holm/egroupware
1
1
Fork 0
forked from extern/egroupware
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Implement export restriction exception for given users/groups in apps

Browse Source
This commit is contained in:
Nathan Gray 2011-08-17 15:38:56 +00:00
parent 2a815be3d3
commit 16bafa78b8
9 changed files with 32 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
addressbook/inc/class.addressbook_ui.inc.php
View File

@ -568,7 +568,8 @@ class addressbook_ui extends addressbook_bo
} }
// check if user is an admin or the export is not generally turned off (contact_export_limit is non-numerical, eg. no) // check if user is an admin or the export is not generally turned off (contact_export_limit is non-numerical, eg. no)
if (isset($GLOBALS['egw_info']['user']['apps']['admin']) || !$this->config['contact_export_limit'] || (int)$this->config['contact_export_limit']) $exception = count(array_intersect(array($GLOBALS['egw_info']['user']['account_id']) + $GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'],true), unserialize($GLOBALS['egw_info']['server']['export_limit_excepted']))) > 0;
if ((isset($GLOBALS['egw_info']['user']['apps']['admin']) || $exception) || !$this->config['contact_export_limit'] || (int)$this->config['contact_export_limit'])
{ {
$actions['export'] = array( $actions['export'] = array(
'caption' => 'Export', 'caption' => 'Export',
@ -798,8 +799,9 @@ class addressbook_ui extends addressbook_bo
$action = substr($action,0,7); $action = substr($action,0,7);
} }
// Security: stop non-admins to export more then the configured number of contacts // Security: stop non-admins to export more then the configured number of contacts
$exception = count(array_intersect(array($GLOBALS['egw_info']['user']['account_id']) + $GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'],true), unserialize($GLOBALS['egw_info']['server']['export_limit_excepted']))) > 0;
if (in_array($action,array('csv','vcard')) && $this->config['contact_export_limit'] && if (in_array($action,array('csv','vcard')) && $this->config['contact_export_limit'] &&
!isset($GLOBALS['egw_info']['user']['apps']['admin']) && !(isset($GLOBALS['egw_info']['user']['apps']['admin']) || $exception) &&
(!is_numeric($this->config['contact_export_limit']) || count($checked) > $this->config['contact_export_limit'])) (!is_numeric($this->config['contact_export_limit']) || count($checked) > $this->config['contact_export_limit']))
{ {
$action_msg = lang('exported'); $action_msg = lang('exported');

8
calendar/inc/class.calendar_export_csv.inc.php
View File

@ -26,6 +26,8 @@ class calendar_export_csv implements importexport_iface_export_plugin {
$this->bo = new calendar_bo(); $this->bo = new calendar_bo();
$config = config::read('phpgwapi'); $config = config::read('phpgwapi');
$limit_exception = count(array_intersect(array($GLOBALS['egw_info']['user']['account_id']) + $GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'],true), unserialize($GLOBALS['egw_info']['server']['export_limit_excepted']))) > 0;
// Custom fields need to be specifically requested // Custom fields need to be specifically requested
$cfs = array(); $cfs = array();
foreach($options['mapping'] as $key => $label) { foreach($options['mapping'] as $key => $label) {
@ -42,7 +44,7 @@ class calendar_export_csv implements importexport_iface_export_plugin {
'users' => $options['selection']['owner'], 'users' => $options['selection']['owner'],
'cfs' => $cfs // Otherwise we shouldn't get any custom fields 'cfs' => $cfs // Otherwise we shouldn't get any custom fields
); );
if($config['export_limit']) { if($config['export_limit'] && !($GLOBALS['egw_info']['user']['apps']['admin'] || $limit_exception)) {
$query['offset'] = 0; $query['offset'] = 0;
$query['num_rows'] = (int)$config['export_limit']; $query['num_rows'] = (int)$config['export_limit'];
} }
@ -55,7 +57,7 @@ class calendar_export_csv implements importexport_iface_export_plugin {
$query['start'] = 0; $query['start'] = 0;
$query['cfs'] = $cfs; $query['cfs'] = $cfs;
if($config['export_limit']) { if($config['export_limit'] && !($GLOBALS['egw_info']['user']['apps']['admin'] || $limit_exception)) {
$query['num_rows'] = (int)$config['export_limit']; $query['num_rows'] = (int)$config['export_limit'];
} }
$ui = new calendar_uilist(); $ui = new calendar_uilist();
@ -64,7 +66,7 @@ class calendar_export_csv implements importexport_iface_export_plugin {
$query = $GLOBALS['egw']->session->appsession('session_data','calendar'); $query = $GLOBALS['egw']->session->appsession('session_data','calendar');
$query['users'] = explode(',', $query['owner']); $query['users'] = explode(',', $query['owner']);
$query['num_rows'] = -1; $query['num_rows'] = -1;
if($config['export_limit']) { if($config['export_limit'] && !($GLOBALS['egw_info']['user']['apps']['admin'] || $limit_exception)) {
$query['num_rows'] = (int)$config['export_limit']; $query['num_rows'] = (int)$config['export_limit'];
} }

