[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Fmsystem-commits] [15175] change logic for getting grants of permission
From: |
sigurdne |
Subject: |
[Fmsystem-commits] [15175] change logic for getting grants of permission |
Date: |
Thu, 19 May 2016 07:10:03 +0000 (UTC) |
Revision: 15175
http://svn.sv.gnu.org/viewvc/?view=rev&root=fmsystem&revision=15175
Author: sigurdne
Date: 2016-05-19 07:10:02 +0000 (Thu, 19 May 2016)
Log Message:
-----------
change logic for getting grants of permission
Modified Paths:
--------------
trunk/demo/inc/class.sodemo.inc.php
trunk/helpdesk/inc/class.sotts.inc.php
trunk/hrm/inc/class.bocommon.inc.php
trunk/hrm/inc/class.souser.inc.php
trunk/hrm/inc/class.uiuser.inc.php
trunk/notes/inc/class.sonotes.inc.php
trunk/notes/inc/class.uinotes.inc.php
trunk/phpgwapi/inc/class.acl.inc.php
trunk/phpgwapi/inc/class.phpgw.inc.php
trunk/property/inc/class.boadmin_entity.inc.php
trunk/property/inc/class.boadmin_location.inc.php
trunk/property/inc/class.boagreement.inc.php
trunk/property/inc/class.boasync.inc.php
trunk/property/inc/class.bobudget.inc.php
trunk/property/inc/class.bocommon.inc.php
trunk/property/inc/class.bocustom.inc.php
trunk/property/inc/class.bodocument.inc.php
trunk/property/inc/class.boentity.inc.php
trunk/property/inc/class.bogab.inc.php
trunk/property/inc/class.boifc.inc.php
trunk/property/inc/class.boinvestment.inc.php
trunk/property/inc/class.bolocation.inc.php
trunk/property/inc/class.bopricebook.inc.php
trunk/property/inc/class.boproject.inc.php
trunk/property/inc/class.borequest.inc.php
trunk/property/inc/class.bos_agreement.inc.php
trunk/property/inc/class.botemplate.inc.php
trunk/property/inc/class.botenant_claim.inc.php
trunk/property/inc/class.bowo_hour.inc.php
trunk/property/inc/class.boworkorder.inc.php
trunk/property/inc/class.soagreement.inc.php
trunk/property/inc/class.socustom.inc.php
trunk/property/inc/class.soentity.inc.php
trunk/property/inc/class.sojasper.inc.php
trunk/property/inc/class.soproject.inc.php
trunk/property/inc/class.sos_agreement.inc.php
trunk/property/inc/class.sotts.inc.php
trunk/property/inc/class.soworkorder.inc.php
trunk/property/inc/class.uijasper.inc.php
trunk/property/inc/class.uiproject.inc.php
trunk/property/inc/class.uiresponsible.inc.php
trunk/property/inc/class.uiwo_hour.inc.php
trunk/property/inc/class.uiworkorder.inc.php
trunk/sms/inc/class.soautoreply.inc.php
trunk/sms/inc/class.socommand.inc.php
trunk/sms/inc/class.sopoll.inc.php
trunk/sms/inc/class.sosms.inc.php
trunk/todo/inc/class.botodo.inc.php
trunk/todo/inc/class.sotodo.inc.php
trunk/todo/inc/class.uitodo.inc.php
Modified: trunk/demo/inc/class.sodemo.inc.php
===================================================================
--- trunk/demo/inc/class.sodemo.inc.php 2016-05-19 00:37:29 UTC (rev 15174)
+++ trunk/demo/inc/class.sodemo.inc.php 2016-05-19 07:10:02 UTC (rev 15175)
@@ -60,7 +60,7 @@
$this->custom = createObject('property.custom_fields');
$GLOBALS['phpgw']->acl->set_account_id($this->account);
- $this->grants =
$GLOBALS['phpgw']->acl->get_grants('demo', $this->acl_location);
+ $this->grants =
$GLOBALS['phpgw']->acl->get_grants2('demo', $this->acl_location);
}
function read( $data )
@@ -83,15 +83,36 @@
if (!$filter)
{
- if (is_array($this->grants))
+ $public_user_list = array();
+ if (is_array($this->grants['accounts']) &&
$this->grants['accounts'])
{
- while (list($user) =
each($this->grants))
+ foreach($this->grants['accounts'] as
$user => $_right)
{
$public_user_list[] = $user;
}
+ unset($user);
reset($public_user_list);
- $filtermethod .= " $where (
$table.user_id IN(" . implode(',', $public_user_list) . "))";
+ $filtermethod .= " $where
(({$table}.user_id IN(" . implode(',', $public_user_list) . ")";
+ $where = 'AND';
}
+
+ $public_group_list = array();
+ if (is_array($this->grants['groups']) &&
$this->grants['groups'])
+ {
+ foreach($this->grants['groups'] as
$user => $_right)
+ {
+ $public_group_list[] = $user;
+ }
+ unset($user);
+ reset($public_group_list);
+ $where = $public_user_list ? 'OR' :
$where;
+ $filtermethod .= " $where
phpgw_group_map.group_id IN(" . implode(',', $public_group_list) . "))";
+ $where = 'AND';
+ }
+ if($public_user_list && !$public_group_list)
+ {
+ $filtermethod .=')';
+ }
}
else if ($filter == 'yours')
{
@@ -126,13 +147,19 @@
$querymethod = " $where name $this->like
'%$query%'";
}
- $sql = "SELECT COUNT(phpgw_demo_table.id) as cnt FROM
$table $filtermethod $querymethod";
+ $sql = "SELECT COUNT(phpgw_demo_table.id) as cnt FROM
$table"
+ . " {$this->join} phpgw_accounts ON (
{$table}.user_id = phpgw_accounts.account_id)"
+ . " {$this->join} phpgw_group_map ON
(phpgw_accounts.account_id = phpgw_group_map.account_id)"
+ . " $filtermethod $querymethod";
$this->db->query($sql, __LINE__, __FILE__);
$this->db->next_record();
$this->total_records = $this->db->f('cnt');
- $sql = "SELECT * FROM $table $filtermethod $querymethod
$ordermethod";
+ $sql = "SELECT DISTINCT {$table}.* FROM {$table}"
+ . " {$this->join} phpgw_accounts ON (
{$table}.user_id = phpgw_accounts.account_id)"
+ . " {$this->join} phpgw_group_map ON
(phpgw_accounts.account_id = phpgw_group_map.account_id)"
+ . " $filtermethod $querymethod $ordermethod";
if ($allrows)
{
@@ -151,7 +178,6 @@
'id' => $this->db->f('id'),
'name' => $this->db->f('name', true),
'entry_date' =>
$this->db->f('entry_date'),
- 'grants' =>
(int)$this->grants[$this->db->f('user_id')]
);
}
@@ -184,15 +210,36 @@
if (!$filter)
{
- if (is_array($this->grants))
+ $public_user_list = array();
+ if (is_array($this->grants['accounts']) &&
$this->grants['accounts'])
{
- while (list($user) =
each($this->grants))
+ foreach($this->grants['accounts'] as
$user => $_right)
{
$public_user_list[] = $user;
}
+ unset($user);
reset($public_user_list);
- $filtermethod .= " $where (
$table.user_id IN(" . implode(',', $public_user_list) . "))";
+ $filtermethod .= " $where
(({$table}.user_id IN(" . implode(',', $public_user_list) . ")";
+ $where = 'AND';
}
+
+ $public_group_list = array();
+ if (is_array($this->grants['groups']) &&
$this->grants['groups'])
+ {
+ foreach($this->grants['groups'] as
$user => $_right)
+ {
+ $public_group_list[] = $user;
+ }
+ unset($user);
+ reset($public_group_list);
+ $where = $public_user_list ? 'OR' :
$where;
+ $filtermethod .= " $where
phpgw_group_map.group_id IN(" . implode(',', $public_group_list) . "))";
+ $where = 'AND';
+ }
+ if($public_user_list && !$public_group_list)
+ {
+ $filtermethod .=')';
+ }
}
else if ($filter == 'yours')
{
@@ -317,7 +364,10 @@
$this->uicols = $uicols;
- $sql = "SELECT COUNT(phpgw_demo_table.id) as cnt FROM
$table $filtermethod $querymethod";
+ $sql = "SELECT COUNT(phpgw_demo_table.id) as cnt FROM"
+ . " {$this->join} phpgw_accounts ON (
{$table}.user_id = phpgw_accounts.account_id)"
+ . " {$this->join} phpgw_group_map ON
(phpgw_accounts.account_id = phpgw_group_map.account_id)"
+ . " $table $filtermethod $querymethod";
$this->db->query($sql, __LINE__, __FILE__);
$this->db->next_record();
$this->total_records = $this->db->f('cnt');
@@ -327,7 +377,10 @@
return array();
}
- $sql = "SELECT * FROM $table $filtermethod $querymethod
$ordermethod";
+ $sql = "SELECT DISTINCT {$table}.* FROM {$table}"
+ . " {$this->join} phpgw_accounts ON (
{$table}.user_id = phpgw_accounts.account_id)"
+ . " {$this->join} phpgw_group_map ON
(phpgw_accounts.account_id = phpgw_group_map.account_id)"
+ . " $filtermethod $querymethod $ordermethod";
if ($allrows)
{
$this->db->query($sql, __LINE__, __FILE__);
@@ -382,7 +435,6 @@
$values['user_id'] = $this->db->f('user_id');
$values['cat_id'] = $this->db->f('category');
$values['access'] = $this->db->f('access');
- $values['grants'] =
(int)$this->grants[$this->db->f('user_id')];
if (isset($values['attributes']) &&
is_array($values['attributes']))
{
Modified: trunk/helpdesk/inc/class.sotts.inc.php
===================================================================
--- trunk/helpdesk/inc/class.sotts.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/helpdesk/inc/class.sotts.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -121,28 +121,23 @@
$location_code = isset($data['location_code']) ?
$data['location_code'] : '';
$p_num = isset($data['p_num']) ?
