diff --git a/out/out.Acl.php b/out/out.Acl.php index 04efdb7bf..f6665ef48 100644 --- a/out/out.Acl.php +++ b/out/out.Acl.php @@ -28,7 +28,7 @@ include("../inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); $accessop = new SeedDMS_AccessOperation($dms, $user, $settings); -if (!$accessop->check_view_access($view, $_GET) && !$user->isAdmin()) { +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } diff --git a/out/out.AdminTools.php b/out/out.AdminTools.php index 4b02373c5..780a8946a 100644 --- a/out/out.AdminTools.php +++ b/out/out.AdminTools.php @@ -27,7 +27,7 @@ include("../inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); $accessop = new SeedDMS_AccessOperation($dms, $user, $settings); -if (!$accessop->check_view_access($view, $_GET) && !$user->isAdmin()) { +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } diff --git a/out/out.AttributeMgr.php b/out/out.AttributeMgr.php index 44d6748fb..d35029a79 100644 --- a/out/out.AttributeMgr.php +++ b/out/out.AttributeMgr.php @@ -32,7 +32,10 @@ include("../inc/inc.Authentication.php"); */ require_once("SeedDMS/Preview.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -44,8 +47,6 @@ if(isset($_GET['attrdefid']) && $_GET['attrdefid']) { $selattrdef = null; } -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); if($view) { $view->setParam('attrdefs', $attrdefs); $view->setParam('selattrdef', $selattrdef); @@ -55,6 +56,7 @@ if($view) { $view->setParam('maxRecursiveCount', $settings->_maxRecursiveCount); $view->setParam('previewWidthList', $settings->_previewWidthList); $view->setParam('timeout', $settings->_cmdTimeout); + $view->setParam('accessobject', $accessop); $view($_GET); } diff --git a/out/out.BackupTools.php b/out/out.BackupTools.php index 25e4fb75d..dd861aabe 100644 --- a/out/out.BackupTools.php +++ b/out/out.BackupTools.php @@ -25,17 +25,19 @@ include("../inc/inc.Utils.php"); include("../inc/inc.ClassUI.php"); include("../inc/inc.Authentication.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); if($view) { if($settings->_backupDir && file_exists($settings->_backupDir)) $view->setParam('backupdir', $settings->_backupDir); else $view->setParam('backupdir', $settings->_contentDir); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.Calendar.php b/out/out.Calendar.php index f32994371..6a79e2e3c 100644 --- a/out/out.Calendar.php +++ b/out/out.Calendar.php @@ -25,6 +25,13 @@ include("../inc/inc.DBInit.php"); include("../inc/inc.ClassUI.php"); include("../inc/inc.Authentication.php"); +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { + UI::exitError(getMLText("calendar"),getMLText("access_denied")); +} + if ($_GET["mode"]) $mode=$_GET["mode"]; // get required date else use current @@ -37,8 +44,6 @@ else $month = (int)date("m", $currDate); if (isset($_GET["day"])&&is_numeric($_GET["day"])) $day=$_GET["day"]; else $day = (int)date("d", $currDate); -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); if($view) { $view->setParam('mode', $mode); $view->setParam('year', $year); diff --git a/out/out.Categories.php b/out/out.Categories.php index 049e12163..5ea509876 100644 --- a/out/out.Categories.php +++ b/out/out.Categories.php @@ -29,7 +29,7 @@ include("../inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); $accessop = new SeedDMS_AccessOperation($dms, $user, $settings); -if (!$accessop->check_view_access($view, $_GET) && !$user->isAdmin()) { +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -44,5 +44,6 @@ if(isset($_GET['categoryid']) && $_GET['categoryid']) { if($view) { $view->setParam('categories', $categories); $view->setParam('selcategory', $selcat); + $view->setParam('accessobject', $accessop); $view($_GET); } diff --git a/out/out.Charts.php b/out/out.Charts.php index 56c8166ce..98b5f51b9 100644 --- a/out/out.Charts.php +++ b/out/out.Charts.php @@ -27,10 +27,11 @@ include("../inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); - -if (!$user->isAdmin()) { +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } + $rootfolder = $dms->getFolder($settings->_rootFolderID); $type = 'docsperuser'; @@ -50,6 +51,7 @@ if($view) { $view->setParam('rootfolder', $rootfolder); $view->setParam('type', $type); $view->setParam('data', $data); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.CreateIndex.php b/out/out.CreateIndex.php index 39bb6c176..6ea0380c8 100644 --- a/out/out.CreateIndex.php +++ b/out/out.CreateIndex.php @@ -29,7 +29,10 @@ include("../inc/inc.DBInit.php"); include("../inc/inc.ClassUI.php"); include("../inc/inc.Authentication.