changes to implement policies on contact sharing

This commit is contained in:
Ralf Becker 2020-10-26 10:44:40 +01:00
parent 090c443f20
commit 93e5afac69
7 changed files with 45 additions and 11 deletions

View File

@ -162,14 +162,21 @@ class addressbook_ui extends addressbook_bo
{ {
$success = $failed = $action_msg = null; $success = $failed = $action_msg = null;
if ($this->action($_content['nm']['action'],$_content['nm']['selected'],$_content['nm']['select_all'], if ($this->action($_content['nm']['action'],$_content['nm']['selected'],$_content['nm']['select_all'],
$success,$failed,$action_msg,'index',$msg,$_content['nm']['checkboxes'])) $success,$failed,$action_msg,'index',$msg,$_content['nm']['checkboxes'], $error_msg))
{ {
$msg .= lang('%1 contact(s) %2',$success,$action_msg); $msg .= lang('%1 contact(s) %2',$success,$action_msg);
Framework::message($msg); Framework::message($msg);
} }
elseif(is_null($msg)) elseif(is_null($msg))
{ {
$msg .= lang('%1 contact(s) %2, %3 failed because of insufficent rights !!!',$success,$action_msg,$failed); if (empty($error_msg))
{
$msg .= lang('%1 contact(s) %2, %3 failed because of insufficent rights !!!', $success, $action_msg, $failed);
}
else
{
$msg .= lang('%1 contact(s) %2, %3 failed because of %4 !!!', $success, $action_msg, $failed, $error_msg);
}
Framework::message($msg,'error'); Framework::message($msg,'error');
} }
$msg = ''; $msg = '';
@ -1213,12 +1220,14 @@ class addressbook_ui extends addressbook_bo
* @param int &$failed number of failed actions (not enought permissions) * @param int &$failed number of failed actions (not enought permissions)
* @param string &$action_msg translated verb for the actions, to be used in a message like %1 contacts 'deleted' * @param string &$action_msg translated verb for the actions, to be used in a message like %1 contacts 'deleted'
* @param string/array $session_name 'index' or array with session-data depending if we are in the main list or the popup * @param string/array $session_name 'index' or array with session-data depending if we are in the main list or the popup
* @param ?string& $error_msg on return optional error-message
* @return boolean true if all actions succeded, false otherwise * @return boolean true if all actions succeded, false otherwise
*/ */
function action($action,$checked,$use_all,&$success,&$failed,&$action_msg,$session_name,&$msg, $checkboxes = NULL) function action($action, $checked, $use_all, &$success, &$failed, &$action_msg, $session_name, &$msg, $checkboxes = NULL, &$error_msg=null)
{ {
//echo "<p>uicontacts::action('$action',".print_r($checked,true).','.(int)$use_all.",...)</p>\n"; //echo "<p>uicontacts::action('$action',".print_r($checked,true).','.(int)$use_all.",...)</p>\n";
$success = $failed = 0; $success = $failed = 0;
$error_msg = null;
if ($use_all || in_array($action,array('remove_from_list','delete_list','unshare'))) if ($use_all || in_array($action,array('remove_from_list','delete_list','unshare')))
{ {
// get the whole selection // get the whole selection
@ -1509,8 +1518,10 @@ class addressbook_ui extends addressbook_bo
'shared_at' => new Api\DateTime('now'), 'shared_at' => new Api\DateTime('now'),
// only allow to share writable, if user has edit-rights! // only allow to share writable, if user has edit-rights!
'shared_writable' => (int)($checkboxes['writable'] && $this->check_perms(Acl::EDIT, $contact)), 'shared_writable' => (int)($checkboxes['writable'] && $this->check_perms(Acl::EDIT, $contact)),
'contact_id' => $id,
'contact' => $contact,
]]; ]];
if ($this->check_shared_with($new_shared_with)) // returns [] if OK if ($this->check_shared_with($new_shared_with, $error_msg)) // returns [] if OK
{ {
$Ok = false; $Ok = false;
} }
@ -2765,7 +2776,7 @@ class addressbook_ui extends addressbook_bo
/** /**
* Check if user has right to share with / into given AB * Check if user has right to share with / into given AB
* *
* @param array $_data values for keys "shared_writable" and "shared_values" * @param array $_data values for keys "shared_writable", "shared_values" and "contact"
* @return array of entries removed from $shared_with because current user is not allowed to share into * @return array of entries removed from $shared_with because current user is not allowed to share into
*/ */
public function ajax_check_shared(array $_data) public function ajax_check_shared(array $_data)
@ -2787,11 +2798,12 @@ class addressbook_ui extends addressbook_bo
{ {
$shared[$value] = array_combine(['shared_id', 'shared_with', 'shared_by', 'shared_writable'], explode(':', $value)); $shared[$value] = array_combine(['shared_id', 'shared_with', 'shared_by', 'shared_writable'], explode(':', $value));
} }
$shared[$value]['contact'] = $_data['contact'];
} }
if (($failed = $this->check_shared_with($shared))) if (($failed = $this->check_shared_with($shared, $error)))
{ {
$response->data(array_keys($failed)); $response->data(array_keys($failed));
$response->message(lang('You are not allowed to share into the addressbook of %1', $response->message($error ?: lang('You are not allowed to share into the addressbook of %1',
implode(', ', array_map(function ($data) { implode(', ', array_map(function ($data) {
return Api\Accounts::username($data['shared_with']); return Api\Accounts::username($data['shared_with']);
}, $failed))), 'error'); }, $failed))), 'error');

