[3733] | 1 | <?php |
---|
| 2 | |
---|
| 3 | // Editor component for company records |
---|
| 4 | $editor = new Editor(translate('Collection'), 'collection'); |
---|
| 5 | param_to_global('id', 'int', 'old_id', 'collection_id' ); |
---|
| 6 | param_to_global('user_no', 'int' ); |
---|
| 7 | param_to_global('principal_id', 'int' ); |
---|
| 8 | param_to_global('collection_name', '{^.+$}' ); |
---|
| 9 | if ( isset($user_no) ) $usr = getUserByID($user_no); |
---|
| 10 | if ( isset($principal_id) ) $usr = getPrincipalByID($principal_id); |
---|
| 11 | $editor->SetLookup( 'timezone', 'SELECT \'\', \'*** Unknown ***\' UNION SELECT tz_id, tz_locn FROM time_zone WHERE tz_id = tz_locn AND length(tz_spec) > 100 ORDER BY 1' ); |
---|
| 12 | $editor->SetLookup( 'schedule_transp', 'SELECT \'opaque\', \'Opaque\' UNION SELECT \'transp\', \'Transparent\'' ); |
---|
| 13 | |
---|
| 14 | |
---|
| 15 | $editor->AddAttribute('timezone', 'id', 'fld_timezone' ); |
---|
| 16 | $editor->AddAttribute('schedule_transp', 'id', 'fld_schedule_transp' ); |
---|
| 17 | $editor->AddAttribute('is_calendar', 'id', 'fld_is_calendar'); |
---|
| 18 | $editor->AddAttribute('is_addressbook', 'id', 'fld_is_addressbook'); |
---|
| 19 | $editor->AddAttribute('is_calendar', 'onclick', 'toggle_enabled(\'fld_is_calendar\',\'=fld_timezone\',\'=fld_schedule_transp\',\'!fld_is_addressbook\',\'=fld_ics_file\');'); |
---|
| 20 | $editor->AddAttribute('is_addressbook', 'onclick', 'toggle_enabled(\'fld_is_addressbook\',\'!fld_is_calendar\');'); |
---|
| 21 | |
---|
| 22 | $editor->AddField('use_default_privs','default_privileges IS NULL'); |
---|
| 23 | $editor->AddAttribute('use_default_privs', 'id', 'fld_use_default_privs'); |
---|
| 24 | $editor->AddAttribute('use_default_privs', 'onclick', 'toggle_visible(\'fld_use_default_privs\',\'!privileges_settings\');'); |
---|
| 25 | |
---|
| 26 | $editor->AddField('ics_file', "''"); |
---|
| 27 | $editor->AddAttribute('ics_file', 'title', translate('Upload a .ics calendar in iCalendar format to initialise or replace this calendar.')); |
---|
| 28 | $editor->AddAttribute('ics_file', 'id', 'fld_ics_file'); |
---|
| 29 | |
---|
| 30 | $editor->SetWhere( 'collection_id='.$id ); |
---|
| 31 | |
---|
| 32 | $privilege_names = array( 'read', 'write-properties', 'write-content', 'unlock', 'read-acl', 'read-current-user-privilege-set', |
---|
| 33 | 'bind', 'unbind', 'write-acl', 'read-free-busy', 'schedule-deliver-invite', 'schedule-deliver-reply', |
---|
| 34 | 'schedule-query-freebusy', 'schedule-send-invite', 'schedule-send-reply', 'schedule-send-freebusy' ); |
---|
| 35 | |
---|
| 36 | $params = array( |
---|
| 37 | ':session_principal' => $session->principal_id, |
---|
| 38 | ':scan_depth' => $c->permission_scan_depth |
---|
| 39 | ); |
---|
| 40 | $is_update = ( $_POST['_editor_action'][$editor->Id] == 'update' ); |
---|
| 41 | if ( isset($collection_name) ) $collection_name = trim(str_replace( '/', '', $collection_name)); |
---|
| 42 | if ( !$is_update && isset($collection_name) && $collection_name != '' && is_object($usr) ) { |
---|
| 43 | $_POST['dav_name'] = sprintf('/%s/%s/', $usr->username, $collection_name ); |
---|
| 44 | $_POST['parent_container'] = sprintf('/%s/', $usr->username ); |
---|
| 45 | $params[':collection_path'] = $_POST['dav_name']; |
---|
| 46 | $privsql = 'SELECT path_privs( :session_principal, :collection_path, :scan_depth) AS priv'; |
---|
| 47 | } |
---|
| 48 | else if ( $id > 0 ) { |
---|
| 49 | $params[':collection_id'] = $id; |
---|
| 50 | $privsql = 'SELECT path_privs( :session_principal, dav_name, :scan_depth) AS priv FROM collection WHERE collection_id = :collection_id'; |
---|
| 51 | } |
---|
| 52 | else { |
---|
| 53 | if ( $editor->IsSubmit() && !$is_update && isset($collection_name) && $collection_name == '' ) { |
---|
| 54 | $c->messages[] = i18n('The collection name may not be blank.'); |
---|
| 55 | } |
---|
| 56 | } |
---|
| 57 | |
---|
| 58 | if ( isset($privsql) ) { |
---|
| 59 | $privqry = new AwlQuery( $privsql, $params ); |
---|