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -37,10 +40,9 @@ if(!$settings->_enableFullSearch) { UI::exitError(getMLText("admin_tools"),getMLText("fulltextsearch_disabled")); } -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); if($view) { $view->setParam('enablefullsearch', $settings->_enableFullSearch); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.DefaultKeywords.php b/out/out.DefaultKeywords.php index fa5b616a4..d8b153ebc 100644 --- a/out/out.DefaultKeywords.php +++ b/out/out.DefaultKeywords.php @@ -26,7 +26,10 @@ include("../inc/inc.DBInit.php"); include("../inc/inc.ClassUI.php"); include("../inc/inc.Authentication.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -37,9 +40,10 @@ else $categories = $dms->getAllUserKeywordCategories($user->getID()); -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user, 'categories'=>$categories, 'selcategoryid'=>$selcategoryid)); if($view) { + $view->setParam('categories', $categories); + $view->setParam('selcategoryid', $selcategoryid); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.ExtensionMgr.php b/out/out.ExtensionMgr.php index 11a0cc871..f5eb48963 100644 --- a/out/out.ExtensionMgr.php +++ b/out/out.ExtensionMgr.php @@ -25,17 +25,19 @@ include("../inc/inc.DBInit.php"); include("../inc/inc.ClassUI.php"); include("../inc/inc.Authentication.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } $v = new SeedDMS_Version; -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); if($view) { $view->setParam('httproot', $settings->_httpRoot); $view->setParam('version', $v); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.GroupMgr.php b/out/out.GroupMgr.php index 4fdd806b5..250a125e0 100644 --- a/out/out.GroupMgr.php +++ b/out/out.GroupMgr.php @@ -35,7 +35,7 @@ require_once("SeedDMS/Preview.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); $accessop = new SeedDMS_AccessOperation($dms, $user, $settings); -if (!$accessop->check_view_access($view, $_GET) && !$user->isAdmin()) { +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -64,5 +64,6 @@ if($view) { $view->setParam('previewWidthList', $settings->_previewWidthList); $view->setParam('workflowmode', $settings->_workflowMode); $view->setParam('timeout', $settings->_cmdTimeout); + $view->setParam('accessobject', $accessop); $view($_GET); } diff --git a/out/out.Hooks.php b/out/out.Hooks.php index 63870eb9e..ac452281d 100644 --- a/out/out.Hooks.php +++ b/out/out.Hooks.php @@ -24,13 +24,16 @@ include("../inc/inc.DBInit.php"); include("../inc/inc.ClassUI.php"); include("../inc/inc.Authentication.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user, 'settings'=>$settings)); if($view) { + $view->setParam('settings', $settings); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.ImportFS.php b/out/out.ImportFS.php index ff9a44ded..8b352cd17 100644 --- a/out/out.ImportFS.php +++ b/out/out.ImportFS.php @@ -23,13 +23,15 @@ include("../inc/inc.Language.php"); include("../inc/inc.ClassUI.php"); include("../inc/inc.Authentication.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user, 'dropfolderdir'=>$settings->_dropFolderDir)); if($view) { + $view->setParam('dropfolderdir', $settings->_dropFolderDir); $view($_GET); exit; } diff --git a/out/out.IndexInfo.php b/out/out.IndexInfo.php index 34e1f6367..15aaca03d 100644 --- a/out/out.IndexInfo.php +++ b/out/out.IndexInfo.php @@ -28,7 +28,10 @@ include("../inc/inc.DBInit.php"); include("../inc/inc.ClassUI.php"); include("../inc/inc.Authentication.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -41,12 +44,11 @@ if(!$index) { UI::exitError(getMLText("admin_tools"),getMLText("no_fulltextindex")); } -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); if($view) { $view->setParam('luceneclassdir', $settings->_luceneClassDir); $view->setParam('lucenedir', $settings->_luceneDir); $view->setParam('index', $index); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.Indexer.php b/out/out.Indexer.php index 89e549e35..43ea6af13 100644 --- a/out/out.Indexer.php +++ b/out/out.Indexer.php @@ -29,7 +29,10 @@ include("../inc/inc.DBInit.php"); include("../inc/inc.ClassUI.php"); include("../inc/inc.Authentication.