gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-10-27 11:11:25 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'develop' into seeddms-5.1.x

Browse Source
This commit is contained in:
Uwe Steinmann 2016-04-22 09:06:01 +02:00
commit 1d01338e49
8 changed files with 62 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
SeedDMS_Core/Core/inc.ClassDocument.php
View File

@ -3169,7 +3169,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */
if ($u->getID() == $owner->getID()) return M_READ;
/* Read/Write access on the document will also grant access on the version */
if($this->_document->getAccessMode($user) >= M_READWRITE) return M_READ;
if($this->_document->getAccessMode($u) >= M_READWRITE) return M_READ;
/* At this point the current status is in the list of status without read access.
* The only way to still gain read access is, if the user is involved in the

15
inc/inc.ClassAccessOperation.php
View File

@ -348,20 +348,27 @@ class SeedDMS_AccessOperation {
* Check for access permission on view
*
* If the parameter $view is an array then each element is considered the
* name of a view and true will be returned if one is accessible.
* name of a view and true will be returned if one of them is accessible.
* Whether access is allowed also depends on the currently logged in user
* stored in the view object. If the user is an admin the access
* on a view must be explicitly disallowed. For regular users the access
* must be explicitly allowed.
*
* If advanced access control is turn off, this function will always return
* true for admins and false for other users.
*
* @param mixed $view Instanz of view, name of view or array of view names
* @param string $get query parameters
* @param string $get query parameters possible containing the element 'action'
* @return boolean true if access is allowed, false if access is disallowed
* no specific access right is set, otherwise false
*/
function check_view_access($view, $get=array()) { /* {{{ */
if(!$this->settings->_advancedAcl)
return true;
if(!$this->settings->_advancedAcl) {
if($this->user->isAdmin())
return true;
else
return false;
}
if(is_string($view)) {
$scripts = array($view);
} elseif(is_array($view)) {

8
inc/inc.ClassViewCommon.php
View File

@ -171,10 +171,10 @@ class SeedDMS_View_Common {
* Check if the access on the view with given name or the current view itself
* may be accessed.
*
* The function behaves differently for admins and other users. For admins
* a view must be explitly disallowed for this function to return false.
* For other users access on a view must be explicitly allow for the this
* function to return true.
* The function requires the parameter 'accessobject' to be available in the
* view, because it calls SeedDMS_AccessOperation::check_view_access()
* to check access rights. If the the optional $name is not set the
* current view is used.
*
* @param string|array $name name of view or list of view names
* @return boolean true if access is allowed otherwise false

