gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2024-10-04 07:02:08 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'seeddms-5.1.x' into seeddms-6.0.x

Browse Source
This commit is contained in:
Uwe Steinmann 2022-12-10 14:23:43 +01:00
commit 5694bf9501
56 changed files with 514 additions and 247 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG
View File

@ -249,6 +249,7 @@
- fix php errors in restapi
- fix 'maximum size' error when uploading a file with drag&drop
- update jquery to 3.6.1 (only bootstrap4 theme)
- introduce authentication service
--------------------------------------------------------------------------------
Changes in version 5.1.28

22
SeedDMS_Core/Core/inc.ClassFolder.php
View File

@ -778,21 +778,25 @@ class SeedDMS_Core_Folder extends SeedDMS_Core_Object {
/**
* Returns a file system path
*
* This path contains spaces around the slashes for better readability.
* Run str_replace(' / ', '/', $path) on it to get a valid unix
* This path contains by default spaces around the slashes for better readability.
* Run str_replace(' / ', '/', $path) on it or pass '/' as $sep to get a valid unix
* file system path.
*
* @param bool $skiproot skip the name of the root folder and start with $sep
* @param string $sep separator between path elements
* @return string path separated with ' / '
*/
function getFolderPathPlain() { /* {{{ */
$path="";
function getFolderPathPlain($skiproot = false, $sep = ' / ') { /* {{{ */
$path="".$sep;
$folderPath = $this->getPath();
for ($i = 0; $i < count($folderPath); $i++) {
$path .= $folderPath[$i]->getName();
if ($i +1 < count($folderPath))
$path .= " / ";
for ($i = 0; $i < count($folderPath); $i++) {
if($i > 0 || !$skiproot) {
$path .= $folderPath[$i]->getName();
if ($i+1 < count($folderPath))
$path .= $sep;
}
}
return $path;
return trim($path);
} /* }}} */
/**

21
SeedDMS_Core/package.xml
View File

@ -12,10 +12,10 @@
<email>uwe@steinmann.cx</email>
<active>yes</active>
</lead>
<date>2022-11-21</date>
<date>2022-12-10</date>
<time>13:44:55</time>
<version>
<release>6.0.21</release>
<release>6.0.22</release>
<api>6.0.22</api>
</version>
<stability>
@ -2034,6 +2034,23 @@ add method SeedDMS_Core_DatabaseAccess::setLogFp()
- change namespace of iterators from SeedDMS to SeedDMS\Core
</notes>
</release>
<release>
<date>2022-11-21</date>
<time>13:44:55</time>
<version>
<release>5.1.29</release>
<api>5.1.29</api>
</version>
<stability>
<release>stable</release>
<api>stable</api>
</stability>
<license uri="http://opensource.org/licenses/gpl-license">GPL License</license>
<notes>
- SeedDMS_Core_Folder::addDocument() does rollback transaction propperly when setting document categories fail
- add $skiproot and $sep parameter to SeedDMS_Core_Folder::getFolderPathPlain()
</notes>
</release>
<release>
<date>2017-02-28</date>
<time>06:34:50</time>

7
SeedDMS_Preview/Preview/Previewer.php
View File

@ -52,10 +52,15 @@ class SeedDMS_Preview_Previewer extends SeedDMS_Preview_Base {
* @param integer $width width of preview image
* @return string file name of preview image
*/
public function getFileName($object, $width) { /* {{{ */
public function getFileName($object, $width=0) { /* {{{ */
if(!$object)
return false;
if($width == 0)
$width = $this->width;
else
$width = intval($width);
$document = $object->getDocument();
$dms = $document->_dms;
$dir = $this->previewDir.'/'.$document->getDir();

77
SeedDMS_SQLiteFTS/SQLiteFTS/Indexer.php
View File

@ -179,15 +179,22 @@ class SeedDMS_SQLiteFTS_Indexer {
* @return boolean false in case of an error, otherwise array with elements
* 'count', 'hits', 'facets'. 'hits' is an array of SeedDMS_SQLiteFTS_QueryHit
*/
public function find($query, $limit=array()) { /* {{{ */
public function find($query, $filter, $limit=array(), $order=array()) { /* {{{ */
if(!$this->_conn)
return false;
/* First count some records for facets */
foreach(array('owner', 'mimetype', 'category') as $facetname) {
$sql = "SELECT `".$facetname."`, count(*) AS `c` FROM `docs`";
if($query)
if($query) {
$sql .= " WHERE docs MATCH ".$this->_conn->quote($query);
}
if($filter) {
if($query)
$sql .= " AND ".$filter;
else
$sql .= " WHERE ".$filter;
}
$res = $this->_conn->query($sql." GROUP BY `".$facetname."`");
if(!$res)
throw new SeedDMS_SQLiteFTS_Exception("Counting records in facet \"$facetname\" failed.");
@ -219,6 +226,12 @@ class SeedDMS_SQLiteFTS_Indexer {
$sql = "SELECT `record_type`, count(*) AS `c` FROM `docs`";
if($query)
$sql .= " WHERE docs MATCH ".$this->_conn->quote($query);
if($filter) {
if($query)
$sql .= " AND ".$filter;
else
$sql .= " WHERE ".$filter;
}
$res = $this->_conn->query($sql." GROUP BY `record_type`");
if(!$res)
throw new SeedDMS_SQLiteFTS_Exception("Counting records in facet \"record_type\" failed.");
@ -232,10 +245,32 @@ class SeedDMS_SQLiteFTS_Indexer {
$sql = "SELECT ".$this->_rawid.", documentid FROM docs";
if($query)
$sql .= " WHERE docs MATCH ".$this->_conn->quote($query);
if($this->_ftstype == 'fts5')
if($filter) {
if($query)
$sql .= " AND ".$filter;
else
$sql .= " WHERE ".$filter;
}
if($this->_ftstype == 'fts5') {
//$sql .= " ORDER BY rank";
// boost documentid, title and comment
$sql .= " ORDER BY bm25(docs, 10.0, 10.0, 10.0)";
// boost documentid, record_type, title, comment, keywords, category, mimetype, origfilename, owner, content, created unindexed, users, status, path
if(!empty($order['by'])) {
switch($order['by']) {
case "title":
$sql .= " ORDER BY title";
break;
case "created":
$sql .= " ORDER BY created";
break;
default:
$sql .= " ORDER BY bm25(docs, 10.0, 0.0, 10.0, 5.0, 5.0, 10.0)";
}
if(!empty($order['dir'])) {
if($order['dir'] == 'desc')
$sql .= " DESC";
}
}
}
if(!empty($limit['limit']))
$sql .= " LIMIT ".(int) $limit['limit'];
if(!empty($limit['offset']))
@ -318,16 +353,33 @@ class SeedDMS_SQLiteFTS_Indexer {
/**
* Return list of terms in index
*
* This function does nothing!
* @return array list of SeedDMS_SQLiteFTS_Term
*/
public function terms() { /* {{{ */
public function terms($query='', $col='') { /* {{{ */
if(!$this->_conn)
return false;
if($this->_ftstype == 'fts5')
$sql = "SELECT term, col, doc as occurrences FROM docs_terms WHERE col!='*' ORDER BY col";
else
$sql = "SELECT term, col, occurrences FROM docs_terms WHERE col!='*' ORDER BY col";
if($this->_ftstype == 'fts5') {
$sql = "SELECT term, col, doc as occurrences FROM docs_terms";
if($query || $col) {
$sql .= " WHERE";
if($query) {
$sql .= " term like '".$query."%'";
if($col)
$sql .= " AND";
}
if($col)
$sql .= " col = '".$col."'";
}
$sql .= " ORDER BY col, occurrences desc";
} else {
$sql = "SELECT term, col, occurrences FROM docs_terms WHERE col!='*'";
if($query)
$sql .= " AND term like '".$query."%'";
if($col)
$sql .= " AND col = '".$col."'";
$sql .= " ORDER BY col, occurrences desc";
}
$res = $this->_conn->query($sql);
$terms = array();
if($res) {
@ -340,8 +392,9 @@ class SeedDMS_SQLiteFTS_Indexer {
} /* }}} */
/**
* Return list of documents in index
* Return number of documents in index
*
* @return interger number of documents
*/
public function count() { /* {{{ */
$sql = "SELECT count(*) c FROM docs";