$data['p_num'] : '';
- $this->grants =
$GLOBALS['phpgw']->session->appsession('grants_ticket','helpdesk');
+ $GLOBALS['phpgw']->acl->set_account_id($this->account);
+ $this->grants =
$GLOBALS['phpgw']->acl->get_grants2('helpdesk','.ticket');
- if(!$this->grants)
- {
-
$GLOBALS['phpgw']->acl->set_account_id($this->account);
- $this->grants =
$GLOBALS['phpgw']->acl->get_grants('helpdesk','.ticket');
-
$GLOBALS['phpgw']->session->appsession('grants_ticket','helpdesk',$this->grants);
- }
+ $order_join = "{$this->join} phpgw_accounts ON
phpgw_helpdesk_tickets.user_id=phpgw_accounts.account_id";
$result_order_field = '';
if ($order)
{
if( $order == 'assignedto' )
{
- $result_order_field =
',account_lastname';
- $order_join = "LEFT OUTER JOIN
phpgw_accounts ON phpgw_helpdesk_tickets.assignedto=phpgw_accounts.account_id";
- $order = 'account_lastname';
+// $result_order_field =
',account_lastname';
+// $order_join = "LEFT OUTER JOIN
phpgw_accounts ON phpgw_helpdesk_tickets.assignedto=phpgw_accounts.account_id";
+// $order = 'account_lastname';
}
else if( $order == 'user' )
{
$result_order_field =
',account_lastname';
- $order_join = "LEFT OUTER JOIN
phpgw_accounts ON phpgw_helpdesk_tickets.user_id=phpgw_accounts.account_id";
$order = 'account_lastname';
}
else
@@ -157,6 +152,8 @@
$ordermethod = ' ORDER BY
phpgw_helpdesk_tickets.id DESC';
}
+ $order_join .= " {$this->join} phpgw_group_map ON
(phpgw_accounts.account_id = phpgw_group_map.account_id)";
+
$filtermethod = '';
$categories =
$GLOBALS['phpgw']->locations->get_subs('helpdesk', '.ticket.category');
@@ -195,14 +192,36 @@
if (is_array($this->grants))
{
- $grants = & $this->grants;
- foreach($grants as $user => $right)
+ $public_user_list = array();
+ if (is_array($this->grants['accounts']) &&
$this->grants['accounts'])
{
- $public_user_list[] = $user;
+ foreach($this->grants['accounts'] as
$user => $_right)
+ {
+ $public_user_list[] = $user;
+ }
+ unset($user);
+ reset($public_user_list);
+ $filtermethod .= " $where
((phpgw_helpdesk_tickets.user_id IN(" . implode(',', $public_user_list) . ")";
+ $where = 'AND';
}
- reset($public_user_list);
- $filtermethod .= " $where (
phpgw_helpdesk_tickets.user_id IN(" . implode(',',$public_user_list) . "))";
- $where= 'AND';
+
+ $public_group_list = array();
+ if (is_array($this->grants['groups']) &&
$this->grants['groups'])
+ {
+ foreach($this->grants['groups'] as
$user => $_right)
+ {
+ $public_group_list[] = $user;
+ }
+ unset($user);
+ reset($public_group_list);
+ $where = $public_user_list ? 'OR' :
$where;
+ $filtermethod .= " $where
phpgw_group_map.group_id IN(" . implode(',', $public_group_list) . "))";
+ $where = 'AND';
+ }
+ if($public_user_list && !$public_group_list)
+ {
+ $filtermethod .=')';
+ }
}
if($tenant_id =
$GLOBALS['phpgw']->session->appsession('tenant_id','helpdesk'))
Modified: trunk/hrm/inc/class.bocommon.inc.php
===================================================================
--- trunk/hrm/inc/class.bocommon.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/hrm/inc/class.bocommon.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -71,6 +71,32 @@
return ($rights & $required);
}
+ /**
+ *
+ * @param integer $owner_id
+ * @param array $grants
+ * @param integer $required
+ * @return bool
+ */
+ function check_perms2( $owner_id, $grants, $required )
+ {
+ if(isset($grants['accounts'][$owner_id]) &&
($grants['accounts'][$owner_id] & $required))
+ {
+ return true;
+ }
+
+ $equalto =
$GLOBALS['phpgw']->accounts->membership($owner_id);
+ foreach($grants['groups'] as $group => $_right)
+ {
+ if(isset($equalto[$group]) && ($_right &
$required))
+ {
+ return true;
+ }
+ }
+
+ return false;
+ }
+
function create_preferences($app='',$user_id='')
{
return
$this->socommon->create_preferences($app,$user_id);
Modified: trunk/hrm/inc/class.souser.inc.php
===================================================================
--- trunk/hrm/inc/class.souser.inc.php 2016-05-19 00:37:29 UTC (rev 15174)
+++ trunk/hrm/inc/class.souser.inc.php 2016-05-19 07:10:02 UTC (rev 15175)
@@ -30,7 +30,7 @@
$this->join = & $this->db->join;
$this->left_join = & $this->db->left_join;
$GLOBALS['phpgw']->acl->set_account_id($this->account);
- $this->grants =
$GLOBALS['phpgw']->acl->get_grants('hrm','.user');
+ $this->grants =
$GLOBALS['phpgw']->acl->get_grants2('hrm','.user');
}
function read($data)
@@ -54,7 +54,6 @@
{
$account_info[] = array
(
- 'grants' =>
isset($this->grants[$entry->id]) ? $this->grants[$entry->id] : 0,
'account_firstname' =>
$entry->firstname,
'account_lastname' =>
$entry->lastname,
'account_id' => $entry->id
Modified: trunk/hrm/inc/class.uiuser.inc.php
===================================================================
--- trunk/hrm/inc/class.uiuser.inc.php 2016-05-19 00:37:29 UTC (rev 15174)
+++ trunk/hrm/inc/class.uiuser.inc.php 2016-05-19 07:10:02 UTC (rev 15175)
@@ -76,7 +76,7 @@
$content = array();
foreach ( $account_info as $entry )
{
- if($entry['grants'])
+
if($this->bocommon->check_perms2($entry['account_id'], $this->grants,
PHPGW_ACL_READ))
{
$link_training
= $GLOBALS['phpgw']->link('/index.php', array('menuaction'=>
'hrm.uiuser.training', 'user_id'=> $entry['account_id']));
$text_training
= lang('training');
@@ -182,9 +182,9 @@
{
$user_id = phpgw::get_var('user_id', 'int');
- if (!$this->grants[$user_id])
+ if (!$this->bocommon->check_perms2($user_id,
$this->grants, PHPGW_ACL_READ))
{
- $this->bocommon->no_access($links);
+ phpgw::no_access();
return;
}
@@ -216,13 +216,13 @@
$entry['end_date'] =
$GLOBALS['phpgw']->common->show_date($entry['end_date'],$dateformat);
}
-
if($this->bocommon->check_perms($this->grants[$user_id], PHPGW_ACL_EDIT))
+ if($this->bocommon->check_perms2($user_id,
$this->grants, PHPGW_ACL_EDIT))
{
$link_edit =
$GLOBALS['phpgw']->link('/index.php', array('menuaction'=> 'hrm.uiuser.edit',
'user_id'=> $user_id, 'training_id'=> $entry['training_id']));
$text_edit = lang('edit');
$lang_edit_text = lang('edit training
item');
}
-
if($this->bocommon->check_perms($this->grants[$user_id], PHPGW_ACL_DELETE))
+
if($this->bocommon->check_perms2($user_id,$this->grants, PHPGW_ACL_DELETE))
{
$link_delete =
$GLOBALS['phpgw']->link('/index.php', array('menuaction'=> 'hrm.uiuser.delete',
'user_id'=> $user_id, 'training_id'=> $entry['training_id']));
$text_delete =
lang('delete');
@@ -320,7 +320,7 @@
'user_id' => $user_id
);
-
if($this->bocommon->check_perms($this->grants[$user_id], PHPGW_ACL_ADD))
+ if($this->bocommon->check_perms2($user_id,
$this->grants, PHPGW_ACL_ADD))
{
$add_action =
$GLOBALS['phpgw']->link('/index.php', array('menuaction'=> 'hrm.uiuser.edit',
'user_id'=> $user_id));
$lang_add = lang('add');
@@ -388,17 +388,17 @@
if(!$training_id)
{
-
if(!$this->bocommon->check_perms($this->grants[$user_id], PHPGW_ACL_ADD))
+ if(!$this->bocommon->check_perms2($user_id,
$this->grants, PHPGW_ACL_ADD))
{
- $this->bocommon->no_access($links);
+ phpgw::no_access();
return;
}
}
else
{
-
if(!$this->bocommon->check_perms($this->grants[$user_id], PHPGW_ACL_EDIT))
+ if(!$this->bocommon->check_perms2($user_id,
$this->grants, PHPGW_ACL_EDIT))
{
- $this->bocommon->no_access($links);
+ phpgw::no_access();
return;
}
}
@@ -605,9 +605,9 @@
$training_id = phpgw::get_var('training_id',
'int');
$user_id = phpgw::get_var('user_id', 'int');
-
if(!$this->bocommon->check_perms($this->grants[$user_id], PHPGW_ACL_READ))
+ if(!$this->bocommon->check_perms2($user_id,
$this->grants, PHPGW_ACL_READ))
{
- $this->bocommon->no_access($links);
+ phpgw::no_access();
return;
}
$GLOBALS['phpgw']->xslttpl->add_file(array('user'));
@@ -691,9 +691,9 @@
$training_id = phpgw::get_var('training_id',
'int');
$user_id = phpgw::get_var('user_id', 'int');
-
if(!$this->bocommon->check_perms($this->grants[$user_id], PHPGW_ACL_DELETE))
+ if(!$this->bocommon->check_perms2($user_id,
$this->grants, PHPGW_ACL_DELETE))
{
- $this->bocommon->no_access($links);
+ phpgw::no_access();
return;
}
$confirm = phpgw::get_var('confirm', 'bool', 'POST');
@@ -734,9 +734,9 @@
{
$user_id = phpgw::get_var('user_id', 'int');
-
if(!$this->bocommon->check_perms($this->grants[$user_id], PHPGW_ACL_READ))
+ if(!$this->bocommon->check_perms2($user_id,
$this->grants, PHPGW_ACL_READ))
{
- $this->bocommon->no_access($links);
+ phpgw::no_access();
return;
}
Modified: trunk/notes/inc/class.sonotes.inc.php
===================================================================
--- trunk/notes/inc/class.sonotes.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/notes/inc/class.sonotes.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -41,7 +41,7 @@
$this->db = &$GLOBALS['phpgw']->db;
$this->account =
$GLOBALS['phpgw_info']['user']['account_id'];
$GLOBALS['phpgw']->acl->set_account_id($this->account);
- $this->grants =
$GLOBALS['phpgw']->acl->get_grants('notes');
+ $this->grants =
$GLOBALS['phpgw']->acl->get_grants2('notes');
}
function read($data)
@@ -72,20 +72,33 @@
if ($filter == 'none')
{
$filtermethod = ' ( note_owner = ' .
$this->account;
- if (is_array($this->grants))
+ $public_user_list = array();
+ $grants = & $this->grants;
+ if (is_array($grants['accounts']) &&
$grants['accounts'])
{
- $grants = $this->grants;
- while (list($user) = each($grants))
+ foreach($grants['accounts'] as $user =>
$_right)
{
$public_user_list[] = $user;
}
reset($public_user_list);
- $filtermethod .= " OR
(note_access='public' AND note_owner IN(" . implode(',',$public_user_list) .
")))";
+ $filtermethod .= " OR
(note_access='public' AND {$table}.note_owner IN(" . implode(',',
$public_user_list) . "))";
}
- else
+ $public_group_list = array();
+ if (is_array($grants['groups']) &&
$grants['groups'])
{
- $filtermethod .= ' )';
+ foreach($grants['groups'] as $user =>
$_right)
+ {
+ $public_group_list[] = $user;
+ }
+ unset($user);
+ reset($public_group_list);
+ $filtermethod .= " OR
note_access='public' AND phpgw_group_map.group_id IN(" . implode(',',
$public_group_list) . "))";
+ $where = 'AND';
}
+ if($public_user_list && !$public_group_list)
+ {
+ $filtermethod .=')';
+ }
}
elseif ($filter == 'yours')
{
@@ -117,11 +130,20 @@
$filtermethod .= " AND note_lastmod > $lastmod
";
}
- $sql = "SELECT * FROM phpgw_notes WHERE $filtermethod
$querymethod";
+ $this->db->query("SELECT count(*) as cnt FROM
phpgw_notes"
+ . " {$this->join} phpgw_accounts ON (
{$table}.note_owner = phpgw_accounts.account_id)"
+ . " {$this->join} phpgw_group_map ON
(phpgw_accounts.account_id = phpgw_group_map.account_id)"
+ . " {$app_filter} {$filtermethod}
{$querymethod}", __LINE__, __FILE__);
- $this->db->query($sql,__LINE__,__FILE__);
- $this->total_records = $this->db->num_rows();
+ $this->db->next_record();
+ $this->total_records = $this->db->f('cnt');
+
+ $sql = "SELECT DISTINCT phpgw_notes.* FROM phpgw_notes"
+ . " {$this->join} phpgw_accounts ON (
{$table}.note_owner = phpgw_accounts.account_id)"
+ . " {$this->join} phpgw_group_map ON
(phpgw_accounts.account_id = phpgw_group_map.account_id)"
+ . " WHERE $filtermethod $querymethod";
+
if($start)
{
$this->db->limit_query($sql .
