From 0c1a29ba0e531d0cd1dfa221c3a87ae36432289d Mon Sep 17 00:00:00 2001 From: =?utf8?q?St=C3=A9phane=20Jacob?= Date: Fri, 11 Feb 2011 19:52:51 +0100 Subject: [PATCH] Prevents deletion of items without edition rigths. MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Jacob --- classes/address.php | 34 ++++++++++++++++++++++++---------- classes/phone.php | 16 +++++++++++++--- modules/profile/jobs.inc.php | 13 +++++++++---- templates/include/flags.radio.tpl | 1 + 4 files changed, 47 insertions(+), 17 deletions(-) diff --git a/classes/address.php b/classes/address.php index d338680..edd0874 100644 --- a/classes/address.php +++ b/classes/address.php @@ -584,9 +584,14 @@ class Address } } $this->text = trim($this->text); + $this->phones = Phone::formatFormArray($this->phones, $this->error, new ProfileVisibility($this->pub)); if ($this->removed == 1) { - $this->text = ''; - return true; + if (S::user()->checkPerms('directory_ax') && Phone::hasPrivate($this->phones)) { + Platal::page()->trigWarning("L'adresse ne peut être supprimée car elle contient des informations pour lesquelles vous n'avez le droit d'édition."); + } else { + $this->text = ''; + return true; + } } if ($format['requireGeocoding'] || $this->changed == 1) { @@ -609,7 +614,6 @@ class Address $this->countryId = null; } $this->geocodeChosen = null; - $this->phones = Phone::formatFormArray($this->phones, $this->error, new ProfileVisibility($this->pub)); if ($format['postalText']) { $this->formatPostalAddress(); } @@ -719,13 +723,13 @@ class Address Geocoder::getAreaId($this, $area); } - XDB::execute('INSERT INTO profile_addresses (pid, jobid, type, id, flags, accuracy, - text, postalText, postalCode, localityId, - subAdministrativeAreaId, administrativeAreaId, - countryId, latitude, longitude, pub, comment, - north, south, east, west) - VALUES ({?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, - {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?})', + XDB::execute('INSERT IGNORE INTO profile_addresses (pid, jobid, type, id, flags, accuracy, + text, postalText, postalCode, localityId, + subAdministrativeAreaId, administrativeAreaId, + countryId, latitude, longitude, pub, comment, + north, south, east, west) + VALUES ({?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, + {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?})', $this->pid, $this->jobid, $this->type, $this->id, $this->flags, $this->accuracy, $this->text, $this->postalText, $this->postalCode, $this->localityId, $this->subAdministrativeAreaId, $this->administrativeAreaId, @@ -836,6 +840,16 @@ class Address return implode(', ', self::formArrayWalk($data, 'toString')); } + static public function hasPrivate(array $addresses) + { + foreach ($addresses as $address) { + if ($address['pub'] == 'private') { + return true; + } + } + return false; + } + static public function iterate(array $pids = array(), array $types = array(), array $jobids = array(), array $pubs = array()) { diff --git a/classes/phone.php b/classes/phone.php index 3d602be..fa02923 100644 --- a/classes/phone.php +++ b/classes/phone.php @@ -301,9 +301,9 @@ class Phone { $this->format(); if (!$this->isEmpty()) { - XDB::execute('INSERT INTO profile_phones (pid, link_type, link_id, tel_id, tel_type, - search_tel, display_tel, pub, comment) - VALUES ({?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?})', + XDB::execute('INSERT IGNORE INTO profile_phones (pid, link_type, link_id, tel_id, tel_type, + search_tel, display_tel, pub, comment) + VALUES ({?}, {?}, {?}, {?}, {?}, {?}, {?}, {?}, {?})', $this->pid, $this->link_type, $this->link_id, $this->id, $this->type, $this->search, $this->display, $this->pub, $this->comment); } @@ -385,6 +385,16 @@ class Phone return implode(', ', self::formArrayWalk($data, 'toString')); } + static public function hasPrivate(array $phones) + { + foreach ($phones as $phone) { + if ($phone['pub'] == 'private') { + return true; + } + } + return false; + } + static public function iterate(array $pids = array(), array $link_types = array(), array $link_ids = array(), array $pubs = array()) { diff --git a/modules/profile/jobs.inc.php b/modules/profile/jobs.inc.php index d258517..3f3097b 100644 --- a/modules/profile/jobs.inc.php +++ b/modules/profile/jobs.inc.php @@ -224,11 +224,16 @@ class ProfileSettingJob implements ProfileSetting } if (isset($job['removed']) && $job['removed']) { - if ($job['name'] == '' && $entreprise && isset($entreprise[$entr_val - 1])) { - $entreprise[$entr_val - 1]->clean(); + if (S::user()->checkPerms('directory_ax') + && (Phone::hasPrivate($job['w_phone']) || Address::hasPrivate($job['w_address']) || $job['w_email_pub'] == 'private')) { + Platal::page()->trigWarning("L'entreprise ne peut être supprimée car elle contient des informations pour lesquelles vous n'avez le droit d'édition."); + } else { + if ($job['name'] == '' && $entreprise && isset($entreprise[$entr_val - 1])) { + $entreprise[$entr_val - 1]->clean(); + } + unset($value[$key]); + continue; } - unset($value[$key]); - continue; } if (!isset($job['pub']) || !$job['pub']) { $job['pub'] = 'private'; diff --git a/templates/include/flags.radio.tpl b/templates/include/flags.radio.tpl index 43ea1b4..6ae22ff 100644 --- a/templates/include/flags.radio.tpl +++ b/templates/include/flags.radio.tpl @@ -23,6 +23,7 @@ Quelle couleur ? {/if} {if !t($val)}{assign var=val value='ax'}{/if} +{if t($disabled)}{/if}