#1068152 Calendar: PermissionCheck on linked Appointments

6184e711 · Andreas Schindlbeck · 3ca44156 · 6184e711 · 6184e711 · 6184e711
Commit 6184e711 authored 4 years ago by Andreas Schindlbeck
--- a/entity/Appointment_entity/Appointment_entity.aod
+++ b/entity/Appointment_entity/Appointment_entity.aod
@@ -171,11 +171,6 @@
    </entityParameter>
    <entityConsumer>
      <name>AppointmentLinks</name>
-      <dependency>
-        <name>dependency</name>
-        <entityName>AppointmentLink_entity</entityName>
-        <fieldName>Links</fieldName>
-      </dependency>
      <children>
        <entityParameter>
          <name>AppointmentId_param</name>
@@ -187,6 +182,11 @@
          <expose v="false" />
        </entityParameter>
      </children>
+      <dependency>
+        <name>dependency</name>
+        <entityName>AppointmentLink_entity</entityName>
+        <fieldName>Links</fieldName>
+      </dependency>
    </entityConsumer>
    <entityActionField>
      <name>deleteSeries</name>
@@ -254,6 +254,11 @@
      <name>#PROVIDER_AGGREGATES</name>
      <useAggregates v="true" />
    </entityProvider>
+    <entityParameter>
+      <name>ErrorOnPermissionDenied</name>
+      <valueProcess>%aditoprj%/entity/Appointment_entity/entityfields/erroronpermissiondenied/valueProcess.js</valueProcess>
+      <expose v="true" />
+    </entityParameter>
  </entityFields>
  <recordContainers>
    <jDitoRecordContainer>

--- a/entity/Appointment_entity/entityfields/erroronpermissiondenied/valueProcess.js
+++ b/entity/Appointment_entity/entityfields/erroronpermissiondenied/valueProcess.js
+import("system.result");
+
+result.string("true");
\ No newline at end of file
--- a/entity/Appointment_entity/recordcontainers/jdito/contentProcess.js
+++ b/entity/Appointment_entity/recordcontainers/jdito/contentProcess.js
+import("Calendar_lib");
 import("Employee_lib");
 import("system.tools");
 import("system.db");
@@ -28,14 +29,14 @@ if(vars.exists("$param.Entry_param") && vars.get("$param.Entry_param"))

    //@TODO Icon 
    result.object([
-        buildEntry(entry, masterEntry)
+        CalendarUtil.buildEntry(entry, masterEntry)
    ]);
 }

 else if(vars.get("$sys.recordstate") != neon.OPERATINGSTATE_NEW && vars.get("$local.idvalues") != null && vars.get("$local.idvalues") != "")
 {
    var selectedids = vars.get("$local.idvalues");
-    result.object([buildEntry(calendars.getEntry(selectedids, null, null), null)]);
+    result.object([CalendarUtil.buildEntry(calendars.getEntry(selectedids, null, null), null)]);
 }

 else if(vars.getString("$param.LinkedAppointmentsFromDashlet_param"))
@@ -43,7 +44,7 @@ else if(vars.getString("$param.LinkedAppointmentsFromDashlet_param"))
    var contactid = EmployeeUtils.getCurrentContactId();
    
    appointmentSelect.whereIfSet("AB_APPOINTMENTLINK.OBJECT_ROWID", contactid)
-    result.object(buildEntriesFromUids(appointmentSelect.table()));
+    result.object(CalendarUtil.buildEntriesFromUids(appointmentSelect.table()));
 }

