[turba] Access rights for addressbook
Stefan Lemsitzer
stefan_l at sbox.tugraz.at
Wed Aug 6 23:22:00 PDT 2003
Hi!
As I described my problem yesterday, I started hacking the Source code, and did
the following:
/templates/add/add.inc
<?php
//HERE STARTS THE HACK FIXXXXME
$owner_hacked = Auth::getAuth();
$first_part = explode ("@", $owner_hacked);
if ($first_part[1])
$owner_hacked = $first_part[1];
echo $owner_hacked;
print <<< HERE
<input type="hidden" name="source" value="{$this->object->source->name}" />
<input type="hidden" name="object[__owner]" value="$owner_hacked" />
HERE;
?>
This script just seperates the getAuth() string by "@" and takes the second
part, so the owner id is automatically the domain. owner_id in mysql table is
now "mydomain.com".
I just have to hack the part of the program, where the sql-query for listing is
made, because anywhere in this program there has to be a Query like the
following:
SELECT * FROM turba_objects where owner_id = 'myownerid';
do you know, where that happens?? I can't find it.
If I've found this, I just have to set public => false and readonly => true,
and
everybody of my group will be the same owner, and nobody will be able to modify
it.
So please just help me with finding the file of the sql query
Regards STefan
--
Stefan Lemsitzer
Student of Telematik -- Graz University of Technology
e-mail: stefan_l at sbox.tugraz.at
More information about the turba
mailing list