mirror of
https://git.code.sf.net/p/seeddms/code
synced 2025-02-06 15:14:58 +00:00
add legacy access check for controllers
This commit is contained in:
Uwe Steinmann
parent
0d0fc4e50a
commit
44621c0bb6
|
|
@ -9,6 +9,7 @@
|
|||
- checkout info does not depend on whether the logged in user was substituted
|
||||
- add new endpoints for managing roles by rest api
|
||||
- add transmittals in menu
|
||||
- add legacy access check for controllers
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
Changes in version 6.0.26
|
||||
|
|
|
|||
|
|
@ -48,7 +48,7 @@ class SeedDMS_AccessOperation {
|
|||
private $_aro;
|
||||
|
||||
/**
|
||||
* @var array $legacy_access list of objects with access
|
||||
* @var array $legacy_access list of objects with access use for view and controller
|
||||
* @access protected
|
||||
*/
|
||||
private $legacy_access;
|
||||
|
|
@ -65,6 +65,8 @@ class SeedDMS_AccessOperation {
|
|||
'Search',
|
||||
'ViewDocument',
|
||||
'ViewFolder',
|
||||
'ViewOnline',
|
||||
'Download',
|
||||
);
|
||||
$this->legacy_access['user'] = array(
|
||||
'AddDocument',
|
||||
|
|
@ -559,6 +561,32 @@ class SeedDMS_AccessOperation {
|
|||
return false;
|
||||
} /* }}} */
|
||||
|
||||
protected function check_controller_legacy_access($controller, $get=array()) { /* {{{ */
|
||||
if($this->user->isAdmin())
|
||||
return true;
|
||||
|
||||
if(is_string($controller)) {
|
||||
$scripts = array($controller);
|
||||
} elseif(is_array($controller)) {
|
||||
$scripts = $controller;
|
||||
} elseif(is_subclass_of($controller, 'SeedDMS_Controller_Common')) {
|
||||
$scripts = array($controller->getParam('class'));
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
|
||||
if($this->user->isGuest()) {
|
||||
$user_allowed = $this->legacy_access['guest'];
|
||||
} else {
|
||||
$user_allowed = $this->legacy_access['user'];
|
||||
}
|
||||
|
||||
if(array_intersect($scripts, $user_allowed))
|
||||
return true;
|
||||
|
||||
return false;
|
||||
} /* }}} */
|
||||
|
||||
/**
|
||||
* Check for access permission on view
|
||||
*
|
||||
|
|
@ -618,6 +646,8 @@ class SeedDMS_AccessOperation {
|
|||
*/
|
||||
function check_controller_access($controller, $get=array()) { /* {{{ */
|
||||
if(!$this->settings->_advancedAcl) {
|
||||
return $this->check_controller_legacy_access($controller, $get);
|
||||
/*
|
||||
if($this->user->isGuest())
|
||||
return false;
|
||||
elseif($this->user->isAdmin())
|
||||
|
|
@ -627,6 +657,7 @@ class SeedDMS_AccessOperation {
|
|||
return false;
|
||||
return true;
|
||||
}
|
||||
*/
|
||||
}
|
||||
if(is_string($controller)) {
|
||||
$scripts = array($controller);
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user