| 60 | $privqry->Exec('admin-collection-edit',__LINE__,__FILE__); |
---|
| 61 | $permissions = $privqry->Fetch(); |
---|
| 62 | $can_write_collection = ($session->AllowedTo('Admin') || (bindec($permissions->priv) & privilege_to_bits('DAV::bind')) ); |
---|
| 63 | } |
---|
| 64 | |
---|
| 65 | dbg_error_log('collection-edit', "Can write collection: %s", ($can_write_collection? 'yes' : 'no') ); |
---|
| 66 | |
---|
| 67 | $pwstars = '@@@@@@@@@@'; |
---|
| 68 | if ( $can_write_collection && $editor->IsSubmit() ) { |
---|
| 69 | $editor->WhereNewRecord( "collection_id=(SELECT CURRVAL('dav_id_seq'))" ); |
---|
| 70 | if ( $_POST['use_default_privs'] == 'on' ) { |
---|
| 71 | $_POST['default_privileges'] = ''; |
---|
| 72 | } |
---|
| 73 | else if ( isset($_POST['default_privileges']) ) { |
---|
| 74 | $privilege_bitpos = array_flip($privilege_names); |
---|
| 75 | $priv_names = array_keys($_POST['default_privileges']); |
---|
| 76 | $privs = privilege_to_bits($priv_names); |
---|
| 77 | $_POST['default_privileges'] = sprintf('%024s',decbin($privs)); |
---|
| 78 | $editor->Assign('default_privileges', $privs_dec); |
---|
| 79 | } |
---|
| 80 | $is_update = ( $_POST['_editor_action'][$editor->Id] == 'update' ); |
---|
| 81 | if ( $_POST['timezone'] == '' ) unset($_POST['timezone']); |
---|
| 82 | $resourcetypes = '<DAV::collection/>'; |
---|
| 83 | if ( isset($_POST['is_calendar']) && $_POST['is_calendar'] == 'on' ) $resourcetypes .= '<urn:ietf:params:xml:ns:caldav:calendar/>'; |
---|
| 84 | if ( isset($_POST['is_addressbook']) && $_POST['is_addressbook'] == 'on' ) $resourcetypes .= '<urn:ietf:params:xml:ns:carddav:addressbook/>'; |
---|
| 85 | $_POST['resourcetypes'] = $resourcetypes; |
---|
| 86 | if ( $editor->IsCreate() ) { |
---|
| 87 | $c->messages[] = i18n("Creating new Collection."); |
---|
| 88 | } |
---|
| 89 | else { |
---|
| 90 | $c->messages[] = i18n("Updating Collection record."); |
---|
| 91 | } |
---|
| 92 | if ( !$editor->Write() ) { |
---|
| 93 | $c->messages[] = i18n("Failed to write collection."); |
---|
| 94 | if ( $id > 0 ) $editor->GetRecord(); |
---|
| 95 | } |
---|
| 96 | else if ( isset($_FILES['ics_file']['tmp_name']) && $_FILES['ics_file']['tmp_name'] != '' ) { |
---|
| 97 | /** |
---|
| 98 | * If the user has uploaded a .ics file as a calendar, we fake this out |
---|
| 99 | * as if it were a "PUT" request against a collection. This is something |
---|
| 100 | * of a hack. It works though :-) |
---|
| 101 | */ |
---|
| 102 | $ics = trim(file_get_contents($_FILES['ics_file']['tmp_name'])); |
---|
| 103 | dbg_error_log('collection-edit',':Write: Loaded %d bytes from %s', strlen($ics), $_FILES['ics_file']['tmp_name'] ); |
---|
| 104 | include_once('check_UTF8.php'); |
---|
| 105 | if ( !check_string($ics) ) $ics = force_utf8($ics); |
---|
| 106 | |
---|
| 107 | if ( check_string($ics) ) { |
---|
| 108 | $path = $editor->Value('dav_name'); |
---|
| 109 | $user_no = $editor->Value('user_no'); |
---|
| 110 | $username = $editor->Value('username'); |
---|
| 111 | include_once('caldav-PUT-functions.php'); |
---|
| 112 | controlRequestContainer( $username, $user_no, $path, false, ($publicly_readable == 'on' ? true : false)); |
---|
| 113 | import_collection( $ics, $user_no, $path, $session->user_no ); |
---|
| 114 | $c->messages[] = sprintf(translate('Calendar "%s" was loaded from file.'), $path); |
---|
| 115 | } |
---|
| 116 | else { |
---|
| 117 | $c->messages[] = i18n('The file is not UTF-8 encoded, please check the error for more details.'); |
---|
| 118 | } |
---|
| 119 | } |
---|
| 120 | } |
---|
| 121 | else { |
---|
| 122 | if ( $id > 0 ) $editor->GetRecord(); |
---|
| 123 | if ( $editor->IsSubmit() ) { |
---|
| 124 | $c->messages[] = i18n('You do not have permission to modify this record.'); |
---|
| 125 | } |
---|
| 126 | } |
---|
| 127 | if ( $editor->Available() ) { |
---|
| 128 | $c->page_title = $editor->Title(translate('Collection').': '.$editor->Value('dav_displayname')); |
---|
| 129 | $entryqry = new AwlQuery( 'SELECT count(*) as count from caldav_data where collection_id='.$editor->Value('collection_id') ); |
