Monotone-Parent: 36c59ea6f5d3705bff60a615e113d6b9e7a7501e
Monotone-Revision: 2ae12f2c67f3e74fddaf5d592a19e233d0806899 Monotone-Author: wsourdeau@inverse.ca Monotone-Date: 2007-04-26T01:16:19 Monotone-Branch: ca.inverse.sogomaint-2.0.2
parent
e17d43a24e
commit
27d801a9fc
|
@ -46,6 +46,7 @@
|
||||||
@class NSTimeZone;
|
@class NSTimeZone;
|
||||||
@class GCSFolder;
|
@class GCSFolder;
|
||||||
|
|
||||||
|
#import <NGCards/iCalEntityObject.h>
|
||||||
@interface SOGoAppointmentFolder : SOGoFolder
|
@interface SOGoAppointmentFolder : SOGoFolder
|
||||||
{
|
{
|
||||||
NSTimeZone *timeZone;
|
NSTimeZone *timeZone;
|
||||||
|
@ -114,6 +115,9 @@
|
||||||
|
|
||||||
- (NSArray *) calendarFolders;
|
- (NSArray *) calendarFolders;
|
||||||
|
|
||||||
|
- (NSString *) roleForComponentsWithAccessClass: (iCalAccessClass) accessClass
|
||||||
|
forUser: (NSString *) uid;
|
||||||
|
|
||||||
@end
|
@end
|
||||||
|
|
||||||
#endif /* __Appointments_SOGoAppointmentFolder_H__ */
|
#endif /* __Appointments_SOGoAppointmentFolder_H__ */
|
||||||
|
|
|
@ -705,6 +705,27 @@ static NSNumber *sharedYes = nil;
|
||||||
end, start];
|
end, start];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
- (NSString *) _privacyClassificationStringsForUID: (NSString *) uid
|
||||||
|
{
|
||||||
|
NSMutableString *classificationString;
|
||||||
|
NSString *currentRole;
|
||||||
|
unsigned int counter;
|
||||||
|
iCalAccessClass classes[] = {iCalAccessPublic, iCalAccessPrivate,
|
||||||
|
iCalAccessConfidential};
|
||||||
|
|
||||||
|
classificationString = [NSMutableString string];
|
||||||
|
for (counter = 0; counter < 3; counter++)
|
||||||
|
{
|
||||||
|
currentRole = [self roleForComponentsWithAccessClass: classes[counter]
|
||||||
|
forUser: uid];
|
||||||
|
if ([currentRole length] > 0)
|
||||||
|
[classificationString appendFormat: @"classification = %d or ",
|
||||||
|
classes[counter]];
|
||||||
|
}
|
||||||
|
|
||||||
|
return classificationString;
|
||||||
|
}
|
||||||
|
|
||||||
- (NSString *) _privacySqlString
|
- (NSString *) _privacySqlString
|
||||||
{
|
{
|
||||||
NSString *privacySqlString, *owner, *currentUser, *email;
|
NSString *privacySqlString, *owner, *currentUser, *email;
|
||||||
|
@ -719,17 +740,48 @@ static NSNumber *sharedYes = nil;
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
email = [activeUser email];
|
email = [activeUser email];
|
||||||
|
|
||||||
privacySqlString
|
privacySqlString
|
||||||
= [NSString stringWithFormat:
|
= [NSString stringWithFormat:
|
||||||
@"(classification != %d or (orgmail = '%@')"
|
@"(%@(orgmail = '%@')"
|
||||||
@" or ((partmails caseInsensitiveLike '%@%%'"
|
@" or ((partmails caseInsensitiveLike '%@%%'"
|
||||||
@" or partmails caseInsensitiveLike '%%\\n%@%%')))",
|
@" or partmails caseInsensitiveLike '%%\\n%@%%')))",
|
||||||
iCalAccessPrivate, email, email, email];
|
[self _privacyClassificationStringsForUID: currentUser],
|
||||||
|
email, email, email];
|
||||||
}
|
}
|
||||||
|
|
||||||
return privacySqlString;
|
return privacySqlString;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
- (NSString *) roleForComponentsWithAccessClass: (iCalAccessClass) accessClass
|
||||||
|
forUser: (NSString *) uid
|
||||||
|
{
|
||||||
|
NSString *accessRole, *prefix, *currentRole, *suffix;
|
||||||
|
NSEnumerator *acls;
|
||||||
|
|
||||||
|
accessRole = nil;
|
||||||
|
|
||||||
|
if (accessClass == iCalAccessPublic)
|
||||||
|
prefix = @"Public";
|
||||||
|
else if (accessClass == iCalAccessPrivate)
|
||||||
|
prefix = @"Private";
|
||||||
|
else
|
||||||
|
prefix = @"Confidential";
|
||||||
|
|
||||||
|
acls = [[self aclsForUser: uid] objectEnumerator];
|
||||||
|
currentRole = [acls nextObject];
|
||||||
|
while (currentRole && !accessRole)
|
||||||
|
if ([currentRole hasPrefix: prefix])
|
||||||
|
{
|
||||||
|
suffix = [currentRole substringFromIndex: [prefix length]];
|
||||||
|
accessRole = [NSString stringWithFormat: @"Component%@", suffix];
|
||||||
|
}
|
||||||
|
else
|
||||||
|
currentRole = [acls nextObject];
