mirror of
https://git.code.sf.net/p/seeddms/code
synced 2024-11-26 15:32:13 +00:00
add advanced access check
This commit is contained in:
Uwe Steinmann
parent
a3df77e713
commit
e4bc8d2180
|
|
@ -25,7 +25,10 @@ include("../inc/inc.ClassUI.php");
|
|||
include("../inc/inc.ClassAcl.php");
|
||||
include("../inc/inc.Authentication.php");
|
||||
|
||||
if (!$user->isAdmin()) {
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
|
||||
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
|
||||
if (!$accessop->check_view_access($view, $_GET) && !$user->isAdmin()) {
|
||||
UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
|
||||
}
|
||||
|
||||
|
|
@ -40,10 +43,10 @@ if(isset($_GET['roleid']) && $_GET['roleid']) {
|
|||
$selrole = null;
|
||||
}
|
||||
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user, 'settings'=>$settings, 'selrole'=>$selrole, 'allroles'=>$roles));
|
||||
if($view) {
|
||||
$view->setParam('settings', $settings);
|
||||
$view->setParam('selrole', $selrole);
|
||||
$view->setParam('allroles', $roles);
|
||||
$view->setParam('accessobject', $accessop);
|
||||
$view($_GET);
|
||||
exit;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -24,15 +24,16 @@ include("../inc/inc.DBInit.php");
|
|||
include("../inc/inc.ClassUI.php");
|
||||
include("../inc/inc.Authentication.php");
|
||||
|
||||
if (!$user->isAdmin()) {
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
|
||||
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
|
||||
if (!$accessop->check_view_access($view, $_GET) && !$user->isAdmin()) {
|
||||
UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
|
||||
}
|
||||
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user, 'enablefullsearch'=>$settings->_enableFullSearch, 'logfileenable'=>$settings->_logFileEnable));
|
||||
if($view) {
|
||||
$view->show();
|
||||
exit;
|
||||
$view->setParam('enablefullsearch', $settings->_enableFullSearch);
|
||||
$view->setParam('logfileenable', $settings->_logFileEnable);
|
||||
$view->setParam('accessobject', $accessop);
|
||||
$view($_GET);
|
||||
}
|
||||
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -32,7 +32,10 @@ include("../inc/inc.Authentication.php");
|
|||
*/
|
||||
require_once("SeedDMS/Preview.php");
|
||||
|
||||
if (!$user->isAdmin()) {
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
|
||||
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
|
||||
if (!$accessop->check_view_access($view, $_GET) && !$user->isAdmin()) {
|
||||
UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
|
||||
}
|
||||
|
||||
|
|
@ -52,10 +55,14 @@ if(isset($_GET['groupid']) && $_GET['groupid']) {
|
|||
$selgroup = null;
|
||||
}
|
||||
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user, 'selgroup'=>$selgroup, 'allgroups'=>$allGroups, 'allusers'=>$allUsers, 'strictformcheck'=>$settings->_strictFormCheck, 'cachedir'=>$settings->_cacheDir, 'previewWidthList'=>$settings->_previewWidthList, 'workflowmode'=>$settings->_workflowMode, 'timeout'=>$settings->_cmdTimeout));
|
||||
if($view) {
|
||||
$view->setParam('selgroup', $selgroup);
|
||||
$view->setParam('allgroups', $allGroups);
|
||||
$view->setParam('allusers', $allUsers);
|
||||
$view->setParam('strictformcheck', $settings->_strictFormCheck);
|
||||
$view->setParam('cachedir', $settings->_cacheDir);
|
||||
$view->setParam('previewWidthList', $settings->_previewWidthList);
|
||||
$view->setParam('workflowmode', $settings->_workflowMode);
|
||||
$view->setParam('timeout', $settings->_cmdTimeout);
|
||||
$view($_GET);
|
||||
}
|
||||
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -27,7 +27,10 @@ include("../inc/inc.DBInit.php");
|
|||
include("../inc/inc.ClassUI.php");
|
||||
include("../inc/inc.Authentication.php");
|
||||
|
||||
if (!$user->isAdmin()) {
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
|
||||
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
|
||||
if (!$accessop->check_view_access($view, $_GET) && !$user->isAdmin()) {
|
||||
UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
|
||||
}
|
||||
|
||||
|
|
@ -42,11 +45,9 @@ if(@ini_get('allow_url_fopen') == '1') {
|
|||
}
|
||||
}
|
||||
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user, 'version'=>$v, 'availversions'=>$versions));
|
||||
if($view) {
|
||||
$view->show();
|
||||