---|
| 130 | $entryqry->Exec('admin-collection-edit'); |
---|
| 131 | $entries = $entryqry->Fetch(); $entries = $entries->count; |
---|
| 132 | } |
---|
| 133 | else { |
---|
| 134 | $c->page_title = $editor->Title(translate('Create New Collection')); |
---|
| 135 | $privs = decbin(privilege_to_bits($c->default_privileges)); |
---|
| 136 | $editor->Assign('default_privileges', $privs); |
---|
| 137 | $editor->Assign('username', $usr->username); |
---|
| 138 | $editor->Assign('user_no', $usr->user_no); |
---|
| 139 | $editor->Assign('is_calendar', 't' ); |
---|
| 140 | $editor->Assign('use_default_privs', 't'); |
---|
| 141 | $entries = 0; |
---|
| 142 | } |
---|
| 143 | |
---|
| 144 | |
---|
| 145 | $privilege_xlate = array( |
---|
| 146 | 'read' => translate('Read'), |
---|
| 147 | 'write-properties' => translate('Write Metadata'), |
---|
| 148 | 'write-content' => translate('Write Data'), |
---|
| 149 | 'unlock' => translate('Override a Lock'), |
---|
| 150 | 'read-acl' => translate('Read Access Controls'), |
---|
| 151 | 'read-current-user-privilege-set' => translate('Read Current User\'s Access'), |
---|
| 152 | 'bind' => translate('Create Events/Collections'), |
---|
| 153 | 'unbind' => translate('Delete Events/Collections'), |
---|
| 154 | 'write-acl' => translate('Write Access Controls'), |
---|
| 155 | 'read-free-busy' => translate('Read Free/Busy Information'), |
---|
| 156 | 'schedule-deliver-invite' => translate('Scheduling: Deliver an Invitation'), |
---|
| 157 | 'schedule-deliver-reply' => translate('Scheduling: Deliver a Reply'), |
---|
| 158 | 'schedule-query-freebusy' => translate('Scheduling: Query free/busy'), |
---|
| 159 | 'schedule-send-invite' => translate('Scheduling: Send an Invitation'), |
---|
| 160 | 'schedule-send-reply' => translate('Scheduling: Send a Reply'), |
---|
| 161 | 'schedule-send-freebusy' => translate('Scheduling: Send free/busy'), |
---|
| 162 | 'write' => translate('Write'), |
---|
| 163 | 'schedule-deliver' => translate('Scheduling: Delivery'), |
---|
| 164 | 'schedule-send' => translate('Scheduling: Sending') |
---|
| 165 | ); |
---|
| 166 | |
---|
| 167 | /** |
---|
| 168 | * privilege_format_function is for formatting the binary privileges from the |
---|
| 169 | * database, including localising them. This is a hook function for a browser |
---|
| 170 | * column object, so it takes three parameters: |
---|
| 171 | * @param mixed $value The value of the column. |
---|
| 172 | * @param BrowserColumn $column The BrowserColumn object we are hooked into. |
---|
| 173 | * @param dbrow $row The row object we read from the database. |
---|
| 174 | * @return string The formatted privileges. |
---|
| 175 | */ |
---|
| 176 | function privilege_format_function( $value, $column, $row ) { |
---|
| 177 | global $privilege_xlate; |
---|
| 178 | |
---|
| 179 | $privs = bits_to_privilege($value); |
---|
| 180 | $formatted = ''; |
---|
| 181 | foreach( $privs AS $k => $v ) { |
---|
| 182 | $formatted .= ($formatted == '' ? '' : ' , '); |
---|
| 183 | $v = preg_replace( '{^.*:}', '', $v ); |
---|
| 184 | $formatted .= (isset($privilege_xlate[$v]) ? $privilege_xlate[$v] : $v ); |
---|
| 185 | } |
---|
| 186 | return $formatted; |
---|
| 187 | } |
---|
| 188 | |
---|
| 189 | $default_privileges = bindec($editor->Value('default_privileges')); |
---|
| 190 | $privileges_set = '<div id="privileges">'; |
---|
| 191 | for( $i=0; $i<count($privilege_names); $i++ ) { |
---|
| 192 | $privilege_set = ( (1 << $i) & $default_privileges ? ' CHECKED' : ''); |
---|
| 193 | $privileges_set .= '<label class="privilege"><input name="default_privileges['.$privilege_names[$i].']" id="default_privileges_'.$privilege_names[$i].'" type="checkbox"'.$privilege_set.'>'.$privilege_xlate[$privilege_names[$i]].'</label>'."\n"; |
---|
| 194 | } |
---|
| 195 | $privileges_set .= '</div>'; |
---|
| 196 | |
---|
| 197 | $prompt_collection_id = translate('Collection ID'); |
---|
