gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-03-12 17:05:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

don't show any links to op/op.Download.php and op/op.ViewOnline.php if access is prohibited

Browse Source
This commit is contained in:
Uwe Steinmann 2016-08-11 12:05:36 +02:00
parent 2e19ad3dcb
commit c4401a45df
1 changed files with 86 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

116
views/bootstrap/class.ViewDocument.php
View File

@ -167,18 +167,22 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
function preview() { /* {{{ */
$document = $this->params['document'];
$latestContent = $document->getLatestContent();
switch($latestContent->getMimeType()) {
case 'audio/mpeg':
case 'audio/ogg':
case 'audio/wav':
$this->contentHeading(getMLText("preview"));
$accessop = $this->params['accessobject'];
if($accessop->check_controller_access('Download', array('action'=>'run'))) {
$latestContent = $document->getLatestContent();
switch($latestContent->getMimeType()) {
case 'audio/mpeg':
case 'audio/ogg':
case 'audio/wav':
$this->contentHeading(getMLText("preview"));
?>
<audio controls style="width: 100%;">
<source src="../op/op.Download.php?documentid=<?php echo $document->getID(); ?>&version=<?php echo $latestContent->getVersion(); ?>" type="audio/mpeg">
</audio>
<?php
break;
break;
}
}
} /* }}} */
@ -403,7 +407,7 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
if(is_string($txt))
echo $txt;
$this->contentContainerEnd();
// $this->preview();
$this->preview();
?>
</div>
<div class="span9">
@ -472,9 +476,13 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
$previewer->createPreview($latestContent);
if ($file_exists) {
if ($viewonlinefiletypes && in_array(strtolower($latestContent->getFileType()), $viewonlinefiletypes)) {
print "<a target=\"_blank\" href=\"../op/op.ViewOnline.php?documentid=".$documentid."&version=". $latestContent->getVersion()."\">";
if($accessop->check_controller_access('ViewOnline', array('action'=>'run'))) {
print "<a target=\"_blank\" href=\"../op/op.ViewOnline.php?documentid=".$documentid."&version=". $latestContent->getVersion()."\">";
}
} else {
print "<a href=\"../op/op.Download.php?documentid=".$documentid."&version=".$latestContent->getVersion()."\">";
if($accessop->check_controller_access('Download', array('action'=>'run'))) {
print "<a href=\"../op/op.Download.php?documentid=".$documentid."&version=".$latestContent->getVersion()."\">";
}
}
}
if($previewer->hasPreview($latestContent)) {
@ -483,7 +491,8 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
print "<img class=\"mimeicon\" src=\"".$this->getMimeIcon($latestContent->getFileType())."\" title=\"".htmlspecialchars($latestContent->getMimeType())."\">";
}
if ($file_exists) {
print "</a>";
if($accessop->check_controller_access('Download', array('action'=>'run')) || $accessop->check_controller_access('ViewOnline', array('action'=>'run')))
print "</a>";
}
print "</td>\n";
@ -529,9 +538,13 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
print "<ul class=\"unstyled actions\">";
if ($file_exists){
print "<li><a href=\"../op/op.Download.php?documentid=".$documentid."&version=".$latestContent->getVersion()."\"><i class=\"icon-download\"></i>".getMLText("download")."</a></li>";
if ($viewonlinefiletypes && in_array(strtolower($latestContent->getFileType()), $viewonlinefiletypes))
print "<li><a target=\"_blank\" href=\"../op/op.ViewOnline.php?documentid=".$documentid."&version=". $latestContent->getVersion()."\"><i class=\"icon-star\"></i>" . getMLText("view_online") . "</a></li>";
if($accessop->check_controller_access('Download', array('action'=>'run'))) {
print "<li><a href=\"../op/op.Download.php?documentid=".$documentid."&version=".$latestContent->getVersion()."\"><i class=\"icon-download\"></i>".getMLText("download")."</a></li>";
}
if($accessop->check_controller_access('ViewOnline', array('action'=>'run'))) {
