Merge branch 'seeddms-5.1.x' into seeddms-6.0.x

2024-11-26 15:32:13 +00:00 · 2021-07-02 08:36:23 +02:00 · 2021-07-02 08:36:23 +02:00 · 486a685873
commit 486a685873
parent 5cbf98e832 4d7e041388
8 changed files with 366 additions and 4 deletions
--- a/2
+++ b/2
@ -225,7 +225,7 @@
 - comment of document version may not be modified when document has expired
 - attributes of document version may be edited if enableVersionModification is true
  even if the document has been released, obsoleted or has been expired
- review can be removed by admin
+- reviews and approvals can be removed by admin

 --------------------------------------------------------------------------------
                     Changes in version 5.1.22
--- a/SeedDMS_Core/Core/inc.ClassDocument.php
+++ b/SeedDMS_Core/Core/inc.ClassDocument.php
@ -5075,6 +5075,53 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */
 		return $approveLogID;
 } /* }}} */

+	/**
+	 * Add another entry to approval log which resets the status
+	 *
+	 * This method will not delete anything from the database, but will add
+	 * a new review log entry which sets the status to 0. This is only allowed
+	 * if the current status is either 1 or -1.
+	 *
+	 * After calling this method SeedDMS_Core_DocumentCategory::verifyStatus()
+	 * should be called to recalculate the document status.
+	 *
+	 * @param SeedDMS_Core_User $user
+	 * @return int 0 if successful
+	 */
+	public function removeApproval($approveid, $requestUser, $comment='') { /* {{{ */
+		$db = $this->_document->getDMS()->getDB();
+
+		// Check to see if the user can be removed from the approval list.
+		$approvals = $this->getApprovalStatus();
+		if (is_bool($approvals) && !$approvals) {
+			return -1;
+		}
+		$approvalStatus = null;
+		foreach($approvals as $approval) {
+			if($approval['approveID'] == $approveid) {
+				$approvalStatus = $approval;
+				break;
+			}
+		}
+		if(!$approvalStatus)
+			return -2;
+
+		// The approval log entry may only be removed if the status is 1 or -1
+		if ($approvalStatus["status"] != 1 && $approvalStatus["status"] != -1)
+			return -3;
+
+		$queryStr = "INSERT INTO `tblDocumentApproveLog` (`approveID`, `status`,
+			`comment`, `date`, `userID`) ".
+			"VALUES ('". $approvalStatus["approveID"] ."', '0', ".$db->qstr($comment).", ".$db->getCurrentDatetime().", '".
+			$requestUser->getID() ."')";
+		$res=$db->getResult($queryStr);
+		if (is_bool($res) && !$res)
+			return -1;
+
+		return 0;
+ } /* }}} */
+
+
 	/**
 	 * Sets approval status of a document content for a group
 	 * The functions behaves like
--- a/SeedDMS_Core/package.xml
+++ b/SeedDMS_Core/package.xml
@ -1908,6 +1908,7 @@ add method SeedDMS_Core_DatabaseAccess::setLogFp()
 - fix checking of email addresses by using filter_var instead of regex
 - add new method SeedDMS_Core_Document::hasCategory()
 - add new method SeedDMS_Core_DocumentContent::removeReview()
+- add new method SeedDMS_Core_DocumentContent::removeApproval()
   </notes>
  </release>
  <release>
--- a/op/op.RemoveApprovalLog.php
+++ b/op/op.RemoveApprovalLog.php
@ -0,0 +1,99 @@
+<?php
+//    MyDMS. Document Management System
+//    Copyright (C) 2002-2005  Markus Westphal
+//    Copyright (C) 2006-2008 Malcolm Cowe
+//    Copyright (C) 2010 Matteo Lucarelli
+//    Copyright (C) 2010-2021 Uwe Steinmann
+//
+//    This program is free software; you can redistribute it and/or modify
+//    it under the terms of the GNU General Public License as published by
+//    the Free Software Foundation; either version 2 of the License, or
+//    (at your option) any later version.
+//
+//    This program is distributed in the hope that it will be useful,
+//    but WITHOUT ANY WARRANTY; without even the implied warranty of
+//    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//    GNU General Public License for more details.
