From f3df7a0ff45621214fb637db59befa8a30b4580a Mon Sep 17 00:00:00 2001 From: jengo Date: Sat, 24 Mar 2001 09:58:09 +0000 Subject: [PATCH] Started working on ACL, so far index has been updated --- addressbook/inc/class.contacts_shared.inc.php | 5 ++++ addressbook/inc/class.contacts_sql.inc.php | 26 ++++++++++++++++--- addressbook/index.php | 9 ++++--- addressbook/templates/default/row.tpl | 2 +- 4 files changed, 34 insertions(+), 8 deletions(-) diff --git a/addressbook/inc/class.contacts_shared.inc.php b/addressbook/inc/class.contacts_shared.inc.php index 2c68925547..539d03b441 100644 --- a/addressbook/inc/class.contacts_shared.inc.php +++ b/addressbook/inc/class.contacts_shared.inc.php @@ -31,6 +31,11 @@ var $email_types; // VCard email type array var $total_records; // This will contain numrows for data retrieved + function check_perms($has, $needed) + { + return (!!($has & $needed) == True); + } + function split_stock_and_extras($fields) { while (list($field,$value) = each($fields)) { diff --git a/addressbook/inc/class.contacts_sql.inc.php b/addressbook/inc/class.contacts_sql.inc.php index d546dc1aaf..c3923e7636 100644 --- a/addressbook/inc/class.contacts_sql.inc.php +++ b/addressbook/inc/class.contacts_sql.inc.php @@ -40,15 +40,17 @@ var $account_id; var $stock_contact_fields; // This is an array of almost the fields in the phpgw_addressbook table, except id,owner,lid,tid - var $email_types; // VCard email type array + var $email_types; // VCard email type array var $total_records; // This will contain numrows for data retrieved + var $grants; // This holds all of the users that have granted access to there entrys function contacts_() { global $phpgw, $phpgw_info; - $this->db = $phpgw->db; - $this->account_id = $phpgw_info["user"]["account_id"]; + $this->db = $phpgw->db; + $this->grants = $phpgw->acl->get_grants('addressbook'); + $this->account_id = $phpgw_info['user']['account_id']; // The left side are the array elements used throughout phpgw, right side are the db field names. $this->stock_contact_fields = array( @@ -351,6 +353,24 @@ $fwhere = ' WHERE '; $fand = ' AND '; } } + + $fwhere .= " owner=" . $phpgw_info['user']['account_id']; + if (is_array($this->grants)) + { + $grants = $this->grants; + while (list($user) = each($grants)) + { + $public_user_list[] = $user; + } + reset($public_user_list); + $fwhere .= " OR (access='public' AND owner in(" . implode(',',$public_user_list) . ")) AND "; + } + else + { + $fwhere .= ' AND '; + } + + if ($DEBUG && $filtermethod) { echo "
DEBUG - Filtering with: #" . $filtermethod . "#"; } diff --git a/addressbook/index.php b/addressbook/index.php index d2808ce8ed..12184264c8 100755 --- a/addressbook/index.php +++ b/addressbook/index.php @@ -219,11 +219,12 @@ $t->set_var(row_vcard_link,$phpgw->link("/addressbook/vcardout.php","ab_id=$myid&start=$start&order=$order&filter=" . "$filter&query=$query&sort=$sort")); - if ($rights & PHPGW_ACL_EDIT) { - $t->set_var(row_edit_link,$phpgw->link("/addressbook/edit.php","ab_id=$myid&start=$start&sort=$sort&order=$order" - . "&query=$query&sort=$sort")); +// echo '
: ' . $this->grants[$myowner] . ' - ' . $myowner; + if ($this->check_perms($this->grants[$myowner],PHPGW_ACL_EDIT) || $myowner == $phpgw_info['user']['account_id']) { + $t->set_var(row_edit,'' . lang('Edit') . ''); } else { - $t->set_var(row_edit_link,''); + $t->set_var(row_edit,' '); } $t->set_var(row_owner,$phpgw->accounts->id2name($myowner)); diff --git a/addressbook/templates/default/row.tpl b/addressbook/templates/default/row.tpl index 651d495169..66c7a87adf 100644 --- a/addressbook/templates/default/row.tpl +++ b/addressbook/templates/default/row.tpl @@ -8,7 +8,7 @@ {lang_vcard} - {lang_edit} + {row_edit} {row_owner}