From ea8a695551820a2ecdfe635ab888d5c42c366bbf Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Wed, 2 Aug 2017 10:53:50 +0200 Subject: [PATCH 1/4] maySetReviewersApprovers() checks if review/approval has been done already --- inc/inc.ClassAccessOperation.php | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/inc/inc.ClassAccessOperation.php b/inc/inc.ClassAccessOperation.php index 80840eb5c..522f1692b 100644 --- a/inc/inc.ClassAccessOperation.php +++ b/inc/inc.ClassAccessOperation.php @@ -114,15 +114,28 @@ class SeedDMS_AccessOperation { * * This check can only be done for documents. Overwriting the document * reviewers/approvers is only allowed if version modification is turned on - * in the settings and the document is in 'draft review' status. The - * admin may even set reviewers/approvers if is disallowed in the + * in the settings and the document has not been reviewed/approved by any + * user/group already. + * The admin may even set reviewers/approvers if is disallowed in the * settings. */ function maySetReviewersApprovers() { /* {{{ */ if(get_class($this->obj) == 'SeedDMS_Core_Document') { $latestContent = $this->obj->getLatestContent(); $status = $latestContent->getStatus(); - if ((($this->settings->_enableVersionModification && ($this->obj->getAccessMode($this->user) == M_ALL)) || $this->user->isAdmin()) && ($status["status"]==S_DRAFT_REV || $status["status"]==S_DRAFT_APP && $this->settings->_workflowMode == 'traditional_only_approval')) { + $reviewstatus = $latestContent->getReviewStatus(); + $hasreview = false; + foreach($reviewstatus as $r) { + if($r['status'] == 1 || $r['status'] == -1) + $hasreview = true; + } + $approvalstatus = $latestContent->getApprovalStatus(); + $hasapproval = false; + foreach($approvalstatus as $r) { + if($r['status'] == 1 || $r['status'] == -1) + $hasapproval = true; + } + if ((($this->settings->_enableVersionModification && ($this->obj->getAccessMode($this->user) == M_ALL)) || $this->user->isAdmin()) && (($status["status"]==S_DRAFT_REV && !$hasreview) || ($status["status"]==S_DRAFT_APP && !$hasreview && !$hasapproval))) { return true; } } From c54faf8f901258edda36dddda23e803bc4b12faa Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Wed, 2 Aug 2017 10:54:40 +0200 Subject: [PATCH 2/4] regard mandatory reviewers/approvers the owner of the document may not remove mandatory reviewers/approvers anymore. Only admin may do that, it he/she is not the owner. --- op/op.SetReviewersApprovers.php | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/op/op.SetReviewersApprovers.php b/op/op.SetReviewersApprovers.php index 4d995a24a..7b0589c59 100644 --- a/op/op.SetReviewersApprovers.php +++ b/op/op.SetReviewersApprovers.php @@ -60,6 +60,7 @@ if ($overallStatus["status"]==S_REJECTED || $overallStatus["status"]==S_OBSOLETE } $folder = $document->getFolder(); +$owner = $document->getOwner(); // Retrieve a list of all users and groups that have review / approve // privileges. @@ -104,6 +105,18 @@ foreach ($approvalStatus as $i=>$rs) { // Get the list of proposed reviewers, stripping out any duplicates. $pIndRev = (isset($_POST["indReviewers"]) ? array_values(array_unique($_POST["indReviewers"])) : array()); $pGrpRev = (isset($_POST["grpReviewers"]) ? array_values(array_unique($_POST["grpReviewers"])) : array()); +if($user->getID() != $owner->getID()) { + $res=$owner->getMandatoryReviewers(); + if($user->isAdmin()) + $res = array(); +} else + $res=$user->getMandatoryReviewers(); +foreach ($res as $r) { + if(!in_array($r['reviewerUserID'], $pIndRev)) + $pIndRev[] = $r['reviewerUserID']; + if(!in_array($r['reviewerGroupID'], $pGrpRev)) + $pGrpRev[] = $r['reviewerGroupID']; +} foreach ($pIndRev as $p) { if (is_numeric($p)) { if (isset($accessIndex["i"][$p])) { @@ -319,6 +332,18 @@ if (count($reviewIndex["g"]) > 0) { // Get the list of proposed approvers, stripping out any duplicates. $pIndApp = (isset($_POST["indApprovers"]) ? array_values(array_unique($_POST["indApprovers"])) : array()); $pGrpApp = (isset($_POST["grpApprovers"]) ? array_values(array_unique($_POST["grpApprovers"])) : array()); +if($user->getID() != $owner->getID()) { + $res=$owner->getMandatoryApprovers(); + if($user->isAdmin()) + $res = array(); +} else + $res=$user->getMandatoryApprovers(); +foreach ($res as $r) { + if(!in_array($r['approverUserID'], $pIndApp)) + $pIndApp[] = $r['approverUserID']; + if(!in_array($r['approverGroupID'], $pGrpApp)) + $pGrpApp[] = $r['approverGroupID']; +} foreach ($pIndApp as $p) { if (is_numeric($p)) { if (isset($accessIndex["i"][$p])) { From 48e1bfa670ed3e0e2353902947b4248846afbad5 Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Wed, 2 Aug 2017 10:56:28 +0200 Subject: [PATCH 3/4] regard mandatory reviewers/approvers --- .../bootstrap/class.SetReviewersApprovers.php | 103 +++++++++++++++--- 1 file changed, 89 insertions(+), 14 deletions(-) diff --git a/views/bootstrap/class.SetReviewersApprovers.php b/views/bootstrap/class.SetReviewersApprovers.php index b58f73fd4..ffd4f2780 100644 --- a/views/bootstrap/class.SetReviewersApprovers.php +++ b/views/bootstrap/class.SetReviewersApprovers.php @@ -43,6 +43,7 @@ class SeedDMS_View_SetReviewersApprovers extends SeedDMS_Bootstrap_Style { $enableselfrevapp = $this->params['enableselfrevapp']; $overallStatus = $content->getStatus(); + $owner = $document->getOwner(); $this->htmlStartPage(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName())))); $this->globalNavigation($folder); @@ -92,7 +93,12 @@ class SeedDMS_View_SetReviewersApprovers extends SeedDMS_Bootstrap_Style { "; +// print ""; } elseif (isset($reviewIndex["i"][$usr->getID()])) { @@ -121,8 +127,24 @@ class SeedDMS_View_SetReviewersApprovers extends SeedDMS_Bootstrap_Style { } } ?> - - + + 0) { + $u = $dms->getUser($r['reviewerUserID']); + $tmp[] = htmlspecialchars($u->getFullName().' ('.$u->getLogin().')'); + } + } + if($tmp) { + echo '
'.getMLText('mandatory_reviewers').': '; + echo implode(', ', $tmp); + echo "
\n"; + } + } +?>
:
"; +// print ""; } elseif (isset($reviewIndex["g"][$group->getID()])) { @@ -154,8 +176,25 @@ class SeedDMS_View_SetReviewersApprovers extends SeedDMS_Bootstrap_Style { } } ?> - - + + 0) { + $u = $dms->getGroup($r['reviewerGroupID']); + $tmp[] = htmlspecialchars($u->getName()); + } + } + if($tmp) { + echo '
'.getMLText('mandatory_reviewergroups').': '; + echo implode(', ', $tmp); + echo "
\n"; + } + } + } +?> contentSubHeading(getMLText("update_approvers"));?> @@ -163,8 +202,12 @@ class SeedDMS_View_SetReviewersApprovers extends SeedDMS_Bootstrap_Style { "; +// print ""; } elseif (isset($approvalIndex["i"][$usr->getID()])) { @@ -195,7 +238,23 @@ class SeedDMS_View_SetReviewersApprovers extends SeedDMS_Bootstrap_Style { } } ?> - + + 0) { + $u = $dms->getUser($r['approverUserID']); + $tmp[] = htmlspecialchars($u->getFullName().' ('.$u->getLogin().')'); + } + } + if($tmp) { + echo '
'.getMLText('mandatory_approvers').': '; + echo implode(', ', $tmp); + echo "
\n"; + } + } +?>
:
"; +// print ""; } elseif (isset($approvalIndex["g"][$group->getID()])) { @@ -229,8 +288,24 @@ class SeedDMS_View_SetReviewersApprovers extends SeedDMS_Bootstrap_Style { } } ?> - - + + 0) { + $u = $dms->getGroup($r['approverGroupID']); + $tmp[] = htmlspecialchars($u->getName()); + } + } + if($tmp) { + echo '
'.getMLText('mandatory_approvergroups').': '; + echo implode(', ', $tmp); + echo "
\n"; + } + } +?>

From 0dbf05334d6e7c50cff068707a5a45727e80df19 Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Wed, 2 Aug 2017 10:56:46 +0200 Subject: [PATCH 4/4] add entry for 4.3.36 --- CHANGELOG | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CHANGELOG b/CHANGELOG index a322092d9..965009234 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -10,6 +10,9 @@ - minor improvements of installation - better checking in out/*.php for allowed operation (e.g. EditOnline, RemoveVersion, SetReviewersApprovers, ...) +- SetReviewersApprovers checks for mandatory reviewers/approvers +- reviewers/approvers can only be modified by users with unrestricted access + and as long as no reviewer/approver has reviewed/approved the document -------------------------------------------------------------------------------- Changes in version 4.3.35