From 0b20d760db544b076ca3fdbcd356d533cb7ccdcd Mon Sep 17 00:00:00 2001 From: Andrew McMillan Date: Fri, 27 Nov 2009 13:16:41 +1300 Subject: [PATCH] Now able to edit /create grants to specific users or groups. --- inc/ui/principal-edit.php | 135 +++++++++++++++++++++++++++++++------- 1 file changed, 113 insertions(+), 22 deletions(-) diff --git a/inc/ui/principal-edit.php b/inc/ui/principal-edit.php index 44ed0386..2637199a 100644 --- a/inc/ui/principal-edit.php +++ b/inc/ui/principal-edit.php @@ -72,7 +72,7 @@ $default_privileges = bindec($editor->Value('default_privileges')); $privileges_set = '
'; for( $i=0; $i'.$privilege_xlate[$privilege_names[$i]].''."\n"; + $privileges_set .= ''."\n"; } $privileges_set .= '
'; @@ -94,26 +94,29 @@ function toggle_privileges() { var argv = toggle_privileges.arguments; var argc = argv.length; - if ( argc < 1 ) { + if ( argc < 2 ) { return; } + var match_me = argv[0]; var set_to = -1; - if ( argv[0] == 'all' ) { - var fieldcount = document.forms[0].elements.length; + if ( argv[1] == 'all' ) { + var form = document.getElementById(argv[2]); + var fieldcount = form.elements.length; + var matching = '/^' + match_me + '/'; for (var i = 0; i < fieldcount; i++) { - var fieldname = document.forms[0].elements[i].name; - if ( fieldname.match( /^default_privileges/ ) ) { + var fieldname = form.elements[i].name; + if ( fieldname.match( match_me ) ) { if ( set_to == -1 ) { - set_to = ( document.forms[0].elements[i].checked ? 0 : 1 ); + set_to = ( form.elements[i].checked ? 0 : 1 ); } - document.forms[0].elements[i].checked = set_to; + form.elements[i].checked = set_to; } } } else { - for (var i = 0; i < argc; i++) { - var f = document.getElementById( 'priv_checkbox_' + argv[i]); + for (var i = 1; i < argc; i++) { + var f = document.getElementById( match_me + '_' + argv[i]); if ( set_to == -1 ) { set_to = ( f.checked ? 0 : 1 ); } @@ -142,19 +145,19 @@ label.privilege { $prompt_date_format: ##date_format_type.select## $prompt_type: ##type_id.select## $prompt_privileges: - + + onclick="toggle_privileges('default_privileges', 'read', 'read-free-busy', 'schedule-query-freebusy', 'read-current-user-privilege-set' );"> + onclick="toggle_privileges('default_privileges', 'read-free-busy', 'schedule-query-freebusy' );"> + onclick="toggle_privileges('default_privileges', 'schedule-deliver-invite', 'schedule-deliver-reply', 'schedule-query-freebusy' );"> + onclick="toggle_privileges('default_privileges', 'schedule-send-invite', 'schedule-send-reply', 'schedule-send-freebusy' );">
$privileges_set ##submit## @@ -194,11 +197,6 @@ $page_elements[] = $browser; if ( $editor->Value('type_id') == 3 ) { $grouprow = new Editor("Group Members", "group_member"); - /** - * @Todo: Need write-acl privs on the group user, too. - */ - $priv_needed = privilege_to_bits('read-acl'); -// $grouprow->SetLookup( 'member_id', 'SELECT principal_id, displayname FROM dav_principal WHERE principal_privileges('.$session->principal_id.',principal_id) & '.$priv_needed.'::BIT(24) != 0::BIT(24)'); $grouprow->SetLookup( 'member_id', 'SELECT principal_id, displayname FROM dav_principal WHERE principal_id NOT IN (SELECT member_id FROM group_member WHERE group_id = '.$id.')'); $grouprow->SetSubmitName( 'savegrouprow' ); @@ -223,7 +221,7 @@ if ( $editor->Value('type_id') == 3 ) { $form_url = preg_replace( '#&(edit|delete)_group=\d+#', '', $_SERVER['REQUEST_URI'] ); $template = << +