 /**
@@ -52,78 +53,5 @@ else if(vars.getString("$param.LinkedAppointmentsFromDashlet_param"))
 else if(vars.getString("$param.LinkedObjectId_param") != undefined)
 {
    appointmentSelect.whereIfSet("AB_APPOINTMENTLINK.OBJECT_ROWID", "$param.LinkedObjectId_param")
-    result.object(buildEntriesFromUids(appointmentSelect.table()));
-}
-
-function buildEntriesFromUids(appointmentUids)
-{
-    var entryArray = new Array(appointmentUids.length);
-    
-    for(var i = 0; i < appointmentUids.length; i++)
-        entryArray[i] = buildEntry(calendars.getEntry(appointmentUids[i], null, null), null);
-    
-    return entryArray;
-}
-
-
-function buildEntry(pEntry, pMasterentry)
-{
-    var uid = pEntry[calendars.ID];    
-    var summary = pEntry[calendars.SUMMARY];
-    var attendees = pEntry[calendars.AFFECTEDUSERS];
-    var startdate = pEntry[calendars.DTSTART];
-    var enddate = pEntry[calendars.DTEND];
-    var links = pEntry[calendars.LINKS];
-    var description = pEntry[calendars.DESCRIPTION];
-    if(pEntry[calendars.ORGANIZER2] != undefined)
-        var organizer = pEntry[calendars.ORGANIZER2]["paramvalue"];
-    if(pEntry[calendars.USER2] != undefined)
-        var owner = JSON.stringify(pEntry[calendars.USER2]);
-    var status = pEntry[calendars.STATUS];
-    var location = pEntry[calendars.LOCATION];
-    var reminder = pEntry[calendars.REMINDER_DURATION];
-    var remindercheck = pEntry[calendars.HASREMINDER]
-    var classification = pEntry[calendars.CLASSIFICATION];
-    var transparency = pEntry[calendars.TRANSPARENCY];
-    var categories = pEntry[calendars.CATEGORIES];
-    var isAllDay = pEntry["X-ADITO-ISALLDAYEVENT"] != null ? pEntry["X-ADITO-ISALLDAYEVENT"] : "FALSE";
-    
-    var masterBegin = pMasterentry != null ? pMasterentry[calendars.DTSTART] : null
-    var masterEnd = pMasterentry != null ? pMasterentry[calendars.DTEND] : null
-    
-    // Recurrence
-    var recurrenceID = pEntry[calendars.RECURRENCEID];
-    var rrule = null;
-    if (pMasterentry != null) { // Entry is a recurrence exception, therefore get rrule from master
-        rrule = pMasterentry[calendars.RRULE] != null ? pMasterentry[calendars.RRULE][0] : null;
-    } else {
-        rrule = pEntry[calendars.RRULE] != null ? pEntry[calendars.RRULE][0] : null;
-    }
-    
-    return [
-            uid, 
-            attendees.length, 
-            startdate, 
-            enddate, 
-            summary, 
-            organizer,
-            owner,
-            attendees, 
-            status,  
-            description, 
-            location, 
-            '', 
-            isAllDay,
-            classification,
-            transparency, 
-            categories, 
-            reminder, 
-            remindercheck, 
-            rrule, 
-            recurrenceID, 
-            null, 
-            masterBegin, 
-            masterEnd,
-            null
-        ];
-}
+    result.object(CalendarUtil.buildEntriesFromUids(appointmentSelect.table()));
+}
\ No newline at end of file
--- a/entity/Appointment_entity/recordcontainers/jdito/rowCountProcess.js
+++ b/entity/Appointment_entity/recordcontainers/jdito/rowCountProcess.js
+import("Calendar_lib");
 import("system.db");
 import("Employee_lib");
 import("Sql_lib");
@@ -5,7 +6,7 @@ import("system.vars");
 import("system.result");

 var rowCount = "0";
-var cond = newSelect("count(APPOINTMENT_ID)")
+var cond = newSelect("APPOINTMENT_ID")
               .from("AB_APPOINTMENTLINK");

 if (vars.exists("$local.idvalues") && vars.get("$local.idvalues"))
@@ -13,7 +14,7 @@ if (vars.exists("$local.idvalues") && vars.get("$local.idvalues"))
 else if (vars.getString("$param.LinkedAppointmentsFromDashlet_param"))
 {
    cond.whereIfSet("AB_APPOINTMENTLINK.OBJECT_ROWID", EmployeeUtils.getCurrentContactId());
-    rowCount = cond.cell();
+    rowCount = CalendarUtil.countEntriesFromUids(cond.table());
 }

 /**
@@ -22,7 +23,7 @@ else if (vars.getString("$param.LinkedAppointmentsFromDashlet_param"))
 else if (vars.getString("$param.LinkedObjectId_param") != undefined)
 {
    cond.whereIfSet("AB_APPOINTMENTLINK.OBJECT_ROWID", "$param.LinkedObjectId_param");
-    rowCount = cond.cell();
+    rowCount = CalendarUtil.countEntriesFromUids(cond.table());
 }
 /**
 * Will be used, if the user is operating the calendar.

--- a/entity/Organisation_entity/Organisation_entity.aod
+++ b/entity/Organisation_entity/Organisation_entity.aod
--- a/entity/Organisation_entity/entityfields/linkedappointments/children/erroronpermissiondenied/valueProcess.js
+++ b/entity/Organisation_entity/entityfields/linkedappointments/children/erroronpermissiondenied/valueProcess.js
+import("system.result");
+
+result.string("false");
\ No newline at end of file
--- a/entity/Person_entity/Person_entity.aod
+++ b/entity/Person_entity/Person_entity.aod
--- a/entity/Person_entity/entityfields/appointments/children/erroronpermissiondenied/valueProcess.js
+++ b/entity/Person_entity/entityfields/appointments/children/erroronpermissiondenied/valueProcess.js
+import("system.result");
+
+result.string("false");
\ No newline at end of file
--- a/process/Calendar_lib/process.js
+++ b/process/Calendar_lib/process.js
@@ -538,4 +538,113 @@ CalendarUtil.getCalendarSystemType = function(pScope)

