gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-23 18:11:31 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

- new method getReadAccessList() replaces getApproversList() because

Browse Source 
the name is more appropriate. Also fixed sql statement for sqlite3
This commit is contained in:
steinm 2013-02-11 13:55:51 +00:00
parent 41b1debc50
commit 0cd13b5bfa
2 changed files with 122 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

104
LetoDMS_Core/Core/inc.ClassDocument.php
View File

@ -120,6 +120,11 @@ class LetoDMS_Core_Document extends LetoDMS_Core_Object { /* {{{ */
*/ */
protected $_defaultAccess; protected $_defaultAccess;
/**
* @var array list of notifications for users and groups
*/
protected $_readAccessList;
/** /**
* @var array list of notifications for users and groups * @var array list of notifications for users and groups
*/ */
@ -1647,11 +1652,21 @@ class LetoDMS_Core_Document extends LetoDMS_Core_Object { /* {{{ */
return true; return true;
} /* }}} */ } /* }}} */
/**
* Get List of users and groups which have read access on the document
*
* This function is deprecated. Use
* {@see LetoDMS_Core_Document::getReadAccessList()} instead.
*/
function getApproversList() { /* {{{ */ function getApproversList() { /* {{{ */
return $this->getReadAccessList();
} /* }}} */
function getReadAccessList() { /* {{{ */
$db = $this->_dms->getDB(); $db = $this->_dms->getDB();
if (!isset($this->_approversList)) { if (!isset($this->_readAccessList)) {
$this->_approversList = array("groups" => array(), "users" => array()); $this->_readAccessList = array("groups" => array(), "users" => array());
$userIDs = ""; $userIDs = "";
$groupIDs = ""; $groupIDs = "";
$defAccess = $this->getDefaultAccess(); $defAccess = $this->getDefaultAccess();
@ -1666,13 +1681,14 @@ class LetoDMS_Core_Document extends LetoDMS_Core_Object { /* {{{ */
// to the document. // to the document.
$tmpList = $this->getAccessList(M_NONE, O_LTEQ); $tmpList = $this->getAccessList(M_NONE, O_LTEQ);
} }
foreach ($tmpList["groups"] as $group) { foreach ($tmpList["groups"] as $groupAccess) {
$groupIDs .= (strlen($groupIDs)==0 ? "" : ", ") . $group->getGroupID(); $groupIDs .= (strlen($groupIDs)==0 ? "" : ", ") . $groupAccess->getGroupID();
} }
foreach ($tmpList["users"] as $c_user) { foreach ($tmpList["users"] as $userAccess) {
$user = $userAccess->getUser();
if (!$this->_dms->enableAdminRevApp && $c_user->isAdmin()) continue; if (!$this->_dms->enableAdminRevApp && $user->isAdmin()) continue;
$userIDs .= (strlen($userIDs)==0 ? "" : ", ") . $c_user->getUserID(); if ($user->isGuest()) continue;
$userIDs .= (strlen($userIDs)==0 ? "" : ", ") . $userAccess->getUserID();
} }
// Construct a query against the users table to identify those users // Construct a query against the users table to identify those users
@ -1680,37 +1696,43 @@ class LetoDMS_Core_Document extends LetoDMS_Core_Object { /* {{{ */
// ACL entry, by virtue of ownership or by having administrative rights // ACL entry, by virtue of ownership or by having administrative rights
// on the database. // on the database.
$queryStr=""; $queryStr="";
/* If default access is less then read, $userIDs and $groupIDs contains
* a list of user with read access
*/
if ($defAccess < M_READ) { if ($defAccess < M_READ) {
if (strlen($groupIDs)>0) { if (strlen($groupIDs)>0) {
$queryStr = "(SELECT `tblUsers`.* FROM `tblUsers` ". $queryStr = "SELECT `tblUsers`.* FROM `tblUsers` ".
"LEFT JOIN `tblGroupMembers` ON `tblGroupMembers`.`userID`=`tblUsers`.`id` ". "LEFT JOIN `tblGroupMembers` ON `tblGroupMembers`.`userID`=`tblUsers`.`id` ".
"WHERE `tblGroupMembers`.`groupID` IN (". $groupIDs .") ". "WHERE `tblGroupMembers`.`groupID` IN (". $groupIDs .") ".