+//
+//    You should have received a copy of the GNU General Public License
+//    along with this program; if not, write to the Free Software
+//    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+include("../inc/inc.Settings.php");
+include("../inc/inc.LogInit.php");
+include("../inc/inc.Utils.php");
+include("../inc/inc.Language.php");
+include("../inc/inc.Init.php");
+include("../inc/inc.Extension.php");
+include("../inc/inc.DBInit.php");
+include("../inc/inc.ClassAccessOperation.php");
+include("../inc/inc.Authentication.php");
+include("../inc/inc.ClassUI.php");
+
+/* Check if the form data comes from a trusted request */
+if(!checkFormKey('removeapprovallog')) {
+	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_request_token"))),getMLText("invalid_request_token"));
+}
+
+if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) {
+	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
+}
+
+$documentid = $_POST["documentid"];
+$document = $dms->getDocument($documentid);
+
+if (!is_object($document)) {
+	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
+}
+
+if (!$user->isAdmin() || $document->getAccessMode($user) < M_ALL) {
+	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
+}
+
+if (!isset($_POST["version"]) || !is_numeric($_POST["version"]) || intval($_POST["version"])<1) {
+	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
+}
+
+$version = $_POST["version"];
+$content = $document->getContentByVersion($version);
+
+if (!is_object($content)) {
+	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
+}
+
+// operation is only allowed for the last document version
+$latestContent = $document->getLatestContent();
+if ($latestContent->getVersion()!=$version) {
+	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
+}
+
+if (!isset($_POST["approveid"]) || !is_numeric($_POST["approveid"]) || intval($_POST["approveid"])<1) {
+	UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("invalid_approveid"));
+}
+$approveid = $_POST['approveid'];
+$approves = $latestContent->getApprovalStatus();
+$approveStatus = null;
+foreach($approves as $approve) {
+	if($approve['approveID'] == $approveid) {
+		$approveStatus = $approve;
+		break;
+	}
+}
+if(!$approveStatus) {
+	UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("invalid_approveid"));
+}
+
+if($approveStatus['type'] == 0) {
+	$ruser = $dms->getUser($approveStatus['required']);
+	$msg = getMLText('ind_approval_removed', array('name'=>$ruser->getFullName()));
+} elseif($approveStatus['type'] == 1) {
+	$rgroup = $dms->getGroup($approveStatus['required']);
+	$msg = getMLText('group_approval_removed', array('name'=>$rgroup->getName()));
+} else
+	UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("invalid_approveid"));
+
+$comment = $_POST["comment"];
+if(0 == $latestContent->removeApproval($approveid, $user, $comment)) {
+	$latestContent->verifyStatus(true, $user, $msg);
+}
+header("Location:../out/out.ViewDocument.php?documentid=".$documentid."&currenttab=revapp");
--- a/out/out.RemoveApprovalLog.php
+++ b/out/out.RemoveApprovalLog.php
@ -0,0 +1,88 @@
+<?php
+//    MyDMS. Document Management System
+//    Copyright (C) 2002-2005 Markus Westphal
+//    Copyright (C) 2006-2008 Malcolm Cowe
+//    Copyright (C) 2010 Matteo Lucarelli
+//    Copyright (C) 2010-2016 Uwe Steinmann
+//
+//    This program is free software; you can redistribute it and/or modify
+//    it under the terms of the GNU General Public License as published by
+//    the Free Software Foundation; either version 2 of the License, or
+//    (at your option) any later version.
+//
+//    This program is distributed in the hope that it will be useful,
+//    but WITHOUT ANY WARRANTY; without even the implied warranty of
+//    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//    GNU General Public License for more details.