16
SeedDMS_SQLiteFTS/SQLiteFTS/Search.php
View File

@ -70,7 +70,7 @@ class SeedDMS_SQliteFTS_Search {
* @param object $index SQlite FTS index
* @return object instance of SeedDMS_Lucene_Search
*/
function search($term, $fields=array(), $limit=array()) { /* {{{ */
function search($term, $fields=array(), $limit=array(), $order=array()) { /* {{{ */
$querystr = '';
$term = trim($term);
if($term) {
@ -139,8 +139,20 @@ class SeedDMS_SQliteFTS_Search {
$querystr .= str_replace(':', 'x', $fields['startFolder']->getFolderList().$fields['startFolder']->getID().':');
$querystr .= '*)';
}
$filterstr = '';
if(!empty($fields['created_start'])) {
if($filterstr)
$filterstr .= ' AND ';
$filterstr .= '(created>='.$fields['created_start'].')';
}
if(!empty($fields['created_end'])) {
if($filterstr)
$filterstr .= ' AND ';
$filterstr .= '(created<'.$fields['created_end'].')';
}
try {
$result = $this->index->find($querystr, $limit);
$result = $this->index->find($querystr, $filterstr, $limit, $order);
$recs = array();
foreach($result["hits"] as $hit) {
$recs[] = array('id'=>$hit->id, 'document_id'=>$hit->documentid);

27
SeedDMS_SQLiteFTS/package.xml
View File

@ -11,11 +11,11 @@
<email>uwe@steinmann.cx</email>
<active>yes</active>
</lead>
<date>2022-03-04</date>
<date>2022-12-09</date>
<time>08:57:44</time>
<version>
<release>1.0.17</release>
<api>1.0.17</api>
<release>1.0.18</release>
<api>1.0.18</api>
</version>
<stability>
<release>stable</release>
@ -23,8 +23,8 @@
</stability>
<license uri="http://opensource.org/licenses/gpl-license">GPL License</license>
<notes>
- throw exeption in find() instead of returning false
- fix query if rootFolder or startFolder is set
- add optional parameter $order to SeedDMS_SQLiteFTS_Indexer::find()
- add optional parameters $query and $col to SeedDMS_SQLiteFTS_Indexer::terms()
</notes>
<contents>
<dir baseinstalldir="SeedDMS" name="/">
@ -353,5 +353,22 @@ add user to list of terms
- add class SeedDMS_SQLiteFTS_Field
</notes>
</release>
<release>
<date>2022-03-04</date>
<time>08:57:44</time>
<version>
<release>1.0.17</release>
<api>1.0.17</api>
</version>
<stability>
<release>stable</release>
<api>stable</api>
</stability>
<license uri="http://opensource.org/licenses/gpl-license">GPL License</license>
<notes>
- throw exeption in find() instead of returning false
- fix query if rootFolder or startFolder is set
</notes>
</release>
</changelog>
</package>

5
controllers/class.Login.php
View File

@ -35,6 +35,7 @@ class SeedDMS_Controller_Login extends SeedDMS_Controller_Common {
$dms = $this->params['dms'];
$settings = $this->params['settings'];
$session = $this->params['session'];
$authenticator = $this->params['authenticator'];
$source = isset($this->params['source']) ? $this->params['source'] : '';
$sesstheme = $this->getParam('sesstheme');
$referuri = $this->getParam('referuri');
@ -98,6 +99,9 @@ class SeedDMS_Controller_Login extends SeedDMS_Controller_Common {
}
}
$user = $authenticator->authenticate($login, $pwd);
if(0) {
/* Authenticate against LDAP server {{{ */
if (!is_object($user) && isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
require_once("../inc/inc.ClassLdapAuthentication.php");
@ -114,6 +118,7 @@ class SeedDMS_Controller_Login extends SeedDMS_Controller_Common {
$authobj = new SeedDMS_DbAuthentication($dms, $settings);
$user = $authobj->authenticate($login, $pwd);
} /* }}} */
}
/* If the user is still not authenticated, then exit with an error */
if(!is_object($user)) {

13
doc/README.Swagger Normal file
View File

@ -0,0 +1,13 @@
Swagger
========
Swagger is used to describe a rest api. SeedDMS ships a swagger.yaml file
in the restapi directory. You can load this file into a swagger editor, e.g.
http://petstore.swagger.io/ or http://editor.swagger.io/
You may as well set up your own swagger-ui installation as described at
https://medium.com/@tatianaensslin/how-to-add-swagger-ui-to-php-server-code-f1610c01dc03
Your apache needs to have the module 'header' enabled, because some HTTP headers
are set when the file swagger.yaml is accessed by the editor.
Currently, the swagger.yaml shipped with SeedDMS uses still swagger 2.0

42
inc/inc.AuthenticationInit.php Normal file
View File

@ -0,0 +1,42 @@
<?php
/**
* Create authentication service
*
* @category DMS
* @package SeedDMS
* @license GPL 2
* @version @version@
* @author Markus Westphal, Malcolm Cowe, Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2002-2005 Markus Westphal,
* 2006-2008 Malcolm Cowe, 2010-2022 Uwe Steinmann
* @version Release: @package_version@
*/
require_once('inc.ClassAuthenticationService.php');
require_once('inc.ClassDbAuthentication.php');
require_once('inc.ClassLdapAuthentication.php');
global $logger;
$authenticator = new SeedDMS_AuthenticationService($logger, $settings);
if(isset($GLOBALS['SEEDDMS_HOOKS']['authentication'])) {
foreach($GLOBALS['SEEDDMS_HOOKS']['authentication'] as $authenticationObj) {
if(method_exists($authenticationObj, 'preAddService')) {
$authenticationObj->preAddService($dms, $authenticator);
}
}
}
$authenticator->addService(new SeedDMS_DbAuthentication($dms, $settings), 'db');
if(isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
$authenticator->addService(new SeedDMS_LdapAuthentication($dms, $settings), 'ldap');
}
if(isset($GLOBALS['SEEDDMS_HOOKS']['authentication'])) {
foreach($GLOBALS['SEEDDMS_HOOKS']['authentication'] as $authenticationObj) {
if(method_exists($authenticationObj, 'postAddService')) {
$authenticationObj->postAddService($dms, $authenticator);
}
}
}

28
inc/inc.ClassAuthentication.php
View File

@ -24,34 +24,6 @@
*/
abstract class SeedDMS_Authentication
{
/**
* DMS object
*
* @var SeedDMS_Core_DMS
* @access protected
*/
protected $dms;
/**
* DMS settings
*
* @var Settings
* @access protected
*/
protected $settings;
/**
* Constructor
*
* @param SeedDMS_Core_DMS $dms DMS object
* @param Settings $settings DMS settings
*/
function __construct($dms, $settings) /* {{{ */
{
$this->dms = $dms;
$this->settings = $settings;
} /* }}} */
/**
* Do Authentication
*

88
inc/inc.ClassAuthenticationService.php Normal file
View File

@ -0,0 +1,88 @@
<?php
/**
* Implementation of authentication service
*
* @category DMS
* @package SeedDMS
* @license GPL 2
* @version @version@
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2016 Uwe Steinmann
* @version Release: @package_version@
*/
/**
* Implementation of authentication service
*
* @category DMS
* @package SeedDMS
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2016 Uwe Steinmann
* @version Release: @package_version@
*/
class SeedDMS_AuthenticationService {
/**
* List of services for authenticating user
*/
protected $services;
/*
* List of servives with errors
*/
protected $errors;
/*
* Service for logging
*/
protected $logger;
/*
* Configuration
*/
protected $settings;
public function __construct($logger = null, $settings = null) { /* {{{ */
$this->services = array();
$this->errors = array();
$this->logger = $logger;
$this->settings = $settings;
} /* }}} */
public function addService($service, $name='') { /* {{{ */
if(!$name)
$name = md5(uniqid());
$this->services[$name] = $service;
$this->errors[$name] = true;
} /* }}} */
public function getServices() { /* {{{ */
return $this->services;
} /* }}} */
public function getErrors() { /* {{{ */
return $this->errors;
} /* }}} */
public function authenticate($username, $password) { /* {{{ */
$user = null;
foreach($this->services as $name => $service) {
$this->logger->log('Authentication service \''.$name.'\'', PEAR_LOG_INFO);
$user = $service->authenticate($username, $password);
if($user === false) {
$this->errors[$name] = false;
if($this->logger)
$this->logger->log('Authentication service \''.$name.'\': Authentication of user \''.$username.'\' failed.', PEAR_LOG_ERR);
return false;
} elseif($user === null) {
if($this->logger)
$this->logger->log('Authentication service \''.$name.'\': Authentication of user \''.$username.'\' disregarded.', PEAR_LOG_ERR);
} else {
if($this->logger)
$this->logger->log('Authentication service \''.$name.'\': Authentication of user \''.$username.'\' successful.', PEAR_LOG_INFO);
$this->errors[$name] = true;
return $user;
}
}
return $user;
} /* }}} */
}

6
inc/inc.ClassConversionServicePdfToImage.php
View File

@ -50,8 +50,12 @@ class SeedDMS_ConversionServicePdfToImage extends SeedDMS_ConversionServiceBase
$imagick = new Imagick();
/* Setting a smaller resolution will speed up the conversion
* A resolution of 72,72 will create a 596x842 image
* Setting it to 36,36 will create a 298x421 image which should
* be sufficient in most cases, but keep in mind that images are
* not scaled up. Hence, a width of 400px still results in a 298px
* wide image
*/
$imagick->setResolution(36,36);
$imagick->setResolution(72,72);
$page = 0;
if(!empty($params['page']) && intval($params['page']) > 0)
$page = intval($params['page'])-1;

