From 9565010cd0bc00971a99ad506991f166078ee286 Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Sun, 18 Apr 2021 19:39:37 +0200 Subject: [PATCH] pass AccessOperation to view --- out/out.AddDocument.php | 3 +++ out/out.AddEvent.php | 1 + out/out.AddSubFolder.php | 3 +++ out/out.AdminTools.php | 2 ++ out/out.ApprovalSummary.php | 2 ++ out/out.AttributeMgr.php | 4 ++-- out/out.BackupTools.php | 2 ++ out/out.Calendar.php | 4 ++-- out/out.Categories.php | 2 ++ out/out.ChangePassword.php | 3 ++- out/out.Charts.php | 3 ++- out/out.ClearCache.php | 2 ++ out/out.CreateIndex.php | 2 ++ out/out.DefaultKeywords.php | 2 ++ out/out.EditEvent.php | 2 ++ out/out.EditFolder.php | 4 ++++ out/out.EditOnline.php | 1 - out/out.EditUserData.php | 2 ++ out/out.ExpiredDocuments.php | 2 ++ out/out.ExtensionMgr.php | 2 ++ out/out.FolderAccess.php | 2 ++ out/out.FolderNotify.php | 2 ++ out/out.GroupMgr.php | 2 ++ out/out.GroupView.php | 2 ++ out/out.Hooks.php | 2 ++ out/out.ImportFS.php | 2 ++ out/out.IndexInfo.php | 2 ++ out/out.Indexer.php | 2 ++ out/out.Info.php | 2 ++ out/out.LogManagement.php | 2 ++ out/out.ManageNotify.php | 3 ++- out/out.MoveFolder.php | 2 ++ out/out.MyAccount.php | 2 ++ out/out.MyDocuments.php | 2 ++ out/out.ObjectCheck.php | 3 ++- out/out.PasswordForgotten.php | 11 +++++++++-- out/out.PasswordSend.php | 4 +++- out/out.RemoveDump.php | 2 ++ out/out.RemoveFolder.php | 2 ++ out/out.RemoveFolderFiles.php | 1 + out/out.RemoveGroup.php | 2 ++ out/out.RemoveLog.php | 2 ++ out/out.RemoveUser.php | 2 ++ out/out.RemoveUserFromProcesses.php | 10 ++++++++-- out/out.RemoveWorkflow.php | 2 ++ out/out.ReturnFromSubWorkflow.php | 10 +++++++--- out/out.ReviewSummary.php | 3 ++- out/out.Session.php | 2 +- out/out.Settings.php | 2 ++ out/out.Statistic.php | 2 ++ out/out.SubstituteUser.php | 2 ++ out/out.TransferObjects.php | 9 ++++++--- out/out.UserDefaultKeywords.php | 2 ++ out/out.UserList.php | 2 ++ out/out.UsrMgr.php | 2 ++ out/out.UsrView.php | 2 ++ out/out.ViewEvent.php | 2 ++ out/out.ViewFolder.php | 2 ++ out/out.WorkflowActionsMgr.php | 2 ++ out/out.WorkflowGraph.php | 2 ++ out/out.WorkflowMgr.php | 2 ++ out/out.WorkflowStatesMgr.php | 2 ++ out/out.WorkflowSummary.php | 2 ++ 63 files changed, 148 insertions(+), 22 deletions(-) diff --git a/out/out.AddDocument.php b/out/out.AddDocument.php index cfefbf0c1..4062b943d 100644 --- a/out/out.AddDocument.php +++ b/out/out.AddDocument.php @@ -46,6 +46,8 @@ if ($folder->getAccessMode($user) < M_READWRITE) { UI::exitError(getMLText("folder_title", array("foldername" => htmlspecialchars($folder->getName()))),getMLText("access_denied")); } +$accessop = new SeedDMS_AccessOperation($dms, $folder, $user, $settings); + if($settings->_quota > 0) { $remain = checkQuota($user); if ($remain < 0) { @@ -69,6 +71,7 @@ if($view) { $view->setParam('sortusersinlist', $settings->_sortUsersInList); $view->setParam('defaultposition', $settings->_defaultDocPosition); $view->setParam('orderby', $settings->_sortFoldersDefault); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.AddEvent.php b/out/out.AddEvent.php index 07bf8b70c..8f8f0d6d9 100644 --- a/out/out.AddEvent.php +++ b/out/out.AddEvent.php @@ -35,6 +35,7 @@ if ($user->isGuest()) { } if($view) { + $view->setParam('accessobject', $accessop); $view->setParam('strictformcheck', $settings->_strictFormCheck); $view($_GET); exit; diff --git a/out/out.AddSubFolder.php b/out/out.AddSubFolder.php index e949f345c..ad27dada0 100644 --- a/out/out.AddSubFolder.php +++ b/out/out.AddSubFolder.php @@ -45,11 +45,14 @@ if ($folder->getAccessMode($user) < M_READWRITE) { UI::exitError(getMLText("folder_title", array("foldername" => htmlspecialchars($folder->getName()))),getMLText("access_denied")); } +$accessop = new SeedDMS_AccessOperation($dms, $folder, $user, $settings); + if($view) { $view->setParam('folder', $folder); $view->setParam('strictformcheck', $settings->_strictFormCheck); $view->setParam('defaultposition', $settings->_defaultDocPosition); $view->setParam('orderby', $settings->_sortFoldersDefault); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.AdminTools.php b/out/out.AdminTools.php index 506bcbde1..35557c271 100644 --- a/out/out.AdminTools.php +++ b/out/out.AdminTools.php @@ -29,6 +29,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -36,5 +37,6 @@ if (!