$ordermethod,$start,__LINE__,__FILE__);
@@ -130,7 +152,6 @@
$notes = array();
while ($this->db->next_record())
{
- $ngrants =
$this->grants[$this->db->f('note_owner')];
$id = $this->db->f('note_id');
$notes[$id] = array
(
@@ -141,7 +162,6 @@
'date' =>
$GLOBALS['phpgw']->common->show_date($this->db->f('note_date')),
'cat_id' =>
$this->db->f('note_category'),
'content' =>
$this->db->f('note_content', true),
- 'grants' => $ngrants
);
}
return $notes;
Modified: trunk/notes/inc/class.uinotes.inc.php
===================================================================
--- trunk/notes/inc/class.uinotes.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/notes/inc/class.uinotes.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -67,8 +67,8 @@
$this->account =
$GLOBALS['phpgw_info']['user']['account_id'];
$GLOBALS['phpgw']->acl->set_account_id($this->account);
- $this->grants =
$GLOBALS['phpgw']->acl->get_grants('notes');
- $this->grants[$this->account] = PHPGW_ACL_READ +
PHPGW_ACL_ADD + PHPGW_ACL_EDIT + PHPGW_ACL_DELETE;
+// $this->grants =
$GLOBALS['phpgw']->acl->get_grants2('notes');
+// $this->grants['accounts'][$this->account] =
PHPGW_ACL_READ + PHPGW_ACL_ADD + PHPGW_ACL_EDIT + PHPGW_ACL_DELETE;
$this->bonotes =
CreateObject('notes.bonotes',true);
$this->start = $this->bonotes->start;
Modified: trunk/phpgwapi/inc/class.acl.inc.php
===================================================================
--- trunk/phpgwapi/inc/class.acl.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/phpgwapi/inc/class.acl.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -1347,6 +1347,56 @@
return $grant_rights;
}
/**
+ * Get a list of users that have grants rights to their records
at a location within an app
+ *
+ * @param string $app Application name
+ * if emptry string, value of
$GLOBALS['phpgw_info']['flags']['currentapp'] is used
+ * @param string $location location within application
+ *
+ * @return array Array with account ids and corresponding rights
+ */
+ public function get_grants2($app = '', $location = '')
+ {
+ $grant_rights = phpgwapi_cache::session_get('phpgwapi',
"get_grants2_{$app}_{$location}");
+ if ( !is_null($grant_rights) )
+ {
+ return $grant_rights; // nothing more to do
+ }
+
+ $grant_rights = $this->get_grants_type2($app,
$location, 0);
+ $grant_mask = $this->get_grants_type2($app,
$location, 1);
+ if ( is_array($grant_mask['accounts']) )
+ {
+ foreach ( $grant_mask['accounts'] as $user_id
=> $mask )
+ {
+ if (
$grant_rights['accounts'][$user_id] )
+ {
+
$grant_rights['accounts'][$user_id] &= (~ $mask);
+ if (
$grant_rights['accounts'][$user_id] <= 0 )
+ {
+
unset($grant_rights['accounts'][$user_id]);
+ }
+ }
+ }
+ }
+ if ( is_array($grant_mask['groups']) )
+ {
+ foreach ( $grant_mask['groups'] as $user_id =>
$mask )
+ {
+ if ( $grant_rights['groups'][$user_id] )
+ {
+
$grant_rights['groups'][$user_id] &= (~ $mask);
+ if (
$grant_rights['groups'][$user_id] <= 0 )
+ {
+
unset($grant_rights['groups'][$user_id]);
+ }
+ }
+ }
+ }
+ phpgwapi_cache::session_set('phpgwapi',
"get_grants2_{$app}_{$location}", $grant_rights);
+ return $grant_rights;
+ }
+ /**
* Get application specific account based granted rights list
*
* @param string $app Application name
@@ -1358,6 +1408,143 @@
*
* @internal FIXME this should be simplified - if it is actually
used
*/
+ public function get_grants_type2($app = '', $location = '',
$mask = 0)
+ {
+ $accounts = array();
+ $groups = array();
+ $grants =array(
+ 'accounts' => $accounts,
+ 'groups' => $groups
+ );
+ if(!$this->_account_id)
+ {
+ return array(
+ 'accounts' => $accounts,
+ 'groups' => $groups
+ );
+ }
+
+ if ( !$app )
+ {
+ $app =
$GLOBALS['phpgw_info']['flags']['currentapp'];
+ }
+
+ $at_location = '';
+ if ( $location )
+ {
+ $location =
$this->_db->db_addslashes($location);
+ $at_location = " AND phpgw_locations.name =
'$location'";
+ }
+
+ $accts =& $GLOBALS['phpgw']->accounts;
+ $acct_ids =
array_keys($accts->membership($this->_account_id));
+ $acct_ids[] = $this->_account_id;
+
+ $rights = 0;
+
+ $ids = implode(',', $acct_ids);
+ $sql = 'SELECT acl_account, acl_grantor, acl_rights'
+ . ' FROM phpgw_acl'
+ . " {$this->_join} phpgw_locations ON
phpgw_acl.location_id = phpgw_locations.location_id"
+ . " {$this->_join} phpgw_applications ON
phpgw_applications.app_id = phpgw_locations.app_id"
+ . " WHERE phpgw_applications.app_name = '$app'
$at_location"
+ . " AND acl_grantor > 0 AND acl_type =
$mask"
+ . " AND acl_account IN ($ids)";
+
+ $this->_db->query($sql, __LINE__, __FILE__);
+ if ( $this->_db->num_rows() == 0 && $mask == 0 &&
isset($GLOBALS['phpgw_info']['user']['account_id']))
+ {
+ //return
array($GLOBALS['phpgw_info']['user']['account_id'] => 31);
+ return array(
+ 'accounts' =>
array($GLOBALS['phpgw_info']['user']['account_id'] => 31),
+ 'groups' => $groups
+ );
+ }
+
+ $records = array();
+ while ($this->_db->next_record())
+ {
+ $records[] = array
+ (
+ 'account' =>
$this->_db->f('acl_account'),
+ 'grantor' =>
$this->_db->f('acl_grantor'),
+ 'rights' =>
$this->_db->f('acl_rights')
+ );
+ }
+
+ foreach ($records as $record )
+ {
+ $grantor = $record['grantor'];
+ $rights = $record['rights'];
+
+ if( $grantor > 0 )
+ {
+ if (!isset($accounts[$grantor]))
+ {
+ $is_group[$grantor] =
$accts->get_type($grantor) == phpgwapi_account::TYPE_GROUP;
+ if ( !$is_group[$grantor] )
+ {
+ $accounts[$grantor] =
array($grantor);
+ }
+ else
+ {
+ $groups[$grantor] =
array($grantor);//$GLOBALS['phpgw']->accounts->get_members($grantor);
+ }
+ }
+
+ if ( $is_group[$grantor] )
+ {
+ // Don't allow to override
private!
+ $rights &= (~
PHPGW_ACL_PRIVATE);
+ if (
!isset($grants['groups'][$grantor]) )
+ {
+
$grants['groups'][$grantor] = 0;
+ }
+
+ $grants['groups'][$grantor] |=
$rights;
+ if ( !!($rights & self::READ) )
+ {
+
$grants['groups'][$grantor] |= self::READ;
+ }
+ }
+
+ foreach ( $accounts[$grantor] as
$grantors )
+ {
+ if (
!isset($grants['accounts'][$grantors]) )
+ {
+
$grants['accounts'][$grantors] = 0;
+ }
+ $grants['accounts'][$grantors]
|= $rights;
+ }
+ }
+ }
+
+ if ( $mask == 0 &&
isset($GLOBALS['phpgw_info']['user']['account_id']))
+ {
+
$grants['accounts'][$GLOBALS['phpgw_info']['user']['account_id']] = 31;
+ }
+ else
+ {
+ if (
isset($GLOBALS['phpgw_info']['user']['account_id']) &&
isset($grants['accounts'][$GLOBALS['phpgw_info']['user']['account_id']]) )
+ {
+ unset
($grants['accounts'][$GLOBALS['phpgw_info']['user']['account_id']]);
+ }
+ }
+
+ return $grants;
+ }
+ /**
+ * Get application specific account based granted rights list
+ *
+ * @param string $app Application name
+ * if emptry string, value of
$GLOBALS['phpgw_info']['flags']['currentapp'] is used
+ * @param string $location location within application
+ * @param integer $mask mask or right (1 means mask , 0
means right) to check against
+ *
+ * @return array Associative array with granted access rights
for accounts
+ *
+ * @internal FIXME this should be simplified - if it is actually
used
+ */
public function get_grants_type($app = '', $location = '',
$mask = 0)
{
$grants = array();
Modified: trunk/phpgwapi/inc/class.phpgw.inc.php
===================================================================
--- trunk/phpgwapi/inc/class.phpgw.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/phpgwapi/inc/class.phpgw.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -604,12 +604,19 @@
*/
public static function no_access($appname = '',
$message = '')
{
- $GLOBALS['phpgw_info']['flags']['xslt_app'] =
false;
$message = $message ? $message : lang('no
access');
- $appname = $appname ? $appname :
$GLOBALS['phpgw_info']['flags']['currentapp'];
- phpgwapi_cache::message_set($message, 'error');
- $GLOBALS['phpgw_info']['flags']['app_header'] =
lang($appname) . '::' . lang('No access');
- $GLOBALS['phpgw']->common->phpgw_header(true);
+ if (phpgw::get_var('phpgw_return_as') == 'json')
+ {
+ echo $message;
+ }
+ else
+ {
+ phpgwapi_cache::message_set($message,
'error');
+ $appname = $appname ? $appname :
$GLOBALS['phpgw_info']['flags']['currentapp'];
+
$GLOBALS['phpgw_info']['flags']['app_header'] = lang($appname) . '::' .
lang('No access');
+
$GLOBALS['phpgw_info']['flags']['xslt_app'] = false;
+
$GLOBALS['phpgw']->common->phpgw_header(true);
+ }
$GLOBALS['phpgw']->common->phpgw_exit();
}
}
Modified: trunk/property/inc/class.boadmin_entity.inc.php
===================================================================
--- trunk/property/inc/class.boadmin_entity.inc.php 2016-05-19 00:37:29 UTC
(rev 15174)
+++ trunk/property/inc/class.boadmin_entity.inc.php 2016-05-19 07:10:02 UTC
(rev 15175)
@@ -84,7 +84,6 @@
'read_single' => true,
'save' => true,
'delete' => true,
- 'check_perms' => true,
'get_category_list' => true,
'get_attrib_list' => true
);
Modified: trunk/property/inc/class.boadmin_location.inc.php
===================================================================
--- trunk/property/inc/class.boadmin_location.inc.php 2016-05-19 00:37:29 UTC
(rev 15174)
+++ trunk/property/inc/class.boadmin_location.inc.php 2016-05-19 07:10:02 UTC
(rev 15175)
@@ -50,7 +50,6 @@
'read_single' => true,
'save' => true,
'delete' => true,
- 'check_perms' => true
);
function __construct( $session = false )
Modified: trunk/property/inc/class.boagreement.inc.php
===================================================================
--- trunk/property/inc/class.boagreement.inc.php 2016-05-19 00:37:29 UTC
(rev 15174)
+++ trunk/property/inc/class.boagreement.inc.php 2016-05-19 07:10:02 UTC
(rev 15175)
@@ -53,7 +53,6 @@
'read_single' => true,
'save' => true,
'delete' => true,
- 'check_perms' => true
);
function __construct( $session = false )
@@ -128,10 +127,6 @@
$this->status_id = $data['status_id'];
}
- function check_perms( $has, $needed )
- {
- return (!!($has & $needed) == true);
- }
function select_vendor_list( $format = '', $selected = '' )
{
Modified: trunk/property/inc/class.boasync.inc.php
===================================================================
--- trunk/property/inc/class.boasync.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/property/inc/class.boasync.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -47,7 +47,6 @@
'read_single' => true,
'save' => true,
'delete' => true,
- 'check_perms' => true
);
function __construct( $session = false )
Modified: trunk/property/inc/class.bobudget.inc.php
===================================================================
--- trunk/property/inc/class.bobudget.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/property/inc/class.bobudget.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -58,7 +58,6 @@
'read_single' => true,
'save' => true,
'delete' => true,
- 'check_perms' => true
);
function __construct( $session = false )
@@ -145,11 +144,6 @@
$this->direction = isset($data['direction']) ?
$data['direction'] : '';
}
- function check_perms( $has, $needed )
- {
- return (!!($has & $needed) == true);
- }
-
function read( $data = array() )
{
/* $budget = $this->so->read(array('start' =>
$this->start,'query' => $this->query,'sort' => $this->sort,'order' =>
$this->order,
Modified: trunk/property/inc/class.bocommon.inc.php
===================================================================
--- trunk/property/inc/class.bocommon.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/property/inc/class.bocommon.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -76,6 +76,32 @@
return ($rights & $required);
}
+ /**
+ *
+ * @param integer $owner_id
+ * @param array $grants
+ * @param integer $required
+ * @return bool
+ */
+ function check_perms2( $owner_id, $grants, $required )
+ {
+ if(isset($grants['accounts'][$owner_id]) &&
($grants['accounts'][$owner_id] & $required))
+ {
+ return true;
+ }
+
+ $equalto =
$GLOBALS['phpgw']->accounts->membership($owner_id);
+ foreach($grants['groups'] as $group => $_right)
+ {
+ if(isset($equalto[$group]) && ($_right &
$required))
+ {
+ return true;
+ }
+ }
+
+ return false;
+ }
+
function create_preferences( $app = '', $user_id = '' )
{
return $this->socommon->create_preferences($app,
$user_id);
Modified: trunk/property/inc/class.bocustom.inc.php
===================================================================
--- trunk/property/inc/class.bocustom.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/property/inc/class.bocustom.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -46,7 +46,6 @@
'read_single' => true,
'save' => true,
'delete' => true,
- 'check_perms' => true
);
function __construct( $session = false )
@@ -126,11 +125,6 @@
$this->cat_id = $data['cat_id'];
}
- function check_perms( $has, $needed )
- {
- return (!!($has & $needed) == true);
- }
-
function read( $data = array() )
{
/* $custom = $this->so->read(array('start' =>
$this->start,'query' => $this->query,'sort' => $this->sort,'order' =>
$this->order,
Modified: trunk/property/inc/class.bodocument.inc.php
===================================================================
--- trunk/property/inc/class.bodocument.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/property/inc/class.bodocument.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -52,7 +52,6 @@
'read_single' => true,
'save' => true,
'delete' => true,
- 'check_perms' => true
);
function __construct( $session = false )
Modified: trunk/property/inc/class.boentity.inc.php
===================================================================
--- trunk/property/inc/class.boentity.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/property/inc/class.boentity.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -64,7 +64,6 @@
'read_single' => true,
'save' => true,
'delete' => true,
- 'check_perms' => true,
'add_control' => true,
'update_control_serie' => true
);
Modified: trunk/property/inc/class.bogab.inc.php
===================================================================
--- trunk/property/inc/class.bogab.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/property/inc/class.bogab.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -47,7 +47,6 @@
'read_single' => true,
'save' => true,
'delete' => true,
- 'check_perms' => true
);
function __construct( $session = false )
Modified: trunk/property/inc/class.boifc.inc.php
===================================================================
--- trunk/property/inc/class.boifc.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/property/inc/class.boifc.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -53,7 +53,6 @@
'read_single' => true,
'save' => true,
'delete' => true,
- 'check_perms' => true
);
function __construct( $session = false )
@@ -152,11 +151,6 @@
$this->cat_id = (isset($data['cat_id']) ?