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -64,8 +67,6 @@ else { } $folder = $dms->getFolder($folderid); -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); if($view) { $view->setParam('index', $index); $view->setParam('indexconf', $indexconf); @@ -73,6 +74,7 @@ if($view) { $view->setParam('folder', $folder); $view->setParam('converters', $settings->_converters['fulltext']); $view->setParam('timeout', $settings->_cmdTimeout); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.Info.php b/out/out.Info.php index d32d5d338..a41cf366d 100644 --- a/out/out.Info.php +++ b/out/out.Info.php @@ -30,7 +30,7 @@ include("../inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); $accessop = new SeedDMS_AccessOperation($dms, $user, $settings); -if (!$accessop->check_view_access($view, $_GET) && !$user->isAdmin()) { +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } diff --git a/out/out.LogManagement.php b/out/out.LogManagement.php index 599094ba6..7e483ba55 100644 --- a/out/out.LogManagement.php +++ b/out/out.LogManagement.php @@ -25,7 +25,10 @@ include("../inc/inc.DBInit.php"); include("../inc/inc.ClassUI.php"); include("../inc/inc.Authentication.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -35,9 +38,11 @@ else $logname=NULL; if (isset($_GET["mode"])) $mode=$_GET["mode"]; else $mode='web'; -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user, 'logname'=>$logname, 'mode'=>$mode, 'contentdir'=>$settings->_contentDir)); if($view) { + $view->setParam('logname', $logname); + $view->setParam('mode', $mode); + $view->setParam('contentdir', $settings->_contentDir); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.ObjectCheck.php b/out/out.ObjectCheck.php index d1868c44d..f3a682e4f 100644 --- a/out/out.ObjectCheck.php +++ b/out/out.ObjectCheck.php @@ -31,7 +31,7 @@ include("../inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); $accessop = new SeedDMS_AccessOperation($dms, $user, $settings); -if (!$accessop->check_view_access($view, $_GET) && !$user->isAdmin()) { +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -81,6 +81,7 @@ if($view) { $view->setParam('setchecksum', $setchecksum); $view->setParam('repair', $repair); $view->setParam('rootfolder', $rootfolder); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.RemoveArchive.php b/out/out.RemoveArchive.php index 2d11942f3..d8bc7b1d0 100644 --- a/out/out.RemoveArchive.php +++ b/out/out.RemoveArchive.php @@ -24,7 +24,10 @@ include("../inc/inc.DBInit.php"); include("../inc/inc.ClassUI.php"); include("../inc/inc.Authentication.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -34,8 +37,6 @@ if (!isset($_GET["arkname"]) || !file_exists($settings->_contentDir.$_GET["arkna $arkname = $_GET["arkname"]; -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); if($view) { $view->setParam('archive', $arkname); $view($_GET); diff --git a/out/out.RemoveDump.php b/out/out.RemoveDump.php index 7b182bf87..6d32bf837 100644 --- a/out/out.RemoveDump.php +++ b/out/out.RemoveDump.php @@ -24,7 +24,10 @@ include("../inc/inc.DBInit.php"); include("../inc/inc.ClassUI.php"); include("../inc/inc.Authentication.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -34,8 +37,6 @@ if (!isset($_GET["dumpname"]) || !file_exists($settings->_contentDir.$_GET["dump $dumpname = $_GET["dumpname"]; -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); if($view) { $view->setParam('dumpfile', $dumpname); $view($_GET); diff --git a/out/out.RemoveFolderFiles.php b/out/out.RemoveFolderFiles.php index c9a1eab0b..e201426a0 100644 --- a/out/out.RemoveFolderFiles.php +++ b/out/out.RemoveFolderFiles.php @@ -24,7 +24,10 @@ include("../inc/inc.DBInit.php"); include("../inc/inc.ClassUI.php"); include("../inc/inc.Authentication.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -38,8 +41,6 @@ if (!is_object($folder)) { UI::exitError(getMLText("admin_tools"),getMLText("invalid_folder_id")); } -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); if($view) { $view->setParam('folder', $folder); $view($_GET); diff --git a/out/out.RemoveGroup.php b/out/out.RemoveGroup.php index d995d1893..8f3c4b48a 100644 --- a/out/out.RemoveGroup.php +++ b/out/out.RemoveGroup.php @@ -26,7 +26,10 @@ include("../inc/inc.DBInit.php"); include("../inc/inc.ClassUI.php"); include("../inc/inc.Authentication.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -39,8 +42,6 @@ if (!is_object($group)) { UI::exitError(getMLText("rm_group"),getMLText("invalid_group_id")); } -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); if($view) { $view->setParam('group', $group); $view($_GET); diff --git a/out/out.RemoveLog.php b/out/out.RemoveLog.php index 5b4202a3f..5d579ca47 100644 --- a/out/out.RemoveLog.php +++ b/out/out.RemoveLog.php @@ -24,7 +24,10 @@ include("../inc/inc.DBInit.php"); include("../inc/inc.ClassUI.php"); include("../inc/inc.Authentication.