View File

@ -1235,6 +1235,7 @@ var AddressbookApp = /** @class */ (function (_super) {
var value = (_a = shared) === null || _a === void 0 ? void 0 : _a.get_value(); var value = (_a = shared) === null || _a === void 0 ? void 0 : _a.get_value();
if (value) { if (value) {
this.egw.json('addressbook.addressbook_ui.ajax_check_shared', [{ this.egw.json('addressbook.addressbook_ui.ajax_check_shared', [{
contact: this.et2.getInstanceManager().getValues(this.et2),
shared_values: value, shared_values: value,
shared_writable: this.et2.getInputWidgetById('shared_writable').get_value() shared_writable: this.et2.getInputWidgetById('shared_writable').get_value()
}], function (_data) { }], function (_data) {

View File

@ -1492,6 +1492,7 @@ class AddressbookApp extends EgwApp
if (value) if (value)
{ {
this.egw.json('addressbook.addressbook_ui.ajax_check_shared', [{ this.egw.json('addressbook.addressbook_ui.ajax_check_shared', [{
contact: this.et2.getInstanceManager().getValues(this.et2), // for sharing policy
shared_values: value, shared_values: value,
shared_writable: this.et2.getInputWidgetById('shared_writable').get_value() shared_writable: this.et2.getInputWidgetById('shared_writable').get_value()
}], _data => { }], _data => {

View File

@ -1,6 +1,7 @@
%1 added addressbook de %1 hinzugefügt %1 added addressbook de %1 hinzugefügt
%1 contact(s) %2 addressbook de %1 Kontakt(e) %2 %1 contact(s) %2 addressbook de %1 Kontakt(e) %2
%1 contact(s) %2, %3 failed because of insufficent rights !!! addressbook de %1 Kontakt(e) %2, %3 nicht wegen fehlender Rechte !!! %1 contact(s) %2, %3 failed because of %4 !!! addressbook de %1 Kontakt(e) %2, %3 nicht da %4!
%1 contact(s) %2, %3 failed because of insufficent rights !!! addressbook de %1 Kontakt(e) %2, %3 nicht wegen fehlender Rechte!
%1 contacts updated (%2 errors). addressbook de %1 Kontakte aktualisiert (%2 Fehler). %1 contacts updated (%2 errors). addressbook de %1 Kontakte aktualisiert (%2 Fehler).
%1 fields in %2 other organisation member(s) changed addressbook de %1 Felder in %2 Mitglied(ern) der Organisation geändert %1 fields in %2 other organisation member(s) changed addressbook de %1 Felder in %2 Mitglied(ern) der Organisation geändert
%1 key(s) added to public keyserver "%2". addressbook de %1 Schlüssel wurden dem öffentlichen Schlüsselserver "%2" eingetragen. %1 key(s) added to public keyserver "%2". addressbook de %1 Schlüssel wurden dem öffentlichen Schlüsselserver "%2" eingetragen.
@ -433,7 +434,6 @@ replacements for inserting contacts into documents addressbook de Platzhalter f
required fields * addressbook de unbedingt auszufüllende Felder * required fields * addressbook de unbedingt auszufüllende Felder *
role addressbook de Beruf role addressbook de Beruf
room addressbook de Raum room addressbook de Raum
schedule a video conference addressbook de Videokonferenz planen
search letter addressbook de Suche nach Buchstaben search letter addressbook de Suche nach Buchstaben
select a portrait format jpeg photo. it will be resized to 60 pixel width. addressbook de Wählen Sie ein hochformatiges jpeg Foto. Es wird 60 Pixel breit skaliert. select a portrait format jpeg photo. it will be resized to 60 pixel width. addressbook de Wählen Sie ein hochformatiges jpeg Foto. Es wird 60 Pixel breit skaliert.
select a source address to be used in geolocation routing system addressbook de Legen Sie fest, wie der Startpunkt für die Routenplanung gesetzt wird. select a source address to be used in geolocation routing system addressbook de Legen Sie fest, wie der Startpunkt für die Routenplanung gesetzt wird.

