holm/egroupware
1
1
Fork 0
forked from extern/egroupware
Code Issues Pull Requests Packages Projects Releases Wiki Activity

prevent privileged user from pressing "save" or "apply" if just a status of a single recurrence was changed - otherwise a real exception will be created

Browse Source
This commit is contained in:
Christian Binder 2009-08-17 20:05:46 +00:00
parent cead53394e
commit 1d5b6b6828
1 changed files with 23 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
calendar/inc/class.calendar_uiforms.inc.php
View File

@ -357,7 +357,17 @@ class calendar_uiforms extends calendar_ui
} }
else else
{ {
$msg = isset($content['edit_single']) ? lang('Status of this occurrence changed') : lang('Status changed'); if(isset($content['edit_single']))
{
$msg = lang('Status of this occurrence changed');
// prevent accidentally creating a real exception afterwards
$view = true;
$hide_delete = true;
}
else
{
$msg = lang('Status changed');
}
} }
if (!$preserv['no_popup']) if (!$preserv['no_popup'])
{ {
@ -380,6 +390,7 @@ class calendar_uiforms extends calendar_ui
} }
$preserv = array( $preserv = array(
'view' => $view, 'view' => $view,
'hide_delete' => $hide_delete,
'edit_single' => $content['edit_single'], 'edit_single' => $content['edit_single'],
'reference' => $content['reference'], 'reference' => $content['reference'],
'recurrence' => $content['recurrence'], 'recurrence' => $content['recurrence'],
@ -746,6 +757,7 @@ class calendar_uiforms extends calendar_ui
* @param array $event=null Event to edit, if not $_GET['cal_id'] contains the event-id * @param array $event=null Event to edit, if not $_GET['cal_id'] contains the event-id
* @param array $perserv=null following keys: * @param array $perserv=null following keys:
* view boolean view-mode, if no edit-access we automatic fallback to view-mode * view boolean view-mode, if no edit-access we automatic fallback to view-mode
* hide_delete boolean hide delete button
* referer string menuaction of the referer * referer string menuaction of the referer
* no_popup boolean use a popup or not * no_popup boolean use a popup or not
* edit_single int timestamp of single event edited, unset/null otherwise * edit_single int timestamp of single event edited, unset/null otherwise
@ -896,7 +908,7 @@ class calendar_uiforms extends calendar_ui
); );
$readonlys[$row.'[quantity]'] = $type == 'u' || !isset($this->bo->resources[$type]['max_quantity']); $readonlys[$row.'[quantity]'] = $type == 'u' || !isset($this->bo->resources[$type]['max_quantity']);
$readonlys[$row.'[status]'] = !$this->bo->check_status_perms($uid,$event); $readonlys[$row.'[status]'] = !$this->bo->check_status_perms($uid,$event);
$readonlys["delete[$uid]"] = !$this->bo->check_perms(EGW_ACL_EDIT,$event); $readonlys["delete[$uid]"] = $preserv['hide_delete'] || !$this->bo->check_perms(EGW_ACL_EDIT,$event);
// todo: make the participants available as links with email as title // todo: make the participants available as links with email as title
if ($name == 'accounts') if ($name == 'accounts')
{ {
@ -1038,7 +1050,7 @@ class calendar_uiforms extends calendar_ui
{ {
$content['exception_label'] = $this->bo->long_date($preserv['actual_date']); $content['exception_label'] = $this->bo->long_date($preserv['actual_date']);
} }
$readonlys['button[delete]'] = !$event['id'] || !$this->bo->check_perms(EGW_ACL_DELETE,$event); $readonlys['button[delete]'] = !$event['id'] || $preserv['hide_delete'] || !$this->bo->check_perms(EGW_ACL_DELETE,$event);
if (!$event['id'] || $this->bo->check_perms(EGW_ACL_EDIT,$event)) // new event or edit rights to the event ==> allow to add alarm for all users if (!$event['id'] || $this->bo->check_perms(EGW_ACL_EDIT,$event)) // new event or edit rights to the event ==> allow to add alarm for all users
{ {