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -48,8 +51,6 @@ foreach($lognames as $file) { } } -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); if($view) { $view->setParam('lognames', $lognames); $view->setParam('mode', $mode); diff --git a/out/out.RemoveUser.php b/out/out.RemoveUser.php index 8717bf430..214b7e1d6 100644 --- a/out/out.RemoveUser.php +++ b/out/out.RemoveUser.php @@ -26,7 +26,10 @@ include("../inc/inc.DBInit.php"); include("../inc/inc.ClassUI.php"); include("../inc/inc.Authentication.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -49,8 +52,6 @@ if ($rmuser->getID()==$user->getID()) { $allusers = $dms->getAllUsers($settings->_sortUsersInList); -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); if($view) { $view->setParam('rmuser', $rmuser); $view->setParam('allusers', $allusers); diff --git a/out/out.RemoveWorkflow.php b/out/out.RemoveWorkflow.php index 77da1890d..6f7ffbc6c 100644 --- a/out/out.RemoveWorkflow.php +++ b/out/out.RemoveWorkflow.php @@ -27,7 +27,10 @@ include("../inc/inc.DBInit.php"); include("../inc/inc.ClassUI.php"); include("../inc/inc.Authentication.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -40,8 +43,6 @@ if (!is_object($workflow)) { UI::exitError(getMLText("workflow_title"),getMLText("invalid_workflow_id")); } -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); if($view) { $view->setParam('workflow', $workflow); $view($_GET); diff --git a/out/out.RemoveWorkflowFromDocument.php b/out/out.RemoveWorkflowFromDocument.php index 52729944b..ae841a829 100644 --- a/out/out.RemoveWorkflowFromDocument.php +++ b/out/out.RemoveWorkflowFromDocument.php @@ -28,7 +28,10 @@ include("../inc/inc.ClassUI.php"); include("../inc/inc.ClassAccessOperation.php"); include("../inc/inc.Authentication.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -59,11 +62,6 @@ if (!is_object($workflow)) { $folder = $document->getFolder(); -/* Create object for checking access to certain operations */ -$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); - -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); if($view) { $view->setParam('folder', $folder); $view->setParam('document', $document); diff --git a/out/out.RewindWorkflow.php b/out/out.RewindWorkflow.php index 52729944b..ae841a829 100644 --- a/out/out.RewindWorkflow.php +++ b/out/out.RewindWorkflow.php @@ -28,7 +28,10 @@ include("../inc/inc.ClassUI.php"); include("../inc/inc.ClassAccessOperation.php"); include("../inc/inc.Authentication.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -59,11 +62,6 @@ if (!is_object($workflow)) { $folder = $document->getFolder(); -/* Create object for checking access to certain operations */ -$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); - -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); if($view) { $view->setParam('folder', $folder); $view->setParam('document', $document); diff --git a/out/out.RoleMgr.php b/out/out.RoleMgr.php index 1873fde98..1c720d2a8 100644 --- a/out/out.RoleMgr.php +++ b/out/out.RoleMgr.php @@ -29,7 +29,7 @@ include("../inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); $accessop = new SeedDMS_AccessOperation($dms, $user, $settings); -if (!$accessop->check_view_access($view, $_GET) && !$user->isAdmin()) { +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } diff --git a/out/out.Settings.php b/out/out.Settings.php index 99fe2025e..271f089ac 100644 --- a/out/out.Settings.php +++ b/out/out.Settings.php @@ -24,7 +24,10 @@ include("../inc/inc.DBInit.php"); include("../inc/inc.ClassUI.php"); include("../inc/inc.Authentication.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -32,9 +35,9 @@ if (!$user->isAdmin()) { if(!trim($settings->_encryptionKey)) $settings->_encryptionKey = md5(uniqid()); -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user, 'settings'=>$settings, 'currenttab'=>(isset($_REQUEST['currenttab']) ? $_REQUEST['currenttab'] : ''))); if($view) { + $view->setParam('settings', $settings); + $view->setParam('currenttab', (isset($_REQUEST['currenttab']) ? $_REQUEST['currenttab'] : '')); $view($_GET); exit; } diff --git a/out/out.Statistic.php b/out/out.Statistic.php index 7c390d1c0..22861debc 100644 --- a/out/out.Statistic.php +++ b/out/out.Statistic.php @@ -25,14 +25,17 @@ include("../inc/inc.DBInit.php"); include("../inc/inc.ClassUI.php"); include("../inc/inc.Authentication.