/* * Created on 17-okt-2011 * author Paul Wolbers * */ require_once '../include/default.inc.php'; $arr_submit = array(array('cal_id', 'string', false, '')); $frm_submitted = validate_var($arr_submit, true); $bln_public_calendars = false; $arr_calendars = Calendar::getCalendarsByIds($frm_submitted['cal_id']); foreach ($arr_calendars as $cal) { if ($cal['share_type'] == 'public') { $bln_public_calendars = true; } } if (ALLOW_ACCESS_BY == 'ip' && !User::ipAllowed()) { header('location: ' . FULLCAL_URL . '/noaccess.html'); // fill in a website where you want to redirect exit; } else { if (ALLOW_ACCESS_BY == 'login' || ADMIN_CAN_LOGIN_FROM_ADMIN_URL === true && stristr($_SERVER['SCRIPT_NAME'], '/admin')) { if (!User::isLoggedIn()) { echo json_encode(array('success' => false, 'notloggedin' => true, 'error' => 'You are not logged in')); exit; } } } switch ($_GET['action']) { case 'start': getEvents(); break;
/** * * @param type $int_cal_id * @return type */ public static function getPermissions($int_cal_id) { $arr_cal = Calendar::getCalendar($int_cal_id); $can_view = (bool) $arr_cal['can_view']; // can view detail $can_add = (bool) $arr_cal['can_add']; $can_edit = (bool) $arr_cal['can_edit']; $can_delete = (bool) $arr_cal['can_delete']; $can_change_color = (bool) $arr_cal['can_change_color']; $can_see_dditems = $can_add && !ONLY_ADMIN_CAN_SEE_DRAG_DROP_ITEMS; // only_owner , only_loggedin_users of everyone /* * IF LOGGED IN */ if (User::isLoggedIn()) { $arr_user = User::getUser(); if (ONLY_ADMIN_CAN_SEE_DRAG_DROP_ITEMS) { if (User::isAdmin() || User::isSuperAdmin()) { $can_see_dditems = true; } else { $can_see_dditems = false; } } else { if (Calendar::isOwner($arr_cal['calendar_id']) || $arr_cal['can_dd_drag'] == 'everyone' || $arr_cal['can_dd_drag'] == 'only_loggedin_users') { $can_see_dditems = true; } else { if ($arr_cal['can_dd_drag'] == 'only_owner' && !Calendar::isOwner($arr_cal['calendar_id'])) { $can_see_dditems = false; } } } // if admin with fullcontrol OR calendar owner (creator) if (ADMIN_HAS_FULL_CONTROL && (User::isAdmin() || User::isSuperAdmin()) || Calendar::isOwner($arr_cal['calendar_id'])) { $can_view = false; // not neccesary because admin can edit $can_add = true; $can_edit = true; $can_delete = true; $can_see_dditems = true; } else { if ($arr_cal['share_type'] == 'private_group' && !Calendar::UserInGroup($arr_cal, $arr_user['user_id'])) { // if share_type is private_group and user is not in that group (admingroup) $can_add = false; $can_edit = false; $can_delete = false; $can_see_dditems = false; } } } else { /* * IF NOT LOGGED IN */ if (ONLY_ADMIN_CAN_SEE_DRAG_DROP_ITEMS) { $can_see_dditems = false; } else { if ($arr_cal['can_dd_drag'] == 'everyone') { $can_see_dditems = true; } else { $can_see_dditems = false; } } // if public if ($arr_cal['share_type'] == 'public') { // use the defaults from the calendar } // if access allowed by IP and IP mathces with IP in config.php if (ALLOW_ACCESS_BY == 'ip' && User::ipAllowed()) { // use the defaults from the calendar } } return array('can_view' => $can_view, 'can_add' => $can_add, 'can_edit' => $can_edit, 'can_delete' => $can_delete, 'can_change_color' => $can_change_color, 'can_see_dditems' => $can_see_dditems); }