nsinnovations/fusionpbx
2
0
Fork 0
mirror of https://github.com/fusionpbx/fusionpbx.git synced 2026-01-03 02:23:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Contacts: Private or Shared. User can create a private contact only visible to them, or can choose to share a contact with others by assigning it to group(s). Users can view only contacts assigned to their group(s) and contacts NOT assigned to any group.

Browse Source
This commit is contained in:
Nate Jones
2014-10-18 06:49:34 +00:00
parent e89611f099
commit f2d643aecb
6 changed files with 172 additions and 103 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
app/contacts/app_languages.php
View File

@@ -183,15 +183,35 @@
$text['description-contact_note']['pt-pt'] = "Introduza uma nota.";
$text['description-contact_note']['fr-fr'] = "";
$text['label-shared']['en-us'] = "Shared";
$text['label-shared']['es-cl'] = "Compartido";
$text['label-shared']['pt-pt'] = "Partilhada";
$text['label-shared']['fr-fr'] = "Commun";
$text['description-shared']['en-us'] = "Share this contact with other users on the domain.";
$text['description-shared']['es-cl'] = "Comparte este contacto con otros usuarios en el dominio.";
$text['description-shared']['pt-pt'] = "Compartilhe esse contato com outros usuários do domínio.";
$text['description-shared']['fr-fr'] = "Partager ce contact avec d'autres utilisateurs sur le domaine.";
$text['option-true']['en-us'] = "True";
$text['option-true']['es-cl'] = "Verdadero";
$text['option-true']['pt-pt'] = "Sim";
$text['option-true']['fr-fr'] = "Oui";
$text['option-false']['en-us'] = "False";
$text['option-false']['es-cl'] = "Falso";
$text['option-false']['pt-pt'] = "Não";
$text['option-false']['fr-fr'] = "Non";
$text['label-groups']['en-us'] = "Groups";
$text['label-groups']['es-cl'] = "Grupos";
$text['label-groups']['pt-pt'] = "Grupos";
$text['label-groups']['fr-fr'] = "Groupes";
$text['description-groups']['en-us'] = "Contacts assigned to a Group will be visible to all Users in the Group.";
$text['description-groups']['es-cl'] = "Contactos asignados a un grupo serán visibles por todos los usuarios del grupo.";
$text['description-groups']['pt-pt'] = "Contatos atribuídos a um grupo será visível por todos os usuários do grupo.";
$text['description-groups']['fr-fr'] = "Contacts affectés à un groupe seront visibles par tous les utilisateurs du groupe.";
$text['description-groups']['en-us'] = "Contacts assigned to a group are only visible to users in the group. Contacts not assigned to a group will be visible to all users in the domain.";
$text['description-groups']['es-cl'] = "Contactos asignados a un grupo sólo son visibles para los usuarios del grupo. Los contactos no asignados a un grupo serán visibles para todos los usuarios del dominio.";
$text['description-groups']['pt-pt'] = "Contatos atribuídos a um grupo só são visíveis para os usuários do grupo. Contatos não atribuídos a um grupo será visível para todos os usuários no domínio.";
$text['description-groups']['fr-fr'] = "Contacts affectés à un groupe ne sont accessibles qu'aux utilisateurs du groupe. Contacts ne sont pas affectés à un groupe seront visibles à tous les utilisateurs dans le domaine.";
$text['button-qr_code']['en-us'] = "QR Code";
$text['button-qr_code']['es-cl'] = "Código QR";

