holm/egroupware
1
1
Fork 0
forked from extern/egroupware
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Calendar - Remove contacts matching accounts user has no access to so nobody selects it thinking they are selecting the user account

Browse Source
This commit is contained in:
nathangray 2017-03-07 11:08:26 -07:00
parent a14a8681fc
commit 2dbe3e785e
1 changed files with 38 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
calendar/inc/class.calendar_owner_etemplate_widget.inc.php
View File

@ -146,6 +146,11 @@ class calendar_owner_etemplate_widget extends Etemplate\Widget\Taglist
array_diff_key($_REQUEST, array_flip(array('menuaction','query'))); array_diff_key($_REQUEST, array_flip(array('menuaction','query')));
$results = array(); $results = array();
// Contacts matching accounts the user does not have permission for cause
// confusion as user selects the contact and there's nothing there, so
// we remove those contacts
$remove_contacts = array();
$resources = array_merge(array('' => $bo->resources['']),$bo->resources); $resources = array_merge(array('' => $bo->resources['']),$bo->resources);
foreach($resources as $type => $data) foreach($resources as $type => $data)
{ {
@ -159,34 +164,52 @@ class calendar_owner_etemplate_widget extends Etemplate\Widget\Taglist
$_results += Api\Accounts::link_query($query, $account_options); $_results += Api\Accounts::link_query($query, $account_options);
if (!empty($_REQUEST['checkgrants'])) if (!empty($_REQUEST['checkgrants']))
{ {
$_results = array_intersect_key($_results, $GLOBALS['egw']->acl->get_grants('calendar')); $grants = $GLOBALS['egw']->acl->get_grants('calendar');
$remove_contacts = array_diff_key($_results, $grants);
$_results = array_intersect_key($_results, $grants);
} }
} }
// App provides a custom search function
else if ($data['app'] && $data['search']) else if ($data['app'] && $data['search'])
{ {
$_results = call_user_func_array($data['search'], array($query, $options)); $_results = call_user_func_array($data['search'], array($query, $options));
} }
// Use standard link registry
else if ($data['app'] && Link::get_registry($data['app'], 'query')) else if ($data['app'] && Link::get_registry($data['app'], 'query'))
{ {
$_results = Link::query($data['app'], $query,$options); $_results = Link::query($data['app'], $query,$options);
} }
if ($type == 'l')
// There are always special cases
switch ($type)
{ {
// Include mailing lists case 'c':
$contacts_obj = new Api\Contacts(); // Remove contacts matching excluded accounts
$lists = array_filter( foreach($_results as $key => $title)
$contacts_obj->get_lists(Api\Acl::READ), {
function($element) use($query) { if(in_array($title, $remove_contacts) || is_array($title) && in_array($title['label'], $remove_contacts))
return (stripos($element, $query) !== false); {
unset($_results[$key]);
}
} }
); break;
foreach($lists as $list_id => $list) case 'l':
{ // Include mailing lists
$_results[$list_id] = array( $contacts_obj = new Api\Contacts();
'label' => $list, $lists = array_filter(
'resources' => $bo->enum_mailing_list($type.$list_id) $contacts_obj->get_lists(Api\Acl::READ),
function($element) use($query) {
return (stripos($element, $query) !== false);
}
); );
} foreach($lists as $list_id => $list)
{
$_results[$list_id] = array(
'label' => $list,
'resources' => $bo->enum_mailing_list($type.$list_id)
);
}
break;
} }
if(!$_results) if(!$_results)
{ {