$data['cat_id'] : '');
}
- function check_perms( $rights, $required )
- {
- return ($rights & $required);
- }
-
function import( $values = '', $ifcfile = '' )
{
_debug_array($ifcfile);
Modified: trunk/property/inc/class.boinvestment.inc.php
===================================================================
--- trunk/property/inc/class.boinvestment.inc.php 2016-05-19 00:37:29 UTC
(rev 15174)
+++ trunk/property/inc/class.boinvestment.inc.php 2016-05-19 07:10:02 UTC
(rev 15175)
@@ -49,7 +49,6 @@
'read_single' => true,
'save' => true,
'delete' => true,
- 'check_perms' => true
);
function __construct( $session = false )
Modified: trunk/property/inc/class.bolocation.inc.php
===================================================================
--- trunk/property/inc/class.bolocation.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/property/inc/class.bolocation.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -56,7 +56,6 @@
'read_single' => true,
'save' => true,
'delete' => true,
- 'check_perms' => true,
'get_locations_by_name' => true
);
Modified: trunk/property/inc/class.bopricebook.inc.php
===================================================================
--- trunk/property/inc/class.bopricebook.inc.php 2016-05-19 00:37:29 UTC
(rev 15174)
+++ trunk/property/inc/class.bopricebook.inc.php 2016-05-19 07:10:02 UTC
(rev 15175)
@@ -47,7 +47,6 @@
'read_single' => true,
'save' => true,
'delete' => true,
- 'check_perms' => true
);
function __construct( $session = false )
Modified: trunk/property/inc/class.boproject.inc.php
===================================================================
--- trunk/property/inc/class.boproject.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/property/inc/class.boproject.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -51,7 +51,6 @@
'read_single' => true,
'save' => true,
'delete' => true,
- 'check_perms' => true
);
function __construct( $session = false )
Modified: trunk/property/inc/class.borequest.inc.php
===================================================================
--- trunk/property/inc/class.borequest.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/property/inc/class.borequest.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -53,7 +53,6 @@
'read_single' => true,
'save' => true,
'delete' => true,
- 'check_perms' => true
);
function __construct( $session = false )
Modified: trunk/property/inc/class.bos_agreement.inc.php
===================================================================
--- trunk/property/inc/class.bos_agreement.inc.php 2016-05-19 00:37:29 UTC
(rev 15174)
+++ trunk/property/inc/class.bos_agreement.inc.php 2016-05-19 07:10:02 UTC
(rev 15175)
@@ -55,7 +55,6 @@
'read_single' => true,
'save' => true,
'delete' => true,
- 'check_perms' => true
);
function __construct( $session = false )
@@ -128,11 +127,6 @@
$this->status_id = $data['status_id'];
}
- function check_perms( $has, $needed )
- {
- return (!!($has & $needed) == true);
- }
-
function select_vendor_list( $format = '', $selected = '' )
{
switch ($format)
Modified: trunk/property/inc/class.botemplate.inc.php
===================================================================
--- trunk/property/inc/class.botemplate.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/property/inc/class.botemplate.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -46,7 +46,6 @@
'read_single' => true,
'save' => true,
'delete' => true,
- 'check_perms' => true
);
function __construct( $session = false )
Modified: trunk/property/inc/class.botenant_claim.inc.php
===================================================================
--- trunk/property/inc/class.botenant_claim.inc.php 2016-05-19 00:37:29 UTC
(rev 15174)
+++ trunk/property/inc/class.botenant_claim.inc.php 2016-05-19 07:10:02 UTC
(rev 15175)
@@ -132,11 +132,6 @@
$this->district_id = isset($data['district_id']) ?
$data['district_id'] : '';
}
- function check_perms( $has, $needed )
- {
- return (!!($has & $needed) == true);
- }
-
function get_status_list( $data = 0 )
{
if (is_array($data))
Modified: trunk/property/inc/class.bowo_hour.inc.php
===================================================================
--- trunk/property/inc/class.bowo_hour.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/property/inc/class.bowo_hour.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -46,7 +46,6 @@
'read_single' => true,
'save' => true,
'delete' => true,
- 'check_perms' => true
);
function __construct( $session = false )
Modified: trunk/property/inc/class.boworkorder.inc.php
===================================================================
--- trunk/property/inc/class.boworkorder.inc.php 2016-05-19 00:37:29 UTC
(rev 15174)
+++ trunk/property/inc/class.boworkorder.inc.php 2016-05-19 07:10:02 UTC
(rev 15175)
@@ -49,7 +49,6 @@
'read_single' => true,
'save' => true,
'delete' => true,
- 'check_perms' => true,
'get_category' => true
);
Modified: trunk/property/inc/class.soagreement.inc.php
===================================================================
--- trunk/property/inc/class.soagreement.inc.php 2016-05-19 00:37:29 UTC
(rev 15174)
+++ trunk/property/inc/class.soagreement.inc.php 2016-05-19 07:10:02 UTC
(rev 15175)
@@ -212,28 +212,6 @@
$where = 'WHERE';
- /* if ($filter=='all')
- {
- if (is_array($grants))
- {
- while (list($user) = each($grants))
- {
- $public_user_list[] = $user;
- }
- reset($public_user_list);
- $filtermethod .= " $where ( $entity_table.user_id
IN(" . implode(',',$public_user_list) . "))";
-
- $where= 'AND';
- }
-
- }
- else
- {
- $filtermethod = " $where
$entity_table.user_id=$filter ";
- $where= 'AND';
- }
- */
-
if ($agreement_id)
{
$filtermethod .= " $where
$entity_table.agreement_id=$agreement_id";
@@ -319,7 +297,6 @@
for ($i = 0; $i < $n; $i++)
{
$agreement_list[$j][$cols_return[$i]] =
$this->db->f($cols_return[$i]);
- $agreement_list[$j]['grants'] =
(int)isset($grants[$this->db->f('user_id')]) ? $grants[$this->db->f('user_id')]
: '';
}
if (isset($cols_return_extra) &&
is_array($cols_return_extra))
Modified: trunk/property/inc/class.socustom.inc.php
===================================================================
--- trunk/property/inc/class.socustom.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/property/inc/class.socustom.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -322,7 +322,6 @@
for ($i = 0; $i < $n; $i++)
{
$custom[$j][$uicols[$i]['name']] =
$this->db->f($uicols[$i]['name']);
- $custom[$j]['grants'] =
(int)$grants[$this->db->f('user_id')];
}
$j++;
}
Modified: trunk/property/inc/class.soentity.inc.php
===================================================================
--- trunk/property/inc/class.soentity.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/property/inc/class.soentity.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -126,16 +126,10 @@
{
return;
}
+
+ $acl = & $GLOBALS['phpgw']->acl;
+ $grants =
$acl->get_grants2($this->type_app[$this->type],
".{$this->type}.{$entity_id}.{$cat_id}");
- $grants =
$GLOBALS['phpgw']->session->appsession('grants_entity_' . $entity_id . '_' .
$cat_id, $this->type_app[$this->type]);
-
- if (!$grants)
- {
- $this->acl = & $GLOBALS['phpgw']->acl;
- $grants =
$this->acl->get_grants($this->type_app[$this->type],
".{$this->type}.{$entity_id}.{$cat_id}");
-
$GLOBALS['phpgw']->session->appsession('grants_entity_' . $entity_id . '_' .
$cat_id, $this->type_app[$this->type], $grants);
- }
-
$admin_entity = CreateObject('property.soadmin_entity');
$admin_entity->type = $this->type;
@@ -179,17 +173,38 @@
if ($filter == 'all')
{
- if (is_array($grants))
+ $public_user_list = array();
+ if (is_array($grants['accounts']) &&
$grants['accounts'])
{
- foreach ($grants as $user => $right)
+ foreach ($grants['accounts'] as $user
=> $right)
{
$public_user_list[] = $user;
}
+ unset($user);
+
reset($public_user_list);
- $filtermethod .= " $where (
$entity_table.user_id IN(" . implode(',', $public_user_list) . "))";
+ $filtermethod .= " $where ((
$entity_table.user_id IN(" . implode(',', $public_user_list) . ")";
$where = 'AND';
}
+
+ $public_group_list = array();
+ if (is_array($grants['groups']) &&
$grants['groups'])
+ {
+ foreach($grants['groups'] as $user =>
$_right)
+ {
+ $public_group_list[] = $user;
+ }
+ unset($user);
+ reset($public_group_list);
+ $where = $public_user_list ? 'OR' :
$where;
+ $filtermethod .= " $where
phpgw_group_map.group_id IN(" . implode(',', $public_group_list) . "))";
+ $where = 'AND';
+ }
+ if($public_user_list && !$public_group_list)
+ {
+ $filtermethod .=')';
+ }
}
else
{
@@ -198,7 +213,10 @@
}
$values = array();
$name = 'title';
- $sql = "SELECT id, {$name} as name FROM {$entity_table}
{$filtermethod}";
+ $sql = "SELECT id, {$name} as name FROM {$entity_table}"
+ . " {$this->join} phpgw_accounts ON
$entity_table.user_id = phpgw_accounts.account_id"
+ . " {$this->join} phpgw_group_map ON
phpgw_accounts.account_id = phpgw_group_map.account_id"
+ . " {$filtermethod}";
$this->db->query($sql, __LINE__, __FILE__);
while ($this->db->next_record())
@@ -465,17 +483,11 @@
{
$location_id =
$GLOBALS['phpgw']->locations->get_id($this->type_app[$this->type],
".{$this->type}.{$entity_id}.{$cat_id}");
}
+
+ $acl = & $GLOBALS['phpgw']->acl;
+ $acl->set_account_id($this->account);
+ $grants =