42
views/bootstrap/class.AdminTools.php
View File

@ -47,33 +47,33 @@ class SeedDMS_View_AdminTools extends SeedDMS_Bootstrap_Style {
?>
<div id="admin-tools">
<div class="row-fluid">
<?php if($accessop->check_view_access('UsrMgr') || $user->isAdmin()) { ?>
<?php if($accessop->check_view_access('UsrMgr')) { ?>
<a href="../out/out.UsrMgr.php" class="span3 btn btn-medium"><i class="icon-user"></i><br /><?php echo getMLText("user_management")?></a>
<?php } ?>
<?php if($accessop->check_view_access('GroupMgr') || $user->isAdmin()) { ?>
<?php if($accessop->check_view_access('GroupMgr')) { ?>
<a href="../out/out.GroupMgr.php" class="span3 btn btn-medium"><i class="icon-group"></i><br /><?php echo getMLText("group_management")?></a>
<?php } ?>
<?php if($accessop->check_view_access('RoleMgr') || $user->isAdmin()) { ?>
<?php if($accessop->check_view_access('RoleMgr')) { ?>
<a href="../out/out.RoleMgr.php" class="span3 btn btn-medium"><i class="icon-bullseye"></i><br /><?php echo getMLText("role_management")?></a>
<?php } ?>
</div>
<div class="row-fluid">
<?php if($accessop->check_view_access('BackupTools') || $user->isAdmin()) { ?>
<?php if($accessop->check_view_access('BackupTools')) { ?>
<a href="../out/out.BackupTools.php" class="span3 btn btn-medium"><i class="icon-hdd"></i><br /><?php echo getMLText("backup_tools")?></a>
<?php } ?>
<?php
if ($logfileenable && ($accessop->check_view_access('LogManagement') || $user->isAdmin()))
if ($logfileenable && ($accessop->check_view_access('LogManagement')))
echo "<a href=\"../out/out.LogManagement.php\" class=\"span3 btn btn-medium\"><i class=\"icon-list\"></i><br />".getMLText("log_management")."</a>";
?>
</div>
<div class="row-fluid">
<?php if($accessop->check_view_access('DefaultKeywords') || $user->isAdmin()) { ?>
<?php if($accessop->check_view_access('DefaultKeywords')) { ?>
<a href="../out/out.DefaultKeywords.php" class="span3 btn btn-medium"><i class="icon-reorder"></i><br /><?php echo getMLText("global_default_keywords")?></a>
<?php } ?>
<?php if($accessop->check_view_access('Categories') || $user->isAdmin()) { ?>
<?php if($accessop->check_view_access('Categories')) { ?>
<a href="../out/out.Categories.php" class="span3 btn btn-medium"><i class="icon-columns"></i><br /><?php echo getMLText("global_document_categories")?></a>
<?php } ?>
<?php if($accessop->check_view_access('AttributeMgr') || $user->isAdmin()) { ?>
<?php if($accessop->check_view_access('AttributeMgr')) { ?>
<a href="../out/out.AttributeMgr.php" class="span3 btn btn-medium"><i class="icon-tags"></i><br /><?php echo getMLText("global_attributedefinitions")?></a>
<?php } ?>
</div>
@ -81,13 +81,13 @@ class SeedDMS_View_AdminTools extends SeedDMS_Bootstrap_Style {
if($this->params['workflowmode'] == 'advanced') {
?>
<div class="row-fluid">
<?php if($accessop->check_view_access('WorkflowMgr') || $user->isAdmin()) { ?>
<?php if($accessop->check_view_access('WorkflowMgr')) { ?>
<a href="../out/out.WorkflowMgr.php" class="span3 btn btn-medium"><i class="icon-sitemap"></i><br /><?php echo getMLText("global_workflows"); ?></a>
<?php } ?>
<?php if($accessop->check_view_access('WorkflowStatesMgr') || $user->isAdmin()) { ?>
<?php if($accessop->check_view_access('WorkflowStatesMgr')) { ?>
<a href="../out/out.WorkflowStatesMgr.php" class="span3 btn btn-medium"><i class="icon-star"></i><br /><?php echo getMLText("global_workflow_states"); ?></a>
<?php } ?>
