Micke/roundcubemail-plugins-kolab
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Use IMAP permissions to determine possible actions on the client (#4828)

Browse source
This commit is contained in:
Thomas Bruederli 2015-03-11 14:38:38 +01:00
parent b68f5f5cda
commit c92c8e9ed0
4 changed files with 55 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
plugins/tasklist/drivers/database/tasklist_database_driver.php
View file

@ -6,7 +6,7 @@
* @version @package_version@
* @author Thomas Bruederli <bruederli@kolabsys.com>
*
* Copyright (C) 2012, Kolab Systems AG <contact@kolabsys.com>
* Copyright (C) 2012-2015, Kolab Systems AG <contact@kolabsys.com>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
@ -78,6 +78,7 @@ class tasklist_database_driver extends tasklist_driver
$arr['name'] = html::quote($arr['name']);
$arr['listname'] = html::quote($arr['name']);
$arr['editable'] = true;
$arr['rights'] = 'lrswikxtea';
$this->lists[$arr['id']] = $arr;
$list_ids[] = $this->rc->db->quote($arr['id']);
}

20
plugins/tasklist/drivers/kolab/tasklist_kolab_driver.php
View file

@ -6,7 +6,7 @@
* @version @package_version@
* @author Thomas Bruederli <bruederli@kolabsys.com>
*
* Copyright (C) 2012, Kolab Systems AG <contact@kolabsys.com>
* Copyright (C) 2012-2015, Kolab Systems AG <contact@kolabsys.com>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
@ -107,15 +107,18 @@ class tasklist_kolab_driver extends tasklist_driver
{
if ($folder->get_namespace() == 'personal') {
$norename = false;
$readonly = false;
$editable = true;
$rights = 'lrswikxtea';
$alarms = true;
}
else {
$alarms = false;
$readonly = true;
if (($rights = $folder->get_myrights()) && !PEAR::isError($rights)) {
if (strpos($rights, 'i') !== false)
$readonly = false;
$rights = 'lr';
$editable = false;
if (($myrights = $folder->get_myrights()) && !PEAR::isError($myrights)) {
$rights = $myrights;
if (strpos($rights, 't') !== false || strpos($rights, 'd') !== false)
$editable = strpos($rights, 'i');
}
$info = $folder->get_folder_info();
$norename = $readonly || $info['norename'] || $info['protected'];
@ -135,7 +138,8 @@ class tasklist_kolab_driver extends tasklist_driver
'editname' => $folder->get_foldername(),
'color' => $folder->get_color('0000CC'),
'showalarms' => isset($prefs[$list_id]['showalarms']) ? $prefs[$list_id]['showalarms'] : $alarms,
'editable' => !$readonly,
'editable' => $editable,
'rights' => $rights,
'norename' => $norename,
'active' => $folder->is_active(),
'parentfolder' => $folder->get_parent(),
@ -206,6 +210,7 @@ class tasklist_kolab_driver extends tasklist_driver
'title' => $folder->get_title(),
'virtual' => true,
'editable' => false,
'rights' => 'l',
'group' => 'other virtual',
'class' => 'user',
'parent' => $parent_id,
@ -218,6 +223,7 @@ class tasklist_kolab_driver extends tasklist_driver
'listname' => $listname,
'virtual' => true,
'editable' => false,
'rights' => 'l',
'group' => $folder->get_namespace(),
'class' => 'folder',
'parent' => $parent_id,