| 198 | $value_id = ( $editor->Available() ? '##collection_id.hidden####collection_id.value##' : translate('New Collection')); |
---|
| 199 | $prompt_dav_name = translate('DAV Path'); |
---|
| 200 | $value_dav_name = $c->base_url.'/caldav.php'. ( $editor->Available() ? '##dav_name.value##' : '/##user_no.hidden####username.value##/ ##collection_name.input.30##' ); |
---|
| 201 | $prompt_load_file = translate('Load From File'); |
---|
| 202 | $prompt_displayname = translate('Displayname'); |
---|
| 203 | $prompt_entries = translate('Items in Collection'); |
---|
| 204 | $prompt_public = translate('Publicly Readable'); |
---|
| 205 | $prompt_calendar = translate('Is a Calendar'); |
---|
| 206 | $prompt_addressbook = translate('Is an Addressbook'); |
---|
| 207 | $prompt_use_default_privs = translate('Specific Privileges'); |
---|
| 208 | $prompt_privileges = translate('Default Privileges'); |
---|
| 209 | $prompt_description = translate('Description'); |
---|
| 210 | $prompt_schedule_transp = translate('Schedule Transparency'); |
---|
| 211 | $prompt_timezone = translate('Calendar Timezone'); |
---|
| 212 | |
---|
| 213 | $btn_all = htmlspecialchars(translate('All')); $btn_all_title = htmlspecialchars(translate('Toggle all privileges')); |
---|
| 214 | $btn_rw = htmlspecialchars(translate('Read/Write')); $btn_rw_title = htmlspecialchars(translate('Set read+write privileges')); |
---|
| 215 | $btn_read = htmlspecialchars(translate('Read')); $btn_read_title = htmlspecialchars(translate('Set read privileges')); |
---|
| 216 | $btn_fb = htmlspecialchars(translate('Free/Busy')); $btn_fb_title = htmlspecialchars(translate('Set free/busy privileges')); |
---|
| 217 | $btn_sd = htmlspecialchars(translate('Schedule Deliver')); $btn_sd_title = htmlspecialchars(translate('Set schedule-deliver privileges')); |
---|
| 218 | $btn_ss = htmlspecialchars(translate('Schedule Send')); $btn_ss_title = htmlspecialchars(translate('Set schedule-deliver privileges')); |
---|
| 219 | |
---|
| 220 | |
---|
| 221 | $id = $editor->Value('collection_id'); |
---|
| 222 | $template = <<<EOTEMPLATE |
---|
| 223 | ##form## |
---|
| 224 | <script language="javascript"> |
---|
| 225 | function toggle_privileges() { |
---|
| 226 | var argv = toggle_privileges.arguments; |
---|
| 227 | var argc = argv.length; |
---|
| 228 | |
---|
| 229 | if ( argc < 2 ) { |
---|
| 230 | return; |
---|
| 231 | } |
---|
| 232 | var match_me = argv[0]; |
---|
| 233 | |
---|
| 234 | var set_to = -1; |
---|
| 235 | if ( argv[1] == 'all' ) { |
---|
| 236 | var form = document.getElementById(argv[2]); |
---|
| 237 | var fieldcount = form.elements.length; |
---|
| 238 | var matching = '/^' + match_me + '/'; |
---|
| 239 | for (var i = 0; i < fieldcount; i++) { |
---|
| 240 | var fieldname = form.elements[i].name; |
---|
| 241 | if ( fieldname.match( match_me ) ) { |
---|
| 242 | if ( set_to == -1 ) { |
---|
| 243 | set_to = ( form.elements[i].checked ? 0 : 1 ); |
---|
| 244 | } |
---|
| 245 | form.elements[i].checked = set_to; |
---|
| 246 | } |
---|
| 247 | } |
---|
| 248 | } |
---|
| 249 | else { |
---|
| 250 | for (var i = 1; i < argc; i++) { |
---|
| 251 | var f = document.getElementById( match_me + '_' + argv[i]); |
---|
| 252 | if ( set_to == -1 ) { |
---|
| 253 | set_to = ( f.checked ? 0 : 1 ); |
---|
| 254 | } |
---|
| 255 | f.checked = set_to; |
---|
| 256 | } |
---|
| 257 | } |
---|
| 258 | } |
---|
| 259 | |
---|
| 260 | function toggle_enabled() { |
---|
| 261 | var argv = toggle_enabled.arguments; |
---|
| 262 | var argc = argv.length; |
---|
| 263 | |
---|
| 264 | var fld_checkbox = document.getElementById(argv[0]); |
---|
| 265 | |
---|
| 266 | if ( argc < 2 ) { |
---|
| 267 | return; |
---|
| 268 | } |
---|
| 269 | |
---|
| 270 | for (var i = 1; i < argc; i++) { |
---|
| 271 | var fld_id = argv[i].substr(1); |
---|
| 272 | var fld_logical = argv[i].substr(0,1); |
---|
| 273 | var f = document.getElementById(fld_id); |
---|
| 274 | if ( fld_logical == '=' ) |
---|
| 275 | f.disabled = !fld_checkbox.checked; |
---|
| 276 | else |
---|
| 277 | f.disabled = fld_checkbox.checked; |
---|
| 278 | } |