|
||||||
|
|
||||||
|
return accessRole;
|
||||||
|
}
|
||||||
|
|
||||||
- (NSArray *) fetchFields: (NSArray *) _fields
|
- (NSArray *) fetchFields: (NSArray *) _fields
|
||||||
fromFolder: (GCSFolder *) _folder
|
fromFolder: (GCSFolder *) _folder
|
||||||
from: (NSCalendarDate *) _startDate
|
from: (NSCalendarDate *) _startDate
|
||||||
|
@ -1222,7 +1274,7 @@ static NSNumber *sharedYes = nil;
|
||||||
{
|
{
|
||||||
return [NSArray arrayWithObjects:
|
return [NSArray arrayWithObjects:
|
||||||
SOGoCalendarRole_PublicViewer,
|
SOGoCalendarRole_PublicViewer,
|
||||||
SOGoCalendarRole_PrivateDAndTViewer,
|
SOGoCalendarRole_ConfidentialDAndTViewer,
|
||||||
nil];
|
nil];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -32,6 +32,7 @@
|
||||||
#import <SoObjects/SOGo/AgenorUserManager.h>
|
#import <SoObjects/SOGo/AgenorUserManager.h>
|
||||||
#import <SoObjects/SOGo/SOGoPermissions.h>
|
#import <SoObjects/SOGo/SOGoPermissions.h>
|
||||||
#import <SoObjects/SOGo/SOGoUser.h>
|
#import <SoObjects/SOGo/SOGoUser.h>
|
||||||
|
#import <SoObjects/Appointments/SOGoAppointmentFolder.h>
|
||||||
|
|
||||||
#import "common.h"
|
#import "common.h"
|
||||||
|
|
||||||
|
@ -96,7 +97,7 @@ static BOOL sendEMailNotifications = NO;
|
||||||
return nil;
|
return nil;
|
||||||
}
|
}
|
||||||
|
|
||||||
- (void) _filterPrivateComponent: (iCalEntityObject *) component
|
- (void) _filterComponent: (iCalEntityObject *) component
|
||||||
{
|
{
|
||||||
[component setSummary: @""];
|
[component setSummary: @""];
|
||||||
[component setComment: @""];
|
[component setComment: @""];
|
||||||
|
@ -110,7 +111,7 @@ static BOOL sendEMailNotifications = NO;
|
||||||
|
|
||||||
- (NSString *) contentAsString
|
- (NSString *) contentAsString
|
||||||
{
|
{
|
||||||
NSString *tmpContent, *email;
|
NSString *tmpContent, *email, *uid, *role;
|
||||||
iCalCalendar *tmpCalendar;
|
iCalCalendar *tmpCalendar;
|
||||||
iCalRepeatableEntityObject *tmpComponent;
|
iCalRepeatableEntityObject *tmpComponent;
|
||||||
|
|
||||||
|
@ -118,20 +119,30 @@ static BOOL sendEMailNotifications = NO;
|
||||||
{
|
{
|
||||||
tmpContent = [super contentAsString];
|
tmpContent = [super contentAsString];
|
||||||
calContent = tmpContent;
|
calContent = tmpContent;
|
||||||
if ([tmpContent length] > 0)
|
uid = [[context activeUser] login];
|
||||||
|
if (![[self ownerInContext: context] isEqualToString: uid]
|
||||||
|
&& [tmpContent length] > 0)
|
||||||
{
|
{
|
||||||
tmpCalendar = [iCalCalendar parseSingleFromSource: tmpContent];
|
tmpCalendar = [iCalCalendar parseSingleFromSource: tmpContent];
|
||||||
tmpComponent = (iCalRepeatableEntityObject *) [tmpCalendar firstChildWithTag: [self componentTag]];
|
tmpComponent = (iCalRepeatableEntityObject *)
|
||||||
if (![tmpComponent isPublic])
|
[tmpCalendar firstChildWithTag: [self componentTag]];
|
||||||
{
|
email = [[context activeUser] email];
|
||||||
email = [[context activeUser] email];
|
if (!([tmpComponent isOrganizer: email]
|
||||||
if (!([tmpComponent isOrganizer: email]
|
|| [tmpComponent isParticipant: email]))
|
||||||
|| [tmpComponent isParticipant: email]))
|
{
|
||||||
{
|
role = [container roleForComponentsWithAccessClass: [tmpComponent symbolicAccessClass]
|
||||||
// content = tmpContent;
|
forUser: uid];
|
||||||
[self _filterPrivateComponent: tmpComponent];
|
if ([role length] > 0)
|
||||||
calContent = [tmpCalendar versitString];
|
{
|
||||||
}
|
if ([role isEqualToString: SOGoCalendarPerm_ViewDAndT])
|
||||||
|
{
|
||||||
|
// content = tmpContent;
|
||||||
|
[self _filterComponent: tmpComponent];
|
||||||
|
calContent = [tmpCalendar versitString];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
calContent = nil;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -178,7 +189,7 @@ static BOOL sendEMailNotifications = NO;
|
||||||
newComponent = [[calendar classForTag: componentTag]
|
newComponent = [[calendar classForTag: componentTag]
|
||||||
groupWithTag: componentTag];
|
groupWithTag: componentTag];
|
||||||
[calendar addChild: newComponent];
