fix for bug #1739: config for CSV export for non-admins is not working.

Reworked it not in the following way:
- numerical limit or total disabling (setting "no"), are only valid for
  non-admins
- addressbook has it's own value, but uses now the global one, if no
  addressbook specific limit is set
This commit is contained in:
Ralf Becker 2008-10-16 11:17:49 +00:00
parent dd21535a72
commit 273bd722e2
5 changed files with 31 additions and 8 deletions

View File

@ -69,6 +69,16 @@ class addressbook_ui extends addressbook_bo
$GLOBALS['egw_info']['flags']['java_script'].= $this->js();
}
$this->config =& $GLOBALS['egw_info']['server'];
// check if a contact specific export limit is set, if yes use it also for etemplate's csv export
if (!$this->config['contact_export_limit'])
{
$this->config['export_limit'] = $this->config['contact_export_limit'];
}
else // if not use the global one
{
$this->config['contact_export_limit'] = $this->config['export_limit'];
}
}
/**
@ -244,8 +254,16 @@ class addressbook_ui extends addressbook_bo
}
$sel_options['action'] += array(
'delete' => lang('Delete'),
'csv' => lang('Export as CSV'),
'vcard' => lang('Export as VCard'), // ToDo: move this to importexport framework
);
// check if user is an admin or the export is not generally turned off (contact_export_limit is non-numerical, eg. no)
if (isset($GLOBALS['egw_info']['user']['apps']['admin']) || !$this->config['contact_export_limit'] || (int)$this->config['contact_export_limit'])
{
$sel_options['action'] += array(
'csv' => lang('Export as CSV'),
'vcard' => lang('Export as VCard'), // ToDo: move this to importexport framework
);
}
$sel_options['action'] += array(
'merge' => lang('Merge into first or account, deletes all other!'),
'cat_add' => lang('Add or delete Categoies'), // add a categirie to multible addresses
'infolog_add' => lang('Add a new Infolog'),
@ -496,8 +514,9 @@ class addressbook_ui extends addressbook_bo
$action = 'document';
}
// Security: stop non-admins to export more then the configured number of contacts
if (in_array($action,array('csv','vcard')) && (int)$this->config['contact_export_limit'] &&
!isset($GLOBALS['egw_info']['user']['apps']['admin']) && count($checked) > $this->config['contact_export_limit'])
if (in_array($action,array('csv','vcard')) && $this->config['contact_export_limit'] &&
!isset($GLOBALS['egw_info']['user']['apps']['admin']) &&
(!is_numeric($this->config['contact_export_limit']) || count($checked) > $this->config['contact_export_limit']))
{
$action_msg = lang('exported');
$failed = count($checked);

View File

@ -7,6 +7,7 @@
%1 starts with '%2' addressbook de %1 beginnt mit '%2'
%s please calculate the result addressbook de %s Bitte berechnen Sie das Ergebnis
(e.g. 1969) addressbook de (z.B. 1966)
(empty = use global limit, no = no export at all) admin de (leer = globale Begrenzung verwenden, nein = gar kein Export)
<b>no conversion type &lt;none&gt; could be located.</b> please choose a conversion type from the list addressbook de <b>Kein Übersetzungstyp <none> konnte gefunden werden.</b> Bitte wählen Sie einen Übersetzungstyp aus der Liste
@-eval() is only availible to admins!!! addressbook de @-eval() ist nur verfügbar für Administratoren!!!
account repository admin de Speicherort für Benutzerkonten
@ -209,7 +210,7 @@ home phone addressbook de Tel. privat
home state addressbook de Bundesland privat
home street addressbook de Straße privat
home zip code addressbook de PLZ privat
how many contacts should non-admins be able to export (empty = no limit) admin de Wieviele Kontakte sollen nicht-Adminstratoren exportieren können (leer = keine Begrenzung)
how many contacts should non-admins be able to export admin de Wieviele Kontakte sollen nicht-Adminstratoren exportieren können
icon addressbook de Icon
if accounts are already in ldap admin de wenn die Benutzer bereits im LDAP sind
if you specify a directory (full vfs path) here, addressbook displays an action for each document. that action allows to download the specified document with the contact data inserted. addressbook de Wenn Sie hier ein Verzeichnis (kompletter VFS Pfad) angeben, zeigt das Adressbuch einen Befehl für jedes Dokument darin. Diese Befehle erlauben das angegebene Dokument mit Kontaktdaten eingefügt herunterzuladen.

View File

@ -7,6 +7,7 @@
%1 starts with '%2' addressbook en %1 starts with '%2'
%s please calculate the result addressbook en %s please calculate the result
(e.g. 1969) addressbook en (e.g. 1969)
(empty = use global limit, no = no export at all) admin en (empty = use global limit, no = no export at all)
<b>no conversion type &lt;none&gt; could be located.</b> please choose a conversion type from the list addressbook en <b>No conversion type &lt;none&gt; could be located.</b> Please choose a conversion type from the list
@-eval() is only availible to admins!!! addressbook en @-eval() is only availible to admins!!!
account repository admin en Account repository
@ -209,7 +210,7 @@ home phone addressbook en Home Phone
home state addressbook en Home State
home street addressbook en Home Street
home zip code addressbook en Home ZIP Code
how many contacts should non-admins be able to export (empty = no limit) admin en How many contacts should non-admins be able to export (empty = no limit)
how many contacts should non-admins be able to export admin en How many contacts should non-admins be able to export
icon addressbook en Icon
if accounts are already in ldap admin en if accounts are already in LDAP
if you specify a directory (full vfs path) here, addressbook displays an action for each document. that action allows to download the specified document with the contact data inserted. addressbook en If you specify a directory (full vfs path) here, addressbook displays an action for each document. That action allows to download the specified document with the contact data inserted.

View File

@ -63,7 +63,8 @@
</td>
</tr>
<tr class="row_on">
<td>&nbsp;<b>{lang_Security}</b>: {lang_How_many_contacts_should_non-admins_be_able_to_export_(empty_=_no_limit)}:</td>
<td>&nbsp;<b>{lang_Security}</b>: {lang_How_many_contacts_should_non-admins_be_able_to_export}
{lang_(empty_=_use_global_limit,_no_=_no_export_at_all)}:</td>
<td><input name="newsettings[contact_export_limit]" value="{value_contact_export_limit}" size="5"></td>
</tr>
<tr class="th">

View File

@ -264,7 +264,8 @@ class nextmatch_widget
$extension_data += $value;
$value['no_csv_export'] = $value['csv_fields'] === false ||
$GLOBALS['egw_info']['server']['export_limit'] && !is_numeric($GLOBALS['egw_info']['server']['export_limit']);
$GLOBALS['egw_info']['server']['export_limit'] && !is_numeric($GLOBALS['egw_info']['server']['export_limit']) &&
!isset($GLOBALS['egw_info']['user']['apps']['admin']);
if (!$value['filter_onchange']) $value['filter_onchange'] = 'this.form.submit();';
if (!$value['filter2_onchange']) $value['filter2_onchange'] = 'this.form.submit();';