---|
| 279 | } |
---|
| 280 | |
---|
| 281 | function toggle_visible() { |
---|
| 282 | var argv = toggle_visible.arguments; |
---|
| 283 | var argc = argv.length; |
---|
| 284 | |
---|
| 285 | var fld_checkbox = document.getElementById(argv[0]); |
---|
| 286 | |
---|
| 287 | if ( argc < 2 ) { |
---|
| 288 | return; |
---|
| 289 | } |
---|
| 290 | |
---|
| 291 | for (var i = 1; i < argc; i++) { |
---|
| 292 | var block_id = argv[i].substr(1); |
---|
| 293 | var block_logical = argv[i].substr(0,1); |
---|
| 294 | var b = document.getElementById(block_id); |
---|
| 295 | if ( block_logical == '!' ) |
---|
| 296 | b.style.display = (fld_checkbox.checked ? 'none' : ''); |
---|
| 297 | else |
---|
| 298 | b.style.display = (!fld_checkbox.checked ? 'none' : ''); |
---|
| 299 | } |
---|
| 300 | } |
---|
| 301 | </script> |
---|
| 302 | <style> |
---|
| 303 | th.right, label.privilege { |
---|
| 304 | white-space:nowrap; |
---|
| 305 | } |
---|
| 306 | label.privilege { |
---|
| 307 | margin:0.2em 1em 0.2em 0.1em; |
---|
| 308 | padding:0 0.2em; |
---|
| 309 | line-height:1.6em; |
---|
| 310 | font-size: 87%; |
---|
| 311 | } |
---|
| 312 | </style> |
---|
| 313 | <table> |
---|
| 314 | <tr> <th class="right">$prompt_collection_id:</th> <td class="left">$value_id</td> </tr> |
---|
| 315 | <tr> <th class="right">$prompt_dav_name:</th> <td class="left">$value_dav_name</td> </tr> |
---|
| 316 | <tr> <th class="right">$prompt_entries:</th> <td class="left">$entries</td> </tr> |
---|
| 317 | <tr> <th class="right">$prompt_load_file:</th> <td class="left">##ics_file.file.60##</td> </tr> |
---|
| 318 | <tr> <th class="right">$prompt_displayname:</th> <td class="left">##dav_displayname.input.50##</td> </tr> |
---|
| 319 | <tr> <th class="right">$prompt_public:</th> <td class="left">##publicly_readable.checkbox##</td> </tr> |
---|
| 320 | <tr> <th class="right">$prompt_calendar:</th> <td class="left">##is_calendar.checkbox##</td> </tr> |
---|
| 321 | <tr> <th class="right">$prompt_addressbook:</th> <td class="left">##is_addressbook.checkbox##</td> </tr> |
---|
| 322 | <tr> <th class="right">$prompt_privileges:</th><td class="left">##use_default_privs.checkbox## |
---|
| 323 | <div id="privileges_settings"> |
---|
| 324 | <input type="button" value="$btn_all" class="submit" title="$btn_all_title" onclick="toggle_privileges('default_privileges', 'all', 'editor_1');"> |
---|
| 325 | <input type="button" value="$btn_rw" class="submit" title="$btn_rw_title" |
---|
| 326 | onclick="toggle_privileges('default_privileges', 'read', 'write-properties', 'write-content', 'bind', 'unbind', 'read-free-busy', |
---|
| 327 | 'read-current-user-privilege-set', 'schedule-deliver-invite', 'schedule-deliver-reply', 'schedule-query-freebusy', |
---|
| 328 | 'schedule-send-invite', 'schedule-send-reply', 'schedule-send-freebusy' );"> |
---|
| 329 | <input type="button" value="$btn_read" class="submit" title="$btn_read_title" |
---|
| 330 | onclick="toggle_privileges('default_privileges', 'read', 'read-free-busy', 'schedule-query-freebusy', 'read-current-user-privilege-set' );"> |
---|
| 331 | <input type="button" value="$btn_fb" class="submit" title="$btn_fb_title" |
---|
| 332 | onclick="toggle_privileges('default_privileges', 'read-free-busy', 'schedule-query-freebusy' );"> |
---|
| 333 | <input type="button" value="$btn_sd" class="submit" title="$btn_sd_title" |
---|
| 334 | onclick="toggle_privileges('default_privileges', 'schedule-deliver-invite', 'schedule-deliver-reply', 'schedule-query-freebusy' );"> |
---|
| 335 | <input type="button" value="$btn_ss" class="submit" title="$btn_ss_title" |
---|
| 336 | onclick="toggle_privileges('default_privileges', 'schedule-send-invite', 'schedule-send-reply', 'schedule-send-freebusy' );"> |
---|
| 337 | <br>$privileges_set</div></td> </tr> |
---|
| 338 | <tr> <th class="right">$prompt_timezone:</th> <td class="left">##timezone.select##</td> </tr> |
---|
| 339 | <tr> <th class="right">$prompt_schedule_transp:</th> <td class="left">##schedule_transp.select##</td> </tr> |
