gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-29 21:17:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

don't show preview if ViewOnline isn't allowed, more access checks

Browse Source
This commit is contained in:
Uwe Steinmann 2016-11-09 19:54:00 +01:00
parent ba338191cb
commit 1df09242a0
1 changed files with 46 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
views/bootstrap/class.ViewDocument.php
View File

@ -439,7 +439,9 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
if(is_string($txt)) if(is_string($txt))
echo $txt; echo $txt;
$this->contentContainerEnd(); $this->contentContainerEnd();
if($accessop->check_controller_access('ViewOnline', array('action'=>'run'))) {
$this->preview(); $this->preview();
}
?> ?>
</div> </div>
<div class="span8"> <div class="span8">
@ -580,30 +582,37 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
} }
print "</ul>"; print "</ul>";
print "<ul class=\"unstyled actions\">"; print "<ul class=\"unstyled actions\">";
if($this->check_access('EditOnline'))
if($accessop->mayEditVersion($document)) { if($accessop->mayEditVersion($document)) {
print "<li>".$this->html_link('EditOnline', array('documentid'=>$documentid, 'version'=>$latestContent->getVersion()), array(), "<i class=\"icon-edit\"></i>".getMLText("edit_version"), false, true)."</li>"; print "<li>".$this->html_link('EditOnline', array('documentid'=>$documentid, 'version'=>$latestContent->getVersion()), array(), "<i class=\"icon-edit\"></i>".getMLText("edit_version"), false, true)."</li>";
} }
/* Only admin has the right to remove version in any case or a regular /* Only admin has the right to remove version in any case or a regular
* user if enableVersionDeletion is on * user if enableVersionDeletion is on
*/ */
if($this->check_access('RemoveVersion'))
if($accessop->mayRemoveVersion($document)) { if($accessop->mayRemoveVersion($document)) {
print "<li>".$this->html_link('RemoveVersion', array('documentid'=>$documentid, 'version'=>$latestContent->getVersion()), array(), "<i class=\"icon-remove\"></i>".getMLText("rm_version"), false, true)."</li>"; print "<li>".$this->html_link('RemoveVersion', array('documentid'=>$documentid, 'version'=>$latestContent->getVersion()), array(), "<i class=\"icon-remove\"></i>".getMLText("rm_version"), false, true)."</li>";
} }
if($this->check_access('OverrideContentStatus'))
if($accessop->mayOverrideStatus($document)) { if($accessop->mayOverrideStatus($document)) {
print "<li>".$this->html_link('OverrideContentStatus', array('documentid'=>$documentid, 'version'=>$latestContent->getVersion()), array(), "<i class=\"icon-align-justify\"></i>".getMLText("change_status"), false, true)."</li>"; print "<li>".$this->html_link('OverrideContentStatus', array('documentid'=>$documentid, 'version'=>$latestContent->getVersion()), array(), "<i class=\"icon-align-justify\"></i>".getMLText("change_status"), false, true)."</li>";
} }
if($this->check_access('SetRecipients'))
if($accessop->maySetRecipients($document)) { if($accessop->maySetRecipients($document)) {
print "<li>".$this->html_link('SetRecipients', array('documentid'=>$documentid, 'version'=>$latestContent->getVersion()), array(), "<i class=\"icon-check\"></i>".getMLText("change_recipients"), false, true)."</li>"; print "<li>".$this->html_link('SetRecipients', array('documentid'=>$documentid, 'version'=>$latestContent->getVersion()), array(), "<i class=\"icon-check\"></i>".getMLText("change_recipients"), false, true)."</li>";
} }
if($this->check_access('SetRevisors'))
if($accessop->maySetRevisors($document)) { if($accessop->maySetRevisors($document)) {
print "<li>".$this->html_link('SetRevisors', array('documentid'=>$documentid, 'version'=>$latestContent->getVersion()), array(), "<i class=\"icon-refresh\"></i>".getMLText("change_revisors"), false, true)."</li>"; print "<li>".$this->html_link('SetRevisors', array('documentid'=>$documentid, 'version'=>$latestContent->getVersion()), array(), "<i class=\"icon-refresh\"></i>".getMLText("change_revisors"), false, true)."</li>";
