diff --git a/CHANGELOG b/CHANGELOG
index 98f9dfb58..3f6678227 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,10 +1,11 @@
--------------------------------------------------------------------------------
- Changes in version 5.0.2
+ Changes in version 5.0.3
--------------------------------------------------------------------------------
- merged changes from 4.3.26
+- fix ldap authentification
--------------------------------------------------------------------------------
- Changes in version 5.0.1
+ Changes in version 5.0.2
--------------------------------------------------------------------------------
- merged changes from 4.3.25
@@ -29,6 +30,7 @@
- move some left over javascript from html code into application.js (Closes #253)
- take out last empty line from view/bootstrap/class.Search.php which causes a
header to be send to early (Closes: #252, #254)
+- regular users with sufficient access rights may remove documents via webdav
--------------------------------------------------------------------------------
Changes in version 4.3.25
diff --git a/SeedDMS_Core/Core/inc.ClassDMS.php b/SeedDMS_Core/Core/inc.ClassDMS.php
index 49020423f..92b57866c 100644
--- a/SeedDMS_Core/Core/inc.ClassDMS.php
+++ b/SeedDMS_Core/Core/inc.ClassDMS.php
@@ -1610,7 +1610,16 @@ class SeedDMS_Core_DMS {
if (!$res)
return false;
- return $this->getUser($this->db->getInsertID());
+ $user = $this->getUser($this->db->getInsertID());
+
+ /* Check if 'onPostAddUser' callback is set */
+ if(isset($this->_dms->callbacks['onPostAddUser'])) {
+ $callback = $this->_dms->callbacks['onPostUser'];
+ if(!call_user_func($callback[0], $callback[1], $user)) {
+ }
+ }
+
+ return $user;
} /* }}} */
/**
@@ -1662,7 +1671,16 @@ class SeedDMS_Core_DMS {
if (!$this->db->getResult($queryStr))
return false;
- return $this->getGroup($this->db->getInsertID());
+ $group = $this->getGroup($this->db->getInsertID());
+
+ /* Check if 'onPostAddGroup' callback is set */
+ if(isset($this->_dms->callbacks['onPostAddGroup'])) {
+ $callback = $this->_dms->callbacks['onPostAddGroup'];
+ if(!call_user_func($callback[0], $callback[1], $group)) {
+ }
+ }
+
+ return $group;
} /* }}} */
/**
@@ -1845,7 +1863,16 @@ class SeedDMS_Core_DMS {
if (!$this->db->getResult($queryStr))
return false;
- return $this->getKeywordCategory($this->db->getInsertID());
+ $category = $this->getKeywordCategory($this->db->getInsertID());
+
+ /* Check if 'onPostAddKeywordCategory' callback is set */
+ if(isset($this->_dms->callbacks['onPostAddKeywordCategory'])) {
+ $callback = $this->_dms->callbacks['onPostAddKeywordCategory'];
+ if(!call_user_func($callback[0], $callback[1], $category)) {
+ }
+ }
+
+ return $category;
} /* }}} */
function getDocumentCategory($id) { /* {{{ */
@@ -1911,7 +1938,16 @@ class SeedDMS_Core_DMS {
if (!$this->db->getResult($queryStr))
return false;
- return $this->getDocumentCategory($this->db->getInsertID());
+ $category = $this->getDocumentCategory($this->db->getInsertID());
+
+ /* Check if 'onPostAddDocumentCategory' callback is set */
+ if(isset($this->_dms->callbacks['onPostAddDocumentCategory'])) {
+ $callback = $this->_dms->callbacks['onPostAddDocumentCategory'];
+ if(!call_user_func($callback[0], $callback[1], $category)) {
+ }
+ }
+
+ return $category;
} /* }}} */
/**
diff --git a/SeedDMS_Core/Core/inc.ClassDocument.php b/SeedDMS_Core/Core/inc.ClassDocument.php
index a8897dfeb..8e876d928 100644
--- a/SeedDMS_Core/Core/inc.ClassDocument.php
+++ b/SeedDMS_Core/Core/inc.ClassDocument.php
@@ -2227,7 +2227,7 @@ class SeedDMS_Core_Document extends SeedDMS_Core_Object { /* {{{ */
$db->startTransaction();
- // FIXME: call a new function removeContent instead
+ // remove content of document
foreach ($this->_content as $version) {
if (!$this->removeContent($version)) {
$db->rollbackTransaction();
diff --git a/SeedDMS_Core/Core/inc.ClassFolder.php b/SeedDMS_Core/Core/inc.ClassFolder.php
index 5041a7d75..8c45c9501 100644
--- a/SeedDMS_Core/Core/inc.ClassFolder.php
+++ b/SeedDMS_Core/Core/inc.ClassFolder.php
@@ -531,6 +531,14 @@ class SeedDMS_Core_Folder extends SeedDMS_Core_Object {
}
$db->commitTransaction();
+
+ /* Check if 'onPostAddSubFolder' callback is set */
