gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2024-11-26 15:32:13 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'seeddms-5.1.x' into seeddms-6.0.x

Browse Source
This commit is contained in:
Uwe Steinmann 2020-10-28 13:57:05 +01:00
commit 6ed79ac5dc
4 changed files with 150 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG
View File

@ -190,6 +190,8 @@
- do not set max_execution_time for scripts run by php-cli
- add link to document/folder details in each list row if onepage mode is on
- add list of rejected documents to tasks
- fix .htaccess file in restapi
- restapi: add setDocumentOwner, owner can be set when uploading a document
--------------------------------------------------------------------------------
Changes in version 5.1.20

5
restapi/.htaccess
View File

@ -1,10 +1,11 @@
RewriteEngine on
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
<IfModule mod_header.c>
<Files ~ "^swagger\.yaml">
SetHandler application/x-httpd-php
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET"
Header set Access-Control-Allow-Headers "X-Requested-With, Content-Type, Accept, Origin, Authorization"
</Files>
</IfModule>
</Files>

53
restapi/index.php
View File

@ -629,7 +629,11 @@ class RestapiController { /* {{{ */
foreach($categories as $catid) {
if($cat = $dms->getDocumentCategory($catid))
$cats[] = $cat;
}
}
$owner = null;
if($userobj->isAdmin() && isset($params["owner"]) && ctype_digit($params['owner'])) {
$owner = $dms->getUser($params["owner"]);
}
$attributes = isset($params["attributes"]) ? $params["attributes"] : array();
foreach($attributes as $attrdefid=>$attribute) {
if($attrdef = $dms->getAttributeDefinition($attrdefid)) {
@ -661,7 +665,7 @@ class RestapiController { /* {{{ */
$userfiletype = finfo_file($finfo, $temp);
$fileType = ".".pathinfo($origfilename, PATHINFO_EXTENSION);
finfo_close($finfo);
$res = $mfolder->addDocument($docname, $comment, $expires, $userobj, $keywords, $cats, $temp, $origfilename ? $origfilename : basename($temp), $fileType, $userfiletype, $sequence, array(), array(), $reqversion, $version_comment, $attributes);
$res = $mfolder->addDocument($docname, $comment, $expires, $owner ? $owner : $userobj, $keywords, $cats, $temp, $origfilename ? $origfilename : basename($temp), $fileType, $userfiletype, $sequence, array(), array(), $reqversion, $version_comment, $attributes);
// addDocumentCategories($res, $categories);
// setDocumentAttributes($res, $attributes);
@ -1351,6 +1355,10 @@ class RestapiController { /* {{{ */
return $response->withJson(array('success'=>false, 'message'=>'No access on document', 'data'=>''), 403);
}
} else {
if(!$doc)
return $response->withJson(array('success'=>false, 'message'=>'No such document', 'data'=>''), 404);
if(!$cat)
return $response->withJson(array('success'=>false, 'message'=>'No such category', 'data'=>''), 404);
return $response->withJson(array('success'=>false, 'message'=>'Could not find category or document', 'data'=>''), 500);
}
} /* }}} */
@ -1413,6 +1421,46 @@ class RestapiController { /* {{{ */
}
} /* }}} */
function setDocumentOwner($request, $response, $args) { /* {{{ */
$dms = $this->container->dms;
$userobj = $this->container->userobj;
if(!$userobj) {
return $response->withJson(array('success'=>false, 'message'=>'Not logged in', 'data'=>''), 403);
}
if(!$userobj->isAdmin()) {
return $response->withJson(array('success'=>false, 'message'=>'No access on document', 'data'=>''), 403);
}
if(!ctype_digit($args['id']) || $args['id'] == 0) {
return $response->withJson(array('success'=>false, 'message'=>'No document given', 'data'=>''), 400);
return;
}
if(!ctype_digit($args['userid']) || $args['userid'] == 0) {
return $response->withJson(array('success'=>false, 'message'=>'No user given', 'data'=>''), 400);
return;
}
$owner = $dms->getUser($args['userid']);
$doc = $dms->getDocument($args['id']);
if($doc && $owner) {
if($doc->getAccessMode($userobj, 'setDocumentOwner') > M_READ) {
if ($doc->setOwner($owner)){
return $response->withJson(array('success'=>true, 'message'=>'', 'data'=>''), 201);
} else {
return $response->withJson(array('success'=>false, 'message'=>'Could not set owner of document', 'data'=>''), 500);
}
} else {
return $response->withJson(array('success'=>false, 'message'=>'No access on document', 'data'=>''), 403);
}
} else {
if(!$doc)
return $response->withJson(array('success'=>false, 'message'=>'No such document', 'data'=>''), 404);
if(!$owner)
return $response->withJson(array('success'=>false, 'message'=>'No such user', 'data'=>''), 404);
return $response->withJson(array('success'=>false, 'message'=>'Could not find user or document', 'data'=>''), 500);
}
} /* }}} */
function getAccount($request, $response) { /* {{{ */
$dms = $this->container->dms;
$userobj = $this->container->userobj;
@ -2389,6 +2437,7 @@ $app->get('/document/{id}/preview/{version}/{width}', \RestapiController::class.
$app->delete('/document/{id}/categories', \RestapiController::class.':removeDocumentCategories');
$app->delete('/document/{id}/category/{catid}', \RestapiController::class.':removeDocumentCategory');
$app->post('/document/{id}/category/{catid}', \RestapiController::class.':addDocumentCategory');
$app->put('/document/{id}/owner/{userid}', \RestapiController::class.':setDocumentOwner');
$app->put('/account/fullname', \RestapiController::class.':setFullName');
$app->put('/account/email', \RestapiController::class.':setEmail');
$app->get('/account/documents/locked', \RestapiController::class.':getLockedDocuments');

