gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-02-06 15:14:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

add more access checking

Browse Source
This commit is contained in:
Uwe Steinmann 2021-06-29 11:26:55 +02:00
parent 8eb5882520
commit 1f22a0dd22
2 changed files with 14 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
views/bootstrap/class.Bootstrap.php
View File

@ -745,7 +745,7 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
if ($accessobject->check_view_access('DocumentNotify')) if ($accessobject->check_view_access('DocumentNotify'))
$menuitems['edit_existing_notify'] = array('link'=>"../out/out.DocumentNotify". $docid, 'label'=>getMLText('edit_existing_notify')); $menuitems['edit_existing_notify'] = array('link'=>"../out/out.DocumentNotify". $docid, 'label'=>getMLText('edit_existing_notify'));
} }
if ($this->params['user']->isAdmin()) { if ($accessobject->check_view_access('TransferDocument')) {
$menuitems['transfer_document'] = array('link'=>"../out/out.TransferDocument". $docid, 'label'=>getMLText('transfer_document')); $menuitems['transfer_document'] = array('link'=>"../out/out.TransferDocument". $docid, 'label'=>getMLText('transfer_document'));
} }
@ -782,7 +782,8 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
if (!$this->params['user']->isAdmin()) if (!$this->params['user']->isAdmin())
$menuitems['edit_default_keywords'] = array('link'=>"../out/out.UserDefaultKeywords.php", 'label'=>getMLText('edit_default_keywords')); $menuitems['edit_default_keywords'] = array('link'=>"../out/out.UserDefaultKeywords.php", 'label'=>getMLText('edit_default_keywords'));
$menuitems['edit_notify'] = array('link'=>"../out/out.ManageNotify.php", 'label'=>getMLText('edit_existing_notify')); if ($accessobject->check_view_access('ManageNotify'))
$menuitems['edit_notify'] = array('link'=>"../out/out.ManageNotify.php", 'label'=>getMLText('edit_existing_notify'));
if ($this->params['enableusersview']){ if ($this->params['enableusersview']){
if ($accessobject->check_view_access('UsrView')) if ($accessobject->check_view_access('UsrView'))
@ -807,8 +808,10 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
echo "<div class=\"nav-collapse col2\">\n"; echo "<div class=\"nav-collapse col2\">\n";
$menuitems = array(); $menuitems = array();
$menuitems['inprocess'] = array('link'=>"../out/out.MyDocuments.php?inProcess=1", 'label'=>getMLText('documents_in_process')); if ($accessobject->check_view_access('MyDocuments')) {
$menuitems['all_documents'] = array('link'=>"../out/out.MyDocuments.php", 'label'=>getMLText('all_documents')); $menuitems['inprocess'] = array('link'=>"../out/out.MyDocuments.php?inProcess=1", 'label'=>getMLText('documents_in_process'));
$menuitems['all_documents'] = array('link'=>"../out/out.MyDocuments.php", 'label'=>getMLText('all_documents'));
}
if($this->params['workflowmode'] == 'traditional' || $this->params['workflowmode'] == 'traditional_only_approval') { if($this->params['workflowmode'] == 'traditional' || $this->params['workflowmode'] == 'traditional_only_approval') {
if ($accessobject->check_view_access('ReviewSummary')) if ($accessobject->check_view_access('ReviewSummary'))
$menuitems['review_summary'] = array('link'=>"../out/out.ReviewSummary.php", 'label'=>getMLText('review_summary')); $menuitems['review_summary'] = array('link'=>"../out/out.ReviewSummary.php", 'label'=>getMLText('review_summary'));

11
views/bootstrap4/class.Bootstrap4.php
View File

@ -735,7 +735,7 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
if ($accessobject->check_view_access('DocumentNotify')) if ($accessobject->check_view_access('DocumentNotify'))
$menuitems['edit_existing_notify'] = array('link'=>"../out/out.DocumentNotify". $docid, 'label'=>getMLText('edit_existing_notify')); $menuitems['edit_existing_notify'] = array('link'=>"../out/out.DocumentNotify". $docid, 'label'=>getMLText('edit_existing_notify'));
} }
if ($this->params['user']->isAdmin()) { if ($accessobject->check_view_access('TransferDocument')) {
$menuitems['transfer_document'] = array('link'=>"../out/out.TransferDocument". $docid, 'label'=>getMLText('transfer_document')); $menuitems['transfer_document'] = array('link'=>"../out/out.TransferDocument". $docid, 'label'=>getMLText('transfer_document'));
} }
@ -768,7 +768,8 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
if (!$this->params['user']->isAdmin()) if (!$this->params['user']->isAdmin())
$menuitems['edit_default_keywords'] = array('link'=>"../out/out.UserDefaultKeywords.php", 'label'=>getMLText('edit_default_keywords')); $menuitems['edit_default_keywords'] = array('link'=>"../out/out.UserDefaultKeywords.php", 'label'=>getMLText('edit_default_keywords'));
$menuitems['edit_notify'] = array('link'=>"../out/out.ManageNotify.php", 'label'=>getMLText('edit_existing_notify')); if ($accessobject->check_view_access('ManageNotify'))
$menuitems['edit_notify'] = array('link'=>"../out/out.ManageNotify.php", 'label'=>getMLText('edit_existing_notify'));
if ($this->params['enableusersview']){ if ($this->params['enableusersview']){
if ($accessobject->check_view_access('UsrView')) if ($accessobject->check_view_access('UsrView'))
@ -789,8 +790,10 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
$accessobject = $this->params['accessobject']; $accessobject = $this->params['accessobject'];
$menuitems = array(); $menuitems = array();
$menuitems['inprocess'] = array('link'=>"../out/out.MyDocuments.php?inProcess=1", 'label'=>getMLText('documents_in_process')); if ($accessobject->check_view_access('MyDocuments')) {
$menuitems['all_documents'] = array('link'=>"../out/out.MyDocuments.php", 'label'=>getMLText('all_documents')); $menuitems['inprocess'] = array('link'=>"../out/out.MyDocuments.php?inProcess=1", 'label'=>getMLText('documents_in_process'));
$menuitems['all_documents'] = array('link'=>"../out/out.MyDocuments.php", 'label'=>getMLText('all_documents'));
}
if($this->params['workflowmode'] == 'traditional' || $this->params['workflowmode'] == 'traditional_only_approval') { if($this->params['workflowmode'] == 'traditional' || $this->params['workflowmode'] == 'traditional_only_approval') {
if ($accessobject->check_view_access('ReviewSummary')) if ($accessobject->check_view_access('ReviewSummary'))
$menuitems['review_summary'] = array('link'=>"../out/out.ReviewSummary.php", 'label'=>getMLText('review_summary')); $menuitems['review_summary'] = array('link'=>"../out/out.ReviewSummary.php", 'label'=>getMLText('review_summary'));