backport check_view_access and check_controller_access for smoother migration

2024-11-26 15:32:13 +00:00 · 2021-04-18 13:01:11 +02:00 · 2021-04-18 13:01:11 +02:00 · 314a35b2d8
commit 314a35b2d8
parent 8141ce72ec
1 changed files with 144 additions and 0 deletions
--- a/inc/inc.ClassAccessOperation.php
+++ b/inc/inc.ClassAccessOperation.php
@ -300,4 +300,148 @@ class SeedDMS_AccessOperation {
 		}
 		return false;
 	} /* }}} */
+
+	protected function check_view_legacy_access($view, $get=array()) { /* {{{ */
+		if($this->user->isAdmin())
+			return true;
+
+		if(is_string($view)) {
+			$scripts = array($view);
+		} elseif(is_array($view)) {
+			$scripts = $view;
+		} elseif(is_subclass_of($view, 'SeedDMS_View_Common')) {
+			$scripts = array($view->getParam('class'));
+		} else {
+			return false;
+		}
+
+		if($this->user->isGuest()) {
+			$user_allowed = array(
+				'Calendar',
+				'ErrorDlg',
+				'Help',
+				'Login',
+				'Search',
+				'ViewDocument',
+				'ViewFolder',
+			);
+		} else {
+			$user_allowed = array(
+				'AddDocument',
+				'AddDocumentLink',
+				'AddEvent',
+				'AddFile',
+				'AddSubFolder',
+				'AddToTransmittal',
+				'ApprovalSummary',
+				'ApproveDocument',
+				'Calendar',
+				'CategoryChooser',
+				'ChangePassword',
+				'CheckInDocument',
+				'Clipboard',
+				'DocumentAccess',
+				'DocumentChooser',
+				'DocumentNotify',
+				'DocumentVersionDetail',
+				'DropFolderChooser',
+				'EditAttributes',
+				'EditComment',
+				'EditDocumentFile',
+				'EditDocument',
+				'EditEvent',
+				'EditFolder',
+				'EditOnline',
+				'EditUserData',
+				'ErrorDlg',
+				'FolderAccess',
+				'FolderChooser',
+				'FolderNotify',
+				'ForcePasswordChange',
+				'GroupView',
+				'Help',
+				'KeywordChooser',
+				'Login',
+				'ManageNotify',
+				'MoveDocument',
+				'MoveFolder',
+				'MyAccount',
+				'MyDocuments',
+				'OpensearchDesc',
+				'OverrideContentStatus',
+				'PasswordForgotten',
+				'PasswordSend',
+				'ReceiptDocument',
+				'ReceiptSummary',
+				'RemoveDocumentFile',
+				'RemoveDocument',
+				'RemoveEvent',
+				'RemoveFolderFiles',
+				'RemoveFolder',
+				'RemoveTransmittal',
+				'RemoveVersion',
+				'RemoveWorkflowFromDocument',
+				'ReturnFromSubWorkflow',
+				'ReviewDocument',
+				'ReviewSummary',
+				'ReviseDocument',
+				'RevisionSummary',
+				'RewindWorkflow',
+				'RunSubWorkflow',
+				'Search',
+				'Session',
+				'SetExpires',
+				'SetRecipients',
+				'SetReviewersApprovers',
+				'SetRevisors',
+				'SetWorkflow',
+				'SubstituteUser',
+				'Tasks',
+				'TransmittalMgr',
+				'TriggerWorkflow',
+				'UpdateDocument',
+				'UserDefaultKeywords',
+				'UserImage',
+				'UsrView',
+				'ViewDocument',
+				'ViewEvent',
+				'ViewFolder',
+				'WorkflowGraph',
+				'WorkflowSummary');
+		}
+
+		if(array_intersect($scripts, $user_allowed))
+			return true;
+
+		return false;
+	} /* }}} */
+
+	/**
+	 * Check for access permission on view
+	 *
+	 * This function will always return true because it was added to smooth
+	 * migration from 5.1.x to 6.0.x
+	 *
+	 * @param mixed $view Instanz of view, name of view or array of view names
+	 * @param string $get query parameters possible containing the element 'action'
+	 * @return boolean true if access is allowed, false if access is disallowed
+	 * no specific access right is set, otherwise false
+	 */
+	function check_view_access($view, $get=array()) { /* {{{ */
+		return $this->check_view_legacy_access($view, $get);
+	} /* }}} */
+
+	/**
+	 * Check for access permission on controller
+	 *
+	 * This function will always return true because it was added to smooth
+	 * migration from 5.1.x to 6.0.x
+	 *
+	 * @param mixed $controller Instanz of controller, name of controller or array of controller names
+	 * @param string $get query parameters
+	 * @return boolean true if access is allowed otherwise false
+	 */
+	function check_controller_access($controller, $get=array()) { /* {{{ */
+		return true;
+	} /* }}} */
 }