94
restapi/swagger.yaml
View File

@ -910,6 +910,53 @@ paths:
$ref: "#/definitions/ApiResponse"
security:
- api_key: []
/document/{id}/category/{catid}:
post:
tags:
- "document"
summary: "Add a single category to document"
description: "Adds a single category to a document"
operationId: "addDocumentCategory"
produces:
- "application/json"
consumes:
- multipart/form-data
parameters:
- name: "id"
in: "path"
description: "ID of document."
type: "integer"
required: true
format: "int64"
- name: "catid"
in: "path"
description: "ID of category."
type: "integer"
required: true
format: "int64"
responses:
"201":
description: "successful operation"
schema:
$ref: "#/definitions/ApiResponse"
"400":
description: "No document or category given"
schema:
$ref: "#/definitions/ApiResponse"
"403":
description: "No access"
schema:
$ref: "#/definitions/ApiResponse"
"404":
description: "Document not found"
schema:
$ref: "#/definitions/ApiResponse"
"500":
description: "Internal error"
schema:
$ref: "#/definitions/ApiResponse"
security:
- api_key: []
/document/{id}/category/{catid}:
delete:
tags:
@ -951,6 +998,53 @@ paths:
$ref: "#/definitions/ApiResponse"
security:
- api_key: []
/document/{id}/owner/{userid}:
post:
tags:
- "document"
summary: "Set owner of document"
description: "Set owner of document"
operationId: "setDocumentOwner"
produces:
- "application/json"
consumes:
- multipart/form-data
parameters:
- name: "id"
in: "path"
description: "ID of document."
type: "integer"
required: true
format: "int64"
- name: "userid"
in: "path"
description: "ID of user."
type: "integer"
required: true
format: "int64"
responses:
"201":
description: "successful operation"
schema:
$ref: "#/definitions/ApiResponse"
"400":
description: "No document or user given"
schema:
$ref: "#/definitions/ApiResponse"
"403":
description: "No access"
schema:
$ref: "#/definitions/ApiResponse"
"404":
description: "Document not found"
schema:
$ref: "#/definitions/ApiResponse"
"500":
description: "Internal error"
schema:
$ref: "#/definitions/ApiResponse"
security:
- api_key: []
/folder/{id}:
get:
tags: