Index: openacs-4/packages/contacts/tcl/contacts-procs-postgresql.xql =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/contacts/tcl/contacts-procs-postgresql.xql,v diff -u -r1.20 -r1.21 --- openacs-4/packages/contacts/tcl/contacts-procs-postgresql.xql 2 Jun 2006 09:56:23 -0000 1.20 +++ openacs-4/packages/contacts/tcl/contacts-procs-postgresql.xql 6 Nov 2006 12:55:29 -0000 1.21 @@ -156,7 +156,8 @@ ( select count(distinct gamm.member_id) from group_approved_member_map gamm where gamm.group_id = groups.group_id ) as member_count, ( select count(distinct gcm.component_id) from group_component_map gcm where gcm.group_id = groups.group_id) as component_count, CASE WHEN contact_groups.package_id is not null THEN '1' ELSE '0' END as mapped_p, - CASE WHEN default_p THEN '1' ELSE '0' END as default_p + CASE WHEN default_p THEN '1' ELSE '0' END as default_p, + CASE WHEN user_change_p THEN '1' ELSE '0' END as user_change_p from groups left join ( select * from contact_groups where package_id = :package_id ) as contact_groups on ( groups.group_id = contact_groups.group_id ), acs_objects where groups.group_id not in ('-1','[contacts::default_group -package_id $package_id]') and groups.group_id = acs_objects.object_id Index: openacs-4/packages/contacts/tcl/contacts-procs.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/contacts/tcl/contacts-procs.tcl,v diff -u -r1.97 -r1.98 --- openacs-4/packages/contacts/tcl/contacts-procs.tcl 1 Nov 2006 18:53:44 -0000 1.97 +++ openacs-4/packages/contacts/tcl/contacts-procs.tcl 6 Nov 2006 12:55:29 -0000 1.98 @@ -874,28 +874,41 @@ {-all:boolean} {-no_member_count:boolean} {-package_id ""} + {-party_id ""} } { + Return the groups that are mapped in contacts + @param indent_with What should we indent the group name with + @privilege_required Required privilege the user has to have on this group + @output Format in which to output the groups. A tcl list of lists is standard + @party_id If the privilege is write we need to check if the user is maybe writing on himself. Then he should have permission. } { if { $package_id eq "" } { set package_id [ad_conn package_id] } set user_id [ad_conn user_id] set group_list [list] foreach one_group [contact::groups_list -package_id $package_id] { - util_unlist $one_group group_id group_name member_count component_count mapped_p default_p + util_unlist $one_group group_id group_name member_count component_count mapped_p default_p user_change_p # We check if the group has the required privilege # specified on privilege_required switch, if not then # we just simple continue with the next one if { ![permission::permission_p -object_id $group_id -party_id $user_id -privilege $privilege_required] } { - continue + if { $privilege_required eq "write" && $user_change_p} { + # Check if the user is editing himself + if {![string eq $party_id $user_id]} { + continue + } + } else { + continue + } } if { $mapped_p || $all_p} { - lappend group_list [list [lang::util::localize $group_name] $group_id $member_count "1" $mapped_p $default_p] + lappend group_list [list [lang::util::localize $group_name] $group_id $member_count "1" $mapped_p $default_p $user_change_p] if { $component_count > 0 && ( $expand == "all" || $expand == $group_id ) } { db_foreach get_components {} { if { $mapped_p || $all_p} { - lappend group_list [list "$indent_with$group_name" $group_id $member_count "2" $mapped_p $default_p] + lappend group_list [list "$indent_with$group_name" $group_id $member_count "2" $mapped_p $default_p $user_change_p] } } }