[dev] Patch for creator permissions in horde and kronolith
Jason Rust
jrust at rustyparts.com
Thu May 8 14:35:43 PDT 2003
The attached patch implements what I have dubbed "creator permissions"
in horde and kronolith. In horde it adds the functionality of being able to
specify that the creator of an event or item can edit, delete, read,
etc. their event. I then implemented the features of this new
permission into kronolith by storing the user id of the person who
creates an event and passing that information to the hasPermission()
function. Other applications who don't want to take advantage of this
feature would not be affected since it is an optional argument that is
ignored if not passed in.
The practical effects of this feature is that kronolith can be used as a
robust group calendar for an organization. In our case the calendar
will be a master calendar that students can view as guests while faculty
can log on and create/edit/delete their own events but not mess with
other events on the calendar.
Chuck mentioned on IRC the fine line between usability and feature-rich
applications that needs to be kept in mind. From experience in
designing other permissions applications I can attest how true that is.
Some ideas I have for keeping permissions simple are:
1: only show creator permissions in those applications that use them (so
far just kronolith)
2: create a new option in conf.php that specfies whether permissions
should be advanced if simple with default of simple. If simple mode is
chosen then things like creator permissions (and perhaps others like
user/group permissions) are hidden from view.
3: With javascript a checkbox could be added to the page for those
browsers that support hidden divs so that if checked it would make some types
of permissions visible while their default would be hidden.
4: And the obvious ;) is to add a help link that explains the different types
of permissions.
-Jason
--
http://www.rustyparts.com/
guaranteed never to rust!
-------------- next part --------------
Index: admin/perms.php
===================================================================
RCS file: /repository/horde/admin/perms.php,v
retrieving revision 1.21
diff -u -r1.21 perms.php
--- admin/perms.php 12 Nov 2002 20:21:24 -0000 1.21
+++ admin/perms.php 8 May 2003 17:58:56 -0000
@@ -168,6 +168,34 @@
}
}
+ // Process creator permissions.
+ if (Horde::getFormData('creator_deny')) {
+ $permission->removeCreatorPermission(_PERMS_SHOW | _PERMS_READ | _PERMS_EDIT | _PERMS_DELETE, false);
+ $permission->addCreatorPermission(_PERMS_NONE, false);
+ } else {
+ $permission->removeCreatorPermission(_PERMS_NONE, false);
+ if (Horde::getFormData('creator_show')) {
+ $permission->addCreatorPermission(_PERMS_SHOW, false);
+ } else {
+ $permission->removeCreatorPermission(_PERMS_SHOW, false);
+ }
+ if (Horde::getFormData('creator_read')) {
+ $permission->addCreatorPermission(_PERMS_READ, false);
+ } else {
+ $permission->removeCreatorPermission(_PERMS_READ, false);
+ }
+ if (Horde::getFormData('creator_edit')) {
+ $permission->addCreatorPermission(_PERMS_EDIT, false);
+ } else {
+ $permission->removeCreatorPermission(_PERMS_EDIT, false);
+ }
+ if (Horde::getFormData('creator_delete')) {
+ $permission->addCreatorPermission(_PERMS_DELETE, false);
+ } else {
+ $permission->removeCreatorPermission(_PERMS_DELETE, false);
+ }
+ }
+
// Process user permissions.
