Merge branch 'seeddms-5.1.x' into seeddms-6.0.x

inc/inc.ClassAccessOperation.php

@@ -612,148 +612,4 @@ class SeedDMS_AccessOperation {
 		}
 		return false;
 	} /* }}} */
-
-	protected function check_view_legacy_access($view, $get=array()) { /* {{{ */
-		if($this->user->isAdmin())
-			return true;
-
-		if(is_string($view)) {
-			$scripts = array($view);
-		} elseif(is_array($view)) {
-			$scripts = $view;
-		} elseif(is_subclass_of($view, 'SeedDMS_View_Common')) {
-			$scripts = array($view->getParam('class'));
-		} else {
-			return false;
-		}
-
-		if($this->user->isGuest()) {
-			$user_allowed = array(
-				'Calendar',
-				'ErrorDlg',
-				'Help',
-				'Login',
-				'Search',
-				'ViewDocument',
-				'ViewFolder',
-			);
-		} else {
-			$user_allowed = array(
-				'AddDocument',
-				'AddDocumentLink',
-				'AddEvent',
-				'AddFile',
-				'AddSubFolder',
-				'AddToTransmittal',
-				'ApprovalSummary',
-				'ApproveDocument',
-				'Calendar',
-				'CategoryChooser',
-				'ChangePassword',
-				'CheckInDocument',
-				'Clipboard',
-				'DocumentAccess',
-				'DocumentChooser',
-				'DocumentNotify',
-				'DocumentVersionDetail',
-				'DropFolderChooser',
-				'EditAttributes',
-				'EditComment',
-				'EditDocumentFile',
-				'EditDocument',
-				'EditEvent',
-				'EditFolder',
-				'EditOnline',
-				'EditUserData',
-				'ErrorDlg',
-				'FolderAccess',
-				'FolderChooser',
-				'FolderNotify',
-				'ForcePasswordChange',
-				'GroupView',
-				'Help',
-				'KeywordChooser',
-				'Login',
-				'ManageNotify',
-				'MoveDocument',
-				'MoveFolder',
-				'MyAccount',
-				'MyDocuments',
-				'OpensearchDesc',
-				'OverrideContentStatus',
-				'PasswordForgotten',
-				'PasswordSend',
-				'ReceiptDocument',
-				'ReceiptSummary',
-				'RemoveDocumentFile',
-				'RemoveDocument',
-				'RemoveEvent',
-				'RemoveFolderFiles',
-				'RemoveFolder',
-				'RemoveTransmittal',
-				'RemoveVersion',
-				'RemoveWorkflowFromDocument',
-				'ReturnFromSubWorkflow',
-				'ReviewDocument',
-				'ReviewSummary',
-				'ReviseDocument',
-				'RevisionSummary',
-				'RewindWorkflow',
-				'RunSubWorkflow',
-				'Search',
-				'Session',
-				'SetExpires',
-				'SetRecipients',
-				'SetReviewersApprovers',
-				'SetRevisors',
-				'SetWorkflow',
-				'SubstituteUser',
-				'Tasks',
-				'TransmittalMgr',
-				'TriggerWorkflow',
-				'UpdateDocument',
-				'UserDefaultKeywords',
-				'UserImage',
-				'UsrView',
-				'ViewDocument',
-				'ViewEvent',
-				'ViewFolder',
-				'WorkflowGraph',
-				'WorkflowSummary');
-		}
-
-		if(array_intersect($scripts, $user_allowed))
-			return true;
-
-		return false;
-	} /* }}} */
-
-	/**
-	 * Check for access permission on view
-	 *
-	 * This function will always return true because it was added to smooth
-	 * migration from 5.1.x to 6.0.x
-	 *
-	 * @param mixed $view Instanz of view, name of view or array of view names
-	 * @param string $get query parameters possible containing the element 'action'
-	 * @return boolean true if access is allowed, false if access is disallowed
-	 * no specific access right is set, otherwise false
-	 */
-	function check_view_access($view, $get=array()) { /* {{{ */
-		return $this->check_view_legacy_access($view, $get);
-	} /* }}} */
-
-	/**
-	 * Check for access permission on controller
-	 *
-	 * This function will always return true because it was added to smooth
-	 * migration from 5.1.x to 6.0.x
-	 *
-	 * @param mixed $controller Instanz of controller, name of controller or array of controller names
-	 * @param string $get query parameters
-	 * @return boolean true if access is allowed otherwise false
-	 */
-	function check_controller_access($controller, $get=array()) { /* {{{ */
-		return true;
-	} /* }}} */
 }

out/out.ExpiredDocuments.php

@@ -36,10 +36,6 @@ if (!$accessop->check_view_access($view, $_GET)) {
 	UI::exitError(getMLText("my_documents"),getMLText("access_denied"));
 }
 