"AND `tblUsers`.`role` != ".LetoDMS_Core_User::role_guest.")"; "AND `tblUsers`.`role` != ".LetoDMS_Core_User::role_guest." UNION ";
} }
$queryStr .= (strlen($queryStr)==0 ? "" : " UNION "). $queryStr .=
"(SELECT `tblUsers`.* FROM `tblUsers` ". "SELECT `tblUsers`.* FROM `tblUsers` ".
"WHERE (`tblUsers`.`role` != ".LetoDMS_Core_User::role_guest.") ". "WHERE (`tblUsers`.`role` != ".LetoDMS_Core_User::role_guest.") ".
"AND ((`tblUsers`.`id` = ". $this->_ownerID . ") ". "AND ((`tblUsers`.`id` = ". $this->_ownerID . ") ".
"OR (`tblUsers`.`role` = ".LetoDMS_Core_User::role_admin.")". "OR (`tblUsers`.`role` = ".LetoDMS_Core_User::role_admin.")".
(strlen($userIDs) == 0 ? "" : " OR (`tblUsers`.`id` IN (". $userIDs ."))"). (strlen($userIDs) == 0 ? "" : " OR (`tblUsers`.`id` IN (". $userIDs ."))").
")) ORDER BY `login`"; ") ORDER BY `login`";
} }
/* If default access is equal or greate then read, $userIDs and
* $groupIDs contains a list of user without read access
*/
else { else {
if (strlen($groupIDs)>0) { if (strlen($groupIDs)>0) {
$queryStr = "(SELECT `tblUsers`.* FROM `tblUsers` ". $queryStr = "SELECT `tblUsers`.* FROM `tblUsers` ".
"LEFT JOIN `tblGroupMembers` ON `tblGroupMembers`.`userID`=`tblUsers`.`id` ". "LEFT JOIN `tblGroupMembers` ON `tblGroupMembers`.`userID`=`tblUsers`.`id` ".
"WHERE `tblGroupMembers`.`groupID` NOT IN (". $groupIDs .")". "WHERE `tblGroupMembers`.`groupID` NOT IN (". $groupIDs .")".
"AND `tblUsers`.`role` != ".LetoDMS_Core_User::role_guest . "AND `tblUsers`.`role` != ".LetoDMS_Core_User::role_guest." ".
(strlen($userIDs) == 0 ? ")" : " AND (`tblUsers`.`id` NOT IN (". $userIDs .")))"); (strlen($userIDs) == 0 ? "" : " AND (`tblUsers`.`id` NOT IN (". $userIDs ."))")." UNION ";
} }
$queryStr .= (strlen($queryStr)==0 ? "" : " UNION "). $queryStr .=
"(SELECT `tblUsers`.* FROM `tblUsers` ". "SELECT `tblUsers`.* FROM `tblUsers` ".
"WHERE (`tblUsers`.`id` = ". $this->_ownerID . ") ". "WHERE (`tblUsers`.`id` = ". $this->_ownerID . ") ".
"OR (`tblUsers`.`role` = ".LetoDMS_Core_User::role_admin."))". "OR (`tblUsers`.`role` = ".LetoDMS_Core_User::role_admin.") ".
"UNION ". "UNION ".
"(SELECT `tblUsers`.* FROM `tblUsers` ". "SELECT `tblUsers`.* FROM `tblUsers` ".
"WHERE `tblUsers`.`role` != ".LetoDMS_Core_User::role_guest . "WHERE `tblUsers`.`role` != ".LetoDMS_Core_User::role_guest." ".
(strlen($userIDs) == 0 ? ")" : " AND (`tblUsers`.`id` NOT IN (". $userIDs .")))"). (strlen($userIDs) == 0 ? "" : " AND (`tblUsers`.`id` NOT IN (". $userIDs ."))").
" ORDER BY `login`"; " ORDER BY `login`";
} }
$resArr = $db->getResultArray($queryStr); $resArr = $db->getResultArray($queryStr);
@ -1718,7 +1740,7 @@ class LetoDMS_Core_Document extends LetoDMS_Core_Object { /* {{{ */
foreach ($resArr as $row) { foreach ($resArr as $row) {
$user = $this->_dms->getUser($row['id']); $user = $this->_dms->getUser($row['id']);
if (!$this->_dms->enableAdminRevApp && $user->isAdmin()) continue; if (!$this->_dms->enableAdminRevApp && $user->isAdmin()) continue;
$this->_approversList["users"][] = $user; $this->_readAccessList["users"][] = $user;
} }
} }
@ -1744,12 +1766,12 @@ class LetoDMS_Core_Document extends LetoDMS_Core_Object { /* {{{ */
if (!is_bool($resArr)) { if (!is_bool($resArr)) {
foreach ($resArr as $row) { foreach ($resArr as $row) {
$group = $this->_dms->getGroup($row["id"]); $group = $this->_dms->getGroup($row["id"]);
$this->_approversList["groups"][] = $group; $this->_readAccessList["groups"][] = $group;
} }
} }
} }
} }
return $this->_approversList; return $this->_readAccessList;
} /* }}} */ } /* }}} */
/** /**
@ -2333,12 +2355,12 @@ class LetoDMS_Core_DocumentContent extends LetoDMS_Core_Object { /* {{{ */
$userID = $user->getID(); $userID = $user->getID();
// Get the list of users and groups with write access to this document. // Get the list of users and groups with read access to this document.