|
[calendar addChild: newComponent];
|
||||||
isNew = YES;
|
isNew = YES;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (calendar)
|
if (calendar)
|
||||||
|
@ -432,39 +443,39 @@ static BOOL sendEMailNotifications = NO;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
- (NSArray *) rolesOfUser: (NSString *) login
|
// - (NSArray *) rolesOfUser: (NSString *) login
|
||||||
{
|
// {
|
||||||
AgenorUserManager *um;
|
// AgenorUserManager *um;
|
||||||
iCalRepeatableEntityObject *component;
|
// iCalRepeatableEntityObject *component;
|
||||||
NSMutableArray *sogoRoles;
|
// NSMutableArray *sogoRoles;
|
||||||
NSString *email;
|
// NSString *email;
|
||||||
SOGoUser *user;
|
// SOGoUser *user;
|
||||||
|
|
||||||
sogoRoles = [NSMutableArray new];
|
// sogoRoles = [NSMutableArray new];
|
||||||
[sogoRoles autorelease];
|
// [sogoRoles autorelease];
|
||||||
|
|
||||||
um = [AgenorUserManager sharedUserManager];
|
// um = [AgenorUserManager sharedUserManager];
|
||||||
email = [um getEmailForUID: login];
|
// email = [um getEmailForUID: login];
|
||||||
|
|
||||||
component = [self component: NO];
|
// component = [self component: NO];
|
||||||
if (component)
|
// if (component)
|
||||||
{
|
// {
|
||||||
if ([component isOrganizer: email])
|
// if ([component isOrganizer: email])
|
||||||
[sogoRoles addObject: SOGoCalendarRole_Organizer];
|
// [sogoRoles addObject: SOGoCalendarRole_Organizer];
|
||||||
else if ([component isParticipant: email])
|
// else if ([component isParticipant: email])
|
||||||
[sogoRoles addObject: SOGoCalendarRole_Participant];
|
// [sogoRoles addObject: SOGoCalendarRole_Participant];
|
||||||
else if ([[container ownerInContext: context] isEqualToString: login])
|
// else if ([[container ownerInContext: context] isEqualToString: login])
|
||||||
[sogoRoles addObject: SoRole_Owner];
|
// [sogoRoles addObject: SoRole_Owner];
|
||||||
}
|
// }
|
||||||
else
|
// else
|
||||||
{
|
// {
|
||||||
user = [SOGoUser userWithLogin: login andRoles: nil];
|
// user = [SOGoUser userWithLogin: login andRoles: nil];
|
||||||
[sogoRoles addObjectsFromArray: [user rolesForObject: container
|
// [sogoRoles addObjectsFromArray: [user rolesForObject: container
|
||||||
inContext: context]];
|
// inContext: context]];
|
||||||
}
|
// }
|
||||||
|
|
||||||
return sogoRoles;
|
// return sogoRoles;
|
||||||
}
|
// }
|
||||||
|
|
||||||
- (BOOL) isOrganizer: (NSString *) email
|
- (BOOL) isOrganizer: (NSString *) email
|
||||||
orOwner: (NSString *) login
|
orOwner: (NSString *) login
|
||||||
|
@ -499,4 +510,36 @@ static BOOL sendEMailNotifications = NO;
|
||||||
return isParticipant;
|
return isParticipant;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
- (NSArray *) aclsForUser: (NSString *) uid
|
||||||
|
{
|
||||||
|
NSMutableArray *roles;
|
||||||
|
NSArray *superAcls;
|
||||||
|
iCalRepeatableEntityObject *component;
|
||||||
|
NSString *email, *accessRole;
|
||||||
|
|
||||||
|
roles = [NSMutableArray array];
|
||||||
|
component = [self component: NO];
|
||||||
|
if (component)
|
||||||
|
{
|
||||||
|
email = [[AgenorUserManager sharedUserManager] getEmailForUID: uid];
|
||||||
|
if ([component isOrganizer: email])
|
||||||
|
[roles addObject: SOGoCalendarRole_Organizer];
|
||||||
|
if ([component isParticipant: email])
|
||||||
|
[roles addObject: SOGoCalendarRole_Participant];
|
||||||
|
accessRole = [container roleForComponentsWithAccessClass:
|
||||||
|
[component symbolicAccessClass]
|
||||||
|
forUser: uid];
|
||||||
|
if ([accessRole length] > 0)
|
||||||
|
[roles addObject: accessRole];
|
||||||
|
}
|
||||||
|
|
||||||
|
superAcls = [super aclsForUser: uid];
|
||||||
|
if ([superAcls count] > 0)
|
||||||
|
[roles addObjectsFromArray: superAcls];
|
||||||
|
if ([roles containsObject: SOGoRole_ObjectCreator])
|
||||||
|
[roles addObject: SOGoCalendarRole_ComponentModifier];
|
||||||
|
|
||||||
|
return roles;
|
||||||
|
}
|
||||||
|
|
||||||
@end
|
@end
|
||||||
|
|
|
@ -19,6 +19,7 @@
|
||||||
02111-1307, USA.
