nik/davical
1
0
Fork 0
mirror of https://gitlab.com/davical-project/davical.git synced 2026-06-18 06:30:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

add feature list_everyone (fixes #59)

Browse Source
This commit is contained in:
Klaus M Pfeiffer 2020-05-05 23:20:02 +02:00 committed by Florian Schlichting
parent 5c2cb6c34a
commit 042ce5f076
6 changed files with 35 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
config/example-config.php
View File

@ -113,6 +113,14 @@ $c->admin_email ='calendar-admin@example.com';
// $c->local_styles = array();
// $c->print_styles = array();
/**
* Allow users to see all accounts listed, or only their account and
* the accounts they have a relationship to in the web interface.
* Admins will still be able to see all accounts.
* Default: true
*/
// $c->list_everyone = false;
/***************************************************************************
* *

1
htdocs/always.php
View File

@ -134,6 +134,7 @@ $c->locale_path = '../locale';
$c->base_url = preg_replace('#/[^/]+\.php.*$#', '', $_SERVER['SCRIPT_NAME']);
$c->base_directory = preg_replace('#/[^/]*$#', '', $_SERVER['DOCUMENT_ROOT']);
$c->default_privileges = array('read-free-busy', 'schedule-deliver');
$c->list_everyone = true;
$c->enable_auto_schedule = true;

1
inc/always.php.in
View File

@ -134,6 +134,7 @@ $c->locale_path = '../locale';
$c->base_url = preg_replace('#/[^/]+\.php.*$#', '', $_SERVER['SCRIPT_NAME']);
$c->base_directory = preg_replace('#/[^/]*$#', '', $_SERVER['DOCUMENT_ROOT']);
$c->default_privileges = array('read-free-busy', 'schedule-deliver');
$c->list_everyone = true;
$c->enable_auto_schedule = true;

8
inc/ui/collection-edit.php
View File

@ -416,7 +416,13 @@ if ( $editor->Available() ) {
$grantrow = new Editor("Grants", "grants");
$grantrow->SetSubmitName( 'savegrantrow' );
$grantrow->SetLookup( 'to_principal', 'SELECT principal_id, displayname FROM dav_principal WHERE principal_id NOT IN (SELECT member_id FROM group_member WHERE group_id = '.$id.') ORDER BY displayname' );
$limit_grantrow = '';
if ( ! $c->list_everyone ) {
if ( ! $session->AllowedTo( "Admin" ) ) {
$limit_grantrow = 'AND (principal_id = \''.$session->principal_id.'\' or principal_id in (select member_id from group_member where group_id in (select group_id from group_member where member_id = \''.$session->principal_id.'\')) or principal_id in (select group_id from group_member where member_id = \''.$session->principal_id.'\'))';
}
}
$grantrow->SetLookup( 'to_principal', 'SELECT principal_id, displayname FROM dav_principal WHERE principal_id NOT IN (SELECT member_id FROM group_member WHERE group_id = '.$id.') '.$limit_grantrow.' ORDER BY displayname' );
if ( $can_write_collection ) {
if ( $grantrow->IsSubmit() ) {
$_POST['by_collection'] = $id;

10
inc/ui/principal-browse.php
View File

@ -35,6 +35,16 @@ if ( isset($principal_type) ) {
$browser->AndWhere( 'type_id = '.$principal_type );
}
if ( ! $c->list_everyone ) {
if ( ! $session->AllowedTo( "Admin" ) ) {
if ( isset($principal_type) && ( $principal_type == 1 || $principal_type == 2 ) ) {
$browser->AndWhere( '(principal_id = \''.$session->principal_id.'\' or principal_id in (select member_id from group_member where group_id in (select group_id from group_member where member_id = \''.$session->principal_id.'\')))' );
}
if ( isset($principal_type) && $principal_type == 3 ) {
$browser->AndWhere( '(principal_id = \''.$session->principal_id.'\' or principal_id in (select group_id from group_member where member_id = \''.$session->principal_id.'\'))' );
}
}
}
$c->page_title = $browser->Title();

10
inc/ui/principal-edit.php
View File

@ -615,7 +615,7 @@ function group_members_browser() {
function grant_row_editor() {
global $c, $id, $editor, $can_write_principal, $privilege_names;
global $c, $id, $editor, $can_write_principal, $privilege_names, $session;
$grantrow = new Editor("Grants", "grants");
$grantrow->SetSubmitName( 'savegrantrow' );
@ -623,7 +623,13 @@ function grant_row_editor() {
if ( isset($_GET['edit_grant']) ) {
$edit_grant_clause = ' AND to_principal != '.intval($_GET['edit_grant']);
}
$grantrow->SetLookup( 'to_principal', 'SELECT principal_id, displayname FROM dav_principal WHERE user_active AND principal_id NOT IN (SELECT to_principal FROM grants WHERE by_principal = '.$id.$edit_grant_clause.') ORDER BY fullname' );
$limit_grantrow = '';
if ( ! $c->list_everyone ) {
if ( ! $session->AllowedTo( "Admin" ) ) {
$limit_grantrow = 'AND (principal_id = \''.$session->principal_id.'\' or principal_id in (select member_id from group_member where group_id in (select group_id from group_member where member_id = \''.$session->principal_id.'\')) or principal_id in (select group_id from group_member where member_id = \''.$session->principal_id.'\'))';
}
}
$grantrow->SetLookup( 'to_principal', 'SELECT principal_id, displayname FROM dav_principal WHERE user_active AND principal_id NOT IN (SELECT to_principal FROM grants WHERE by_principal = '.$id.$edit_grant_clause.') '.$limit_grantrow.' ORDER BY fullname' );
if ( $can_write_principal ) {
if ( $grantrow->IsSubmit() ) {
if ( $grantrow->IsUpdate() )