if ($viewonlinefiletypes && in_array(strtolower($latestContent->getFileType()), $viewonlinefiletypes))
print "<li><a target=\"_blank\" href=\"../op/op.ViewOnline.php?documentid=".$documentid."&version=". $latestContent->getVersion()."\"><i class=\"icon-star\"></i>" . getMLText("view_online") . "</a></li>";
}
}
print "</ul>";
print "<ul class=\"unstyled actions\">";
@ -690,7 +703,9 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
print "<td>".htmlspecialchars($r["comment"]);
if($r['file']) {
echo "<br />";
echo "<a href=\"../op/op.Download.php?documentid=".$documentid."&reviewlogid=".$r['reviewLogID']."\" class=\"btn btn-mini\"><i class=\"icon-download\"></i> ".getMLText('download')."</a>";
if($accessop->check_controller_access('Download', array('action'=>'run'))) {
echo "<a href=\"../op/op.Download.php?documentid=".$documentid."&reviewlogid=".$r['reviewLogID']."\" class=\"btn btn-mini\"><i class=\"icon-download\"></i> ".getMLText('download')."</a>";
}
}
print "</td>\n";
print "<td>".getReviewStatusText($r["status"])."</td>\n";
@ -759,7 +774,9 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
print "<td>".htmlspecialchars($a["comment"]);
if($a['file']) {
echo "<br />";
echo "<a href=\"../op/op.Download.php?documentid=".$documentid."&approvelogid=".$a['approveLogID']."\" class=\"btn btn-mini\"><i class=\"icon-download\"></i> ".getMLText('download')."</a>";
if($accessop->check_controller_access('Download', array('action'=>'run'))) {
echo "<a href=\"../op/op.Download.php?documentid=".$documentid."&approvelogid=".$a['approveLogID']."\" class=\"btn btn-mini\"><i class=\"icon-download\"></i> ".getMLText('download')."</a>";
}
}
echo "</td>\n";
print "<td>".getApprovalStatusText($a["status"])."</td>\n";
@ -1216,9 +1233,13 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
print "<td style=\"width:".$previewwidthdetail."px; text-align: center;\">";
if($file_exists) {
if ($viewonlinefiletypes && in_array(strtolower($version->getFileType()), $viewonlinefiletypes)) {
if($accessop->check_controller_access('ViewOnline', array('action'=>'run'))) {
print "<a target=\"_blank\" href=\"../op/op.ViewOnline.php?documentid=".$documentid."&version=".$version->getVersion()."\">";
}
} else {
print "<a href=\"../op/op.Download.php?documentid=".$documentid."&version=".$version->getVersion()."\">";
if($accessop->check_controller_access('Download', array('action'=>'run'))) {
print "<a href=\"../op/op.Download.php?documentid=".$documentid."&version=".$version->getVersion()."\">";
}
}
}
$previewer->createPreview($version);
@ -1228,7 +1249,8 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
print "<img class=\"mimeicon\" src=\"".$this->getMimeIcon($version->getFileType())."\" title=\"".htmlspecialchars($version->getMimeType())."\">";
}
if($file_exists) {
print "</a>\n";
if($accessop->check_controller_access('Download', array('action'=>'run')) || $accessop->check_controller_access('ViewOnline', array('action'=>'run')))
print "</a>\n";
}
print "</td>\n";
print "<td><ul class=\"unstyled\">\n";
@ -1261,9 +1283,13 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
print "<td>";
print "<ul class=\"actions unstyled\">";
if ($file_exists){
print "<li><a href=\"../op/op.Download.php?documentid=".$documentid."&version=".$version->getVersion()."\"><i class=\"icon-download\"></i>".getMLText("download")."</a>";
if($accessop->check_controller_access('Download', array('action'=>'run'))) {
print "<li><a href=\"../op/op.Download.php?documentid=".$documentid."&version=".$version->getVersion()."\"><i class=\"icon-download\"></i>".getMLText("download")."</a>";
}
if ($viewonlinefiletypes && in_array(strtolower($version->getFileType()), $viewonlinefiletypes))
print "<li><a target=\"_blank\" href=\"../op/op.ViewOnline.php?documentid=".$documentid."&version=".$version->getVersion()."\"><i class=\"icon-star\"></i>" . getMLText("view_online") . "</a>";
