gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-21 17:11:38 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: gnh1201:master
Branches Tags
gnh1201:master
gnh1201:seeddms-6.0.x
gnh1201:seeddms-5.1.x
gnh1201:seeddms-6.1.x
gnh1201:seeddms-5.0.x
gnh1201:seeddms-4.3.x
gnh1201:develop
gnh1201:6.0.32
gnh1201:5.1.39
gnh1201:6.0.31
gnh1201:5.1.38
gnh1201:6.0.30
gnh1201:5.1.37
gnh1201:6.0.29
gnh1201:5.1.36
gnh1201:6.0.28
gnh1201:5.1.35
gnh1201:6.0.27
gnh1201:5.1.34
gnh1201:5.1.33
gnh1201:6.0.26
gnh1201:6.0.25
gnh1201:5.1.32
gnh1201:6.0.24
gnh1201:5.1.31
gnh1201:5.1.30
gnh1201:6.0.23
gnh1201:6.0.22
gnh1201:5.1.29
gnh1201:5.1.28
gnh1201:6.0.21
gnh1201:6.0.20
gnh1201:5.1.27
gnh1201:6.0.18
gnh1201:5.1.25
gnh1201:6.0.17
gnh1201:5.1.24
gnh1201:6.0.16
gnh1201:5.1.23
gnh1201:5.1.22
gnh1201:6.0.15
gnh1201:6.0.14
gnh1201:5.1.21
gnh1201:6.0.13
gnh1201:5.1.20
gnh1201:6.0.12
gnh1201:5.1.19
gnh1201:5.0.3
gnh1201:4.3.26
gnh1201:4.3.25
gnh1201:5.0.2
gnh1201:5.0.1
gnh1201:4.3.24
gnh1201:4.3.23
gnh1201:4.3.22
gnh1201:4.3.21
gnh1201:4.3.20
gnh1201:4.3.19
gnh1201:4.3.18
gnh1201:4.3.17
gnh1201:4.3.16
gnh1201:4.3.15
gnh1201:4.3.14
gnh1201:4.3.13
gnh1201:4.3.12
gnh1201:4.3.11
gnh1201:4.3.10
gnh1201:4.3.9
gnh1201:4.3.8
gnh1201:4.3.7
gnh1201:4.3.6
gnh1201:4.3.5
gnh1201:4.3.4
gnh1201:4.3.3
gnh1201:4.3.2
gnh1201:4.3.1
gnh1201:4.3.0
gnh1201:4.3.0RC3
gnh1201:4.3.0RC2
gnh1201:4.3.0RC1
gnh1201:4.3.0pre3
gnh1201:4.3.0pre2
gnh1201:4.2.2
gnh1201:4.2.1
gnh1201:4.2.0
gnh1201:4.1.2
gnh1201:4.1.1
gnh1201:4.1.0
gnh1201:4.0.0
gnh1201:4.0.0RC1
gnh1201:4.0.0pre5
..
compare: gnh1201:5.1.36
Branches Tags
gnh1201:seeddms-6.0.x
gnh1201:seeddms-5.1.x
gnh1201:seeddms-6.1.x
gnh1201:master
gnh1201:seeddms-5.0.x
gnh1201:seeddms-4.3.x
gnh1201:develop
gnh1201:6.0.32
gnh1201:5.1.39
gnh1201:6.0.31
gnh1201:5.1.38
gnh1201:6.0.30
gnh1201:5.1.37
gnh1201:6.0.29
gnh1201:5.1.36
gnh1201:6.0.28
gnh1201:5.1.35
gnh1201:6.0.27
gnh1201:5.1.34
gnh1201:5.1.33
gnh1201:6.0.26
gnh1201:6.0.25
gnh1201:5.1.32
gnh1201:6.0.24
gnh1201:5.1.31
gnh1201:5.1.30
gnh1201:6.0.23
gnh1201:6.0.22
gnh1201:5.1.29
gnh1201:5.1.28
gnh1201:6.0.21
gnh1201:6.0.20
gnh1201:5.1.27
gnh1201:6.0.18
gnh1201:5.1.25
gnh1201:6.0.17
gnh1201:5.1.24
gnh1201:6.0.16
gnh1201:5.1.23
gnh1201:5.1.22
gnh1201:6.0.15
gnh1201:6.0.14
gnh1201:5.1.21
gnh1201:6.0.13
gnh1201:5.1.20
gnh1201:6.0.12
gnh1201:5.1.19
gnh1201:5.0.3
gnh1201:4.3.26
gnh1201:4.3.25
gnh1201:5.0.2
gnh1201:5.0.1
gnh1201:4.3.24
gnh1201:4.3.23
gnh1201:4.3.22
gnh1201:4.3.21
gnh1201:4.3.20
gnh1201:4.3.19
gnh1201:4.3.18
gnh1201:4.3.17
gnh1201:4.3.16
gnh1201:4.3.15
gnh1201:4.3.14
gnh1201:4.3.13
gnh1201:4.3.12
gnh1201:4.3.11
gnh1201:4.3.10
gnh1201:4.3.9
gnh1201:4.3.8
gnh1201:4.3.7
gnh1201:4.3.6
gnh1201:4.3.5
gnh1201:4.3.4
gnh1201:4.3.3
gnh1201:4.3.2
gnh1201:4.3.1
gnh1201:4.3.0
gnh1201:4.3.0RC3
gnh1201:4.3.0RC2
gnh1201:4.3.0RC1
gnh1201:4.3.0pre3
gnh1201:4.3.0pre2
gnh1201:4.2.2
gnh1201:4.2.1
gnh1201:4.2.0
gnh1201:4.1.2
gnh1201:4.1.1
gnh1201:4.1.0
gnh1201:4.0.0
gnh1201:4.0.0RC1
gnh1201:4.0.0pre5

No commits in common. "master" and "5.1.36" have entirely different histories.
master ... 5.1.36

299 changed files with 3292 additions and 18291 deletions
Show Stats Expand all files Collapse all files