if (!isset($this->_approversList)) { if (!isset($this->_readAccessList)) {
$this->_approversList = $this->_document->getApproversList(); $this->_readAccessList = $this->_document->getReadAccessList();
} }
$approved = false; $approved = false;
foreach ($this->_approversList["users"] as $appUser) { foreach ($this->_readAccessList["users"] as $appUser) {
if ($userID == $appUser->getID()) { if ($userID == $appUser->getID()) {
$approved = true; $approved = true;
break; break;
@ -2394,13 +2416,13 @@ class LetoDMS_Core_DocumentContent extends LetoDMS_Core_Object { /* {{{ */
$groupID = $group->getID(); $groupID = $group->getID();
// Get the list of users and groups with write access to this document. // Get the list of users and groups with read access to this document.
if (!isset($this->_approversList)) { if (!isset($this->_readAccessList)) {
// TODO: error checking. // TODO: error checking.
$this->_approversList = $this->_document->getApproversList(); $this->_readAccessList = $this->_document->getReadAccessList();
} }
$approved = false; $approved = false;
foreach ($this->_approversList["groups"] as $appGroup) { foreach ($this->_readAccessList["groups"] as $appGroup) {
if ($groupID == $appGroup->getID()) { if ($groupID == $appGroup->getID()) {
$approved = true; $approved = true;
break; break;
@ -2558,13 +2580,13 @@ class LetoDMS_Core_DocumentContent extends LetoDMS_Core_Object { /* {{{ */
$userID = $user->getID(); $userID = $user->getID();
// Get the list of users and groups with write access to this document. // Get the list of users and groups with read access to this document.
if (!isset($this->_approversList)) { if (!isset($this->_readAccessList)) {
// TODO: error checking. // TODO: error checking.
$this->_approversList = $this->_document->getApproversList(); $this->_readAccessList = $this->_document->getReadAccessList();
} }
$approved = false; $approved = false;
foreach ($this->_approversList["users"] as $appUser) { foreach ($this->_readAccessList["users"] as $appUser) {
if ($userID == $appUser->getID()) { if ($userID == $appUser->getID()) {
$approved = true; $approved = true;
break; break;
@ -2618,13 +2640,13 @@ class LetoDMS_Core_DocumentContent extends LetoDMS_Core_Object { /* {{{ */
$groupID = $group->getID(); $groupID = $group->getID();
// Get the list of users and groups with write access to this document. // Get the list of users and groups with read access to this document.
if (!isset($this->_approversList)) { if (!isset($this->_readAccessList)) {
// TODO: error checking. // TODO: error checking.
$this->_approversList = $this->_document->getApproversList(); $this->_readAccessList = $this->_document->getReadAccessList();
} }
$approved = false; $approved = false;
foreach ($this->_approversList["groups"] as $appGroup) { foreach ($this->_readAccessList["groups"] as $appGroup) {
if ($groupID == $appGroup->getID()) { if ($groupID == $appGroup->getID()) {
$approved = true; $approved = true;
break; break;

84
LetoDMS_Core/Core/inc.ClassFolder.php
View File

@ -58,6 +58,11 @@ class LetoDMS_Core_Folder extends LetoDMS_Core_Object {
*/ */
protected $_defaultAccess; protected $_defaultAccess;
/**
* @var array list of notifications for users and groups
*/
protected $_readAccessList;
/** /**
* @var array list of notifications for users and groups * @var array list of notifications for users and groups
*/ */
@ -1149,22 +1154,45 @@ class LetoDMS_Core_Folder extends LetoDMS_Core_Object {
return 0; return 0;
} /* }}} */ } /* }}} */
/**
* Get List of users and groups which have read access on the document
*
* This function is deprecated. Use
* {@see LetoDMS_Core_Folder::getReadAccessList()} instead.