<?php if($accessop->check_view_access('WorkflowActionsMgr') || $user->isAdmin()) { ?>
<?php if($accessop->check_view_access('WorkflowActionsMgr')) { ?>
<a href="../out/out.WorkflowActionsMgr.php" class="span3 btn btn-medium"><i class="icon-bolt"></i><br /><?php echo getMLText("global_workflow_actions"); ?></a>
<?php } ?>
</div>
@ -96,13 +96,13 @@ class SeedDMS_View_AdminTools extends SeedDMS_Bootstrap_Style {
if($enablefullsearch) {
?>
<div class="row-fluid">
<?php if($accessop->check_view_access('Indexer') || $user->isAdmin()) { ?>
<?php if($accessop->check_view_access('Indexer')) { ?>
<a href="../out/out.Indexer.php" class="span3 btn btn-medium"><i class="icon-refresh"></i><br /><?php echo getMLText("update_fulltext_index")?></a>
<?php } ?>
<?php if($accessop->check_view_access('CreateIndex') || $user->isAdmin()) { ?>
<?php if($accessop->check_view_access('CreateIndex')) { ?>
<a href="../out/out.CreateIndex.php" class="span3 btn btn-medium"><i class="icon-search"></i><br /><?php echo getMLText("create_fulltext_index")?></a>
<?php } ?>
<?php if($accessop->check_view_access('IndexInfo') || $user->isAdmin()) { ?>
<?php if($accessop->check_view_access('IndexInfo')) { ?>
<a href="../out/out.IndexInfo.php" class="span3 btn btn-medium"><i class="icon-info-sign"></i><br /><?php echo getMLText("fulltext_info")?></a>
<?php } ?>
</div>
@ -110,27 +110,27 @@ class SeedDMS_View_AdminTools extends SeedDMS_Bootstrap_Style {
}
?>
<div class="row-fluid">
<?php if($accessop->check_view_access('Statistic') || $user->isAdmin()) { ?>
<?php if($accessop->check_view_access('Statistic')) { ?>
<a href="../out/out.Statistic.php" class="span3 btn btn-medium"><i class="icon-tasks"></i><br /><?php echo getMLText("folders_and_documents_statistic")?></a>
<?php } ?>
<?php if($accessop->check_view_access('Charts') || $user->isAdmin()) { ?>
<?php if($accessop->check_view_access('Charts')) { ?>
<a href="../out/out.Charts.php" class="span3 btn btn-medium"><i class="icon-bar-chart"></i><br /><?php echo getMLText("charts")?></a>
<?php } ?>
<?php if($accessop->check_view_access('ObjectCheck') || $user->isAdmin()) { ?>
<?php if($accessop->check_view_access('ObjectCheck')) { ?>
<a href="../out/out.ObjectCheck.php" class="span3 btn btn-medium"><i class="icon-check"></i><br /><?php echo getMLText("objectcheck")?></a>
<?php } ?>
<?php if($accessop->check_view_access('Timeline') || $user->isAdmin()) { ?>
<?php if($accessop->check_view_access('Timeline')) { ?>
<a href="../out/out.Timeline.php" class="span3 btn btn-medium"><i class="icon-time"></i><br /><?php echo getMLText("timeline")?></a>
<?php } ?>
</div>
<div class="row-fluid">
<?php if($accessop->check_view_access('Settings') || $user->isAdmin()) { ?>
<?php if($accessop->check_view_access('Settings')) { ?>
<a href="../out/out.Settings.php" class="span3 btn btn-medium"><i class="icon-wrench"></i><br /><?php echo getMLText("settings")?></a>
<?php } ?>
<?php if($accessop->check_view_access('ExtensionMgr') || $user->isAdmin()) { ?>
<?php if($accessop->check_view_access('ExtensionMgr')) { ?>
<a href="../out/out.ExtensionMgr.php" class="span3 btn btn-medium"><i class="icon-cogs"></i><br /><?php echo getMLText("extension_manager")?></a>
<?php } ?>
<?php if($accessop->check_view_access('Info') || $user->isAdmin()) { ?>
<?php if($accessop->check_view_access('Info')) { ?>
<a href="../out/out.Info.php" class="span3 btn btn-medium"><i class="icon-info-sign"></i><br /><?php echo getMLText("version_info")?></a>
<?php } ?>
</div>