|
02111-1307, USA.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
#import <NGCards/iCalEntityObject.h>
|
||||||
#import <SOGo/SOGoGroupFolder.h>
|
#import <SOGo/SOGoGroupFolder.h>
|
||||||
|
|
||||||
#include "SOGoGroupAppointmentFolder.h"
|
#include "SOGoGroupAppointmentFolder.h"
|
||||||
|
|
|
@ -21,10 +21,10 @@
|
||||||
|
|
||||||
#import <GDLContentStore/GCSFolder.h>
|
#import <GDLContentStore/GCSFolder.h>
|
||||||
|
|
||||||
#import <SOGo/SOGoUser.h>
|
|
||||||
|
|
||||||
#import "common.h"
|
#import "common.h"
|
||||||
#import "SOGoFolder.h"
|
#import "SOGoFolder.h"
|
||||||
|
#import "SOGoUser.h"
|
||||||
|
#import "SOGoPermissions.h"
|
||||||
#import "SOGoContentObject.h"
|
#import "SOGoContentObject.h"
|
||||||
|
|
||||||
@interface SOGoContentObject(ETag)
|
@interface SOGoContentObject(ETag)
|
||||||
|
@ -234,24 +234,24 @@
|
||||||
}
|
}
|
||||||
|
|
||||||
/* security */
|
/* security */
|
||||||
- (NSArray *) rolesOfUser: (NSString *) login
|
// - (NSArray *) rolesOfUser: (NSString *) login
|
||||||
{
|
// {
|
||||||
NSMutableArray *sogoRoles;
|
// NSMutableArray *sogoRoles;
|
||||||
SOGoUser *user;
|
// SOGoUser *user;
|
||||||
|
|
||||||
sogoRoles = [NSMutableArray new];
|
// sogoRoles = [NSMutableArray new];
|
||||||
[sogoRoles autorelease];
|
// [sogoRoles autorelease];
|
||||||
|
|
||||||
if (![container nameExistsInFolder: nameInContainer])
|
// if (![container nameExistsInFolder: nameInContainer])
|
||||||
{
|
// {
|
||||||
user = [[SOGoUser alloc] initWithLogin: login roles: nil];
|
// user = [[SOGoUser alloc] initWithLogin: login roles: nil];
|
||||||
[sogoRoles addObjectsFromArray: [user rolesForObject: container
|
// [sogoRoles addObjectsFromArray: [user rolesForObject: container
|
||||||
inContext: context]];
|
// inContext: context]];
|
||||||
[user release];
|
// [user release];
|
||||||
}
|
// }
|
||||||
|
|
||||||
return sogoRoles;
|
// return sogoRoles;
|
||||||
}
|
// }
|
||||||
|
|
||||||
/* E-Tags */
|
/* E-Tags */
|
||||||
|
|
||||||
|
@ -314,8 +314,23 @@
|
||||||
|
|
||||||
- (NSArray *) aclsForUser: (NSString *) uid
|
- (NSArray *) aclsForUser: (NSString *) uid
|
||||||
{
|
{
|
||||||
return [container aclsForUser: uid
|
NSMutableArray *acls;
|
||||||
forObjectAtPath: [self pathArrayToSoObject]];
|
NSArray *ownAcls, *containerAcls;
|
||||||
|
|
||||||
|
acls = [NSMutableArray array];
|
||||||
|
ownAcls = [container aclsForUser: uid
|
||||||
|
forObjectAtPath: [self pathArrayToSoObject]];
|
||||||
|
[acls addObjectsFromArray: ownAcls];
|
||||||
|
containerAcls = [container aclsForUser: uid];
|
||||||
|
if ([containerAcls count] > 0)
|
||||||
|
{
|
||||||
|
if ([containerAcls containsObject: SOGoRole_ObjectCreator])
|
||||||
|
[acls addObject: SOGoRole_ObjectCreator];
|
||||||
|
if ([containerAcls containsObject: SOGoRole_ObjectEraser])
|
||||||
|
[acls addObject: SOGoRole_ObjectEraser];
|
||||||
|
}
|
||||||
|
|
||||||
|
return acls;
|
||||||
}
|
}
|
||||||
|
|
||||||
- (void) setRoles: (NSArray *) roles
|
- (void) setRoles: (NSArray *) roles
|
||||||
|
|
|
@ -25,6 +25,7 @@
|
||||||
#import <GDLContentStore/GCSFolder.h>
|
#import <GDLContentStore/GCSFolder.h>
|
||||||
#import <GDLContentStore/GCSFolderType.h>
|
#import <GDLContentStore/GCSFolderType.h>
|
||||||
|
|
||||||
|
#import "SOGoPermissions.h"
|
||||||
#import "SOGoFolder.h"
|
#import "SOGoFolder.h"
|
||||||
#import "common.h"
|
#import "common.h"
|
||||||
#import <unistd.h>
|
#import <unistd.h>
|
||||||
|
@ -240,6 +241,7 @@
|
||||||
|
|
||||||
/* acls as a container */
|
/* acls as a container */
|
||||||
|
|
||||||
|
#warning we should cache those data to avoid numerous accesses to the database
|
||||||
- (NSArray *) aclsForObjectAtPath: (NSArray *) objectPathArray;
|
- (NSArray *) aclsForObjectAtPath: (NSArray *) objectPathArray;
|
||||||
{
|
{
|
||||||
EOQualifier *qualifier;
|
EOQualifier *qualifier;
|
||||||
|
@ -257,6 +259,7 @@
|
||||||
{
|
{
|
||||||
EOQualifier *qualifier;
|
EOQualifier *qualifier;
|
||||||
NSArray *records;
|
NSArray *records;
|
||||||
|
NSMutableArray *acls;
|
||||||
NSString *qs;
|
NSString *qs;
|
||||||
|
|
||||||
