From ae14f25d58c17b73fc93b6571c93c259593f2cb2 Mon Sep 17 00:00:00 2001
From: Uwe Steinmann <steinm@debian.org>
Date: Mon, 4 Apr 2016 07:39:39 +0200
Subject: [PATCH 1/5] add more callbacks

---
 SeedDMS_Core/Core/inc.ClassDMS.php      | 44 ++++++++++++++++++++++---
 SeedDMS_Core/Core/inc.ClassDocument.php |  2 +-
 SeedDMS_Core/Core/inc.ClassFolder.php   | 31 +++++++++++++++++
 3 files changed, 72 insertions(+), 5 deletions(-)

diff --git a/SeedDMS_Core/Core/inc.ClassDMS.php b/SeedDMS_Core/Core/inc.ClassDMS.php
index f0b911c7d..69dce6f88 100644
--- a/SeedDMS_Core/Core/inc.ClassDMS.php
+++ b/SeedDMS_Core/Core/inc.ClassDMS.php
@@ -1287,7 +1287,16 @@ class SeedDMS_Core_DMS {
 		if (!$res)
 			return false;
 
-		return $this->getUser($this->db->getInsertID());
+		$user = $this->getUser($this->db->getInsertID());
+
+		/* Check if 'onPostAddUser' callback is set */
+		if(isset($this->_dms->callbacks['onPostAddUser'])) {
+			$callback = $this->_dms->callbacks['onPostUser'];
+			if(!call_user_func($callback[0], $callback[1], $user)) {
+			}
+		}
+
+		return $user;
 	} /* }}} */
 
 	/**
@@ -1378,7 +1387,16 @@ class SeedDMS_Core_DMS {
 		if (!$this->db->getResult($queryStr))
 			return false;
 
-		return $this->getGroup($this->db->getInsertID());
+		$group = $this->getGroup($this->db->getInsertID());
+
+		/* Check if 'onPostAddGroup' callback is set */
+		if(isset($this->_dms->callbacks['onPostAddGroup'])) {
+			$callback = $this->_dms->callbacks['onPostAddGroup'];
+			if(!call_user_func($callback[0], $callback[1], $group)) {
+			}
+		}
+
+		return $group;
 	} /* }}} */
 
 	function getKeywordCategory($id) { /* {{{ */
@@ -1457,7 +1475,16 @@ class SeedDMS_Core_DMS {
 		if (!$this->db->getResult($queryStr))
 			return false;
 
-		return $this->getKeywordCategory($this->db->getInsertID());
+		$category = $this->getKeywordCategory($this->db->getInsertID());
+
+		/* Check if 'onPostAddKeywordCategory' callback is set */
+		if(isset($this->_dms->callbacks['onPostAddKeywordCategory'])) {
+			$callback = $this->_dms->callbacks['onPostAddKeywordCategory'];
+			if(!call_user_func($callback[0], $callback[1], $category)) {
+			}
+		}
+
+		return $category;
 	} /* }}} */
 
 	function getDocumentCategory($id) { /* {{{ */
@@ -1523,7 +1550,16 @@ class SeedDMS_Core_DMS {
 		if (!$this->db->getResult($queryStr))
 			return false;
 
-		return $this->getDocumentCategory($this->db->getInsertID());
+		$category = $this->getDocumentCategory($this->db->getInsertID());
+
+		/* Check if 'onPostAddDocumentCategory' callback is set */
+		if(isset($this->_dms->callbacks['onPostAddDocumentCategory'])) {
+			$callback = $this->_dms->callbacks['onPostAddDocumentCategory'];
+			if(!call_user_func($callback[0], $callback[1], $category)) {
+			}
+		}
+
+		return $category;
 	} /* }}} */
 
 	/**
diff --git a/SeedDMS_Core/Core/inc.ClassDocument.php b/SeedDMS_Core/Core/inc.ClassDocument.php
index 21c5791ba..02ad69daa 100644
--- a/SeedDMS_Core/Core/inc.ClassDocument.php
+++ b/SeedDMS_Core/Core/inc.ClassDocument.php
@@ -1798,7 +1798,7 @@ class SeedDMS_Core_Document extends SeedDMS_Core_Object { /* {{{ */
 
 		$db->startTransaction();
 
-		// FIXME: call a new function removeContent instead
+		// remove content of document
 		foreach ($this->_content as $version) {
 			if (!$this->removeContent($version)) {
 				$db->rollbackTransaction();
diff --git a/SeedDMS_Core/Core/inc.ClassFolder.php b/SeedDMS_Core/Core/inc.ClassFolder.php
index 3d9ef1f76..9a8302ddf 100644
--- a/SeedDMS_Core/Core/inc.ClassFolder.php
+++ b/SeedDMS_Core/Core/inc.ClassFolder.php
@@ -482,6 +482,14 @@ class SeedDMS_Core_Folder extends SeedDMS_Core_Object {
 		}
 