$user->isAdmin()) { if($view) { $view->setParam('enablefullsearch', $settings->_enableFullSearch); $view->setParam('logfileenable', $settings->_logFileEnable); + $view->setParam('accessobject', $accessop); $view($_GET); } diff --git a/out/out.ApprovalSummary.php b/out/out.ApprovalSummary.php index 6c625d9eb..8fff6f38e 100644 --- a/out/out.ApprovalSummary.php +++ b/out/out.ApprovalSummary.php @@ -31,6 +31,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, $folder, $user, $settings); if ($user->isGuest()) { UI::exitError(getMLText("my_documents"),getMLText("access_denied")); @@ -41,6 +42,7 @@ if($view) { $view->setParam('cachedir', $settings->_cacheDir); $view->setParam('previewWidthList', $settings->_previewWidthList); $view->setParam('timeout', $settings->_cmdTimeout); + $view->setParam('accessobject', $accessop); $view->setParam('xsendfile', $settings->_enableXsendfile); $view->setParam('onepage', $settings->_onePageMode); // do most navigation by reloading areas of pages with ajax $view($_GET); diff --git a/out/out.AttributeMgr.php b/out/out.AttributeMgr.php index e4a4cfcd6..f882ec36f 100644 --- a/out/out.AttributeMgr.php +++ b/out/out.AttributeMgr.php @@ -32,12 +32,11 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } -$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); - $attrdefs = $dms->getAllAttributeDefinitions(); if(isset($_GET['attrdefid']) && $_GET['attrdefid']) { @@ -57,6 +56,7 @@ if($view) { $view->setParam('maxRecursiveCount', $settings->_maxRecursiveCount); $view->setParam('previewWidthList', $settings->_previewWidthList); $view->setParam('timeout', $settings->_cmdTimeout); + $view->setParam('accessobject', $accessop); $view->setParam('xsendfile', $settings->_enableXsendfile); $view($_GET); } diff --git a/out/out.BackupTools.php b/out/out.BackupTools.php index 1ffd6b342..105f5fa9f 100644 --- a/out/out.BackupTools.php +++ b/out/out.BackupTools.php @@ -30,6 +30,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user, 'contentdir'=>$settings->_contentDir)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -42,6 +43,7 @@ if($view) { $view->setParam('backupdir', $settings->_contentDir); $view->setParam('hasbackupdir', false); } + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.Calendar.php b/out/out.Calendar.php index 9c0ddda64..fd0a2fb51 100644 --- a/out/out.Calendar.php +++ b/out/out.Calendar.php @@ -31,6 +31,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (isset($_GET["start"])) $start=$_GET["start"]; else $start = ''; @@ -45,8 +46,6 @@ if(isset($_GET['documentid']) && $_GET['documentid'] && is_numeric($_GET['docume } else $document = null; -$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); - $calendar = new SeedDMS_Calendar($dms->getDB(), $user); if(isset($_GET['eventid']) && $_GET['eventid'] && is_numeric($_GET['eventid'])) { @@ -80,6 +79,7 @@ if($view) { $view->setParam('previewWidthList', $settings->_previewWidthList); $view->setParam('previewWidthDetail', $settings->_previewWidthDetail); $view->setParam('timeout', $settings->_cmdTimeout); + $view->setParam('accessobject', $accessop); $view->setParam('xsendfile', $settings->_enableXsendfile); $view($_GET); exit; diff --git a/out/out.Categories.php b/out/out.Categories.php index 35092df49..8630776d6 100644 --- a/out/out.Categories.php +++ b/out/out.Categories.php @@ -31,6 +31,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -46,6 +47,7 @@ if(isset($_GET['categoryid']) && $_GET['categoryid']) { if($view) { $view->setParam('categories', $categories); $view->setParam('selcategory', $selcat); + $view->setParam('accessobject', $accessop); $view->setParam('showtree', showtree()); $view->setParam('cachedir', $settings->_cacheDir); $view->setParam('previewWidthList', $settings->_previewWidthList); diff --git a/out/out.ChangePassword.php b/out/out.ChangePassword.php index 7121b40da..48003a9b9 100644 --- a/out/out.ChangePassword.php +++ b/out/out.ChangePassword.php @@ -44,7 +44,8 @@ if (isset($_REQUEST["hash"]) && strlen($_REQUEST["hash"])>0) { $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'referuri'=>$referuri, 'hash'=>$hash, 'passwordstrength'=>$settings->_passwordStrength)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if($view) { + $view->setParam('accessobject', $accessop); $view($_GET); - exit; } diff --git a/out/out.Charts.php b/out/out.Charts.php index ad06a2d29..5dcd83c8b 100644 --- a/out/out.Charts.php +++ b/out/out.Charts.php @@ -30,7 +30,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); - +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -52,6 +52,7 @@ if($data = $dms->getStatisticalData($type)) { if($view) { $view->setParam('type', $type); $view->setParam('data', $data); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.ClearCache.php b/out/out.ClearCache.php index bffd8203f..d8a5c42b3 100644 --- a/out/out.ClearCache.php +++ b/out/out.ClearCache.php @@ -32,12 +32,14 @@ require_once("inc/inc.ClassUI.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } if($view) { $view->setParam('cachedir', $settings->_cacheDir); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.CreateIndex.php b/out/out.CreateIndex.php index ce6614e61..a17958db5 100644 --- a/out/out.CreateIndex.php +++ b/out/out.CreateIndex.php @@ -33,6 +33,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -43,6 +44,7 @@ if(!