qs = [NSString stringWithFormat: @"(c_object = '/%@') AND (c_uid = '%@')",
|
qs = [NSString stringWithFormat: @"(c_object = '/%@') AND (c_uid = '%@')",
|
||||||
|
@ -264,7 +267,14 @@
|
||||||
qualifier = [EOQualifier qualifierWithQualifierFormat: qs];
|
qualifier = [EOQualifier qualifierWithQualifierFormat: qs];
|
||||||
records = [[self ocsFolder] fetchAclMatchingQualifier: qualifier];
|
records = [[self ocsFolder] fetchAclMatchingQualifier: qualifier];
|
||||||
|
|
||||||
return [records valueForKey: @"c_role"];
|
acls = [NSMutableArray array];
|
||||||
|
if ([records count] > 0)
|
||||||
|
{
|
||||||
|
[acls addObject: SOGoRole_AuthorizedSubscriber];
|
||||||
|
[acls addObjectsFromArray: [records valueForKey: @"c_role"]];
|
||||||
|
}
|
||||||
|
|
||||||
|
return acls;
|
||||||
}
|
}
|
||||||
|
|
||||||
- (void) removeAclsForUsers: (NSArray *) users
|
- (void) removeAclsForUsers: (NSArray *) users
|
||||||
|
@ -302,12 +312,15 @@
|
||||||
currentRole = [userRoles nextObject];
|
currentRole = [userRoles nextObject];
|
||||||
while (currentRole)
|
while (currentRole)
|
||||||
{
|
{
|
||||||
SQL = [NSString stringWithFormat: @"INSERT INTO %@"
|
if (![currentRole isEqualToString: SOGoRole_AuthorizedSubscriber])
|
||||||
@" (c_object, c_uid, c_role)"
|
{
|
||||||
@" VALUES ('/%@', '%@', '%@')", [folder aclTableName],
|
SQL = [NSString stringWithFormat: @"INSERT INTO %@"
|
||||||
[objectPathArray componentsJoinedByString: @"/"],
|
@" (c_object, c_uid, c_role)"
|
||||||
uid, currentRole];
|
@" VALUES ('/%@', '%@', '%@')", [folder aclTableName],
|
||||||
[channel evaluateExpressionX: SQL];
|
[objectPathArray componentsJoinedByString: @"/"],
|
||||||
|
uid, currentRole];
|
||||||
|
[channel evaluateExpressionX: SQL];
|
||||||
|
}
|
||||||
currentRole = [userRoles nextObject];
|
currentRole = [userRoles nextObject];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -152,19 +152,19 @@ static BOOL kontactGroupDAV = YES;
|
||||||
kontactGroupDAV =
|
kontactGroupDAV =
|
||||||
[ud boolForKey:@"SOGoDisableKontact34GroupDAVHack"] ? NO : YES;
|
[ud boolForKey:@"SOGoDisableKontact34GroupDAVHack"] ? NO : YES;
|
||||||
|
|
||||||
/* SoClass security declarations */
|
// SoClass security declarations
|
||||||
|
|
||||||
/* require View permission to access the root (bound to authenticated ...) */
|
// require View permission to access the root (bound to authenticated ...)
|
||||||
[[self soClassSecurityInfo] declareObjectProtected: SoPerm_View];
|
[[self soClassSecurityInfo] declareObjectProtected: SoPerm_View];
|
||||||
|
|
||||||
/* to allow public access to all contained objects (subkeys) */
|
// to allow public access to all contained objects (subkeys)
|
||||||
[[self soClassSecurityInfo] setDefaultAccess: @"allow"];
|
[[self soClassSecurityInfo] setDefaultAccess: @"allow"];
|
||||||
|
|
||||||
/* require Authenticated role for View and WebDAV */
|
// /* require Authenticated role for View and WebDAV */
|
||||||
[[self soClassSecurityInfo] declareRole: SoRole_Owner
|
// [[self soClassSecurityInfo] declareRole: SoRole_Owner
|
||||||
asDefaultForPermission: SoPerm_View];
|
// asDefaultForPermission: SoPerm_View];
|
||||||
[[self soClassSecurityInfo] declareRole: SoRole_Owner
|
// [[self soClassSecurityInfo] declareRole: SoRole_Owner
|
||||||
asDefaultForPermission: SoPerm_WebDAVAccess];
|
// asDefaultForPermission: SoPerm_WebDAVAccess];
|
||||||
}
|
}
|
||||||
|
|
||||||
+ (void) _fillDictionary: (NSMutableDictionary *) dictionary
|
+ (void) _fillDictionary: (NSMutableDictionary *) dictionary
|
||||||
|
|
|
@ -29,6 +29,7 @@
|
||||||
|
|
||||||
extern NSString *SOGoRole_ObjectCreator;
|
extern NSString *SOGoRole_ObjectCreator;
|
||||||
extern NSString *SOGoRole_ObjectEraser;
|
extern NSString *SOGoRole_ObjectEraser;
|
||||||
|
extern NSString *SOGoRole_AuthorizedSubscriber;
|
||||||
|
|
||||||
extern NSString *SOGoRole_FreeBusy;
|
extern NSString *SOGoRole_FreeBusy;
|
||||||
extern NSString *SOGoRole_FreeBusyLookup;
|
extern NSString *SOGoRole_FreeBusyLookup;
|
||||||
|
@ -52,4 +53,27 @@ extern NSString *SOGoCalendarRole_ConfidentialDAndTViewer;
|
||||||
extern NSString *SOGoCalendarRole_ConfidentialModifier;
|