16
inc/inc.ClassDbAuthentication.php
View File

@ -24,6 +24,15 @@ require_once "inc.ClassAuthentication.php";
*/
class SeedDMS_DbAuthentication extends SeedDMS_Authentication {
var $dms;
var $settings;
public function __construct($dms, $settings) { /* {{{ */
$this->dms = $dms;
$this->settings = $settings;
} /* }}} */
/**
* Do Authentication
*
@ -32,18 +41,15 @@ class SeedDMS_DbAuthentication extends SeedDMS_Authentication {
* @return object|boolean user object if authentication was successful otherwise false
*/
public function authenticate($username, $password) { /* {{{ */
$settings = $this->settings;
$dms = $this->dms;
// Try to find user with given login.
if($user = $dms->getUserByLogin($username)) {
$userid = $user->getID();
// Check if password matches (if not a guest user)
// Assume that the password has been sent via HTTP POST. It would be careless
// (and dangerous) for passwords to be sent via GET.
// Check if password matches
if (!seed_pass_verify($password, $user->getPwd())) {
$user = false;
$user = null;
}
}

1
inc/inc.ClassExtensionMgr.php
View File

@ -665,6 +665,7 @@ class SeedDMS_Extension_Mgr {
}
file_put_contents($this->cachedir."/".self::repos_list_file, $file);
} else {
$this->errmsgs[] = 'Could not fetch extension list';
return false;
}
}

13
inc/inc.ClassLdapAuthentication.php
View File

@ -24,6 +24,15 @@ require_once "inc.ClassAuthentication.php";
*/
class SeedDMS_LdapAuthentication extends SeedDMS_Authentication {
var $dms;
var $settings;
public function __construct($dms, $settings) { /* {{{ */
$this->dms = $dms;
$this->settings = $settings;
} /* }}} */
/**
* Do ldap authentication
*
@ -84,7 +93,7 @@ class SeedDMS_LdapAuthentication extends SeedDMS_Authentication {
$bind = @ldap_bind($ds);
}
$dn = false;
/* If bind succeed, then get the dn of for the user */
/* If bind succeed, then get the dn of the user */
if ($bind) {
if (isset($settings->_ldapFilter) && strlen($settings->_ldapFilter) > 0) {
$search = ldap_search($ds, $settings->_ldapBaseDN, "(&(".$ldapSearchAttribut.$username.")".$settings->_ldapFilter.")");
@ -106,7 +115,7 @@ class SeedDMS_LdapAuthentication extends SeedDMS_Authentication {
$dn = $tmpDN;
}
/* No do the actual authentication of the user */
/* Now do the actual authentication of the user */
$bind = @ldap_bind($ds, $dn, $password);
$user = $dms->getUserByLogin($username);
if($user === false) {

1
inc/inc.DBInit.php
View File

@ -69,3 +69,4 @@ if(isset($GLOBALS['SEEDDMS_HOOKS']['initDMS'])) {
require_once('inc/inc.Tasks.php');
require_once("inc.ConversionInit.php");
require_once('inc.FulltextInit.php');
require_once('inc.AuthenticationInit.php');

2
op/op.AddDocument.php
View File

@ -508,7 +508,7 @@ foreach($file_ary as $file) {
}
}
}
add_log_line("?name=".$name."&folderid=".$folderid);
}

8
op/op.Ajax.php
View File

@ -171,7 +171,8 @@ switch($command) {
$result = array();
foreach($hits['folders'] as $hit) {
if($hit->getAccessMode($user, 'search') >= M_READ)
$result[] = $hit->getID().'#'.$basefolder->getName().'/'.$hit->getName();
//$result[] = $hit->getID().'#'.$basefolder->getName().'/'.$hit->getName();
$result[] = $hit->getID().'#'.$hit->getFolderPathPlain(true, '/');
}
header('Content-Type: application/json');
echo json_encode($result);
@ -182,7 +183,8 @@ switch($command) {
$subfolders = SeedDMS_Core_DMS::filterAccess($subfolders, $user, M_READ);
$result = array();
foreach($subfolders as $subfolder) {
$result[] = $subfolder->getID().'#'.$basefolder->getName().'/'.$subfolder->getName();
//$result[] = $subfolder->getID().'#'.$basefolder->getName().'/'.$subfolder->getName();
$result[] = $subfolder->getID().'#'.$subfolder->getFolderPathPlain(true, '/');
}
header('Content-Type: application/json');
echo json_encode($result);
@ -197,7 +199,7 @@ switch($command) {
$result = array();
foreach($hits['folders'] as $hit) {
if($hit->getAccessMode($user, 'search') >= M_READ)
$result[] = $hit->getID().'#'.$hit->getName();
$result[] = $hit->getID().'#'.$hit->getFolderPathPlain(true, '/');
}
header('Content-Type: application/json');
echo json_encode($result);

1
op/op.Login.php
View File

@ -89,6 +89,7 @@ $controller->setParam('lang', $lang);
$controller->setParam('sesstheme', $sesstheme);
$controller->setParam('referuri', $referuri);
$controller->setParam('session', $session);
$controller->setParam('authenticator', $authenticator);
if(!$controller()) {
$session = null;
add_log_line("login failed", PEAR_LOG_ERR);

59
restapi/index.php
View File

@ -63,7 +63,7 @@ class RestapiController { /* {{{ */
}
}
return $attrvalues;
} /* }}} */
} /* }}} */
protected function __getDocumentData($document) { /* {{{ */
$data = array(
@ -232,6 +232,7 @@ class RestapiController { /* {{{ */
$dms = $this->container->dms;
$settings = $this->container->config;
$logger = $this->container->logger;
$authenticator = $this->container->authenticator;
$params = $request->getParsedBody();
if(empty($params['user']) || empty($params['pass'])) {
@ -240,23 +241,7 @@ class RestapiController { /* {{{ */
}
$username = $params['user'];
$password = $params['pass'];
// $userobj = $dms->getUserByLogin($username);
$userobj = null;
/* Authenticate against LDAP server {{{ */
if (!$userobj && isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
require_once("../inc/inc.ClassLdapAuthentication.php");
$authobj = new SeedDMS_LdapAuthentication($dms, $settings);
$userobj = $authobj->authenticate($username, $password);
} /* }}} */
/* Authenticate against SeedDMS database {{{ */
if(!$userobj) {
require_once("../inc/inc.ClassDbAuthentication.php");
$authobj = new SeedDMS_DbAuthentication($dms, $settings);
$userobj = $authobj->authenticate($username, $password);
} /* }}} */
$userobj = $authenticator->authenticate($username, $password);
if(!$userobj) {
setcookie("mydms_session", '', time()-3600, $settings->_httpRoot);
@ -1432,7 +1417,7 @@ class RestapiController { /* {{{ */
return $response->withHeader('Content-Type', 'image/png')
->withHeader('Content-Description', 'File Transfer')
->withHeader('Content-Transfer-Encoding', 'binary')
->withHeader('Content-Disposition', 'attachment; filename=preview-"' . $document->getID() . "-" . $object->getVersion() . "-" . $width . ".png" . '"')
->withHeader('Content-Disposition', 'attachment; filename="preview-' . $document->getID() . "-" . $object->getVersion() . "-" . $width . ".png" . '"')
->withHeader('Content-Length', $previewer->getFilesize($object))
->withBody($stream);
} else {
@ -2612,7 +2597,7 @@ class TestController { /* {{{ */
} /* }}} */
/* Middleware for authentication */
class Auth { /* {{{ */
class RestapiAuth { /* {{{ */
private $container;
@ -2634,7 +2619,17 @@ class Auth { /* {{{ */
// $this->container has the DI
$dms = $this->container->dms;
$settings = $this->container->config;
$logger = $this->container->logger;
$logger = $this->container->logger;
$userobj = null;
if($this->container->has('userobj'))
$userobj = $this->container->userobj;
if($userobj) {
$response = $next($request, $response);
return $response;
}
$logger->log("Invoke middleware for method ".$request->getMethod()." on '".$request->getUri()->getPath()."'", PEAR_LOG_INFO);
$logger->log("Access with method ".$request->getMethod()." on '".$request->getUri()->getPath()."'".(isset($this->container->environment['HTTP_ORIGIN']) ? " with origin ".$this->container->environment['HTTP_ORIGIN'] : ''), PEAR_LOG_INFO);
if($settings->_apiOrigin && isset($this->container->environment['HTTP_ORIGIN'])) {
$logger->log("Checking origin", PEAR_LOG_DEBUG);
@ -2712,7 +2707,17 @@ $container['conversionmgr'] = $conversionmgr;
$container['logger'] = $logger;
$container['fulltextservice'] = $fulltextservice;
$container['notifier'] = $notifier;
$app->add(new Auth($container));
$container['authenticator'] = $authenticator;
$app->add(new RestapiAuth($container));
if(isset($GLOBALS['SEEDDMS_HOOKS']['initRestAPI'])) {
foreach($GLOBALS['SEEDDMS_HOOKS']['initRestAPI'] as $hookObj) {
if (method_exists($hookObj, 'addMiddleware')) {
$hookObj->addMiddleware($app);
}
}
}
// Make CORS preflighted request possible
$app->options('/{routes:.+}', function ($request, $response, $args) {
@ -2799,11 +2804,11 @@ $app->get('/echo/{data}', \TestController::class.':echoData');
$app->get('/statstotal', \RestapiController::class.':getStatsTotal');
if(isset($GLOBALS['SEEDDMS_HOOKS']['initRestAPI'])) {
foreach($GLOBALS['SEEDDMS_HOOKS']['initRestAPI'] as $hookObj) {
if (method_exists($hookObj, 'addRoute')) {
$hookObj->addRoute($app);
}
}
foreach($GLOBALS['SEEDDMS_HOOKS']['initRestAPI'] as $hookObj) {
if (method_exists($hookObj, 'addRoute')) {
$hookObj->addRoute($app);
}
}
}
$app->run();

