backport check_view_access and check_controller_access for smoother migration

2025-05-14 13:42:04 +00:00 · 2021-04-18 13:01:11 +02:00 · 2021-04-18 13:01:11 +02:00 · 314a35b2d8
commit 314a35b2d8
parent 8141ce72ec
1 changed files with 144 additions and 0 deletions
--- a/inc/inc.ClassAccessOperation.php
+++ b/inc/inc.ClassAccessOperation.php
@ -300,4 +300,148 @@ class SeedDMS_AccessOperation {
 		}
 		return false;
 	} /* }}} */
 	protected function check_view_legacy_access($view, $get=array()) { /* {{{ */
 		if($this->user->isAdmin())
 			return true;
 		if(is_string($view)) {
 			$scripts = array($view);
 		} elseif(is_array($view)) {
 			$scripts = $view;
 		} elseif(is_subclass_of($view, 'SeedDMS_View_Common')) {
 			$scripts = array($view->getParam('class'));
 		} else {
 			return false;
 		}
 		if($this->user->isGuest()) {
 			$user_allowed = array(
 				'Calendar',
 				'ErrorDlg',
 				'Help',
 				'Login',
 				'Search',
 				'ViewDocument',
 				'ViewFolder',
 			);
 		} else {
 			$user_allowed = array(
 				'AddDocument',
 				'AddDocumentLink',
 				'AddEvent',
 				'AddFile',
 				'AddSubFolder',
 				'AddToTransmittal',
 				'ApprovalSummary',
 				'ApproveDocument',
 				'Calendar',
 				'CategoryChooser',
 				'ChangePassword',
 				'CheckInDocument',
 				'Clipboard',
 				'DocumentAccess',
 				'DocumentChooser',
 				'DocumentNotify',
 				'DocumentVersionDetail',
 				'DropFolderChooser',
 				'EditAttributes',
 				'EditComment',
 				'EditDocumentFile',
 				'EditDocument',
 				'EditEvent',
 				'EditFolder',
 				'EditOnline',
 				'EditUserData',
 				'ErrorDlg',
 				'FolderAccess',
 				'FolderChooser',
 				'FolderNotify',
 				'ForcePasswordChange',
 				'GroupView',
 				'Help',
 				'KeywordChooser',
 				'Login',
 				'ManageNotify',
 				'MoveDocument',
 				'MoveFolder',
 				'MyAccount',
 				'MyDocuments',
 				'OpensearchDesc',
 				'OverrideContentStatus',
 				'PasswordForgotten',
 				'PasswordSend',
 				'ReceiptDocument',
 				'ReceiptSummary',
 				'RemoveDocumentFile',
 				'RemoveDocument',
 				'RemoveEvent',
 				'RemoveFolderFiles',
 				'RemoveFolder',
 				'RemoveTransmittal',
 				'RemoveVersion',
 				'RemoveWorkflowFromDocument',
 				'ReturnFromSubWorkflow',
 				'ReviewDocument',
 				'ReviewSummary',
 				'ReviseDocument',
 				'RevisionSummary',
 				'RewindWorkflow',
 				'RunSubWorkflow',
 				'Search',
 				'Session',
 				'SetExpires',
 				'SetRecipients',
 				'SetReviewersApprovers',
 				'SetRevisors',
 				'SetWorkflow',
 				'SubstituteUser',
 				'Tasks',
 				'TransmittalMgr',
 				'TriggerWorkflow',
 				'UpdateDocument',
 				'UserDefaultKeywords',
 				'UserImage',
 				'UsrView',
 				'ViewDocument',
 				'ViewEvent',
 				'ViewFolder',
 				'WorkflowGraph',
 				'WorkflowSummary');
 		}
 		if(array_intersect($scripts, $user_allowed))
 			return true;
 		return false;
 	} /* }}} */
 	/**
 	 * Check for access permission on view
 	 *
 	 * This function will always return true because it was added to smooth
 	 * migration from 5.1.x to 6.0.x
 	 *
 	 * @param mixed $view Instanz of view, name of view or array of view names
 	 * @param string $get query parameters possible containing the element 'action'
 	 * @return boolean true if access is allowed, false if access is disallowed
 	 * no specific access right is set, otherwise false
 	 */
 	function check_view_access($view, $get=array()) { /* {{{ */
 		return $this->check_view_legacy_access($view, $get);
 	} /* }}} */
 	/**
 	 * Check for access permission on controller
 	 *
 	 * This function will always return true because it was added to smooth
 	 * migration from 5.1.x to 6.0.x
 	 *
 	 * @param mixed $controller Instanz of controller, name of controller or array of controller names
 	 * @param string $get query parameters
 	 * @return boolean true if access is allowed otherwise false
 	 */
 	function check_controller_access($controller, $get=array()) { /* {{{ */
 		return true;
 	} /* }}} */
 }