gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-03-12 00:45:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

check access on folder in 'searchfolder'

Browse Source
This commit is contained in:
Uwe Steinmann 2022-09-14 18:07:57 +02:00
parent fc68b025ef
commit 100b0bfa26
1 changed files with 20 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
op/op.Ajax.php
View File

@ -152,26 +152,30 @@ switch($command) {
if(count($hits['folders']) == 1) { if(count($hits['folders']) == 1) {
$hit = $hits['folders'][0]; $hit = $hits['folders'][0];
$basefolder = $dms->getFolder($hit->getID()); $basefolder = $dms->getFolder($hit->getID());
if($subquery = substr($query, $pos+1)) { if($basefolder->getAccessMode($user, 'search') >= M_READ) {
$hits = $dms->search($subquery, $limit=0, $offset=0, $logicalmode='AND', $searchin=array(), $startFolder=$basefolder, $owner=null, $status = array(), $creationstartdate=array(), $creationenddate=array(), $modificationstartdate=array(), $modificationenddate=array(), $categories=array(), $attributes=array(), $mode=0x2, $expirationstartdate=array(), $expirationenddate=array()); if($subquery = substr($query, $pos+1)) {
if($hits) { $hits = $dms->search($subquery, $limit=0, $offset=0, $logicalmode='AND', $searchin=array(), $startFolder=$basefolder, $owner=null, $status = array(), $creationstartdate=array(), $creationenddate=array(), $modificationstartdate=array(), $modificationenddate=array(), $categories=array(), $attributes=array(), $mode=0x2, $expirationstartdate=array(), $expirationenddate=array());
if($hits) {
$result = array();
foreach($hits['folders'] as $hit) {
if($hit->getAccessMode($user, 'search') >= M_READ)
$result[] = $hit->getID().'#'.$basefolder->getName().'/'.$hit->getName();
}
header('Content-Type: application/json');
echo json_encode($result);
return;
}
} else {
$subfolders = $basefolder->getSubFolders();
$subfolders = SeedDMS_Core_DMS::filterAccess($subfolders, $user, M_READ);
$result = array(); $result = array();
foreach($hits['folders'] as $hit) { foreach($subfolders as $subfolder) {
$result[] = $hit->getID().'#'.$basefolder->getName().'/'.$hit->getName(); $result[] = $subfolder->getID().'#'.$basefolder->getName().'/'.$subfolder->getName();
} }
header('Content-Type: application/json'); header('Content-Type: application/json');
echo json_encode($result); echo json_encode($result);
return; return;
} }
} else {
$subfolders = $basefolder->getSubFolders();
$result = array();
foreach($subfolders as $subfolder) {
$result[] = $subfolder->getID().'#'.$basefolder->getName().'/'.$subfolder->getName();
}
header('Content-Type: application/json');
echo json_encode($result);
return;
} }
} }
} }
@ -180,7 +184,8 @@ switch($command) {
if($hits) { if($hits) {
$result = array(); $result = array();
foreach($hits['folders'] as $hit) { foreach($hits['folders'] as $hit) {
$result[] = $hit->getID().'#'.$hit->getName(); if($hit->getAccessMode($user, 'search') >= M_READ)
$result[] = $hit->getID().'#'.$hit->getName();
} }
header('Content-Type: application/json'); header('Content-Type: application/json');
echo json_encode($result); echo json_encode($result);