---|
| 340 | <tr> <th class="right">$prompt_description:</th> <td class="left">##description.textarea.78x6##</td> </tr> |
---|
| 341 | <tr> <th class="right"></th> <td class="left" colspan="2">##submit##</td> </tr> |
---|
| 342 | </table> |
---|
| 343 | </form> |
---|
| 344 | <script language="javascript"> |
---|
| 345 | toggle_enabled('fld_is_calendar','=fld_timezone','=fld_schedule_transp','!fld_is_addressbook','=fld_ics_file'); |
---|
| 346 | toggle_enabled('fld_is_addressbook','!fld_is_calendar'); |
---|
| 347 | toggle_visible('fld_use_default_privs','!privileges_settings'); |
---|
| 348 | </script> |
---|
| 349 | |
---|
| 350 | EOTEMPLATE; |
---|
| 351 | |
---|
| 352 | |
---|
| 353 | $editor->SetTemplate( $template ); |
---|
| 354 | $page_elements[] = $editor; |
---|
| 355 | |
---|
| 356 | |
---|
| 357 | if ( $editor->Available() ) { |
---|
| 358 | |
---|
| 359 | $c->stylesheets[] = 'css/browse.css'; |
---|
| 360 | $c->scripts[] = 'js/browse.js'; |
---|
| 361 | |
---|
| 362 | |
---|
| 363 | $grantrow = new Editor("Grants", "grants"); |
---|
| 364 | $grantrow->SetSubmitName( 'savegrantrow' ); |
---|
| 365 | $grantrow->SetLookup( 'to_principal', 'SELECT principal_id, displayname FROM dav_principal WHERE principal_id NOT IN (SELECT member_id FROM group_member WHERE group_id = '.$id.') ORDER BY displayname' ); |
---|
| 366 | if ( $can_write_collection ) { |
---|
| 367 | if ( $grantrow->IsSubmit() ) { |
---|
| 368 | $_POST['by_collection'] = $id; |
---|
| 369 | $to_principal = intval($_POST['to_principal']); |
---|
| 370 | $orig_to_id = intval($_POST['orig_to_id']); |
---|
| 371 | $grantrow->SetWhere( "by_collection=".qpg($id)." AND to_principal=$orig_to_id"); |
---|
| 372 | if ( isset($_POST['grant_privileges']) ) { |
---|
| 373 | $privilege_bitpos = array_flip($privilege_names); |
---|
| 374 | $priv_names = array_keys($_POST['grant_privileges']); |
---|
| 375 | $privs = privilege_to_bits($priv_names); |
---|
| 376 | $_POST['privileges'] = sprintf('%024s',decbin($privs)); |
---|
| 377 | $grantrow->Assign('privileges', $privs_dec); |
---|
| 378 | } |
---|
| 379 | $grantrow->Write( ); |
---|
| 380 | unset($_GET['to_principal']); |
---|
| 381 | } |
---|
| 382 | elseif ( isset($_GET['delete_grant']) ) { |
---|
| 383 | $qry = new AwlQuery("DELETE FROM grants WHERE by_collection=:grantor_id AND to_principal = :to_principal", |
---|
| 384 | array( ':grantor_id' => $id, ':to_principal' => intval($_GET['delete_grant']) )); |
---|
| 385 | $qry->Exec('collection-edit'); |
---|
| 386 | } |
---|
| 387 | } |
---|
| 388 | |
---|
| 389 | function edit_grant_row( $row_data ) { |
---|
| 390 | global $grantrow, $id, $privilege_xlate, $privilege_names; |
---|
| 391 | global $btn_all, $btn_all_title, $btn_rw, $btn_rw_title, $btn_read, $btn_read_title; |
---|
| 392 | global $btn_fb, $btn_fb_title, $btn_sd, $btn_sd_title, $btn_ss, $btn_ss_title; |
---|
| 393 | |
---|
| 394 | $submit_label = translate('Grant'); |
---|
| 395 | if ( $row_data->to_principal > -1 ) { |
---|
| 396 | $grantrow->SetRecord( $row_data ); |
---|
| 397 | $submit_label = translate('Apply Changes'); |
---|
| 398 | } |
---|
| 399 | |
---|
| 400 | $grant_privileges = bindec($grantrow->Value('grant_privileges')); |
---|
| 401 | $privileges_set = '<div id="privileges">'; |
---|
| 402 | for( $i=0; $i < count($privilege_names); $i++ ) { |
---|
| 403 | $privilege_set = ( (1 << $i) & $grant_privileges ? ' CHECKED' : ''); |
---|
| 404 | $privileges_set .= '<label class="privilege"><input name="grant_privileges['.$privilege_names[$i].']" id="grant_privileges_'.$privilege_names[$i].'" type="checkbox"'.$privilege_set.'>'.$privilege_xlate[$privilege_names[$i]].'</label>'."\n"; |
---|
| 405 | } |
---|
| 406 | $privileges_set .= '</div>'; |
---|
| 407 | |
---|
| 408 | $orig_to_id = $row_data->to_principal; |
---|
| 409 | $form_id = $grantrow->Id(); |
---|
| 410 | $form_url = preg_replace( '#&(edit|delete)_grant=\d+#', '', $_SERVER['REQUEST_URI'] ); |
---|
| 411 | |
---|
| 412 | $template = <<<EOTEMPLATE |
---|