$acl->get_grants2($this->type_app[$this->type],
".{$this->type}.{$entity_id}.{$cat_id}");
- $grants =
$GLOBALS['phpgw']->session->appsession("grants_entity_{$entity_id}_{$cat_id}",
$this->type_app[$this->type]);
-
- if (!$grants)
- {
- $this->acl = & $GLOBALS['phpgw']->acl;
- $this->acl->set_account_id($this->account);
- $grants =
$this->acl->get_grants($this->type_app[$this->type],
".{$this->type}.{$entity_id}.{$cat_id}");
-
$GLOBALS['phpgw']->session->appsession("grants_entity_{$entity_id}_{$cat_id}",
$this->type_app[$this->type], $grants);
- }
-
$admin_entity = CreateObject('property.soadmin_entity');
$admin_entity->type = $this->type;
@@ -529,17 +541,38 @@
if ($filter == 'all')
{
- if (is_array($grants) && !$bypass_acl_at_entity)
+ $public_user_list = array();
+ if (!$bypass_acl_at_entity &&
is_array($grants['accounts']) && $grants['accounts'])
{
- foreach ($grants as $user => $right)
+ foreach ($grants['accounts'] as $user
=> $right)
{
$public_user_list[] = $user;
}
+ unset($user);
+
reset($public_user_list);
- $filtermethod .= " $where (
$entity_table.user_id IN(" . implode(',', $public_user_list) . "))";
+ $filtermethod .= " $where ((
$entity_table.user_id IN(" . implode(',', $public_user_list) . ")";
$where = 'AND';
}
+
+ $public_group_list = array();
+ if (!$bypass_acl_at_entity &&
is_array($grants['groups']) && $grants['groups'])
+ {
+ foreach($grants['groups'] as $user =>
$_right)
+ {
+ $public_group_list[] = $user;
+ }
+ unset($user);
+ reset($public_group_list);
+ $where = $public_user_list ? 'OR' :
$where;
+ $filtermethod .= " $where
phpgw_group_map.group_id IN(" . implode(',', $public_group_list) . "))";
+ $where = 'AND';
+ }
+ if($public_user_list && !$public_group_list)
+ {
+ $filtermethod .=')';
+ }
}
else
{
@@ -743,7 +776,9 @@
}
}
- $sql = "SELECT fm_bim_item.* __XML-ORDER__ FROM
fm_bim_item {$this->join} fm_bim_type ON (fm_bim_item.type = fm_bim_type.id)";
+ $sql = "SELECT fm_bim_item.* __XML-ORDER__ FROM
fm_bim_item {$this->join} fm_bim_type ON (fm_bim_item.type = fm_bim_type.id)"
+ . " {$this->join} phpgw_accounts ON
$entity_table.user_id = phpgw_accounts.account_id"
+ . " {$this->join} phpgw_group_map ON
phpgw_accounts.account_id = phpgw_group_map.account_id ";
$join_control = "controller_control_component_list ON
(fm_bim_item.id = controller_control_component_list.component_id AND
controller_control_component_list.location_id = fm_bim_type.location_id)";
if ($control_registered)
@@ -1436,17 +1471,11 @@
{
return;
}
+
+ $acl = & $GLOBALS['phpgw']->acl;
+ $acl->set_account_id($this->account);
+ $grants =
$acl->get_grants2($this->type_app[$this->type],
".{$this->type}.{$entity_id}.{$cat_id}");
- $grants =
$GLOBALS['phpgw']->session->appsession("grants_entity_{$entity_id}_{$cat_id}",
$this->type_app[$this->type]);
-
- if (!$grants)
- {
- $this->acl = & $GLOBALS['phpgw']->acl;
- $this->acl->set_account_id($this->account);
- $grants =
$this->acl->get_grants($this->type_app[$this->type],
".{$this->type}.{$entity_id}.{$cat_id}");
-
$GLOBALS['phpgw']->session->appsession("grants_entity_{$entity_id}_{$cat_id}",
$this->type_app[$this->type], $grants);
- }
-
//_debug_array($cols_return_extra);
if ($order)
@@ -1502,17 +1531,38 @@
if ($filter == 'all')
{
- if (is_array($grants) && !$bypass_acl_at_entity)
+ $public_user_list = array();
+ if (!$bypass_acl_at_entity &&
is_array($grants['accounts']) && $grants['accounts'])
{
- foreach ($grants as $user => $right)
+ foreach ($grants['accounts'] as $user
=> $right)
{
$public_user_list[] = $user;
}
+ unset($user);
+
reset($public_user_list);
- $filtermethod .= " $where (
$entity_table.user_id IN(" . implode(',', $public_user_list) . "))";
+ $filtermethod .= " $where ((
$entity_table.user_id IN(" . implode(',', $public_user_list) . ")";
$where = 'AND';
}
+
+ $public_group_list = array();
+ if (!$bypass_acl_at_entity &&
is_array($grants['groups']) && $grants['groups'])
+ {
+ foreach($grants['groups'] as $user =>
$_right)
+ {
+ $public_group_list[] = $user;
+ }
+ unset($user);
+ reset($public_group_list);
+ $where = $public_user_list ? 'OR' :
$where;
+ $filtermethod .= " $where
phpgw_group_map.group_id IN(" . implode(',', $public_group_list) . "))";
+ $where = 'AND';
+ }
+ if($public_user_list && !$public_group_list)
+ {
+ $filtermethod .=')';
+ }
}
else
{
@@ -1707,9 +1757,11 @@
}
$_joinmethod_datatype =
array_merge($_joinmethod_datatype, $_joinmethod_datatype_custom);
+ $_joinmethod_datatype[] = " {$this->join}
phpgw_accounts ON $entity_table.user_id = phpgw_accounts.account_id"
+ . " {$this->join} phpgw_group_map ON
phpgw_accounts.account_id = phpgw_group_map.account_id ";
foreach ($_joinmethod_datatype as $_joinmethod)
{
- $sql .= $_joinmethod;
+ $sql .= " {$_joinmethod}";
}
$querymethod = '';
Modified: trunk/property/inc/class.sojasper.inc.php
===================================================================
--- trunk/property/inc/class.sojasper.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/property/inc/class.sojasper.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -41,7 +41,7 @@
$this->join = & $this->db->join;
$this->like = & $this->db->like;
$GLOBALS['phpgw']->acl->set_account_id($this->account);
- $this->grants =
$GLOBALS['phpgw']->acl->get_grants('property', '.jasper');
+ $this->grants =
$GLOBALS['phpgw']->acl->get_grants2('property', '.jasper');
}
public function read( $data )
@@ -76,19 +76,33 @@
$filtermethod = "WHERE ( {$table}.user_id =
{$this->account}";
- if (is_array($grants))
+ $public_user_list = array();
+ if (is_array($grants['accounts']) &&
$grants['accounts'])
{
- foreach ($grants as $user => $right)
+ foreach($grants['accounts'] as $user => $_right)
{
$public_user_list[] = $user;
}
reset($public_user_list);
- $filtermethod .= " OR (access='public' AND
{$table}.user_id IN(" . implode(',', $public_user_list) . ")))";
+ $filtermethod .= " OR (access='public' AND
{$table}.user_id IN(" . implode(',', $public_user_list) . "))";
}
- else
+
+ $public_group_list = array();
+ if (is_array($grants['groups']) && $grants['groups'])
{
- $filtermethod .= ' )';
+ foreach($grants['groups'] as $user => $_right)
+ {
+ $public_group_list[] = $user;
+ }
+ unset($user);
+ reset($public_group_list);
+ $filtermethod .= " OR access='public' AND
phpgw_group_map.group_id IN(" . implode(',', $public_group_list) . "))";
+ $where = 'AND';
}
+ if($public_user_list && !$public_group_list)
+ {
+ $filtermethod .=')';
+ }
if ($location_id)
{
@@ -101,11 +115,17 @@
$querymethod = "AND (title {$this->like}
'%{$query}%' OR descr {$this->like} '%{$query}%')";
}
- $sql = "SELECT * FROM {$table} {$app_filter}
{$filtermethod} {$querymethod}";
+ $sql = "SELECT DISTINCT {$table}.* FROM {$table}"
+ . " {$this->join} phpgw_accounts ON (
{$table}.user_id = phpgw_accounts.account_id)"
+ . " {$this->join} phpgw_group_map ON
(phpgw_accounts.account_id = phpgw_group_map.account_id)"
+ . " {$app_filter} {$filtermethod}
{$querymethod}";
if (!$allrows)
{
- $this->db->query("SELECT count(*) as cnt FROM
{$table} {$app_filter} {$filtermethod} {$querymethod}", __LINE__, __FILE__);
+ $this->db->query("SELECT count(*) as cnt FROM
{$table}"
+ . " {$this->join} phpgw_accounts ON (
{$table}.user_id = phpgw_accounts.account_id)"
+ . " {$this->join} phpgw_group_map ON
(phpgw_accounts.account_id = phpgw_group_map.account_id)"
+ . " {$app_filter} {$filtermethod}
{$querymethod}", __LINE__, __FILE__);
$this->db->next_record();
$this->total_records = $this->db->f('cnt');
$this->db->limit_query($sql . $ordermethod,
$start, __LINE__, __FILE__, $results);
@@ -244,12 +264,6 @@
$this->db->next_record();
$user_id = $this->db->f('user_id');
- if (!($this->grants[$user_id] & PHPGW_ACL_EDIT))
- {
- $receipt['error'][] = array('msg' =>
lang('JasperReport %1 has not been edited', $jasper['id']));
- return $receipt;
- }
-
$value_set = array
(
'location_id' =>
$GLOBALS['phpgw']->locations->get_id($jasper['app'], $jasper['location']),
Modified: trunk/property/inc/class.soproject.inc.php
===================================================================
--- trunk/property/inc/class.soproject.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/property/inc/class.soproject.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -54,7 +54,7 @@
$this->acl = & $GLOBALS['phpgw']->acl;
$this->acl->set_account_id($this->account);
- $this->grants = $this->acl->get_grants('property',
'.project');
+ $this->grants = $this->acl->get_grants2('property',
'.project');
$this->config = CreateObject('phpgwapi.config',
'property');
$this->config->read();
}
@@ -308,6 +308,8 @@
$joinmethod = " {$this->join} phpgw_accounts ON
($entity_table.coordinator = phpgw_accounts.account_id))";
$paranthesis = '(';
+ $joinmethod .= " {$this->join} phpgw_group_map
ON (phpgw_accounts.account_id = phpgw_group_map.account_id))";
+ $paranthesis .='(';
$joinmethod .= " {$this->join}
fm_project_status ON ($entity_table.status = fm_project_status.id))";
$paranthesis .='(';
@@ -526,24 +528,36 @@
$where = 'AND';
}
- /*
- $group_method = ' GROUP BY
fm_project_status.descr,loc1_name,fm_project.location_code,fm_project.id,fm_project.entry_date,fm_project.start_date,fm_project.end_date,'
- .
'fm_project.name,fm_project.ecodimb,phpgw_accounts.account_lid,fm_project.user_id,fm_project.address,'
- .