$u_names = Horde::getFormData('u_names');
$u_deny = Horde::getFormData('u_deny');
Index: kronolith/addeventaction.php
===================================================================
RCS file: /repository/kronolith/addeventaction.php,v
retrieving revision 1.36
diff -u -r1.36 addeventaction.php
--- kronolith/addeventaction.php 8 May 2003 13:31:18 -0000 1.36
+++ kronolith/addeventaction.php 8 May 2003 17:58:56 -0000
@@ -14,14 +14,15 @@
if (!Horde::getFormData('cancel')) {
$calendar_id = Horde::getFormData('targetcalendar', $prefs->getValue('default_share'));
$share = &$shares->getShare($calendar_id);
+ $calendar->open($calendar_id);
+ $event = $calendar->getEventObject();
+ // need to read form here so that creatorID is set
+ $event->readForm();
if (is_a($share, 'PEAR_Error')) {
$notification->push(sprintf(_("There was an error accessing the calendar: %s"), $share->getMessage()), 'horde.error');
- } elseif (!$share->hasPermission(Auth::getAuth(), _PERMS_EDIT)) {
+ } elseif (!$share->hasPermission(Auth::getAuth(), _PERMS_EDIT, $event->getCreatorID())) {
$notification->push(sprintf(_("You do not have permission to add events to %s."), $share->getShareName()), 'horde.warning');
} else {
- $calendar->open($calendar_id);
- $event = $calendar->getEventObject();
- $event->readForm();
$event->save();
}
}
Index: kronolith/deleventaction.php
===================================================================
RCS file: /repository/kronolith/deleventaction.php,v
retrieving revision 1.7
diff -u -r1.7 deleventaction.php
--- kronolith/deleventaction.php 17 Apr 2003 16:34:44 -0000 1.7
+++ kronolith/deleventaction.php 8 May 2003 17:58:57 -0000
@@ -23,7 +23,7 @@
exit;
}
$share = &$shares->getShare($event->getCalendar());
- if (!$share->hasPermission(Auth::getAuth(), _PERMS_DELETE)) {
+ if (!$share->hasPermission(Auth::getAuth(), _PERMS_DELETE, $event->getCreatorID())) {
$notification->push(_("You do not have permission to delete this event."), 'horde.warning');
} else {
if ($event->hasRecurType(KRONOLITH_RECUR_NONE) || Horde::getFormData('all')) {
Index: kronolith/editevent.php
===================================================================
RCS file: /repository/kronolith/editevent.php,v
retrieving revision 1.36
diff -u -r1.36 editevent.php
--- kronolith/editevent.php 6 Jan 2003 23:20:21 -0000 1.36
+++ kronolith/editevent.php 8 May 2003 17:58:57 -0000
@@ -40,13 +40,13 @@
$buttons = array();
$share = &$GLOBALS['shares']->getShare(Horde::getFormData('calendar'));
-if (Horde::getFormData('calendar') == '**remote' || !$share->hasPermission(Auth::getAuth(), _PERMS_EDIT)) {
+if (Horde::getFormData('calendar') == '**remote' || !$share->hasPermission(Auth::getAuth(), _PERMS_EDIT, $event->getCreatorID())) {
$buttons[] = '<input type="submit" class="button" name="saveAsNew" value="' . _("Save As New") . '" onclick="return checkCategory();" />';
} else {
$buttons[] = '<input type="submit" class="button" name="save" value="' . _("Save Event") . '" onclick="return checkCategory();" />';
if ($event->isInitialized()) {
$buttons[] = '<input type="submit" class="button" name="saveAsNew" value="' . _("Save As New") . '" onclick="return checkCategory();" />';
- if ($share->hasPermission(Auth::getAuth(), _PERMS_DELETE)) {
+ if ($share->hasPermission(Auth::getAuth(), _PERMS_DELETE, $event->getCreatorID())) {
$delurl = Horde::addParameter('delevent.php', 'eventID=' . $event->getID());
$delurl = Horde::addParameter($delurl, 'calendar=' . $event->getCalendar());
$delurl = Horde::addParameter($delurl, 'month=' . $month);
Index: kronolith/editeventaction.php
===================================================================
RCS file: /repository/kronolith/editeventaction.php,v
retrieving revision 1.42
diff -u -r1.42 editeventaction.php
--- kronolith/editeventaction.php 8 May 2003 13:31:19 -0000 1.42
+++ kronolith/editeventaction.php 8 May 2003 17:58:57 -0000
