extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2025-02-18 03:11:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

Hopefully a fix for acl issues, and the strip_html loop

Browse Source
This commit is contained in:
Miles Lott 2001-08-04 14:12:32 +00:00
parent bd30af4d61
commit de68820130
4 changed files with 112 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

111
addressbook/inc/class.boaddressbook.inc.php
View File

@ -23,6 +23,51 @@
'add_email' => True, 'add_email' => True,
'update_entry' => True 'update_entry' => True
); );
var $soap_functions = array(
'read_entries' => array(
'in' => array(
'int',
'int',
'struct',
'string',
'int'
),
'out' => array(
'array'
)
),
'read_entry' => array(
'in' => array(
'int',
'struct'
),
'out' => array(
'array'
)
),
'read_last_entry' => array(
'in' => array(
'struct'
),
'out' => array(
'array'
)
),
'add_entry' => array(
'in' => array(
'int',
'struct'
),
'out' => array()
),
'update_entry' => array(
'in' => array(
'int',
'struct'
),
'out' => array()
)
);
var $debug = False; var $debug = False;
@ -43,6 +88,8 @@
global $phpgw; global $phpgw;
$this->so = CreateObject('addressbook.soaddressbook'); $this->so = CreateObject('addressbook.soaddressbook');
$this->rights = $this->so->rights;
$this->grants = $this->so->grants;
if($session) if($session)
{ {
@ -94,28 +141,38 @@
{ {
global $phpgw; global $phpgw;
if ($dirty == ''){$dirty = array();} if ($dirty == '')
{
$dirty = array();
}
for($i=0;$i<count($dirty);$i++) for($i=0;$i<count($dirty);$i++)
{ {
while (list($name,$value) = each($dirty[$i])) if(gettype($dirty[$i]) == 'array')
{ {
$cleaned[$i][$name] = $phpgw->strip_html($dirty[$i][$name]); while (list($name,$value) = @each($dirty[$i]))
{
$cleaned[$i][$name] = $phpgw->strip_html($dirty[$i][$name]);
}
}
else
{
$cleaned[$i] == $phpgw->strip_html($dirty[$i]);
} }
} }
return $cleaned; return $cleaned;
} }
function read_entries($start,$limit,$qcols,$qfilter,$userid='') function read_entries($start,$limit,$qcols,$qfilter)
{ {
$entries = $this->so->read_entries($start,$limit,$qcols,$this->query,$qfilter,$this->sort,$this->order,$userid); $entries = $this->so->read_entries($start,$limit,$qcols,$this->query,$qfilter,$this->sort,$this->order);
$this->total = $this->so->contacts->total_records; $this->total = $this->so->contacts->total_records;
if($this->debug) { echo '<br>Total records="' . $this->total . '"'; } if($this->debug) { echo '<br>Total records="' . $this->total . '"'; }
return $this->strip_html($entries); return $this->strip_html($entries);
} }
function read_entry($id,$fields,$userid='') function read_entry($id,$fields)
{ {
$entry = $this->so->read_entry($id,$fields,$userid); $entry = $this->so->read_entry($id,$fields);
return $this->strip_html($entry); return $this->strip_html($entry);
} }
@ -152,7 +209,11 @@
$vcard = CreateObject('phpgwapi.vcard'); $vcard = CreateObject('phpgwapi.vcard');
$entry = $vcard->in_file($filename); $entry = $vcard->in_file($filename);
/* _debug_array($entry);exit; */ /* _debug_array($entry);exit; */
$this->so->add_entry($phpgw_info['user']['account_id'],$entry,'private','','n'); $entry['owner'] = $phpgw_info['user']['account_id'];
$entry['access'] = 'private';
$entry['tid'] = 'n';
/* _debug_array($entry);exit; */
$this->so->add_entry($entry);
$ab_id = $this->get_lastid(); $ab_id = $this->get_lastid();
/* Delete the temp file. */ /* Delete the temp file. */
@ -189,33 +250,9 @@
. $phpgw->link('/index.php',"menuaction=addressbook.uiaddressbook.view&ab_id=$ab_id&referer=$referer")); . $phpgw->link('/index.php',"menuaction=addressbook.uiaddressbook.view&ab_id=$ab_id&referer=$referer"));
} }
function OLDcopy_entry($ab_id) function add_entry($fields)
{ {
global $phpgw,$phpgw_info; return $this->so->add_entry($fields);
$addnew = $this->read_entry($ab_id,$this->so->contacts->stock_contact_fields,$phpgw_info['user']['account_id']);
$addnew[0]['note'] .= "\nCopied from ".$phpgw->accounts->id2name($addnew[0]['owner']).", record #".$addnew[0]['id'].".";
$addnew[0]['owner'] = $phpgw_info['user']['account_id'];
$addnew[0]['id'] = '';
$fields = $addnew[0];
if ($addnew['tid'])
{
$this->so->add_entry($fields['owner'],$fields,$fields['access'],$fields['cat_id'],$fields['tid']);
}
else
{
$this->so->add_entry($fields['owner'],$fields,$fields['access'],$fields['cat_id']);
}
$ab_id = $this->get_lastid();
Header("Location: " . $phpgw->link('/index.php',"menuaction=addressbook.uiaddressbook.edit&ab_id=$ab_id"));
}
function add_entry($userid,$fields)
{
return $this->so->add_entry($userid,$fields);
} }
function get_lastid() function get_lastid()
@ -223,9 +260,9 @@
return $this->so->get_lastid(); return $this->so->get_lastid();
} }
function update_entry($userid,$fields) function update_entry($fields)
{ {
return $this->so->update_entry($userid,$fields); return $this->so->update_entry($fields);
} }
function delete_entry($ab_id) function delete_entry($ab_id)
@ -239,7 +276,7 @@
$phpgw->preferences->read_repository(); $phpgw->preferences->read_repository();
if (is_array($prefs)) if (is_array($prefs))
{ {
/* _debug_array($prefs);exit; */ /* _debug_array($prefs);exit; */
while (list($pref,$x) = each($qfields)) while (list($pref,$x) = each($qfields))
{ {
/* echo '<br>checking: ' . $pref . '=' . $prefs[$pref]; */ /* echo '<br>checking: ' . $pref . '=' . $prefs[$pref]; */

