gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-02-06 23:24:57 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

add additional view access checks

Browse Source 
DocumentAccess, UsrView, GroupView, ReviewSummary, ApprovalSummary, WorkflowSummary, ReceiptSummary
This commit is contained in:
Uwe Steinmann 2018-02-05 10:31:07 +01:00
parent 2641478216
commit ceb7d65913
1 changed files with 14 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
views/bootstrap/class.Bootstrap.php
View File

@ -630,7 +630,8 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
}
if ($accessMode == M_ALL) {
$menuitems['rm_document'] = array('link'=>"../out/out.RemoveDocument".$docid, 'label'=>'rm_document');
$menuitems['edit_document_access'] = array('link'=>"../out/out.DocumentAccess". $docid, 'label'=>'edit_document_access');
if ($this->check_access('DocumentAccess'))
$menuitems['edit_document_access'] = array('link'=>"../out/out.DocumentAccess". $docid, 'label'=>'edit_document_access');
}
if ($accessMode >= M_READ && !$this->params['user']->isGuest()) {
$menuitems['edit_existing_notify'] = array('link'=>"../out/out.DocumentNotify". $docid, 'label'=>'edit_existing_notify');
@ -679,8 +680,10 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
echo "<li><a href=\"../out/out.Setup2Factor.php\">".getMLText("2_factor_auth")."</a></li>\n";
if ($this->params['enableusersview']){
echo "<li><a href=\"../out/out.UsrView.php\">".getMLText("users")."</a></li>\n";
echo "<li><a href=\"../out/out.GroupView.php\">".getMLText("groups")."</a></li>\n";
if ($this->check_access('UsrView'))
echo "<li><a href=\"../out/out.UsrView.php\">".getMLText("users")."</a></li>\n";
if ($this->check_access('GroupView'))
echo "<li><a href=\"../out/out.GroupView.php\">".getMLText("groups")."</a></li>\n";
}
echo "</ul>\n";
echo "</div>\n";
@ -697,12 +700,16 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
// echo "<li><a href=\"../out/out.MyDocuments.php\">".getMLText("all_documents")."</a></li>\n";
if($this->params['workflowmode'] == 'traditional' || $this->params['workflowmode'] == 'traditional_only_approval') {
if($this->params['workflowmode'] == 'traditional')
echo "<li><a href=\"../out/out.ReviewSummary.php\">".getMLText("review_summary")."</a></li>\n";
echo "<li><a href=\"../out/out.ApprovalSummary.php\">".getMLText("approval_summary")."</a></li>\n";
if ($this->check_access('ReviewSummary'))
echo "<li><a href=\"../out/out.ReviewSummary.php\">".getMLText("review_summary")."</a></li>\n";
if ($this->check_access('ApprovalSummary'))
echo "<li><a href=\"../out/out.ApprovalSummary.php\">".getMLText("approval_summary")."</a></li>\n";
} else {
echo "<li><a href=\"../out/out.WorkflowSummary.php\">".getMLText("workflow_summary")."</a></li>\n";
if ($this->check_access('WorkflowSummary'))
echo "<li><a href=\"../out/out.WorkflowSummary.php\">".getMLText("workflow_summary")."</a></li>\n";
}
echo "<li><a href=\"../out/out.ReceiptSummary.php\">".getMLText("receipt_summary")."</a></li>\n";
if ($this->check_access('ReceiptSummary'))
echo "<li><a href=\"../out/out.ReceiptSummary.php\">".getMLText("receipt_summary")."</a></li>\n";
echo "</ul>\n";
echo "</div>\n";
return;