    // Everything is none
    return calendars.BACKEND_NONE;
+}
+
+CalendarUtil.buildEntriesFromUids = function(appointmentUids) 
+{
+    var entryArray = new Array(appointmentUids.length);
+    
+    for(var i = 0; i < appointmentUids.length; i++)
+    {
+        var hasPermission = true;
+        
+        if(vars.getString("$param.ErrorOnPermissionDenied") && vars.get("$param.ErrorOnPermissionDenied") == "false")
+            hasPermission = hasUserPermissionForReadingEntry(getEntryOwnerCn(appointmentUids[i]));
+        
+        if(hasPermission)
+            entryArray[i] = CalendarUtil.buildEntry(calendars.getEntry(appointmentUids[i], null, null), null);
+    }
+    
+    //filter out all null
+    var filteredEntryArray = entryArray.filter(function (el) {
+        return el != null;
+    });
+    
+    return filteredEntryArray;
+}
+
+
+CalendarUtil.countEntriesFromUids = function(appointmentUids) 
+{
+    return CalendarUtil.buildEntriesFromUids(appointmentUids).length;
+}
+
+CalendarUtil.buildEntry = function (pEntry, pMasterentry)
+{
+    var uid = pEntry[calendars.ID];    
+    var summary = pEntry[calendars.SUMMARY];
+    var attendees = pEntry[calendars.AFFECTEDUSERS];
+    var startdate = pEntry[calendars.DTSTART];
+    var enddate = pEntry[calendars.DTEND];
+    var links = pEntry[calendars.LINKS];
+    var description = pEntry[calendars.DESCRIPTION];
+    if(pEntry[calendars.ORGANIZER2] != undefined)
+        var organizer = pEntry[calendars.ORGANIZER2]["paramvalue"];
+    if(pEntry[calendars.USER2] != undefined)
+        var owner = JSON.stringify(pEntry[calendars.USER2]);
+    var status = pEntry[calendars.STATUS];
+    var location = pEntry[calendars.LOCATION];
+    var reminder = pEntry[calendars.REMINDER_DURATION];
+    var remindercheck = pEntry[calendars.HASREMINDER]
+    var classification = pEntry[calendars.CLASSIFICATION];
+    var transparency = pEntry[calendars.TRANSPARENCY];
+    var categories = pEntry[calendars.CATEGORIES];
+    var isAllDay = pEntry["X-ADITO-ISALLDAYEVENT"] != null ? pEntry["X-ADITO-ISALLDAYEVENT"] : "FALSE";
+    
+    var masterBegin = pMasterentry != null ? pMasterentry[calendars.DTSTART] : null
+    var masterEnd = pMasterentry != null ? pMasterentry[calendars.DTEND] : null
+    
+    // Recurrence
+    var recurrenceID = pEntry[calendars.RECURRENCEID];
+    var rrule = null;
+    if (pMasterentry != null) { // Entry is a recurrence exception, therefore get rrule from master
+        rrule = pMasterentry[calendars.RRULE] != null ? pMasterentry[calendars.RRULE][0] : null;
+    } else {
+        rrule = pEntry[calendars.RRULE] != null ? pEntry[calendars.RRULE][0] : null;
+    }
+    
+    return [
+            uid, 
+            attendees.length, 
+            startdate, 
+            enddate, 
+            summary, 
+            organizer,
+            owner,
+            attendees, 
+            status,  
+            description, 
+            location, 
+            '', 
+            isAllDay,
+            classification,
+            transparency, 
+            categories, 
+            reminder, 
+            remindercheck, 
+            rrule, 
+            recurrenceID, 
+            null, 
+            masterBegin, 
+            masterEnd,
+            null
+        ];
+}
+
+
+function hasUserPermissionForReadingEntry(calUserCn)
+{
+    return calendars.hasPermission(calUserCn, calendars.VEVENT, "READ");
+}
+
+function getEntryOwnerCn(appointmentUid)
+{
+    
+    var owner = newSelect("ASYS_CALENDARBACKEND.OWNER", "_____SYSTEMALIAS")
+        .from("ASYS_CALENDARBACKEND")
+        .whereIfSet("ASYS_CALENDARBACKEND.ELEMENTUID", appointmentUid)
+        .cell(true);
+        
+    var ownerArr = text.decodeMS(owner);
+    return ownerArr[1].split(":")[1];
 }
\ No newline at end of file