mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-11-07 08:34:29 +01:00
Fix resource invite permission was checked for every resource type
This commit is contained in:
parent
b7f72bf7c4
commit
eb7ea6bfab
@ -80,12 +80,6 @@ class calendar_boupdate extends calendar_bo
|
||||
*/
|
||||
protected static $tz_cache = array();
|
||||
|
||||
/**
|
||||
* The resources storage object
|
||||
* @var resources_so $resources_so
|
||||
*/
|
||||
protected $resources_so;
|
||||
|
||||
/**
|
||||
* Constructor
|
||||
*/
|
||||
@ -95,8 +89,6 @@ class calendar_boupdate extends calendar_bo
|
||||
|
||||
parent::__construct(); // calling the parent constructor
|
||||
|
||||
$this->resources_so = new resources_so();
|
||||
|
||||
if ($this->debug > 0) $this->debug_message('calendar_boupdate::__construct() finished',True);
|
||||
}
|
||||
|
||||
@ -515,17 +507,12 @@ class calendar_boupdate extends calendar_bo
|
||||
*/
|
||||
public function check_acl_invite($uid)
|
||||
{
|
||||
if (!is_numeric($uid))
|
||||
if (!is_numeric($uid) && $this->resources[$uid[0]]['check_invite'])
|
||||
{
|
||||
$resources_config = Api\Config::read('resources');
|
||||
if ($resources_config['bookingrequests'] === 'disabled') {
|
||||
$cat_id = $this->resources_so->get_value('cat_id', intval(substr($uid, 1)));
|
||||
return resources_acl_bo::is_permitted($cat_id, resources_acl_bo::DIRECT_BOOKING);
|
||||
}
|
||||
else
|
||||
{
|
||||
$ret = true;
|
||||
}
|
||||
// Resource specific ACL check
|
||||
return call_user_func($this->resources[$uid[0]]['check_invite'], $uid);
|
||||
|
||||
|
||||
}
|
||||
elseif (!$this->require_acl_invite)
|
||||
{
|
||||
|
@ -204,6 +204,20 @@ class resources_acl_bo
|
||||
return $GLOBALS['egw']->acl->get_all_rights('L'.$cat_id,'resources');
|
||||
}
|
||||
|
||||
static public function check_calendar_invite($uid)
|
||||
{
|
||||
$resources_config = Api\Config::read('resources');
|
||||
$resources_so = new resources_so();
|
||||
if ($resources_config['bookingrequests'] === 'disabled') {
|
||||
$resources_so = new resources_so();
|
||||
$cat_id = $resources_so->get_value('cat_id', intval(substr($uid, 1)));
|
||||
return resources_acl_bo::is_permitted($cat_id, resources_acl_bo::DIRECT_BOOKING);
|
||||
}
|
||||
else
|
||||
{
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
// privat functions from here on -------------------------------------------------------------------------
|
||||
function save_sessiondata()
|
||||
|
@ -108,6 +108,7 @@ class resources_hooks
|
||||
'type' => 'r',// one char type-identifiy for this resources
|
||||
'icon' => 'calicon',//icon
|
||||
'participants_header' => lang('resources'), // header of participants from this type
|
||||
'check_invite' => 'resources_acl_bo::check_calendar_invite' // Check that the current user is allowed to invite the givent resource
|
||||
);
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user