} }
if($workflowmode == 'traditional' || $workflowmode == 'traditional_only_approval') { if($workflowmode == 'traditional' || $workflowmode == 'traditional_only_approval') {
// Allow changing reviewers/approvals only if not reviewed // Allow changing reviewers/approvals only if not reviewed
if($this->check_access('SetReviewersApprovers'))
if($accessop->maySetReviewersApprovers($document)) { if($accessop->maySetReviewersApprovers($document)) {
print "<li>".$this->html_link('SetReviewersApprovers', array('documentid'=>$documentid, 'version'=>$latestContent->getVersion()), array(), "<i class=\"icon-edit\"></i>".getMLText("change_assignments"), false, true)."</li>"; print "<li>".$this->html_link('SetReviewersApprovers', array('documentid'=>$documentid, 'version'=>$latestContent->getVersion()), array(), "<i class=\"icon-edit\"></i>".getMLText("change_assignments"), false, true)."</li>";
} }
} else { } else {
if($this->check_access('SetWorkflow'))
if($accessop->maySetWorkflow($document)) { if($accessop->maySetWorkflow($document)) {
if(!$workflow) { if(!$workflow) {
print "<li>".$this->html_link('SetWorkflow', array('documentid'=>$documentid, 'version'=>$latestContent->getVersion()), array(), "<i class=\"icon-random\"></i>".getMLText("set_workflow"), false, true)."</li>"; print "<li>".$this->html_link('SetWorkflow', array('documentid'=>$documentid, 'version'=>$latestContent->getVersion()), array(), "<i class=\"icon-random\"></i>".getMLText("set_workflow"), false, true)."</li>";
@ -615,13 +624,16 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
print "<li>".$this->html_link('SetExpires', array('documentid'=>$documentid), array(), "<i class=\"icon-time\"></i>".getMLText("set_expiry"), false, true)."</li>"; print "<li>".$this->html_link('SetExpires', array('documentid'=>$documentid), array(), "<i class=\"icon-time\"></i>".getMLText("set_expiry"), false, true)."</li>";
} }
*/ */
if($this->check_access('AddToTransmittal'))
if($dms->getAllTransmittals($user)) { if($dms->getAllTransmittals($user)) {
if($this->check_access('AddToTransmittal')) if($this->check_access('AddToTransmittal'))
print "<li>".$this->html_link('AddToTransmittal', array('documentid'=>$documentid, 'version'=>$latestContent->getVersion()), array(), "<i class=\"icon-list\"></i>".getMLText("add_to_transmittal"), false, true)."</li>"; print "<li>".$this->html_link('AddToTransmittal', array('documentid'=>$documentid, 'version'=>$latestContent->getVersion()), array(), "<i class=\"icon-list\"></i>".getMLText("add_to_transmittal"), false, true)."</li>";
} }
if($this->check_access('EditComment'))
if($accessop->mayEditComment($document)) { if($accessop->mayEditComment($document)) {
print "<li>".$this->html_link('EditComment', array('documentid'=>$documentid, 'version'=>$latestContent->getVersion()), array(), "<i class=\"icon-comment\"></i>".getMLText("edit_comment"), false, true)."</li>"; print "<li>".$this->html_link('EditComment', array('documentid'=>$documentid, 'version'=>$latestContent->getVersion()), array(), "<i class=\"icon-comment\"></i>".getMLText("edit_comment"), false, true)."</li>";
} }
if($this->check_access('EditAttributes'))
if($accessop->mayEditAttributes($document)) { if($accessop->mayEditAttributes($document)) {
print "<li>".$this->html_link('EditAttributes', array('documentid'=>$documentid, 'version'=>$latestContent->getVersion()), array(), "<i class=\"icon-edit\"></i>".getMLText("edit_attributes"), false, true)."</li>"; print "<li>".$this->html_link('EditAttributes', array('documentid'=>$documentid, 'version'=>$latestContent->getVersion()), array(), "<i class=\"icon-edit\"></i>".getMLText("edit_attributes"), false, true)."</li>";
} }