2
views/bootstrap/class.AttributeMgr.php
View File

@ -182,7 +182,7 @@ $(document).ready( function() {
<?php echo createHiddenFieldWithKey('removeattrdef'); ?>
<input type="hidden" name="attrdefid" value="<?php echo $selattrdef->getID()?>">
<input type="hidden" name="action" value="removeattrdef">
<button type="submit" class="btn btn-secondary"><i class="fa fa-remove"></i> <?php echo getMLText("rm_attrdef")?></button>
<?php $this->formSubmit('<i class="fa fa-remove"></i> '.getMLText('rm_attrdef'),'','','secondary');?>
</form>
<?php
}

14
views/bootstrap/class.Bootstrap.php
View File

@ -548,17 +548,17 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
$txtpath = "";
for ($i = 0; $i < count($path); $i++) {
$txtpath .= "<li>";
if ($i +1 < count($path)) {
$txtpath .= "<a href=\"".$this->params['settings']->_httpRoot."out/out.ViewFolder.php?folderid=".$path[$i]->getID()."&showtree=".showtree()."\" data-droptarget=\"folder_".$path[$i]->getID()."\" rel=\"folder_".$path[$i]->getID()."\" class=\"table-row-folder droptarget\" data-uploadformtoken=\"".createFormKey('')."\" formtoken=\"".createFormKey('')."\">".
if ($i+1 < count($path)) {
$txtpath .= "<a href=\"".$this->params['settings']->_httpRoot."out/out.ViewFolder.php?folderid=".$path[$i]->getID()."&showtree=".showtree()."\" data-droptarget=\"folder_".$path[$i]->getID()."\" rel=\"folder_".$path[$i]->getID()."\" data-name=\"".htmlspecialchars($path[$i]->getName())."\" class=\"table-row-folder droptarget\" data-uploadformtoken=\"".createFormKey('')."\" formtoken=\"".createFormKey('')."\">".
htmlspecialchars($path[$i]->getName())."</a>";
}
else {
$txtpath .= ($tagAll ? "<a href=\"".$this->params['settings']->_httpRoot."out/out.ViewFolder.php?folderid=".$path[$i]->getID()."&showtree=".showtree()."\">".htmlspecialchars($path[$i]->getName())."</a>" : htmlspecialchars($path[$i]->getName()));
$txtpath .= ($tagAll ? "<a href=\"".$this->params['settings']->_httpRoot."out/out.ViewFolder.php?folderid=".$path[$i]->getID()."&showtree=".showtree()."\" data-droptarget=\"folder_".$path[$i]->getID()."\" rel=\"folder_".$path[$i]->getID()."\" data-name=\"".htmlspecialchars($path[$i]->getName())."\" class=\"table-row-folder droptarget\" data-uploadformtoken=\"".createFormKey('')."\" formtoken=\"".createFormKey('')."\">".htmlspecialchars($path[$i]->getName())."</a>" : htmlspecialchars($path[$i]->getName()));
}
$txtpath .= " <span class=\"divider\">/</span></li>";
}
if($document)
$txtpath .= "<li><a href=\"".$this->params['settings']->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getId()."\">".htmlspecialchars($document->getName())."</a></li>";
$txtpath .= "<li><a href=\"".$this->params['settings']->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getId()."\" class=\"table-document-row\" rel=\"document_".$document->getId()."\" data-name=\"".htmlspecialchars($document->getName())."\" formtoken=\"".createFormKey('')."\">".htmlspecialchars($document->getName())."</a></li>";
return '<ul class="breadcrumb">'.$txtpath.'</ul>';
} /* }}} */
@ -1323,6 +1323,12 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
case 'danger':
$class = 'btn-danger';
break;
case 'secondary':
$class = 'btn-secondary';
break;
case 'neutral':
$class = '';
break;
case 'primary':
default:
$class = 'btn-primary';

2
views/bootstrap/class.Calendar.php
View File

@ -120,7 +120,7 @@ class SeedDMS_View_Calendar extends SeedDMS_Theme_Style {
<?php echo createHiddenFieldWithKey('removeevent'); ?>
<input type="hidden" name="eventid" value="<?php echo intval($event["id"]); ?>">
<p><?php printMLText("confirm_rm_event", array ("name" => htmlspecialchars($event["name"])));?></p>
<button class="btn btn-danger" type="submit"><i class="fa fa-remove"></i> <?php printMLText("delete");?></button>
<?php $this->formSubmit("<i class=\"fa fa-remove\"></i> ".getMLText('delete'),'','','danger'); ?>
</form>
<?php
$this->contentContainerEnd();

2
views/bootstrap/class.Categories.php
View File

@ -92,7 +92,7 @@ $(document).ready( function() {
<?php echo createHiddenFieldWithKey('removecategory'); ?>
<input type="hidden" name="categoryid" value="<?php echo $selcat->getID()?>">
<input type="hidden" name="action" value="removecategory">
<button class="btn btn-danger" type="submit"><i class="fa fa-remove"></i> <?php echo getMLText("rm_document_category")?></button>
<?php $this->formSubmit('<i class="fa fa-remove"></i> '.getMLText('rm_document_category'),'','','danger');?>
</form>
<?php
}

4
views/bootstrap/class.DefaultKeywords.php
View File

@ -87,7 +87,7 @@ $(document).ready( function() {
<?php echo createHiddenFieldWithKey('removecategory'); ?>
<input type="hidden" name="categoryid" value="<?php echo $selcategory->getId(); ?>">
<input type="hidden" name="action" value="removecategory">
<button class="btn btn-danger" type="submit"><i class="fa fa-remove"></i> <?php echo getMLText("rm_default_keyword_category")?></button>
<?php $this->formSubmit('<i class="fa fa-remove"></i> '.getMLText('rm_default_keyword_category'),'','','danger');?>
</form>
<?php
}
@ -185,7 +185,7 @@ $(document).ready( function() {
<input type="Hidden" name="action" value="newkeywords">
<input type="Hidden" name="categoryid" value="<?php echo $category->getID()?>">
<input type="text" class="keywords form-control" name="keywords">&nbsp;
<button type="submit" class="btn btn-primary"><i class="fa fa-save"></i> <?php printMLText("new_default_keywords");?></button>
<?php $this->formSubmit('<i class="fa fa-save"></i> '.getMLText('new_default_keywords'),'','','primary');?>
</form>
</div>
</div>

2
views/bootstrap/class.EditEvent.php
View File

@ -122,7 +122,7 @@ $(document).ready(function() {
</div>
</div>
<div class="controls">
<button type="submit" class="btn"><i class="fa fa-save"></i> <?php printMLText("save")?></button>
<?php $this->formSubmit('<i class="fa fa-save"></i> '.getMLText('save'),'','','neutral');?>
</div>
</form>
<?php

4
views/bootstrap/class.EditOnline.php
View File

@ -154,9 +154,7 @@ $(document).ready(function() {
if($accessobject->check_controller_access('EditOnline')) {
if($user->getId() == $luser->getId()) {
echo $this->warningMsg(getMLText('edit_online_warning'));
?>
<button id="update" type="submit" class="btn btn-primary"><i class="fa fa-save"></i> <?php printMLText("save"); ?></button>
<?php
$this->formSubmit('<i class="fa fa-save"></i> '.getMLText('save'),'update','','primary');
} else {
echo $this->errorMsg(getMLText('edit_online_not_allowed'));
}