@@ -33,8 +33,6 @@
if (is_a($share, 'PEAR_Error')) {
$notification->push(sprintf(_("There was an error accessing the calendar: %s"), $share->getMessage()), 'horde.error');
- } elseif (!$share->hasPermission(Auth::getAuth(), _PERMS_EDIT)) {
- $notification->push(_("You do not have permission to edit this event."), 'horde.warning');
} else {
if (Horde::getFormData('saveAsNew')) {
$calendar->open($target);
@@ -58,8 +56,13 @@
$event = $calendar->getEventObject(Horde::getFormData('eventID'));
}
}
+ // need to read form here so that creatorID is set
$event->readForm();
- $event->save();
+ if (!$share->hasPermission(Auth::getAuth(), _PERMS_EDIT, $event->getCreatorID())) {
+ $notification->push(_("You do not have permission to edit this event."), 'horde.warning');
+ } else {
+ $event->save();
+ }
}
}
}
Index: kronolith/viewevent.php
===================================================================
RCS file: /repository/kronolith/viewevent.php,v
retrieving revision 1.16
diff -u -r1.16 viewevent.php
--- kronolith/viewevent.php 17 Apr 2003 16:34:44 -0000 1.16
+++ kronolith/viewevent.php 8 May 2003 17:58:57 -0000
@@ -64,7 +64,8 @@
$mylinks = array();
$isRemote = Horde::getFormData('calendar') == '**remote';
-if (!$isRemote && $share->hasPermission(Auth::getAuth(), _PERMS_DELETE)) {
+
+if (!$isRemote && $share->hasPermission(Auth::getAuth(), _PERMS_DELETE, $event->getCreatorID())) {
$delurl = Horde::addParameter('delevent.php', 'eventID', $event->getID());
$delurl = Horde::addParameter($delurl, 'calendar', $event->getCalendar());
$delurl = Horde::addParameter($delurl, 'timestamp', $timestamp);
@@ -72,7 +73,7 @@
$mylinks[] = Horde::link($delurl, sprintf(_("Delete '%s'"), $event->getTitle()), 'menuitem') . _("Delete") . '</a>';
}
-if ($isRemote || $share->hasPermission(Auth::getAuth(), _PERMS_EDIT)) {
+if ($isRemote || $share->hasPermission(Auth::getAuth(), _PERMS_EDIT, $event->getCreatorID())) {
$editurl = 'editevent.php';
if (Horde::getFormData('calendar') != '**remote') {
$editurl = Horde::addParameter($editurl, 'eventID', $event->getID());
Index: kronolith/lib/Event.php
===================================================================
RCS file: /repository/kronolith/lib/Event.php,v
retrieving revision 1.82
diff -u -r1.82 Event.php
--- kronolith/lib/Event.php 7 May 2003 15:14:12 -0000 1.82
+++ kronolith/lib/Event.php 8 May 2003 17:58:57 -0000
@@ -25,6 +25,12 @@
var $eventID = null;
/**
+ * The user id of the creator of the event
+ * @var string $creatorID
+ */
+ var $creatorID = null;
+
+ /**
* The title of this event,
* @var string $title
*/
@@ -198,6 +204,10 @@
*/
function fromHash($hash)
{
+ // see if it's a new event
+ if (is_null($this->getID())) {
+ $this->setCreatorID(Auth::getAuth());
+ }
if (!empty($hash['title'])) {
$this->setTitle($hash['title']);
}
@@ -410,6 +420,26 @@
}
/**
+ * Retrieve the id of the user who created the event
+ *
+ * @return string The creator id
+ */
+ function getCreatorID()
+ {
+ return $this->creatorID;
+ }
+
+ /**
+ * Set the id of the creator of the event
+ *
+ * @param string $creatorID The user id for who created the event
+ */
+ function setCreatorID($creatorID)
+ {
+ $this->creatorID = $creatorID;
+ }
+
+ /**
* Retrieve the globally unique identifier for this event.
*
* @return integer The globally identifier for this event.
@@ -435,7 +465,7 @@
}
$share = &$GLOBALS['shares']->getShare($this->getCalendar());
- if (!is_a($share, 'PEAR_Error') && $share->hasPermission(Auth::getAuth(), _PERMS_READ)) {
+ if (!is_a($share, 'PEAR_Error') && $share->hasPermission(Auth::getAuth(), _PERMS_READ, $this->getCreatorID())) {
return !empty($this->title) ? $this->title : _("[none]");
} else {
global $prefs;
@@ -649,6 +679,11 @@
{
global $prefs;
+ // see if it's a new event
+ if (is_null($this->getID())) {
+ $this->setCreatorID(Auth::getAuth());
+ }
+
// Basic fields.