82
app/contacts/contact_edit.php
View File

@@ -158,9 +158,30 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
$location = "contacts.php";
} //if ($action == "add")
//handle insertion of contact group
if ($_POST['group_uuid'] != '') {
$group_uuid = $_POST["group_uuid"];
//if contact is shared, remove contact group record containing user's uuid
if ($_POST['contact_shared'] == 'true') {
$sql = "delete from v_contact_groups ";
$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
$sql .= "and contact_uuid = '".$contact_uuid."' ";
$sql .= "and group_uuid = '".$_SESSION['groups'][0]['user_uuid']."' ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
unset($prep_statement, $sql);
$group_uuid = $_POST['group_uuid'];
}
//if private contact, delete any groups currently assigned, set group uuid to user's uuid
else {
$sql = "delete from v_contact_groups ";
$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
$sql .= "and contact_uuid = '".$contact_uuid."' ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
unset($prep_statement, $sql);
$group_uuid = $_SESSION['groups'][0]['user_uuid'];
}
//handle insertion of contact group (or private contact, if not shared)
if ($group_uuid != '') {
$sql = "insert into v_contact_groups ";
$sql .= "( ";
$sql .= "contact_group_uuid, ";
@@ -586,11 +607,6 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
echo "</td>\n";
echo "</tr>\n";
//echo "<tr>\n";
//echo "<td><strong>Additional Information</strong></td>\n";
//echo "<td>&nbsp;</td>\n";
//echo "<tr>\n";
echo "<tr>\n";
echo "<td class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
echo " ".$text['label-contact_time_zone'].":\n";
@@ -602,11 +618,43 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
echo "</td>\n";
echo "</tr>\n";
if (permission_exists('contact_group_view')) {
echo "<tr>";
echo " <td class='vncell' valign='top'>".$text['label-groups'].":</td>";
echo " <td class='vtable'>";
//determine if contact is shared or private
if ($action == 'update') {
$sql = "select count(*) as num_rows from v_contact_groups ";
$sql .= "where domain_uuid = '".$domain_uuid."' ";
$sql .= "and contact_uuid = '".$contact_uuid."' ";
$sql .= "and group_uuid = '".$_SESSION['groups'][0]['user_uuid']."' ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
$contact_shared = ($row['num_rows'] > 0) ? 'false' : 'true';
unset ($sql, $prep_statement, $row);
}
else {
//private by default on contact add
$contact_shared = 'false';
}
echo "<tr>\n";
echo "<td class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
echo " ".$text['label-shared'].":\n";
echo "</td>\n";
echo "<td class='vtable' align='left'>\n";
echo " <select class='formfld' name='contact_shared' id='contact_shared' ".((permission_exists('contact_group_view')) ? "onchange=\"$('#div_groups').slideToggle('400');\"" : null).">\n";
echo " <option value='false'>".$text['option-false']."</option>\n";
echo " <option value='true' ".(($contact_shared == 'true') ? "selected" : null).">".$text['option-true']."</option>\n";
echo " </select>\n";
echo "<br />\n";
echo $text['description-shared']."\n";
echo "</td>\n";
echo "</tr>\n";
echo "</table>";
if (permission_exists('contact_group_view')) {
echo "<div id='div_groups' ".(($contact_shared != 'true') ? "style='display: none;'" : null).">\n";
echo "<table border='0' cellpadding='0' cellspacing='0' width='100%'>\n";
echo "<tr>";
echo " <td width='30%' class='vncell' valign='top'>".$text['label-groups'].":</td>";
echo " <td width='70%' class='vtable'>";
$sql = "select ";
$sql .= "g.*, ";
$sql .= "cg.contact_group_uuid ";
@@ -618,6 +666,7 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
$sql .= "and g.domain_uuid = '".$domain_uuid."' ";
$sql .= "and cg.domain_uuid = '".$domain_uuid."' ";
$sql .= "and cg.contact_uuid = '".$contact_uuid."' ";
$sql .= "and cg.group_uuid <> '".$_SESSION['groups'][0]['user_uuid']."' ";
$sql .= "order by g.group_name asc ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
@@ -631,7 +680,7 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
echo " <td class='vtable'>".$field['group_name']."</td>\n";
echo " <td>\n";
if (permission_exists('contact_group_delete') || if_group("superadmin")) {
echo " <a href='contact_edit.php?id=".$contact_uuid."&cgid=".$field['contact_group_uuid']."&a=delete' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>\n";
echo " <a href='contact_edit.php?id=".$contact_uuid."&cgid=".$field['contact_group_uuid']."&a=delete' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>\n";
}
echo " </td>\n";
echo "</tr>\n";
@@ -676,13 +725,16 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
echo " </td>";
echo "</tr>";
echo "</table>\n";
echo "</div>";
}
echo "<table border='0' cellpadding='0' cellspacing='0' width='100%'>\n";
echo "<tr>\n";
echo "<td class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
echo "<td width='30%' class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
echo " ".$text['label-contact_note'].":\n";
echo "</td>\n";
echo "<td class='vtable' align='left'>\n";
echo "<td width='70%' class='vtable' align='left'>\n";
echo " <input class='formfld' type='text' name='contact_note' maxlength='255' value='$contact_note'>\n";
echo "<br />\n";
echo $text['description-contact_note']."\n";