45
plugins/tasklist/tasklist.js
View file

@ -6,7 +6,7 @@
* @licstart The following is the entire license notice for the
* JavaScript code in this file.
*
* Copyright (C) 2012, Kolab Systems AG <contact@kolabsys.com>
* Copyright (C) 2012-2015, Kolab Systems AG <contact@kolabsys.com>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
@ -168,7 +168,9 @@ function rcube_tasklist_ui(settings)
});
tasklists_widget.addEventListener('select', function(node) {
var id = $(this).data('id');
rcmail.enable_command('list-edit', 'list-delete', 'list-import', me.tasklists[node.id].editable);
rcmail.enable_command('list-edit', has_permission(me.tasklists[node.id], 'wa'));
rcmail.enable_command('list-delete', has_permission(me.tasklists[node.id], 'xa'));
rcmail.enable_command('list-import', has_permission(me.tasklists[node.id], 'i'));
rcmail.enable_command('list-remove', me.tasklists[node.id] && me.tasklists[node.id].removable);
me.selected_list = node.id;
});
@ -714,6 +716,27 @@ function rcube_tasklist_ui(settings)
});
}
/**
* Check permissions on the given list object
*/
function has_permission(list, perm)
{
// multiple chars means "either of"
if (String(perm).length > 1) {
for (var i=0; i < perm.length; i++) {
if (has_permission(list, perm[i])) {
return true;
}
}
}
if (list.rights && String(list.rights).indexOf(perm) >= 0) {
return true;
}
return (perm == 'i' && list.editable);
}
/**
* Request counts from the server
*/
@ -1024,8 +1047,8 @@ function rcube_tasklist_ui(settings)
drop_rec = listdata[drop_id],
list = drop_rec && me.tasklists[drop_rec.list] ? me.tasklists[drop_rec.list] : { editable:true };
// target is not writeable or already has this tag assigned
if (!drop_rec || drop_rec.readonly || !list.editable || (drop_rec.tags && $.inArray(tag, drop_rec.tags) >= 0)) {
// target is not editable or already has this tag assigned
if (!drop_rec || drop_rec.readonly || !has_permission(list, 'i') || (drop_rec.tags && $.inArray(tag, drop_rec.tags) >= 0)) {
return false;
}
@ -1986,7 +2009,9 @@ function rcube_tasklist_ui(settings)
},
disabled: rcmail.busy
});
}
if (has_permission(list, 'td') && !rec.readonly) {
buttons.push({
text: rcmail.gettext('delete','tasklist'),
'class': 'delete',
@ -2048,9 +2073,9 @@ function rcube_tasklist_ui(settings)
$dialog = $('<div>'),
editform = $('#taskedit'),
list = rec.list && me.tasklists[rec.list] ? me.tasklists[rec.list] :
(me.selected_list ? me.tasklists[me.selected_list] : { editable: action=='new' });
(me.selected_list ? me.tasklists[me.selected_list] : { editable: action == 'new', rights: action == 'new' ? 'rwitd' : 'r' });
if (rcmail.busy || !list.editable || (action == 'edit' && (!rec || rec.readonly)))
if (rcmail.busy || !has_permission(list, 'i') || (action == 'edit' && (!rec || rec.readonly)))
return false;
me.selected_task = $.extend({ valarms:[] }, rec); // clone task object
@ -2081,6 +2106,12 @@ function rcube_tasklist_ui(settings)
invite.checked = settings.itip_notify & 1 > 0;
notify.checked = has_attendees(rec) && invite.checked;
// set tasklist selection according to permissions
tasklist.find('option').each(function(i, opt) {
var l = me.tasklists[opt.value] || {};
$(opt).prop('disabled', !(l.editable || (action == 'new' && has_permission(l, 'i'))));
});
// tag-edit line
var tagline = $(rcmail.gui_objects.edittagline).empty();
$.each(typeof rec.tags == 'object' && rec.tags.length ? rec.tags : [''], function(i,val){
@ -2658,7 +2689,7 @@ function rcube_tasklist_ui(settings)
$dialog.dialog('close');
if (!list)
list = { name:'', editable:true, showalarms:true };
list = { name:'', editable:true, rights:'riwt', showalarms:true };
var editform, name, alarms;

4
plugins/tasklist/tasklist_ui.php
View file

@ -5,7 +5,7 @@
* @version @package_version@
* @author Thomas Bruederli <bruederli@kolabsys.com>
*
* Copyright (C) 2012, Kolab Systems AG <contact@kolabsys.com>
* Copyright (C) 2012-2015, Kolab Systems AG <contact@kolabsys.com>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
@ -309,7 +309,7 @@ class tasklist_ui
$default = null;
foreach ((array)$this->plugin->driver->get_lists() as $id => $prop) {
if ($prop['editable']) {
if ($prop['editable'] || strpos($prop['rights'], 'i') !== false) {
$select->add($prop['name'], $id);
if (!$default || $prop['default'])
$default = $id;