| 413 | <form method="POST" enctype="multipart/form-data" id="form_$form_id" action="$form_url"> |
---|
| 414 | <td class="left" colspan="2"><input type="hidden" name="id" value="$id"><input type="hidden" name="orig_to_id" value="$orig_to_id">##to_principal.select##</td> |
---|
| 415 | <td class="left" colspan="2"> |
---|
| 416 | <input type="button" value="$btn_all" class="submit" title="$btn_all_title" onclick="toggle_privileges('grant_privileges', 'all', 'form_$form_id');"> |
---|
| 417 | <input type="button" value="$btn_rw" class="submit" title="$btn_rw_title" |
---|
| 418 | onclick="toggle_privileges('grant_privileges', 'read', 'write-properties', 'write-content', 'bind', 'unbind', 'read-free-busy', |
---|
| 419 | 'read-current-user-privilege-set', 'schedule-deliver-invite', 'schedule-deliver-reply', 'schedule-query-freebusy', |
---|
| 420 | 'schedule-send-invite', 'schedule-send-reply', 'schedule-send-freebusy' );"> |
---|
| 421 | <input type="button" value="$btn_read" class="submit" title="$btn_read_title" |
---|
| 422 | onclick="toggle_privileges('grant_privileges', 'read', 'read-free-busy', 'schedule-query-freebusy', 'read-current-user-privilege-set' );"> |
---|
| 423 | <input type="button" value="$btn_fb" class="submit" title="$btn_fb_title" |
---|
| 424 | onclick="toggle_privileges('grant_privileges', 'read-free-busy', 'schedule-query-freebusy' );"> |
---|
| 425 | <input type="button" value="$btn_sd" class="submit" title="$btn_sd_title" |
---|
| 426 | onclick="toggle_privileges('grant_privileges', 'schedule-deliver-invite', 'schedule-deliver-reply', 'schedule-query-freebusy' );"> |
---|
| 427 | <input type="button" value="$btn_ss" class="submit" title="$btn_ss_title" |
---|
| 428 | onclick="toggle_privileges('grant_privileges', 'schedule-send-invite', 'schedule-send-reply', 'schedule-send-freebusy' );"> |
---|
| 429 | <br>$privileges_set |
---|
| 430 | <td class="center">##$submit_label.submit##</td> |
---|
| 431 | </form> |
---|
| 432 | |
---|
| 433 | EOTEMPLATE; |
---|
| 434 | |
---|
| 435 | $grantrow->SetTemplate( $template ); |
---|
| 436 | $grantrow->Title(""); |
---|
| 437 | |
---|
| 438 | return $grantrow->Render(); |
---|
| 439 | } |
---|
| 440 | |
---|
| 441 | $browser = new Browser(translate('Collection Grants')); |
---|
| 442 | |
---|
| 443 | $browser->AddColumn( 'to_principal', translate('To ID'), 'right', '##principal_link##' ); |
---|
| 444 | $rowurl = $c->base_url . '/admin.php?action=edit&t=principal&id='; |
---|
| 445 | $browser->AddHidden( 'principal_link', "'<a href=\"$rowurl' || to_principal || '\">' || to_principal || '</a>'" ); |
---|
| 446 | $browser->AddHidden( 'grant_privileges', 'privileges' ); |
---|
| 447 | $browser->AddColumn( 'displayname', translate('Display Name') ); |
---|
| 448 | $browser->AddColumn( 'privs', translate('Privileges'), '', '', 'privileges', '', '', 'privilege_format_function' ); |
---|
| 449 | $browser->AddColumn( 'members', translate('Has Members'), '', '', 'has_members_list(principal_id)' ); |
---|
| 450 | |
---|
| 451 | if ( $can_write_collection ) { |
---|
| 452 | $del_link = '<a href="'.$c->base_url.'/admin.php?action=edit&t=collection&id='.$id.'&delete_grant=##to_principal##" class="submit">'.translate('Revoke').'</a>'; |
---|
| 453 | $edit_link = '<a href="'.$c->base_url.'/admin.php?action=edit&t=collection&id='.$id.'&edit_grant=##to_principal##" class="submit">'.translate('Edit').'</a>'; |
---|
| 454 | $browser->AddColumn( 'action', translate('Action'), 'center', '', "'$edit_link $del_link'" ); |
---|
| 455 | } |
---|
| 456 | |
---|
| 457 | $browser->SetOrdering( 'displayname', 'A' ); |
---|
| 458 | |
---|
| 459 | $browser->SetJoins( 'grants LEFT JOIN dav_principal ON (to_principal = principal_id) ' ); |
---|
| 460 | $browser->SetWhere( 'by_collection = '.$id ); |
---|
| 461 | |
---|
| 462 | if ( $c->enable_row_linking ) { |
---|
| 463 | $browser->RowFormat( '<tr onMouseover="LinkHref(this,1);" title="'.translate('Click to edit principal details').'" class="r%d">', '</tr>', '#even' ); |
---|
| 464 | } |
---|
| 465 | else { |
---|