8
calendar/inc/class.calendar_export_ical.inc.php
View File

@ -32,6 +32,8 @@ class calendar_export_ical extends calendar_export_csv {
if($key[0] == '#') $cfs[] = substr($key,1); if($key[0] == '#') $cfs[] = substr($key,1);
} }
$limit_exception = count(array_intersect(array($GLOBALS['egw_info']['user']['account_id']) + $GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'],true), unserialize($GLOBALS['egw_info']['server']['export_limit_excepted']))) > 0;
if($options['selection']['select'] == 'criteria') { if($options['selection']['select'] == 'criteria') {
$query = array( $query = array(
'start' => $options['selection']['start'], 'start' => $options['selection']['start'],
@ -42,7 +44,7 @@ class calendar_export_ical extends calendar_export_csv {
'users' => $options['selection']['owner'], 'users' => $options['selection']['owner'],
'cfs' => $cfs // Otherwise we shouldn't get any custom fields 'cfs' => $cfs // Otherwise we shouldn't get any custom fields
); );
if($config['export_limit']) { if($config['export_limit'] && !($GLOBALS['egw_info']['user']['apps']['admin'] || $limit_exception)) {
$query['offset'] = 0; $query['offset'] = 0;
$query['num_rows'] = (int)$config['export_limit']; $query['num_rows'] = (int)$config['export_limit'];
} }
@ -55,7 +57,7 @@ class calendar_export_ical extends calendar_export_csv {
$query['start'] = 0; $query['start'] = 0;
$query['cfs'] = $cfs; $query['cfs'] = $cfs;
if($config['export_limit']) { if($config['export_limit'] && !($GLOBALS['egw_info']['user']['apps']['admin'] || $limit_exception)) {
$query['num_rows'] = (int)$config['export_limit']; $query['num_rows'] = (int)$config['export_limit'];
} }
$ui = new calendar_uilist(); $ui = new calendar_uilist();
@ -64,7 +66,7 @@ class calendar_export_ical extends calendar_export_csv {
$query = $GLOBALS['egw']->session->appsession('session_data','calendar'); $query = $GLOBALS['egw']->session->appsession('session_data','calendar');
$query['users'] = explode(',', $query['owner']); $query['users'] = explode(',', $query['owner']);
$query['num_rows'] = -1; $query['num_rows'] = -1;
if($config['export_limit']) { if($config['export_limit'] && !($GLOBALS['egw_info']['user']['apps']['admin'] || $limit_exception)) {
$query['num_rows'] = (int)$config['export_limit']; $query['num_rows'] = (int)$config['export_limit'];
} }