+//
+//    You should have received a copy of the GNU General Public License
+//    along with this program; if not, write to the Free Software
+//    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+if(!isset($settings))
+	require_once("../inc/inc.Settings.php");
+require_once("inc/inc.LogInit.php");
+require_once("inc/inc.Utils.php");
+require_once("inc/inc.Language.php");
+require_once("inc/inc.Init.php");
+require_once("inc/inc.Extension.php");
+require_once("inc/inc.DBInit.php");
+require_once("inc/inc.ClassUI.php");
+require_once("inc/inc.ClassAccessOperation.php");
+require_once("inc/inc.Authentication.php");
+
+if (!isset($_GET["documentid"]) || !is_numeric($_GET["documentid"]) || intval($_GET["documentid"])<1) {
+	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
+}
+
+$document = $dms->getDocument(intval($_GET["documentid"]));
+
+if (!is_object($document)) {
+	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
+}
+
+$folder = $document->getFolder();
+
+if (!$user->isAdmin() || $document->getAccessMode($user) < M_ALL) {
+	UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("access_denied"));
+}
+
+if (!isset($_GET["version"]) || !is_numeric($_GET["version"]) || intval($_GET["version"])<1) {
+	UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("invalid_version"));
+}
+$version = $_GET["version"];
+$content = $document->getContentByVersion($version);
+if (!is_object($content)) {
+	UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("invalid_version"));
+}
+
+// operation is admitted only for last document version
+$latestContent = $document->getLatestContent();
+if ($latestContent->getVersion()!=$version) {
+	UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("invalid_version"));
+}
+
+if (!isset($_GET["approveid"]) || !is_numeric($_GET["approveid"]) || intval($_GET["approveid"])<1) {
+	UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("invalid_approveid"));
+}
+$approveid = $_GET['approveid'];
+
+/* Create object for checking access to certain operations */
+$accessop = new SeedDMS_AccessOperation($dms, $document, $user, $settings);
+
+$approvals = $content->getApprovalStatus();
+if(!$approvals) {
+	UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("no_action"));
+}
+
+$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
+$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
+if($view) {
+	$view->setParam('folder', $folder);
+	$view->setParam('document', $document);
+	$view->setParam('version', $content);
+	$view->setParam('approveid', $approveid);
+	$view->setParam('accessobject', $accessop);
+	$view($_GET);
+	exit;
+}
--- a/views/bootstrap/class.RemoveApprovalLog.php
+++ b/views/bootstrap/class.RemoveApprovalLog.php
@ -0,0 +1,126 @@
+<?php
+/**
+ * Implementation of RemoveApprovalLog view
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @license    GPL 2
+ * @version    @version@
+ * @author     Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  Copyright (C) 2002-2005 Markus Westphal,
+ *             2006-2008 Malcolm Cowe, 2010 Matteo Lucarelli,
+ *             2010-2012 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+
+/**
+ * Include parent class
+ */
+//require_once("class.Bootstrap.php");
+
+/**
+ * Class which outputs the html page for RemoveApprovalLog view
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @author     Markus Westphal, Malcolm Cowe, Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  Copyright (C) 2002-2005 Markus Westphal,
+ *             2006-2008 Malcolm Cowe, 2010 Matteo Lucarelli,
+ *             2010-2012 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+class SeedDMS_View_RemoveApprovalLog extends SeedDMS_Theme_Style {
+
+	function js() { /* {{{ */
+		header('Content-Type: application/javascript; charset=UTF-8');
+		parent::jsTranslations(array('js_form_error', 'js_form_errors'));
+?>
+$(document).ready(function() {
+	$("#form1").validate({
+		rules: {
+			comment: {
+				required: true
+			},
+		},
+		messages: {
+			comment: "<?php printMLText("js_no_comment");?>",
+		},
+	});
+});
+<?php
+		$this->printFileChooserJs();
+	} /* }}} */
+
+	function show() { /* {{{ */
+		$dms = $this->params['dms'];
+		$user = $this->params['user'];
+		$folder = $this->params['folder'];
+		$document = $this->params['document'];
+		$content = $this->params['version'];
+		$approveid = $this->params['approveid'];
+
+		$approves = $content->getApprovalStatus();
+		foreach($approves as $approve) {
+			if($approve['approveID'] == $approveid) {
+				$approveStatus = $approve;
+				break;
+			}
+		}
+
+		$this->htmlAddHeader('<script type="text/javascript" src="../views/'.$this->theme.'/vendors/jquery-validation/jquery.validate.js"></script>'."\n", 'js');
+		$this->htmlAddHeader('<script type="text/javascript" src="../views/'.$this->theme.'/styles/validation-default.js"></script>'."\n", 'js');
+
+		$this->htmlStartPage(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))));
+		$this->globalNavigation($folder);
+		$this->contentStart();
+		$this->pageNavigation($this->getFolderPathHTML($folder, true, $document), "view_document", $document);
+		$this->contentHeading(getMLText("remove_approval_log"));
+		$this->warningMsg(getMLText('warning_remove_approval_log'));
+
+		// Display the Approval form.
