diff --git a/includes/controller/rooms_controller.php b/includes/controller/rooms_controller.php index 3f5ff387..3082a28d 100644 --- a/includes/controller/rooms_controller.php +++ b/includes/controller/rooms_controller.php @@ -19,7 +19,11 @@ function room_controller() redirect(page_link_to()); } - $room = load_room(); + $room = load_room(false); + if ($room['show'] != 'Y' && !in_array('admin_rooms', $privileges)) { + redirect(page_link_to()); + } + $all_shifts = Shifts_by_room($room); $days = []; foreach ($all_shifts as $shift) { @@ -99,15 +103,16 @@ function room_edit_link($room) /** * Loads room by request param room_id * + * @param bool $onlyVisible * @return array */ -function load_room() +function load_room($onlyVisible = true) { if (!test_request_int('room_id')) { redirect(page_link_to()); } - $room = Room($_REQUEST['room_id']); + $room = Room($_REQUEST['room_id'], $onlyVisible); if ($room == null) { redirect(page_link_to()); } diff --git a/includes/model/Room_model.php b/includes/model/Room_model.php index c8399bc4..17617b39 100644 --- a/includes/model/Room_model.php +++ b/includes/model/Room_model.php @@ -57,16 +57,16 @@ function Room_create($name, $from_frab, $public, $number = null) * Returns room by id. * * @param int $room_id RID - * @param bool $show_only + * @param bool $onlyVisible * @return array|false */ -function Room($room_id, $show_only = true) +function Room($room_id, $onlyVisible = true) { $room_source = DB::select(' SELECT * FROM `Room` WHERE `RID` = ? - ' . ($show_only ? 'AND `show` = \'Y\'' : ''), + ' . ($onlyVisible ? 'AND `show` = \'Y\'' : ''), [$room_id] ); diff --git a/includes/sys_menu.php b/includes/sys_menu.php index 0b7d6b37..f160441c 100644 --- a/includes/sys_menu.php +++ b/includes/sys_menu.php @@ -197,7 +197,8 @@ function make_room_navigation($menu) return $menu; } - $rooms = Rooms(); + // Get a list of all rooms + $rooms = Rooms(true); $room_menu = []; if (in_array('admin_rooms', $privileges)) { $room_menu[] = toolbar_item_link(page_link_to('admin_rooms'), 'list', _('Manage rooms')); @@ -206,7 +207,16 @@ function make_room_navigation($menu) $room_menu[] = toolbar_item_divider(); } foreach ($rooms as $room) { - $room_menu[] = toolbar_item_link(room_link($room), 'map-marker', $room['Name']); + if ( + $room['show'] == 'Y' // room is public + || ( + // room is not public, but user can admin_rooms + $room['show'] != 'Y' + && in_array('admin_rooms', $privileges) + ) + ) { + $room_menu[] = toolbar_item_link(room_link($room), 'map-marker', $room['Name']); + } } if (count($room_menu) > 0) { $menu[] = toolbar_dropdown('map-marker', _('Rooms'), $room_menu);