| 466 | $browser->RowFormat( '<tr class="r%d">', '</tr>', '#even' ); |
---|
| 467 | } |
---|
| 468 | $browser->DoQuery(); |
---|
| 469 | $page_elements[] = $browser; |
---|
| 470 | |
---|
| 471 | if ( $can_write_collection ) { |
---|
| 472 | if ( isset($_GET['edit_grant']) ) { |
---|
| 473 | $browser->MatchedRow('to_principal', $_GET['edit_grant'], 'edit_grant_row'); |
---|
| 474 | } |
---|
| 475 | else { |
---|
| 476 | $extra_row = array( 'to_principal' => -1 ); |
---|
| 477 | $browser->MatchedRow('to_principal', -1, 'edit_grant_row'); |
---|
| 478 | $extra_row = (object) $extra_row; |
---|
| 479 | $browser->AddRow($extra_row); |
---|
| 480 | } |
---|
| 481 | } |
---|
| 482 | |
---|
| 483 | |
---|
| 484 | $browser = new Browser(translate('Access Tickets')); |
---|
| 485 | $browser->AddHidden( 'dav_owner_id' ); |
---|
| 486 | $browser->AddColumn( 'ticket_id', translate('Ticket ID'), '', '' ); |
---|
| 487 | $browser->AddColumn( 'target', translate('Target'), '', '<td style="white-space:nowrap;">%s</td>', "'".$c->base_url.'/caldav.php'."' ||COALESCE(d.dav_name,c.dav_name)" ); |
---|
| 488 | $browser->AddColumn( 'expiry', translate('Expires'), '', '', 'TO_CHAR(expires,\'YYYYMMDD"T"HH:MI:SS\')'); |
---|
| 489 | $browser->AddColumn( 'privs', translate('Privileges'), '', '', "privileges_list(privileges)" ); |
---|
| 490 | $delurl = $c->base_url . '/admin.php?action=edit&t=principal&id=##dav_owner_id##&ticket_id=##URL:ticket_id##&subaction=delete_ticket'; |
---|
| 491 | $browser->AddColumn( 'delete', translate('Action'), 'center', '', "'<a class=\"submit\" href=\"$delurl\">".translate('Delete')."</a>'" ); |
---|
| 492 | |
---|
| 493 | $browser->SetOrdering( 'target', 'A' ); |
---|
| 494 | |
---|
| 495 | $browser->SetJoins( 'access_ticket t LEFT JOIN collection c ON (target_collection_id=collection_id) LEFT JOIN caldav_data d ON (target_resource_id=dav_id)' ); |
---|
| 496 | $browser->SetWhere( 'target_collection_id = '.intval($editor->Value('collection_id')) ); |
---|
| 497 | |
---|
| 498 | $browser->RowFormat( '<tr class="r%d">', '</tr>', '#even' ); |
---|
| 499 | |
---|
| 500 | $browser->DoQuery(); |
---|
| 501 | $page_elements[] = $browser; |
---|
| 502 | |
---|
| 503 | |
---|
| 504 | /** |
---|
| 505 | bind_id | bigint | not null default nextval('dav_id_seq'::regclass) |
---|
| 506 | bound_source_id | bigint | |
---|
| 507 | access_ticket_id | text | |
---|
| 508 | dav_owner_id | bigint | not null |
---|
| 509 | parent_container | text | not null |
---|
| 510 | dav_name | text | not null |
---|
| 511 | dav_displayname | text | |
---|
| 512 | */ |
---|
| 513 | |
---|
| 514 | $browser = new Browser(translate('Bindings to this Collection')); |
---|
| 515 | $browser->AddColumn( 'bind_id', translate('ID'), '', '' ); |
---|
| 516 | $browser->AddHidden( 'b.dav_owner_id' ); |
---|
| 517 | $browser->AddColumn( 'bound_as', translate('Bound As'), '', '<td style="white-space:nowrap;">%s</td>', "'".$c->base_url.'/caldav.php'."' ||b.dav_name" ); |
---|
| 518 | $browser->AddColumn( 'access_ticket_id', translate('Ticket ID'), '', '' ); |
---|
| 519 | $browser->AddColumn( 'privs', translate('Privileges'), '', '', "privileges_list(privileges)" ); |
---|
| 520 | $delurl = $c->base_url . '/admin.php?action=edit&t=principal&id=##dav_owner_id##&bind_id=##URL:bind_id##&subaction=delete_binding'; |
---|
| 521 | $browser->AddColumn( 'delete', translate('Action'), 'center', '', "'<a class=\"submit\" href=\"$delurl\">".translate('Delete')."</a>'" ); |
---|
| 522 | |
---|
| 523 | $browser->SetOrdering( 'target', 'A' ); |
---|
| 524 | |
---|
| 525 | $browser->SetJoins( 'dav_binding b LEFT JOIN collection c ON (bound_source_id=collection_id) LEFT JOIN access_ticket t ON (ticket_id=access_ticket_id)' ); |
---|
| 526 | $browser->SetWhere( 'bound_source_id = '.intval($editor->Value('collection_id')) ); |
---|
| 527 | |
---|
| 528 | $browser->RowFormat( '<tr class="r%d">', '</tr>', '#even' ); |
---|
| 529 | |
---|
| 530 | $browser->DoQuery(); |
---|
| 531 | $page_elements[] = $browser; |
---|
| 532 | |
---|
| 533 | } |
---|
| 534 | |
---|