$settings->_enableFullSearch) { if($view) { $view->setParam('enablefullsearch', $settings->_enableFullSearch); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.DefaultKeywords.php b/out/out.DefaultKeywords.php index 38f4d9b3a..dba41a2e5 100644 --- a/out/out.DefaultKeywords.php +++ b/out/out.DefaultKeywords.php @@ -31,6 +31,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -45,6 +46,7 @@ $categories = $dms->getAllUserKeywordCategories($user->getID()); if($view) { $view->setParam('categories', $categories); $view->setParam('selcategoryid', $selcategoryid); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.EditEvent.php b/out/out.EditEvent.php index f5e382ba5..cebb0a59a 100644 --- a/out/out.EditEvent.php +++ b/out/out.EditEvent.php @@ -30,6 +30,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if ($user->isGuest()) { UI::exitError(getMLText("edit_event"),getMLText("access_denied")); @@ -51,6 +52,7 @@ if (($user->getID()!=$event["userID"])&&(!$user->isAdmin())){ if($view) { $view->setParam('event', $event); $view->setParam('strictformcheck', $settings->_strictFormCheck); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.EditFolder.php b/out/out.EditFolder.php index ff359c534..0ad1245d7 100644 --- a/out/out.EditFolder.php +++ b/out/out.EditFolder.php @@ -31,6 +31,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!isset($_GET["folderid"]) || !is_numeric($_GET["folderid"]) || intval($_GET["folderid"])<1) { UI::exitError(getMLText("folder_title", array("foldername" => getMLText("invalid_folder_id"))),getMLText("invalid_folder_id")); @@ -45,6 +46,8 @@ if ($folder->getAccessMode($user) < M_READWRITE) { UI::exitError(getMLText("folder_title", array("foldername" => htmlspecialchars($folder->getName()))),getMLText("access_denied")); } +$accessop = new SeedDMS_AccessOperation($dms, $folder, $user, $settings); + $attrdefs = $dms->getAllAttributeDefinitions(array(SeedDMS_Core_AttributeDefinition::objtype_folder, SeedDMS_Core_AttributeDefinition::objtype_all)); if($view) { @@ -53,6 +56,7 @@ if($view) { $view->setParam('strictformcheck', $settings->_strictFormCheck); $view->setParam('rootfolderid', $settings->_rootFolderID); $view->setParam('orderby', $settings->_sortFoldersDefault); + $view->setParam('accessobject', $accessop); $view->setParam('defaultposition', $settings->_defaultDocPosition); $view($_GET); exit; diff --git a/out/out.EditOnline.php b/out/out.EditOnline.php index 184dae150..8f381066b 100644 --- a/out/out.EditOnline.php +++ b/out/out.EditOnline.php @@ -33,7 +33,6 @@ $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); $documentid = $_GET["documentid"]; - if (!isset($documentid) || !is_numeric($documentid) || intval($documentid)<1) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } diff --git a/out/out.EditUserData.php b/out/out.EditUserData.php index 6f2507f8d..4694261db 100644 --- a/out/out.EditUserData.php +++ b/out/out.EditUserData.php @@ -31,6 +31,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if ($user->isGuest()) { UI::exitError(getMLText("edit_user_details"),getMLText("access_denied")); @@ -47,6 +48,7 @@ if($view) { $view->setParam('enablethemeselector', $settings->_enableThemeSelector); $view->setParam('passwordstrength', $settings->_passwordStrength); $view->setParam('httproot', $settings->_httpRoot); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.ExpiredDocuments.php b/out/out.ExpiredDocuments.php index 89e296e16..9c35deadd 100644 --- a/out/out.ExpiredDocuments.php +++ b/out/out.ExpiredDocuments.php @@ -31,6 +31,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if ($user->isGuest()) { UI::exitError(getMLText("expired_documents"),getMLText("access_denied")); } @@ -51,6 +52,7 @@ if($view) { $view->setParam('cachedir', $settings->_cacheDir); $view->setParam('previewWidthList', $settings->_previewWidthList); $view->setParam('timeout', $settings->_cmdTimeout); + $view->setParam('accessobject', $accessop); $view->setParam('xsendfile', $settings->_enableXsendfile); $view($_GET); exit; diff --git a/out/out.ExtensionMgr.php b/out/out.ExtensionMgr.php index 1f9ebda80..f3e45fd2f 100644 --- a/out/out.ExtensionMgr.php +++ b/out/out.ExtensionMgr.php @@ -29,6 +29,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -50,6 +51,7 @@ if($view) { $view->setParam('httproot', $settings->_httpRoot); $view->setParam('extdir', $settings->_rootDir."