$this->setTitle(Horde::getFormData('title', $this->title));
$this->setDescription(Horde::getFormData('description', $this->description));
@@ -1039,7 +1074,7 @@
$share = &$GLOBALS['shares']->getShare($this->getCalendar());
$link = '';
- if (!is_a($share, 'PEAR_Error') && $share->hasPermission(Auth::getAuth(), _PERMS_READ)) {
+ if (!is_a($share, 'PEAR_Error') && $share->hasPermission(Auth::getAuth(), _PERMS_READ, $this->getCreatorID())) {
if (isset($this->remoteCal)) {
$url = Horde::addParameter('viewevent.php', 'eventID=' . $this->eventIndex);
$url = Horde::addParameter($url, 'calendar=**remote');
@@ -1060,7 +1095,7 @@
$link .= @htmlspecialchars($this->getTitle(), ENT_QUOTES, NLS::getCharset());
- if (!is_a($share, 'PEAR_Error') && $share->hasPermission(Auth::getAuth(), _PERMS_READ) &&
+ if (!is_a($share, 'PEAR_Error') && $share->hasPermission(Auth::getAuth(), _PERMS_READ, $this->getCreatorID()) &&
(isset($this->eventID) || isset($this->taskID) || isset($this->remoteCal))) {
$link .= '</a>';
}
@@ -1070,7 +1105,7 @@
$link .= Horde::img('alarm_small.gif', sprintf(_("%s Minutes before"), $this->alarm));
}
if (!$print_view) {
- if (!is_a($share, 'PEAR_Error') && $share->hasPermission(Auth::getAuth(), _PERMS_DELETE)) {
+ if (!is_a($share, 'PEAR_Error') && $share->hasPermission(Auth::getAuth(), _PERMS_DELETE, $this->getCreatorID())) {
if (isset($this->eventID)) {
$url = Horde::addParameter('delevent.php', 'eventID=' . $this->eventID);
$url = Horde::addParameter($url, 'calendar=' . $this->getCalendar());
Index: kronolith/lib/Kronolith.php
===================================================================
RCS file: /repository/kronolith/lib/Kronolith.php,v
retrieving revision 1.136
diff -u -r1.136 Kronolith.php
--- kronolith/lib/Kronolith.php 20 Apr 2003 16:19:21 -0000 1.136
+++ kronolith/lib/Kronolith.php 8 May 2003 17:58:58 -0000
@@ -1099,7 +1099,7 @@
$share = &$shares->getShare($cal);
if (is_a($share, 'PEAR_Error')) {
return $share;
- } elseif (!$share->hasPermission(Auth::getAuth(), _PERMS_SHOW)) {
+ } elseif (!$share->hasPermission(Auth::getAuth(), _PERMS_SHOW, $cal->getCreatorID())) {
return PEAR::raiseError('Permission denied to calendar "' . $cal . '" in Kronolith::generateFreeBusy()');
}
Index: kronolith/lib/Driver/mcal.php
===================================================================
RCS file: /repository/kronolith/lib/Driver/mcal.php,v
retrieving revision 1.42
diff -u -r1.42 mcal.php
--- kronolith/lib/Driver/mcal.php 27 Feb 2003 17:45:37 -0000 1.42
+++ kronolith/lib/Driver/mcal.php 8 May 2003 17:58:58 -0000
@@ -140,6 +140,7 @@
mcal_event_set_title($driver->_stream, $this->getTitle());
mcal_event_set_description($driver->_stream, $this->getDescription());
mcal_event_set_category($driver->_stream, $this->getCategory());
+ mcal_event_add_attribute($driver->_stream, 'creator_id', $this->getCreatorID());
mcal_event_add_attribute($driver->_stream, 'location', $this->getLocation());
mcal_event_add_attribute($driver->_stream, 'keywords', implode(',', $this->getKeywords()));
mcal_event_add_attribute($driver->_stream, 'exceptions', implode(',', $this->getExceptions()));
@@ -220,6 +221,9 @@
}
if (isset($mcalEvent->description)) {
$this->description = $mcalEvent->description;
+ }
+ if (isset($mcalEvent->attrlist['creator_id'])) {
+ $this->creatorID = $mcalEvent->attrlist['creator_id'];
}
if (isset($mcalEvent->attrlist['location'])) {
$this->location = $mcalEvent->attrlist['location'];
Index: kronolith/lib/Driver/sql.php
===================================================================
RCS file: /repository/kronolith/lib/Driver/sql.php,v
retrieving revision 1.82
diff -u -r1.82 sql.php
--- kronolith/lib/Driver/sql.php 24 Mar 2003 22:30:36 -0000 1.82
+++ kronolith/lib/Driver/sql.php 8 May 2003 17:58:58 -0000
@@ -131,7 +131,7 @@
' event_keywords, event_title, event_category,' .