'fm_project.budget,fm_project.reserve,planned_cost,external_project_id';
- */
-
- if (is_array($this->grants))
+ $public_user_list = array();
+ if (is_array($this->grants['accounts']) &&
$this->grants['accounts'])
{
- $grants = $this->grants;
- while (list($user) = each($grants))
+ foreach($this->grants['accounts'] as $user =>
$_right)
{
$public_user_list[] = $user;
}
+ unset($user);
reset($public_user_list);
- $filtermethod .= " $where (fm_project.user_id
IN(" . implode(',', $public_user_list) . ")";
+ $filtermethod .= " $where ((
fm_project.coordinator IN(" . implode(',', $public_user_list) . ")";
+ $where = 'AND';
+ }
+ $public_group_list = array();
+ if (is_array($this->grants['groups']) &&
$this->grants['groups'])
+ {
+ foreach($this->grants['groups'] as $user =>
$_right)
+ {
+ $public_group_list[] = $user;
+ }
+ unset($user);
+ reset($public_group_list);
+ $where = $public_user_list ? 'OR' : $where;
+ $filtermethod .= " $where
phpgw_group_map.group_id IN(" . implode(',', $public_group_list) . "))";
$where = 'AND';
}
+ if($public_user_list && !$public_group_list)
+ {
+ $filtermethod .=')';
+ }
if ($filter)
{
@@ -715,7 +729,6 @@
{
$project[$cols_return[$i]] =
$this->db->f($cols_return[$i]);
}
- $project['grants'] =
(int)$this->grants[$this->db->f('user_id')];
$location_code =
$this->db->f('location_code');
$location = explode('-',
$location_code);
@@ -888,7 +901,6 @@
'start_date' =>
$this->db->f('start_date'),
'end_date' => $this->db->f('end_date'),
'cat_id' => $this->db->f('category'),
- 'grants' =>
(int)$this->grants[$this->db->f('user_id')],
'p_num' => $this->db->f('p_num'),
'p_entity_id' =>
$this->db->f('p_entity_id'),
'p_cat_id' => $this->db->f('p_cat_id'),
Modified: trunk/property/inc/class.sos_agreement.inc.php
===================================================================
--- trunk/property/inc/class.sos_agreement.inc.php 2016-05-19 00:37:29 UTC
(rev 15174)
+++ trunk/property/inc/class.sos_agreement.inc.php 2016-05-19 07:10:02 UTC
(rev 15175)
@@ -532,7 +532,6 @@
for ($i = 0; $i < $n; $i++)
{
$s_agreement_list[$j][$cols_return[$i]]
= stripslashes($this->db->f($cols_return[$i]));
- // $s_agreement_list[$j]['grants']
= (int)$grants[$this->db->f('user_id')];
}
if (isset($cols_return_extra) &&
is_array($cols_return_extra))
Modified: trunk/property/inc/class.sotts.inc.php
===================================================================
--- trunk/property/inc/class.sotts.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/property/inc/class.sotts.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -141,24 +141,21 @@
$result_order_field = array();
+ $order_join = "{$this->join} phpgw_accounts ON
fm_tts_tickets.user_id=phpgw_accounts.account_id";
+
if ($order)
{
if ($order == 'assignedto')
{
- $result_order_field =
array('account_lastname' => 'account_lastname');
- $order_join = "LEFT OUTER JOIN
phpgw_accounts ON fm_tts_tickets.assignedto=phpgw_accounts.account_id";
- $order = 'account_lastname';
+ // $result_order_field =
array('account_lastname' => 'account_lastname');
+ // $order_join = "LEFT OUTER JOIN
phpgw_accounts ON fm_tts_tickets.assignedto=phpgw_accounts.account_id";
+ // $order = 'account_lastname';
}
else if ($order == 'user')
{
$result_order_field =
array('account_lastname' => 'account_lastname');
- $order_join = "LEFT OUTER JOIN
phpgw_accounts ON fm_tts_tickets.user_id=phpgw_accounts.account_id";
$order = 'account_lastname';
}
- else
- {
- $order_join = '';
- }
$ordermethod = " ORDER BY $order $sort";
}
@@ -166,43 +163,44 @@
{
$ordermethod = ' ORDER BY id DESC';
}
-
+ $order_join .= " {$this->join} phpgw_group_map ON
(phpgw_accounts.account_id = phpgw_group_map.account_id)";
$union_select = false;
$filtermethod = '';
$where = 'WHERE';
- $GLOBALS['phpgw']->config->read();
+ $config = $GLOBALS['phpgw']->config->read();
- if
(!isset($GLOBALS['phpgw']->config->config_data['bypass_acl_at_tickets']) ||
!$GLOBALS['phpgw']->config->config_data['bypass_acl_at_tickets'])
+ if (!isset($config['bypass_acl_at_tickets']) ||
!$config['bypass_acl_at_tickets'])
{
- $this->grants =
$GLOBALS['phpgw']->session->appsession('grants_ticket', 'property');
+
$GLOBALS['phpgw']->acl->set_account_id($this->account);
+ $grants =
$GLOBALS['phpgw']->acl->get_grants2('property', '.ticket');
- if (!$this->grants)
- {
-
$GLOBALS['phpgw']->acl->set_account_id($this->account);
- $this->grants =
$GLOBALS['phpgw']->acl->get_grants('property', '.ticket');
-
$GLOBALS['phpgw']->session->appsession('grants_ticket', 'property',
$this->grants);
- }
-
$public_user_list = array();
- if
(isset($GLOBALS['phpgw']->config->config_data['acl_at_tts_category']) &&
$GLOBALS['phpgw']->config->config_data['acl_at_tts_category'])
+ if (isset($config['acl_at_tts_category']) &&
$config['acl_at_tts_category'])
{
$categories =
$GLOBALS['phpgw']->locations->get_subs('property', '.ticket.category');
$category_grants = array();
foreach ($categories as $location)
{
- $category_grants =
array_merge($category_grants, $GLOBALS['phpgw']->acl->get_grants('property',
$location));
+ $category_grants =
$GLOBALS['phpgw']->acl->get_grants2('property', $location);
+ foreach
($category_grants['accounts'] as $user => $right)
+ {
+
$grants['accounts'][$user] = $right;
+ }
+ unset($user);
+ unset($right);
+ foreach
($category_grants['groups'] as $user => $right)
+ {
+
$grants['groups'][$user] = $right;
+ }
+ unset($user);
+ unset($right);
}
-
- foreach ($category_grants as $user =>
$right)
- {
- $public_user_list[] = $user;
- }
}
- if
(isset($GLOBALS['phpgw']->config->config_data['acl_at_location']) &&
$GLOBALS['phpgw']->config->config_data['acl_at_location'])
+ if (isset($config['acl_at_location']) &&
$config['acl_at_location'])
{
$access_location =
execMethod('property.socommon.get_location_list', PHPGW_ACL_READ);
if ($access_location)
@@ -212,22 +210,38 @@
}
}
- if (is_array($this->grants))
+ $public_user_list = array();
+ if (is_array($grants['accounts']) &&
$grants['accounts'])
{
- $grants = & $this->grants;
- foreach ($grants as $user => $right)
+ foreach ($grants['accounts'] as $user
=> $right)
{
$public_user_list[] = $user;
}
+ unset($user);
+
+ reset($public_user_list);
+ $filtermethod .= " $where (
fm_tts_tickets.user_id IN(" . implode(',', $public_user_list) . ")";
+
+ $where = 'AND';
}
- if ($public_user_list)
+ $public_group_list = array();
+ if (is_array($grants['groups']) &&
$grants['groups'])
{
- $public_user_list =
array_unique($public_user_list);
- reset($public_user_list);
- $filtermethod .= " $where (
fm_tts_tickets.user_id IN(" . implode(',', $public_user_list) . "))";
+ foreach($grants['groups'] as $user =>
$_right)
+ {
+ $public_group_list[] = $user;
+ }
+ unset($user);
+ reset($public_group_list);
+ $where = $public_user_list ? 'OR' :
$where;
+ $filtermethod .= " $where
phpgw_group_map.group_id IN(" . implode(',', $public_group_list) . "))";
$where = 'AND';
}
+ if($public_user_list && !$public_group_list)
+ {
+ $filtermethod .=')';
+ }
}
if ($tenant_id =
$GLOBALS['phpgw']->session->appsession('tenant_id', 'property'))
@@ -358,7 +372,7 @@
{
$membership = array(-1 => 0);
}
- $filtermethod .= ' OR (assignedto IS NULL AND
group_id IN (' . implode(',', array_keys($membership)) . ')))';
+ $filtermethod .= ' OR (assignedto IS NULL AND
fm_tts_tickets.group_id IN (' . implode(',', array_keys($membership)) . ')))';
}
if ($user_id < 0)
Modified: trunk/property/inc/class.soworkorder.inc.php
===================================================================
--- trunk/property/inc/class.soworkorder.inc.php 2016-05-19 00:37:29 UTC
(rev 15174)
+++ trunk/property/inc/class.soworkorder.inc.php 2016-05-19 07:10:02 UTC
(rev 15175)
@@ -48,14 +48,9 @@
$this->join = & $this->db->join;
$this->left_join = & $this->db->left_join;
$this->interlink = CreateObject('property.interlink');
- // $this->grants =
$GLOBALS['phpgw']->session->appsession('grants_project','property');
- // if(!$this->grants)
- {
- $this->acl = & $GLOBALS['phpgw']->acl;
- $this->acl->set_account_id($this->account);
- $this->grants =
$this->acl->get_grants('property', '.project');
- //
$GLOBALS['phpgw']->session->appsession('grants_project','property',$this->grants);
- }
+ $this->acl = & $GLOBALS['phpgw']->acl;
+ $this->acl->set_account_id($this->account);
+ $this->grants = $this->acl->get_grants2('property',
'.project');
}
function next_id()
@@ -373,6 +368,8 @@
$uicols['classname'][] = 'rightClasss';
$uicols['sortable'][] = '';
+ $joinmethod .= " {$this->join} phpgw_group_map
ON (phpgw_accounts.account_id = phpgw_group_map.account_id))";
+ $paranthesis .='(';
$joinmethod .= " {$this->left_join} fm_vendor
ON (fm_workorder.vendor_id = fm_vendor.id))";
$paranthesis .='(';
$joinmethod .= " {$this->left_join}
fm_workorder_budget ON (fm_workorder.id = fm_workorder_budget.order_id))";
@@ -632,18 +629,37 @@
$where = 'AND';
}
- if (is_array($this->grants))
+ $public_user_list = array();
+ if (is_array($this->grants['accounts']) &&
$this->grants['accounts'])
{
- $grants = $this->grants;
- while (list($user) = each($grants))
+ foreach($this->grants['accounts'] as $user =>
$_right)
{
$public_user_list[] = $user;
}
+ unset($user);
reset($public_user_list);
- $filtermethod .= " $where
(fm_project.access='public' AND fm_project.user_id IN(" . implode(',',
$public_user_list) . ")";
+ $filtermethod .= " $where ((fm_project.user_id
IN(" . implode(',', $public_user_list) . ")";
$where = 'AND';
}
+ $public_group_list = array();
+ if (is_array($this->grants['groups']) &&
$this->grants['groups'])
+ {
+ foreach($this->grants['groups'] as $user =>
$_right)
+ {
+ $public_group_list[] = $user;
+ }
+ unset($user);
+ reset($public_group_list);
+ $where = $public_user_list ? 'OR' : $where;
+ $filtermethod .= " $where
phpgw_group_map.group_id IN(" . implode(',', $public_group_list) . "))";
+ $where = 'AND';
+ }
+ if($public_user_list && !$public_group_list)
+ {
+ $filtermethod .=')';
+ }
+
if ($filter)
{
$filtermethod .= " $where
fm_workorder.user_id={$filter}";
@@ -689,7 +705,7 @@
if ($filter_year && $filter_year != 'all')
{
$filter_year = (int)$filter_year;
- $filtermethod .= " $where
(fm_workorder_budget.year={$filter_year} OR fm_workorder_status.closed IS
NULL)";
+ $filtermethod .= " $where
(fm_workorder_budget.year={$filter_year})";// OR fm_workorder_status.closed IS
NULL)";
$where = 'AND';
}
@@ -765,7 +781,7 @@
{
$sql_minimized = "SELECT DISTINCT
fm_workorder.id {$sql_base}";
$sql_count = "SELECT count(id) as cnt FROM
({$sql_minimized}) as t";
-
+// _debug_array($sql_count);
$this->db->query($sql_count, __LINE__,
__FILE__);
$this->db->next_record();
$this->total_records = $this->db->f('cnt');
@@ -844,7 +860,6 @@
$workorder['combined_cost'] = 0;
$workorder['budget'] = 0;
//---------
- $workorder['grants'] =
(int)$this->grants[$this->db->f('project_owner')];
$location_code = $this->db->f('location_code');
$location = explode('-', $location_code);
@@ -957,7 +972,6 @@
'contact_phone' =>
$this->db->f('contact_phone'),
'tenant_id' =>
$this->db->f('tenant_id'),
'cat_id' => $this->db->f('category'),
- 'grants' =>
(int)$this->grants[$this->db->f('user_id')],
'billable_hours' =>
$this->db->f('billable_hours'),
'approved' => $this->db->f('approved'),
'mail_recipients' => explode(',',
trim($this->db->f('mail_recipients'), ',')),
Modified: trunk/property/inc/class.uijasper.inc.php
===================================================================
--- trunk/property/inc/class.uijasper.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/property/inc/class.uijasper.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -250,100 +250,7 @@
)
)
);
- //$this->save_sessiondata();
- //$datatable = array();
- /* if( phpgw::get_var('phpgw_return_as') != 'json' )
- {
- $datatable['config']['base_url'] =
$GLOBALS['phpgw']->link('/index.php', array
- (
- 'menuaction' => 'property.uijasper.index',
- 'app' => $this->app
- ));
-
- $datatable['config']['base_java_url'] =
"menuaction:'property.uijasper.index',"
- ."app: '{$this->app}',"
- ."allrows:'{$this->allrows}'";
-
-
- $link_data = array
- (
- 'menuaction' => 'property.uijasper.index',
