From 9e78ea9ee456184875e84dfa8ec9556dca4aa5d0 Mon Sep 17 00:00:00 2001 From: Jan Schneider Date: Tue, 16 Mar 2010 15:17:32 +0100 Subject: [PATCH] Check max_events permission when creating events. --- kronolith/lib/Ajax/Application.php | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/kronolith/lib/Ajax/Application.php b/kronolith/lib/Ajax/Application.php index 58ecaedbe..17db65154 100644 --- a/kronolith/lib/Ajax/Application.php +++ b/kronolith/lib/Ajax/Application.php @@ -81,12 +81,26 @@ class Kronolith_Ajax_Application extends Horde_Ajax_Application_Base return $result; } + if (!$this->_vars->event) { + $perms = $GLOBALS['injector']->getInstance('Horde_Perms'); + if ($perms->hasAppPermission('max_events') !== true && + $perms->hasAppPermission('max_events') <= Kronolith::countEvents()) { + try { + $message = Horde::callHook('perms_denied', array('kronolith:max_events')); + } catch (Horde_Exception_HookNotSet $e) { + $message = @htmlspecialchars(sprintf(_("You are not allowed to create more than %d events."), $perms->hasAppPermission('max_events')), ENT_COMPAT, Horde_Nls::getCharset()); + } + $GLOBALS['notification']->push($message, 'horde.error', array('content.raw')); + return $result; + } + } + $event = $kronolith_driver->getEvent($this->_vars->event); if (!$event) { $GLOBALS['notification']->push(_("The requested event was not found."), 'horde.error'); return $result; } elseif (!$event->hasPermission(Horde_Perms::EDIT)) { - $notification->push(_("You do not have permission to edit this event."), 'horde.warning'); + $GLOBALS['notification']->push(_("You do not have permission to edit this event."), 'horde.warning'); return $result; } -- 2.11.0