add legacy access rights for groups

inc/inc.ClassAccessOperation.php

@@ -406,7 +406,7 @@ class SeedDMS_AccessOperation {
 		return false;
 	} /* }}} */
 
-	protected function check_view_lecacy_access($view, $get=array()) { /* {{{ */
+	protected function check_view_legacy_access($view, $get=array()) { /* {{{ */
 		if($this->user->isAdmin())
 			return true;
 
@@ -419,7 +419,19 @@ class SeedDMS_AccessOperation {
 		} else {
 			return false;
 		}
-		if(array_intersect($scripts, array(
+
+		if($this->user->isGuest()) {
+			$user_allowed = array(
+				'Calendar',
+				'ErrorDlg',
+				'Help',
+				'Login',
+				'Search',
+				'ViewDocument',
+				'ViewFolder',
+			);
+		} else {
+			$user_allowed = array(
 				'AddDocument',
 				'AddEvent',
 				'AddFile',
@@ -479,7 +491,6 @@ class SeedDMS_AccessOperation {
 				'ReviseDocument',
 				'RewindWorkflow',
 				'RunSubWorkflow',
-			'SearchForm',
 				'Search',
 				'Session',
 				'SetExpires',
@@ -498,7 +509,10 @@ class SeedDMS_AccessOperation {
 				'ViewEvent',
 				'ViewFolder',
 				'WorkflowGraph',
-			'WorkflowSummary')))
+				'WorkflowSummary');
+		}
+
+		if(array_intersect($scripts, $user_allowed))
 			return true;
 
 		return false;
@@ -524,7 +538,7 @@ class SeedDMS_AccessOperation {
 	 */
 	function check_view_access($view, $get=array()) { /* {{{ */
 		if(!$this->settings->_advancedAcl) {
-			return $this->check_view_lecacy_access($view, $get);
+			return $this->check_view_legacy_access($view, $get);
 		}
 		if(is_string($view)) {
 			$scripts = array($view);