- 'app' => $this->app
- );
-
- $values_combo_box[0] = $this->bo->get_apps();
-
- $datatable['config']['allow_allrows'] = true;
-
- $datatable['actions']['form'] = array
- (
- array
- (
- 'action' => $GLOBALS['phpgw']->link('/index.php',
- array
- (
- 'menuaction' => 'property.uijasper.index'//,
- )
- ),
- 'fields' => array
- (
- 'field' => array
- (
- array //boton CATEGORY
- (
- 'id' => 'btn_app_id',
- 'name' => 'app',
- 'value' => lang('application'),
- 'type' => 'button',
- 'style' => 'filter',
- 'tab_index' => 1
- ),
- array
- (
- 'type' => 'button',
- 'id' => 'btn_export',
- 'value' => lang('download'),
- 'tab_index' => 9
- ),
- array
- (
- 'type' => 'button',
- 'id' => 'btn_new',
- 'value' => lang('add'),
- 'tab_index' => 8
- ),
- array //boton SEARCH
- (
- 'id' => 'btn_search',
- 'name' => 'search',
- 'value' => lang('search'),
- 'type' => 'button',
- 'tab_index' => 7
- ),
- array // TEXT INPUT
- (
- 'name' => 'query',
- 'id' => 'txt_query',
- 'value' => '',//$query,
- 'type' => 'text',
- 'onkeypress' => 'return pulsar(event)',
- 'size' => 28,
- 'tab_index' => 6
- )
- ),
- 'hidden_value' => array
- (
- array //div values combo_box_0
- (
- 'id' => 'values_combo_box_0',
- 'value' =>
$this->bocommon->select2String($values_combo_box[0])
- )
- )
- )
- )
- );
- } */
$filters = $this->_get_Filters();
foreach ($filters as $filter)
{
@@ -637,12 +544,9 @@
{
$values = $this->bo->read_single($id);
$function_msg = lang('edit report');
- $this->acl->set_account_id($this->account);
- $grants = $this->acl->get_grants('property',
'.jasper');
- if
(!$this->bocommon->check_perms($grants[$values['user_id']], PHPGW_ACL_READ))
+ if
(!$this->bocommon->check_perms2($values['user_id'], $this->grants,
PHPGW_ACL_READ))
{
- $values = array();
- $receipt['error'][] = array('msg' =>
lang('You are not granted sufficient rights for this entry'));
+ phpgw::no_access();
}
}
else
@@ -780,7 +684,7 @@
$values['input'] = $values_attribute;
$first_run = false;
}
- if
(!$this->bocommon->check_perms($this->grants[$values['user_id']],
PHPGW_ACL_READ))
+ if (!$this->bocommon->check_perms2($values['user_id'],
$this->grants, PHPGW_ACL_READ))
{
echo lang('not allowed');
$GLOBALS['phpgw']->common->phpgw_exit();
@@ -946,7 +850,7 @@
$id = phpgw::get_var('id'); // string
$values = $this->bo->read_single($id);
- if
(!$this->bocommon->check_perms($this->grants[$values['user_id']],
PHPGW_ACL_DELETE))
+ if (!$this->bocommon->check_perms2($values['user_id'],
$this->grants, PHPGW_ACL_DELETE))
{
return lang('not allowed');
}
Modified: trunk/property/inc/class.uiproject.inc.php
===================================================================
--- trunk/property/inc/class.uiproject.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/property/inc/class.uiproject.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -1300,12 +1300,20 @@
'project_id' => $id));
}
- if
(!$this->bocommon->check_perms($values['grants'], PHPGW_ACL_EDIT))
+ if
(!$this->bocommon->check_perms2($values['coordinator'], $this->bo->so->grants,
PHPGW_ACL_EDIT))
{
$this->receipt['error'][] = array('msg'
=> lang('You have no edit right for this project'));
-
$GLOBALS['phpgw']->session->appsession('receipt', 'property',
$this->receipt['error']);
-
$GLOBALS['phpgw']->redirect_link('/index.php', array('menuaction' =>
'property.uiproject.view',
- 'id' => $id));
+
$GLOBALS['phpgw']->session->appsession('receipt', 'property', $this->receipt);
+
+ switch ($mode)
+ {
+ case 'edit':
+
self::redirect(array('menuaction' => 'property.uiproject.view','id' => $id));
+ break;
+ default:
+
self::redirect(array('menuaction' => 'property.uiproject.index'));
+ break;
+ }
}
else
{
@@ -2279,13 +2287,15 @@
function delete()
{
- if (!$this->acl_delete)
+ $project_id = phpgw::get_var('project_id', 'int');
+
+// $project = $this->bo->read_single($project_id);
+
+ if (!$this->acl_delete)// ||
!$this->bocommon->check_perms2($project['coordinator'], $this->bo->so->grants,
PHPGW_ACL_DELETE))
{
- $GLOBALS['phpgw']->redirect_link('/index.php',
array('menuaction' => 'property.uilocation.stop',
- 'perm' => 8, 'acl_location' =>
$this->acl_location));
+ phpgw::no_access();
}
- $project_id = phpgw::get_var('project_id', 'int');
if (phpgw::get_var('phpgw_return_as') == 'json')
{
$this->bo->delete($project_id);
Modified: trunk/property/inc/class.uiresponsible.inc.php
===================================================================
--- trunk/property/inc/class.uiresponsible.inc.php 2016-05-19 00:37:29 UTC
(rev 15174)
+++ trunk/property/inc/class.uiresponsible.inc.php 2016-05-19 07:10:02 UTC
(rev 15175)
@@ -582,16 +582,13 @@
{
$values = $this->bo->read_single($id);
$function_msg = lang('edit responsible');
- /*
- $this->acl->set_account_id($this->account);
- $grants =
$this->acl->get_grants('property','.responsible');
-
if(!$this->bocommon->check_perms($grants[$values['user_id']], PHPGW_ACL_READ))
- {
- $values = array();
- $receipt['error'][]=array('msg'=>lang('You
are not granted sufficient rights for this entry'));
- }
-
- */
+
+// $this->acl->set_account_id($this->account);
+// $grants =
$this->acl->get_grants('property','.responsible');
+//
if(!$this->bocommon->check_perms2($values['created_by'], $grants,
PHPGW_ACL_READ))
+// {
+// phpgw::no_access();
+// }
}
else
{
@@ -706,8 +703,7 @@
{
if (!$this->acl_add && !$this->acl_edit)
{
- $GLOBALS['phpgw']->redirect_link('/index.php',
array('menuaction' => 'property.uilocation.stop',
- 'perm' => 2, 'acl_location' =>
$this->acl_location));
+ phpgw::no_access();
}
$id = phpgw::get_var('id', 'int');
@@ -764,16 +760,6 @@
{
$values = $this->bo->read_single_role($id);
$function_msg = lang('edit role');
- /*
- $this->acl->set_account_id($this->account);
- $grants =
$this->acl->get_grants('property','.responsible');
-
if(!$this->bocommon->check_perms($grants[$values['user_id']], PHPGW_ACL_READ))
- {
- $values = array();
- $receipt['error'][]=array('msg'=>lang('You
are not granted sufficient rights for this entry'));
- }
-
- */
}
else
{
Modified: trunk/property/inc/class.uiwo_hour.inc.php
===================================================================
--- trunk/property/inc/class.uiwo_hour.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/property/inc/class.uiwo_hour.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -381,13 +381,6 @@
{
$workorder =
$this->boworkorder->read_single($workorder_id);
- /* if
(!$this->bocommon->check_perms($workorder['grants'],PHPGW_ACL_EDIT))
- {
- $receipt['error'][]=array('msg'=>lang('You have no
edit right for this project'));
-
$GLOBALS['phpgw']->session->appsession('receipt','property',$receipt);
-
$GLOBALS['phpgw']->redirect_link('/index.php',array('menuaction'=>
'property.uiworkorder.view','id'=> $workorder_id));
- }
- */
$hour_list = $this->bo->read($workorder_id);
//_debug_array($hour_list);
$grouping_descr_old = '';
Modified: trunk/property/inc/class.uiworkorder.inc.php
===================================================================
--- trunk/property/inc/class.uiworkorder.inc.php 2016-05-19 00:37:29 UTC
(rev 15174)
+++ trunk/property/inc/class.uiworkorder.inc.php 2016-05-19 07:10:02 UTC
(rev 15175)
@@ -1248,14 +1248,21 @@
}
$acl_required = $mode == 'edit' ?
PHPGW_ACL_EDIT : PHPGW_ACL_READ;
- if
(!$this->bocommon->check_perms($project['grants'], $acl_required))
+ if
(!$this->bocommon->check_perms2($project['coordinator'], $this->bo->so->grants,
PHPGW_ACL_EDIT))
{
$this->receipt['error'][] = array(
'msg' => lang('You have no edit
right for this project'));
$GLOBALS['phpgw']->session->appsession('receipt', 'property', $this->receipt);
-
$GLOBALS['phpgw']->redirect_link('/index.php', array(
- 'menuaction' =>
'property.uiworkorder.view',
- 'id' => $id));
+
+ switch ($mode)
+ {
+ case 'edit':
+
self::redirect(array('menuaction' => 'property.uiworkorder.view','id' => $id));
+ break;
+ default:
+
self::redirect(array('menuaction' => 'property.uiworkorder.index'));
+ break;
+ }
}
if ($project['key_fetch'] &&
!$values['key_fetch'])
Modified: trunk/sms/inc/class.soautoreply.inc.php
===================================================================
--- trunk/sms/inc/class.soautoreply.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/sms/inc/class.soautoreply.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -17,8 +17,6 @@
*/
class sms_soautoreply
{
-
- var $grants;
var $db;
var $account;
var $autoreply_data;
@@ -29,7 +27,6 @@
$this->db = clone($GLOBALS['phpgw']->db);
$GLOBALS['phpgw']->acl->set_account_id($this->account);
- $this->grants =
$GLOBALS['phpgw']->acl->get_grants('sms', '.config');
$this->join = $this->db->join;
$this->like = $this->db->like;
}
@@ -54,21 +51,7 @@
$table = 'phpgw_sms_featautoreply';
$where = 'WHERE';
- $grants = $this->grants;
- /* if (is_array($grants))
- {
- while (list($user) = each($grants))
- {
- $public_user_list[] = $user;
- }
- reset($public_user_list);
- $filtermethod .= " $where ( $table.uid IN(" .
implode(',',$public_user_list) . "))";
-
- $where= 'AND';
- }
- */
-
$querymethod = '';
if ($query)
{
@@ -98,7 +81,6 @@
'id' => $this->db->f('autoreply_id'),
'uid' => $this->db->f('uid'),
'code' =>
stripslashes($this->db->f('autoreply_code')),
- 'grants' =>
(int)$grants[$this->db->f('uid')]
);
}
Modified: trunk/sms/inc/class.socommand.inc.php
===================================================================
--- trunk/sms/inc/class.socommand.inc.php 2016-05-19 00:37:29 UTC (rev
15174)
+++ trunk/sms/inc/class.socommand.inc.php 2016-05-19 07:10:02 UTC (rev
15175)
@@ -17,8 +17,6 @@
*/
class sms_socommand
{
-
- var $grants;
var $db;
var $account;
var $command_data;
@@ -29,7 +27,6 @@
$this->db = clone($GLOBALS['phpgw']->db);
$GLOBALS['phpgw']->acl->set_account_id($this->account);
- $this->grants =
$GLOBALS['phpgw']->acl->get_grants('sms', '.config');
$this->join = $this->db->join;
$this->like = $this->db->like;
}
@@ -54,21 +51,7 @@
$table = 'phpgw_sms_featcommand';
$where = 'WHERE';
- $grants = $this->grants;
- /* if (is_array($grants))
- {
- while (list($user) = each($grants))
- {
- $public_user_list[] = $user;
- }
- reset($public_user_list);
- $filtermethod .= " $where ( $table.uid IN(" .
implode(',',$public_user_list) . "))";
-
- $where= 'AND';
- }
- */
-
$querymethod = '';
if ($query)
{
@@ -100,7 +83,6 @@
'uid' => $this->db->f('uid'),
'code' =>
stripslashes($this->db->f('command_code')),
'exec' =>
stripslashes($this->db->f('command_exec')),
- 'grants' =>
(int)$grants[$this->db->f('uid')]
);
}
Modified: trunk/sms/inc/class.sopoll.inc.php
===================================================================
--- trunk/sms/inc/class.sopoll.inc.php 2016-05-19 00:37:29 UTC (rev 15174)
+++ trunk/sms/inc/class.sopoll.inc.php 2016-05-19 07:10:02 UTC (rev 15175)
@@ -17,8 +17,6 @@
*/
class sms_sopoll
{
-
- var $grants;
var $db;
var $account;
var $poll_data;
@@ -29,7 +27,6 @@
$this->db = & $GLOBALS['phpgw']->db;
$GLOBALS['phpgw']->acl->set_account_id($this->account);
- $this->grants =
$GLOBALS['phpgw']->acl->get_grants('sms', '.config');
$this->join = $this->db->join;
$this->like = $this->db->like;
}
@@ -54,21 +51,7 @@
$table = 'phpgw_sms_featpoll';
$where = 'WHERE';
- $grants = $this->grants;
- /* if (is_array($grants))
- {
- while (list($user) = each($grants))
- {
- $public_user_list[] = $user;
- }
- reset($public_user_list);
- $filtermethod .= " $where ( $table.uid IN(" .
implode(',',$public_user_list) . "))";
-
- $where= 'AND';
- }
- */
-
$querymethod = '';
if ($query)
{
@@ -100,7 +83,6 @@
'code' => $this->db->f('poll_code',
true),
'title' => $this->db->f('poll_title',
true),
'enable' => $this->db->f('poll_enable'),
- 'grants' =>
(int)$grants[$this->db->f('uid')]
);
}
Modified: trunk/sms/inc/class.sosms.inc.php
===================================================================
--- trunk/sms/inc/class.sosms.inc.php 2016-05-19 00:37:29 UTC (rev 15174)
+++ trunk/sms/inc/class.sosms.inc.php 2016-05-19 07:10:02 UTC (rev 15175)
@@ -18,7 +18,6 @@
class sms_sosms
{
- var $grants;
var $db;
var $account;
@@ -41,11 +40,11 @@
$allrows = isset($data['allrows']) ? $data['allrows'] :
'';
$acl_location = isset($data['acl_location']) ?