4
views/bootstrap/class.ExtensionMgr.php
View File

@ -319,7 +319,7 @@ class SeedDMS_View_ExtensionMgr extends SeedDMS_Theme_Style {
<form action="../op/op.ExtensionMgr.php" name="form1" method="post">
<?php echo createHiddenFieldWithKey('extensionmgr'); ?>
<input type="hidden" name="action" value="refresh" />
<p><button type="submit" class="btn btn-primary"><i class="fa fa-refresh"></i> <?php printMLText("refresh");?></button></p>
<p><?php $this->formSubmit("<i class=\"fa fa-refresh\"></i> " . getMLText('refresh'));?></p>
</form>
</div>
@ -374,7 +374,7 @@ class SeedDMS_View_ExtensionMgr extends SeedDMS_Theme_Style {
<input type="hidden" name="action" value="getlist" />
<input type="hidden" name="currenttab" value="repository" />
<input type="hidden" name="forceupdate" value="1" />
<button type="submit" class="btn btn-primary"><i class="fa fa-refresh"></i> <?= getMLText('force_update')?></button>
<?php $this->formSubmit("<i class=\"fa fa-refresh\"></i> " . getMLText('force_update'));?>
</form>
</div>
<?php

8
views/bootstrap/class.IndexInfo.php
View File

@ -45,11 +45,11 @@ class SeedDMS_View_IndexInfo extends SeedDMS_Theme_Style {
$numDocs = $index->count();
echo "<legend>".$numDocs." ".getMLText('documents')."</legend>";
/*
$this->contentContainerStart();
$this->contentContainerStart('fulltextinfo');
for ($id = 0; $id < $numDocs; $id++) {
if (!$index->isDeleted($id)) {
if($hit = $index->getDocument($id))
echo "<span title=\"".$hit->document_id."\">".htmlspecialchars($hit->title)."</span>\n";
echo "<span title=\"".$hit->document_id."\">".htmlspecialchars($hit->title)."</span> ";
}
}
$this->contentContainerEnd();
@ -64,10 +64,10 @@ class SeedDMS_View_IndexInfo extends SeedDMS_Theme_Style {
if($field)
$this->contentContainerEnd();
echo "<h5>".htmlspecialchars($term->field)."</h5>";
$this->contentContainerStart();
$this->contentContainerStart('fulltextinfo');
$field = $term->field;
}
echo htmlspecialchars($term->text)."\n";
echo '<span title="'.$term->_occurrence.'">'.htmlspecialchars($term->text)."</span> ";
// echo "<span title=\"".$term->_occurrence."\">".htmlspecialchars($term->text)."</span>\n";
}
$this->contentContainerEnd();

6
views/bootstrap/class.MoveDocument.php
View File

@ -34,6 +34,12 @@ class SeedDMS_View_MoveDocument extends SeedDMS_Theme_Style {
function js() { /* {{{ */
header('Content-Type: application/javascript; charset=UTF-8');
?>
$(document).ready( function() {
$('input[id^=choosefoldersearch]').focus();
});
<?php
// $this->printFolderChooserJs("form1");
} /* }}} */

5
views/bootstrap/class.MoveFolder.php
View File

@ -34,6 +34,11 @@ class SeedDMS_View_MoveFolder extends SeedDMS_Theme_Style {
function js() { /* {{{ */
header('Content-Type: application/javascript; charset=UTF-8');
?>
$(document).ready( function() {
$('input[id^=choosefoldersearch]').focus();
});
<?php
// $this->printFolderChooserJs("form1");
} /* }}} */

4
views/bootstrap/class.RemoveArchive.php
View File

@ -46,8 +46,8 @@ class SeedDMS_View_RemoveArchive extends SeedDMS_Theme_Style {
?>
<form action="../op/op.RemoveArchive.php" name="form1" method="post">
<input type="hidden" name="arkname" value="<?php echo htmlspecialchars($arkname); ?>">
<?php echo createHiddenFieldWithKey('removearchive'); ?>
<p><button type="submit" class="btn btn-danger"><i class="fa fa-remove"></i> <?php printMLText("backup_remove");?></button></p>
<?php echo createHiddenFieldWithKey('removearchive'); ?>
<p><?php $this->formSubmit('<i class="fa fa-remove"></i> '.getMLText('backup_remove'),'','','danger');?></p>
</form>
<?php
$this->contentEnd();

2
views/bootstrap/class.RemoveDocument.php
View File

@ -53,7 +53,7 @@ class SeedDMS_View_RemoveDocument extends SeedDMS_Theme_Style {
<form action="../op/op.RemoveDocument.php" name="form1" method="post">
<input type="Hidden" name="documentid" value="<?php print $document->getID();?>">
<?php echo createHiddenFieldWithKey('removedocument'); ?>
<p><button type="submit" class="btn btn-danger"><i class="fa fa-remove"></i> <?php printMLText("rm_document");?></button></p>
<p><?php $this->formSubmit('<i class="fa fa-remove"></i> '.getMLText('rm_document'),'','','danger');?></p>
</form>
<?php
$this->contentEnd();

6
views/bootstrap/class.RemoveDocumentFile.php
View File

@ -47,9 +47,9 @@ class SeedDMS_View_RemoveDocumentFile extends SeedDMS_Theme_Style {
?>
<form action="../op/op.RemoveDocumentFile.php" name="form1" method="post">
<?php echo createHiddenFieldWithKey('removedocumentfile'); ?>
<input type="Hidden" name="documentid" value="<?php echo $document->getID()?>">
<input type="Hidden" name="fileid" value="<?php echo $file->getID()?>">
<button type="submit" class="btn btn-danger"><i class="fa fa-remove"></i> <?php printMLText("rm_file");?></button>
<input type="hidden" name="documentid" value="<?php echo $document->getID()?>">
<input type="hidden" name="fileid" value="<?php echo $file->getID()?>">
<?php $this->formSubmit('<i class="fa fa-remove"></i> '.getMLText('rm_file'),'','','danger');?>
</form>
<?php
$this->contentEnd();

4
views/bootstrap/class.RemoveDump.php
View File

@ -43,12 +43,12 @@ class SeedDMS_View_RemoveDump extends SeedDMS_Theme_Style {
$this->contentHeading(getMLText("dump_remove"));
?>
<form action="../op/op.RemoveDump.php" name="form1" method="post">
<input type="Hidden" name="dumpname" value="<?php echo htmlspecialchars($dumpname); ?>">
<input type="hidden" name="dumpname" value="<?php echo htmlspecialchars($dumpname); ?>">
<?php
echo createHiddenFieldWithKey('removedump');
$this->warningMsg(getMLText("confirm_rm_dump", array ("dumpname" => htmlspecialchars($dumpname))));
?>
<p><button type="submit" class="btn btn-danger"><i class="fa fa-remove"></i> <?php printMLText("dump_remove");?></button></p>
<p><?php $this->formSubmit('<i class="fa fa-remove"></i> '.getMLText('dump_remove'),'','','danger');?></p>
</form>
<?php
$this->contentEnd();

2
views/bootstrap/class.RemoveEvent.php
View File

@ -49,7 +49,7 @@ class SeedDMS_View_RemoveEvent extends SeedDMS_Bootstrap_Style {
<?php echo createHiddenFieldWithKey('removeevent'); ?>
<input type="hidden" name="eventid" value="<?php echo intval($event["id"]); ?>">
<p><?php printMLText("confirm_rm_event", array ("name" => htmlspecialchars($event["name"])));?></p>
<button class="btn" type="submit"><i class="fa fa-remove"></i> <?php printMLText("delete");?></button>
<?php $this->formSubmit('<i class="fa fa-remove"></i> '.getMLText('delete'),'','','neutral');?>
</form>
<?php
$this->contentContainerEnd();

2
views/bootstrap/class.RemoveFolder.php
View File

@ -47,7 +47,7 @@ class SeedDMS_View_RemoveFolder extends SeedDMS_Theme_Style {
<input type="Hidden" name="folderid" value="<?php print $folder->getID();?>">
<input type="Hidden" name="showtree" value="<?php echo showtree();?>">
<?php echo createHiddenFieldWithKey('removefolder'); ?>
<p><button class="btn btn-danger" type="submit"><i class="fa fa-remove"></i> <?php printMLText("rm_folder");?></button></p>
<p><?php $this->formSubmit("<i class=\"fa fa-remove\"></i> " . getMLText('rm_folder'), '', '', 'danger'); ?></p>
</form>
<?php
$this->contentEnd();

2
views/bootstrap/class.RemoveFolderFiles.php
View File

@ -48,7 +48,7 @@ class SeedDMS_View_RemoveFolderFiles extends SeedDMS_Bootstrap_Style {
<?php echo createHiddenFieldWithKey('removefolderfiles'); ?>
<input type="hidden" name="folderid" value="<?php echo $folder->getID()?>">
<p><?php printMLText("confirm_rm_folder_files", array ("foldername" => htmlspecialchars($folder->getName())));?></p>
<input class="btn" type="submit" value="<?php printMLText("accept");?>">
<?php $this->formSubmit(getMLText('accept'),'','',"neutral"); ?>
</form>
<?php
$this->contentContainerEnd();