' event_recurtype, event_recurenddate, event_recurinterval,' .
' event_recurdays, event_start, event_end, event_alarm,' .
- ' event_modified, event_exceptions' .
+ ' event_modified, event_exceptions, event_creator_id' .
' FROM ' . $this->_params['table'] .
' WHERE event_id = ' . (int)$eventID .
' AND calendar_id = ' . $this->_db->quote($this->_calendar),
@@ -483,6 +483,7 @@
$this->title = String::convertCharset($SQLEvent['event_title'], $driver->_params['charset']);
$this->eventID = $SQLEvent['event_id'];
+ $this->creatorID = $SQLEvent['event_creator_id'];
$this->recurType = (int)$SQLEvent['event_recurtype'];
$this->recurInterval = (int)$SQLEvent['event_recurinterval'];
@@ -516,6 +517,7 @@
$driver = &$this->getDriver();
// Basic fields.
+ $this->_properties['event_creator_id'] = String::convertCharset($this->getCreatorID(), NLS::getCharset(), $driver->_params['charset']);
$this->_properties['event_title'] = String::convertCharset($this->getTitle(), NLS::getCharset(), $driver->_params['charset']);
$this->_properties['event_description'] = String::convertCharset($this->getDescription(), NLS::getCharset(), $driver->_params['charset']);
$this->_properties['event_category'] = $this->getCategory();
Index: kronolith/scripts/drivers/kronolith.sql
===================================================================
RCS file: /repository/kronolith/scripts/drivers/kronolith.sql,v
retrieving revision 1.10
diff -u -r1.10 kronolith.sql
--- kronolith/scripts/drivers/kronolith.sql 27 Feb 2003 17:34:23 -0000 1.10
+++ kronolith/scripts/drivers/kronolith.sql 8 May 2003 17:58:58 -0000
@@ -3,6 +3,7 @@
CREATE TABLE kronolith_events (
event_id BIGINT DEFAULT 0 NOT NULL,
calendar_id VARCHAR(255) NOT NULL,
+ event_creator_id VARCHAR(255) NOT NULL,
event_description TEXT,
event_location TEXT,
event_keywords TEXT,
Index: kronolith/scripts/drivers/kronolith.oracle.sql
===================================================================
RCS file: /repository/kronolith/scripts/drivers/kronolith.oracle.sql,v
retrieving revision 1.2
diff -u -r1.2 kronolith.oracle.sql
--- kronolith/scripts/drivers/kronolith.oracle.sql 31 Aug 2002 22:14:42 -0000 1.2
+++ kronolith/scripts/drivers/kronolith.oracle.sql 8 May 2003 17:58:58 -0000
@@ -3,6 +3,7 @@
CREATE TABLE kronolith_events (
event_id INT DEFAULT 0 NOT NULL,
calendar_id VARCHAR2(255) NOT NULL,
+ event_creator_id VARCHAR2(255) NOT NULL,
event_description VARCHAR2(4000),
event_location VARCHAR2(4000),
event_keywords VARCHAR2(4000),
Index: kronolith/scripts/drivers/kronolith.postgres.sql
===================================================================
RCS file: /repository/kronolith/scripts/drivers/kronolith.postgres.sql,v
retrieving revision 1.1
diff -u -r1.1 kronolith.postgres.sql
--- kronolith/scripts/drivers/kronolith.postgres.sql 21 Mar 2003 03:15:46 -0000 1.1
+++ kronolith/scripts/drivers/kronolith.postgres.sql 8 May 2003 17:58:58 -0000
@@ -3,6 +3,7 @@
CREATE TABLE kronolith_events (
event_id BIGINT DEFAULT 0 NOT NULL,
calendar_id VARCHAR(255) NOT NULL,
+ event_creator_id VARCHAR(255) NOT NULL,
event_description TEXT,
event_location TEXT,
event_keywords TEXT,
Index: kronolith/templates/edit/edit.inc
===================================================================
RCS file: /repository/kronolith/templates/edit/edit.inc,v
retrieving revision 1.83