6
etemplate/inc/class.bo_merge.inc.php
View File

@ -314,7 +314,8 @@ abstract class bo_merge
} }
// check export-limit and fail if user tries to export more entries then allowed // check export-limit and fail if user tries to export more entries then allowed
if ($this->export_limit && !$GLOBALS['egw_info']['user']['apps']['admin'] && $limit_exception = count(array_intersect(array($GLOBALS['egw_info']['user']['account_id']) + $GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'],true), unserialize($GLOBALS['egw_info']['server']['export_limit_excepted']))) > 0;
if ($this->export_limit && !($GLOBALS['egw_info']['user']['apps']['admin'] || $limit_exception) &&
count($ids) > (int)$this->export_limit) count($ids) > (int)$this->export_limit)
{ {
$err = lang('No rights to export more then %1 entries!',(int)$this->export_limit); $err = lang('No rights to export more then %1 entries!',(int)$this->export_limit);
@ -1155,13 +1156,14 @@ abstract class bo_merge
} }
} }
} }
$limit_exception = count(array_intersect(array($GLOBALS['egw_info']['user']['account_id']) + $GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'],true), unserialize($GLOBALS['egw_info']['server']['export_limit_excepted']))) > 0;
return array( return array(
'icon' => 'etemplate/merge', 'icon' => 'etemplate/merge',
'caption' => $caption, 'caption' => $caption,
'children' => $documents, 'children' => $documents,
// disable action if no document or export completly forbidden for non-admins // disable action if no document or export completly forbidden for non-admins
'enabled' => (boolean)$documents && (empty($export_limit) || 'enabled' => (boolean)$documents && (empty($export_limit) ||
(int)$export_limit > 0 || $GLOBALS['egw_info']['user']['apps']['admin']), (int)$export_limit > 0 || $GLOBALS['egw_info']['user']['apps']['admin'] || $limit_exception),
'hideOnDisabled' => true, // do not show 'Insert in document', if no documents defined or no export allowed 'hideOnDisabled' => true, // do not show 'Insert in document', if no documents defined or no export allowed
'group' => $group, 'group' => $group,
); );

6
etemplate/inc/class.nextmatch_widget.inc.php
View File

@ -276,9 +276,10 @@ class nextmatch_widget
unset($value['rows']); unset($value['rows']);
$extension_data += $value; $extension_data += $value;
$limit_exception = count(array_intersect(array($GLOBALS['egw_info']['user']['account_id']) + $GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'],true), unserialize($GLOBALS['egw_info']['server']['export_limit_excepted']))) > 0;
$value['no_csv_export'] = $value['csv_fields'] === false || $value['no_csv_export'] = $value['csv_fields'] === false ||
$GLOBALS['egw_info']['server']['export_limit'] && !is_numeric($GLOBALS['egw_info']['server']['export_limit']) && $GLOBALS['egw_info']['server']['export_limit'] && !is_numeric($GLOBALS['egw_info']['server']['export_limit']) &&
!isset($GLOBALS['egw_info']['user']['apps']['admin']); !(isset($GLOBALS['egw_info']['user']['apps']['admin']) || $limit_exception);
if (!$value['filter_onchange']) $value['filter_onchange'] = 'this.form.submit();'; if (!$value['filter_onchange']) $value['filter_onchange'] = 'this.form.submit();';
if (!$value['filter2_onchange']) $value['filter2_onchange'] = 'this.form.submit();'; if (!$value['filter2_onchange']) $value['filter2_onchange'] = 'this.form.submit();';
@ -1447,7 +1448,8 @@ class nextmatch_widget
*/ */
static public function csv_export(&$value,$separator=';') static public function csv_export(&$value,$separator=';')
{ {
if (!isset($GLOBALS['egw_info']['user']['apps']['admin'])) $limit_exception = count(array_intersect(array($GLOBALS['egw_info']['user']['account_id']) + $GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'],true), unserialize($GLOBALS['egw_info']['server']['export_limit_excepted']))) > 0;
if (!(isset($GLOBALS['egw_info']['user']['apps']['admin']) || $limit_exception))
{ {
$export_limit = $GLOBALS['egw_info']['server']['export_limit']; $export_limit = $GLOBALS['egw_info']['server']['export_limit'];
//if (isset($value['export_limit'])) $export_limit = $value['export_limit']; //if (isset($value['export_limit'])) $export_limit = $value['export_limit'];

6
importexport/inc/class.importexport_admin_prefs_sidebox_hooks.inc.php
View File