307
CHANGELOG
View File

@ -1,310 +1,3 @@
--------------------------------------------------------------------------------
Changes in version 6.0.30
--------------------------------------------------------------------------------
- merge changes up to 5.1.37
- receipt comment can be disabled
--------------------------------------------------------------------------------
Changes in version 6.0.29
--------------------------------------------------------------------------------
- merge changes up to 5.1.36
- fix regression in FolderNotify
--------------------------------------------------------------------------------
Changes in version 6.0.28
--------------------------------------------------------------------------------
- merge changes up to 5.1.35
--------------------------------------------------------------------------------
Changes in version 6.0.27
--------------------------------------------------------------------------------
- merge changes up to 5.1.34
- Document/folder check distinguishes between documents which cannot be
receiped/revised because of access rights or the recipient/revisor being
disabled.
- fix creating user via rest api
- checkout info does not depend on whether the logged in user was substituted
- add new endpoints for managing roles by rest api
- add transmittals in menu
- add legacy access check for controllers
--------------------------------------------------------------------------------
Changes in version 6.0.26
--------------------------------------------------------------------------------
- merge changes up to 5.1.33
- add task to import files from drop folder
- add substitution of users in bootstrap4 theme
--------------------------------------------------------------------------------
Changes in version 6.0.25
--------------------------------------------------------------------------------
- merge changes up to 5.1.32
- status log can be turned on with advanced access control
- scheduler has more condensed layout
--------------------------------------------------------------------------------
Changes in version 6.0.24
--------------------------------------------------------------------------------
- add task to send list of recent changes by email
- merge changes up to 5.1.31
--------------------------------------------------------------------------------
Changes in version 6.0.23
--------------------------------------------------------------------------------
- fix setting recipients and revisors
- check in of a document is allowed for the user having done the check out
or those users with unlimited access rights on the document
- merge changes up to 5.1.30
--------------------------------------------------------------------------------
Changes in version 6.0.22
--------------------------------------------------------------------------------
- merge changes up to 5.1.29
--------------------------------------------------------------------------------
Changes in version 6.0.21
--------------------------------------------------------------------------------
- merge changes up to 5.1.28
- add new check for documents with identical sequence numbers in a folder
--------------------------------------------------------------------------------
Changes in version 6.0.20
--------------------------------------------------------------------------------
- merge changes up to 5.1.27
- fix triggering workflow (Closes: #542)
- create original file name from new document name when uploading document
from the library folder. Used to be the original file name
--------------------------------------------------------------------------------
Changes in version 6.0.19
--------------------------------------------------------------------------------
- merge changes up to 5.1.26
- fix deletion of tasks when using bootstrap4 theme
- fix deletion of documents when clicking on icon in document list (my documents)
--------------------------------------------------------------------------------
Changes in version 6.0.18
--------------------------------------------------------------------------------
- finish op/op.Cron.php, returns json
- merge changes up to 5.1.25
- fix sending trigger workflow notification (Closes: #522)
- fix updating und deleting items in document lists
- call hook 'filenameDownloadItem' in search export and transmittal download
- fix possible xss attack in UsrMgr (CVE-2022-28479)
--------------------------------------------------------------------------------
Changes in version 6.0.17
--------------------------------------------------------------------------------
- merge changes up to 5.1.24
- send notification when a receiption of a document was submitted
--------------------------------------------------------------------------------
Changes in version 6.0.16
--------------------------------------------------------------------------------
- cancel checkout needs confirmation
- add input field to filter list of recipients if more then 10
- add task for creating missing preview images
- no longer use old PHPExcel classes, use PhpOffice\PhpSpreadsheet\Spreadsheet
instead
--------------------------------------------------------------------------------
Changes in version 6.0.15
--------------------------------------------------------------------------------
- merge changes up to 5.1.22
- add a new task for checking the checksum of all document versions
- add searching for revision date
- list of open tasks will no longer contain expired documents but MyDocuments
page still list them
- fixed downloading approval file (Closes: #503)
- regular users can no longer set owner of document while uploading
--------------------------------------------------------------------------------
Changes in version 6.0.14
--------------------------------------------------------------------------------
- show debug menu only if debug mode is on
- merge changes up to 5.1.21
- document links can be added by regular users again
- add list of checked out documents to tasks
- issue a warning when removing a document which is checked out
- checked out can be discarded if it was changed
--------------------------------------------------------------------------------
Changes in version 6.0.13
--------------------------------------------------------------------------------
- merge changes up to 5.1.20
- create download file for transmittal in system tmp (Closes: #478)
- sync source code of checkin with update document
--------------------------------------------------------------------------------
Changes in version 6.0.12
--------------------------------------------------------------------------------
- merge changes up to 5.1.19
- fix various errors concerning workflows
- show menu tasks even if not admin (Closes: #485)
--------------------------------------------------------------------------------
Changes in version 6.0.11
--------------------------------------------------------------------------------
- merge changes up to 5.1.18
- fix access restriction for roles (content of documents was visible even if the
role and status didn't allow it)
- fix missing Content-Type in UserList (Closes: #480)
--------------------------------------------------------------------------------
Changes in version 6.0.10
--------------------------------------------------------------------------------
- merge changes up to 5.1.17
- fix list of previous document versions (Closes: #471)
- fix uploading files with fine uploader (Closes: #472)
- clear revision date when all revisors have been deleted
- improve scheduler task management, tasks can be deleted, fix setting parameters
- add op.Cron.php for running all scheduled tasks
--------------------------------------------------------------------------------
Changes in version 6.0.9
--------------------------------------------------------------------------------
- merge changes up to 5.1.16
- fix removal of roles (Closes: #465)
- fix password forgotten process
- fix setting role of new user and retrieving role of existing user
- processes of users can be deleted again, instead of only transfered to
another user
- fix export of search results, headers of excel file can be translated
- fix arcordeon for folder filters on search page
- fix upload from dropfolder
- fix adding new calendar event
--------------------------------------------------------------------------------
Changes in version 6.0.8
--------------------------------------------------------------------------------
- merge changes up to 5.1.15
- fix syntax error in op/op.EditComment.php
- fix use of private variable in op/op.SetRecipients.php and op/op.SetRevisors.php
- fix triggering a transition in advanced workflow mode
--------------------------------------------------------------------------------
Changes in version 6.0.7
--------------------------------------------------------------------------------
- fix editing of document attachments
- make receipt summary look like approval/review summary
- merge changes up to 5.1.14
- do not show the updating user in a revision workflow if the status is 0
this is misleading because the user starting the revision workflow is the one
first accessing the document
- rejection of document receipts are turned off by default, but can be turned
on in the settings
- documents in DocumentChooser are sorted by name
- instead of just removing a user from all processes it can be replaced by a new user
--------------------------------------------------------------------------------
Changes in version 6.0.6
--------------------------------------------------------------------------------
- fix setting attributes when checking in a new document version
- setting a document revision to 'needs correction' will no longer set the
documents status to 'needѕ correction' if this was turned off in the settings
- a document will not leave draft status when setting the approver/reviewer
without setting a reviewer/approver
- tasks to be counted in menu can be configured
- add number of documents which need correction to menu
- minor 2 factor auth. fixes when initially setting the secret
- remove ѕome unneeded code from AddDocument which just caused php warnings
- do not set the uploader of new documents to owner if the owner is different from
the uploader
- add scheduler
- add hook showVersionComment in out.ViewDocument.php
- Various minor corrections of database tables tblWorkflowLog and
tblWorkflowDocumentContent
- merge changes up to 5.1.7
--------------------------------------------------------------------------------
Changes in version 6.0.5
--------------------------------------------------------------------------------
- sync form for updating document by upload and checkin
- add list of documents which need correction on MyDocuments page
--------------------------------------------------------------------------------
Changes in version 6.0.4
--------------------------------------------------------------------------------
- merge changes up to 5.1.5
--------------------------------------------------------------------------------
Changes in version 6.0.3
--------------------------------------------------------------------------------
- add list of documents without a receiver on MyDocuments page
- propperly calculate number of documents for each value of value set in attribute mgr
- output of progress bar for reception of a document can be controlled by access list
- recipientof a document version can be set when uploading the file
- fix export of search and display of 2nd, 3rd, ... search page
- speed up creation of document lists if reception progress bar is shown
- status of rejected documents can be overriden
- do not add users from group as recipients if they are the uploader or reviewer
of a document
- add list of documents without a receiver, list of drafts, and list of absolete
documents on MyDocuments page
- add callback onCheckAccessDocument to SeedDMS_Core_Document
- add new document status 'needs correction', revised documents which do not pass
will no longer be in status 'rejected' but 'needs correction'
- better error handling when indexing documents fails
- apache xsendfile module is used for downloading documents when installed
- add view access check for ApprovalSummary, ReviewSummary, ReceiptSummary,
WorkflowSummary, DocumentAccess, GroupView, UsrView, WorkflowSummary
- filter out reviewers and uploader of a document version when setting recipients
by user group
--------------------------------------------------------------------------------
Changes in version 6.0.2
--------------------------------------------------------------------------------
- check if user has access on document and is not disabled if set as
receiver, revisor
- check if group has members if set as reviewer, approver, receiver, revisor
- fix bug in notification of approver after successful review
- add document check for docs in revision and missing access rights of revisor
- add document check for docs requiring receptions but user lacks access right
- fix Acl manager when using pgsql
- list all open tasks of user in user info of user manager
- owner of document may see review/approval/receipt/revision log
- fix sending mails to reviewer/approvers after check in
- downloading of review/approval files works again
- optimizing retrieval of open tasks
- do not show user which has been removed from a process except for admins
- show scheduled revisions in calendar
- merge changes up to 5.1.5
--------------------------------------------------------------------------------
Changes in version 6.0.1
--------------------------------------------------------------------------------
- call hook 'rawcontent' when downloading transmittal list or search content
- speed up list of locked documents on MyDocuments page
- sql queries and execution times can be written to file in database layer
--------------------------------------------------------------------------------
Changes in version 6.0.0
--------------------------------------------------------------------------------
- merge changes up to 5.0.10
- filter documents by status 'draft' on search page
- list of documents to look at now contains documents in revision
- add list of documents waiting for reception on MyDocuments page
- group document lists on MyDocuments page into three sections
- show progressbar and comments for reception of document in documentlist
- restructure page for document/folder check, add check for missing access
on documents by recipient or revisor
- overhaul revision workflow, add hook after revision workflow was finished
- add two factor authentication based on google authenticator
- set timeout for ajax call 'mytasks' from 200ms to 1000ms
- use a similar layout for document list on the ViewDocument page
- add RSS feed of timeline
- put more operations under access control
- add receipent list for documents
- add revision of documents
- add substitute user command for regular users
- add access controll list for many functions
- add document list which can be exported as an archive
- search results can be exported
--------------------------------------------------------------------------------
Changes in version 5.1.37
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Changes in version 5.1.36
--------------------------------------------------------------------------------