View File

@ -1,5 +1,6 @@
%1 added addressbook en %1 added %1 added addressbook en %1 added
%1 contact(s) %2 addressbook en %1 contact(s) %2 %1 contact(s) %2 addressbook en %1 contact(s) %2
%1 contact(s) %2, %3 failed because of %4 !!! addressbook en %1 contact(s) %2, %3 failed because of %4 !!!
%1 contact(s) %2, %3 failed because of insufficent rights !!! addressbook en %1 contact(s) %2, %3 failed because of insufficient rights! %1 contact(s) %2, %3 failed because of insufficent rights !!! addressbook en %1 contact(s) %2, %3 failed because of insufficient rights!
%1 contacts updated (%2 errors). addressbook en %1 contacts updated (%2 errors). %1 contacts updated (%2 errors). addressbook en %1 contacts updated (%2 errors).
%1 fields in %2 other organisation member(s) changed addressbook en %1 fields in %2 other organization member(s) changed. %1 fields in %2 other organisation member(s) changed addressbook en %1 fields in %2 other organization member(s) changed.
@ -433,7 +434,6 @@ replacements for inserting contacts into documents addressbook en Replacements f
required fields * addressbook en Required fields * required fields * addressbook en Required fields *
role addressbook en Occupation role addressbook en Occupation
room addressbook en Room room addressbook en Room
schedule a video conference addressbook en Schedule a video conference
search letter addressbook en Search letter search letter addressbook en Search letter
select a portrait format jpeg photo. it will be resized to 60 pixel width. addressbook en Select a portrait format jpeg photo. It will be re-sized to 60 pixel width. select a portrait format jpeg photo. it will be resized to 60 pixel width. addressbook en Select a portrait format jpeg photo. It will be re-sized to 60 pixel width.
select a source address to be used in geolocation routing system addressbook en Select a source address to be used in GeoLocation routing system select a source address to be used in geolocation routing system addressbook en Select a source address to be used in GeoLocation routing system

View File

@ -606,6 +606,10 @@ abstract class admin_cmd
$class = 'EGroupware\\' . $class; $class = 'EGroupware\\' . $class;
$label = $class::name(); $label = $class::name();
} }
else
{
unset($labels[$class]);
}
} }
// sort them alphabetic // sort them alphabetic

View File

@ -1283,9 +1283,10 @@ class Contacts extends Contacts\Storage
* Check if user has right to share with / into given AB * Check if user has right to share with / into given AB
* *
* @param array[]& $shared_with array of arrays with values for keys "shared_with", "shared_by", ... * @param array[]& $shared_with array of arrays with values for keys "shared_with", "shared_by", ...
* @param ?string& $error on return error-message
* @return array entries removed from $shared_with because current user is not allowed to share into (key is preserved) * @return array entries removed from $shared_with because current user is not allowed to share into (key is preserved)
*/ */
function check_shared_with(array &$shared_with=null) function check_shared_with(array &$shared_with=null, &$error=null)
{ {
$removed = []; $removed = [];
foreach((array)$shared_with as $key => $shared) foreach((array)$shared_with as $key => $shared)
@ -1304,6 +1305,21 @@ class Contacts extends Contacts\Storage
unset($shared_with[$key]); unset($shared_with[$key]);
} }
} }
// allow apps to modifiy
$results = [];
foreach(Hooks::process([
'location' => 'check_shared_with',
'shared_with' => &$shared_with,
'removed' => &$removed,
], true) as $result)
{
if ($result)
{
$results = array_merge($results, $result);
}
}
if ($results) $error = implode("\n", $results);
return $removed; return $removed;
} }