forked from extern/egroupware
respect category permissions in calendar gui, unified var name of categories object
This commit is contained in:
parent
a7c2b81b85
commit
8e63887331
@ -47,11 +47,11 @@ class calendar_ui
|
||||
*/
|
||||
var $datetime;
|
||||
/**
|
||||
* Reference to global categories class
|
||||
* Instance of categories class
|
||||
*
|
||||
* @var categories
|
||||
*/
|
||||
var $cats;
|
||||
var $categories;
|
||||
/**
|
||||
* Reference to global uiaccountsel class
|
||||
*
|
||||
@ -145,14 +145,8 @@ class calendar_ui
|
||||
$this->datetime = $GLOBALS['egw']->datetime;
|
||||
$this->accountsel = $GLOBALS['egw']->uiaccountsel;
|
||||
|
||||
if ($GLOBALS['egw']->categories->app_name != 'calendar')
|
||||
{
|
||||
$this->cats = new categories('','calendar'); // we need an own instance to get the calendar cats
|
||||
}
|
||||
else
|
||||
{
|
||||
$this->cats = $GLOBALS['egw']->categories;
|
||||
}
|
||||
$this->categories = new categories($this->user,'calendar');
|
||||
|
||||
$this->common_prefs = &$GLOBALS['egw_info']['user']['preferences']['common'];
|
||||
$this->cal_prefs = &$GLOBALS['egw_info']['user']['preferences']['calendar'];
|
||||
$this->bo->check_set_default_prefs();
|
||||
@ -170,6 +164,35 @@ class calendar_ui
|
||||
// calendar does not work with hidden sidebox atm.
|
||||
unset($GLOBALS['egw_info']['user']['preferences']['common']['auto_hide_sidebox']);
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks category permissions
|
||||
* Takes a commaseparated list of category ids
|
||||
* and truncates it by the ones the user does not have the requested permission on
|
||||
*
|
||||
* @param int $needed necessary ACL right: EGW_ACL_{READ|EDIT|DELETE}
|
||||
* @param string $categories commaseparated list of category ids
|
||||
* @return string truncated commaseparated list of category ids
|
||||
*/
|
||||
function check_category_perms($needed, $categories)
|
||||
{
|
||||
if (empty($categories)) return $categories;
|
||||
|
||||
$cat_arr = explode(',',$categories);
|
||||
if (!empty($cat_arr) && is_array($cat_arr) && count($cat_arr) > 0)
|
||||
{
|
||||
foreach($cat_arr as $id=>$cat_id)
|
||||
{
|
||||
if (!$this->categories->check_perms($needed, $cat_id))
|
||||
{
|
||||
unset($cat_arr[$id]);
|
||||
}
|
||||
}
|
||||
$categories = implode(',',$cat_arr);
|
||||
}
|
||||
|
||||
return $categories;
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks and terminates (or returns for home) with a message if $this->owner include a user/resource we have no read-access to
|
||||
@ -699,7 +722,7 @@ class calendar_ui
|
||||
// Category Selection
|
||||
$file[++$n] = $this->_select_box('Category','cat_id',
|
||||
'<option value="0">'.lang('All categories').'</option>'.
|
||||
$this->cats->formatted_list('select','all',$this->cat_id,'True'),$baseurl ? $baseurl.'&cat_id=' : '');
|
||||
$this->categories->formatted_list('select','all',$this->cat_id,'True'),$baseurl ? $baseurl.'&cat_id=' : '');
|
||||
|
||||
// Filter all or hideprivate
|
||||
$options = '';
|
||||
|
@ -1046,6 +1046,9 @@ class calendar_uiforms extends calendar_ui
|
||||
$onclick = str_replace('Delete this event','Delete this series of recuring events',$onclick);
|
||||
}
|
||||
$content['participants']['no_add'] = true;
|
||||
|
||||
// respect category ACLs
|
||||
$content['category'] = $this->check_category_perms(EGW_ACL_READ, $event['category']);
|
||||
}
|
||||
else
|
||||
{
|
||||
|
@ -312,6 +312,7 @@ class calendar_uilist extends calendar_ui
|
||||
}
|
||||
if (empty($event['description'])) $event['description'] = ' '; // no description screws the titles horz. alignment
|
||||
if (empty($event['location'])) $event['location'] = ' '; // no location screws the owner horz. alignment
|
||||
$event['category'] = $this->check_category_perms(EGW_ACL_READ, $event['category']);
|
||||
|
||||
$rows[] = $event;
|
||||
}
|
||||
|
@ -1160,8 +1160,7 @@ class calendar_uiviews extends calendar_ui
|
||||
$is_private = !$this->bo->check_perms(EGW_ACL_READ,$event);
|
||||
|
||||
$icons = !$is_private ? $this->event_icons($event) : array(html::image('calendar','private',lang('private')));
|
||||
$cats = $this->bo->categories($event['category'],$color);
|
||||
|
||||
$cats = $this->bo->categories($this->check_category_perms(EGW_ACL_READ, $event['category']),$color);
|
||||
// these values control varius aspects of the geometry of the eventWidget
|
||||
$small_trigger_width = 120 + 20*count($icons);
|
||||
$corner_radius=$width > $small_trigger_width ? 10 : 5;
|
||||
@ -1175,7 +1174,7 @@ class calendar_uiviews extends calendar_ui
|
||||
$bodybgcolor1 = $this->brighter($headerbgcolor,$headerbgcolor == '#808080' ? 100 : 170);
|
||||
$bodybgcolor2 = $this->brighter($headerbgcolor,220);
|
||||
|
||||
// mark event as invitation, by NOT using category based backgrond color, but plain white
|
||||
// mark event as invitation, by NOT using category based background color, but plain white
|
||||
if ($event['participants'][$this->user][0] == 'U')
|
||||
{
|
||||
$bodybgcolor1 = $bodybgcolor2 = 'white';
|
||||
@ -1586,7 +1585,7 @@ class calendar_uiviews extends calendar_ui
|
||||
if (!is_array($cat2sort))
|
||||
{
|
||||
$cat2sort = array();
|
||||
foreach((array)$this->cats->return_array('all',0,false,'','','',true) as $data)
|
||||
foreach((array)$this->categories->return_array('all',0,false,'','','',true) as $data)
|
||||
{
|
||||
if ($data['parent'] == $this->cat_id || $data['id'] == $this->cat_id) // cat is a direct sub of $this->cat_id
|
||||
{
|
||||
@ -1612,7 +1611,7 @@ class calendar_uiviews extends calendar_ui
|
||||
$sort2label[0] = lang('none');
|
||||
$ret[] = 0;
|
||||
}
|
||||
//echo "<p>uiviews::_get_planner_cats($cats=".$this->cats->id2name($cats).") (this->cat_id=$this->cat_id) = ".print_r($ret,true).'='.$this->cats->id2name($ret[0])."</p>\n";
|
||||
//echo "<p>uiviews::_get_planner_cats($cats=".$this->categories->id2name($cats).") (this->cat_id=$this->cat_id) = ".print_r($ret,true).'='.$this->categories->id2name($ret[0])."</p>\n";
|
||||
return $ret;
|
||||
}
|
||||
|
||||
@ -2033,6 +2032,4 @@ class calendar_uiviews extends calendar_ui
|
||||
|
||||
return $dayEvents;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user