/ext"); $view->setParam('version', $v); + $view->setParam('accessobject', $accessop); $view->setParam('extmgr', $extmgr); $view->setParam('currenttab', $currenttab); $view->setParam('extname', $extname); diff --git a/out/out.FolderAccess.php b/out/out.FolderAccess.php index f0f1b6abd..70172e001 100644 --- a/out/out.FolderAccess.php +++ b/out/out.FolderAccess.php @@ -32,6 +32,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!isset($_GET["folderid"]) || !is_numeric($_GET["folderid"]) || intval($_GET["folderid"])<1) { UI::exitError(getMLText("folder_title", array("foldername" => getMLText("invalid_folder_id"))),getMLText("invalid_folder_id")); @@ -54,6 +55,7 @@ if($view) { $view->setParam('allusers', $allUsers); $view->setParam('allgroups', $allGroups); $view->setParam('rootfolderid', $settings->_rootFolderID); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.FolderNotify.php b/out/out.FolderNotify.php index 6835be081..3411eca66 100644 --- a/out/out.FolderNotify.php +++ b/out/out.FolderNotify.php @@ -31,6 +31,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!isset($_GET["folderid"]) || !is_numeric($_GET["folderid"]) || intval($_GET["folderid"])<1) { UI::exitError(getMLText("folder_title", array("foldername" => getMLText("invalid_folder_id"))),getMLText("invalid_folder_id")); @@ -52,6 +53,7 @@ if($view) { $view->setParam('folder', $folder); $view->setParam('allusers', $allUsers); $view->setParam('allgroups', $allGroups); + $view->setParam('accessobject', $accessop); $view->setParam('sortusersinlist', $settings->_sortUsersInList); $view($_GET); exit; diff --git a/out/out.GroupMgr.php b/out/out.GroupMgr.php index 1ee9cbfc7..be209d7ae 100644 --- a/out/out.GroupMgr.php +++ b/out/out.GroupMgr.php @@ -31,6 +31,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -60,6 +61,7 @@ if($view) { $view->setParam('previewWidthList', $settings->_previewWidthList); $view->setParam('workflowmode', $settings->_workflowMode); $view->setParam('timeout', $settings->_cmdTimeout); + $view->setParam('accessobject', $accessop); $view->setParam('xsendfile', $settings->_enableXsendfile); $view($_GET); } diff --git a/out/out.GroupView.php b/out/out.GroupView.php index 4fb8e4133..7442f8783 100644 --- a/out/out.GroupView.php +++ b/out/out.GroupView.php @@ -29,6 +29,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if ($user->isGuest()) { UI::exitError(getMLText("my_account"),getMLText("access_denied")); @@ -51,6 +52,7 @@ if (is_bool($allGroups)) { if($view) { $view->setParam('allusers', $allUsers); $view->setParam('allgroups', $allGroups); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.Hooks.php b/out/out.Hooks.php index 6c4704227..6acc28c43 100644 --- a/out/out.Hooks.php +++ b/out/out.Hooks.php @@ -28,6 +28,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$settings->_enableDebugMode) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -37,6 +38,7 @@ if (!$user->isAdmin()) { if($view) { $view->setParam('settings', $settings); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.ImportFS.php b/out/out.ImportFS.php index 95095794b..782c55539 100644 --- a/out/out.ImportFS.php +++ b/out/out.ImportFS.php @@ -30,12 +30,14 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } if($view) { $view->setParam('dropfolderdir', $settings->_dropFolderDir); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.IndexInfo.php b/out/out.IndexInfo.php index 5bfb894f6..2a08d87f5 100644 --- a/out/out.IndexInfo.php +++ b/out/out.IndexInfo.php @@ -32,6 +32,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -47,6 +48,7 @@ if(!$index) { if($view) { $view->setParam('index', $index); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.Indexer.php b/out/out.Indexer.php index aeb445973..9b6fc49ca 100644 --- a/out/out.Indexer.php +++ b/out/out.Indexer.php @@ -32,6 +32,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -80,6 +81,7 @@ if($view) { $view->setParam('folder', $folder); $view->setParam('converters', $settings->_converters['fulltext']); $view->setParam('timeout', $settings->_cmdTimeout); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.Info.php b/out/out.Info.php index 079fc9986..fb8fb3468 100644 --- a/out/out.Info.php +++ b/out/out.Info.php @@ -32,6 +32,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -53,6 +54,7 @@ $extmgr = new SeedDMS_Extension_Mgr($settings->_rootDir."/ext", $settings->_cach if($view) { $view->setParam('version', $v); $view->setParam('availversions', $versions); + $view->setParam('accessobject', $accessop); $view->setParam('extmgr', $extmgr); $view($_GET); exit; diff --git a/out/out.LogManagement.php b/out/out.LogManagement.php index 366c655b4..03a85496e 100644 --- a/out/out.LogManagement.php +++ b/out/out.LogManagement.php @@ -30,6 +30,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -44,6 +45,7 @@ if($view) { $view->setParam('logname', $logname); $view->setParam('mode', $mode); $view->setParam('logdir', $settings->_contentDir.'log/'); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.ManageNotify.php b/out/out.ManageNotify.php index 5678023ba..dcf8c3840 100644 --- a/out/out.ManageNotify.php +++ b/out/out.ManageNotify.php @@ -29,7 +29,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); - +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if ($user->isGuest()) { UI::exitError(getMLText("my_account"),getMLText("access_denied")); } @@ -41,6 +41,7 @@ if($view) { $view->setParam('cachedir', $settings->_cacheDir); $view->setParam('previewWidthList', $settings->_previewWidthList); $view->setParam('timeout', $settings->_cmdTimeout); + $view->setParam('accessobject', $accessop); $view->setParam('onepage', $settings->_onePageMode); // do most navigation by reloading areas of pages with ajax $view->setParam('xsendfile', $settings->_enableXsendfile); $view($_GET); diff --git a/out/out.MoveFolder.php b/out/out.MoveFolder.php index 4cb369ca6..d96dca56f 100644 --- a/out/out.MoveFolder.php +++ b/out/out.MoveFolder.php @@ -31,6 +31,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!isset($_GET["folderid"]) || !is_numeric($_GET["folderid"]) || intval($_GET["folderid"])<1) { UI::exitError(getMLText("folder_title", array("foldername" => getMLText("invalid_folder_id"))),getMLText("invalid_folder_id")); @@ -70,6 +71,7 @@ if(isset($_GET['targetid']) && $_GET['targetid']) { if($view) { $view->setParam('folder', $folder); $view->setParam('target', $target); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.MyAccount.php b/out/out.MyAccount.php index 33e713bbe..e68a70bb4 100644 --- a/out/out.MyAccount.php +++ b/out/out.MyAccount.php @@ -31,6 +31,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if ($user->isGuest()) { UI::exitError(getMLText("my_account"),getMLText("access_denied")); @@ -41,6 +42,7 @@ if($view) { $view->setParam('passwordexpiration', $settings->_passwordExpiration); $view->setParam('httproot', $settings->_httpRoot); $view->setParam('quota', $settings->_quota); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.MyDocuments.php b/out/out.MyDocuments.php index fff285cdf..311488d1d 100644 --- a/out/out.MyDocuments.php +++ b/out/out.MyDocuments.php @@ -31,6 +31,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if ($user->isGuest()) { UI::exitError(getMLText("my_documents"),getMLText("access_denied")); @@ -56,6 +57,7 @@ if($view) { $view->setParam('cachedir', $settings->_cacheDir); $view->setParam('previewWidthList', $settings->_previewWidthList); $view->setParam('timeout', $settings->_cmdTimeout); + $view->setParam('accessobject', $accessop); $view->setParam('xsendfile', $settings->_enableXsendfile); $view->setParam('onepage', $settings->_onePageMode); // do most navigation by reloading areas of pages with ajax $view($_GET); diff --git a/out/out.ObjectCheck.php b/out/out.ObjectCheck.php index ee27b537d..144674e52 100644 --- a/out/out.ObjectCheck.php +++ b/out/out.ObjectCheck.php @@ -32,7 +32,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); - +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -90,6 +90,7 @@ if($view) { $view->setParam('repair', $repair); $view->setParam('showtree', showtree()); $view->setParam('rootfolder', $rootfolder); + $view->setParam('accessobject', $accessop); $view->setParam('previewWidthList', $settings->_previewWidthList); $view->setParam('previewConverters', isset($settings->_converters['preview']) ? $settings->_converters['preview'] : array()); $view->setParam('timeout', $settings->_cmdTimeout); diff --git a/out/out.PasswordForgotten.php b/out/out.PasswordForgotten.php index abfd35349..2c4f53587 100644 --- a/out/out.PasswordForgotten.php +++ b/out/out.PasswordForgotten.php @@ -24,18 +24,25 @@ require_once("inc/inc.LogInit.php"); require_once("inc/inc.Language.php"); require_once("inc/inc.Init.php"); require_once("inc/inc.Extension.php"); +require_once("inc/inc.DBInit.php"); +require_once("inc/inc.ClassAccessOperation.php"); require_once("inc/inc.ClassUI.php"); include $settings->_rootDir . "languages/" . $settings->_language . "/lang.inc"; +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1]); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); + if (isset($_REQUEST["referuri"]) && strlen($_REQUEST["referuri"])>0) { $referrer = $_REQUEST["referuri"]; } else { $referrer = ''; } -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('referrer'=>$referrer)); if($view) { + $view->setParam('accessobject', $accessop); + $view->setParam('referrer', $referrer); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.PasswordSend.php b/out/out.PasswordSend.php index abfd35349..2c45ad807 100644 --- a/out/out.PasswordSend.php +++ b/out/out.PasswordSend.php @@ -35,7 +35,9 @@ if (isset($_REQUEST["referuri"]) && strlen($_REQUEST["referuri"])>0) { } $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('referrer'=>$referrer)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if($view) { + $view->setParam('accessobject', $accessop); + $view->setParam('referrer', $referrer); $view($_GET); - exit; } diff --git a/out/out.RemoveDump.php b/out/out.RemoveDump.php index b77a807dc..b4ef8cf65 100644 --- a/out/out.RemoveDump.php +++ b/out/out.RemoveDump.php @@ -29,6 +29,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -41,6 +42,7 @@ $dumpname = $_GET["dumpname"]; if($view) { $view->setParam('dumpfile', $dumpname); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.RemoveFolder.php b/out/out.RemoveFolder.php index fbaf16f51..ad172c7d0 100644 --- a/out/out.RemoveFolder.php +++ b/out/out.RemoveFolder.php @@ -31,6 +31,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!isset($_GET["folderid"]) || !is_numeric($_GET["folderid"]) || intval($_GET["folderid"])<1) { UI::exitError(getMLText("folder_title", array("foldername" => getMLText("invalid_folder_id"))),getMLText("invalid_folder_id")); @@ -52,6 +53,7 @@ if ($folder->getAccessMode($user) < M_ALL) { if($view) { $view->setParam('folder', $folder); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.RemoveFolderFiles.php b/out/out.RemoveFolderFiles.php index 725f44034..01bc467a2 100644 --- a/out/out.RemoveFolderFiles.php +++ b/out/out.RemoveFolderFiles.php @@ -29,6 +29,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } diff --git a/out/out.RemoveGroup.php b/out/out.RemoveGroup.php index 3739786d4..5956fc765 100644 --- a/out/out.RemoveGroup.php +++ b/out/out.RemoveGroup.php @@ -30,6 +30,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -45,6 +46,7 @@ if (!is_object($group)) { if($view) { $view->setParam('group', $group); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.RemoveLog.php b/out/out.RemoveLog.php index 2b2728146..96002c535 100644 --- a/out/out.RemoveLog.php +++ b/out/out.RemoveLog.php @@ -29,6 +29,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -56,6 +57,7 @@ foreach($lognames as $file) { if($view) { $view->setParam('lognames', $lognames); $view->setParam('mode', $mode); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.RemoveUser.php b/out/out.RemoveUser.php index 664734210..9eba8ff8d 100644 --- a/out/out.RemoveUser.php +++ b/out/out.RemoveUser.php @@ -30,6 +30,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -56,6 +57,7 @@ $allusers = $dms->getAllUsers($settings->_sortUsersInList); if($view) { $view->setParam('rmuser', $rmuser); $view->setParam('allusers', $allusers); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.RemoveUserFromProcesses.php b/out/out.RemoveUserFromProcesses.php index e94be29c5..41ad60e2b 100644 --- a/out/out.RemoveUserFromProcesses.php +++ b/out/out.RemoveUserFromProcesses.php @@ -20,6 +20,7 @@ if(!isset($settings)) require_once("../inc/inc.Settings.php"); +require_once("inc/inc.LogInit.php"); require_once("inc/inc.Language.php"); require_once("inc/inc.Init.php"); require_once("inc/inc.Extension.php"); @@ -27,6 +28,9 @@ require_once("inc/inc.DBInit.php"); require_once("inc/inc.ClassUI.php"); require_once("inc/inc.Authentication.php"); +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -44,10 +48,12 @@ if ($rmuser->getID()==$user->getID()) { UI::exitError(getMLText("rm_user"),getMLText("cannot_delete_yourself")); } -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$allusers = $dms->getAllUsers($settings->_sortUsersInList); + if($view) { $view->setParam('rmuser', $rmuser); + $view->setParam('allusers', $allusers); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.RemoveWorkflow.php b/out/out.RemoveWorkflow.php index b33c0b046..90606a13c 100644 --- a/out/out.RemoveWorkflow.php +++ b/out/out.RemoveWorkflow.php @@ -32,6 +32,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -47,6 +48,7 @@ if (!is_object($workflow)) { if($view) { $view->setParam('workflow', $workflow); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.ReturnFromSubWorkflow.php b/out/out.ReturnFromSubWorkflow.php index 6203594fb..7313e08cd 100644 --- a/out/out.ReturnFromSubWorkflow.php +++ b/out/out.ReturnFromSubWorkflow.php @@ -24,11 +24,16 @@ if(!isset($settings)) require_once("inc/inc.LogInit.php"); require_once("inc/inc.Utils.php"); require_once("inc/inc.Language.php"); -require_once("inc/inc.Language.php"); +require_once("inc/inc.Init.php"); +require_once("inc/inc.Extension.php"); require_once("inc/inc.DBInit.php"); require_once("inc/inc.ClassUI.php"); require_once("inc/inc.Authentication.php"); +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); + if (!isset($_GET["documentid"]) || !is_numeric($_GET["documentid"]) || intval($_GET["documentid"])<1) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } @@ -65,13 +70,12 @@ if(isset($_GET["transition"]) && $_GET["transition"]) { $folder = $document->getFolder(); -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); if($view) { $view->setParam('folder', $folder); $view->setParam('document', $document); $view->setParam('version', $version); $view->setParam('transition', $transition); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.ReviewSummary.php b/out/out.ReviewSummary.php index 6c625d9eb..7b651594c 100644 --- a/out/out.ReviewSummary.php +++ b/out/out.ReviewSummary.php @@ -31,7 +31,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); - +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if ($user->isGuest()) { UI::exitError(getMLText("my_documents"),getMLText("access_denied")); } @@ -41,6 +41,7 @@ if($view) { $view->setParam('cachedir', $settings->_cacheDir); $view->setParam('previewWidthList', $settings->_previewWidthList); $view->setParam('timeout', $settings->_cmdTimeout); + $view->setParam('accessobject', $accessop); $view->setParam('xsendfile', $settings->_enableXsendfile); $view->setParam('onepage', $settings->_onePageMode); // do most navigation by reloading areas of pages with ajax $view($_GET); diff --git a/out/out.Session.php b/out/out.Session.php index 5dca7b496..0e1d9c126 100644 --- a/out/out.Session.php +++ b/out/out.Session.php @@ -21,6 +21,7 @@ if(!isset($settings)) require_once("../inc/inc.Settings.php"); +require_once("inc/inc.LogInit.php"); require_once("inc/inc.Utils.php"); require_once("inc/inc.Language.php"); require_once("inc/inc.Init.php"); @@ -28,7 +29,6 @@ require_once("inc/inc.Extension.php"); require_once("inc/inc.DBInit.php"); require_once("inc/inc.ClassUI.php"); require_once("inc/inc.Authentication.php"); -require_once("inc/inc.ClassAccessOperation.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); diff --git a/out/out.Settings.php b/out/out.Settings.php index bf9f31076..49a381598 100644 --- a/out/out.Settings.php +++ b/out/out.Settings.php @@ -29,6 +29,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -42,6 +43,7 @@ if($view) { $view->setParam('currenttab', (isset($_REQUEST['currenttab']) ? $_REQUEST['currenttab'] : '')); $view->setParam('allusers', $users); $view->setParam('allgroups', $groups); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.Statistic.php b/out/out.Statistic.php index 38248a267..4de20e18d 100644 --- a/out/out.Statistic.php +++ b/out/out.Statistic.php @@ -30,6 +30,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -38,6 +39,7 @@ $rootfolder = $dms->getRootFolder(); if($view) { $view->setParam('rootfolder', $rootfolder); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.SubstituteUser.php b/out/out.SubstituteUser.php index 6ff6b5572..1d6800cd7 100644 --- a/out/out.SubstituteUser.php +++ b/out/out.SubstituteUser.php @@ -30,6 +30,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1]); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -40,6 +41,7 @@ if($view) { $view->setParam('dms', $dms); $view->setParam('user', $user); $view->setParam('allusers', $allUsers); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.TransferObjects.php b/out/out.TransferObjects.php index 369fb7736..a8918e107 100644 --- a/out/out.TransferObjects.php +++ b/out/out.TransferObjects.php @@ -20,6 +20,7 @@ if(!isset($settings)) require_once("../inc/inc.Settings.php"); +require_once("inc/inc.LogInit.php"); require_once("inc/inc.Language.php"); require_once("inc/inc.Init.php"); require_once("inc/inc.Extension.php"); @@ -27,6 +28,9 @@ require_once("inc/inc.DBInit.php"); require_once("inc/inc.ClassUI.php"); require_once("inc/inc.Authentication.php"); +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -41,16 +45,15 @@ if (!is_object($rmuser)) { } if ($rmuser->getID()==$user->getID()) { - UI::exitError(getMLText("transfer_objects"),getMLText("cannot_delete_yourself")); + UI::exitError(getMLText("transfer_objects"),getMLText("cannot_transfer_your_objects")); } $allusers = $dms->getAllUsers($settings->_sortUsersInList); -$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); -$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); if($view) { $view->setParam('rmuser', $rmuser); $view->setParam('allusers', $allusers); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.UserDefaultKeywords.php b/out/out.UserDefaultKeywords.php index 25682bed0..80843d9c7 100644 --- a/out/out.UserDefaultKeywords.php +++ b/out/out.UserDefaultKeywords.php @@ -30,6 +30,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if ($user->isGuest()) { UI::exitError(getMLText("edit_default_keywords"),getMLText("access_denied")); @@ -39,6 +40,7 @@ $categories = $dms->getAllUserKeywordCategories($user->getID()); if($view) { $view->setParam('categories', $categories); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.UserList.php b/out/out.UserList.php index 752ce0fd4..bf7d84282 100644 --- a/out/out.UserList.php +++ b/out/out.UserList.php @@ -30,6 +30,7 @@ require_once("inc/inc.ClassPasswordStrength.