From c2200c5a70a8f7e48855a729176adf51aab6ba07 Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Thu, 3 Aug 2017 08:13:26 +0200 Subject: [PATCH 1/5] add entry for 4.3.36 --- CHANGELOG | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG b/CHANGELOG index 80a8db5fd..0485ba589 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -14,6 +14,7 @@ - reviewers/approvers can only be modified by users with unrestricted access and as long as no reviewer/approver has reviewed/approved the document - use only svg icons for mimetypes +- add check for processes (reviews/approvals) where the user/group is deleted -------------------------------------------------------------------------------- Changes in version 4.3.35 From 0e6bd00f96104f98eed96295f5f8ede7390716dc Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Thu, 3 Aug 2017 18:43:28 +0200 Subject: [PATCH 2/5] use view for exitError --- out/out.Timeline.php | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/out/out.Timeline.php b/out/out.Timeline.php index 9b8117055..cbad8feb0 100644 --- a/out/out.Timeline.php +++ b/out/out.Timeline.php @@ -24,8 +24,13 @@ include("../inc/inc.Language.php"); include("../inc/inc.ClassUI.php"); include("../inc/inc.Authentication.php"); +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1]); +if(!$view) { +} + if (!$user->isAdmin()) { - UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); + $view->exitError(getMLText("admin_tools"),getMLText("access_denied")); } $rootfolder = $dms->getFolder($settings->_rootFolderID); @@ -47,9 +52,9 @@ if(isset($_GET['version']) && $_GET['version'] && is_numeric($_GET['version'])) } else $content = null; -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); if($view) { + $view->setParam('dms', $dms); + $view->setParam('user', $user); $view->setParam('fromdate', isset($_GET['fromdate']) ? $_GET['fromdate'] : ''); $view->setParam('todate', isset($_GET['todate']) ? $_GET['todate'] : ''); $view->setParam('skip', $skip); From c5a67c2aeb073ac2c00eed8d52d9847cfcc7b210 Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Thu, 3 Aug 2017 21:41:03 +0200 Subject: [PATCH 3/5] initial version of removeProcessWithoutUserGroup() --- SeedDMS_Core/Core/inc.ClassDMS.php | 35 ++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/SeedDMS_Core/Core/inc.ClassDMS.php b/SeedDMS_Core/Core/inc.ClassDMS.php index bab01ecaf..be0283423 100644 --- a/SeedDMS_Core/Core/inc.ClassDMS.php +++ b/SeedDMS_Core/Core/inc.ClassDMS.php @@ -2219,6 +2219,41 @@ class SeedDMS_Core_DMS { return $this->db->getResultArray($queryStr); } /* }}} */ + /** + * Removes all reviews, approvals which are not linked + * to a user, group anymore + * + * This method is for removing all reviews or approvals whose user + * or group was deleted and not just removed from the process. + * If the optional parameter $id is set, only this user/group id is removed. + */ + function removeProcessWithoutUserGroup($process, $usergroup, $id=0) { /* {{{ */ + switch($process) { + case 'review': + $queryStr = "DELETE FROM tblDocumentReviewers"; + break; + case 'approval': + $queryStr = "DELETE FROM tblDocumentApprovers"; + break; + } + $queryStr .= " WHERE"; + switch($usergroup) { + case 'user': + $queryStr .= " type=0 AND"; + if($id) + $queryStr .= " required=".((int) $id)." AND"; + $queryStr .= " required NOT IN (SELECT id FROM tblUsers)"; + break; + case 'group': + $queryStr .= " type=1 AND"; + if($id) + $queryStr .= " required=".((int) $id)." AND"; + $queryStr .= " required NOT IN (SELECT id FROM tblGroups)"; + break; + } + return $this->db->getResultArray($queryStr); + } /* }}} */ + /** * Returns statitical information * From e53beb45f409a766b2ebe947b112dbef9ab1db18 Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Thu, 3 Aug 2017 21:48:55 +0200 Subject: [PATCH 4/5] add comment in removeProcessWithoutUserGroup() --- SeedDMS_Core/Core/inc.ClassDMS.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/SeedDMS_Core/Core/inc.ClassDMS.php b/SeedDMS_Core/Core/inc.ClassDMS.php index be0283423..ea2e2a1e8 100644 --- a/SeedDMS_Core/Core/inc.ClassDMS.php +++ b/SeedDMS_Core/Core/inc.ClassDMS.php @@ -2228,6 +2228,9 @@ class SeedDMS_Core_DMS { * If the optional parameter $id is set, only this user/group id is removed. */ function removeProcessWithoutUserGroup($process, $usergroup, $id=0) { /* {{{ */ + /* Entries of tblDocumentReviewLog or tblDocumentApproveLog are deleted + * because of CASCADE ON + */ switch($process) { case 'review': $queryStr = "DELETE FROM tblDocumentReviewers"; From 79869ff0cff05c077d42ff997496815b99db6054 Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Tue, 22 Aug 2017 06:20:38 +0200 Subject: [PATCH 5/5] minor fix when dropping a key --- install/update-3.4.0/update.sql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install/update-3.4.0/update.sql b/install/update-3.4.0/update.sql index dfc4b7a75..1858d49b2 100644 --- a/install/update-3.4.0/update.sql +++ b/install/update-3.4.0/update.sql @@ -99,7 +99,7 @@ CALL DROPFK('tblDocuments', 'tblDocuments_folder'); ALTER TABLE tblDocuments ADD CONSTRAINT `tblDocuments_folder` FOREIGN KEY (`folder`) REFERENCES `tblFolders` (`id`); -CALL DROPFK('tblDocumentContent', 'tblDocumentDocument_document'); +CALL DROPFK('tblDocumentContent', 'tblDocumentContent_document'); ALTER TABLE tblDocumentContent DROP PRIMARY KEY;