gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-02-06 15:14:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

check for access on document in mytasks and view->menutasks (Ticket #88)

Browse Source 
previously documents where listed, even if the user had no access
This commit is contained in:
Uwe Steinmann 2016-11-14 08:38:12 +01:00
parent a560035482
commit 718762d284
1 changed files with 32 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
op/op.Ajax.php
View File

@ -535,25 +535,37 @@ switch($command) {
$resArr = $dms->getDocumentList('ApproveByMe', $user); $resArr = $dms->getDocumentList('ApproveByMe', $user);
if($resArr) { if($resArr) {
foreach ($resArr as $res) { foreach ($resArr as $res) {
$approvals[] = $res['id']; $document = $dms->getDocument($res["id"]);
if($document->getAccessMode($user) >= M_READ && $document->getLatestContent()) {
$approvals[] = $res['id'];
}
} }
} }
$resArr = $dms->getDocumentList('ReviewByMe', $user); $resArr = $dms->getDocumentList('ReviewByMe', $user);
if($resArr) { if($resArr) {
foreach ($resArr as $res) { foreach ($resArr as $res) {
$reviews[] = $res['id']; $document = $dms->getDocument($res["id"]);
if($document->getAccessMode($user) >= M_READ && $document->getLatestContent()) {
$reviews[] = $res['id'];
}
} }
} }
$resArr = $dms->getDocumentList('ReceiptByMe', $user); $resArr = $dms->getDocumentList('ReceiptByMe', $user);
if($resArr) { if($resArr) {
foreach ($resArr as $res) { foreach ($resArr as $res) {
$receipts[] = $res['id']; $document = $dms->getDocument($res["id"]);
if($document->getAccessMode($user) >= M_READ && $document->getLatestContent()) {
$receipts[] = $res['id'];
}
} }
} }
$resArr = $dms->getDocumentList('ReviseByMe', $user); $resArr = $dms->getDocumentList('ReviseByMe', $user);
if($resArr) { if($resArr) {
foreach ($resArr as $res) { foreach ($resArr as $res) {
$revisions[] = $res['id']; $document = $dms->getDocument($res["id"]);
if($document->getAccessMode($user) >= M_READ && $document->getLatestContent()) {
$revisions[] = $res['id'];
}
} }
} }
$content = $view->menuTasks(array('review'=>$reviews, 'approval'=>$approvals, 'receipt'=>$receipts, 'revision'=>$revisions)); $content = $view->menuTasks(array('review'=>$reviews, 'approval'=>$approvals, 'receipt'=>$receipts, 'revision'=>$revisions));
@ -871,25 +883,37 @@ switch($command) {
$resArr = $dms->getDocumentList('ApproveByMe', $user); $resArr = $dms->getDocumentList('ApproveByMe', $user);
if($resArr) { if($resArr) {
foreach ($resArr as $res) { foreach ($resArr as $res) {
$approvals[] = array('id'=>$res['id'], 'name'=>$res['name']); $document = $dms->getDocument($res["id"]);
if($document->getAccessMode($user) >= M_READ && $document->getLatestContent()) {
$approvals[] = array('id'=>$res['id'], 'name'=>$res['name']);
}
} }
} }
$resArr = $dms->getDocumentList('ReviewByMe', $user); $resArr = $dms->getDocumentList('ReviewByMe', $user);
if($resArr) { if($resArr) {
foreach ($resArr as $res) { foreach ($resArr as $res) {
$reviews[] = array('id'=>$res['id'], 'name'=>$res['name']); $document = $dms->getDocument($res["id"]);
if($document->getAccessMode($user) >= M_READ && $document->getLatestContent()) {
$reviews[] = array('id'=>$res['id'], 'name'=>$res['name']);
}
} }
} }
$resArr = $dms->getDocumentList('ReceiptByMe', $user); $resArr = $dms->getDocumentList('ReceiptByMe', $user);
if($resArr) { if($resArr) {
foreach ($resArr as $res) { foreach ($resArr as $res) {
$receipts[] = array('id'=>$res['id'], 'name'=>$res['name']); $document = $dms->getDocument($res["id"]);
if($document->getAccessMode($user) >= M_READ && $document->getLatestContent()) {
$receipts[] = array('id'=>$res['id'], 'name'=>$res['name']);
}
} }
} }
$resArr = $dms->getDocumentList('ReviseByMe', $user); $resArr = $dms->getDocumentList('ReviseByMe', $user);
if($resArr) { if($resArr) {
foreach ($resArr as $res) { foreach ($resArr as $res) {
$revisions[] = array('id'=>$res['id'], 'name'=>$res['name']); $document = $dms->getDocument($res["id"]);
if($document->getAccessMode($user) >= M_READ && $document->getLatestContent()) {
$revisions[] = array('id'=>$res['id'], 'name'=>$res['name']);
}
} }
} }
header('Content-Type: application/json'); header('Content-Type: application/json');