2
views/bootstrap/class.RemoveGroup.php
View File

@ -49,7 +49,7 @@ class SeedDMS_View_RemoveGroup extends SeedDMS_Theme_Style {
<?php
$this->warningMsg(getMLText("confirm_rm_group", array ("groupname" => htmlspecialchars($group->getName()))));
?>
<p><button type="submit" class="btn btn-danger"><i class="fa fa-remove"></i> <?php printMLText("rm_group");?></button></p>
<p><?php $this->formSubmit('<i class="fa fa-remove"></i> '.getMLText('rm_group'),'','','danger');?></p>
</form>
<?php
$this->contentEnd();

2
views/bootstrap/class.RemoveLog.php
View File

@ -53,7 +53,7 @@ class SeedDMS_View_RemoveLog extends SeedDMS_Theme_Style {
}
$this->warningMsg(getMLText("confirm_rm_log", array ("logname" => implode(', ', $lognames))));
?>
<p><button type="submit" class="btn btn-danger"><i class="fa fa-remove"></i> <?php printMLText("rm_file");?></button></p>
<p><<?php $this->formSubmit('<i class="fa fa-remove"></i> '.getMLText('rm_file'),'','','danger');?>/p>
</form>
<?php
$this->contentEnd();

2
views/bootstrap/class.RemoveUser.php
View File

@ -74,7 +74,7 @@ class SeedDMS_View_RemoveUser extends SeedDMS_Theme_Style {
?>
<div class="control-group">
<div class="controls">
<button type="submit" class="btn btn-danger"><i class="fa fa-remove"></i> <?php printMLText("rm_user");?></button>
<?php $this->formSubmit('<i class="fa fa-remove"></i> '.getMLText('rm_user'),'','','danger');?>
</div>
</div>

34
views/bootstrap/class.RemoveUserFromProcesses.php
View File

@ -283,24 +283,24 @@ $(document).ready( function() {
}
}
echo "</tbody>\n</table>";
$options = array(array(0, getMLText('do_no_transfer_to_user')));
foreach ($allusers as $currUser) {
if ($currUser->isGuest() || ($currUser->getID() == $rmuser->getID()) )
continue;
$options = array(array(0, getMLText('do_no_transfer_to_user')));
foreach ($allusers as $currUser) {
if ($currUser->isGuest() || ($currUser->getID() == $rmuser->getID()) )
continue;
if ($rmuser && $currUser->getID()==$rmuser->getID()) $selected=$count;
$options[] = array($currUser->getID(), htmlspecialchars($currUser->getLogin()." - ".$currUser->getFullName()));
}
$this->formField(
getMLText("transfer_process_to_user"),
array(
'element'=>'select',
'name'=>'assignTo',
'class'=>'chzn-select',
'options'=>$options
)
);
echo '<button type="submit" class="btn btn-primary"><i class="fa fa-remove"></i> '.getMLText('transfer_processes_to_user').'</button>';
if ($rmuser && $currUser->getID()==$rmuser->getID()) $selected=$count;
$options[] = array($currUser->getID(), htmlspecialchars($currUser->getLogin()." - ".$currUser->getFullName()));
}
$this->formField(
getMLText("transfer_process_to_user"),
array(
'element'=>'select',
'name'=>'assignTo',
'class'=>'chzn-select',
'options'=>$options
)
);
$this->formSubmit('<i class="fa fa-remove"></i> '.getMLText('transfer_processes_to_user'),'','','primary');
echo '</form>';
}
} /* }}} */

2
views/bootstrap/class.RemoveVersion.php
View File

@ -49,7 +49,7 @@ class SeedDMS_View_RemoveVersion extends SeedDMS_Theme_Style {
<?php echo createHiddenFieldWithKey('removeversion'); ?>
<input type="hidden" name="documentid" value="<?php echo $document->getID()?>">
<input type="hidden" name="version" value="<?php echo $version->getVersion()?>">
<p><button type="submit" class="btn btn-danger"><i class="fa fa-remove"></i> <?php printMLText("rm_version");?></button></p>
<p><?php $this->formSubmit('<i class="fa fa-remove"></i> '.getMLText('rm_version'),'','','danger');?></p>
</form>
<?php
$this->contentEnd();

4
views/bootstrap/class.Search.php
View File

@ -367,10 +367,10 @@ function typeahead() { /* {{{ */
foreach ($entries as $entry) {
if($entry->isType('document')) {
// $recs[] = 'D'.$entry->getName();
$recs[] = array('type'=>'D', 'id'=>$entry->getId(), 'name'=>$entry->getName());
$recs[] = array('type'=>'D', 'id'=>$entry->getId(), 'name'=>$entry->getName(), 'path'=>$entry->getParent()->getFolderPathPlain(true, '/'));
} elseif($entry->isType('folder')) {
// $recs[] = 'F'.$entry->getName();
$recs[] = array('type'=>'F', 'id'=>$entry->getId(), 'name'=>$entry->getName());
$recs[] = array('type'=>'F', 'id'=>$entry->getId(), 'name'=>$entry->getName(), 'path'=>$entry->getParent()->getFolderPathPlain(true, '/'));
}
}
}

4
views/bootstrap/class.Settings.php
View File

@ -713,9 +713,7 @@ if(($kkk = $this->callHook('getFullSearchEngine')) && is_array($kkk))
</div>
<?php
if(is_writeable($settings->_configFilePath)) {
?>
<button type="submit" class="btn btn-primary"><i class="fa fa-save"></i> <?php printMLText("save")?></button>
<?php
$this->formSubmit("<i class=\"fa fa-save\"></i> ".getMLText('save'));
}
?>
</form>

2
views/bootstrap/class.TriggerWorkflow.php
View File

@ -113,7 +113,7 @@ $(document).ready(function() {
'required'=>false
)
);
$this->formSubmit(getMLText("action_".strtolower($action->getName()), array(), $action->getName()));
$this->formSubmit(getMLText("action_".strtolower($action->getName()), array(), htmlspecialchars($action->getName())));
?>
</form>
<?php

8
views/bootstrap/class.UserDefaultKeywords.php
View File

@ -139,7 +139,7 @@ $(document).ready(function() {
<?php echo createHiddenFieldWithKey('removecategory'); ?>
<input type="hidden" name="action" value="removecategory">
<input type="hidden" name="categoryid" value="<?php echo $category->getID()?>">
<button type="submit" class="btn btn-danger" title="<?php echo getMLText("delete")?>"><i class="fa fa-remove"></i> <?php printMLText("rm_default_keyword_category");?></button>
<?php $this->formSubmit('<i class="fa fa-remove"></i> '.getMLText('rm_default_keyword_category'),'','','danger');?>
</form>
</div>
@ -151,7 +151,7 @@ $(document).ready(function() {
<input type="hidden" name="action" value="editcategory">
<input type="hidden" name="categoryid" value="<?php echo $category->getID()?>">
<input name="name" type="text" value="<?php echo htmlspecialchars($category->getName())?>">
<button type="submit" class="btn"><i class="fa fa-save"></i> <?php printMLText("save")?></button>
<?php $this->formSubmit('<i class="fa fa-save"></i> '.getMLText('save'),'','','neutral');?>
</div>
</div>
</form>
@ -170,14 +170,14 @@ $(document).ready(function() {
<input type="hidden" name="keywordsid" value="<?php echo $list["id"]?>">
<input type="hidden" name="action" value="editkeywords">
<input type="text" name="keywords" value="<?php echo htmlspecialchars($list["keywords"]) ?>">
<button type="submit" class="btn"><i class="fa fa-save"></i> <?php printMLText("save")?></button>
<?php $this->formSubmit('<i class="fa fa-save"></i> '.getMLText('save'),'','','neutral');?>
</form>
<form style="display: inline-block;" method="post" action="../op/op.UserDefaultKeywords.php" >
<?php echo createHiddenFieldWithKey('removekeywords'); ?>
<input type="hidden" name="categoryid" value="<?php echo $category->getID()?>">
<input type="hidden" name="keywordsid" value="<?php echo $list["id"]?>">
<input type="hidden" name="action" value="removekeywords">
<button type="submit" class="btn btn-danger"><i class="fa fa-remove"></i> <?php printMLText("delete")?></button>
<?php $this->formSubmit('<i class="fa fa-remove"></i> '.getMLText('delete'),'','','danger');?>
</form>
<br>
<?php } ?>

2
views/bootstrap/class.ViewFolder.php
View File

@ -457,7 +457,7 @@ $('body').on('click', '.order-btn', function(ev) {
if(is_string($txt))
echo $txt;
else {
$this->pageNavigation($this->getFolderPathHTML($folder), "view_folder", $folder);
$this->pageNavigation($this->getFolderPathHTML($folder, true), "view_folder", $folder);
}
echo $this->callHook('preContent');

9
views/bootstrap/styles/application.css
View File

@ -265,6 +265,15 @@ span.datepicker {
span.datepicker input {
max-width: 100px;
}
div.typeahead span.path {
font-size: 85%;
color: #888;
}
div.fulltextinfo > span:hover {
background-color: lightblue;
}
/* Sidenav for Docs
* -------------------------------------------------- */