if($accessop->check_controller_access('ViewOnline', array('action'=>'run'))) {
print "<li><a target=\"_blank\" href=\"../op/op.ViewOnline.php?documentid=".$documentid."&version=".$version->getVersion()."\"><i class=\"icon-star\"></i>" . getMLText("view_online") . "</a>";
}
print "</ul>";
print "<ul class=\"actions unstyled\">";
}
@ -1315,10 +1341,15 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
print "<td>";
$previewer->createPreview($file, $previewwidthdetail);
if($file_exists) {
if ($viewonlinefiletypes && in_array(strtolower($file->getFileType()), $viewonlinefiletypes))
print "<a target=\"_blank\" href=\"../op/op.ViewOnline.php?documentid=".$documentid."&file=". $file->getID()."\">";
else
print "<a href=\"../op/op.Download.php?documentid=".$documentid."&file=".$file->getID()."\">";
if ($viewonlinefiletypes && in_array(strtolower($file->getFileType()), $viewonlinefiletypes)) {
if($accessop->check_controller_access('ViewOnline', array('action'=>'run'))) {
print "<a target=\"_blank\" href=\"../op/op.ViewOnline.php?documentid=".$documentid."&file=". $file->getID()."\">";
}
} else {
if($accessop->check_controller_access('Download', array('action'=>'run'))) {
print "<a href=\"../op/op.Download.php?documentid=".$documentid."&file=".$file->getID()."\">";
}
}
}
if($previewer->hasPreview($file)) {
print("<img class=\"mimeicon\" width=\"".$previewwidthdetail."\" src=\"../op/op.Preview.php?documentid=".$document->getID()."&file=".$file->getID()."&width=".$previewwidthdetail."\" title=\"".htmlspecialchars($file->getMimeType())."\">");
@ -1326,7 +1357,8 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
print "<img class=\"mimeicon\" src=\"".$this->getMimeIcon($file->getFileType())."\" title=\"".htmlspecialchars($file->getMimeType())."\">";
}
if($file_exists) {
print "</a>";
if($accessop->check_controller_access('Download', array('action'=>'run')) || $accessop->check_controller_access('ViewOnline', array('action'=>'run')))
print "</a>";
}
print "</td>";
@ -1344,9 +1376,14 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
print "<td><ul class=\"unstyled actions\">";
if ($file_exists) {
print "<li><a href=\"../op/op.Download.php?documentid=".$documentid."&file=".$file->getID()."\"><i class=\"icon-download\"></i>".getMLText('download')."</a>";
if ($viewonlinefiletypes && in_array(strtolower($file->getFileType()), $viewonlinefiletypes))
print "<li><a target=\"_blank\" href=\"../op/op.ViewOnline.php?documentid=".$documentid."&file=". $file->getID()."\"><i class=\"icon-star\"></i>" . getMLText("view_online") . "</a></li>";
if($accessop->check_controller_access('Download', array('action'=>'run'))) {
print "<li><a href=\"../op/op.Download.php?documentid=".$documentid."&file=".$file->getID()."\"><i class=\"icon-download\"></i>".getMLText('download')."</a></li>";
}
if ($viewonlinefiletypes && in_array(strtolower($file->getFileType()), $viewonlinefiletypes)) {
if($accessop->check_controller_access('ViewOnline', array('action'=>'run'))) {
print "<li><a target=\"_blank\" href=\"../op/op.ViewOnline.php?documentid=".$documentid."&file=". $file->getID()."\"><i class=\"icon-star\"></i>" . getMLText("view_online") . "</a></li>";
}
}
} else print "<li><img class=\"mimeicon\" src=\"images/icons/".$this->getMimeIcon($file->getFileType())."\" title=\"".htmlspecialchars($file->getMimeType())."\">";
echo "</ul><ul class=\"unstyled actions\">";
if (($document->getAccessMode($user) == M_ALL)||($file->getUserID()==$user->getID()))
@ -1386,16 +1423,31 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
$targetlc = $targetDoc->getLatestContent();
$previewer->createPreview($targetlc, $previewwidthdetail);
echo "<tr id=\"table-row-transmittalitem-".$link->getID()."\">";
echo $this->documentListRow($targetDoc, $previewer, true);
print "<td><small>".getMLText("document_link_by")." ".htmlspecialchars($responsibleUser->getFullName());
