Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
I
intranet-forum
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
project-open
intranet-forum
Commits
388f2a5e
Commit
388f2a5e
authored
May 10, 2011
by
Frank Bergmann
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
- Forum Topic Notifications:
Now checks user read permissions before showing users
parent
c7cba6f9
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
25 additions
and
15 deletions
+25
-15
new-2-postgresql.xql
www/new-2-postgresql.xql
+1
-1
new-2.adp
www/new-2.adp
+6
-0
new-2.tcl
www/new-2.tcl
+18
-14
No files found.
www/new-2-postgresql.xql
View file @
388f2a5e
...
...
@@ -55,7 +55,7 @@ where
and o_mem.user_id = p.party_id
and 1 = im_forum_permission(
p.party_id,
:user_id,
:
current_
user_id,
:asignee_id,
:object_id,
:scope,
...
...
www/new-2.adp
View file @
388f2a5e
...
...
@@ -24,6 +24,9 @@
</tr>
<multiple name=stakeholders>
<if @stakeholders.show_user_style@>
<if @stakeholders.rownum@ odd>
<tr class="list-odd">
</if> <else>
...
...
@@ -40,6 +43,9 @@
<input type=checkbox name=notifyee_id value="@stakeholders.user_id@" id="alerts,@user_id@" @stakeholders.checked@>
</td>
</tr>
</if>
</multiple>
<tr>
...
...
www/new-2.tcl
View file @
388f2a5e
...
...
@@ -41,7 +41,7 @@ ad_page_contract {
# Security, Parameters & Default
# ------------------------------------------------------------------
set
user_id
[
ad_maybe_redirect_for_registration
]
set
current_
user_id
[
ad_maybe_redirect_for_registration
]
set
topic_type
[
db_string topic_type
"select im_category_from_id(:topic_type_id)"
-default
""
]
set
object_type
[
db_string acs_object_type
"select object_type from acs_objects where object_id = :object_id"
-default
""
]
...
...
@@ -82,7 +82,7 @@ set task_or_incident_p [im_forum_is_task_or_incident $topic_type_id]
# Optional comments are added to the message
if
{
""
!=
$comments
}
{
set user_name
[
db_string get_user_name
"select im_name_from_user_id(:user_id) from dual"
]
set user_name
[
db_string get_user_name
"select im_name_from_user_id(:
current_
user_id) from dual"
]
set today_date
[
db_string get_today_date
"select sysdate from dual"
]
append message
"
\n\n\[
Comment from
$user
_name on
$today
_date
\]
:
\n
$comments
"
}
...
...
@@ -135,7 +135,7 @@ if {[string equal $actions "save"]} {
set object_admin 0
if
{
$object
_id != 0
}
{
if
{
""
!=
$object
_type
}
{
set perm_cmd
"
${object_type}
_permissions
\$
user_id
\$
object_id object_view object_read object_write object_admin"
set perm_cmd
"
${object_type}
_permissions
\$
current_
user_id
\$
object_id object_view object_read object_write object_admin"
eval
$perm
_cmd
}
if
{
!$object_read
}
{
...
...
@@ -149,7 +149,7 @@ if {[string equal $actions "save"]} {
return
}
if
{
!$object_admin &&
$user
_id !=
$owner
_id
}
{
if
{
!$object_admin &&
$
current
_
user_id !=
$owner
_id
}
{
ad_return_complaint 1
"<li>
[
_ intranet-forum.lt_You_have_insufficient
]
"
return
}
...
...
@@ -211,14 +211,14 @@ if {[string equal $actions "save"]} {
select count(*)
from im_forum_topic_user_map
where topic_id = :topic_id
and user_id = :user_id
and user_id = :
current_
user_id
"
]
if
{
!$exists_p
}
{
db_transaction
{
db_dml im_forum_topic_user_map_insert
"
insert into im_forum_topic_user_map
(topic_id, user_id, read_p, folder_id, receive_updates) values
(:topic_id, :user_id, :read_p, :folder_id, :receive_updates)
(:topic_id, :
current_
user_id, :read_p, :folder_id, :receive_updates)
"
}
on_error
{
# nothing - may already exist...
...
...
@@ -235,7 +235,7 @@ if {[string equal $actions "save"]} {
receive_updates=:receive_updates
where
topic_id=:topic_id
and user_id=:user_id
and user_id=:
current_
user_id
"
}
on_error
{
ad_return_error
"
[
_ intranet-forum.lt_Error_modifying_a_im_
]
"
"
...
...
@@ -299,7 +299,7 @@ if {[string equal $action_type "new_message"]} {
and o_mem.user_id = p.party_id
and 1 = im_forum_permission(
p.party_id,
:user_id,
:
current_
user_id,
:asignee_id,
:object_id,
:scope,
...
...
@@ -311,7 +311,7 @@ if {[string equal $action_type "new_message"]} {
db_foreach subscribe_object_members
$object
_member_sql
{
ns_log Notice
"intranet-forum/new-2: subscribe user
\#
$user
_id to message
\#
$topic
_id in object
\#
$object
_id"
ns_log Notice
"intranet-forum/new-2: subscribe user
\#
$
current
_
user_id to message
\#
$topic
_id in object
\#
$object
_id"
# im_forum_topics_user_map may or may not exist for every user.
# So we create a record just in case, even if the SQL fails.
...
...
@@ -319,7 +319,7 @@ if {[string equal $action_type "new_message"]} {
select count(*)
from im_forum_topic_user_map
where topic_id = :topic_id
and user_id = :user_id
and user_id = :
current_
user_id
"
]
if
{
!$map_exists_p
}
{
...
...
@@ -327,7 +327,7 @@ if {[string equal $action_type "new_message"]} {
db_dml im_forum_topic_user_map_insert
"
insert into im_forum_topic_user_map
(topic_id, user_id, read_p, folder_id, receive_updates) values
(:topic_id, :user_id, :read_p, :folder_id, 'all')
(:topic_id, :
current_
user_id, :read_p, :folder_id, 'all')
"
}
on_error
{
# nothing - may already exist...
...
...
@@ -621,11 +621,15 @@ set stakeholder_sql "
"
set
num_stakeholders 0
db_multirow -extend
{
checked
}
stakeholders stakeholder_query
$stakeholder
_sql
{
db_multirow -extend
{
checked
show_user_style
}
stakeholders stakeholder_query
$stakeholder
_sql
{
set checked
""
if
{
$user
_id ==
$asignee
_id
}
{
set checked
"checked"
}
if
{
$user
_id ==
$owner
_id
}
{
set checked
"checked"
}
if
{
$current
_user_id ==
$asignee
_id
}
{
set checked
"checked"
}
if
{
$current
_user_id ==
$owner
_id
}
{
set checked
"checked"
}
# How to display? -1=name only, 0=none, 1=Link
set show_user_style
[
im_show_user_style
$user
_id
$current
_user_id
$topic
_id
]
incr num_stakeholders
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment