gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-23 18:11:31 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

- new method getReadAccessList() replaces getApproversList() because

Browse Source 
the name is more appropriate. Also fixed sql statement for sqlite3
This commit is contained in:
steinm 2013-02-11 13:55:51 +00:00
parent 41b1debc50
commit 0cd13b5bfa
2 changed files with 122 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

104
LetoDMS_Core/Core/inc.ClassDocument.php
View File

@ -120,6 +120,11 @@ class LetoDMS_Core_Document extends LetoDMS_Core_Object { /* {{{ */
*/
protected $_defaultAccess;
/**
* @var array list of notifications for users and groups
*/
protected $_readAccessList;
/**
* @var array list of notifications for users and groups
*/
@ -1647,11 +1652,21 @@ class LetoDMS_Core_Document extends LetoDMS_Core_Object { /* {{{ */
return true;
} /* }}} */
/**
* Get List of users and groups which have read access on the document
*
* This function is deprecated. Use
* {@see LetoDMS_Core_Document::getReadAccessList()} instead.
*/
function getApproversList() { /* {{{ */
return $this->getReadAccessList();
} /* }}} */
function getReadAccessList() { /* {{{ */
$db = $this->_dms->getDB();
if (!isset($this->_approversList)) {
$this->_approversList = array("groups" => array(), "users" => array());
if (!isset($this->_readAccessList)) {
$this->_readAccessList = array("groups" => array(), "users" => array());
$userIDs = "";
$groupIDs = "";
$defAccess = $this->getDefaultAccess();
@ -1666,13 +1681,14 @@ class LetoDMS_Core_Document extends LetoDMS_Core_Object { /* {{{ */
// to the document.
$tmpList = $this->getAccessList(M_NONE, O_LTEQ);
}
foreach ($tmpList["groups"] as $group) {
$groupIDs .= (strlen($groupIDs)==0 ? "" : ", ") . $group->getGroupID();
foreach ($tmpList["groups"] as $groupAccess) {
$groupIDs .= (strlen($groupIDs)==0 ? "" : ", ") . $groupAccess->getGroupID();
}
foreach ($tmpList["users"] as $c_user) {
if (!$this->_dms->enableAdminRevApp && $c_user->isAdmin()) continue;
$userIDs .= (strlen($userIDs)==0 ? "" : ", ") . $c_user->getUserID();
foreach ($tmpList["users"] as $userAccess) {
$user = $userAccess->getUser();
if (!$this->_dms->enableAdminRevApp && $user->isAdmin()) continue;
if ($user->isGuest()) continue;
$userIDs .= (strlen($userIDs)==0 ? "" : ", ") . $userAccess->getUserID();
}
// Construct a query against the users table to identify those users
@ -1680,37 +1696,43 @@ class LetoDMS_Core_Document extends LetoDMS_Core_Object { /* {{{ */
// ACL entry, by virtue of ownership or by having administrative rights
// on the database.
$queryStr="";
/* If default access is less then read, $userIDs and $groupIDs contains
* a list of user with read access
*/
if ($defAccess < M_READ) {
if (strlen($groupIDs)>0) {
$queryStr = "(SELECT `tblUsers`.* FROM `tblUsers` ".
$queryStr = "SELECT `tblUsers`.* FROM `tblUsers` ".
"LEFT JOIN `tblGroupMembers` ON `tblGroupMembers`.`userID`=`tblUsers`.`id` ".
"WHERE `tblGroupMembers`.`groupID` IN (". $groupIDs .") ".
"AND `tblUsers`.`role` != ".LetoDMS_Core_User::role_guest.")";
"AND `tblUsers`.`role` != ".LetoDMS_Core_User::role_guest." UNION ";
}
$queryStr .= (strlen($queryStr)==0 ? "" : " UNION ").
"(SELECT `tblUsers`.* FROM `tblUsers` ".
$queryStr .=
"SELECT `tblUsers`.* FROM `tblUsers` ".
"WHERE (`tblUsers`.`role` != ".LetoDMS_Core_User::role_guest.") ".
"AND ((`tblUsers`.`id` = ". $this->_ownerID . ") ".
"OR (`tblUsers`.`role` = ".LetoDMS_Core_User::role_admin.")".
(strlen($userIDs) == 0 ? "" : " OR (`tblUsers`.`id` IN (". $userIDs ."))").
")) ORDER BY `login`";
") ORDER BY `login`";
}
/* If default access is equal or greate then read, $userIDs and
* $groupIDs contains a list of user without read access
*/
else {
if (strlen($groupIDs)>0) {
$queryStr = "(SELECT `tblUsers`.* FROM `tblUsers` ".
$queryStr = "SELECT `tblUsers`.* FROM `tblUsers` ".
"LEFT JOIN `tblGroupMembers` ON `tblGroupMembers`.`userID`=`tblUsers`.`id` ".
"WHERE `tblGroupMembers`.`groupID` NOT IN (". $groupIDs .")".
"AND `tblUsers`.`role` != ".LetoDMS_Core_User::role_guest .
(strlen($userIDs) == 0 ? ")" : " AND (`tblUsers`.`id` NOT IN (". $userIDs .")))");
"AND `tblUsers`.`role` != ".LetoDMS_Core_User::role_guest." ".
(strlen($userIDs) == 0 ? "" : " AND (`tblUsers`.`id` NOT IN (". $userIDs ."))")." UNION ";
}
$queryStr .= (strlen($queryStr)==0 ? "" : " UNION ").
"(SELECT `tblUsers`.* FROM `tblUsers` ".
$queryStr .=
"SELECT `tblUsers`.* FROM `tblUsers` ".
"WHERE (`tblUsers`.`id` = ". $this->_ownerID . ") ".
"OR (`tblUsers`.`role` = ".LetoDMS_Core_User::role_admin."))".
"OR (`tblUsers`.`role` = ".LetoDMS_Core_User::role_admin.") ".
"UNION ".
"(SELECT `tblUsers`.* FROM `tblUsers` ".
"WHERE `tblUsers`.`role` != ".LetoDMS_Core_User::role_guest .
(strlen($userIDs) == 0 ? ")" : " AND (`tblUsers`.`id` NOT IN (". $userIDs .")))").
"SELECT `tblUsers`.* FROM `tblUsers` ".
"WHERE `tblUsers`.`role` != ".LetoDMS_Core_User::role_guest." ".
(strlen($userIDs) == 0 ? "" : " AND (`tblUsers`.`id` NOT IN (". $userIDs ."))").
" ORDER BY `login`";
}
$resArr = $db->getResultArray($queryStr);
@ -1718,7 +1740,7 @@ class LetoDMS_Core_Document extends LetoDMS_Core_Object { /* {{{ */
foreach ($resArr as $row) {
$user = $this->_dms->getUser($row['id']);
if (!$this->_dms->enableAdminRevApp && $user->isAdmin()) continue;
$this->_approversList["users"][] = $user;
$this->_readAccessList["users"][] = $user;
}
}
@ -1744,12 +1766,12 @@ class LetoDMS_Core_Document extends LetoDMS_Core_Object { /* {{{ */
if (!is_bool($resArr)) {
foreach ($resArr as $row) {
$group = $this->_dms->getGroup($row["id"]);
$this->_approversList["groups"][] = $group;
$this->_readAccessList["groups"][] = $group;
}
}
}
}
return $this->_approversList;
return $this->_readAccessList;
} /* }}} */
/**
@ -2333,12 +2355,12 @@ class LetoDMS_Core_DocumentContent extends LetoDMS_Core_Object { /* {{{ */
$userID = $user->getID();
// Get the list of users and groups with write access to this document.
if (!isset($this->_approversList)) {
$this->_approversList = $this->_document->getApproversList();
// Get the list of users and groups with read access to this document.
if (!isset($this->_readAccessList)) {
$this->_readAccessList = $this->_document->getReadAccessList();
}
$approved = false;
foreach ($this->_approversList["users"] as $appUser) {
foreach ($this->_readAccessList["users"] as $appUser) {
if ($userID == $appUser->getID()) {
$approved = true;
break;
@ -2394,13 +2416,13 @@ class LetoDMS_Core_DocumentContent extends LetoDMS_Core_Object { /* {{{ */
$groupID = $group->getID();
// Get the list of users and groups with write access to this document.
if (!isset($this->_approversList)) {
// Get the list of users and groups with read access to this document.
if (!isset($this->_readAccessList)) {
// TODO: error checking.
