From ed9204103c2356224ef5cca646f5ff23063500b9 Mon Sep 17 00:00:00 2001 From: Ralf Becker Date: Mon, 27 Jul 2015 16:53:19 +0000 Subject: [PATCH] * Addressbook: custom fields of accounts enabled via own-account-acl were not editable --- addressbook/inc/class.addressbook_bo.inc.php | 20 +++-- .../inc/class.addressbook_tracking.inc.php | 4 +- ...lass.etemplate_widget_customfields.inc.php | 90 +++++++++---------- etemplate/js/et2_extension_customfields.js | 5 +- 4 files changed, 63 insertions(+), 56 deletions(-) diff --git a/addressbook/inc/class.addressbook_bo.inc.php b/addressbook/inc/class.addressbook_bo.inc.php index e4d6d005be..b91b4466e7 100755 --- a/addressbook/inc/class.addressbook_bo.inc.php +++ b/addressbook/inc/class.addressbook_bo.inc.php @@ -925,6 +925,11 @@ class addressbook_bo extends addressbook_so } if (isset($contact['org_name'])) $contact['n_fileas'] = $this->fileas($contact, null, false); + // Get old record for tracking changes + if (!isset($old) && $isUpdate) + { + $old = $this->read($contact['id']); + } $to_write = $contact; // (non-admin) user editing his own account, make sure he does not change fields he is not allowed to (eg. via SyncML or xmlrpc) if (!$ignore_acl && !$contact['owner'] && !$this->is_admin($contact)) @@ -933,16 +938,19 @@ class addressbook_bo extends addressbook_so { if (!in_array($field,$this->own_account_acl) && !in_array($field,array('id','owner','account_id','modified','modifier'))) { - unset($to_write[$field]); // user is now allowed to change that + // user is not allowed to change that + if ($old) + { + $to_write[$field] = $old[$field]; + } + else + { + unset($to_write[$field]); + } } } } - // Get old record for tracking changes - if (!isset($old) && $isUpdate) - { - $old = $this->read($contact['id']); - } // IF THE OLD ENTRY IS A ACCOUNT, dont allow to change the owner/location // maybe we need that for id and account_id as well. if (is_array($old) && (!isset($old['owner']) || empty($old['owner']))) diff --git a/addressbook/inc/class.addressbook_tracking.inc.php b/addressbook/inc/class.addressbook_tracking.inc.php index 9187aa233d..62812f97fe 100644 --- a/addressbook/inc/class.addressbook_tracking.inc.php +++ b/addressbook/inc/class.addressbook_tracking.inc.php @@ -150,9 +150,9 @@ class addressbook_tracking extends bo_tracking foreach(array('adr_one_countryname' => 'adr_one_countrycode', 'adr_two_countryname' => 'adr_two_countrycode') as $name => $code) { // Only codes involved, but old text name is automatically added when loaded - if($old[$code] && $data[$code]) + if($old[$code] && $data[$code] && ($key = array_search($name, $changed_fields)) !== false) { - unset($changed_fields[array_search($name, $changed_fields)]); + unset($changed_fields[$key]); continue; } diff --git a/etemplate/inc/class.etemplate_widget_customfields.inc.php b/etemplate/inc/class.etemplate_widget_customfields.inc.php index 8cc0287017..1a7ec2b118 100644 --- a/etemplate/inc/class.etemplate_widget_customfields.inc.php +++ b/etemplate/inc/class.etemplate_widget_customfields.inc.php @@ -347,56 +347,56 @@ class etemplate_widget_customfields extends etemplate_widget_transformer $form_name = self::GLOBAL_ID; } - if (!$this->is_readonly($cname, $form_name)) + $all_readonly = $this->is_readonly($cname, $form_name); + $value_in = self::get_array($content, $form_name); + // if we have no id / use self::GLOBAL_ID, we have to set $value_in in global namespace for regular widgets validation to find + if (!$this->id) $content = array_merge($content, $value_in); + //error_log(__METHOD__."($cname, ...) form_name=$form_name, use-private={$this->attrs['use-private']}, value_in=".array2string($value_in)); + $customfields =& $this->getElementAttribute(self::GLOBAL_VALS, 'customfields'); + if(is_array($value_in)) { - $value_in = self::get_array($content, $form_name); - // if we have no id / use self::GLOBAL_ID, we have to set $value_in in global namespace for regular widgets validation to find - if (!$this->id) $content = array_merge($content, $value_in); - //error_log(__METHOD__."($cname, ...) form_name=$form_name, use-private={$this->attrs['use-private']}, value_in=".array2string($value_in)); - $customfields =& $this->getElementAttribute(self::GLOBAL_VALS, 'customfields'); - if(is_array($value_in)) + foreach($value_in as $field => $value) { - foreach($value_in as $field => $value) + $field_settings = $customfields[$fname=substr($field,1)]; + + if ((string)$this->attrs['use-private'] !== '' && // are only (non-)private fields requested + (boolean)$field_settings['private'] != ($this->attrs['use-private'] != '0')) { - $field_settings = $customfields[$fname=substr($field,1)]; - - if ((string)$this->attrs['use-private'] !