exit;
|
||||
$view->setParam('version', $v);
|
||||
$view->setParam('availversions', $versions);
|
||||
$view->setParam('accessobject', $accessop);
|
||||
$view($_GET);
|
||||
}
|
||||
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -26,7 +26,10 @@ include("../inc/inc.DBInit.php");
|
|||
include("../inc/inc.ClassUI.php");
|
||||
include("../inc/inc.Authentication.php");
|
||||
|
||||
if (!$user->isAdmin()) {
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
|
||||
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
|
||||
if (!$accessop->check_view_access($view, $_GET) && !$user->isAdmin()) {
|
||||
UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
|
||||
}
|
||||
|
||||
|
|
@ -46,10 +49,10 @@ if(isset($_GET['roleid']) && $_GET['roleid']) {
|
|||
$selrole = null;
|
||||
}
|
||||
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user, 'selrole'=>$selrole, 'allusers'=>$users, 'allroles'=>$roles));
|
||||
if($view) {
|
||||
$view->setParam('selrole', $selrole);
|
||||
$view->setParam('allusers', $users);
|
||||
$view->setParam('allroles', $roles);
|
||||
$view->setParam('accessobject', $accessop);
|
||||
$view($_GET);
|
||||
}
|
||||
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -25,17 +25,20 @@ include("../inc/inc.ClassUI.php");
|
|||
include("../inc/inc.Authentication.php");
|
||||
include("../inc/inc.ClassPasswordStrength.php");
|
||||
|
||||
if (!$user->isAdmin()) {
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
|
||||
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
|
||||
if (!$accessop->check_view_access($view, $_GET) && !$user->isAdmin()) {
|
||||
UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
|
||||
}
|
||||
|
||||
$allUsers = $dms->getAllUsers($settings->_sortUsersInList);
|
||||
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user, 'allusers'=>$allUsers, 'httproot'=>$settings->_httpRoot, 'quota'=>$settings->_quota, 'pwdexpiration'=>$settings->_passwordExpiration));
|
||||
if($view) {
|
||||
$view->setParam('allusers', $allUsers);
|
||||
$view->setParam('httproot', $settings->_httpRoot);
|
||||
$view->setParam('quota', $settings->_quota);
|
||||
$view->setParam('pwdexpiration', $settings->_passwordExpiration);
|
||||
$view($_GET);
|
||||
exit;
|
||||
}
|
||||
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -26,7 +26,10 @@ include("../inc/inc.DBInit.php");
|
|||
include("../inc/inc.ClassUI.php");
|
||||
include("../inc/inc.Authentication.php");
|
||||
|
||||
if (!$user->isAdmin()) {
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
|
||||
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
|
||||
if (!$accessop->check_view_access($view, $_GET) && !$user->isAdmin()) {
|
||||
UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
|
||||
}
|
||||
|
||||
|
|
@ -51,10 +54,19 @@ if(isset($_GET['userid']) && $_GET['userid']) {
|
|||
$seluser = null;
|
||||
}
|
||||
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user, 'seluser'=>$seluser, 'allusers'=>$users, 'allgroups'=>$groups, 'allroles'=>$roles, 'passwordstrength'=>$settings->_passwordStrength, 'passwordexpiration'=>$settings->_passwordExpiration, 'httproot'=>$settings->_httpRoot, 'enableuserimage'=>$settings->_enableUserImage, 'undeluserids'=>explode(',', $settings->_undelUserIds), 'workflowmode'=>$settings->_workflowMode, 'quota'=>$settings->_quota, 'strictformcheck'=>$settings->_strictFormCheck));
|
||||
if($view) {
|
||||
$view->setParam('seluser', $seluser);
|
||||
$view->setParam('allusers', $users);
|
||||
$view->setParam('allgroups', $groups);
|
||||
$view->setParam('allroles', $roles);
|
||||
$view->setParam('passwordstrength', $settings->_passwordStrength);
|
||||
$view->setParam('passwordexpiration', $settings->_passwordExpiration);
|
||||
$view->setParam('httproot', $settings->_httpRoot);
|
||||
$view->setParam('enableuserimage', $settings->_enableUserImage);
|
||||
$view->setParam('undeluserids', explode(',', $settings->_undelUserIds));
|
||||
$view->setParam('workflowmode', $settings->_workflowMode);
|
||||
$view->setParam('quota', $settings->_quota);
|
||||
$view->setParam('strictformcheck', $settings->_strictFormCheck);
|
||||
$view->setParam('accessobject', $accessop);
|
||||
$view($_GET);
|
||||
}
|
||||
|
||||
?>
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user