extern NSString *SOGoCalendarRole_ConfidentialModifier;
|
||||||
extern NSString *SOGoCalendarRole_ConfidentialResponder;
|
extern NSString *SOGoCalendarRole_ConfidentialResponder;
|
||||||
|
|
||||||
|
extern NSString *SOGoCalendarRole_ComponentViewer;
|
||||||
|
extern NSString *SOGoCalendarRole_ComponentDAndTViewer;
|
||||||
|
extern NSString *SOGoCalendarRole_ComponentModifier;
|
||||||
|
extern NSString *SOGoCalendarRole_ComponentResponder;
|
||||||
|
|
||||||
|
extern NSString *SOGoCalendarPerm_ViewWholePublicRecords;
|
||||||
|
extern NSString *SOGoCalendarPerm_ViewDAndTOfPublicRecords;
|
||||||
|
extern NSString *SOGoCalendarPerm_ModifyPublicRecords;
|
||||||
|
extern NSString *SOGoCalendarPerm_RespondToPublicRecords;
|
||||||
|
extern NSString *SOGoCalendarPerm_ViewWholePrivateRecords;
|
||||||
|
extern NSString *SOGoCalendarPerm_ViewDAndTOfPrivateRecords;
|
||||||
|
extern NSString *SOGoCalendarPerm_ModifyPrivateRecords;
|
||||||
|
extern NSString *SOGoCalendarPerm_RespondToPrivateRecords;
|
||||||
|
extern NSString *SOGoCalendarPerm_ViewWholeConfidentialRecords;
|
||||||
|
extern NSString *SOGoCalendarPerm_ViewDAndTOfConfidentialRecords;
|
||||||
|
extern NSString *SOGoCalendarPerm_ModifyConfidentialRecords;
|
||||||
|
extern NSString *SOGoCalendarPerm_RespondToConfidentialRecords;
|
||||||
|
|
||||||
|
extern NSString *SOGoCalendarPerm_ViewAllComponent;
|
||||||
|
extern NSString *SOGoCalendarPerm_ViewDAndT;
|
||||||
|
extern NSString *SOGoCalendarPerm_ModifyComponent;
|
||||||
|
extern NSString *SOGoCalendarPerm_RespondToComponent;
|
||||||
|
|
||||||
#endif /* SOGOPERMISSIONS_H */
|
#endif /* SOGOPERMISSIONS_H */
|
||||||
|
|
|
@ -25,6 +25,7 @@
|
||||||
/* General */
|
/* General */
|
||||||
NSString *SOGoRole_ObjectCreator = @"ObjectCreator";
|
NSString *SOGoRole_ObjectCreator = @"ObjectCreator";
|
||||||
NSString *SOGoRole_ObjectEraser = @"ObjectEraser";
|
NSString *SOGoRole_ObjectEraser = @"ObjectEraser";
|
||||||
|
NSString *SOGoRole_AuthorizedSubscriber = @"AuthorizedSubscriber";
|
||||||
|
|
||||||
NSString *SOGoRole_FreeBusy = @"FreeBusy"; /* for the "freebusy" special user
|
NSString *SOGoRole_FreeBusy = @"FreeBusy"; /* for the "freebusy" special user
|
||||||
*/
|
*/
|
||||||
|
@ -51,9 +52,32 @@ NSString *SOGoCalendarRole_ConfidentialDAndTViewer = @"ConfidentialDAndTViewer";
|
||||||
NSString *SOGoCalendarRole_ConfidentialModifier = @"ConfidentialModifier";
|
NSString *SOGoCalendarRole_ConfidentialModifier = @"ConfidentialModifier";
|
||||||
NSString *SOGoCalendarRole_ConfidentialResponder = @"ConfidentialResponder";
|
NSString *SOGoCalendarRole_ConfidentialResponder = @"ConfidentialResponder";
|
||||||
|
|
||||||
|
NSString *SOGoCalendarRole_ComponentViewer = @"ComponentViewer";
|
||||||
|
NSString *SOGoCalendarRole_ComponentDAndTViewer = @"ComponentDAndTViewer";
|
||||||
|
NSString *SOGoCalendarRole_ComponentModifier = @"ComponentModifier";
|
||||||
|
NSString *SOGoCalendarRole_ComponentResponder = @"ComponentResponder";
|
||||||
|
|
||||||
/* permissions */
|
/* permissions */
|
||||||
#warning ReadAcls still not used...
|
#warning ReadAcls still not used...
|
||||||
NSString *SOGoPerm_ReadAcls = @"ReadAcls"; /* the equivalent of "read-acl" in
|
NSString *SOGoPerm_ReadAcls = @"ReadAcls"; /* the equivalent of "read-acl" in
|
||||||
the WebDAV acls spec, which is
|
the WebDAV acls spec, which is
|
||||||
currently missing from SOPE */
|
currently missing from SOPE */
|
||||||
NSString *SOGoPerm_FreeBusyLookup = @"FreeBusyLookup";
|
NSString *SOGoPerm_FreeBusyLookup = @"FreeBusyLookup";
|
||||||
|
|
||||||
|
NSString *SOGoCalendarPerm_ViewWholePublicRecords = @"ViewWholePublicRecords";
|
||||||
|
NSString *SOGoCalendarPerm_ViewDAndTOfPublicRecords = @"ViewDAndTOfPublicRecords";
|
||||||
|
NSString *SOGoCalendarPerm_ModifyPublicRecords = @"ModifyPublicRecords";
|
||||||
|
NSString *SOGoCalendarPerm_RespondToPublicRecords = @"RespondToPublicRecords";
|
||||||
|
NSString *SOGoCalendarPerm_ViewWholePrivateRecords = @"ViewWholePrivateRecords";
|
||||||
|
NSString *SOGoCalendarPerm_ViewDAndTOfPrivateRecords = @"ViewDAndTOfPrivateRecords";
|
||||||
|