3
composer-dist.json
View File

@ -11,8 +11,6 @@
"slim/slim": "^3.0",
"erusev/parsedown": "*",
"erusev/parsedown-extra": "*",
"mibe/feedwriter": "^1.1",
"phpoffice/phpspreadsheet": "*",
"pear/log": "*",
"pear/mail": "*",
"pear/mail_mime": "*",
@ -20,7 +18,6 @@
"pear/auth_sasl": "*",
"pear/db": "*",
"alecrabbit/php-console-colour": "*",
"dragonmantank/cron-expression": "^3",
"zf1/zend-search-lucene": "*",
"symfony/http-foundation": "^5.4",
"seeddms/core": "dev-master",

2
conf/settings.xml.template
View File

@ -296,7 +296,7 @@
updateNotifyTime = "86400"
extraPath = ""
maxExecutionTime = "30"
cmdTimeout = "10"
cmdTimeout = "1"
/>
<!--
- enableNotificationAppRev: set to true if reviewers and approvers shall be informed about a pending review/approval

22
controllers/class.AddDocument.php
View File

@ -52,7 +52,6 @@ class SeedDMS_Controller_AddDocument extends SeedDMS_Controller_Common {
$sequence = $this->getParam('sequence');
$reviewers = $this->getParam('reviewers');
$approvers = $this->getParam('approvers');
$recipients = $this->getParam('recipients');
$reqversion = $this->getParam('reqversion');
$version_comment = $this->getParam('versioncomment');
$attributes = $this->getParam('attributes');
@ -161,7 +160,6 @@ class SeedDMS_Controller_AddDocument extends SeedDMS_Controller_Common {
$workflow = $this->getParam('workflow');
$notificationgroups = $this->getParam('notificationgroups');
$notificationusers = $this->getParam('notificationusers');
$initialdocumentstatus = $this->getParam('initialdocumentstatus');
$maxsizeforfulltext = $this->getParam('maxsizeforfulltext');
$defaultaccessdocs = $this->getParam('defaultaccessdocs');
@ -172,7 +170,7 @@ class SeedDMS_Controller_AddDocument extends SeedDMS_Controller_Common {
$cats, $userfiletmp, utf8_basename($userfilename),
$filetype, $userfiletype, $sequence,
$reviewers, $approvers, $reqversion,
$version_comment, $attributes, $attributes_version, $workflow, $initialdocumentstatus);
$version_comment, $attributes, $attributes_version, $workflow);
if (is_bool($res) && !$res) {
$this->errormsg = "error_occured";
@ -189,24 +187,6 @@ class SeedDMS_Controller_AddDocument extends SeedDMS_Controller_Common {
}
}
$lc = $document->getLatestContent();
if($recipients) {
if($recipients['i']) {
foreach($recipients['i'] as $uid) {
if($u = $dms->getUser($uid)) {
$res = $lc->addIndRecipient($u, $user);
}
}
}
if($recipients['g']) {
foreach($recipients['g'] as $gid) {
if($g = $dms->getGroup($gid)) {
$res = $lc->addGrpRecipient($g, $user);
}
}
}
}
/* Add a default notification for the owner of the document */
if($settings->_enableOwnerNotification) {
$res = $document->addNotify($owner->getID(), true);

14
controllers/class.ApproveDocument.php
View File

@ -40,11 +40,6 @@ class SeedDMS_Controller_ApproveDocument extends SeedDMS_Controller_Common {
$this->oldstatus = $overallStatus['status'];
$this->newstatus = $this->oldstatus;
if(!$this->callHook('preApproveDocument', $content)) {
}
$result = $this->callHook('approveDocument', $content);
if($result === null) {
if ($approvaltype == "ind") {
$approvalLogID = $content->setApprovalByInd($user, $user, $approvalstatus, $approvalcomment, $approvalfile);
} elseif ($approvaltype == "grp") {
@ -57,10 +52,7 @@ class SeedDMS_Controller_ApproveDocument extends SeedDMS_Controller_Common {
$this->errormsg = "approval_update_failed";
return false;
}
}
$result = $this->callHook('approveUpdateDocumentStatus', $content);
if($result === null) {
if($approvalstatus == -1) {
$this->newstatus = S_REJECTED;
if($content->setStatus(S_REJECTED, $approvalcomment, $user)) {
@ -104,12 +96,6 @@ class SeedDMS_Controller_ApproveDocument extends SeedDMS_Controller_Common {
}
}
}
}
if(!$this->callHook('postApproveDocument', $content)) {
}
return true;
} /* }}} */
}

114
controllers/class.CheckInDocument.php
View File

@ -1,114 +0,0 @@
<?php
/**
* Implementation of CheckInDocument controller
*
* @category DMS
* @package SeedDMS
* @license GPL 2
* @version @version@
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2010-2024 Uwe Steinmann
* @version Release: @package_version@
*/
/**
* Class which does the busines logic for downloading a document
*
* @category DMS
* @package SeedDMS
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2010-2024 Uwe Steinmann
* @version Release: @package_version@
*/
class SeedDMS_Controller_CheckInDocument extends SeedDMS_Controller_Common {
public function run() { /* {{{ */
$name = $this->getParam('name');
$comment = $this->getParam('comment');
/* Call preCheckInDocument early, because it might need to modify some
* of the parameters.
*/
if(false === $this->callHook('preCheckInDocument', $this->params['document'])) {
if(empty($this->errormsg))
$this->errormsg = 'hook_preCheckInDocument_failed';
return null;
}
$comment = $this->getParam('comment');
$dms = $this->params['dms'];
$user = $this->params['user'];
$document = $this->params['document'];
$settings = $this->params['settings'];
$fulltextservice = $this->params['fulltextservice'];
$folder = $this->params['folder'];
$userfiletmp = $this->getParam('userfiletmp');
$userfilename = $this->getParam('userfilename');
$filetype = $this->getParam('filetype');
$userfiletype = $this->getParam('userfiletype');
$reviewers = $this->getParam('reviewers');
$approvers = $this->getParam('approvers');
$recipients = $this->getParam('recipients');
$reqversion = $this->getParam('reqversion');
$comment = $this->getParam('comment');
$attributes = $this->getParam('attributes');
$workflow = $this->getParam('workflow');
$maxsizeforfulltext = $this->getParam('maxsizeforfulltext');
$initialdocumentstatus = $this->getParam('initialdocumentstatus');
$content = $this->callHook('checkinDocument');
if($content === null) {
if($contentResult=$document->checkIn($comment, $user, $reviewers, $approvers, $version=0, $attributes, $workflow, $initialdocumentstatus)) {
if ($this->hasParam('expires')) {
if($document->setExpires($this->getParam('expires'))) {
} else {
}
}
if(!empty($recipients['i'])) {
foreach($recipients['i'] as $uid) {
if($u = $dms->getUser($uid)) {
$res = $contentResult->getContent()->addIndRecipient($u, $user);
}
}
}
if(!empty($recipients['g'])) {
foreach($recipients['g'] as $gid) {
if($g = $dms->getGroup($gid)) {
$res = $contentResult->getContent()->addGrpRecipient($g, $user);
}
}
}
$content = $contentResult->getContent();
} else {
$this->errormsg = 'error_checkin_document';
$result = false;
}
} elseif($result === false) {
if(empty($this->errormsg))
$this->errormsg = 'hook_checkinDocument_failed';
return false;
}
if($fulltextservice && ($index = $fulltextservice->Indexer()) && $content) {
$idoc = $fulltextservice->IndexedDocument($document);
if(false !== $this->callHook('preIndexDocument', $document, $idoc)) {
$lucenesearch = $fulltextservice->Search();
if($hit = $lucenesearch->getDocument((int) $document->getId())) {
$index->delete($hit->id);
}
$index->addDocument($idoc);
$index->commit();
}
}
if(false === $this->callHook('postCheckInDocument', $document, $content)) {
}
return $content;
} /* }}} */
}

108
controllers/class.Cron.php
View File

@ -1,108 +0,0 @@
<?php
/**
* Implementation of Cron controller
*
* @category DMS
* @package SeedDMS
* @license GPL 2
* @version @version@
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2010-2020 Uwe Steinmann
* @version Release: @package_version@
*/
/**
* Class which does the busines logic for the regular cron job
*
* @category DMS
* @package SeedDMS
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2010-2020 Uwe Steinmann
* @version Release: @package_version@
*/
class SeedDMS_Controller_Cron extends SeedDMS_Controller_Common {
public function run() { /* {{{ */
$dms = $this->params['dms'];
$user = $this->params['user'];
$settings = $this->params['settings'];
$logger = $this->params['logger'];
$mode = $this->params['mode'];
$seltask = $this->params['task'];
$db = $dms->getDb();
$scheduler = new SeedDMS_Scheduler($db);
$tasks = $scheduler->getTasks();
$jsonarr = [];
foreach($tasks as $task) {
if($seltask && $seltask != $task->getExtension()."::".$task->getTask())
continue;
if(isset($GLOBALS['SEEDDMS_SCHEDULER']['tasks'][$task->getExtension()]) && is_object($taskobj = resolveTask($GLOBALS['SEEDDMS_SCHEDULER']['tasks'][$task->getExtension()][$task->getTask()]))) {
$arr = array(
'extension'=>$task->getExtension(),
'name'=>$task->getTask(),
'mode'=>$mode,
'disabled' => (bool) $task->getDisabled(),
'isdue' => $task->isDue(),
);
switch($mode) {
case "run":
case "dryrun":
if(method_exists($taskobj, 'execute')) {
if(!$task->getDisabled() && $task->isDue()) {
if($mode == 'run') {
/* Schedule the next run right away to prevent a second execution
* of the task when the cron job of the scheduler is called before
* the last run was finished. The task itself can still be scheduled
* to fast, but this is up to the admin of seeddms.
*/
$task->updateLastNextRun();
if($taskobj->execute($task)) {
add_log_line("Execution of task ".$task->getExtension()."::".$task->getTask()." successful.");
$arr['success'] = true;
} else {
add_log_line("Execution of task ".$task->getExtension()."::".$task->getTask()." failed, task has been disabled.", PEAR_LOG_ERR);
$arr['success'] = false;
$task->setDisabled(1);
}
} elseif($mode == 'dryrun') {
$arr['success'] = true;
}
}
}
break;
case "check":
$arr['error'] = false;
if(!method_exists($taskobj, 'execute')) {
$arr['error'] = true;
$arr['messages'][] = 'Missing method execute()';
}
if(get_parent_class($taskobj) != 'SeedDMS_SchedulerTaskBase') {
$arr['error'] = true;
$arr['error'][] = "Wrong parent class";
}
break;
case "list":
default:
header("Content-Type: application/json");
$arr['nextrun']=$task->getNextRun();
$arr['frequency']=$task->getFrequency();
$arr['params']=array();
if($params = $task->getParameter()) {
foreach($params as $key=>$value) {
$p = $taskobj->getAdditionalParamByName($key);
$arr['params'][$key] = ($p['type'] == 'password') ? '*******' : $value;
}
}
break;
}
$jsonarr[] = $arr;
}
}
echo json_encode($jsonarr);
return true;
} /* }}} */
}

165
controllers/class.Download.php
View File

@ -22,8 +22,13 @@
*/
class SeedDMS_Controller_Download extends SeedDMS_Controller_Common {
public function version() { /* {{{ */
public function run() {
$dms = $this->params['dms'];
$type = $this->params['type'];
switch($type) {
case "version":
if(empty($this->params['content'])) {
$version = $this->params['version'];
$document = $this->params['document'];
if($version < 1) {
@ -43,6 +48,9 @@ class SeedDMS_Controller_Download extends SeedDMS_Controller_Common {
* expect the content in the controller
*/
$this->params['content'] = $content;
} else {
$content = $this->params['content'];
}
if(null === $this->callHook('version')) {
if(file_exists($dms->contentDir . $content->getPath())) {
header("Content-Transfer-Encoding: binary");
@ -55,159 +63,8 @@ class SeedDMS_Controller_Download extends SeedDMS_Controller_Common {
sendFile($dms->contentDir.$content->getPath());
}
}
return true;
} /* }}} */
public function file() { /* {{{ */
$dms = $this->params['dms'];
$file = $this->params['file'];
if(null === $this->callHook('file')) {
if(file_exists($dms->contentDir . $file->getPath())) {
header("Content-Transfer-Encoding: binary");
header("Content-Disposition: attachment; filename=\"" . $file->getOriginalFileName() . "\"");
header("Content-Type: " . $file->getMimeType());
header("Cache-Control: must-revalidate");
sendFile($dms->contentDir . $file->getPath());
}
}
return true;
} /* }}} */
public function archive() { /* {{{ */
$dms = $this->params['dms'];
$filename = $this->params['file'];
$basedir = $this->params['basedir'];
if(null === $this->callHook('archive')) {
if(file_exists($basedir . $filename)) {
header('Content-Description: File Transfer');
header("Content-Type: application/zip");
header("Content-Transfer-Encoding: binary");
$efilename = rawurlencode($filename);
header("Content-Disposition: attachment; filename=\"" .$efilename . "\"; filename*=UTF-8''".$efilename);
header("Cache-Control: public");
sendFile($basedir .$filename );
}
}
return true;
} /* }}} */
public function log() { /* {{{ */
$dms = $this->params['dms'];
$filename = $this->params['file'];
$basedir = $this->params['basedir'];
if(null === $this->callHook('log')) {
if(file_exists($basedir . $filename)) {
header("Content-Type: text/plain; name=\"" . $filename . "\"");
header("Content-Transfer-Encoding: binary");
$efilename = rawurlencode($filename);
header("Content-Disposition: attachment; filename=\"" .$efilename . "\"; filename*=UTF-8''".$efilename);
header("Cache-Control: must-revalidate");
sendFile($basedir.$filename);
}
}
return true;
} /* }}} */
public function sqldump() { /* {{{ */
$dms = $this->params['dms'];
$filename = $this->params['file'];
$basedir = $this->params['basedir'];
if(null === $this->callHook('sqldump')) {
if(file_exists($basedir . $filename)) {
header("Content-Type: application/zip");
header("Content-Transfer-Encoding: binary");
$efilename = rawurlencode($filename);
header("Content-Disposition: attachment; filename=\"" .$efilename . "\"; filename*=UTF-8''".$efilename);
header("Cache-Control: must-revalidate");
sendFile($basedir.$filename);
}
}
return true;
} /* }}} */
public function approval() { /* {{{ */
$dms = $this->params['dms'];
$document = $this->params['document'];
$logid = $this->params['approvelogid'];
$filename = $dms->contentDir . $document->getDir().'a'.$logid;
if (!file_exists($filename) ) {
$this->error = 1;
return false;
}
if(null === $this->callHook('approval')) {
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$mimetype = finfo_file($finfo, $filename);
header("Content-Type: ".$mimetype);
header("Content-Transfer-Encoding: binary");
header("Content-Disposition: attachment; filename=\"approval-" . $document->getID()."-".(int) $_GET['approvelogid'] . get_extension($mimetype) . "\"");
header("Cache-Control: must-revalidate");
sendFile($filename);
}
return true;
} /* }}} */
public function review() { /* {{{ */
$dms = $this->params['dms'];
$document = $this->params['document'];
$logid = $this->params['reviewlogid'];
$filename = $dms->contentDir . $document->getDir().'r'.$logid;
if (!file_exists($filename) ) {
$this->error = 1;
return false;
}
if(null === $this->callHook('review')) {
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$mimetype = finfo_file($finfo, $filename);
header("Content-Type: ".$mimetype);
header("Content-Transfer-Encoding: binary");
header("Content-Length: " . filesize($filename ));
header("Content-Disposition: attachment; filename=\"review-" . $document->getID()."-".(int) $_GET['reviewlogid'] . get_extension($mimetype) . "\"");
header("Cache-Control: must-revalidate");
sendFile($filename);
}
return true;
} /* }}} */
public function run() { /* {{{ */
$dms = $this->params['dms'];
$type = $this->params['type'];
switch($type) {
case "version":
return $this->version();
break;
case "file":
return $this->file();
break;
case "archive":
return $this->archive();
break;
case "log":
return $this->log();
break;
case "sqldump":
return $this->sqldump();
break;
case "approval":
return $this->approval();
break;
case "review":
return $this->review();
break;
}
} /* }}} */
return true;
}
}

