function save() { $flash = Flash::Instance(); $calendar = new Calendar(); if (isset($this->_data['Calendar']['id']) && !$calendar->isOwner($this->_data['Calendar']['id'])) { $flash->addError("You cannot save a calendar that belongs to someone else"); sendTo('calendars', 'index', 'calendar'); } // if we dont specify any shared users, pass an empty array if (isset($this->_data['CalendarShareCollection'])) { if (!$this->checkParams(array('Calendar', 'CalendarShareCollection'))) { sendBack(); } } if ($this->_data['Calendar']['type'] == 'gcal' && (!isset($this->_data['Calendar']['gcal_url']) || empty($this->_data['Calendar']['gcal_url']))) { $flash->addError("You haven't specified a feed URL"); sendBack(); } if (!isset($this->_data['Calendar']['colour'])) { $colours = $calendar->getEnumOptions('colour'); $this->_data['Calendar']['colour'] = $colours[array_rand($colours)]; } if (isset($this->_data['Calendar']['id'])) { $calendarshare = new CalendarShareCollection(new CalendarShare()); $sh = new SearchHandler($calendarshare, false); $sh->addConstraint(new Constraint('calendar_id', '=', $this->_data['Calendar']['id'])); $calendarshare->delete($sh); } // apply calendar_id to CalendarShareCollection if (isset($this->_data['CalendarShareCollection']) && !empty($this->_data['CalendarShareCollection']['username'])) { foreach ($this->_data['CalendarShareCollection']['username'] as $key => $value) { $this->_data['CalendarShareCollection']['calendar_id'][$key] = ''; } } $errors = array(); if (parent::save('Calendar', '', $errors)) { sendTo('index', 'index', 'calendar'); } else { sendBack(); } }
function getCalendar() { $arr_cal = array(); global $error; $arr_submit = array(array('cal_id', 'int', false, '')); $frm_submitted = validate_var($arr_submit); if (empty($error)) { $arr_cal = Calendar::getCalendar($frm_submitted['cal_id']); $arr_permissions = Calendar::getPermissions($frm_submitted['cal_id']); // print_r($arr_permissions); $arr_cal['can_edit'] = $arr_permissions['can_edit']; $arr_cal['can_add'] = $arr_permissions['can_add']; $arr_cal['can_delete'] = $arr_permissions['can_delete']; $arr_cal['can_drag'] = $arr_permissions['can_edit']; $arr_cal['can_drag_dd_items'] = $arr_permissions['can_see_dditems']; $arr_cal['isOwner'] = Calendar::isOwner($frm_submitted['cal_id']); $arr_cal['can_change_color'] = $arr_permissions['can_change_color']; $arr_cal['can_mail'] = Calendar::calCanMail($arr_cal); } echo json_encode($arr_cal); exit; }
public static function canChangeColor($event_user = 0, $cal_id = 0) { $arr_calendar = array(); if ($cal_id > 0) { $arr_calendar = Calendar::getCalendar($cal_id); } if ($arr_calendar['share_type'] == 'public' && $arr_calendar['can_change_color']) { return true; } if (User::isLoggedIn()) { $arr_user = User::getUser(); if (defined('ADMIN_HAS_FULL_CONTROL') && ADMIN_HAS_FULL_CONTROL && (User::isAdmin() || User::isSuperAdmin())) { return true; } if ($cal_id > 0) { if (Calendar::isOwner($cal_id)) { return true; } } } else { if ($arr_calendar['can_change_color']) { return true; } } return false; }
} if (!$bln_found) { if (!file_exists(FULLCAL_URL . '/script/lang' . strtoupper($arr_settings['language']) . '.js')) { $arr_settings['language'] = "EN"; } } $obj_smarty->assign('settings', $arr_settings); // determine how many intitial show $arr_default_calendars = explode(',', $str_default_calendars); if (count($arr_default_calendars) > 1) { $obj_smarty->assign('cal_can_add', false); $obj_smarty->assign('is_owner', false); } else { $obj_smarty->assign('cal_can_add', true); if (isset($arr_calendars[0])) { $obj_smarty->assign('is_owner', Calendar::isOwner($arr_calendars[0]['calendar_id'])); } else { $obj_smarty->assign('is_owner', false); } } // $obj_smarty->assign('cal_can_edit', true); // $obj_smarty->assign('cal_can_delete', true); $obj_smarty->assign('cal_can_view', false); $obj_smarty->display(FULLCAL_DIR . '/view/cal.html'); } else { if (ALLOW_ACCESS_BY == 'login') { $obj_smarty->display(FULLCAL_DIR . '/login.html'); } else { if (ADMIN_CAN_LOGIN_FROM_ADMIN_URL === true && ALLOW_ACCESS_BY == 'free' && !stristr($_SERVER['SCRIPT_NAME'], '/admin') && SHOW_SMALL_LOGIN_LINK === false) { // unset($_SESSION['calendar-uid']); }
/** * * @param type $int_cal_id * @return type */ public static function getPermissions($int_cal_id) { $arr_cal = Calendar::getCalendar($int_cal_id); $can_view = (bool) $arr_cal['can_view']; // can view detail $can_add = (bool) $arr_cal['can_add']; $can_edit = (bool) $arr_cal['can_edit']; $can_delete = (bool) $arr_cal['can_delete']; $can_change_color = (bool) $arr_cal['can_change_color']; $can_see_dditems = $can_add && !ONLY_ADMIN_CAN_SEE_DRAG_DROP_ITEMS; // only_owner , only_loggedin_users of everyone /* * IF LOGGED IN */ if (User::isLoggedIn()) { $arr_user = User::getUser(); if (ONLY_ADMIN_CAN_SEE_DRAG_DROP_ITEMS) { if (User::isAdmin() || User::isSuperAdmin()) { $can_see_dditems = true; } else { $can_see_dditems = false; } } else { if (Calendar::isOwner($arr_cal['calendar_id']) || $arr_cal['can_dd_drag'] == 'everyone' || $arr_cal['can_dd_drag'] == 'only_loggedin_users') { $can_see_dditems = true; } else { if ($arr_cal['can_dd_drag'] == 'only_owner' && !Calendar::isOwner($arr_cal['calendar_id'])) { $can_see_dditems = false; } } } // if admin with fullcontrol OR calendar owner (creator) if (ADMIN_HAS_FULL_CONTROL && (User::isAdmin() || User::isSuperAdmin()) || Calendar::isOwner($arr_cal['calendar_id'])) { $can_view = false; // not neccesary because admin can edit $can_add = true; $can_edit = true; $can_delete = true; $can_see_dditems = true; } else { if ($arr_cal['share_type'] == 'private_group' && !Calendar::UserInGroup($arr_cal, $arr_user['user_id'])) { // if share_type is private_group and user is not in that group (admingroup) $can_add = false; $can_edit = false; $can_delete = false; $can_see_dditems = false; } } } else { /* * IF NOT LOGGED IN */ if (ONLY_ADMIN_CAN_SEE_DRAG_DROP_ITEMS) { $can_see_dditems = false; } else { if ($arr_cal['can_dd_drag'] == 'everyone') { $can_see_dditems = true; } else { $can_see_dditems = false; } } // if public if ($arr_cal['share_type'] == 'public') { // use the defaults from the calendar } // if access allowed by IP and IP mathces with IP in config.php if (ALLOW_ACCESS_BY == 'ip' && User::ipAllowed()) { // use the defaults from the calendar } } return array('can_view' => $can_view, 'can_add' => $can_add, 'can_edit' => $can_edit, 'can_delete' => $can_delete, 'can_change_color' => $can_change_color, 'can_see_dditems' => $can_see_dditems); }