diff -u -r1.83 edit.inc
--- kronolith/templates/edit/edit.inc 8 May 2003 13:31:22 -0000 1.83
+++ kronolith/templates/edit/edit.inc 8 May 2003 17:58:58 -0000
@@ -52,7 +52,7 @@
<select id="targetcalendar" name="targetcalendar">
<?php
foreach ($calendars as $id => $cal) {
- if ($cal->hasPermission(Auth::getAuth(), _PERMS_EDIT)) {
+ if ($cal->hasPermission(Auth::getAuth(), _PERMS_EDIT, $cal->getCreatorID())) {
$sel = ($id == $calendar_id) ? ' selected="selected"' : '';
echo sprintf('<option value="%s"%s>%s</option>',
$id, $sel, $cal->getShareName()) . "\n";
Index: lib/Perms.php
===================================================================
RCS file: /repository/horde/lib/Perms.php,v
retrieving revision 1.36
diff -u -r1.36 Perms.php
--- lib/Perms.php 19 Apr 2003 22:59:27 -0000 1.36
+++ lib/Perms.php 8 May 2003 17:58:58 -0000
@@ -194,11 +194,12 @@
* CategoryObject_Permission object.
* @param string $user (optional) The user to check for.
* Defaults to Auth::getAuth().
+ * @param string $creator (optional) The user who created the event.
*
* @return integer Any permissions the user has, _PERMS_NONE if there
* are none.
*/
- function getPermissions($permission, $user = null)
+ function getPermissions($permission, $user = null, $creator = null)
{
if (!is_a($permission, 'CategoryObject_Permission')) {
$permission = &$this->getPermission($permission);
@@ -240,6 +241,12 @@
}
}
+ // if the user is the creator of the event see if there are creator permissions
+ if (!empty($creator) && $user == $creator &&
+ ($perms = $permission->getCreatorPermissions()) !== null) {
+ return $perms;
+ }
+
// If this is a guest user, try guest permissions.
if (empty($user) && (($perms = $permission->getGuestPermissions()) !== null)) {
return $perms;
@@ -272,13 +279,14 @@
* @param string $permission The permission to check.
* @param string $user The user to check for.
* @param int $perm The permission level that needs to be checked for.
+ * @param string $creator (optional) The creator of the event
*
* @return boolean True if the user has the specified permissions, and
* false otherwise.
*/
- function hasPermission($permission, $user, $perm)
+ function hasPermission($permission, $user, $perm, $creator = null)
{
- return ($this->getPermissions($permission, $user) & $perm);
+ return ($this->getPermissions($permission, $user, $creator) & $perm);
}
/**
@@ -403,6 +411,25 @@
}
/**
+ * Grant creators additional permissions to this object.
+ *
+ * @param constant $permisson The permission (_PERMS_DELE, etc.) to add.
+ * @param boolean $update (optional) Whether to automatically update the
+ * backend. Defaults to true.
+ */
+ function addCreatorPermission($permission, $update = true)
+ {
+ if (isset($this->data['creator'])) {
+ $this->data['creator'] |= $permission;
+ } else {
+ $this->data['creator'] = $permission;
+ }
+ if ($update) {
+ $this->_permsOb->updatePermission($this);
+ }
+ }
+
+ /**
* Grant additional default permissions to this object.
*
* @param constant $permisson The permission (_PERMS_DELE, etc.) to add.
@@ -486,6 +513,23 @@
}
/**
+ * Remove a permission that creators currently have on this object.
+ *
+ * @param constant $permisson The permission (_PERMS_DELE, etc.) to remove.
+ * @param boolean $update (optional) Whether to automatically update the
+ * backend. Defaults to true.