$this->_approversList = $this->_document->getApproversList();
$this->_readAccessList = $this->_document->getReadAccessList();
}
$approved = false;
foreach ($this->_approversList["groups"] as $appGroup) {
foreach ($this->_readAccessList["groups"] as $appGroup) {
if ($groupID == $appGroup->getID()) {
$approved = true;
break;
@ -2558,13 +2580,13 @@ class LetoDMS_Core_DocumentContent extends LetoDMS_Core_Object { /* {{{ */
$userID = $user->getID();
// Get the list of users and groups with write access to this document.
if (!isset($this->_approversList)) {
// Get the list of users and groups with read access to this document.
if (!isset($this->_readAccessList)) {
// TODO: error checking.
$this->_approversList = $this->_document->getApproversList();
$this->_readAccessList = $this->_document->getReadAccessList();
}
$approved = false;
foreach ($this->_approversList["users"] as $appUser) {
foreach ($this->_readAccessList["users"] as $appUser) {
if ($userID == $appUser->getID()) {
$approved = true;
break;
@ -2618,13 +2640,13 @@ class LetoDMS_Core_DocumentContent extends LetoDMS_Core_Object { /* {{{ */
$groupID = $group->getID();
// Get the list of users and groups with write access to this document.
if (!isset($this->_approversList)) {
// Get the list of users and groups with read access to this document.
if (!isset($this->_readAccessList)) {
// TODO: error checking.
$this->_approversList = $this->_document->getApproversList();
$this->_readAccessList = $this->_document->getReadAccessList();
}
$approved = false;
foreach ($this->_approversList["groups"] as $appGroup) {
foreach ($this->_readAccessList["groups"] as $appGroup) {
if ($groupID == $appGroup->getID()) {
$approved = true;
break;

80
LetoDMS_Core/Core/inc.ClassFolder.php
View File

@ -58,6 +58,11 @@ class LetoDMS_Core_Folder extends LetoDMS_Core_Object {
*/
protected $_defaultAccess;
/**
* @var array list of notifications for users and groups
*/
protected $_readAccessList;
/**
* @var array list of notifications for users and groups
*/
@ -1149,22 +1154,45 @@ class LetoDMS_Core_Folder extends LetoDMS_Core_Object {
return 0;
} /* }}} */
/**
* Get List of users and groups which have read access on the document
*
* This function is deprecated. Use
* {@see LetoDMS_Core_Folder::getReadAccessList()} instead.
*/
function getApproversList() { /* {{{ */
return $this->getReadAccessList();
} /* }}} */
/**
* Returns a list of groups and users with read access on the folder
*
*
*
* @return array list of users and groups
*/
function getReadAccessList() { /* {{{ */
$db = $this->_dms->getDB();
if (!isset($this->_approversList)) {
$this->_approversList = array("groups" => array(), "users" => array());
if (!isset($this->_readAccessList)) {
$this->_readAccessList = array("groups" => array(), "users" => array());
$userIDs = "";
$groupIDs = "";
$defAccess = $this->getDefaultAccess();
/* Check if the default access is < read access or >= read access.
* If default access is less than read access, then create a list
* of users and groups with read access.
* If default access is equal or greater then read access, then
* create a list of users and groups without read access.
*/
if ($defAccess<M_READ) {
// Get the list of all users and groups that are listed in the ACL as
// having write access to the folder.
// having read access to the folder.
$tmpList = $this->getAccessList(M_READ, O_GTEQ);
}
else {
// Get the list of all users and groups that DO NOT have write access
// Get the list of all users and groups that DO NOT have read access
// to the folder.
$tmpList = $this->getAccessList(M_NONE, O_LTEQ);
}
@ -1173,47 +1201,53 @@ class LetoDMS_Core_Folder extends LetoDMS_Core_Object {
}
foreach ($tmpList["users"] as $userAccess) {
$user = $userAccess->getUser();
if (!$user->isGuest()) {
if (!$this->_dms->enableAdminRevApp && $user->isAdmin()) continue;
if ($user->isGuest()) continue;
$userIDs .= (strlen($userIDs)==0 ? "" : ", ") . $userAccess->getUserID();
}
}
// Construct a query against the users table to identify those users
// that have write access to this folder, either directly through an
// that have read access to this folder, either directly through an
// ACL entry, by virtue of ownership or by having administrative rights
// on the database.
$queryStr="";
/* If default access is less then read, $userIDs and $groupIDs contains
* a list of user with read access
*/
if ($defAccess < M_READ) {
if (strlen($groupIDs)>0) {
$queryStr = "(SELECT `tblUsers`.* FROM `tblUsers` ".
$queryStr = "SELECT `tblUsers`.* FROM `tblUsers` ".
"LEFT JOIN `tblGroupMembers` ON `tblGroupMembers`.`userID`=`tblUsers`.`id` ".
"WHERE `tblGroupMembers`.`groupID` IN (". $groupIDs .") ".
"AND `tblUsers`.`role` != ".LetoDMS_Core_User::role_guest.")";
"AND `tblUsers`.`role` != ".LetoDMS_Core_User::role_guest." UNION ";
}
$queryStr .= (strlen($queryStr)==0 ? "" : " UNION ").
"(SELECT `tblUsers`.* FROM `tblUsers` ".
$queryStr .=
"SELECT `tblUsers`.* FROM `tblUsers` ".
"WHERE (`tblUsers`.`role` != ".LetoDMS_Core_User::role_guest.") ".
"AND ((`tblUsers`.`id` = ". $this->_ownerID . ") ".
"OR (`tblUsers`.`role` = ".LetoDMS_Core_User::role_admin.")".
(strlen($userIDs) == 0 ? "" : " OR (`tblUsers`.`id` IN (". $userIDs ."))").
")) ORDER BY `login`";
") ORDER BY `login`";
}
/* If default access is equal or greate then read, $userIDs and
* $groupIDs contains a list of user without read access
*/
else {
if (strlen($groupIDs)>0) {
$queryStr = "(SELECT `tblUsers`.* FROM `tblUsers` ".
$queryStr = "SELECT `tblUsers`.* FROM `tblUsers` ".
"LEFT JOIN `tblGroupMembers` ON `tblGroupMembers`.`userID`=`tblUsers`.`id` ".
"WHERE `tblGroupMembers`.`groupID` NOT IN (". $groupIDs .")".
"AND `tblUsers`.`role` != ".LetoDMS_Core_User::role_guest." ".
(strlen($userIDs) == 0 ? ")" : " AND (`tblUsers`.`id` NOT IN (". $userIDs .")))");
(strlen($userIDs) == 0 ? "" : " AND (`tblUsers`.`id` NOT IN (". $userIDs ."))")." UNION ";
}
$queryStr .= (strlen($queryStr)==0 ? "" : " UNION ").
"(SELECT `tblUsers`.* FROM `tblUsers` ".
$queryStr .=
"SELECT `tblUsers`.* FROM `tblUsers` ".
"WHERE (`tblUsers`.`id` = ". $this->_ownerID . ") ".
"OR (`tblUsers`.`role` = ".LetoDMS_Core_User::role_admin."))".
"OR (`tblUsers`.`role` = ".LetoDMS_Core_User::role_admin.") ".
"UNION ".
"(SELECT `tblUsers`.* FROM `tblUsers` ".
"SELECT `tblUsers`.* FROM `tblUsers` ".
"WHERE `tblUsers`.`role` != ".LetoDMS_Core_User::role_guest." ".
(strlen($userIDs) == 0 ? ")" : " AND (`tblUsers`.`id` NOT IN (". $userIDs .")))").
(strlen($userIDs) == 0 ? "" : " AND (`tblUsers`.`id` NOT IN (". $userIDs ."))").
" ORDER BY `login`";
}
$resArr = $db->getResultArray($queryStr);
@ -1221,11 +1255,11 @@ class LetoDMS_Core_Folder extends LetoDMS_Core_Object {
foreach ($resArr as $row) {
$user = $this->_dms->getUser($row['id']);
if (!$this->_dms->enableAdminRevApp && $user->isAdmin()) continue;
$this->_approversList["users"][] = $user;
$this->_readAccessList["users"][] = $user;
}
}
// Assemble the list of groups that have write access to the folder.
// Assemble the list of groups that have read access to the folder.
$queryStr="";
if ($defAccess < M_READ) {
if (strlen($groupIDs)>0) {
@ -1247,12 +1281,12 @@ class LetoDMS_Core_Folder extends LetoDMS_Core_Object {
if (!is_bool($resArr)) {
foreach ($resArr as $row) {
$group = $this->_dms->getGroup($row["id"]);
$this->_approversList["groups"][] = $group;
$this->_readAccessList["groups"][] = $group;
}
}
}
}
return $this->_approversList;
return $this->_readAccessList;
} /* }}} */
/**