NSString *SOGoCalendarPerm_ModifyPrivateRecords = @"ModifyPrivateRecords";
|
||||||
|
NSString *SOGoCalendarPerm_RespondToPrivateRecords = @"RespondToPrivateRecords";
|
||||||
|
NSString *SOGoCalendarPerm_ViewWholeConfidentialRecords = @"ViewWholeConfidentialRecords";
|
||||||
|
NSString *SOGoCalendarPerm_ViewDAndTOfConfidentialRecords = @"ViewDAndTOfConfidentialRecords";
|
||||||
|
NSString *SOGoCalendarPerm_ModifyConfidentialRecords = @"ModifyConfidentialRecords";
|
||||||
|
NSString *SOGoCalendarPerm_RespondToConfidentialRecords = @"RespondToConfidentialRecords";
|
||||||
|
|
||||||
|
NSString *SOGoCalendarPerm_ViewAllComponent = @"ViewAllComponent";
|
||||||
|
NSString *SOGoCalendarPerm_ViewDAndT = @"ViewDAndT";
|
||||||
|
NSString *SOGoCalendarPerm_ModifyComponent = @"ModifyComponent";
|
||||||
|
NSString *SOGoCalendarPerm_RespondToComponent = @"RespondToComponent";
|
||||||
|
|
|
@ -268,12 +268,6 @@ static NSTimeZone *serverTimeZone = nil;
|
||||||
if (sogoRoles)
|
if (sogoRoles)
|
||||||
[rolesForObject addObjectsFromArray: sogoRoles];
|
[rolesForObject addObjectsFromArray: sogoRoles];
|
||||||
}
|
}
|
||||||
if ([object respondsToSelector: @selector (rolesOfUser:)])
|
|
||||||
{
|
|
||||||
sogoRoles = [object rolesOfUser: login];
|
|
||||||
if (sogoRoles)
|
|
||||||
[rolesForObject addObjectsFromArray: sogoRoles];
|
|
||||||
}
|
|
||||||
|
|
||||||
return rolesForObject;
|
return rolesForObject;
|
||||||
}
|
}
|
||||||
|
|
|
@ -284,23 +284,4 @@
|
||||||
return userIsInTheCard;
|
return userIsInTheCard;
|
||||||
}
|
}
|
||||||
|
|
||||||
- (BOOL) titleShouldBeHidden
|
|
||||||
{
|
|
||||||
BOOL shouldBeHidden;
|
|
||||||
SOGoUser *user;
|
|
||||||
SOGoAuthenticator *sAuth;
|
|
||||||
|
|
||||||
sAuth = [SOGoAuthenticator sharedSOGoAuthenticator];
|
|
||||||
user = [sAuth userInContext: context];
|
|
||||||
|
|
||||||
if ([[appointment objectForKey: @"owner"] isEqualToString: [user login]]
|
|
||||||
|| ([[appointment objectForKey: @"classification"] intValue]
|
|
||||||
!= iCalAccessConfidential))
|
|
||||||
shouldBeHidden = NO;
|
|
||||||
else
|
|
||||||
shouldBeHidden = ![self _userIsInTheCard: [user email]];
|
|
||||||
|
|
||||||
return shouldBeHidden;
|
|
||||||
}
|
|
||||||
|
|
||||||
@end
|
@end
|
||||||
|
|
|
@ -154,7 +154,7 @@
|
||||||
- (NSArray *) rightTypes
|
- (NSArray *) rightTypes
|
||||||
{
|
{
|
||||||
return
|
return
|
||||||
[NSArray arrayWithObjects: @"Public", @"Private", @"Confidential", nil];
|
[NSArray arrayWithObjects: @"Public", @"Confidential", @"Private", nil];
|
||||||
}
|
}
|
||||||
|
|
||||||
- (void) setCurrentRightType: (NSString *) newCurrentRightType
|
- (void) setCurrentRightType: (NSString *) newCurrentRightType
|
||||||
|
|
|
@ -161,45 +161,39 @@ static BOOL shouldDisplayWeekend = NO;
|
||||||
|
|
||||||
- (void) setAppointment:(id) _apt
|
- (void) setAppointment:(id) _apt
|
||||||
{
|
{
|
||||||
NSString *mailtoChunk;
|
ASSIGN (appointment, _apt);
|
||||||
NSString *myEmail;
|
}
|
||||||
|
|
||||||
ASSIGN(appointment, _apt);
|
// - (void) setAppointment:(id) _apt
|
||||||
|
// {
|
||||||
|
// NSString *mailtoChunk;
|
||||||
|
// NSString *myEmail;
|
||||||
|
// NSString *partmails;
|
||||||
|
|
||||||
/* cache some info about apt for faster access */
|
// ASSIGN(appointment, _apt);
|
||||||
|
|
||||||
|
// /* cache some info about apt for faster access */
|
||||||
|
|
||||||
mailtoChunk = [_apt valueForKey: @"orgmail"];
|
// mailtoChunk = [_apt valueForKey: @"orgmail"];
|
||||||
myEmail = [self emailForUser];
|
// myEmail = [self emailForUser];
|
||||||
if ([mailtoChunk rangeOfString: myEmail].length > 0)
|
// if ([mailtoChunk rangeOfString: myEmail].length > 0)
|
||||||
{
|
// {
|
||||||
aptFlags.isMyApt = YES;
|
// aptFlags.isMyApt = YES;
|
||||||
aptFlags.canAccessApt = YES;
|
// aptFlags.canAccessApt = YES;
|
||||||
}
|
// }
|
||||||
else
|
// else
|
||||||
{
|
// {
|
||||||
NSString *partmails;
|
// aptFlags.isMyApt = NO;
|
||||||
|
|
||||||
aptFlags.isMyApt = NO;
|
// partmails = [_apt valueForKey: @"partmails"];
|
||||||
|
// if ([partmails rangeOfString: myEmail].length)
|
||||||
partmails = [_apt valueForKey: @"partmails"];