+		if($approveStatus["status"]!=0) {
+
+			print "<table class=\"table table-content table-sm\"><thead><tr>";
+			print "<th>".getMLText("status")."</th>";
+			print "<th>".getMLText("comment")."</th>";
+			print "<th>".getMLText("last_update")."</th>";
+			print "</tr></thead><tbody><tr>";
+			print "<td>";
+			printApprovalStatusText($approveStatus["status"]);
+			print "</td>";
+			print "<td>".htmlspecialchars($approveStatus["comment"])."</td>";
+			$indUser = $dms->getUser($approveStatus["userID"]);
+			print "<td>".$approveStatus["date"]." - ". htmlspecialchars($indUser->getFullname()) ."</td>";
+			print "</tr></tbody></table><br>\n";
+		}
+?>
+	<form method="post" action="../op/op.RemoveApprovalLog.php" id="form1" name="form1">
+	<?php echo createHiddenFieldWithKey('removeapprovallog'); ?>
+<?php
+		$this->contentContainerStart();
+
+		$this->formField(
+			getMLText("comment"),
+			array(
+				'element'=>'textarea',
+				'name'=>'comment',
+				'required'=>true,
+				'rows'=>4,
+				'cols'=>80
+			)
+		);
+		$this->contentContainerEnd();
+
+		$this->formSubmit('<i class="fa fa-remove"></i> '.getMLText('remove_approval_log'));
+?>
+	<input type='hidden' name='approveid' value='<?= $approveid ?>'/>
+	<input type='hidden' name='documentid' value='<?= $document->getID() ?>'/>
+	<input type='hidden' name='version' value='<?= $content->getVersion() ?>'/>
+	</form>
+<?php
+		$this->contentEnd();
+		$this->htmlEndPage();
+	} /* }}} */
+}
+?>
+
--- a/views/bootstrap/class.RemoveReviewLog.php
+++ b/views/bootstrap/class.RemoveReviewLog.php
@ -1,6 +1,6 @@
 <?php
 /**
- * Implementation of ReviewDocument view
+ * Implementation of RemoveReviewLog view
 *
 * @category   DMS
 * @package    SeedDMS
@ -19,7 +19,7 @@
 //require_once("class.Bootstrap.php");

 /**
- * Class which outputs the html page for ReviewDocument view
+ * Class which outputs the html page for RemoveReviewLog view
 *
 * @category   DMS
 * @package    SeedDMS
--- a/views/bootstrap/class.ViewDocument.php
+++ b/views/bootstrap/class.ViewDocument.php
@ -1012,7 +1012,6 @@ $(document).ready( function() {
 							}
 						}
 					}
-
 					if($enableremoverevapp && $user->isAdmin() && ($r['status'] == 1 || $r['status'] == -1))
 						echo '<li><a href="../out/out.RemoveReviewLog.php?documentid='.$document->getID().'&version='.$latestContent->getVersion().'&reviewid='.$r['reviewID'].'" title="'.getMLText('remove_review_log').'"><i class="fa fa-remove"></i></a></li>';
 	
@ -1119,6 +1118,8 @@ $(document).ready( function() {
 							}
 						}
 					}
+					if($enableremoverevapp && $user->isAdmin() && ($a['status'] == 1 || $a['status'] == -1))
+						echo '<li><a href="../out/out.RemoveApprovalLog.php?documentid='.$document->getID().'&version='.$latestContent->getVersion().'&approveid='.$a['approveID'].'" title="'.getMLText('remove_approval_log').'"><i class="fa fa-remove"></i></a></li>';

 					print "</ul>";
 					print "</td>\n";