134
app/contacts/contacts.php
View File

@@ -54,21 +54,15 @@ require_once "resources/paging.php";
$order = check_str($_GET["order"]);
//show the content
echo "<div align='center'>";
echo "<table width='100%' border='0' cellpadding='0' cellspacing='2'>\n";
echo "<tr class='border'>\n";
echo " <td align=\"center\">\n";
echo " <br>";
echo "<table width=\"100%\" border=\"0\" cellpadding=\"5\" cellspacing=\"0\">\n";
echo "<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">\n";
echo " <tr>\n";
echo " <td align=\"left\" valign=\"top\">\n";
echo " <span class='title'><strong>".$text['header-contacts']."</strong></span><br>\n";
echo " ".$text['description-contacts']."<br /><br />\n";
echo " </td>\n";
echo " <td align=\"right\" valign=\"middle\">\n";
echo " <td align=\"right\" valign=\"top\">\n";
echo " <form method=\"GET\" name=\"frm_search\" action=\"\">\n";
echo " <input class=\"formfld\" type=\"text\" name=\"search_all\" value=\"$search_all\">\n";
echo " <input class=\"formfld\" style='text-align: right;' type=\"text\" name=\"search_all\" value=\"$search_all\">\n";
echo " <input class=\"btn\" type=\"submit\" name=\"submit\" value=\"".$text['button-search']."\">\n";
if (permission_exists('contact_add')) {
echo "<input type='button' class='btn' name='' alt='back' onclick=\"window.location='contact_import.php'\" value='".$text['button-import']."'>";
@@ -77,44 +71,76 @@ require_once "resources/paging.php";
echo " </td>\n";
echo " </tr>\n";
echo "</table>\n";
echo "<br />\n";
//retrieve current user's assigned groups (uuids)
foreach ($_SESSION['groups'] as $group_data) {
$user_group_uuids[] = $group_data['group_uuid'];
}
//add user's uuid to group uuid list to include private (non-shared) contacts
$user_group_uuids[] = $_SESSION['groups'][0]['user_uuid'];
//prepare to page the results
$sql = "select count(*) as num_rows from v_contacts ";
$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
if (sizeof($user_group_uuids) > 0) {
//only show contacts assigned to current user's group(s) and those not assigned to any group
$sql .= "and ( \n";
$sql .= " contact_uuid in ( \n";
$sql .= " select contact_uuid from v_contact_groups ";
$sql .= " where group_uuid in ('".implode("','", $user_group_uuids)."') ";
$sql .= " and domain_uuid = '".$_SESSION['domain_uuid']."' ";
$sql .= " ) \n";
$sql .= " or \n";
$sql .= " contact_uuid not in ( \n";
$sql .= " select contact_uuid from v_contact_groups ";
$sql .= " where domain_uuid = '".$_SESSION['domain_uuid']."' ";
$sql .= " ) \n";
$sql .= ") \n";
}
if (strlen($phone_number) > 0) {
$phone_number = preg_replace('{\D}', '', $phone_number);
$sql .= "and contact_uuid in (select contact_uuid from v_contact_phones ";
$sql .= "where phone_number like '%".$phone_number."%') \n";
$sql .= "and contact_uuid in ( ";
$sql .= " select contact_uuid from v_contact_phones ";
$sql .= " where phone_number like '%".$phone_number."%' ";
$sql .= ") \n";
}
else {
if (strlen($search_all) > 0) {
if (is_numeric($search_all)) {
$sql .= "and contact_uuid in (select contact_uuid from v_contact_phones ";
$sql .= "where phone_number like '%".$search_all."%') \n";
$sql .= "and contact_uuid in ( \n";
$sql .= " select contact_uuid from v_contact_phones ";
$sql .= " where phone_number like '%".$search_all."%' ";
$sql .= ") \n";
}
else {
$sql .= "and contact_uuid in (\n";
$sql .= "and contact_uuid in ( \n";
$sql .= " select contact_uuid from v_contacts ";
$sql .= " where domain_uuid = '".$_SESSION['domain_uuid']."' \n";
$sql .= " and (\n";
$sql .= " lower(contact_organization) like '%".$search_all."%' or \n";
$sql .= " lower(contact_name_given) like '%".$search_all."%' or \n";
$sql .= " lower(contact_name_family) like '%".$search_all."%' or \n";
$sql .= " lower(contact_nickname) like '%".$search_all."%' or \n";
$sql .= " lower(contact_title) like '%".$search_all."%' or \n";
