gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-02-06 15:14:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

move some code at beginning of file

Browse Source
This commit is contained in:
Uwe Steinmann 2018-02-05 08:50:39 +01:00
parent 16e70a0cdd
commit 2ad6a04965
4 changed files with 20 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
op/op.ApproveDocument.php
View File

@ -33,6 +33,7 @@ include("../inc/inc.ClassController.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$controller = Controller::factory($tmp[1]);
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
/* Check if the form data comes from a trusted request */
if(!checkFormKey('approvedocument')) {
@ -50,12 +51,13 @@ if (!is_object($document)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
$folder = $document->getFolder();
if ($document->getAccessMode($user) < M_READ) {
// verify if document may be approved
if (!$accessop->mayApprove($document)){
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
}
$folder = $document->getFolder();
if (!isset($_POST["version"]) || !is_numeric($_POST["version"]) || intval($_POST["version"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
@ -73,14 +75,7 @@ if ($latestContent->getVersion()!=$version) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
/* Create object for checking access to certain operations */
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
$olddocstatus = $content->getStatus();
// verify if document may be approved
if (!$accessop->mayApprove($document)){
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
}
if (!isset($_POST["approvalStatus"]) || !is_numeric($_POST["approvalStatus"]) ||
(intval($_POST["approvalStatus"])!=1 && intval($_POST["approvalStatus"])!=-1)) {

16
op/op.ReceiptDocument.php
View File

@ -32,6 +32,7 @@ include("../inc/inc.ClassController.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$controller = Controller::factory($tmp[1]);
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
/* Check if the form data comes for a trusted request */
if(!checkFormKey('receiptdocument')) {
@ -49,12 +50,13 @@ if (!is_object($document)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
$folder = $document->getFolder();
if ($document->getAccessMode($user) < M_READ) {
// verify if document may be receіpted
if (!$accessop->mayReceipt($document)){
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
}
$folder = $document->getFolder();
if (!isset($_POST["version"]) || !is_numeric($_POST["version"]) || intval($_POST["version"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
@ -72,14 +74,6 @@ if ($latestContent->getVersion()!=$version) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
/* Create object for checking access to certain operations */
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
// verify if document may be receіpted
if (!$accessop->mayReceipt($document)){
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
}
if (!isset($_POST["receiptStatus"]) || !is_numeric($_POST["receiptStatus"]) ||
(intval($_POST["receiptStatus"])!=1 && intval($_POST["receiptStatus"])!=-1)) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_receipt_status"));

15
op/op.ReviewDocument.php
View File

@ -33,6 +33,7 @@ include("../inc/inc.ClassController.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$controller = Controller::factory($tmp[1]);
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
/* Check if the form data comes from a trusted request */
if(!checkFormKey('reviewdocument')) {
@ -50,12 +51,13 @@ if (!is_object($document)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
$folder = $document->getFolder();
if ($document->getAccessMode($user) < M_READ) {
// verify if document may be reviewed
if (!$accessop->mayReview($document)){
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
}
$folder = $document->getFolder();
if (!isset($_POST["version"]) || !is_numeric($_POST["version"]) || intval($_POST["version"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
@ -73,14 +75,7 @@ if ($latestContent->getVersion()!=$version) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
/* Create object for checking access to certain operations */
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
$olddocstatus = $content->getStatus();
// verify if document may be reviewed
if (!$accessop->mayReview($document)){
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
}
if (!isset($_POST["reviewStatus"]) || !is_numeric($_POST["reviewStatus"]) ||
(intval($_POST["reviewStatus"])!=1 && intval($_POST["reviewStatus"])!=-1)) {

15
op/op.ReviseDocument.php
View File

@ -32,6 +32,7 @@ include("../inc/inc.ClassController.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$controller = Controller::factory($tmp[1]);
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
/* Check if the form data comes for a trusted request */
if(!checkFormKey('revisedocument')) {
@ -49,12 +50,13 @@ if (!is_object($document)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
$folder = $document->getFolder();
if ($document->getAccessMode($user) < M_READ) {
// verify if document maybe revised
if (!$accessop->mayRevise($document)){
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
}
$folder = $document->getFolder();
if (!isset($_POST["version"]) || !is_numeric($_POST["version"]) || intval($_POST["version"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
@ -72,14 +74,7 @@ if ($latestContent->getVersion()!=$version) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
/* Create object for checking access to certain operations */
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
$olddocstatus = $content->getStatus();
// verify if document maybe revised
if (!$accessop->mayRevise($document)){
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
}
if (!isset($_POST["revisionStatus"]) || !is_numeric($_POST["revisionStatus"]) ||
(!in_array(intval($_POST["revisionStatus"]), array(1, -1, 6)))) {