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } $rootfolder = $dms->getFolder($settings->_rootFolderID); -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user, 'rootfolder'=>$rootfolder)); if($view) { + $view->setParam('rootfolder', $rootfolder); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.Timeline.php b/out/out.Timeline.php index e3f993870..a4760d9e3 100644 --- a/out/out.Timeline.php +++ b/out/out.Timeline.php @@ -30,7 +30,10 @@ include("../inc/inc.Authentication.php"); */ require_once("SeedDMS/Preview.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } $rootfolder = $dms->getFolder($settings->_rootFolderID); @@ -53,8 +56,6 @@ if(isset($_GET['version']) && $_GET['version'] && is_numeric($_GET['version'])) } else $content = null; -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); if($view) { $view->setParam('fromdate', isset($_GET['fromdate']) ? $_GET['fromdate'] : ''); $view->setParam('todate', isset($_GET['todate']) ? $_GET['todate'] : ''); @@ -65,6 +66,7 @@ if($view) { $view->setParam('previewWidthList', $settings->_previewWidthList); $view->setParam('previewWidthDetail', $settings->_previewWidthDetail); $view->setParam('timeout', $settings->_cmdTimeout); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.UserList.php b/out/out.UserList.php index f95547e96..6d9e7e34d 100644 --- a/out/out.UserList.php +++ b/out/out.UserList.php @@ -28,7 +28,7 @@ include("../inc/inc.ClassPasswordStrength.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); $accessop = new SeedDMS_AccessOperation($dms, $user, $settings); -if (!$accessop->check_view_access($view, $_GET) && !$user->isAdmin()) { +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -39,6 +39,7 @@ if($view) { $view->setParam('httproot', $settings->_httpRoot); $view->setParam('quota', $settings->_quota); $view->setParam('pwdexpiration', $settings->_passwordExpiration); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.UsrMgr.php b/out/out.UsrMgr.php index 2a5688f20..dc8160101 100644 --- a/out/out.UsrMgr.php +++ b/out/out.UsrMgr.php @@ -29,7 +29,7 @@ include("../inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); $accessop = new SeedDMS_AccessOperation($dms, $user, $settings); -if (!$accessop->check_view_access($view, $_GET) && !$user->isAdmin()) { +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } diff --git a/out/out.WorkflowActionsMgr.php b/out/out.WorkflowActionsMgr.php index 60b509d79..fa1307649 100644 --- a/out/out.WorkflowActionsMgr.php +++ b/out/out.WorkflowActionsMgr.php @@ -27,7 +27,10 @@ include("../inc/inc.DBInit.php"); include("../inc/inc.ClassUI.php"); include("../inc/inc.Authentication.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -42,8 +45,6 @@ if (is_bool($workflowactions)) { UI::exitError(getMLText("admin_tools"),getMLText("internal_error")); } -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); if($view) { $view->setParam('allworkflowactions', $workflowactions); $view->setParam('selworkflowaction', $selworkflowaction); diff --git a/out/out.WorkflowMgr.php b/out/out.WorkflowMgr.php index aac3249ae..bdfbcab3d 100644 --- a/out/out.WorkflowMgr.php +++ b/out/out.WorkflowMgr.php @@ -27,7 +27,10 @@ include("../inc/inc.DBInit.php"); include("../inc/inc.ClassUI.php"); include("../inc/inc.Authentication.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -47,8 +50,6 @@ if(isset($_GET['workflowid']) && $_GET['workflowid']) { $selworkflow = null; } -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); if($view) { $view->setParam('selworkflow', $selworkflow); $view->setParam('allworkflows', $workflows); diff --git a/out/out.WorkflowStatesMgr.php b/out/out.WorkflowStatesMgr.php index c8de1f7c7..4380a3737 100644 --- a/out/out.WorkflowStatesMgr.php +++ b/out/out.WorkflowStatesMgr.php @@ -27,7 +27,10 @@ include("../inc/inc.DBInit.php"); include("../inc/inc.ClassUI.php"); include("../inc/inc.Authentication.php"); -if (!$user->isAdmin()) { +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $user, $settings); +if (!$accessop->check_view_access($view, $_GET)) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -37,8 +40,6 @@ if(isset($_GET['workflowstateid']) && $_GET['workflowstateid']) { $selworkflowstate = null; } -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); if($view) { $view->setParam('selworkflowstate', $selworkflowstate); $view($_GET);