10
controllers/class.Login.php
View File

@ -64,16 +64,6 @@ class SeedDMS_Controller_Login extends SeedDMS_Controller_Common {
return false;
}
if($settings->_enable2FactorAuthentication) {
if($user->getSecret()) {
$tfa = new \RobThree\Auth\TwoFactorAuth('SeedDMS');
if($tfa->verifyCode($user->getSecret(), $_POST['twofactauth']) !== true) {
$this->setErrorMsg("login_error_text");
return false;
}
}
}
/* Run any additional checks which may prevent login */
if(false === $this->callHook('restrictLogin', $user)) {
if(empty($this->errormsg))

67
controllers/class.ReceiptDocument.php
View File

@ -1,67 +0,0 @@
<?php
/**
* Implementation of ReceiptDocument controller
*
* @category DMS
* @package SeedDMS
* @license GPL 2
* @version @version@
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2010-2013 Uwe Steinmann
* @version Release: @package_version@
*/
/**
* Class which does the busines logic for downloading a document
*
* @category DMS
* @package SeedDMS
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2010-2013 Uwe Steinmann
* @version Release: @package_version@
*/
class SeedDMS_Controller_ReceiptDocument extends SeedDMS_Controller_Common {
public function run() {
$dms = $this->params['dms'];
$user = $this->params['user'];
$settings = $this->params['settings'];
$document = $this->params['document'];
$content = $this->params['content'];
$receiptstatus = $this->params['receiptstatus'];
$receipttype = $this->params['receipttype'];
$group = $this->params['group'];
$comment = $this->params['comment'];
/* Get the document id and name before removing the document */
$docname = $document->getName();
$documentid = $document->getID();
if(!$this->callHook('preReceiptDocument', $content)) {
}
$result = $this->callHook('receiptDocument', $content);
if($result === null) {
if ($receipttype == "ind") {
if(0 > $content->setReceiptByInd($user, $user, $receiptstatus, $comment)) {
$this->error = 1;
$this->errormsg = "receipt_update_failed";
return false;
}
} elseif ($receipttype == "grp") {
if(0 > $content->setReceiptByGrp($group, $user, $receiptstatus, $comment)) {
$this->error = 1;
$this->errormsg = "receipt_update_failed";
return false;
}
}
}
if(!$this->callHook('postReceiptDocument', $content)) {
}
return true;
}
}

13
controllers/class.ReviewDocument.php
View File

@ -36,11 +36,6 @@ class SeedDMS_Controller_ReviewDocument extends SeedDMS_Controller_Common {
$this->oldstatus = $overallStatus['status'];
$this->newstatus = $this->oldstatus;
if(!$this->callHook('preReviewDocument', $content)) {
}
$result = $this->callHook('reviewDocument', $content);
if($result === null) {
if ($reviewtype == "ind") {
$reviewLogID = $content->setReviewByInd($user, $user, $reviewstatus, $reviewcomment, $reviewfile);
} elseif($reviewtype == "grp") {
@ -53,10 +48,7 @@ class SeedDMS_Controller_ReviewDocument extends SeedDMS_Controller_Common {
$this->errormsg = "review_update_failed";
return false;
}
}
$result = $this->callHook('reviewUpdateDocumentStatus', $content);
if($result === null) {
if($reviewstatus == -1) {
$this->newstatus = S_REJECTED;
if($content->setStatus(S_REJECTED, $reviewcomment, $user)) {
@ -121,11 +113,6 @@ class SeedDMS_Controller_ReviewDocument extends SeedDMS_Controller_Common {
}
}
}
}
if(!$this->callHook('postReviewDocument', $content)) {
}
return true;
} /* }}} */
}

143
controllers/class.ReviseDocument.php
View File

@ -1,143 +0,0 @@
<?php
/**
* Implementation of ReviseDocument controller
*
* @category DMS
* @package SeedDMS
* @license GPL 2
* @version @version@
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2010-2013 Uwe Steinmann
* @version Release: @package_version@
*/
/**
* Class which does the busines logic for downloading a document
*
* @category DMS
* @package SeedDMS
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2010-2013 Uwe Steinmann
* @version Release: @package_version@
*/
class SeedDMS_Controller_ReviseDocument extends SeedDMS_Controller_Common {
public $oldstatus;
public $newstatus;
public function run() {
$dms = $this->params['dms'];
$user = $this->params['user'];
$settings = $this->params['settings'];
$document = $this->params['document'];
$content = $this->params['content'];
$revisionstatus = $this->params['revisionstatus'];
$revisiontype = $this->params['revisiontype'];
$group = $this->params['group'];
$comment = $this->params['comment'];
$overallStatus = $content->getStatus();
$this->oldstatus = $overallStatus['status'];
$this->newstatus = $this->oldstatus;
/* if set to true, a single reject will reject the doc. If set to false
* all revisions will be collected first and afterwards the doc is rejected
* if one has rejected it. So in the very end the doc is rejected, but
* doc remainѕ in S_IN_REVISION until all have revised the doc
*/
$onevotereject = $this->params['onevotereject'];
/* Get the document id and name before removing the document */
$docname = $document->getName();
$documentid = $document->getID();
if(!$this->callHook('preReviseDocument', $content)) {
}
$result = $this->callHook('reviseDocument', $content);
if($result === null) {
if ($revisiontype == "ind") {
if(0 > $content->setRevision($user, $user, $revisionstatus, $comment)) {
$this->error = 1;
$this->errormsg = "revision_update_failed";
return false;
}
} elseif ($revisiontype == "grp") {
if(0 > $content->setRevision($group, $user, $revisionstatus, $comment)) {
$this->error = 1;
$this->errormsg = $ll."revision_update_failed";
return false;
}
}
}
/* Check to see if the overall status for the document version needs to be
* updated.
*/
$result = $this->callHook('reviseUpdateDocumentStatus', $content);
if($result === null) {
if ($onevotereject && $revisionstatus == -1){
$this->newstatus = S_NEEDS_CORRECTION;
if(!$content->setStatus(S_NEEDS_CORRECTION,$comment,$user)) {
$this->error = 1;
$this->errormsg = "revision_update_failed";
return false;
}
} else {
$docRevisionStatus = $content->getRevisionStatus();
if (is_bool($docRevisionStatus) && !$docRevisionStatus) {
$this->error = 1;
$this->errormsg = "cannot_retrieve_revision_snapshot";
return false;
}
$revisionok = 0;
$revisionnotok = 0;
$revisionTotal = 0;
foreach ($docRevisionStatus as $drstat) {
if ($drstat["status"] == 1) {
$revisionok++;
}
if ($drstat["status"] == -1) {
$revisionnotok++;
}
if ($drstat["status"] != -2) {
$revisionTotal++;
}
}
// If all revisions have been done and there are no rejections,
// then release the document. If all revisions have been done but some
// of them were rejections then documents needs correction.
// Otherwise put it back into revision workflow
if ($revisionok == $revisionTotal) {
$this->newstatus=S_RELEASED;
if ($content->finishRevision($user, $this->newstatus, 'Finished revision workflow', getMLText("automatic_status_update"))) {
if(!$this->callHook('finishReviseDocument', $content)) {
}
}
} elseif (($revisionok + $revisionnotok) == $revisionTotal) {
$this->newstatus=S_NEEDS_CORRECTION;
// if ($content->finishRevision($user, $this->newstatus, 'Finished revision workflow', getMLText("automatic_status_update"))) {
if(!$content->setStatus($this->newstatus,$comment,$user)) {
$this->error = 1;
$this->errormsg = "revision_update_failed";
return false;
}
} else {
$this->newstatus=S_IN_REVISION;
if(!$content->setStatus($this->newstatus,$comment,$user)) {
$this->error = 1;
$this->errormsg = "revision_update_failed";
return false;
}
}
}
}
if(!$this->callHook('postReviseDocument', $content)) {
}
return true;
}
}

