Merge branch 'seeddms-5.0.x' into seeddms-5.1.x

2025-02-06 15:14:58 +00:00 · 2017-08-22 06:22:28 +02:00 · 2017-08-22 06:22:28 +02:00 · 2e26504ae7
commit 2e26504ae7
parent 3c2d6a4ee8 c68c8b5e52
4 changed files with 48 additions and 4 deletions
--- a/1
+++ b/1
@ -153,6 +153,7 @@
 - reviewers/approvers can only be modified by users with unrestricted access
  and as long as no reviewer/approver has reviewed/approved the document
 - use only svg icons for mimetypes
+- add check for processes (reviews/approvals) where the user/group is deleted

 --------------------------------------------------------------------------------
                     Changes in version 4.3.35
--- a/SeedDMS_Core/Core/inc.ClassDMS.php
+++ b/SeedDMS_Core/Core/inc.ClassDMS.php
@ -2516,6 +2516,44 @@ class SeedDMS_Core_DMS {
 		return $this->db->getResultArray($queryStr);
 	} /* }}} */

+	/**
+	 * Removes all reviews, approvals which are not linked
+	 * to a user, group anymore
+	 *
+	 * This method is for removing all reviews or approvals whose user
+	 * or group  was deleted and not just removed from the process.
+	 * If the optional parameter $id is set, only this user/group id is removed.
+	 */
+	function removeProcessWithoutUserGroup($process, $usergroup, $id=0) { /* {{{ */
+		/* Entries of tblDocumentReviewLog or tblDocumentApproveLog are deleted
+		 * because of CASCADE ON
+		 */
+		switch($process) {
+		case 'review':
+			$queryStr = "DELETE FROM tblDocumentReviewers";
+			break;
+		case 'approval':
+			$queryStr = "DELETE FROM tblDocumentApprovers";
+			break;
+		}
+		$queryStr .= " WHERE";
+		switch($usergroup) {
+		case 'user':
+			$queryStr .= " type=0 AND";
+			if($id)
+				$queryStr .= " required=".((int) $id)." AND";
+			$queryStr .= " required NOT IN (SELECT id FROM tblUsers)";
+			break;
+		case 'group':
+			$queryStr .= " type=1 AND";
+			if($id)
+				$queryStr .= " required=".((int) $id)." AND";
+			$queryStr .= " required NOT IN (SELECT id FROM tblGroups)";
+			break;
+		}
+		return $this->db->getResultArray($queryStr);
+	} /* }}} */
+
 	/**
 	 * Returns statitical information
 	 *
--- a/install/update-3.4.0/update.sql
+++ b/install/update-3.4.0/update.sql
@ -99,7 +99,7 @@ CALL DROPFK('tblDocuments', 'tblDocuments_folder');

 ALTER TABLE tblDocuments ADD CONSTRAINT `tblDocuments_folder` FOREIGN KEY (`folder`) REFERENCES `tblFolders` (`id`);

-CALL DROPFK('tblDocumentContent', 'tblDocumentDocument_document');
+CALL DROPFK('tblDocumentContent', 'tblDocumentContent_document');

 ALTER TABLE tblDocumentContent DROP PRIMARY KEY;

--- a/out/out.Timeline.php
+++ b/out/out.Timeline.php
@ -26,8 +26,13 @@ include("../inc/inc.DBInit.php");
 include("../inc/inc.ClassUI.php");
 include("../inc/inc.Authentication.php");

+$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
+$view = UI::factory($theme, $tmp[1]);
+if(!$view) {
+}
+
 if (!$user->isAdmin()) {
-	UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
+	$view->exitError(getMLText("admin_tools"),getMLText("access_denied"));
 }
 $rootfolder = $dms->getFolder($settings->_rootFolderID);

@ -49,9 +54,9 @@ if(isset($_GET['version']) && $_GET['version'] && is_numeric($_GET['version']))
 } else
 	$content = null;

-$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
-$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
 if($view) {
+	$view->setParam('dms', $dms);
+	$view->setParam('user', $user);
 	$view->setParam('fromdate', isset($_GET['fromdate']) ? $_GET['fromdate'] : '');
 	$view->setParam('todate', isset($_GET['todate']) ? $_GET['todate'] : '');
 	$view->setParam('skip', $skip);