-if ($user->isGuest()) {
-	UI::exitError(getMLText("expired_documents"),getMLText("access_denied"));
-}
-
 $orderby='e';
 if (isset($_GET["orderby"]) && strlen($_GET["orderby"])==1 ) {
 	$orderby=$_GET["orderby"];

out/out.ManageNotify.php

@@ -30,7 +30,6 @@ require_once("inc/inc.Authentication.php");
 $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
 $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
 $accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
-
 if ($user->isGuest()) {
 	UI::exitError(getMLText("my_account"),getMLText("access_denied"));
 }

out/out.PasswordForgotten.php

@@ -42,6 +42,7 @@ if (isset($_REQUEST["referuri"]) && strlen($_REQUEST["referuri"])>0) {
 if($view) {
 	$view->setParam('accessobject', $accessop);
 	$view->setParam('referrer', $referrer);
+	$view->setParam('accessobject', $accessop);
 	$view($_GET);
 	exit;
 }

out/out.RemoveDump.php

@@ -42,6 +42,7 @@ $dumpname = $_GET["dumpname"];
 
 if($view) {
 	$view->setParam('dumpfile', $dumpname);
+	$view->setParam('accessobject', $accessop);
 	$view($_GET);
 	exit;
 }

out/out.RemoveGroup.php

@@ -46,6 +46,7 @@ if (!is_object($group)) {
 
 if($view) {
 	$view->setParam('group', $group);
+	$view->setParam('accessobject', $accessop);
 	$view($_GET);
 	exit;
 }

out/out.RemoveLog.php

@@ -57,6 +57,7 @@ foreach($lognames as $file) {
 if($view) {
 	$view->setParam('lognames', $lognames);
 	$view->setParam('mode', $mode);
+	$view->setParam('accessobject', $accessop);
 	$view($_GET);
 	exit;
 }

out/out.RemoveWorkflow.php

@@ -48,6 +48,7 @@ if (!is_object($workflow)) {
 
 if($view) {
 	$view->setParam('workflow', $workflow);
+	$view->setParam('accessobject', $accessop);
 	$view($_GET);
 	exit;
 }

out/out.Session.php

@@ -28,7 +28,6 @@ require_once("inc/inc.Init.php");
 require_once("inc/inc.Extension.php");
 require_once("inc/inc.DBInit.php");
 require_once("inc/inc.ClassUI.php");
-require_once("inc/inc.ClassAccessOperation.php");
 require_once("inc/inc.Authentication.php");
 
 $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));

out/out.ViewDocument.php

@@ -28,7 +28,6 @@ require_once("inc/inc.Init.php");
 require_once("inc/inc.Extension.php");
 require_once("inc/inc.DBInit.php");
 require_once("inc/inc.ClassUI.php");
-require_once("inc/inc.ClassAccessOperation.php");
 require_once("inc/inc.Authentication.php");
 
 $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));

views/bootstrap/class.Bootstrap.php

@@ -732,7 +732,7 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
 		echo "<div class=\"nav-collapse col2\">\n";
 		$menuitems = array();
 
-		if ($accessMode == M_READ) {
+		if ($accessMode == M_READ && !$this->params['user']->isGuest()) {
 			if ($accessobject->check_view_access('FolderNotify'))
 			$menuitems['edit_folder_notify'] = array('link'=>"../out/out.FolderNotify.php?folderid=".$folderID."&showtree=".showtree(), 'label'=>getMLText('edit_folder_notify'));
 		}
@@ -973,9 +973,10 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
 
 		if($accessobject->check_view_access(array('BackupTools', 'LogManagement'))) {
 			$menuitems['backup_log_management'] = array('link'=>"#", 'label'=>getMLText('backup_log_management'));
+		}
 		if ($accessobject->check_view_access('BackupTools'))
 		$menuitems['backup_log_management']['children'][] = array('link'=>"../out/out.BackupTools.php", 'label'=>getMLText('backup_tools'));
-		if ($this->params['logfileenable'])
+		if ($this->params['logfileenable']) {
 			if ($accessobject->check_view_access('LogManagement'))
 			$menuitems['backup_log_management']['children'][] = array('link'=>"../out/out.LogManagement.php", 'label'=>getMLText('log_management'));
 		}