##member_id.select##   ##Add.submit## @@ -276,15 +274,96 @@ EOTEMPLATE; } + $grantrow = new Editor("Grants", "grants"); + $grantrow->SetSubmitName( 'savegrantrow' ); + $grantrow->SetLookup( 'to_principal', 'SELECT principal_id, displayname FROM dav_principal WHERE principal_id NOT IN (SELECT member_id FROM group_member WHERE group_id = '.$id.')' ); + if ( $can_write_principal ) { + if ( $grantrow->IsSubmit() ) { + $_POST['by_principal'] = $id; + $to_principal = intval($_POST['to_principal']); + $orig_to_id = intval($_POST['orig_to_id']); + $grantrow->SetWhere( "by_principal=".qpg($id)." AND to_principal=$orig_to_id"); + if ( isset($_POST['grant_privileges']) ) { + $privilege_bitpos = array_flip($privilege_names); + $priv_names = array_keys($_POST['grant_privileges']); + $privs = privilege_to_bits($priv_names); + $_POST['privileges'] = sprintf('%024s',decbin($privs)); + $grantrow->Assign('privileges', $privs_dec); + } + $grantrow->Write( ); + unset($_GET['to_principal']); + } + elseif ( isset($_GET['delete_grant']) ) { + $qry = new AwlQuery("DELETE FROM grants WHERE by_principal=:grantor_id AND to_principal = :to_principal", + array( ':grantor_id' => $id, ':to_principal' => intval($_GET['delete_grant']) )); + $qry->Exec('principal-edit'); + } + } + + function edit_grant_row( $row_data ) { + global $grantrow, $id, $privilege_xlate, $privilege_names; + + if ( $row_data->to_principal > -1 ) { + $grantrow->SetRecord( $row_data ); + } + + $grant_privileges = bindec($grantrow->Value('grant_privileges')); + $privileges_set = '
'; + for( $i=0; $i < count($privilege_names); $i++ ) { + $privilege_set = ( (1 << $i) & $grant_privileges ? ' CHECKED' : ''); + $privileges_set .= ''."\n"; + } + $privileges_set .= '
'; + + $orig_to_id = $row_data->to_principal; + $form_id = $grantrow->Id(); + $form_url = preg_replace( '#&(edit|delete)_grant=\d+#', '', $_SERVER['REQUEST_URI'] ); + + $template = << + ##to_principal.select## + + + + + + + +
$privileges_set + ##submit## + + +EOTEMPLATE; + + $grantrow->SetTemplate( $template ); + $grantrow->Title(""); + + return $grantrow->Render(); + } + $browser = new Browser(translate('Principal Grants')); $browser->AddColumn( 'to_principal', translate('To ID'), 'right', '##principal_link##' ); $rowurl = $c->base_url . '/davical.php?action=edit&t=principal&id='; $browser->AddHidden( 'principal_link', "'' || to_principal || ''" ); +$browser->AddHidden( 'grant_privileges', 'privileges' ); $browser->AddColumn( 'displayname', translate('Display Name') ); $browser->AddColumn( 'privs', translate('Privileges'), '', '', 'privileges_list(privileges)' ); $browser->AddColumn( 'members', translate('Has Members'), '', '', 'has_members_list(principal_id)' ); +if ( $can_write_principal ) { + $del_link = "Delete"; + $edit_link = "Edit"; + $browser->AddColumn( 'action', 'Action', 'center', '', "'$edit_link $del_link'" ); +} + $browser->SetOrdering( 'displayname', 'A' ); $browser->SetJoins( "grants LEFT JOIN dav_principal ON (to_principal = principal_id) " ); @@ -299,6 +378,18 @@ else { $browser->DoQuery(); $page_elements[] = $browser; +if ( $can_write_principal ) { + if ( isset($_GET['edit_grant']) ) { + $browser->MatchedRow('to_principal', $_GET['edit_grant'], 'edit_grant_row'); + } + else { + $extra_row = array( 'to_principal' => -1 ); + $browser->MatchedRow('to_principal', -1, 'edit_grant_row'); + $extra_row = (object) $extra_row; + $browser->AddRow($extra_row); + } +} + $browser = new Browser(translate('Principal Collections'));