+ if(isset($this->_dms->callbacks['onPostAddSubFolder'])) {
+ $callback = $this->_dms->callbacks['onPostAddSubFolder'];
+ if(!call_user_func($callback[0], $callback[1], $newFolder)) {
+ }
+ }
+
return $newFolder;
} /* }}} */
@@ -843,6 +851,14 @@ class SeedDMS_Core_Folder extends SeedDMS_Core_Object {
}
$db->commitTransaction();
+
+ /* Check if 'onPostAddDocument' callback is set */
+ if(isset($this->_dms->callbacks['onPostAddDocument'])) {
+ $callback = $this->_dms->callbacks['onPostAddDocument'];
+ if(!call_user_func($callback[0], $callback[1], $document)) {
+ }
+ }
+
return array($document, $res);
} /* }}} */
@@ -858,6 +874,14 @@ class SeedDMS_Core_Folder extends SeedDMS_Core_Object {
protected function removeFromDatabase() { /* {{{ */
$db = $this->_dms->getDB();
+ /* Check if 'onPreRemoveFolder' callback is set */
+ if(isset($this->_dms->callbacks['onPreRemoveFolder'])) {
+ $callback = $this->_dms->callbacks['onPreRemoveFolder'];
+ if(!call_user_func($callback[0], $callback[1], $this)) {
+ return false;
+ }
+ }
+
$db->startTransaction();
// unset homefolder as it will no longer exist
$queryStr = "UPDATE tblUsers SET homefolder=NULL WHERE homefolder = " . $this->_id;
@@ -865,6 +889,7 @@ class SeedDMS_Core_Folder extends SeedDMS_Core_Object {
$db->rollbackTransaction();
return false;
}
+
// Remove database entries
$queryStr = "DELETE FROM tblFolders WHERE id = " . $this->_id;
if (!$db->getResult($queryStr)) {
@@ -889,6 +914,13 @@ class SeedDMS_Core_Folder extends SeedDMS_Core_Object {
}
$db->commitTransaction();
+ /* Check if 'onPostRemoveFolder' callback is set */
+ if(isset($this->_dms->callbacks['onPostRemoveFolder'])) {
+ $callback = $this->_dms->callbacks['onPostRemoveFolder'];
+ if(!call_user_func($callback[0], $callback[1], $this->_id)) {
+ }
+ }
+
return true;
} /* }}} */
diff --git a/SeedDMS_Core/package.xml b/SeedDMS_Core/package.xml
index c01b2cd83..0572758a0 100644
--- a/SeedDMS_Core/package.xml
+++ b/SeedDMS_Core/package.xml
@@ -1010,6 +1010,24 @@ SeedDMS_Core_DMS::getNotificationsByUser() are deprecated
- SeedDMS_Core_User::getDocumentsLocked() sets locking user propperly
+
+ 2016-03-08
+
+
+ 4.3.25
+ 4.3.25
+
+
+ stable
+ stable
+
+ GPL License
+
+- rename SeedDMS_Core_Group::getNotificationsByGroup() to getNotifications()
+- use __construct() for all constructors
+- fix setting multi value attributes for versions
+
+
2016-01-22
@@ -1042,5 +1060,21 @@ SeedDMS_Core_DMS::getNotificationsByUser() are deprecated
- all changes from 4.3.25 merged
+
+ 2016-04-04
+
+
+ 5.0.3
+ 5.0.3
+
+
+ stable
+ stable
+
+ GPL License
+
+- all changes from 4.3.26 merged
+
+
diff --git a/op/op.Login.php b/op/op.Login.php
index b4aa07fb2..2eae79ce8 100644
--- a/op/op.Login.php
+++ b/op/op.Login.php
@@ -64,7 +64,7 @@ if(isset($_POST['pwd'])) {
if($settings->_enableGuestLogin && (int) $settings->_guestID) {
$guestUser = $dms->getUser((int) $settings->_guestID);
- if ((!isset($pwd) || strlen($pwd)==0) && ($login != $guestUser->getLogin())) {
+ if ((!isset($pwd) || strlen($pwd)==0) && ($login != $guestUser->getLogin())) {
_printMessage(getMLText("login_error_title"), getMLText("login_error_text")."\n");
exit;
}
@@ -129,11 +129,11 @@ if (isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
$dn = false;
/* If bind succeed, then get the dn of for the user */
if ($bind) {
- if (isset($settings->_ldapFilter) && strlen($settings->_ldapFilter) > 0) {
- $search = ldap_search($ds, $settings->_ldapBaseDN, "(&(".$ldapSearchAttribut.$login.")".$settings->_ldapFilter.")");
- } else {
- $search = ldap_search($ds, $settings->_ldapBaseDN, $ldapSearchAttribut.$login);
- }
+ if (isset($settings->_ldapFilter) && strlen($settings->_ldapFilter) > 0) {
+ $search = ldap_search($ds, $settings->_ldapBaseDN, "(&(".$ldapSearchAttribut.$login.")".$settings->_ldapFilter.")");
+ } else {
+ $search = ldap_search($ds, $settings->_ldapBaseDN, $ldapSearchAttribut.$login);
+ }
if (!is_bool($search)) {
$info = ldap_get_entries($ds, $search);
if (!is_bool($info) && $info["count"]>0) {
@@ -158,39 +158,24 @@ if (isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
$user = $dms->getUserByLogin($login);
if (is_bool($user) && !$settings->_restricted) {
// Retrieve the user's LDAP information.