6
views/bootstrap/class.AttributeMgr.php
View File

@ -306,12 +306,16 @@ $(document).ready( function() {
?>
</select>
</div>
<div class="ajax" data-view="AttributeMgr" data-action="info" <?php echo ($selattrdef ? "data-query=\"attrdefid=".$selattrdef->getID()."\"" : "") ?>></div>
<?php if($accessop->check_view_access($this, array('action'=>'info'))) { ?>
<div class="ajax" data-view="AttributeMgr" data-action="info" <?php echo ($selattrdef ? "data-query=\"attrdefid=".$selattrdef->getID()."\"" : "") ?>></div>
<?php } ?>
</div>
<div class="span6">
<div class="well">
<?php if($accessop->check_view_access($this, array('action'=>'form'))) { ?>
<div class="ajax" data-view="AttributeMgr" data-action="form" <?php echo ($selattrdef ? "data-query=\"attrdefid=".$selattrdef->getID()."\"" : "") ?>></div>
<?php } ?>
</div>
</div>

15
views/bootstrap/class.GroupMgr.php
View File

@ -257,6 +257,7 @@ $(document).ready( function() {
function show() { /* {{{ */
$dms = $this->params['dms'];
$user = $this->params['user'];
$accessop = $this->params['accessobject'];
$selgroup = $this->params['selgroup'];
$allUsers = $this->params['allusers'];
$allGroups = $this->params['allgroups'];
@ -284,18 +285,22 @@ $(document).ready( function() {
?>
</select>
</div>
<div class="ajax" data-view="GroupMgr" data-action="info" <?php echo ($selgroup ? "data-query=\"groupid=".$selgroup->getID()."\"" : "") ?>></div>
<?php if($accessop->check_view_access($this, array('action'=>'info'))) { ?>
<div class="ajax" data-view="GroupMgr" data-action="info" <?php echo ($selgroup ? "data-query=\"groupid=".$selgroup->getID()."\"" : "") ?>></div>
<?php } ?>
</div>
<div class="span8">
<div class="well">
<div class="ajax" data-view="GroupMgr" data-action="form" <?php echo ($selgroup ? "data-query=\"groupid=".$selgroup->getID()."\"" : "") ?>></div>
</div>
<div class="well">
<?php if($accessop->check_view_access($this, array('action'=>'form'))) { ?>
<div class="ajax" data-view="GroupMgr" data-action="form" <?php echo ($selgroup ? "data-query=\"groupid=".$selgroup->getID()."\"" : "") ?>></div>
<?php } ?>
</div>
</div>
</div>
<?php
$this->contentContainerEnd();
$this->contentEnd();
$this->htmlEndPage();
} /* }}} */

7
views/bootstrap/class.RoleMgr.php
View File

@ -205,14 +205,19 @@ $(document).ready( function() {
?>
</select>
</div>
<div class="ajax" data-view="RoleMgr" data-action="info" <?php echo ($selrole ? "data-query=\"roleid=".$selrole->getID()."\"" : "") ?>></div>
<?php if($accessop->check_view_access($this, array('action'=>'info'))) { ?>
<div class="ajax" data-view="RoleMgr" data-action="info" <?php echo ($selrole ? "data-query=\"roleid=".$selrole->getID()."\"" : "") ?>></div>
<?php } ?>
</div>
<div class="span8">
<div class="well">
<?php if($accessop->check_view_access($this, array('action'=>'form'))) { ?>
<div class="ajax" data-view="RoleMgr" data-action="form" <?php echo ($selrole ? "data-query=\"roleid=".$selrole->getID()."\"" : "") ?>></div>
<?php } ?>
</div>
</div>
</div>
<?php
$this->contentEnd();

6
views/bootstrap/class.UsrMgr.php
View File

@ -520,14 +520,16 @@ $(document).ready( function() {
?>
</select>
</div>
<?php if($accessop->check_view_access($this, array('action'=>'info')) || $user->isAdmin()) { ?>
<div class="ajax" data-view="UsrMgr" data-action="info" <?php echo ($seluser ? "data-query=\"userid=".$seluser->getID()."\"" : "") ?>></div>
<?php if($accessop->check_view_access($this, array('action'=>'info'))) { ?>
<div class="ajax" data-view="UsrMgr" data-action="info" <?php echo ($seluser ? "data-query=\"userid=".$seluser->getID()."\"" : "") ?>></div>
<?php } ?>
</div>
<div class="span8">
<div class="well">
<?php if($accessop->check_view_access($this, array('action'=>'form'))) { ?>
<div class="ajax" data-view="UsrMgr" data-action="form" <?php echo ($seluser ? "data-query=\"userid=".$seluser->getID()."\"" : "") ?>></div>
<?php } ?>
</div>
</div>
</div>