*/
require_once('../../../../lib/base.php');
-$l10n = new OC_L10N('calendar');
-
OC_JSON::checkLoggedIn();
OC_JSON::checkAppEnabled('calendar');
$id = $_POST['id'];
-$event_object = OC_Calendar_App::getEventObject($id);
+$access = OC_Calendar_App::getaccess($id, OC_Calendar_App::EVENT);
+if($access != 'owner' && $access != 'rw'){
+ OC_JSON::error(array('message'=>'permission denied'));
+ exit;
+}
$result = OC_Calendar_Object::delete($id);
-OC_JSON::success();
-?>
+OC_JSON::success();
\ No newline at end of file
OC_JSON::checkAppEnabled('calendar');
$id = $_GET['id'];
-$data = OC_Calendar_App::getEventObject($id);
-$object = OC_VObject::parse($data['calendardata']);
-$vevent = $object->VEVENT;
-
-$access = OC_Calendar_App::check_access($id);
-if(!$access){
+$data = OC_Calendar_App::getEventObject($id, true, true);
+if(!$data){
OC_JSON::error(array('data' => array('message' => self::$l10n->t('Wrong calendar'))));
exit;
}
+$access = OC_Calendar_App::getaccess($id, OC_Calendar_Share::EVENT);
+$object = OC_VObject::parse($data['calendardata']);
+$vevent = $object->VEVENT;
$dtstart = $vevent->DTSTART;
$dtend = OC_Calendar_Object::getDTEndFromVEvent($vevent);
$tmpl = new OC_Template('calendar', 'part.showevent');
}
-$tmpl->assign('id', $id);
+$tmpl->assign('eventid', $id);
$tmpl->assign('lastmodified', $lastmodified);
$tmpl->assign('calendar_options', $calendar_options);
$tmpl->assign('category_options', $category_options);
OC_JSON::checkLoggedIn();
OC_JSON::checkAppEnabled('calendar');
+$id = $_POST['id'];
+
+$access = OC_Calendar_App::getaccess($id, OC_Calendar_App::EVENT);
+if($access != 'owner' && $access != 'rw'){
+ OC_JSON::error(array('message'=>'permission denied'));
+ exit;
+}
+
$errarr = OC_Calendar_Object::validateRequest($_POST);
if($errarr){
//show validate errors
OC_JSON::error($errarr);
exit;
}else{
- $id = $_POST['id'];
$cal = $_POST['calendar'];
$data = OC_Calendar_App::getEventObject($id);
$vcalendar = OC_VObject::parse($data['calendardata']);
OC_JSON::checkLoggedIn();
$id = $_POST['id'];
-
+$access = OC_Calendar_App::getaccess($id, OC_Calendar_App::EVENT);
+if($access != 'owner' && $access != 'rw'){
+ OC_JSON::error(array('message'=>'permission denied'));
+ exit;
+}
$vcalendar = OC_Calendar_App::getVCalendar($id);
$vevent = $vcalendar->VEVENT;
$delta = new DateInterval('P0D');
$delta->d = $_POST['dayDelta'];
$delta->i = $_POST['minuteDelta'];
-
OC_Calendar_App::isNotModified($vevent, $_POST['lastmodified']);
$dtstart = $vevent->DTSTART;
$result = OC_Calendar_Object::edit($id, $vcalendar->serialize());
$lastmodified = $vevent->__get('LAST-MODIFIED')->getDateTime();
-OC_JSON::success(array('lastmodified'=>(int)$lastmodified->format('U')));
+OC_JSON::success(array('lastmodified'=>(int)$lastmodified->format('U')));
\ No newline at end of file
$id = $_POST['id'];
-if(!OC_Calendar_Share::is_editing_allowed(OC_User::getUser(), $id, OC_Calendar_Share::EVENT) && OC_Calendar_Object::getowner($id) != OC_User::getUser()){
- OC_JSON::error(array('message'=>'permissiondenied'));
+$access = OC_Calendar_App::getaccess($id, OC_Calendar_App::EVENT);
+if($access != 'owner' && $access != 'rw'){
+ OC_JSON::error(array('message'=>'permission denied'));
exit;
}
projects / nextcloud-server.git / commitdiff