$sql .= " lower(contact_category) like '%".$search_all."%' or \n";
$sql .= " lower(contact_role) like '%".$search_all."%' or \n";
$sql .= " lower(contact_email) like '%".$search_all."%' or \n";
$sql .= " lower(contact_url) like '%".$search_all."%' or \n";
$sql .= " lower(contact_time_zone) like '%".$search_all."%' or \n";
$sql .= " lower(contact_note) like '%".$search_all."%' or \n";
$sql .= " lower(contact_type) like '%".$search_all."%'\n";
$sql .= " )\n";
$sql .= ")\n";
$sql .= " and ( \n";
$sql .= " lower(contact_organization) like '%".$search_all."%' or \n";
$sql .= " lower(contact_name_given) like '%".$search_all."%' or \n";
$sql .= " lower(contact_name_family) like '%".$search_all."%' or \n";
$sql .= " lower(contact_nickname) like '%".$search_all."%' or \n";
$sql .= " lower(contact_title) like '%".$search_all."%' or \n";
$sql .= " lower(contact_category) like '%".$search_all."%' or \n";
$sql .= " lower(contact_role) like '%".$search_all."%' or \n";
$sql .= " lower(contact_email) like '%".$search_all."%' or \n";
$sql .= " lower(contact_url) like '%".$search_all."%' or \n";
$sql .= " lower(contact_time_zone) like '%".$search_all."%' or \n";
$sql .= " lower(contact_note) like '%".$search_all."%' or \n";
$sql .= " lower(contact_type) like '%".$search_all."%' \n";
$sql .= " ) \n";
$sql .= ") \n";
}
}
}
if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; }
if (strlen($order_by) > 0) {
$sql .= "order by ".$order_by." ".$order." ";
}
else {
$sql .= "order by contact_organization asc, contact_name_given asc, contact_name_family asc ";
}
$prep_statement = $db->prepare($sql);
if ($prep_statement) {
$prep_statement->execute();
@@ -135,42 +161,9 @@ require_once "resources/paging.php";
list($paging_controls, $rows_per_page, $var_3) = paging($num_rows, $param, $rows_per_page);
$offset = $rows_per_page * $page;
//get the list
$sql = "select * from v_contacts ";
$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
if (strlen($phone_number) > 0) {
$sql .= "and contact_uuid in (select contact_uuid from v_contact_phones ";
$sql .= "where phone_number like '%".$phone_number."%') \n";
}
else {
if (strlen($search_all) > 0) {
if (is_numeric($search_all)) {
$sql .= "and contact_uuid in (select contact_uuid from v_contact_phones ";
$sql .= "where phone_number like '%".$search_all."%') \n";
}
else {
$sql .= "and contact_uuid in (\n";
$sql .= " select contact_uuid from v_contacts where domain_uuid = '".$_SESSION['domain_uuid']."' \n";
$sql .= " and (\n";
$sql .= " lower(contact_organization) like '%".$search_all."%' or \n";
$sql .= " lower(contact_name_given) like '%".$search_all."%' or \n";
$sql .= " lower(contact_name_family) like '%".$search_all."%' or \n";
$sql .= " lower(contact_nickname) like '%".$search_all."%' or \n";
$sql .= " lower(contact_title) like '%".$search_all."%' or \n";
$sql .= " lower(contact_category) like '%".$search_all."%' or \n";
$sql .= " lower(contact_role) like '%".$search_all."%' or \n";
$sql .= " lower(contact_email) like '%".$search_all."%' or \n";
$sql .= " lower(contact_url) like '%".$search_all."%' or \n";
$sql .= " lower(contact_time_zone) like '%".$search_all."%' or \n";
$sql .= " lower(contact_note) like '%".$search_all."%' or \n";
$sql .= " lower(contact_type) like '%".$search_all."%'\n";
$sql .= " )\n";
$sql .= ")\n";
}
}
}
if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; }
$sql .= "limit $rows_per_page offset $offset ";
//get the list
$sql = str_replace('count(*) as num_rows', '*', $sql); // modify query created above
$sql .= "limit ".$rows_per_page." offset ".$offset." ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
@@ -242,15 +235,6 @@ require_once "resources/paging.php";
echo "</tr>\n";
echo "</table>";
echo "</div>";
echo "<br><br>";
echo "<br><br>";
echo "</td>";
echo "</tr>";
echo "</table>";
echo "</div>";
echo "<br><br>";
//include the footer
require_once "resources/footer.php";