56
controllers/class.RoleMgr.php
View File

@ -1,56 +0,0 @@
<?php
/**
* Implementation of Role manager controller
*
* @category DMS
* @package SeedDMS
* @license GPL 2
* @version @version@
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2010-2013 Uwe Steinmann
* @version Release: @package_version@
*/
/**
* Class which does the busines logic for role manager
*
* @category DMS
* @package SeedDMS
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2010-2013 Uwe Steinmann
* @version Release: @package_version@
*/
class SeedDMS_Controller_RoleMgr extends SeedDMS_Controller_Common {
public function run() {
}
public function addrole() {
$dms = $this->params['dms'];
$name = $this->params['name'];
$role = $this->params['role'];
return($dms->addRole($name, $role));
}
public function removerole() {
$roleobj = $this->params['roleobj'];
return $roleobj->remove();
}
public function editrole() {
$dms = $this->params['dms'];
$name = $this->params['name'];
$role = $this->params['role'];
$roleobj = $this->params['roleobj'];
$noaccess = $this->params['noaccess'];
if ($roleobj->getName() != $name)
$roleobj->setName($name);
if ($roleobj->getRole() != $role)
$roleobj->setRole($role);
$roleobj->setNoAccess($noaccess);
return true;
}
}

68
controllers/class.TransmittalDownload.php
View File

@ -1,68 +0,0 @@
<?php
/**
* Implementation of Transmittal Download controller
*
* @category DMS
* @package SeedDMS
* @license GPL 2
* @version @version@
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2010-2013 Uwe Steinmann
* @version Release: @package_version@
*/
/**
* Class which does the busines logic for downloading a transmittal
*
* @category DMS
* @package SeedDMS
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2010-2013 Uwe Steinmann
* @version Release: @package_version@
*/
class SeedDMS_Controller_TransmittalDownload extends SeedDMS_Controller_Common {
public function run() {
$dms = $this->params['dms'];
$user = $this->params['user'];
$transmittal = $this->params['transmittal'];
$items = $transmittal->getItems();
if($items) {
include("../inc/inc.ClassDownloadMgr.php");
$downmgr = new SeedDMS_Download_Mgr();
if($extraheader = $this->callHook('extraDownloadHeader'))
$downmgr->addHeader($extraheader);
foreach($items as $item) {
$content = $item->getContent();
$document = $content->getDocument();
if ($document->getAccessMode($user) >= M_READ) {
$extracols = $this->callHook('extraDownloadColumns', $document);
$filename = $this->callHook('filenameDownloadItem', $content);
if($rawcontent = $this->callHook('rawcontent', $content)) {
$downmgr->addItem($content, $extracols, $rawcontent, $filename);
} else
$downmgr->addItem($content, $extracols, null, $filename);
}
}
$filename = tempnam(sys_get_temp_dir(), 'transmittal-download-');
if($filename) {
if($downmgr->createArchive($filename)) {
header("Content-Transfer-Encoding: binary");
header("Content-Length: " . filesize($filename));
header("Content-Disposition: attachment; filename=\"export-" .date('Y-m-d') . ".zip\"");
header("Content-Type: application/zip");
header("Cache-Control: must-revalidate");
readfile($filename);
} else {
}
unlink($filename);
}
exit;
}
}
}

19
controllers/class.UpdateDocument.php
View File

@ -48,18 +48,16 @@ class SeedDMS_Controller_UpdateDocument extends SeedDMS_Controller_Common {
$userfiletype = $this->getParam('userfiletype');
$reviewers = $this->getParam('reviewers');
$approvers = $this->getParam('approvers');
$recipients = $this->getParam('recipients');
$reqversion = $this->getParam('reqversion');
$comment = $this->getParam('comment');
$attributes = $this->getParam('attributes');
$workflow = $this->getParam('workflow');
$maxsizeforfulltext = $this->getParam('maxsizeforfulltext');
$initialdocumentstatus = $this->getParam('initialdocumentstatus');
$content = $this->callHook('updateDocument');
if($content === null) {
$filesize = SeedDMS_Core_File::fileSize($userfiletmp);
if($contentResult=$document->addContent($comment, $user, $userfiletmp, utf8_basename($userfilename), $filetype, $userfiletype, $reviewers, $approvers, $version=0, $attributes, $workflow, $initialdocumentstatus)) {
if($contentResult=$document->addContent($comment, $user, $userfiletmp, utf8_basename($userfilename), $filetype, $userfiletype, $reviewers, $approvers, $version=0, $attributes, $workflow)) {
if ($this->hasParam('expires')) {
if($document->setExpires($this->getParam('expires'))) {
@ -67,21 +65,6 @@ class SeedDMS_Controller_UpdateDocument extends SeedDMS_Controller_Common {
}
}
if(!empty($recipients['i'])) {
foreach($recipients['i'] as $uid) {
if($u = $dms->getUser($uid)) {
$res = $contentResult->getContent()->addIndRecipient($u, $user);
}
}
}
if(!empty($recipients['g'])) {
foreach($recipients['g'] as $gid) {
if($g = $dms->getGroup($gid)) {
$res = $contentResult->getContent()->addGrpRecipient($g, $user);
}
}
}
$content = $contentResult->getContent();
} else {
$this->errormsg = 'error_update_document';

2
develop/retrieveml.sh
View File

@ -1,3 +1,3 @@
#!/bin/sh
# This command retrieves the strings that need to be translated
sgrep -o "%r\n" '"getMLText(\"" __ "\""' */*.php views/bootstrap/*.php |sort|uniq -c
sgrep -o "%r\n" '"getMLText(\"" __ "\""' */*.php|sort|uniq -c

9
develop/transcomp.php
View File

@ -1,7 +1,7 @@
<?php
/* Determine all languages keys used in the php files */
$output = array();
if(exec('sgrep -o "%r\n" \'"tMLText(\"" __ "\""\' */*.php views/bootstrap/*.php|sort|uniq -c', $output)) {
if(exec('sgrep -o "%r\n" \'"tMLText(\"" __ "\""\' */*.php|sort|uniq -c', $output)) {
$allkeys = array();
foreach($output as $line) {
$data = explode(' ', trim($line));
@ -9,9 +9,8 @@ if(exec('sgrep -o "%r\n" \'"tMLText(\"" __ "\""\' */*.php views/bootstrap/*.php|
}
}
$languages = array('ar_EG', 'bg_BG', 'ca_ES', 'cs_CZ', 'de_DE', 'en_GB', 'es_ES', 'fr_FR', 'hu_HU', 'it_IT', 'nl_NL', 'pl_PL', 'pt_BR', 'ro_RO', 'ru_RU', 'sk_SK', 'sv_SE', 'tr_TR', 'zh_CN', 'zh_TW');
/* Reading languages */
foreach($languages as $lang) {
foreach(array('en_GB', 'de_DE', 'it_IT', 'sk_SK', 'cs_CZ') as $lang) {
include('languages/'.$lang.'/lang.inc');
ksort($text);
$langarr[$lang] = $text;
@ -21,7 +20,7 @@ foreach($languages as $lang) {
echo "List of missing keys\n";
echo "-----------------------------\n";
foreach(array_keys($allkeys) as $key) {
foreach($languages as $lang) {
foreach(array('en_GB', 'de_DE', 'it_IT', 'sk_SK', 'cs_CZ') as $lang) {
if(!isset($langarr[$lang][$key])) {
echo "Missing key '".$key."' in language ".$lang."\n";
}
@ -32,7 +31,7 @@ echo "\n";
/* Check for phrases not used anymore */
echo "List of superflous keys\n";
echo "-----------------------------\n";
foreach($languages as $lang) {
foreach(array('en_GB', 'de_DE', 'it_IT', 'sk_SK', 'cs_CZ') as $lang) {
$n = 0;
foreach($langarr[$lang] as $key=>$value) {
if(!isset($allkeys[$key])) {

