From f6f58c679dbad82e9ebd22d3e3d47080f7773e4d Mon Sep 17 00:00:00 2001 From: yuri Date: Fri, 8 Jan 2016 15:18:48 +0200 Subject: [PATCH] fixes --- application/Espo/Controllers/EmailAddress.php | 7 ++++++- application/Espo/Resources/layouts/Email/list.json | 2 +- application/Espo/Resources/metadata/app/acl.json | 10 ---------- application/Espo/Resources/metadata/app/aclPortal.json | 2 -- 4 files changed, 7 insertions(+), 14 deletions(-) diff --git a/application/Espo/Controllers/EmailAddress.php b/application/Espo/Controllers/EmailAddress.php index 388a075b4f..dde3bc1696 100644 --- a/application/Espo/Controllers/EmailAddress.php +++ b/application/Espo/Controllers/EmailAddress.php @@ -25,14 +25,19 @@ * * In accordance with Section 7(b) of the GNU General Public License version 3, * these Appropriate Legal Notices must retain the display of the "EspoCRM" word. - ************************************************************************/ + ************************************************************************/ namespace Espo\Controllers; +use \Espo\Core\Exceptions\Forbidden; + class EmailAddress extends \Espo\Core\Controllers\Record { public function actionSearchInAddressBook($params, $data, $request) { + if (!$this->getAcl()->checkScope('Email')) { + throw new Forbidden(); + } $q = $request->get('q'); $limit = intval($request->get('limit')); if (empty($limit) || $limit > 30) { diff --git a/application/Espo/Resources/layouts/Email/list.json b/application/Espo/Resources/layouts/Email/list.json index 03417a0fc0..50f1bf63a4 100644 --- a/application/Espo/Resources/layouts/Email/list.json +++ b/application/Espo/Resources/layouts/Email/list.json @@ -3,5 +3,5 @@ {"name":"subject","width":35,"link":true,"notSortable": true}, {"name":"status","notSortable": true, "width":10}, {"name":"parent","notSortable": true, "width": 16}, - {"name":"dateSent","view": "views/fields/date-time-short", "notSortable": true, "width":10, "align": "right"} + {"name":"dateSent","view": "views/fields/datetime-short", "notSortable": true, "width":10, "align": "right"} ] diff --git a/application/Espo/Resources/metadata/app/acl.json b/application/Espo/Resources/metadata/app/acl.json index 3393b64330..b15c387bc9 100644 --- a/application/Espo/Resources/metadata/app/acl.json +++ b/application/Espo/Resources/metadata/app/acl.json @@ -22,21 +22,11 @@ "edit": "no", "delete": "no" }, - "EmailAddress": { - "read": "no", - "edit": "no", - "delete": "no" - }, "Attachment": { "read": "own", "edit": "own", "delete": "own" }, - "PhoneNumber": { - "read": "no", - "edit": "no", - "delete": "no" - }, "EmailAccount": { "read": "own", "edit": "own", diff --git a/application/Espo/Resources/metadata/app/aclPortal.json b/application/Espo/Resources/metadata/app/aclPortal.json index 9770a29cc6..2e1384a6af 100644 --- a/application/Espo/Resources/metadata/app/aclPortal.json +++ b/application/Espo/Resources/metadata/app/aclPortal.json @@ -14,13 +14,11 @@ "delete": "own" }, "Portal": false, - "EmailAddress": false, "Attachment": { "read": "own", "edit": "own", "delete": "own" }, - "PhoneNumber": false, "EmailAccount": false, "Role": false, "PortalRole": false,