+ */
+ function removeCreatorPermission($permission, $update = true)
+ {
+ if (isset($this->data['creator'])) {
+ $this->data['creator'] &= ~$permission;
+ if ($update) {
+ $this->_permsOb->updatePermission($this);
+ }
+ }
+ }
+
+ /**
* Remove a default permission on this object.
*
* @param constant $permisson The permission (_PERMS_DELE, etc.) to remove.
@@ -555,6 +599,18 @@
{
return !empty($this->data['guest']) ?
$this->data['guest'] :
+ null;
+ }
+
+ /**
+ * Get the creator permissions on this object.
+ *
+ * @return integer The creator permissions on this object.
+ */
+ function getCreatorPermissions()
+ {
+ return !empty($this->data['creator']) ?
+ $this->data['creator'] :
null;
}
Index: lib/Share.php
===================================================================
RCS file: /repository/horde/lib/Share.php,v
retrieving revision 1.35
diff -u -r1.35 Share.php
--- lib/Share.php 26 Apr 2003 17:32:13 -0000 1.35
+++ lib/Share.php 8 May 2003 17:58:59 -0000
@@ -487,10 +487,11 @@
*
* @param string $userid The userid of the user
* @param constant $priv A _PERMS_* constant to test for
+ * @param string $creator (optional) The creator of the event
*
* @return boolean Whether or not $userid has $permission.
*/
- function hasPermission($userid, $permission)
+ function hasPermission($userid, $permission, $creator)
{
if ($userid == $this->getOwner()) {
return true;
@@ -500,7 +501,7 @@
return false;
}
- return $this->_perms->hasPermission($this->getPermission(), $userid, $permission);
+ return $this->_perms->hasPermission($this->getPermission(), $userid, $permission, $creator);
}
/**
Index: shares/edit.php
===================================================================
RCS file: /repository/horde/shares/edit.php,v
retrieving revision 1.7
diff -u -r1.7 edit.php
--- shares/edit.php 7 May 2003 17:45:33 -0000 1.7
+++ shares/edit.php 8 May 2003 17:58:59 -0000
@@ -148,6 +148,34 @@
}
}
+ // Process creator permissions.
+ if (Horde::getFormData('creator_deny')) {
+ $perm->removeCreatorPermission(_PERMS_SHOW | _PERMS_READ | _PERMS_EDIT | _PERMS_DELETE, false);
+ $perm->addCreatorPermission(_PERMS_NONE, false);
+ } else {
+ $perm->removeCreatorPermission(_PERMS_NONE, false);
+ if (Horde::getFormData('creator_show')) {
+ $perm->addCreatorPermission(_PERMS_SHOW, false);
+ } else {
+ $perm->removeCreatorPermission(_PERMS_SHOW, false);
+ }
+ if (Horde::getFormData('creator_read')) {
+ $perm->addCreatorPermission(_PERMS_READ, false);
+ } else {
+ $perm->removeCreatorPermission(_PERMS_READ, false);
+ }
+ if (Horde::getFormData('creator_edit')) {
+ $perm->addCreatorPermission(_PERMS_EDIT, false);
+ } else {
+ $perm->removeCreatorPermission(_PERMS_EDIT, false);
+ }
+ if (Horde::getFormData('creator_delete')) {
+ $perm->addCreatorPermission(_PERMS_DELETE, false);
+ } else {
+ $perm->removeCreatorPermission(_PERMS_DELETE, false);
+ }
+ }
+
// Process user permissions.