4
views/bootstrap/styles/application.js
View File

@ -148,9 +148,9 @@ function initMost() {
**/
highlighter : function (item) {
if(item.type.charAt(0) == 'D')
return '<i class="fa fa-file"></i> ' + item.name.replace(/</g, '&lt;');
return '<i class="fa fa-file"></i> ' + item.name.replace(/</g, '&lt;') + '<br /><span class="path">' + item.path + '</span>';
else if(item.type.charAt(0) == 'F')
return '<i class="fa fa-folder-o"></i> ' + item.name.replace(/</g, '&lt;');
return '<i class="fa fa-folder-o"></i> ' + item.name.replace(/</g, '&lt;') + '<br /><span class="path">' + item.path + '</span>';
else
return '<i class="fa fa-search"></i> ' + item.name.replace(/</g, '&lt;');
},

14
views/bootstrap4/class.Bootstrap4.php
View File

@ -473,16 +473,16 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
$txtpath = "";
for ($i = 0; $i < count($path); $i++) {
$txtpath .= "<li class=\"breadcrumb-item\">";
if ($i +1 < count($path)) {
$txtpath .= "<a href=\"".$this->params['settings']->_httpRoot."out/out.ViewFolder.php?folderid=".$path[$i]->getID()."&showtree=".showtree()."\" data-droptarget=\"folder_".$path[$i]->getID()."\" rel=\"folder_".$path[$i]->getID()."\" class=\"table-row-folder droptarget\" data-uploadformtoken=\"".createFormKey('')."\" formtoken=\"".createFormKey('')."\">".
if ($i+1 < count($path)) {
$txtpath .= "<a href=\"".$this->params['settings']->_httpRoot."out/out.ViewFolder.php?folderid=".$path[$i]->getID()."&showtree=".showtree()."\" data-droptarget=\"folder_".$path[$i]->getID()."\" rel=\"folder_".$path[$i]->getID()."\" data-name=\"".htmlspecialchars($path[$i]->getName())."\" class=\"table-row-folder droptarget\" data-uploadformtoken=\"".createFormKey('')."\" formtoken=\"".createFormKey('')."\">".
htmlspecialchars($path[$i]->getName())."</a>";
}
else {
$txtpath .= ($tagAll ? "<a href=\"".$this->params['settings']->_httpRoot."out/out.ViewFolder.php?folderid=".$path[$i]->getID()."&showtree=".showtree()."\">".htmlspecialchars($path[$i]->getName())."</a>" : htmlspecialchars($path[$i]->getName()));
$txtpath .= ($tagAll ? "<a href=\"".$this->params['settings']->_httpRoot."out/out.ViewFolder.php?folderid=".$path[$i]->getID()."&showtree=".showtree()."\" data-droptarget=\"folder_".$path[$i]->getID()."\" rel=\"folder_".$path[$i]->getID()."\" data-name=\"".htmlspecialchars($path[$i]->getName())."\" class=\"table-row-folder droptarget\" data-uploadformtoken=\"".createFormKey('')."\" formtoken=\"".createFormKey('')."\">".htmlspecialchars($path[$i]->getName())."</a>" : htmlspecialchars($path[$i]->getName()));
}
}
if($document)
$txtpath .= "<li class=\"breadcrumb-item active\" aria-current=\"page\"><a href=\"".$this->params['settings']->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getId()."\">".htmlspecialchars($document->getName())."</a></li>";
$txtpath .= "<li class=\"breadcrumb-item active table-row-document\" aria-current=\"page\"><a href=\"".$this->params['settings']->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getId()."\" class=\"table-document-row\" rel=\"document_".$document->getId()."\" data-name=\"".htmlspecialchars($document->getName())."\" formtoken=\"".createFormKey('')."\">".htmlspecialchars($document->getName())."</a></li>";
return '<nav aria-label="breadcrumb"><ol class="breadcrumb">'.$txtpath.'</ol></nav>';
} /* }}} */
@ -1249,6 +1249,12 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
case 'danger':
$class = 'btn-danger';
break;
case 'secondary':
$class = 'btn-secondary';
break;
case 'neutral':
$class = '';
break;
case 'primary':
default:
$class = 'btn-primary';

9
views/bootstrap4/styles/application.css
View File

@ -275,6 +275,15 @@ a.accordion2-toggle:focus, a.accordion2-toggle:hover {
span.datepicker {
padding: 0px;
}
div.typeahead span.path {
font-size: 85%;
color: #888;
}
div.fulltextinfo > span:hover {
background-color: lightblue;
}
/* Sidenav for Docs
* -------------------------------------------------- */

4
views/bootstrap4/styles/application.js
View File

@ -153,9 +153,9 @@ function initMost() {
**/
highlighter : function (item) {
if(item.type.charAt(0) == 'D')
return '<i class="fa fa-file"></i> ' + item.name.replace(/</g, '&lt;');
return '<i class="fa fa-file"></i> ' + item.name.replace(/</g, '&lt;') + '<br /><span class="path">' + item.path + '</span>';
else if(item.type.charAt(0) == 'F')
return '<i class="fa fa-folder-o"></i> ' + item.name.replace(/</g, '&lt;');
return '<i class="fa fa-folder-o"></i> ' + item.name.replace(/</g, '&lt;') + '<br /><span class="path">' + item.path + '</span>';
else
return '<i class="fa fa-search"></i> ' + item.name.replace(/</g, '&lt;');
},

2
webdav/index.php
View File

@ -39,7 +39,7 @@ if(isset($GLOBALS['SEEDDMS_HOOKS']['notification'])) {
include("webdav.php");
$server = new HTTP_WebDAV_Server_SeedDMS();
$server->ServeRequest($dms, $logger, $notifier);
$server->ServeRequest($dms, $settings, $logger, $notifier, $authenticator);
//$files = array();
//$options = array('path'=>'/Test1/subdir', 'depth'=>1);
//echo $server->MKCOL(&$options);

