gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-10-30 20:51:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

check access rights

Browse Source
This commit is contained in:
Uwe Steinmann 2016-04-13 18:42:58 +02:00
parent 8723151361
commit 28dc4d32ad
3 changed files with 15 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
out/out.MyAccount.php
View File

@ -26,17 +26,20 @@ include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php"); include("../inc/inc.ClassUI.php");
include("../inc/inc.Authentication.php"); include("../inc/inc.Authentication.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if ($user->isGuest()) { if ($user->isGuest()) {
UI::exitError(getMLText("my_account"),getMLText("access_denied")); UI::exitError(getMLText("my_account"),getMLText("access_denied"));
} }
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
if($view) { if($view) {
$view->setParam('enableuserimage', $settings->_enableUserImage); $view->setParam('enableuserimage', $settings->_enableUserImage);
$view->setParam('passwordexpiration', $settings->_passwordExpiration); $view->setParam('passwordexpiration', $settings->_passwordExpiration);
$view->setParam('httproot', $settings->_httpRoot); $view->setParam('httproot', $settings->_httpRoot);
$view->setParam('quota', $settings->_quota); $view->setParam('quota', $settings->_quota);
$view->setParam('accessobject', $accessop);
$view($_GET); $view($_GET);
exit; exit;
} }

7
out/out.MyDocuments.php
View File

@ -31,6 +31,10 @@ include("../inc/inc.Authentication.php");
*/ */
require_once("SeedDMS/Preview.php"); require_once("SeedDMS/Preview.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if ($user->isGuest()) { if ($user->isGuest()) {
UI::exitError(getMLText("my_documents"),getMLText("access_denied")); UI::exitError(getMLText("my_documents"),getMLText("access_denied"));
} }
@ -47,8 +51,6 @@ if (isset($_GET["orderby"]) && strlen($_GET["orderby"])==1 ) {
$orderby=$_GET["orderby"]; $orderby=$_GET["orderby"];
} }
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
if($view) { if($view) {
$view->setParam('orderby', $orderby); $view->setParam('orderby', $orderby);
$view->setParam('showinprocess', $showInProcess); $view->setParam('showinprocess', $showInProcess);
@ -57,6 +59,7 @@ if($view) {
$view->setParam('previewWidthList', $settings->_previewWidthList); $view->setParam('previewWidthList', $settings->_previewWidthList);
$view->setParam('previewconverters', $settings->_converters['preview']); $view->setParam('previewconverters', $settings->_converters['preview']);
$view->setParam('timeout', $settings->_cmdTimeout); $view->setParam('timeout', $settings->_cmdTimeout);
$view->setParam('accessobject', $accessop);
$view($_GET); $view($_GET);
exit; exit;
} }

7
out/out.SubstituteUser.php
View File

@ -26,18 +26,21 @@ include("../inc/inc.ClassUI.php");
include("../inc/inc.ClassAccessOperation.php"); include("../inc/inc.ClassAccessOperation.php");
include("../inc/inc.Authentication.php"); include("../inc/inc.Authentication.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1]);
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if ($user->isAdmin()) { if ($user->isAdmin()) {
$allUsers = $dms->getAllUsers($settings->_sortUsersInList); $allUsers = $dms->getAllUsers($settings->_sortUsersInList);
} else { } else {
$allUsers = $user->getReverseSubstitutes(); $allUsers = $user->getReverseSubstitutes();
} }
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1]);
if($view) { if($view) {
$view->setParam('dms', $dms); $view->setParam('dms', $dms);
$view->setParam('user', $user); $view->setParam('user', $user);
$view->setParam('allusers', $allUsers); $view->setParam('allusers', $allUsers);
$view->setParam('accessobject', $accessop);
$view($_GET); $view($_GET);
exit; exit;
} }