@ -38,7 +38,8 @@ class importexport_admin_prefs_sidebox_hooks
), ),
); );
$config = config::read('phpgwapi'); $config = config::read('phpgwapi');
if($GLOBALS['egw_info']['user']['apps']['admin'] || $config['export_limit'] !== 'no') $limit_exception = count(array_intersect(array($GLOBALS['egw_info']['user']['account_id']) + $GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'],true), unserialize($GLOBALS['egw_info']['server']['export_limit_excepted']))) > 0;
if($GLOBALS['egw_info']['user']['apps']['admin'] || $limit_exception || $config['export_limit'] !== 'no')
{ {
$file[] = array( $file[] = array(
'text' => 'Export', 'text' => 'Export',
@ -122,7 +123,8 @@ class importexport_admin_prefs_sidebox_hooks
} }
} }
$config = config::read('phpgwapi'); $config = config::read('phpgwapi');
if (($GLOBALS['egw_info']['user']['apps']['admin'] || !$config['export_limit'] || $config['export_limit'] > 0) && $cache[$appname]['export']) $limit_exception = count(array_intersect(array($GLOBALS['egw_info']['user']['account_id']) + $GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'],true), unserialize($GLOBALS['egw_info']['server']['export_limit_excepted']))) > 0;
if (($GLOBALS['egw_info']['user']['apps']['admin'] || $limit_exception || !$config['export_limit'] || $config['export_limit'] > 0) && $cache[$appname]['export'])
{ {
$file['Export CSV'] = array('link' => "javascript:egw_openWindowCentered2('". $file['Export CSV'] = array('link' => "javascript:egw_openWindowCentered2('".
egw::link('/index.php',array( egw::link('/index.php',array(

3
importexport/inc/class.importexport_definitions_ui.inc.php
View File

@ -85,9 +85,10 @@ class importexport_definitions_ui
$filter[] = '(owner=0 OR owner IS NULL OR allowed_users IS NOT NULL OR owner = ' . $GLOBALS['egw_info']['user']['account_id'] . ')'; $filter[] = '(owner=0 OR owner IS NULL OR allowed_users IS NOT NULL OR owner = ' . $GLOBALS['egw_info']['user']['account_id'] . ')';
} else { } else {
// Filter private definitions // Filter private definitions
$limit_exception = count(array_intersect(array($GLOBALS['egw_info']['user']['account_id']) + $GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'],true), unserialize($GLOBALS['egw_info']['server']['export_limit_excepted']))) > 0;
$filter['owner'] = $GLOBALS['egw_info']['user']['account_id']; $filter['owner'] = $GLOBALS['egw_info']['user']['account_id'];
$config = config::read('phpgwapi'); $config = config::read('phpgwapi');
if($config['export_limit'] == 'no') { if($config['export_limit'] == 'no' && !$limit_exception) {
$filter['type'] = 'import'; $filter['type'] = 'import';
} }
} }

3
importexport/inc/class.importexport_export_csv.inc.php
View File

@ -101,7 +101,8 @@ class importexport_export_csv implements importexport_iface_export_record
$this->csv_options = array_merge( $this->csv_options, $_options ); $this->csv_options = array_merge( $this->csv_options, $_options );
} }
if(!$GLOBALS['egw_info']['user']['apps']['admin']) { $limit_exception = count(array_intersect(array($GLOBALS['egw_info']['user']['account_id']) + $GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'],true), unserialize($GLOBALS['egw_info']['server']['export_limit_excepted']))) > 0;
if(!($GLOBALS['egw_info']['user']['apps']['admin'] || $limit_exception)) {
$config = config::read('phpgwapi'); $config = config::read('phpgwapi');
if($config['export_limit'] == 'no') throw new egw_exception_no_permission_admin('Export disabled'); if($config['export_limit'] == 'no') throw new egw_exception_no_permission_admin('Export disabled');
$this->export_limit = (int)$config['export_limit']; $this->export_limit = (int)$config['export_limit'];

3
importexport/inc/class.importexport_export_ui.inc.php
View File

@ -49,7 +49,8 @@ class importexport_export_ui {
$preserv = array(); $preserv = array();
// Check global setting // Check global setting
if(!$GLOBALS['egw_info']['user']['apps']['admin']) { $limit_exception = count(array_intersect(array($GLOBALS['egw_info']['user']['account_id']) + $GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'],true), unserialize($GLOBALS['egw_info']['server']['export_limit_excepted']))) > 0;
if(!($GLOBALS['egw_info']['user']['apps']['admin'] || $limit_exception)) {
$config = config::read('phpgwapi'); $config = config::read('phpgwapi');
if($config['export_limit'] == 'no') { if($config['export_limit'] == 'no') {
die(lang('Admin disabled exporting')); die(lang('Admin disabled exporting'));