check if setting revisor is allowed, pass enableXXXRevApp to view

out/out.SetRevisors.php

@@ -55,10 +55,13 @@ if(!$settings->_enableVersionModification) {
 	UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("no_version_modification"));
 }
 
-$folder = $document->getFolder();
-
 /* Create object for checking access to certain operations */
 $accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
+if (!$accessop->maySetRevisors($document)) {
+	UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("cannot_assign_invalid_state"));
+}
+
+$folder = $document->getFolder();
 
 $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
 $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
@@ -66,6 +69,9 @@ if($view) {
 	$view->setParam('folder', $folder);
 	$view->setParam('document', $document);
 	$view->setParam('version', $content);
+	$view->setParam('enableadminrevapp', $settings->_enableAdminRevApp);
+	$view->setParam('enableownerrevapp', $settings->_enableOwnerRevApp);
+	$view->setParam('enableselfrevapp', $settings->_enableSelfRevApp);
 	$view->setParam('accessobject', $accessop);
 	$view($_GET);
 	exit;