128
webdav/webdav.php
View File

@ -32,7 +32,7 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
var $logger = null;
/**
* A reference to a notifier
* A reference to a notification service
*
* This is set by ServeRequest
*
@ -41,6 +41,16 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
*/
var $notifier = null;
/**
* A reference to the authentication service
*
* This is set by ServeRequest
*
* @access private
* @var object
*/
var $authenticator = null;
/**
* Currently logged in user
*
@ -77,7 +87,7 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
* @access public
* @param object $dms reference to DMS
*/
function ServeRequest($dms = null, $logger = null, $notifier = null) /* {{{ */
function ServeRequest($dms = null, $settings = null, $logger = null, $notifier = null, $authenticator = null) /* {{{ */
{
// set root directory, defaults to webserver document root if not set
if ($dms) {
@ -86,12 +96,22 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
return false;
}
// set settings
if ($settings) {
$this->settings = $settings;
} else {
return false;
}
// set logger
$this->logger = $logger;
// set notifier
// set notification service
$this->notifier = $notifier;
// set authentication service
$this->authenticator = $authenticator;
// special treatment for litmus compliance test
// reply on its identifier header
// not needed for the test itself but eases debugging
@ -148,12 +168,11 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
*/
function check_auth($type, $user, $pass) /* {{{ */
{
global $settings;
if($this->logger)
$this->logger->log('check_auth: type='.$type.', user='.$user.'', PEAR_LOG_INFO);
$controller = Controller::factory('Login', array('dms'=>$this->dms));
$controller->setParam('authenticator', $this->authenticator);
$controller->setParam('login', $user);
$controller->setParam('pwd', $pass);
$controller->setParam('source', 'webdav');
@ -171,51 +190,6 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
$this->user = $controller->getUser();
return true;
$userobj = false;
/* Authenticate against LDAP server {{{ */
if (!$userobj && isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
require_once("../inc/inc.ClassLdapAuthentication.php");
$authobj = new SeedDMS_LdapAuthentication($this->dms, $settings);
$userobj = $authobj->authenticate($user, $pass);
if($userobj && $this->logger)
$this->logger->log('check_auth: type='.$type.', user='.$user.' authenticated against LDAP', PEAR_LOG_INFO);
} /* }}} */
/* Authenticate against SeedDMS database {{{ */
if(!$userobj) {
require_once("../inc/inc.ClassDbAuthentication.php");
$authobj = new SeedDMS_DbAuthentication($this->dms, $settings);
$userobj = $authobj->authenticate($user, $pass);
if($userobj && $this->logger)
$this->logger->log('check_auth: type='.$type.', user='.$user.' authenticated against database', PEAR_LOG_INFO);
} /* }}} */
if(!$userobj) {
if($this->logger)
$this->logger->log('check_auth: No such user '.$user, PEAR_LOG_NOTICE);
return false;
}
if(($userobj->getID() == $settings->_guestID) && (!$settings->_enableGuestLogin)) {
if($this->logger)
$this->logger->log('check_auth: Login as guest is not allowed', PEAR_LOG_NOTICE);
return false;
}
if($userobj->isDisabled())
return false;
if($userobj->isAdmin() && ($_SERVER['REMOTE_ADDR'] != $settings->_adminIP ) && ( $settings->_adminIP != ""))
return false;
/* Clear login failures if login was successful */
$userobj->clearLoginFailures();
$this->user = $userobj;
return true;
} /* }}} */
@ -463,6 +437,8 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
$info["props"][] = $this->mkprop("SeedDMS:", "keywords", $keywords);
$info["props"][] = $this->mkprop("SeedDMS:", "id", $obj->getID());
$info["props"][] = $this->mkprop("SeedDMS:", "version", $content->getVersion());
if($content->getComment())
$info["props"][] = $this->mkprop("SeedDMS:", "version-comment", $content->getComment());
$status = $content->getStatus();
$info["props"][] = $this->mkprop("SeedDMS:", "status", $status['status']);
$info["props"][] = $this->mkprop("SeedDMS:", "status-comment", $status['comment']);
@ -645,7 +621,7 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
*/
function PUT(&$options) /* {{{ */
{
global $settings, $fulltextservice;
global $fulltextservice;
$this->log_options('PUT', $options);
@ -731,7 +707,7 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
$name == $lc->getOriginalFileName() &&
$fileType == $lc->getFileType() &&
$mimetype == $lc->getMimeType() &&
$settings->_enableWebdavReplaceDoc) {
$this->settings->_enableWebdavReplaceDoc) {
if($this->logger)
$this->logger->log('PUT: replacing latest version', PEAR_LOG_INFO);
if(!$document->replaceContent($lc->getVersion(), $this->user, $tmpFile, $name, $fileType, $mimetype)) {
@ -749,12 +725,12 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
$reviewers = array('i'=>[], 'g'=>[]);
$approvers = array('i'=>[], 'g'=>[]);
$workflow = null;
if($settings->_workflowMode == 'traditional' || $settings->_workflowMode == 'traditional_only_approval') {
if($settings->_workflowMode == 'traditional') {
if($this->settings->_workflowMode == 'traditional' || $this->settings->_workflowMode == 'traditional_only_approval') {
if($this->settings->_workflowMode == 'traditional') {
$reviewers = getMandatoryReviewers($document->getFolder(), $this->user);
}
$approvers = getMandatoryApprovers($document->getFolder(), $this->user);
} elseif($settings->_workflowMode == 'advanced') {
} elseif($this->settings->_workflowMode == 'advanced') {
if($workflows = $this->user->getMandatoryWorkflows()) {
$workflow = array_shift($workflows);
}
@ -803,7 +779,7 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
/* Check if name already exists in the folder */
/*
if(!$settings->_enableDuplicateDocNames) {
if(!$this->settings->_enableDuplicateDocNames) {
if($folder->hasDocumentByName($name)) {
return "403 Forbidden";
}
@ -813,12 +789,12 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
$reviewers = array('i'=>[], 'g'=>[]);
$approvers = array('i'=>[], 'g'=>[]);
$workflow = null;
if($settings->_workflowMode == 'traditional' || $settings->_workflowMode == 'traditional_only_approval') {
if($settings->_workflowMode == 'traditional') {
if($this->settings->_workflowMode == 'traditional' || $this->settings->_workflowMode == 'traditional_only_approval') {
if($this->settings->_workflowMode == 'traditional') {
$reviewers = getMandatoryReviewers($folder, $this->user);
}
$approvers = getMandatoryApprovers($folder, $this->user);
} elseif($settings->_workflowMode == 'advanced') {
} elseif($this->settings->_workflowMode == 'advanced') {
if($workflows = $this->user->getMandatoryWorkflows()) {
$workflow = array_shift($workflows);
}
@ -841,7 +817,7 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
$controller->setParam('filetype', $fileType);
$controller->setParam('userfiletype', $mimetype);
$minmax = $folder->getDocumentsMinMax();
if($settings->_defaultDocPosition == 'start')
if($this->settings->_defaultDocPosition == 'start')
$controller->setParam('sequence', $minmax['min'] - 1);
else
$controller->setParam('sequence', $minmax['max'] + 1);
@ -854,9 +830,9 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
$controller->setParam('workflow', $workflow);
$controller->setParam('notificationgroups', array());
$controller->setParam('notificationusers', array());
$controller->setParam('initialdocumentstatus', $settings->_initialDocumentStatus);
$controller->setParam('maxsizeforfulltext', $settings->_maxSizeForFullText);
$controller->setParam('defaultaccessdocs', $settings->_defaultAccessDocs);
$controller->setParam('initialdocumentstatus', $this->settings->_initialDocumentStatus);
$controller->setParam('maxsizeforfulltext', $this->settings->_maxSizeForFullText);
$controller->setParam('defaultaccessdocs', $this->settings->_defaultAccessDocs);
if(!$document = $controller()) {
// if(!$res = $folder->addDocument($name, '', 0, $this->user, '', array(), $tmpFile, $name, $fileType, $mimetype, 0, array(), array(), 0, "")) {
unlink($tmpFile);
@ -884,8 +860,6 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
*/
function MKCOL($options) /* {{{ */
{
global $settings;
$this->log_options('MKCOL', $options);
$path = $options["path"];
@ -964,7 +938,7 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
*/
function DELETE($options) /* {{{ */
{
global $settings, $fulltextservice;
global $fulltextservice;
$this->log_options('DELETE', $options);
@ -1037,8 +1011,6 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
*/
function MOVE($options) /* {{{ */
{
global $settings;
$this->log_options('MOVE', $options);
// no copying to different WebDAV Servers yet
@ -1113,7 +1085,7 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
/* Set the new Folder of the source object */
if(get_class($objsource) == $this->dms->getClassname('document')) {
/* Check if name already exists in the folder */
if(!$settings->_enableDuplicateDocNames) {
if(!$this->settings->_enableDuplicateDocNames) {
if($newdocname) {
if($objdest->hasDocumentByName($newdocname)) {
return "403 Forbidden";
@ -1137,7 +1109,7 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
}
} elseif(get_class($objsource) == $this->dms->getClassname('folder')) {
/* Check if name already exists in the folder */
if(!$settings->_enableDuplicateSubFolderNames) {
if(!$this->settings->_enableDuplicateSubFolderNames) {
if($newdocname) {
if($objdest->hasSubFolderByName($newdocname)) {
return "403 Forbidden";
@ -1174,7 +1146,7 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
*/
function COPY($options) /* {{{ */
{
global $settings, $fulltextservice;
global $fulltextservice;
$this->log_options('COPY', $options);
@ -1274,7 +1246,7 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
/* Check if name already exists in the folder */
/*
if(!$settings->_enableDuplicateDocNames) {
if(!$this->settings->_enableDuplicateDocNames) {
if($objdest->hasDocumentByName($newdocname)) {
return "403 Forbidden";
}
@ -1284,12 +1256,12 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
$reviewers = array('i'=>[], 'g'=>[]);
$approvers = array('i'=>[], 'g'=>[]);
$workflow = null;
if($settings->_workflowMode == 'traditional' || $settings->_workflowMode == 'traditional_only_approval') {
if($settings->_workflowMode == 'traditional') {
if($this->settings->_workflowMode == 'traditional' || $this->settings->_workflowMode == 'traditional_only_approval') {
if($this->settings->_workflowMode == 'traditional') {
$reviewers = getMandatoryReviewers($objdest, $this->user);
}
$approvers = getMandatoryApprovers($objdest, $this->user);
} elseif($settings->_workflowMode == 'advanced') {
} elseif($this->settings->_workflowMode == 'advanced') {
if($workflows = $this->user->getMandatoryWorkflows()) {
$workflow = array_shift($workflows);
}
@ -1316,7 +1288,7 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
$controller->setParam('filetype', $content->getFileType());
$controller->setParam('userfiletype', $content->getMimeType());
$minmax = $objdest->getDocumentsMinMax();
if($settings->_defaultDocPosition == 'start')
if($this->settings->_defaultDocPosition == 'start')
$controller->setParam('sequence', $minmax['min'] - 1);
else
$controller->setParam('sequence', $minmax['max'] + 1);
@ -1329,8 +1301,8 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
$controller->setParam('workflow', $workflow);
$controller->setParam('notificationgroups', array());
$controller->setParam('notificationusers', array());
$controller->setParam('maxsizeforfulltext', $settings->_maxSizeForFullText);
$controller->setParam('defaultaccessdocs', $settings->_defaultAccessDocs);
$controller->setParam('maxsizeforfulltext', $this->settings->_maxSizeForFullText);
$controller->setParam('defaultaccessdocs', $this->settings->_defaultAccessDocs);
if(!$document = $controller()) {
if($this->logger)
$this->logger->log('COPY: error copying object', PEAR_LOG_ERR);