 		$db->commitTransaction();
+
+		/* Check if 'onPostAddSubFolder' callback is set */
+		if(isset($this->_dms->callbacks['onPostAddSubFolder'])) {
+			$callback = $this->_dms->callbacks['onPostAddSubFolder'];
+			if(!call_user_func($callback[0], $callback[1], $newFolder)) {
+			}
+		}
+
 		return $newFolder;
 	} /* }}} */
 
@@ -791,12 +799,28 @@ class SeedDMS_Core_Folder extends SeedDMS_Core_Object {
 		}
 
 		$db->commitTransaction();
+
+		/* Check if 'onPostAddDocument' callback is set */
+		if(isset($this->_dms->callbacks['onPostAddDocument'])) {
+			$callback = $this->_dms->callbacks['onPostAddDocument'];
+			if(!call_user_func($callback[0], $callback[1], $document)) {
+			}
+		}
+
 		return array($document, $res);
 	} /* }}} */
 
 	function remove() { /* {{{ */
 		$db = $this->_dms->getDB();
 
+		/* Check if 'onPreRemoveFolder' callback is set */
+		if(isset($this->_dms->callbacks['onPreRemoveFolder'])) {
+			$callback = $this->_dms->callbacks['onPreRemoveFolder'];
+			if(!call_user_func($callback[0], $callback[1], $this)) {
+				return false;
+			}
+		}
+
 		// Do not delete the root folder.
 		if ($this->_id == $this->_dms->rootFolderID || !isset($this->_parentID) || ($this->_parentID == null) || ($this->_parentID == "") || ($this->_parentID == 0)) {
 			return false;
@@ -847,6 +871,13 @@ class SeedDMS_Core_Folder extends SeedDMS_Core_Object {
 		}
 		$db->commitTransaction();
 
+		/* Check if 'onPostRemoveFolder' callback is set */
+		if(isset($this->_dms->callbacks['onPostRemoveFolder'])) {
+			$callback = $this->_dms->callbacks['onPostRemoveFolder'];
+			if(!call_user_func($callback[0], $callback[1], $this->_id)) {
+			}
+		}
+
 		return true;
 	} /* }}} */
 

From 336b5f79d9071b0ef11a6a1280682346e4c2285f Mon Sep 17 00:00:00 2001
From: Uwe Steinmann <steinm@debian.org>
Date: Mon, 4 Apr 2016 07:39:57 +0200
Subject: [PATCH 2/5] new version 4.3.26

---
 SeedDMS_Core/package.xml | 30 +++++++++++++++++++++++-------
 1 file changed, 23 insertions(+), 7 deletions(-)

diff --git a/SeedDMS_Core/package.xml b/SeedDMS_Core/package.xml
index be226a443..967a0e018 100644
--- a/SeedDMS_Core/package.xml
+++ b/SeedDMS_Core/package.xml
@@ -12,11 +12,11 @@
   <email>uwe@steinmann.cx</email>
   <active>yes</active>
  </lead>
- <date>2016-03-08</date>
- <time>07:12:53</time>
+ <date>2016-04-04</date>
+ <time>07:38:23</time>
  <version>
-  <release>4.3.25</release>
-  <api>4.3.25</api>
+  <release>4.3.26</release>
+  <api>4.3.26</api>
  </version>
  <stability>
   <release>stable</release>
@@ -24,9 +24,7 @@
  </stability>
  <license uri="http://opensource.org/licenses/gpl-license">GPL License</license>
  <notes>
-- rename SeedDMS_Core_Group::getNotificationsByGroup() to getNotifications()
-- use __construct() for all constructors
-- fix setting multi value attributes for versions
+- add more callbacks
  </notes>
  <contents>
   <dir baseinstalldir="SeedDMS" name="/">
@@ -968,5 +966,23 @@ SeedDMS_Core_DMS::getNotificationsByUser() are deprecated
 - SeedDMS_Core_User::getDocumentsLocked() sets locking user propperly
    </notes>
   </release>
+  <release>
+   <date>2016-03-08</date>
+   <time>07:12:53</time>
+   <version>
+    <release>4.3.25</release>
+    <api>4.3.25</api>
+   </version>
+   <stability>
+    <release>stable</release>
+    <api>stable</api>
+   </stability>
+   <license uri="http://opensource.org/licenses/gpl-license">GPL License</license>
+   <notes>
+- rename SeedDMS_Core_Group::getNotificationsByGroup() to getNotifications()
+- use __construct() for all constructors
+- fix setting multi value attributes for versions
+   </notes>
+  </release>
  </changelog>
 </package>

From 6793dbfb668cc91b28560a17d9b7684fddcc5b71 Mon Sep 17 00:00:00 2001
From: Uwe Steinmann <steinm@debian.org>
Date: Mon, 4 Apr 2016 07:40:25 +0200
Subject: [PATCH 3/5] remove restrictions that only admins may delete documents