== '' && // are only (non-)private fields requested - (boolean)$field_settings['private'] != ($this->attrs['use-private'] != '0')) - { - continue; - } - - // check if single field is set readonly, used in apps as it was only way to make cfs readonly in old eT - if ($this->is_readonly($form_name != self::GLOBAL_ID ? $form_name : $cname, $field)) - { - continue; - } - // run validation method of widget implementing this custom field - $widget = $this->_widget($fname, $field_settings); - // widget has no validate method, eg. is only displaying stuff --> nothing to validate - if (!method_exists($widget, 'validate')) continue; - $widget->validate($form_name != self::GLOBAL_ID ? $form_name : $cname, $expand, $content, $validated); - if ($field_settings['needed'] && (is_array($value) ? !$value : (string)$value === '')) - { - self::set_validation_error($field,lang('Field must not be empty !!!'),''); - } - $field_name = $this->id[0] == self::$prefix && $customfields[substr($this->id,1)] ? $this->id : self::form_name($form_name != self::GLOBAL_ID ? $form_name : $cname, $field); - $valid =& self::get_array($validated, $field_name, true); - - if (is_array($valid)) $valid = implode(',', $valid); - // NULL is valid for most fields, but not custom fields due to backend handling - // See so_sql_cf->save() - if (is_null($valid)) $valid = false; - //error_log(__METHOD__."() $field_name: ".array2string($value).' --> '.array2string($valid)); + continue; } + + // check if single field is set readonly, used in apps as it was only way to make cfs readonly in old eT + // single fields set to false in $readonly overwrite a global __ALL__ + $cf_readonly = $this->is_readonly($form_name != self::GLOBAL_ID ? $form_name : $cname, $field); + if ($cf_readonly || $all_readonly && $cf_readonly !== false) + { + continue; + } + // run validation method of widget implementing this custom field + $widget = $this->_widget($fname, $field_settings); + // widget has no validate method, eg. is only displaying stuff --> nothing to validate + if (!method_exists($widget, 'validate')) continue; + $widget->validate($form_name != self::GLOBAL_ID ? $form_name : $cname, $expand, $content, $validated); + if ($field_settings['needed'] && (is_array($value) ? !$value : (string)$value === '')) + { + self::set_validation_error($field,lang('Field must not be empty !!!'),''); + } + $field_name = $this->id[0] == self::$prefix && $customfields[substr($this->id,1)] ? $this->id : self::form_name($form_name != self::GLOBAL_ID ? $form_name : $cname, $field); + $valid =& self::get_array($validated, $field_name, true); + + if (is_array($valid)) $valid = implode(',', $valid); + // NULL is valid for most fields, but not custom fields due to backend handling + // See so_sql_cf->save() + if (is_null($valid)) $valid = false; + //error_log(__METHOD__."() $field_name: ".array2string($value).' --> '.array2string($valid)); } - elseif ($this->type == 'customfields-types') - { - // Transformation doesn't handle validation - $valid =& self::get_array($validated, $this->id ? $form_name : $field, true); - if (true) $valid = $value_in; - //error_log(__METHOD__."() $form_name $field: ".array2string($value).' --> '.array2string($value)); - } + } + elseif ($this->type == 'customfields-types') + { + // Transformation doesn't handle validation + $valid =& self::get_array($validated, $this->id ? $form_name : $field, true); + if (true) $valid = $value_in; + //error_log(__METHOD__."() $form_name $field: ".array2string($value).' --> '.array2string($value)); } } } diff --git a/etemplate/js/et2_extension_customfields.js b/etemplate/js/et2_extension_customfields.js index 57d3c6eeda..dcbae50553 100644 --- a/etemplate/js/et2_extension_customfields.js +++ b/etemplate/js/et2_extension_customfields.js @@ -200,8 +200,7 @@ var et2_customfields_list = et2_valueWidget.extend([et2_IDetachedDOM, et2_IInput 'id': id, 'statustext': field.help, 'needed': field.needed, - 'readonly': this.options.readonly || - this.getArrayMgr("readonlys").isReadOnly(id), + 'readonly': this.getArrayMgr("readonlys").isReadOnly(id, null, this.options.readonly), 'value': this.options.value[this.prefix+field_name] }; // Can't have a required readonly, it will warn & be removed later, so avoid the warning @@ -297,7 +296,7 @@ var et2_customfields_list = et2_valueWidget.extend([et2_IDetachedDOM, et2_IInput // Set the value for this element var contentMgr = this.getArrayMgr("content"); if (contentMgr != null) { - var val = contentMgr.getEntry(this.id); + var val = contentMgr.getEntry(this.id); _attrs["value"] = {}; if (val !== null) {