$u_names = Horde::getFormData('u_names');
$u_deny = Horde::getFormData('u_deny');
Index: templates/shares/edit.inc
===================================================================
RCS file: /repository/horde/templates/shares/edit.inc,v
retrieving revision 1.5
diff -u -r1.5 edit.inc
--- templates/shares/edit.inc 22 Apr 2003 15:57:51 -0000 1.5
+++ templates/shares/edit.inc 8 May 2003 17:58:59 -0000
@@ -106,6 +106,31 @@
<!-- Spacer -->
<tr><td> </td></tr>
+<!-- Event Creator Permissions -->
+<tr valign="middle">
+ <td class="header" align="left" width="25%">
+ <?php echo Horde::img('user.gif') . ' ' . _("Event Creator") ?>
+ </td>
+ <td class="header" align="center" width="1%"><?php echo _("Deny") ?></td>
+ <td class="header" align="center" width="1%"><?php echo _("Show") ?></td>
+ <td class="header" align="center" width="1%"><?php echo _("Read") ?></td>
+ <td class="header" align="center" width="1%"><?php echo _("Edit") ?></td>
+ <td class="header" align="center" width="1%"><?php echo _("Delete") ?></td>
+ <td class="header" align="right" width="70%"></td>
+</tr>
+<?php $cperm = $perm->getCreatorPermissions(); ?>
+<tr>
+ <td class="light"> </td>
+ <td align="center"><input type="checkbox" name="creator_deny"<?php echo ($cperm & _PERMS_NONE) ? ' checked="checked"' : '' ?> /></td>
+ <td align="center"><input type="checkbox" name="creator_show"<?php echo ($cperm & _PERMS_SHOW) ? ' checked="checked"' : '' ?> /></td>
+ <td align="center"><input type="checkbox" name="creator_read"<?php echo ($cperm & _PERMS_READ) ? ' checked="checked"' : '' ?> /></td>
+ <td align="center"><input type="checkbox" name="creator_edit"<?php echo ($cperm & _PERMS_EDIT) ? ' checked="checked"' : '' ?> /></td>
+ <td align="center"><input type="checkbox" name="creator_delete"<?php echo ($cperm & _PERMS_DELETE) ? ' checked="checked"' : '' ?> /></td>
+</tr>
+
+<!-- Spacer -->
+<tr><td> </td></tr>
+
<!-- User Permissions -->
<tr valign="middle">
<td class="header" align="left" width="25%">
Index: templates/admin/perms/edit.inc
===================================================================
RCS file: /repository/horde/templates/admin/perms/edit.inc,v
retrieving revision 1.10
diff -u -r1.10 edit.inc
--- templates/admin/perms/edit.inc 10 Feb 2003 16:00:51 -0000 1.10
+++ templates/admin/perms/edit.inc 8 May 2003 17:58:59 -0000
@@ -60,6 +60,31 @@
<!-- Spacer -->
<tr><td> </td></tr>
+<!-- Event Creator Permissions -->
+<tr valign="middle">
+ <td class="header" align="left" width="25%">
+ <?php echo Horde::img('user.gif') . ' ' . _("Event Creator") ?>
+ </td>
+ <td class="header" align="center" width="1%"><?php echo _("Deny") ?></td>
+ <td class="header" align="center" width="1%"><?php echo _("Show") ?></td>
+ <td class="header" align="center" width="1%"><?php echo _("Read") ?></td>
+ <td class="header" align="center" width="1%"><?php echo _("Edit") ?></td>
+ <td class="header" align="center" width="1%"><?php echo _("Delete") ?></td>
+ <td class="header" align="right" width="70%"></td>
+</tr>
+<?php $perm = $permission->getCreatorPermissions(); ?>
+<tr>
+ <td class="light"> </td>
+ <td align="center"><input type="checkbox" name="creator_deny"<?php echo ($perm & _PERMS_NONE) ? ' checked="checked"' : '' ?> /></td>
+ <td align="center"><input type="checkbox" name="creator_show"<?php echo ($perm & _PERMS_SHOW) ? ' checked="checked"' : '' ?> /></td>
+ <td align="center"><input type="checkbox" name="creator_read"<?php echo ($perm & _PERMS_READ) ? ' checked="checked"' : '' ?> /></td>
+ <td align="center"><input type="checkbox" name="creator_edit"<?php echo ($perm & _PERMS_EDIT) ? ' checked="checked"' : '' ?> /></td>
+ <td align="center"><input type="checkbox" name="creator_delete"<?php echo ($perm & _PERMS_DELETE) ? ' checked="checked"' : '' ?> /></td>
+</tr>
+
+<!-- Spacer -->
+<tr><td> </td></tr>
+
<!-- User Permissions -->
<tr valign="middle">
<td class="header" align="left" width="25%">
More information about the dev
mailing list