diff --git a/ChangeLog b/ChangeLog index 6d4e4c3c8..6b9e347a0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2009-10-23 Francis Lachapelle + + * UI/Scheduler/UIxComponentEditor.m (-calendarList): added proper + verification of deletion rights on the current calendar and + creation rights on other calendars. + 2009-10-22 Ludovic Marcotte * SoObjects/SOGo/SOGoUserManager.m diff --git a/UI/Scheduler/UIxComponentEditor.m b/UI/Scheduler/UIxComponentEditor.m index 6e4c61102..21e632f1c 100644 --- a/UI/Scheduler/UIxComponentEditor.m +++ b/UI/Scheduler/UIxComponentEditor.m @@ -997,25 +997,6 @@ iRANGE(2); return [NSNumber numberWithInt: participationStatus]; } -- (NSString *) _permissionForEditing -{ - NSString *perm; - - if ([[self clientObject] isNew]) - perm = SoPerm_AddDocumentsImagesAndFiles; - else - { - if ([privacy isEqualToString: @"PRIVATE"]) - perm = SOGoCalendarPerm_ModifyPrivateRecords; - else if ([privacy isEqualToString: @"CONFIDENTIAL"]) - perm = SOGoCalendarPerm_ModifyConfidentialRecords; - else - perm = SOGoCalendarPerm_ModifyPublicRecords; - } - - return perm; -} - - (NSArray *) calendarList { SOGoAppointmentFolder *calendar, *currentCalendar; @@ -1027,19 +1008,32 @@ iRANGE(2); if (!calendarList) { calendarList = [NSMutableArray new]; - - perm = [self _permissionForEditing]; - calendarParent - = [[context activeUser] calendarsFolderInContext: context]; - sm = [SoSecurityManager sharedSecurityManager]; calendar = [self componentCalendar]; - allCalendars = [[calendarParent subFolders] objectEnumerator]; - while ((currentCalendar = [allCalendars nextObject])) - if ([calendar isEqual: currentCalendar] || - ![sm validatePermission: perm - onObject: currentCalendar - inContext: context]) - [calendarList addObject: currentCalendar]; + sm = [SoSecurityManager sharedSecurityManager]; + + perm = SoPerm_DeleteObjects; + if ([sm validatePermission: perm + onObject: calendar + inContext: context]) + { + // User can't delete components from this calendar; + // don't add any calendar other than the current one + [calendarList addObject: calendar]; + } + else + { + // Find which calendars user has creation rights + perm = SoPerm_AddDocumentsImagesAndFiles; + calendarParent + = [[context activeUser] calendarsFolderInContext: context]; + allCalendars = [[calendarParent subFolders] objectEnumerator]; + while ((currentCalendar = [allCalendars nextObject])) + if ([calendar isEqual: currentCalendar] || + ![sm validatePermission: perm + onObject: currentCalendar + inContext: context]) + [calendarList addObject: currentCalendar]; + } } return calendarList;