holm/egroupware
1
1
Fork 0
forked from extern/egroupware
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Calendar - Remove contacts matching accounts user has no access to so nobody selects it thinking they are selecting the user account

Browse Source
This commit is contained in:
nathangray 2017-03-07 11:08:26 -07:00
parent a14a8681fc
commit 2dbe3e785e
1 changed files with 38 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
calendar/inc/class.calendar_owner_etemplate_widget.inc.php
View File

@ -146,6 +146,11 @@ class calendar_owner_etemplate_widget extends Etemplate\Widget\Taglist
array_diff_key($_REQUEST, array_flip(array('menuaction','query'))); array_diff_key($_REQUEST, array_flip(array('menuaction','query')));
$results = array(); $results = array();
// Contacts matching accounts the user does not have permission for cause
// confusion as user selects the contact and there's nothing there, so
// we remove those contacts
$remove_contacts = array();
$resources = array_merge(array('' => $bo->resources['']),$bo->resources); $resources = array_merge(array('' => $bo->resources['']),$bo->resources);
foreach($resources as $type => $data) foreach($resources as $type => $data)
{ {
@ -159,19 +164,36 @@ class calendar_owner_etemplate_widget extends Etemplate\Widget\Taglist
$_results += Api\Accounts::link_query($query, $account_options); $_results += Api\Accounts::link_query($query, $account_options);
if (!empty($_REQUEST['checkgrants'])) if (!empty($_REQUEST['checkgrants']))
{ {
$_results = array_intersect_key($_results, $GLOBALS['egw']->acl->get_grants('calendar')); $grants = $GLOBALS['egw']->acl->get_grants('calendar');
$remove_contacts = array_diff_key($_results, $grants);
$_results = array_intersect_key($_results, $grants);
} }
} }
// App provides a custom search function
else if ($data['app'] && $data['search']) else if ($data['app'] && $data['search'])
{ {
$_results = call_user_func_array($data['search'], array($query, $options)); $_results = call_user_func_array($data['search'], array($query, $options));
} }
// Use standard link registry
else if ($data['app'] && Link::get_registry($data['app'], 'query')) else if ($data['app'] && Link::get_registry($data['app'], 'query'))
{ {
$_results = Link::query($data['app'], $query,$options); $_results = Link::query($data['app'], $query,$options);
} }
if ($type == 'l')
// There are always special cases
switch ($type)
{ {
case 'c':
// Remove contacts matching excluded accounts
foreach($_results as $key => $title)
{
if(in_array($title, $remove_contacts) || is_array($title) && in_array($title['label'], $remove_contacts))
{
unset($_results[$key]);
}
}
break;
case 'l':
// Include mailing lists // Include mailing lists
$contacts_obj = new Api\Contacts(); $contacts_obj = new Api\Contacts();
$lists = array_filter( $lists = array_filter(
@ -187,6 +209,7 @@ class calendar_owner_etemplate_widget extends Etemplate\Widget\Taglist
'resources' => $bo->enum_mailing_list($type.$list_id) 'resources' => $bo->enum_mailing_list($type.$list_id)
); );
} }
break;
} }
if(!$_results) if(!$_results)
{ {