20
core/users/signup.php
View File

@@ -44,12 +44,17 @@ else {
$username = check_str($_POST["username"]);
$password = check_str($_POST["password"]);
$confirmpassword = check_str($_POST["confirmpassword"]);
$group_name = check_str($_POST["group_name"]);
$group_uuid_name = check_str($_POST["group_uuid_name"]);
$user_email = check_str($_POST["user_email"]);
$contact_organization = check_str($_POST["contact_organization"]);
$contact_name_given = check_str($_POST["contact_name_given"]);
$contact_name_family = check_str($_POST["contact_name_family"]);
if ($group_uuid_name != '') {
$group_data = explode('|', $group_uuid_name);
$group_uuid = $group_data[0];
$group_name = $group_data[1];
}
if (count($_POST)>0 && check_str($_POST["persistform"]) != "1") {
@@ -140,13 +145,14 @@ if (count($_POST)>0 && check_str($_POST["persistform"]) != "1") {
unset($sql);
//add the user to the group
if (strlen($group_name) > 0) {
if (strlen($group_uuid) > 0) {
if ( ($group_name == "superadmin" && if_group("superadmin")) || $group_name != "superadmin") {
$sql = "insert into v_group_users ";
$sql .= "( ";
$sql .= "group_user_uuid, ";
$sql .= "domain_uuid, ";
$sql .= "group_name, ";
$sql .= "group_uuid, ";
$sql .= "user_uuid ";
$sql .= ") ";
$sql .= "values ";
@@ -154,6 +160,7 @@ if (count($_POST)>0 && check_str($_POST["persistform"]) != "1") {
$sql .= "'".$group_user_uuid."', ";
$sql .= "'".$domain_uuid."', ";
$sql .= "'".$group_name."', ";
$sql .= "'".$group_uuid."', ";
$sql .= "'".$user_uuid."' ";
$sql .= ")";
$db->exec(check_sql($sql));
@@ -275,14 +282,13 @@ if (count($_POST)>0 && check_str($_POST["persistform"]) != "1") {
$sql .= "order by group_name asc ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
echo " <select name=\"group_name\" class='formfld' style='width: auto; margin-right: 3px;'>\n";
echo " <select name=\"group_uuid_name\" class='formfld' style='width: auto; margin-right: 3px;'>\n";
echo " <option value=\"\"></option>\n";
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
foreach($result as $field) {
if ($field['group_name'] == "superadmin" && !if_group("superadmin")) { continue; } //only show the superadmin group to other users in the superadmin group
if (!in_array($field["group_name"], $assigned_groups)) {
echo " <option value='".$field['group_name']."'>".$field['group_name']."</option>\n";
}
if ($field['group_name'] == "superadmin" && !if_group("superadmin")) { continue; } //only show the superadmin group to other superadmins
if ($field['group_name'] == "admin" && (!if_group("superadmin") && !if_group("admin") )) { continue; } //only show the admin group to other admins
echo " <option value='".$field['group_uuid']."|".$field['group_name']."'>".$field['group_name']."</option>\n";
}
echo " </select>";
unset($sql, $result);

9
core/users/userdelete.php
View File

@@ -34,6 +34,12 @@ else {
return;
}
//add multi-lingual support
require_once "app_languages.php";
foreach($text as $key => $value) {
$text[$key] = $value[$_SESSION['domain']['language']['code']];
}
//get the id
$user_uuid = check_str($_GET["id"]);
@@ -54,7 +60,7 @@ else {
//required to be a superadmin to delete a member of the superadmin group
$superadmin_list = superadmin_list($db);
if (if_superadmin($superadmin_list, $user_uuid)) {
if (!if_group("superadmin")) {
if (!if_group("superadmin")) {
//access denied - do not delete the user
header("Location: index.php");
return;
@@ -84,6 +90,7 @@ else {
}
//redirect the user
$_SESSION["message"] = $text['message-delete'];
header("Location: index.php");
?>

2
core/users/users.php
View File

@@ -187,7 +187,7 @@ echo " <td align=\"center\">\n";
echo $text['option-false'];
}
echo "&nbsp;</td>\n";
echo " <td valign='top' align='right'>";
echo " <td valign='top' align='right' class='tr_link_void'>";
if (permission_exists('user_edit')) {
echo "<a href='usersupdate.php?id=".$row['user_uuid']."' alt='".$text['button-edit']."'>$v_link_label_edit</a>";
}