$data['acl_location'] : '';
- if ($acl_location)
- {
-
$GLOBALS['phpgw']->acl->set_account_id($this->account);
- $grants =
$GLOBALS['phpgw']->acl->get_grants('sms', $acl_location);
- }
+// if ($acl_location)
+// {
+//
$GLOBALS['phpgw']->acl->set_account_id($this->account);
+// $grants =
$GLOBALS['phpgw']->acl->get_grants2('sms', $acl_location);
+// }
//_debug_array($grants);
if ($order)
@@ -61,18 +60,6 @@
$where = 'WHERE';
- /* if (is_array($grants))
- {
- while (list($user) = each($grants))
- {
- $public_user_list[] = $user;
- }
- reset($public_user_list);
- $filtermethod .= " $where ( $table.in_uid IN(" .
implode(',',$public_user_list) . "))";
-
- $where= 'AND';
- }
- */
if ($query)
{
$query = $this->db->db_addslashes($query);
@@ -106,7 +93,6 @@
'entry_time' =>
$this->db->f('in_datetime'),
'message' => $this->db->f('in_msg',
true),
'user' =>
$GLOBALS['phpgw']->accounts->id2name($this->db->f('in_uid')),
- 'grants' =>
(int)isset($grants[$this->db->f('in_uid')]) ? $grants[$this->db->f('in_uid')] : 0
);
}
@@ -122,11 +108,11 @@
$allrows = isset($data['allrows']) ? $data['allrows'] :
'';
$acl_location = isset($data['acl_location']) ?
$data['acl_location'] : '';
- if ($acl_location)
- {
-
$GLOBALS['phpgw']->acl->set_account_id($this->account);
- $grants =
$GLOBALS['phpgw']->acl->get_grants('sms', $acl_location);
- }
+// if ($acl_location)
+// {
+//
$GLOBALS['phpgw']->acl->set_account_id($this->account);
+// $grants =
$GLOBALS['phpgw']->acl->get_grants2('sms', $acl_location);
+// }
if ($order)
{
@@ -142,18 +128,18 @@
$where = 'WHERE';
- if (is_array($grants))
- {
- while (list($user) = each($grants))
- {
- $public_user_list[] = $user;
- }
- reset($public_user_list);
- $filtermethod = " $where ( $table.uid IN(" .
implode(',', $public_user_list) . "))";
+// if (is_array($grants))
+// {
+// while (list($user) = each($grants))
+// {
+// $public_user_list[] = $user;
+// }
+// reset($public_user_list);
+// $filtermethod = " $where ( $table.uid IN(" .
implode(',', $public_user_list) . "))";
+//
+// $where = 'AND';
+// }
- $where = 'AND';
- }
-
$querymethod = '';
if ($query)
{
@@ -197,7 +183,6 @@
'entry_time' =>
$this->db->f('p_datetime'),
'message' => $this->db->f('p_msg',
true),
'status' =>
$status_array[$this->db->f('p_status')],
- 'grants' =>
(int)$grants[$this->db->f('uid')]
);
}
return $outbox;
Modified: trunk/todo/inc/class.botodo.inc.php
===================================================================
--- trunk/todo/inc/class.botodo.inc.php 2016-05-19 00:37:29 UTC (rev 15174)
+++ trunk/todo/inc/class.botodo.inc.php 2016-05-19 07:10:02 UTC (rev 15175)
@@ -185,9 +185,30 @@
$this->cat_id = $data['cat_id'];
}
- function check_perms($has, $needed)
+ /**
+ *
+ * @param integer $owner_id
+ * @param array $grants
+ * @param integer $required
+ * @return bool
+ */
+ function check_perms( $owner_id, $grants, $required )
{
- return (!!($has & $needed) == True);
+ if(isset($grants['accounts'][$owner_id]) &&
($grants['accounts'][$owner_id] & $required))
+ {
+ return true;
+ }
+
+ $equalto =
$GLOBALS['phpgw']->accounts->membership($owner_id);
+ foreach($grants['groups'] as $group => $_right)
+ {
+ if(isset($equalto[$group]) && ($_right &
$required))
+ {
+ return true;
+ }
+ }
+
+ return false;
}
function cached_accounts($account_id)
Modified: trunk/todo/inc/class.sotodo.inc.php
===================================================================
--- trunk/todo/inc/class.sotodo.inc.php 2016-05-19 00:37:29 UTC (rev 15174)
+++ trunk/todo/inc/class.sotodo.inc.php 2016-05-19 07:10:02 UTC (rev 15175)
@@ -26,7 +26,7 @@
function __construct()
{
$this->db =& $GLOBALS['phpgw']->db;
- $this->grants =
$GLOBALS['phpgw']->acl->get_grants('todo');
+ $this->grants =
$GLOBALS['phpgw']->acl->get_grants2('todo');
$this->account =
$GLOBALS['phpgw_info']['user']['account_id'];
$this->user_groups =
$GLOBALS['phpgw']->accounts->membership($this->account);
$this->historylog =
CreateObject('phpgwapi.historylog','todo', '.');
@@ -99,16 +99,34 @@
if($filter == 'none')
{
- if(is_array($this->grants))
+
+ $public_user_list = array();
+ if (is_array($grants['accounts']) &&
$grants['accounts'])
{
- $grants = $this->grants;
- while(list($user) = each($grants))
+ foreach($grants['accounts'] as $user =>
$_right)
{
$public_user_list[] = $user;
}
reset($public_user_list);
- $filtermethod .= " OR
(todo_access='public' AND todo_owner IN(" . implode(',', $public_user_list) .
'))';
+ $filtermethod .= " OR
(todo_access='public' AND todo_owner IN(" . implode(',', $public_user_list) .
"))";
}
+
+ $public_group_list = array();
+ if (is_array($grants['groups']) &&
$grants['groups'])
+ {
+ foreach($grants['groups'] as $user =>
$_right)
+ {
+ $public_group_list[] = $user;
+ }
+ unset($user);
+ reset($public_group_list);
+ $filtermethod .= " OR
todo_access='public' AND phpgw_group_map.group_id IN(" . implode(',',
$public_group_list) . "))";
+ $where = 'AND';
+ }
+ if($public_user_list && !$public_group_list)
+ {
+ $filtermethod .=')';
+ }
}
$filtermethod .= ')';
@@ -138,8 +156,18 @@
$parentmethod = ' AND todo_id_parent=' . (int)
$parent;
}
- $sql = "SELECT * FROM phpgw_todo WHERE $filtermethod
$querymethod $type $parentmethod ";
+ $this->db->query("SELECT count(*) as cnt FROM
phpgw_todo"
+ . " {$this->join} phpgw_accounts ON (
phpgw_todo.todo_owner = phpgw_accounts.account_id)"
+ . " {$this->join} phpgw_group_map ON
(phpgw_accounts.account_id = phpgw_group_map.account_id)"
+ . " WHERE $filtermethod $querymethod $type
$parentmethod", __LINE__, __FILE__);
+ $this->db->next_record();
+ $this->total_records = $this->db->f('cnt');
+ $sql = "SELECT DISTINCT phpgw_todo.* FROM phpgw_todo"
+ . " {$this->join} phpgw_accounts ON (
phpgw_todo.todo_owner = phpgw_accounts.account_id)"
+ . " {$this->join} phpgw_group_map ON
(phpgw_accounts.account_id = phpgw_group_map.account_id)"
+ . " WHERE $filtermethod $querymethod $type
$parentmethod ";
+
if($limit)
{
$this->db->limit_query($sql .
$ordermethod,$start,__LINE__,__FILE__);
@@ -149,8 +177,6 @@
$this->db->query($sql .
$ordermethod,__LINE__,__FILE__);
}
- $this->total_records = $this->db->num_rows();
-
$todos = array();
while($this->db->next_record())
{
@@ -170,7 +196,6 @@
'status' =>
(int)$this->db->f('todo_status'),
'sdate' =>
$this->db->f('todo_startdate'),
'edate' =>
$this->db->f('todo_enddate'),
- 'grants' =>
(int)$this->grants[$this->db->f('todo_owner')],
'sdate_epoch' =>
(int)$this->db->f('todo_startdate'),
'edate_epoch' =>
(int)$this->db->f('todo_enddate'),
'assigned' =>
$this->db->f('todo_assigned'),
Modified: trunk/todo/inc/class.uitodo.inc.php
===================================================================
--- trunk/todo/inc/class.uitodo.inc.php 2016-05-19 00:37:29 UTC (rev 15174)
+++ trunk/todo/inc/class.uitodo.inc.php 2016-05-19 07:10:02 UTC (rev 15175)
@@ -262,7 +262,7 @@
$this->t->set_var('view','<a href="' .
$GLOBALS['phpgw']->link('/index.php', array('menuaction' => 'todo.uitodo.view',
'todo_id' => $todo_list[$i]['id']) )
. '">' . lang('View') . '</a>');
- if
($this->botodo->check_perms($this->grants[$todo_list[$i]['owner_id']],PHPGW_ACL_EDIT))
+ if
($this->botodo->check_perms($todo_list[$i]['owner_id'], $this->grants,
PHPGW_ACL_EDIT))
{
$this->t->set_var('edit','<a href="' .
$GLOBALS['phpgw']->link('/index.php', array('menuaction' => 'todo.uitodo.edit',
'todo_id' => $todo_list[$i]['id']) )
. '">' . lang('Edit') . '</a>');
@@ -272,7 +272,7 @@
$this->t->set_var('edit',' ');
}
- if
($this->botodo->check_perms($this->grants[$todo_list[$i]['owner_id']],PHPGW_ACL_DELETE))
+ if
($this->botodo->check_perms($todo_list[$i]['owner_id'],$this->grants,
PHPGW_ACL_DELETE))
{
$this->t->set_var('delete','<a href="'
. $GLOBALS['phpgw']->link('/index.php', array('menuaction' =>
'todo.uitodo.delete', 'todo_id' => $todo_list[$i]['id']) )
. '">' . lang('Delete') . '</a>');
@@ -282,7 +282,7 @@
$this->t->set_var('delete',' ');
}
- if
($this->botodo->check_perms($this->grants[$todo_list[$i]['owner_id']],PHPGW_ACL_ADD))
+ if
($this->botodo->check_perms($todo_list[$i]['owner_id'],$this->grants,PHPGW_ACL_ADD))
{
$this->t->set_var('subadd', '<a href="'
. $GLOBALS['phpgw']->link('/index.php', array('menuaction' =>
'todo.uitodo.add', 'parent' => $todo_list[$i]['id'], 'cat_id' => $this->cat_id)
)
. '">' . lang('Add Sub') . '</a>');
@@ -316,7 +316,7 @@
}
else
{
- if
($this->botodo->check_perms($this->grants[$cat[0]['owner']],PHPGW_ACL_ADD) ||
$cat[0]['owner'] == $GLOBALS['phpgw_info']['user']['account_id'])
+ if
($this->botodo->check_perms($cat[0]['owner'], $this->grants,PHPGW_ACL_ADD) ||
$cat[0]['owner'] == $GLOBALS['phpgw_info']['user']['account_id'])
{
$this->t->set_var('add','<form
method="POST" action="' . $GLOBALS['phpgw']->link('/index.php',
array('menuaction' => 'todo.uitodo.add', 'cat_id' => $this->cat_id) )
. '"><input
type="submit" name="Add" value="' . lang('Add') .'"></form>');
@@ -753,7 +753,7 @@
$this->t->set_var('access_list', '<input
type="checkbox" name="values[access]" value="True"' . ($values['access'] ==
'private'?' checked':'') . '>');
- if
($this->botodo->check_perms($this->grants[$values['owner']],PHPGW_ACL_DELETE)
|| $values['owner'] == $GLOBALS['phpgw_info']['user']['account_id'])
+ if ($this->botodo->check_perms($values['owner'],
$this->grants,PHPGW_ACL_DELETE) || $values['owner'] ==
$GLOBALS['phpgw_info']['user']['account_id'])
{
$this->t->set_var('delete','<form method="POST"
action="' . $GLOBALS['phpgw']->link('/index.php', array('menuaction' =>
'todo.uitodo.delete', 'todo_id' => $values['id']) )
. '"><input type="submit" value="' .
lang('Delete') .'"></form>');
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Fmsystem-commits] [15175] change logic for getting grants of permission,
sigurdne <=