25
doc/README.Notification
View File

@ -126,28 +126,3 @@ op/op.TriggerWorkflow.php
op/op.UpdateDocument.php
* document was updated
subscribers of the document
op/op.ReceiptDocument.php
* document was received
subscribers of the document
op/op.ReviseDocument.php
* document was revised
subscribers of the document
op/op.SetRevisors.php
* Revisors were added/deleted
subscribers of the document
uploader of version
revisor
op/op.ReceiptDocument.php
* document was receipt
subscribers of the document
op/op.SetRecipients.php
* Recipients were added/deleted
subscribers of the document
uploader of version
recipient

26
doc/README.Scheduler.md
View File

@ -1,26 +0,0 @@
Scheduler
==========
The scheduler in SeedDMS manages frequently run tasks. It is very similar
to regular unix cron jobs. A task in SeedDMS is an instanciation of a task
class which itself is defined by an extension or SeedDMS itself.
SeedDMS has some predefined classes e.g. core::expireddocs.
In order for tasks to be runnalbe, a user `cli_scheduler` must exists in
SeedDMS.
All tasks are executed by a single cronjob in the directory `utils`
> */5 * * * * /home/www-data/seeddms60x/seeddms/utils/seeddms-schedulercli --mode=run
Please keep in mind, that the php interpreter used for the cronjob may be
different from the php interpreter used für the web application. Hence, two
different php.ini files might be used. php and the php extensions may differ as
well. This can cause some extensions to be disabled and consequently some task
classes are not defined.
`utils/seeddms-schedulercli` can also be run on the command line. If you
do that, run it with the same system user used for the web server. On Debian
this is www-data. Hence run it like
sudo -u www-data utils/seeddms-schedulercli --mode=list

42
doc/README.cron
View File

@ -1,42 +0,0 @@
Running the scheduler
======================
Since version 6 of SeedDMS a scheduler is implemented which runs
scheduled tasks. Such tasks must be implemented in an extension
and can be scheduled by the administrator within the user interface.
In order to check frequently for tasks ready to run, a system cron job
must be installed. On Linux this can be done by adding the following line
to the crontab
*/5 * * * * /var/www/seeddms60x/seeddms/utils/seeddms-schedulercli --mode=run
(Of course you need to change the path to `seeddms-schedulercli`)
This will install a cronjob running every 5 minutes. `seeddms-schedulercli` will check
for tasks ready to run and execute them in that case. You can decrease the time between
two calls of the cronjob, but keep in mind that seeddms tasks may take longer and
are being started again before the previous task has been ended.
If the configuration file of SeedDMS is not found, its path can be passed
on the command, though this should not be needed in a regular installation
obeying the directory structure of the quickstart archive.
*/5 * * * * /var/www/seeddms60x/seeddms/utils/seeddms-schedulercli --config /var/www/seeddms60x/seeddms/conf/settings.xml --mode=run
For testing purposes it may be usefull to run `seeddms-schedulercli` in list mode.
seeddms-schedulercli --mode=list
This will just list all tasks and its scheduled exection time. Tasks ready to run,
because its scheduled execution time is already in the past will be marked with
a `*`. Tasks which are disabled will be marked with a `-`.
Executing `seeddms-schedulercli` in `dryrun` mode will behave just like in `run` mode
but instead of running the task it will just issue a line.
Instead of running utils/seeddms-schedulercli you may as well access
op/op.Cron.php which also runs all scheduled tasks. On Linux you do this
by setting up a cronjob like
*/5 * * * * wget -q -O - "http://<your domain>/op/op.Cron.php"

29
ext/example/class.example.php
View File

@ -177,32 +177,7 @@ class SeedDMS_ExtExample_ViewFolder {
* @package SeedDMS
* @subpackage example
*/
class SeedDMS_ExtExample_Task extends SeedDMS_SchedulerTaskBase {
/**
* Run the task
*
* @param $task task to be executed
* @return boolean true if task was executed succesfully, otherwise false
*/
public function execute($task) {
$dms = $this->dms;
$user = $this->user;
$settings = $this->settings;
$logger = $this->logger;
$taskparams = $task->getParameter();
return true;
}
public function getDescription() {
return 'Description';
}
public function getAdditionalParams() {
return array(array(
'name'=>'email',
'type'=>'string',
'description'=> '',
));
class SeedDMS_ExtExample_Task {
public function execute() {
}
}

2
ext/example/conf.php
View File

@ -1,7 +1,7 @@
<?php
$EXT_CONF['example'] = array(
'title' => 'Example Extension',
'description' => 'This sample extension demonstrates the use of various hooks',
'description' => 'This sample extension demonstrate the use of various hooks',
'disable' => true,
'version' => '1.0.1',
'releasedate' => '2018-03-21',

5
ext/example/lang.php
View File

@ -1,9 +1,4 @@
<?php
$__lang['de_DE'] = array(
'folder_contents' => 'Dies war mal "Ordner enthält". Wurde von sample Extension geändert.',
'task_example_example_email' => 'Email',
);
$__lang['en_GB'] = array(
'folder_contents' => 'This used to be "Folder contents". Was changed by sample Extension.',
'task_example_example_email' => 'Email',
);