28
addressbook/inc/class.soaddressbook.inc.php
View File

@ -16,12 +16,36 @@
{ {
var $contacts; var $contacts;
var $rights; var $rights;
var $grants;
var $owner;
function soaddressbook() function soaddressbook()
{ {
global $rights; global $phpgw,$phpgw_info,$owner;
if(!isset($owner)) { $owner = 0; }
$grants = $phpgw->acl->get_grants('addressbook');
if(!isset($owner) || !$owner)
{
$owner = $phpgw_info['user']['account_id'];
$rights = PHPGW_ACL_READ + PHPGW_ACL_ADD + PHPGW_ACL_EDIT + PHPGW_ACL_DELETE + 16;
}
else
{
if($grants[$owner])
{
$rights = $grants[$owner];
if (!($rights & PHPGW_ACL_READ))
{
$owner = $phpgw_info['user']['account_id'];
$rights = PHPGW_ACL_READ + PHPGW_ACL_ADD + PHPGW_ACL_EDIT + PHPGW_ACL_DELETE + 16;
}
}
}
$this->rights = $rights; $this->rights = $rights;
$this->grants = $grants;
$this->owner = $owner;
} }
function makeobj() function makeobj()
@ -49,7 +73,7 @@
} }
else else
{ {
$rtrn = array('No access' => 'No access'); $rtrn = array(0 => array('No access' => 'No access'));
return $rtrn; return $rtrn;
} }
} }