|
// aptFlags.canAccessApt = YES;
|
||||||
if ([partmails rangeOfString: myEmail].length)
|
// else
|
||||||
aptFlags.canAccessApt = YES;
|
// aptFlags.canAccessApt
|
||||||
else
|
// = ([[_apt valueForKey: @"classification"] intValue]
|
||||||
aptFlags.canAccessApt
|
// == iCalAccessPublic);
|
||||||
= ([[_apt valueForKey: @"classification"] intValue]
|
// }
|
||||||
== iCalAccessPublic);
|
// }
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
- (void) setTasks: (NSArray *) _tasks
|
|
||||||
{
|
|
||||||
ASSIGN(tasks, _tasks);
|
|
||||||
}
|
|
||||||
|
|
||||||
- (NSArray *) tasks
|
|
||||||
{
|
|
||||||
return tasks;
|
|
||||||
}
|
|
||||||
|
|
||||||
- (id) appointment
|
- (id) appointment
|
||||||
{
|
{
|
||||||
|
@ -248,6 +242,16 @@ static BOOL shouldDisplayWeekend = NO;
|
||||||
return privateAptTooltipFormatter;
|
return privateAptTooltipFormatter;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
- (void) setTasks: (NSArray *) _tasks
|
||||||
|
{
|
||||||
|
ASSIGN(tasks, _tasks);
|
||||||
|
}
|
||||||
|
|
||||||
|
- (NSArray *) tasks
|
||||||
|
{
|
||||||
|
return tasks;
|
||||||
|
}
|
||||||
|
|
||||||
/* TODO: remove this */
|
/* TODO: remove this */
|
||||||
- (NSString *) shortTextForApt
|
- (NSString *) shortTextForApt
|
||||||
{
|
{
|
||||||
|
@ -496,6 +500,38 @@ static BOOL shouldDisplayWeekend = NO;
|
||||||
return activeFolders;
|
return activeFolders;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
- (void) _updatePrivacyInObjects: (NSArray *) objectInfos
|
||||||
|
fromFolder: (SOGoAppointmentFolder *) folder
|
||||||
|
{
|
||||||
|
int hideDetails[] = {-1, -1, -1};
|
||||||
|
NSMutableDictionary *currentRecord;
|
||||||
|
int privacyFlag;
|
||||||
|
NSString *roleString, *userLogin;
|
||||||
|
NSEnumerator *infos;
|
||||||
|
|
||||||
|
userLogin = [[context activeUser] login];
|
||||||
|
infos = [objectInfos objectEnumerator];
|
||||||
|
currentRecord = [infos nextObject];
|
||||||
|
while (currentRecord)
|
||||||
|
{
|
||||||
|
privacyFlag = [[currentRecord objectForKey: @"classification"] intValue];
|
||||||
|
if (hideDetails[privacyFlag] == -1)
|
||||||
|
{
|
||||||
|
roleString = [folder roleForComponentsWithAccessClass: privacyFlag
|
||||||
|
forUser: userLogin];
|
||||||
|
hideDetails[privacyFlag] = ([roleString isEqualToString: @"ComponentDAndTViewer"]
|
||||||
|
? 1 : 0);
|
||||||
|
}
|
||||||
|
if (hideDetails[privacyFlag])
|
||||||
|
{
|
||||||
|
[currentRecord setObject: [self labelForKey: @"(Private Event)"]
|
||||||
|
forKey: @"title"];
|
||||||
|
[currentRecord setObject: @"" forKey: @"location"];
|
||||||
|
}
|
||||||
|
currentRecord = [infos nextObject];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
- (NSArray *) _fetchCoreInfosForComponent: (NSString *) component
|
- (NSArray *) _fetchCoreInfosForComponent: (NSString *) component
|
||||||
{
|
{
|
||||||
NSArray *currentInfos;
|
NSArray *currentInfos;
|
||||||
|
@ -517,6 +553,8 @@ static BOOL shouldDisplayWeekend = NO;
|
||||||
[currentInfos makeObjectsPerform: @selector (setObject:forKey:)
|
[currentInfos makeObjectsPerform: @selector (setObject:forKey:)
|
||||||
withObject: [currentFolder ownerInContext: nil]
|
withObject: [currentFolder ownerInContext: nil]
|
||||||
withObject: @"owner"];
|
withObject: @"owner"];
|
||||||
|
[self _updatePrivacyInObjects: currentInfos
|
||||||
|
fromFolder: currentFolder];
|
||||||
[infos addObjectsFromArray: currentInfos];
|
[infos addObjectsFromArray: currentInfos];
|
||||||
currentFolder = [folders nextObject];
|
currentFolder = [folders nextObject];
|
||||||
}
|
}
|
||||||
|
|
|
@ -830,6 +830,7 @@
|
||||||
[component setLocation: location];
|
[component setLocation: location];
|
||||||
[component setComment: comment];
|
[component setComment: comment];
|
||||||
[component setUrl: url];
|
[component setUrl: url];
|
||||||
|
[component setAccessClass: privacy];
|
||||||
[self _handleAttendeesEdition];
|
[self _handleAttendeesEdition];
|
||||||
[self _handleOrganizer];
|
[self _handleOrganizer];
|
||||||
clientObject = [self clientObject];
|
clientObject = [self clientObject];
|
||||||
|
|
Loading…
Reference in New Issue