- if (isset($settings->_ldapFilter) && strlen($settings->_ldapFilter) > 0) {
- $search = ldap_search($ds, $settings->_ldapBaseDN, "(&(".$ldapSearchAttribut.$login.")".$settings->_ldapFilter.")");
- } else {
- $search = ldap_search($ds, $settings->_ldapBaseDN, $ldapSearchAttribut . $login);
+ if (isset($settings->_ldapFilter) && strlen($settings->_ldapFilter) > 0) {
+ $search = ldap_search($ds, $settings->_ldapBaseDN, "(&(".$ldapSearchAttribut.$login.")".$settings->_ldapFilter.")");
+ } else {
+ $search = ldap_search($ds, $settings->_ldapBaseDN, $ldapSearchAttribut.$login);
}
- }
- $bind = @ldap_bind($ds, $dn, $pwd);
- if ($bind) {
- // Successfully authenticated. Now check to see if the user exists within
- // the database. If not, add them in, but do not add their password.
- $user = $dms->getUserByLogin($login);
- if (is_bool($user) && !$settings->_restricted) {
- // Retrieve the user's LDAP information.
-
-
- /* new code by doudoux - TO BE TESTED */
- $search = ldap_search($ds, $settings->_ldapBaseDN, $ldapSearchAttribut . $login);
- /* old code */
- //$search = ldap_search($ds, $dn, "uid=".$login);
-
- if (!is_bool($search)) {
- $info = ldap_get_entries($ds, $search);
- if (!is_bool($info) && $info["count"]==1 && $info[0]["count"]>0) {
- $user = $dms->addUser($login, null, $info[0]['cn'][0], $info[0]['mail'][0], $settings->_language, $settings->_theme, "");
- }
+
+ if (!is_bool($search)) {
+ $info = ldap_get_entries($ds, $search);
+ if (!is_bool($info) && $info["count"]==1 && $info[0]["count"]>0) {
+ $user = $dms->addUser($login, null, $info[0]['cn'][0], $info[0]['mail'][0], $settings->_language, $settings->_theme, "");
}
}
- if (!is_bool($user)) {
- $userid = $user->getID();
- }
}
- ldap_close($ds);
+ if (!is_bool($user)) {
+ $userid = $user->getID();
+ }
}
+ ldap_close($ds);
}
}
}
@@ -318,7 +303,7 @@ if (isset($_COOKIE["mydms_session"])) {
setcookie("mydms_session", $id, $lifetime, $settings->_httpRoot, null, null, !$settings->_enableLargeFileUpload);
}
-// TODO: by the PHP manual: The superglobals $_GET and $_REQUEST are already decoded.
+// TODO: by the PHP manual: The superglobals $_GET and $_REQUEST are already decoded.
// Using urldecode() on an element in $_GET or $_REQUEST could have unexpected and dangerous results.
if (isset($_POST["referuri"]) && strlen($_POST["referuri"])>0) {
diff --git a/webdav/webdav.php b/webdav/webdav.php
index a08dc107d..487710d94 100644
--- a/webdav/webdav.php
+++ b/webdav/webdav.php
@@ -668,9 +668,11 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
} else {
// check if user is admin
// only admins may delete documents
+ /* There is not reason to allow only admins to remove a document
if(!$this->user->isAdmin()) {
return "403 Forbidden";
}
+ */
if(!$obj->remove()) {
return "409 Conflict";