Hello
I have a problem with calendar, maybe a misunderstanding from myself.
If I only set read access on user2’s calendar to user2, user2 can add
event to user1’s calendar.
I had a look to this code portion and if saw that the test on line 711
of class.calendar_uiforms.inc.php
if (!$cal_id || $cal_id && !($event =
$this->bo->read($cal_id,$_GET[‘date’])) ||
!$this->bo->check_perms(EGW_ACL_READ,$event))
is always true when we add a new event and no test is performed to
verify EDIT access right before creation.
Is it normal ?
Other question : is there a way to change the owner of an event ?
JC Passard
Provectio
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
eGroupWare-developers mailing list
eGroupWare-developers@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/egroupware-developers