if (($user->getID() == $responsibleUser->getID()) || ($document->getAccessMode($user) == M_ALL )) {
print "<br />".getMLText("document_link_public").": ".(($link->isPublic()) ? getMLText("yes") : getMLText("no"));
print "<form action=\"../op/op.RemoveDocumentLink.php\" method=\"post\">".createHiddenFieldWithKey('removedocumentlink')."<input type=\"hidden\" name=\"documentid\" value=\"".$documentid."\" /><input type=\"hidden\" name=\"linkid\" value=\"".$link->getID()."\" /><button type=\"submit\" class=\"btn btn-mini\"><i class=\"icon-remove\"></i> ".getMLText("delete")."</button></form>";
}
print "</small></td>";
echo "</tr>";
if(0){
print "<tr>";
print "<td style=\"width:".$previewwidthdetail."px; text-align: center;\">";
print "<a href=\"../op/op.Download.php?documentid=".$targetDoc->getID()."&version=".$targetlc->getVersion()."\">";
if($accessop->check_controller_access('Download', array('action'=>'run')))
print "<a href=\"../op/op.Download.php?documentid=".$targetDoc->getID()."&version=".$targetlc->getVersion()."\">";
if($previewer->hasPreview($targetlc)) {
print "<img class=\"mimeicon\" width=\"".$previewwidthdetail."\"src=\"../op/op.Preview.php?documentid=".$targetDoc->getID()."&version=".$targetlc->getVersion()."&width=".$previewwidthdetail."\" title=\"".htmlspecialchars($targetlc->getMimeType())."\">";
} else {
print "<img class=\"mimeicon\" src=\"".$this->getMimeIcon($targetlc->getFileType())."\" title=\"".htmlspecialchars($targetlc->getMimeType())."\">";
}
if($accessop->check_controller_access('Download', array('action'=>'run')))
print "</a>";
print "</td>";
print "<td><a href=\"out.ViewDocument.php?documentid=".$targetDoc->getID()."\" class=\"linklist\">".htmlspecialchars($targetDoc->getName())."</a></td>";
print "<td>".htmlspecialchars($targetDoc->getComment())."</td>";
print "<td>".getMLText("document_link_by")." ".htmlspecialchars($responsibleUser->getFullName());
if (($user->getID() == $responsibleUser->getID()) || ($document->getAccessMode($user) == M_ALL ))
@ -1406,6 +1458,7 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
print "<form action=\"../op/op.RemoveDocumentLink.php\" method=\"post\">".createHiddenFieldWithKey('removedocumentlink')."<input type=\"hidden\" name=\"documentid\" value=\"".$documentid."\" /><input type=\"hidden\" name=\"linkid\" value=\"".$link->getID()."\" /><button type=\"submit\" class=\"btn btn-mini\"><i class=\"icon-remove\"></i> ".getMLText("delete")."</button></form>";
print "</span></td>";
print "</tr>";
}
}
print "</tbody>\n</table>\n";
}
@ -1460,12 +1513,15 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
$previewer->createPreview($sourcelc, $previewwidthdetail);
print "<tr>";
print "<td style=\"width:".$previewwidthdetail."px; text-align: center;\">";
print "<a href=\"../op/op.Download.php?documentid=".$sourceDoc->getID()."&version=".$sourcelc->getVersion()."\">";
if($accessop->check_controller_access('Download', array('action'=>'run')))
print "<a href=\"../op/op.Download.php?documentid=".$sourceDoc->getID()."&version=".$sourcelc->getVersion()."\">";
if($previewer->hasPreview($sourcelc)) {
print "<img class=\"mimeicon\" width=\"".$previewwidthdetail."\"src=\"../op/op.Preview.php?documentid=".$sourceDoc->getID()."&version=".$sourcelc->getVersion()."&width=".$previewwidthdetail."\" title=\"".htmlspecialchars($sourcelc->getMimeType())."\">";
} else {
print "<img class=\"mimeicon\" src=\"".$this->getMimeIcon($sourcelc->getFileType())."\" title=\"".htmlspecialchars($sourcelc->getMimeType())."\">";
}
if($accessop->check_controller_access('Download', array('action'=>'run')))
print "</a>";
print "</td>";
print "<td><a href=\"out.ViewDocument.php?documentid=".$sourceDoc->getID()."\" class=\"linklist\">".htmlspecialchars($sourceDoc->getName())."</a></td>";
print "<td>".htmlspecialchars($sourceDoc->getComment())."</td>";