*/
function getApproversList() { /* {{{ */ function getApproversList() { /* {{{ */
return $this->getReadAccessList();
} /* }}} */
/**
* Returns a list of groups and users with read access on the folder
*
*
*
* @return array list of users and groups
*/
function getReadAccessList() { /* {{{ */
$db = $this->_dms->getDB(); $db = $this->_dms->getDB();
if (!isset($this->_approversList)) { if (!isset($this->_readAccessList)) {
$this->_approversList = array("groups" => array(), "users" => array()); $this->_readAccessList = array("groups" => array(), "users" => array());
$userIDs = ""; $userIDs = "";
$groupIDs = ""; $groupIDs = "";
$defAccess = $this->getDefaultAccess(); $defAccess = $this->getDefaultAccess();
/* Check if the default access is < read access or >= read access.
* If default access is less than read access, then create a list
* of users and groups with read access.
* If default access is equal or greater then read access, then
* create a list of users and groups without read access.
*/
if ($defAccess<M_READ) { if ($defAccess<M_READ) {
// Get the list of all users and groups that are listed in the ACL as // Get the list of all users and groups that are listed in the ACL as
// having write access to the folder. // having read access to the folder.
$tmpList = $this->getAccessList(M_READ, O_GTEQ); $tmpList = $this->getAccessList(M_READ, O_GTEQ);
} }
else { else {
// Get the list of all users and groups that DO NOT have write access // Get the list of all users and groups that DO NOT have read access
// to the folder. // to the folder.
$tmpList = $this->getAccessList(M_NONE, O_LTEQ); $tmpList = $this->getAccessList(M_NONE, O_LTEQ);
} }
@ -1173,59 +1201,65 @@ class LetoDMS_Core_Folder extends LetoDMS_Core_Object {
} }
foreach ($tmpList["users"] as $userAccess) { foreach ($tmpList["users"] as $userAccess) {
$user = $userAccess->getUser(); $user = $userAccess->getUser();
if (!$user->isGuest()) { if (!$this->_dms->enableAdminRevApp && $user->isAdmin()) continue;
$userIDs .= (strlen($userIDs)==0 ? "" : ", ") . $userAccess->getUserID(); if ($user->isGuest()) continue;
} $userIDs .= (strlen($userIDs)==0 ? "" : ", ") . $userAccess->getUserID();
} }
// Construct a query against the users table to identify those users // Construct a query against the users table to identify those users
// that have write access to this folder, either directly through an // that have read access to this folder, either directly through an
// ACL entry, by virtue of ownership or by having administrative rights // ACL entry, by virtue of ownership or by having administrative rights
// on the database. // on the database.
$queryStr=""; $queryStr="";
/* If default access is less then read, $userIDs and $groupIDs contains
* a list of user with read access
*/
if ($defAccess < M_READ) { if ($defAccess < M_READ) {
if (strlen($groupIDs)>0) { if (strlen($groupIDs)>0) {
$queryStr = "(SELECT `tblUsers`.* FROM `tblUsers` ". $queryStr = "SELECT `tblUsers`.* FROM `tblUsers` ".
"LEFT JOIN `tblGroupMembers` ON `tblGroupMembers`.`userID`=`tblUsers`.`id` ". "LEFT JOIN `tblGroupMembers` ON `tblGroupMembers`.`userID`=`tblUsers`.`id` ".
"WHERE `tblGroupMembers`.`groupID` IN (". $groupIDs .") ". "WHERE `tblGroupMembers`.`groupID` IN (". $groupIDs .") ".
"AND `tblUsers`.`role` != ".LetoDMS_Core_User::role_guest.")"; "AND `tblUsers`.`role` != ".LetoDMS_Core_User::role_guest." UNION ";
} }
$queryStr .= (strlen($queryStr)==0 ? "" : " UNION "). $queryStr .=
"(SELECT `tblUsers`.* FROM `tblUsers` ". "SELECT `tblUsers`.* FROM `tblUsers` ".
"WHERE (`tblUsers`.`role` != ".LetoDMS_Core_User::role_guest.") ". "WHERE (`tblUsers`.`role` != ".LetoDMS_Core_User::role_guest.") ".
"AND ((`tblUsers`.`id` = ". $this->_ownerID . ") ". "AND ((`tblUsers`.`id` = ". $this->_ownerID . ") ".
