switch to new access restrictions

This commit is contained in:
Uwe Steinmann 2017-01-18 15:08:25 +01:00
parent 6513642efb
commit 39bebbdcf6
4 changed files with 29 additions and 8 deletions

View File

@ -27,6 +27,10 @@ include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.Authentication.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if ($user->isGuest()) {
UI::exitError(getMLText("edit_user_details"),getMLText("access_denied"));
}
@ -36,9 +40,13 @@ if (!$user->isAdmin() && ($settings->_disableSelfEdit)) {
}
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user, 'enableuserimage'=>$settings->_enableUserImage, 'enablelanguageselector'=>$settings->_enableLanguageSelector, 'enablethemeselector'=>$settings->_enableThemeSelector, 'passwordstrength'=>$settings->_passwordStrength, 'httproot'=>$settings->_httpRoot));
if($view) {
$view->setParam('enableuserimage', $settings->_enableUserImage);
$view->setParam('enablelanguageselector', $settings->_enableLanguageSelector);
$view->setParam('enablethemeselector', $settings->_enableThemeSelector);
$view->setParam('passwordstrength', $settings->_passwordStrength);
$view->setParam('httproot', $settings->_httpRoot);
$view->setParam('accessobject', $accessop);
$view($_GET);
exit;
}

View File

@ -25,6 +25,10 @@ include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.Authentication.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if ($user->isGuest()) {
UI::exitError(getMLText("my_account"),getMLText("access_denied"));
}
@ -43,11 +47,10 @@ if (is_bool($allGroups)) {
UI::exitError(getMLText("admin_tools"),getMLText("internal_error"));
}
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
if($view) {
$view->setParam('allusers', $allUsers);
$view->setParam('allgroups', $allGroups);
$view->setParam('accessobject', $accessop);
$view($_GET);
exit;
}

View File

@ -25,13 +25,20 @@ include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.Authentication.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if ($user->isGuest()) {
UI::exitError(getMLText("my_account"),getMLText("access_denied"));
}
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user, 'cachedir'=>$settings->_cacheDir, 'previewWidthList'=>$settings->_previewWidthList, 'previewconverters'=>$settings->_converters['preview'], 'timeout'=>$settings->_cmdTimeout));
if($view) {
$view->setParam('cachedir', $settings->_cacheDir);
$view->setParam('previewWidthList', $settings->_previewWidthList);
$view->setParam('previewconverters', $settings->_converters['preview']);
$view->setParam('timeout', $settings->_cmdTimeout);
$view->setParam('accessobject', $accessop);
$view($_GET);
exit;
}

View File

@ -25,6 +25,10 @@ include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.Authentication.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if ($user->isGuest()) {
UI::exitError(getMLText("my_account"),getMLText("access_denied"));
}
@ -38,12 +42,11 @@ if (is_bool($users)) {
UI::exitError(getMLText("my_account"),getMLText("internal_error"));
}
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
if($view) {
$view->setParam('allusers', $users);
$view->setParam('enableuserimage', $settings->_enableUserImage);
$view->setParam('httproot', $settings->_httpRoot);
$view->setParam('accessobject', $accessop);
$view($_GET);
exit;
}