Changeset 1145

Timestamp:

07/17/09 10:46:40 (15 years ago)

Author:

rodsouza

Message:

Ticket #581 - Restrict the manager to create sub-organizations in organizations where he has not permission.

Location:

trunk/expressoAdmin1_2

Files:

• inc/class.uisectors.inc.php (modified) (4 diffs)
• templates/default/sectors_form.tpl (modified) (2 diffs)

trunk/expressoAdmin1_2/inc/class.uisectors.inc.php

@@ -147 +147 @@
                         $manager_lid = $GLOBALS['phpgw']->accounts->data['account_lid'];
                         $acl = $this->functions->read_acl($manager_lid);
-                        
+
+                        $manager_contexts = $acl['contexts'];
+                        $combo_manager_org = '';
+                        foreach ($manager_contexts as $index=>$context)
+                                $combo_manager_org .= $this->functions->get_organizations( $context );
+
                         $context = $_GET['context'];
                         
@@ -173 +178 @@
                                 'context'                       => $context == '' ? $GLOBALS['phpgw_info']['server']['ldap_context'] : $context,
                                 'sector'                        => $_POST['sector'],
+                                'manager_org'           => $combo_manager_org,
                                 'sector_visible_checked'=> $_POST['sector_visible'] ? 'checked' : '',
                                 'error_messages'        => $_POST['error_messages'] == '' ? '' : "<script type='text/javascript'>alert('".$_POST['error_messages']."')</script>",
@@ -189 +195 @@
                         
                         $context = $_GET['context'];
+
+                        $combo_manager_org = $this->functions->get_organizations($_GET['context'], '', true, true, true);
+                        $combo_manager_org = substr( $combo_manager_org, 0, ( strpos($combo_manager_org, '</option>') + 9 ) );
+
                         $a_tmp = explode(",", ldap_dn2ufn($context));
                         $sector_name = $a_tmp[0];
@@ -220 +230 @@
                                 'th_bg'                         => $GLOBALS['phpgw_info']['theme']['th_bg'],
                                 'context'                       => $context == '' ? $manager_context : $context,
-                                'sector'                                => $_POST['sector'] == '' ? $sector_name : $_POST['sector'],
+                                'sector'                        => $_POST['sector'] == '' ? $sector_name : $_POST['sector'],
+                                'manager_org'           => $combo_manager_org,
                                 'sector_visible_checked'=> $_POST['sector_visible'] ? 'checked' : '',
                                 

trunk/expressoAdmin1_2/templates/default/sectors_form.tpl

@@ -2 +2 @@
 <p>
   <table border="0" align="center">
+  <!--
   <tr bgcolor="{th_bg}">
    <td>{lang_context}: {context}</td>
   </tr>
+  -->
  </table>
  
   <table border="0" align="center">
         <form method="POST" action="{action}">
+                <tr bgcolor={row_off}>
+                        <td>{lang_organizations}:</td>
+                        <td><select {disabled} name="context">{manager_org}</select></td>
+                </tr>
                 <tr>  
                         <td>
@@ -29 +35 @@
                         <input type="submit" name="button_submit" value={lang_save}>
                         <input type="button" value="{lang_back}" onClick="document.location.href='{back_url}'">
+                                <!--
                         <input type="hidden" name="context" value="{context}">
+                                -->
                         <input type="hidden" name="old_sector" value="{old_sector}">
                         </td>