Prevents deletion of items without edition rigths.

Signed-off-by: Stéphane Jacob <sj@m4x.org>

diff --git a/classes/address.php b/classes/address.php
index d338680..edd0874 100644 (file)
--- a/classes/address.php
+++ b/classes/address.php
@@ -584,9 +584,14 @@ class Address
             }
         }
         $this->text = trim($this->text);
+        $this->phones = Phone::formatFormArray($this->phones, $this->error, new ProfileVisibility($this->pub));
         if ($this->removed == 1) {
-            $this->text = '';
-            return true;
+            if (S::user()->checkPerms('directory_ax') && Phone::hasPrivate($this->phones)) {
+                Platal::page()->trigWarning("L'adresse ne peut être supprimée car elle contient des informations pour lesquelles vous n'avez le droit d'édition.");
+            } else  {
+                $this->text = '';
+                return true;
+            }
         }
 
         if ($format['requireGeocoding'] || $this->changed == 1) {
@@ -609,7 +614,6 @@ class Address
             $this->countryId = null;
         }
         $this->geocodeChosen = null;
-        $this->phones = Phone::formatFormArray($this->phones, $this->error, new ProfileVisibility($this->pub));
         if ($format['postalText']) {
             $this->formatPostalAddress();
         }
@@ -719,13 +723,13 @@ class Address
                 Geocoder::getAreaId($this, $area);
             }
 
-            XDB::execute('INSERT INTO  profile_addresses (pid, jobid, type, id, flags, accuracy,
-                                                          text, postalText, postalCode, localityId,
-                                                          subAdministrativeAreaId, administrativeAreaId,
-                                                          countryId, latitude, longitude, pub, comment,
-                                                          north, south, east, west)
-                               VALUES  ({?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?},
-                                        {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?})',
+            XDB::execute('INSERT IGNORE INTO  profile_addresses (pid, jobid, type, id, flags, accuracy,
+                                                                 text, postalText, postalCode, localityId,
+                                                                 subAdministrativeAreaId, administrativeAreaId,
+                                                                 countryId, latitude, longitude, pub, comment,
+                                                                 north, south, east, west)
+                                      VALUES  ({?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?},
+                                               {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?})',
                          $this->pid, $this->jobid, $this->type, $this->id, $this->flags, $this->accuracy,
                          $this->text, $this->postalText, $this->postalCode, $this->localityId,
                          $this->subAdministrativeAreaId, $this->administrativeAreaId,
@@ -836,6 +840,16 @@ class Address
         return implode(', ', self::formArrayWalk($data, 'toString'));
     }
 
+    static public function hasPrivate(array $addresses)
+    {
+        foreach ($addresses as $address) {
+            if ($address['pub'] == 'private') {
+                return true;
+            }
+        }
+        return false;
+    }
+
     static public function iterate(array $pids = array(), array $types = array(),
                                    array $jobids = array(), array $pubs = array())
     {

diff --git a/classes/phone.php b/classes/phone.php
index 3d602be..fa02923 100644 (file)
--- a/classes/phone.php
+++ b/classes/phone.php
@@ -301,9 +301,9 @@ class Phone
     {
         $this->format();
         if (!$this->isEmpty()) {
-            XDB::execute('INSERT INTO  profile_phones (pid, link_type, link_id, tel_id, tel_type,
-                                                       search_tel, display_tel, pub, comment)
-                               VALUES  ({?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?})',
+            XDB::execute('INSERT IGNORE INTO  profile_phones (pid, link_type, link_id, tel_id, tel_type,
+                                                              search_tel, display_tel, pub, comment)
+                                      VALUES  ({?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?})',
                          $this->pid, $this->link_type, $this->link_id, $this->id, $this->type,
                          $this->search, $this->display, $this->pub, $this->comment);
         }
@@ -385,6 +385,16 @@ class Phone
         return implode(', ', self::formArrayWalk($data, 'toString'));
     }
 
+    static public function hasPrivate(array $phones)
+    {
+        foreach ($phones as $phone) {
+            if ($phone['pub'] == 'private') {
+                return true;
+            }
+        }
+        return false;
+    }
+
     static public function iterate(array $pids = array(), array $link_types = array(),
                                    array $link_ids = array(), array $pubs = array())
     {

diff --git a/modules/profile/jobs.inc.php b/modules/profile/jobs.inc.php
index d258517..3f3097b 100644 (file)
--- a/modules/profile/jobs.inc.php
+++ b/modules/profile/jobs.inc.php
@@ -224,11 +224,16 @@ class ProfileSettingJob implements ProfileSetting
             }
 
             if (isset($job['removed']) && $job['removed']) {
-                if ($job['name'] == '' && $entreprise && isset($entreprise[$entr_val - 1])) {
-                    $entreprise[$entr_val - 1]->clean();
+                if (S::user()->checkPerms('directory_ax')
+                    && (Phone::hasPrivate($job['w_phone']) || Address::hasPrivate($job['w_address']) || $job['w_email_pub'] == 'private')) {
+                    Platal::page()->trigWarning("L'entreprise ne peut être supprimée car elle contient des informations pour lesquelles vous n'avez le droit d'édition.");
+                } else {
+                    if ($job['name'] == '' && $entreprise && isset($entreprise[$entr_val - 1])) {
+                        $entreprise[$entr_val - 1]->clean();
+                    }
+                    unset($value[$key]);
+                    continue;
                 }
-                unset($value[$key]);
-                continue;
             }
             if (!isset($job['pub']) || !$job['pub']) {
                 $job['pub'] = 'private';

diff --git a/templates/include/flags.radio.tpl b/templates/include/flags.radio.tpl
index 43ea1b4..6ae22ff 100644 (file)
--- a/templates/include/flags.radio.tpl
+++ b/templates/include/flags.radio.tpl
@@ -23,6 +23,7 @@
 <a href="Xorg/FAQ?display=light#flags" class="popup_800x240">Quelle couleur ?</a>
 {/if}
 {if !t($val)}{assign var=val value='ax'}{/if}
+{if t($disabled)}<input type="hidden" name="{$name}" value="private" />{/if}
 <label><input type="radio" name="{$name}" value="public"{if $val eq 'public'} checked="checked"{/if}
        {if t($disabled)}disabled="disabled"{/if}{if t($mainField)} onchange="updatePublicity('{$mainField}','{$mainId}','{$subField}','{$subId}')"{/if} />
 {icon name="flag_green" title="site public"}