entries($this->start,$this->limit,$columns_to_display,$qfilter,$userid);
|
||||
$entries = $this->bo->read_entries($this->start,$this->limit,$columns_to_display,$qfilter);
|
||||
$total_records = $this->bo->total;
|
||||
}
|
||||
|
||||
@ -609,7 +609,7 @@
|
||||
$referer = urlencode($fields['referer']);
|
||||
unset($fields['referer']);
|
||||
|
||||
$this->bo->add_entry($phpgw_info['user']['account_id'],$fields);
|
||||
$this->bo->add_entry($fields);
|
||||
|
||||
$ab_id = $this->bo->get_lastid();
|
||||
|
||||
@ -656,7 +656,7 @@
|
||||
$referer = urlencode($fields['referer']);
|
||||
unset($fields['referer']);
|
||||
|
||||
$this->bo->update_entry($userid,$fields);
|
||||
$this->bo->update_entry($fields);
|
||||
|
||||
Header("Location: "
|
||||
. $phpgw->link('/index.php',"menuaction=addressbook.uiaddressbook.view&ab_id=" . $fields['ab_id'] . "&referer=$referer"));
|
||||
@ -755,8 +755,9 @@
|
||||
{
|
||||
global $phpgw,$phpgw_info,$ab_id,$submit,$referer;
|
||||
|
||||
// First, make sure they have permission to this entry
|
||||
/* First, make sure they have permission to this entry */
|
||||
$check = $this->bo->read_entry($ab_id,array('owner' => 'owner'));
|
||||
|
||||
$perms = $this->contacts->check_perms($this->contacts->grants[$check[0]['owner']],PHPGW_ACL_READ);
|
||||
|
||||
if ( (!$perms) && ($check[0]['owner'] != $phpgw_info['user']['account_id']) )
|
||||
@ -793,7 +794,7 @@
|
||||
}
|
||||
}
|
||||
|
||||
// No prefs?
|
||||
/* No prefs? */
|
||||
if (!$columns_to_display )
|
||||
{
|
||||
$columns_to_display = array(
|
||||
@ -949,7 +950,7 @@
|
||||
|
||||
if (!$catname) { $catname = lang('none'); }
|
||||
|
||||
// These are in the footer
|
||||
/* These are in the footer */
|
||||
$this->template->set_var('lang_owner',lang('Record owner'));
|
||||
$this->template->set_var('owner',$phpgw->common->grab_owner_name($record_owner));
|
||||
$this->template->set_var('lang_access',lang('Record access'));
|
||||
@ -1040,11 +1041,11 @@
|
||||
|
||||
while (list($col, $descr) = each($qfields))
|
||||
{
|
||||
// echo "<br>test: $col - $i $j - " . count($abc);
|
||||
/* echo "<br>test: $col - $i $j - " . count($abc); */
|
||||
$i++; $j++;
|
||||
$showcol = $this->display_name($col);
|
||||
if (!$showcol) { $showcol = $col; }
|
||||
// yank the *'s prior to testing for a valid column description
|
||||
/* yank the *'s prior to testing for a valid column description */
|
||||
$coltest = ereg_replace("\*","",$showcol);
|
||||
if ($coltest)
|
||||
{
|
||||
@ -1384,7 +1385,7 @@
|
||||
|
||||
if ($format != "view")
|
||||
{
|
||||
// Preferred phone number radio buttons
|
||||
/* Preferred phone number radio buttons */
|
||||
$pref[0] = '<font size="-2">';
|
||||
$pref[1] = '(' . lang('pref') . ')</font>';
|
||||
while (list($name,$val) = each($this->contacts->tel_types))
|
||||
@ -1674,6 +1675,6 @@
|
||||
$this->template->set_var('row_text',$phpgw_info['theme']['row_text']);
|
||||
|
||||
$this->template->pfp('out','form');
|
||||
} //end form function
|
||||
} /* end form function */
|
||||
}
|
||||
?>
|
||||
|
@ -12,30 +12,6 @@
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
/* I don't think this is needed anymore */
|
||||
/* Perform acl check, set $rights */
|
||||
if(!isset($owner)) { $owner = 0; }
|
||||
|
||||
$grants = $phpgw->acl->get_grants('addressbook');
|
||||
|
||||
if(!isset($owner) || !$owner)
|
||||
{
|
||||
$owner = $phpgw_info['user']['account_id'];
|
||||
$rights = PHPGW_ACL_READ + PHPGW_ACL_ADD + PHPGW_ACL_EDIT + PHPGW_ACL_DELETE + 16;
|
||||
}
|
||||
else
|
||||
{
|
||||
if($grants[$owner])
|
||||
{
|
||||
$rights = $grants[$owner];
|
||||
if (!($rights & PHPGW_ACL_READ))
|
||||
{
|
||||
$owner = $phpgw_info['user']['account_id'];
|
||||
$rights = PHPGW_ACL_READ + PHPGW_ACL_ADD + PHPGW_ACL_EDIT + PHPGW_ACL_DELETE + 16;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
function formatted_list($name,$list,$id='',$default=False,$java=False)
|
||||
{
|
||||
if ($java)
|
||||
|
Loading…
Reference in New Issue
Block a user