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -41,6 +42,7 @@ if($view) { $view->setParam('httproot', $settings->_httpRoot); $view->setParam('quota', $settings->_quota); $view->setParam('pwdexpiration', $settings->_passwordExpiration); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.UsrMgr.php b/out/out.UsrMgr.php index a0595a00d..e174c8cea 100644 --- a/out/out.UsrMgr.php +++ b/out/out.UsrMgr.php @@ -31,6 +31,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -63,6 +64,7 @@ if($view) { $view->setParam('workflowmode', $settings->_workflowMode); $view->setParam('quota', $settings->_quota); $view->setParam('strictformcheck', $settings->_strictFormCheck); + $view->setParam('accessobject', $accessop); $view->setParam('enableemail', $settings->_enableEmail); $view($_GET); } diff --git a/out/out.UsrView.php b/out/out.UsrView.php index 25dbbb8c0..1bb439728 100644 --- a/out/out.UsrView.php +++ b/out/out.UsrView.php @@ -29,6 +29,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if ($user->isGuest()) { UI::exitError(getMLText("my_account"),getMLText("access_denied")); @@ -47,6 +48,7 @@ if($view) { $view->setParam('allusers', $users); $view->setParam('enableuserimage', $settings->_enableUserImage); $view->setParam('httproot', $settings->_httpRoot); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.ViewEvent.php b/out/out.ViewEvent.php index ebc8ab2d3..1dd0b214e 100644 --- a/out/out.ViewEvent.php +++ b/out/out.ViewEvent.php @@ -30,6 +30,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!isset($_GET["id"])){ UI::exitError(getMLText("event_details"),getMLText("error_occured")); } @@ -41,6 +42,7 @@ if (is_bool($event)&&!$event){ if($view) { $view->setParam('event', $event); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.ViewFolder.php b/out/out.ViewFolder.php index af5f6db69..19fb360cb 100644 --- a/out/out.ViewFolder.php +++ b/out/out.ViewFolder.php @@ -32,6 +32,7 @@ require_once("inc/inc.ClassUI.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!isset($_GET["folderid"]) || !is_numeric($_GET["folderid"]) || intval($_GET["folderid"])<1) { $folder = $dms->getRootFolder(); @@ -89,6 +90,7 @@ if($view) { $view->setParam('previewWidthList', $settings->_previewWidthList); $view->setParam('previewConverters', isset($settings->_converters['preview']) ? $settings->_converters['preview'] : array()); $view->setParam('timeout', $settings->_cmdTimeout); + $view->setParam('accessobject', $accessop); $view->setParam('xsendfile', $settings->_enableXsendfile); $view->setParam('maxItemsPerPage', $settings->_maxItemsPerPage); $view->setParam('incItemsPerPage', $settings->_incItemsPerPage != 0 ? $settings->_incItemsPerPage : $settings->_maxItemsPerPage); diff --git a/out/out.WorkflowActionsMgr.php b/out/out.WorkflowActionsMgr.php index 7aec36973..e2e7fdcaa 100644 --- a/out/out.WorkflowActionsMgr.php +++ b/out/out.WorkflowActionsMgr.php @@ -31,6 +31,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -49,6 +50,7 @@ if (is_bool($workflowactions)) { if($view) { $view->setParam('allworkflowactions', $workflowactions); $view->setParam('selworkflowaction', $selworkflowaction); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.WorkflowGraph.php b/out/out.WorkflowGraph.php index 184c281ba..0be7f7c33 100644 --- a/out/out.WorkflowGraph.php +++ b/out/out.WorkflowGraph.php @@ -31,6 +31,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); $workflow = $dms->getWorkflow($_GET['workflow']); if (is_bool($workflow)) { @@ -59,6 +60,7 @@ if($view) { $view->setParam('workflow', $workflow); $view->setParam('transitions', $transitions); $view->setParam('document', $document); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.WorkflowMgr.php b/out/out.WorkflowMgr.php index 2f9987915..b50c79160 100644 --- a/out/out.WorkflowMgr.php +++ b/out/out.WorkflowMgr.php @@ -31,6 +31,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -55,6 +56,7 @@ if($view) { $view->setParam('selworkflow', $selworkflow); $view->setParam('allworkflows', $workflows); $view->setParam('allworkflowstates', $workflowstates); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.WorkflowStatesMgr.php b/out/out.WorkflowStatesMgr.php index e2d55e34e..d5e8f056a 100644 --- a/out/out.WorkflowStatesMgr.php +++ b/out/out.WorkflowStatesMgr.php @@ -31,6 +31,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } @@ -43,6 +44,7 @@ if(isset($_GET['workflowstateid']) && $_GET['workflowstateid']) { if($view) { $view->setParam('selworkflowstate', $selworkflowstate); + $view->setParam('accessobject', $accessop); $view($_GET); exit; } diff --git a/out/out.WorkflowSummary.php b/out/out.WorkflowSummary.php index f31a0a3e1..88bd32ffc 100644 --- a/out/out.WorkflowSummary.php +++ b/out/out.WorkflowSummary.php @@ -31,6 +31,7 @@ require_once("inc/inc.Authentication.php"); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings); if ($user->isGuest()) { UI::exitError(getMLText("my_documents"),getMLText("access_denied")); @@ -41,6 +42,7 @@ if($view) { $view->setParam('workflowmode', $settings->_workflowMode); $view->setParam('previewWidthList', $settings->_previewWidthList); $view->setParam('timeout', $settings->_cmdTimeout); + $view->setParam('accessobject', $accessop); $view->setParam('xsendfile', $settings->_enableXsendfile); $view($_GET); exit;