23
addressbook/inc/class.uiaddressbook.inc.php
View File

@ -73,7 +73,7 @@
$this->filter = $this->bo->filter; $this->filter = $this->bo->filter;
$this->cat_id = $this->bo->cat_id; $this->cat_id = $this->bo->cat_id;
if($this->debug) { $this->_debug_sqsof(); } if($this->debug) { $this->_debug_sqsof(); }
/* _debug_array($this); */ /* _debug_array($this); */
} }
function _debug_sqsof() function _debug_sqsof()
@ -416,7 +416,7 @@
else else
{ {
/* read the entry list */ /* read the entry list */
$entries = $this->bo->read_entries($this->start,$this->limit,$columns_to_display,$qfilter,$userid); $entries = $this->bo->read_entries($this->start,$this->limit,$columns_to_display,$qfilter);
$total_records = $this->bo->total; $total_records = $this->bo->total;
} }
@ -609,7 +609,7 @@
$referer = urlencode($fields['referer']); $referer = urlencode($fields['referer']);
unset($fields['referer']); unset($fields['referer']);
$this->bo->add_entry($phpgw_info['user']['account_id'],$fields); $this->bo->add_entry($fields);
$ab_id = $this->bo->get_lastid(); $ab_id = $this->bo->get_lastid();
@ -656,7 +656,7 @@
$referer = urlencode($fields['referer']); $referer = urlencode($fields['referer']);
unset($fields['referer']); unset($fields['referer']);
$this->bo->update_entry($userid,$fields); $this->bo->update_entry($fields);
Header("Location: " Header("Location: "
. $phpgw->link('/index.php',"menuaction=addressbook.uiaddressbook.view&ab_id=" . $fields['ab_id'] . "&referer=$referer")); . $phpgw->link('/index.php',"menuaction=addressbook.uiaddressbook.view&ab_id=" . $fields['ab_id'] . "&referer=$referer"));
@ -755,8 +755,9 @@
{ {
global $phpgw,$phpgw_info,$ab_id,$submit,$referer; global $phpgw,$phpgw_info,$ab_id,$submit,$referer;
// First, make sure they have permission to this entry /* First, make sure they have permission to this entry */
$check = $this->bo->read_entry($ab_id,array('owner' => 'owner')); $check = $this->bo->read_entry($ab_id,array('owner' => 'owner'));
$perms = $this->contacts->check_perms($this->contacts->grants[$check[0]['owner']],PHPGW_ACL_READ); $perms = $this->contacts->check_perms($this->contacts->grants[$check[0]['owner']],PHPGW_ACL_READ);
if ( (!$perms) && ($check[0]['owner'] != $phpgw_info['user']['account_id']) ) if ( (!$perms) && ($check[0]['owner'] != $phpgw_info['user']['account_id']) )
@ -793,7 +794,7 @@
} }
} }
// No prefs? /* No prefs? */
if (!$columns_to_display ) if (!$columns_to_display )
{ {
$columns_to_display = array( $columns_to_display = array(
@ -949,7 +950,7 @@
if (!$catname) { $catname = lang('none'); } if (!$catname) { $catname = lang('none'); }
// These are in the footer /* These are in the footer */
$this->template->set_var('lang_owner',lang('Record owner')); $this->template->set_var('lang_owner',lang('Record owner'));
$this->template->set_var('owner',$phpgw->common->grab_owner_name($record_owner)); $this->template->set_var('owner',$phpgw->common->grab_owner_name($record_owner));
$this->template->set_var('lang_access',lang('Record access')); $this->template->set_var('lang_access',lang('Record access'));
@ -1040,11 +1041,11 @@
while (list($col, $descr) = each($qfields)) while (list($col, $descr) = each($qfields))
{ {
// echo "<br>test: $col - $i $j - " . count($abc); /* echo "<br>test: $col - $i $j - " . count($abc); */
$i++; $j++; $i++; $j++;
$showcol = $this->display_name($col); $showcol = $this->display_name($col);
if (!$showcol) { $showcol = $col; } if (!$showcol) { $showcol = $col; }
// yank the *'s prior to testing for a valid column description /* yank the *'s prior to testing for a valid column description */
$coltest = ereg_replace("\*","",$showcol); $coltest = ereg_replace("\*","",$showcol);
if ($coltest) if ($coltest)
{ {
@ -1384,7 +1385,7 @@
if ($format != "view") if ($format != "view")
{ {
// Preferred phone number radio buttons /* Preferred phone number radio buttons */
$pref[0] = '<font size="-2">'; $pref[0] = '<font size="-2">';
$pref[1] = '(' . lang('pref') . ')</font>'; $pref[1] = '(' . lang('pref') . ')</font>';
while (list($name,$val) = each($this->contacts->tel_types)) while (list($name,$val) = each($this->contacts->tel_types))
@ -1674,6 +1675,6 @@
$this->template->set_var('row_text',$phpgw_info['theme']['row_text']); $this->template->set_var('row_text',$phpgw_info['theme']['row_text']);
$this->template->pfp('out','form'); $this->template->pfp('out','form');
} //end form function } /* end form function */
} }
?> ?>

24
addressbook/inc/functions.inc.php
View File

@ -12,30 +12,6 @@
/* $Id$ */ /* $Id$ */
/* I don't think this is needed anymore */
/* Perform acl check, set $rights */
if(!isset($owner)) { $owner = 0; }
$grants = $phpgw->acl->get_grants('addressbook');
if(!isset($owner) || !$owner)
{
$owner = $phpgw_info['user']['account_id'];
$rights = PHPGW_ACL_READ + PHPGW_ACL_ADD + PHPGW_ACL_EDIT + PHPGW_ACL_DELETE + 16;
}
else
{
if($grants[$owner])
{
$rights = $grants[$owner];
if (!($rights & PHPGW_ACL_READ))
{
$owner = $phpgw_info['user']['account_id'];
$rights = PHPGW_ACL_READ + PHPGW_ACL_ADD + PHPGW_ACL_EDIT + PHPGW_ACL_DELETE + 16;
}
}
}
function formatted_list($name,$list,$id='',$default=False,$java=False) function formatted_list($name,$list,$id='',$default=False,$java=False)
{ {
if ($java) if ($java)