---
 webdav/webdav.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/webdav/webdav.php b/webdav/webdav.php
index a08dc107d..487710d94 100644
--- a/webdav/webdav.php
+++ b/webdav/webdav.php
@@ -668,9 +668,11 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
 		} else {
 			// check if user is admin
 			// only admins may delete documents
+			/* There is not reason to allow only admins to remove a document
 			if(!$this->user->isAdmin()) {
 				return "403 Forbidden";				 
 			}
+			 */
 
 			if(!$obj->remove()) {
 				return "409 Conflict";

From 4114bd95570c835751155e61e5464071c6057e29 Mon Sep 17 00:00:00 2001
From: Uwe Steinmann <steinm@debian.org>
Date: Mon, 4 Apr 2016 07:40:46 +0200
Subject: [PATCH 4/5] add changes for 4.3.26

---
 CHANGELOG | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG b/CHANGELOG
index e18236380..b3935a7fe 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -4,6 +4,7 @@
 - move some left over javascript from html code into application.js (Closes #253)
 - take out last empty line from view/bootstrap/class.Search.php which causes a
   header to be send to early (Closes: #252, #254) 
+- regular users with sufficient access rights may remove documents via webdav
 
 --------------------------------------------------------------------------------
                      Changes in version 4.3.25

From fb98eb948d571a8deda7bc4a99019a17c2ac882c Mon Sep 17 00:00:00 2001
From: Uwe Steinmann <steinm@debian.org>
Date: Mon, 4 Apr 2016 08:49:50 +0200
Subject: [PATCH 5/5] fix line indenting

---
 op/op.Login.php | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/op/op.Login.php b/op/op.Login.php
index a1be855a1..b11868598 100644
--- a/op/op.Login.php
+++ b/op/op.Login.php
@@ -59,7 +59,7 @@ if(isset($_POST['pwd'])) {
 
 if($settings->_enableGuestLogin && (int) $settings->_guestID) {
 	$guestUser = $dms->getUser((int) $settings->_guestID);
-	if ((!isset($pwd) || strlen($pwd)==0) && ($login != $guestUser->getLogin()))  {
+	if ((!isset($pwd) || strlen($pwd)==0) && ($login != $guestUser->getLogin())) {
 		_printMessage(getMLText("login_error_title"),	getMLText("login_error_text")."\n");
 		exit;
 	}
@@ -117,11 +117,11 @@ if (!$user && isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
 		$dn = false;
 		/* If bind succeed, then get the dn of for the user */
 		if ($bind) {
-            if (isset($settings->_ldapFilter) && strlen($settings->_ldapFilter) > 0) {
-			    $search = ldap_search($ds, $settings->_ldapBaseDN, "(&(".$ldapSearchAttribut.$login.")".$settings->_ldapFilter.")");
-            } else {
-			    $search = ldap_search($ds, $settings->_ldapBaseDN, $ldapSearchAttribut.$login);
-            }
+			if (isset($settings->_ldapFilter) && strlen($settings->_ldapFilter) > 0) {
+				$search = ldap_search($ds, $settings->_ldapBaseDN, "(&(".$ldapSearchAttribut.$login.")".$settings->_ldapFilter.")");
+			} else {
+				$search = ldap_search($ds, $settings->_ldapBaseDN, $ldapSearchAttribut.$login);
+			}
 			if (!is_bool($search)) {
 				$info = ldap_get_entries($ds, $search);
 				if (!is_bool($info) && $info["count"]>0) {
@@ -146,11 +146,11 @@ if (!$user && isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
 			$user = $dms->getUserByLogin($login);
 			if (is_bool($user) && !$settings->_restricted) {
 				// Retrieve the user's LDAP information.
-                if (isset($settings->_ldapFilter) && strlen($settings->_ldapFilter) > 0) {
-			        $search = ldap_search($ds, $settings->_ldapBaseDN, "(&(".$ldapSearchAttribut.$login.")".$settings->_ldapFilter.")");
-                } else {
-			        $search = ldap_search($ds, $settings->_ldapBaseDN, $ldapSearchAttribut.$login);
-                }
+				if (isset($settings->_ldapFilter) && strlen($settings->_ldapFilter) > 0) {
+					$search = ldap_search($ds, $settings->_ldapBaseDN, "(&(".$ldapSearchAttribut.$login.")".$settings->_ldapFilter.")");
+				} else {
+					$search = ldap_search($ds, $settings->_ldapBaseDN, $ldapSearchAttribut.$login);
+				}
 
 				if (!is_bool($search)) {
 					$info = ldap_get_entries($ds, $search);
@@ -290,7 +290,7 @@ if (isset($_COOKIE["mydms_session"])) {
 	setcookie("mydms_session", $id, $lifetime, $settings->_httpRoot, null, null, !$settings->_enableLargeFileUpload);
 }
 
-// TODO: by the PHP manual: The superglobals $_GET and $_REQUEST  are already decoded.
+// TODO: by the PHP manual: The superglobals $_GET and $_REQUEST are already decoded.
 // Using urldecode() on an element in $_GET or $_REQUEST could have unexpected and dangerous results.
 
 if (isset($_POST["referuri"]) && strlen($_POST["referuri"])>0) {