regard mandatory reviewers/approvers

the owner of the document may not remove mandatory reviewers/approvers anymore. Only admin may do that, it he/she is not the owner.
2025-05-13 21:21:27 +00:00 · 2017-08-02 10:54:40 +02:00 · 2017-08-02 10:54:40 +02:00 · c54faf8f90
commit c54faf8f90
parent ea8a695551
1 changed files with 25 additions and 0 deletions
--- a/op/op.SetReviewersApprovers.php
+++ b/op/op.SetReviewersApprovers.php
@ -60,6 +60,7 @@ if ($overallStatus["status"]==S_REJECTED || $overallStatus["status"]==S_OBSOLETE
 }
 $folder = $document->getFolder();
 $owner = $document->getOwner();
 // Retrieve a list of all users and groups that have review / approve
 // privileges.
@ -104,6 +105,18 @@ foreach ($approvalStatus as $i=>$rs) {
 // Get the list of proposed reviewers, stripping out any duplicates.
 $pIndRev = (isset($_POST["indReviewers"]) ? array_values(array_unique($_POST["indReviewers"])) : array());
 $pGrpRev = (isset($_POST["grpReviewers"]) ? array_values(array_unique($_POST["grpReviewers"])) : array());
 if($user->getID() != $owner->getID()) {
 	$res=$owner->getMandatoryReviewers();
 	if($user->isAdmin())
 		$res = array();
 } else
 	$res=$user->getMandatoryReviewers();
 foreach ($res as $r) {
 	if(!in_array($r['reviewerUserID'], $pIndRev))
 		$pIndRev[] = $r['reviewerUserID'];
 	if(!in_array($r['reviewerGroupID'], $pGrpRev))
 		$pGrpRev[] = $r['reviewerGroupID'];
 }
 foreach ($pIndRev as $p) {
 	if (is_numeric($p)) {
 		if (isset($accessIndex["i"][$p])) {
@ -319,6 +332,18 @@ if (count($reviewIndex["g"]) > 0) {
 // Get the list of proposed approvers, stripping out any duplicates.
 $pIndApp = (isset($_POST["indApprovers"]) ? array_values(array_unique($_POST["indApprovers"])) : array());
 $pGrpApp = (isset($_POST["grpApprovers"]) ? array_values(array_unique($_POST["grpApprovers"])) : array());
 if($user->getID() != $owner->getID()) {
 	$res=$owner->getMandatoryApprovers();
 	if($user->isAdmin())
 		$res = array();
 } else
 	$res=$user->getMandatoryApprovers();
 foreach ($res as $r) {
 	if(!in_array($r['approverUserID'], $pIndApp))
 		$pIndApp[] = $r['approverUserID'];
 	if(!in_array($r['approverGroupID'], $pGrpApp))
 		$pGrpApp[] = $r['approverGroupID'];
 }
 foreach ($pIndApp as $p) {
 	if (is_numeric($p)) {
 		if (isset($accessIndex["i"][$p])) {