"OR (`tblUsers`.`role` = ".LetoDMS_Core_User::role_admin.")". "OR (`tblUsers`.`role` = ".LetoDMS_Core_User::role_admin.")".
(strlen($userIDs) == 0 ? "" : " OR (`tblUsers`.`id` IN (". $userIDs ."))"). (strlen($userIDs) == 0 ? "" : " OR (`tblUsers`.`id` IN (". $userIDs ."))").
")) ORDER BY `login`"; ") ORDER BY `login`";
} }
/* If default access is equal or greate then read, $userIDs and
* $groupIDs contains a list of user without read access
*/
else { else {
if (strlen($groupIDs)>0) { if (strlen($groupIDs)>0) {
$queryStr = "(SELECT `tblUsers`.* FROM `tblUsers` ". $queryStr = "SELECT `tblUsers`.* FROM `tblUsers` ".
"LEFT JOIN `tblGroupMembers` ON `tblGroupMembers`.`userID`=`tblUsers`.`id` ". "LEFT JOIN `tblGroupMembers` ON `tblGroupMembers`.`userID`=`tblUsers`.`id` ".
"WHERE `tblGroupMembers`.`groupID` NOT IN (". $groupIDs .")". "WHERE `tblGroupMembers`.`groupID` NOT IN (". $groupIDs .")".
"AND `tblUsers`.`role` != ".LetoDMS_Core_User::role_guest." ". "AND `tblUsers`.`role` != ".LetoDMS_Core_User::role_guest." ".
(strlen($userIDs) == 0 ? ")" : " AND (`tblUsers`.`id` NOT IN (". $userIDs .")))"); (strlen($userIDs) == 0 ? "" : " AND (`tblUsers`.`id` NOT IN (". $userIDs ."))")." UNION ";
} }
$queryStr .= (strlen($queryStr)==0 ? "" : " UNION "). $queryStr .=
"(SELECT `tblUsers`.* FROM `tblUsers` ". "SELECT `tblUsers`.* FROM `tblUsers` ".
"WHERE (`tblUsers`.`id` = ". $this->_ownerID . ") ". "WHERE (`tblUsers`.`id` = ". $this->_ownerID . ") ".
"OR (`tblUsers`.`role` = ".LetoDMS_Core_User::role_admin."))". "OR (`tblUsers`.`role` = ".LetoDMS_Core_User::role_admin.") ".
"UNION ". "UNION ".
"(SELECT `tblUsers`.* FROM `tblUsers` ". "SELECT `tblUsers`.* FROM `tblUsers` ".
"WHERE `tblUsers`.`role` != ".LetoDMS_Core_User::role_guest." ". "WHERE `tblUsers`.`role` != ".LetoDMS_Core_User::role_guest." ".
(strlen($userIDs) == 0 ? ")" : " AND (`tblUsers`.`id` NOT IN (". $userIDs .")))"). (strlen($userIDs) == 0 ? "" : " AND (`tblUsers`.`id` NOT IN (". $userIDs ."))").
" ORDER BY `login`"; " ORDER BY `login`";
} }
$resArr = $db->getResultArray($queryStr); $resArr = $db->getResultArray($queryStr);
if (!is_bool($resArr)) { if (!is_bool($resArr)) {
foreach ($resArr as $row) { foreach ($resArr as $row) {
$user = $this->_dms->getUser($row['id']); $user = $this->_dms->getUser($row['id']);
if (!$this->_dms->enableAdminRevApp && $user->isAdmin()) continue; if (!$this->_dms->enableAdminRevApp && $user->isAdmin()) continue;
$this->_approversList["users"][] = $user; $this->_readAccessList["users"][] = $user;
} }
} }
// Assemble the list of groups that have write access to the folder. // Assemble the list of groups that have read access to the folder.
$queryStr=""; $queryStr="";
if ($defAccess < M_READ) { if ($defAccess < M_READ) {
if (strlen($groupIDs)>0) { if (strlen($groupIDs)>0) {
@ -1247,12 +1281,12 @@ class LetoDMS_Core_Folder extends LetoDMS_Core_Object {
if (!is_bool($resArr)) { if (!is_bool($resArr)) {
foreach ($resArr as $row) { foreach ($resArr as $row) {
$group = $this->_dms->getGroup($row["id"]); $group = $this->_dms->getGroup($row["id"]);
$this->_approversList["groups"][] = $group; $this->_readAccessList["groups"][] = $group;
} }
} }
} }
} }
return $this->_approversList; return $this->_readAccessList;
} /* }}} */ } /* }}} */
/** /**