gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-02-06 07:04:57 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

check view access

Browse Source
This commit is contained in:
Uwe Steinmann 2018-02-05 10:28:06 +01:00
parent 51f3416c70
commit 28a0860824
6 changed files with 18 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
out/out.ApprovalSummary.php
View File

@ -31,6 +31,9 @@ include("../inc/inc.Authentication.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_view_access($view, $_GET)) {
UI::exitError(getMLText("my_documents"),getMLText("access_denied"));
}
if ($user->isGuest()) {
UI::exitError(getMLText("my_documents"),getMLText("access_denied"));

3
out/out.GroupView.php
View File

@ -29,6 +29,9 @@ include("../inc/inc.Authentication.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_view_access($view, $_GET)) {
UI::exitError(getMLText("my_account"),getMLText("access_denied"), false, $isajax);
}
if ($user->isGuest()) {
UI::exitError(getMLText("my_account"),getMLText("access_denied"));

3
out/out.ReceiptSummary.php
View File

@ -31,6 +31,9 @@ include("../inc/inc.Authentication.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_view_access($view, $_GET)) {
UI::exitError(getMLText("my_documents"),getMLText("access_denied"));
}
if ($user->isGuest()) {
UI::exitError(getMLText("my_documents"),getMLText("access_denied"));

3
out/out.ReviewSummary.php
View File

@ -31,6 +31,9 @@ include("../inc/inc.Authentication.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_view_access($view, $_GET)) {
UI::exitError(getMLText("my_documents"),getMLText("access_denied"));
}
if ($user->isGuest()) {
UI::exitError(getMLText("my_documents"),getMLText("access_denied"));

3
out/out.UsrView.php
View File

@ -29,6 +29,9 @@ include("../inc/inc.Authentication.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_view_access($view, $_GET)) {
UI::exitError(getMLText("my_account"),getMLText("access_denied"), false, $isajax);
}
if ($user->isGuest()) {
UI::exitError(getMLText("my_account"),getMLText("access_denied"));

3
out/out.WorkflowSummary.php
View File

@ -31,6 +31,9 @@ include("../inc/inc.Authentication.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_view_access($view, $_GET)) {
UI::exitError(getMLText("my_documents"),getMLText("access_denied"));
}
if ($user->isGuest()) {
UI::exitError(getMLText("my_documents"),getMLText("access_denied"));