37
inc/inc.Authentication.php
View File

@ -21,22 +21,16 @@ if (!strncmp("/op", $refer, 3)) {
} else {
$refer = urlencode($refer);
}
/* Check if this is a ajax call. In that case do not redirect to any page */
$isajax = isset($_GET['action']) && ($_GET['action'] != 'show');
if (!isset($_COOKIE["mydms_session"])) {
if($settings->_enableGuestLogin && $settings->_enableGuestAutoLogin) {
$session = new SeedDMS_Session($db);
if(!$dms_session = $session->create(array('userid'=>$settings->_guestID, 'theme'=>$settings->_theme, 'lang'=>$settings->_language))) {
if(!$isajax)
header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
exit;
}
$resArr = $session->load($dms_session);
} elseif($settings->_autoLoginUser) {
if(!($user = $dms->getUser($settings->_autoLoginUser))/* || !$user->isGuest()*/) {
if(!$isajax)
header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
exit;
}
@ -52,13 +46,11 @@ if (!isset($_COOKIE["mydms_session"])) {
}
$session = new SeedDMS_Session($db);
if(!$dms_session = $session->create(array('userid'=>$user->getID(), 'theme'=>$theme, 'lang'=>$lang))) {
if(!$isajax)
header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
exit;
}
$resArr = $session->load($dms_session);
} else {
if(!$isajax)
header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
exit;
}
@ -68,7 +60,6 @@ if (!isset($_COOKIE["mydms_session"])) {
$session = new SeedDMS_Session($db);
if(!$resArr = $session->load($dms_session)) {
setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot); //delete cookie
if(!$isajax)
header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
exit;
}
@ -82,16 +73,13 @@ if((int)$resArr['lastAccess']+60 < time())
$user = $dms->getUser($resArr["userID"]);
if (!is_object($user)) {
setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot); //delete cookie
if(!$isajax)
header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
exit;
}
$origuser = null;
if($resArr["su"] && $su = $dms->getUser($resArr["su"])) {
if($user->isAdmin() || $user->maySwitchToUser($su)) {
$origuser = $user;
$user = $su;
if($user->isAdmin()) {
if($resArr["su"]) {
$user = $dms->getUser($resArr["su"]);
} else {
// $session->resetSu();
}
@ -104,8 +92,6 @@ if($settings->_useHomeAsRootFolder && !$user->isAdmin() && $user->getHomeFolder(
$dms->checkWithinRootDir = true;
$dms->setRootFolderID($user->getHomeFolder());
}
$role = $user->getRole();
$dms->noReadForStatus = $role->getNoAccess();
/* Include additional language file for view
* This file must set $LANG[xx][]
@ -114,17 +100,13 @@ if(file_exists($settings->_rootDir . "view/".$theme."/languages/" . $lang . "/la
include $settings->_rootDir . "view/".$theme."/languages/" . $lang . "/lang.inc";
}
/* if this is a ajax call, then exit early as the rest of the script is irrelevant */
if($isajax)
return;
/* Check if password needs to be changed because it expired. If it needs
* to be changed redirect to out/out.ForcePasswordChange.php. Do this
* check only if password expiration is turned on, we are not on the
* page to change the password or the page that changes the password, the
* current user is not admin, and no user substitution has occured. */
if (!$user->isAdmin() && $origuser == null) {
if (!$user->isAdmin() && !$resArr['su']) {
if($settings->_passwordExpiration > 0) {
if(basename($_SERVER['SCRIPT_NAME']) != 'out.ForcePasswordChange.php' && basename($_SERVER['SCRIPT_NAME']) != 'op.EditUserData.php' && basename($_SERVER['SCRIPT_NAME']) != 'op.Logout.php') {
$pwdexp = $user->getPwdExpiration();
@ -139,17 +121,6 @@ if (!$user->isAdmin() && $origuser == null) {
}
}
/* Check if secret is set for 2-factor authentication. Redirect to Setup2Factor.php
* if secret is not set and 2-factor authentication is turned on. Also check if
* already on the page Setup2Factor.php and no user substiation has occured.
*/
if($settings->_enable2FactorAuthentication && $settings->_guestID != $user->getID() && $settings->_autoLoginUser != $user->getID() && $origuser == null && $user->getSecret() == '') {
if(basename($_SERVER['SCRIPT_NAME']) != 'out.Setup2Factor.php' && basename($_SERVER['SCRIPT_NAME']) != 'op.Setup2Factor.php') {
header("Location: ../out/out.Setup2Factor.php");
exit;
}
}
/* Update cookie lifetime */
if($settings->_cookieLifetime) {
$lifetime = time() + intval($settings->_cookieLifetime);

41
inc/inc.BasicAuthentication.php
View File

@ -1,41 +0,0 @@
<?php
/**
* Do authentication of users and session management
*
* @category DMS
* @package SeedDMS
* @license GPL 2
* @version @version@
* @author Markus Westphal, Malcolm Cowe, Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2002-2005 Markus Westphal,
* 2006-2008 Malcolm Cowe, 2010 Uwe Steinmann
* @version Release: @package_version@
*/
require_once("inc.Utils.php");
require_once("inc.ClassNotificationService.php");
require_once("inc.ClassEmailNotify.php");
require_once("inc.ClassSession.php");
require_once("inc.ClassAccessOperation.php");
if (!isset($_SERVER['PHP_AUTH_USER'])) {
header('WWW-Authenticate: Basic realm="'.$settings->_siteName.'"');
header('HTTP/1.0 401 Unauthorized');
echo getMLText('cancel_basic_authentication');
exit;
} else {
if(!($user = $authenticator->authenticate($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']))) {
header('WWW-Authenticate: Basic realm="'.$settings->_siteName.'"');
header('HTTP/1.0 401 Unauthorized');
echo getMLText('cancel_basic_authentication');
exit;
}
}
/* Clear login failures if login was successful */
$user->clearLoginFailures();
$dms->setUser($user);
require_once('inc/inc.Notification.php');

349
inc/inc.ClassAccessOperation.php
View File

@ -11,8 +11,6 @@
* @version Release: @package_version@
*/
require_once "inc.ClassAcl.php";
/**
* Class to check certain access restrictions
*
@ -29,32 +27,33 @@ class SeedDMS_AccessOperation {
*/
private $dms;
/**
* @var object $obj object being accessed
* @access protected
*/
private $obj;
/**
* @var object $user user requesting the access
* @access protected
*/
protected $user;
private $user;
/**
* @var object $settings SeedDMS Settings
* @access protected
*/
protected $settings;
private $settings;
/**
* @var object $aro access request object for caching
* @access protected
*/
private $_aro;
/**
* @var array $legacy_access list of objects with access use for view and controller
* @var array $legacy_access list of objects with access
* @access protected
*/
private $legacy_access;
function __construct($dms, $user, $settings) { /* {{{ */
function __construct($dms, $obj, $user, $settings) { /* {{{ */
$this->dms = $dms;
$this->obj = $obj;
$this->user = $user;
$this->settings = $settings;
$this->legacy_access['guest'] = array(
@ -164,15 +163,15 @@ class SeedDMS_AccessOperation {
* document may delete versions. The admin may even delete a version
* even if is disallowed in the settings.
*/
function mayEditVersion($document, $vno=0) { /* {{{ */
if($document->isType('document')) {
function mayEditVersion($vno=0) { /* {{{ */
if($this->obj->isType('document')) {
if($vno)
$version = $document->getContentByVersion($vno);
$version = $this->obj->getContentByVersion($vno);
else
$version = $document->getLatestContent();
$version = $this->obj->getLatestContent();
if (!isset($this->settings->_editOnlineFileTypes) || !is_array($this->settings->_editOnlineFileTypes) || (!in_array(strtolower($version->getFileType()), $this->settings->_editOnlineFileTypes) && !in_array(strtolower($version->getMimeType()), $this->settings->_editOnlineFileTypes)))
return false;
if ($document->getAccessMode($this->user) == M_ALL || $this->user->isAdmin()) {
if ($this->obj->getAccessMode($this->user) == M_ALL || $this->user->isAdmin()) {
return true;
}
}
@ -188,10 +187,10 @@ class SeedDMS_AccessOperation {
* document may delete versions. The admin may even delete a version
* even if is disallowed in the settings.
*/
function mayRemoveVersion($document) { /* {{{ */
if($document->isType('document')) {
$versions = $document->getContent();
if ((($this->settings->_enableVersionDeletion && ($document->getAccessMode($this->user, 'removeVersion') == M_ALL)) || $this->user->isAdmin() ) && (count($versions) > 1)) {
function mayRemoveVersion() { /* {{{ */
if($this->obj->isType('document')) {
$versions = $this->obj->getContent();
if ((($this->settings->_enableVersionDeletion && ($this->obj->getAccessMode($this->user, 'removeVersion') == M_ALL)) || $this->user->isAdmin() ) && (count($versions) > 1)) {
return true;
}
}
@ -208,11 +207,11 @@ class SeedDMS_AccessOperation {
* The admin may even modify the status
* even if is disallowed in the settings.
*/
function mayOverrideStatus($document) { /* {{{ */
if($document->isType('document')) {
if($latestContent = $document->getLatestContent()) {
function mayOverwriteStatus() { /* {{{ */
if($this->obj->isType('document')) {
if($latestContent = $this->obj->getLatestContent()) {
$status = $latestContent->getStatus();
if ((($this->settings->_enableVersionModification && ($document->getAccessMode($this->user) == M_ALL)) || $this->user->isAdmin()) && ($status["status"]==S_DRAFT || $status["status"]==S_RELEASED || $status["status"]==S_REJECTED || $status["status"]==S_OBSOLETE || $status["status"]==S_NEEDS_CORRECTION)) {
if ((($this->settings->_enableVersionModification && ($this->obj->getAccessMode($this->user) == M_ALL)) || $this->user->isAdmin()) && ($status["status"]==S_RELEASED || $status["status"]==S_OBSOLETE )) {
return true;
}
}
@ -227,13 +226,12 @@ class SeedDMS_AccessOperation {
* reviewers/approvers is only allowed if version modification is turned on
* in the settings and the document has not been reviewed/approved by any
* user/group already.
* The admin may even set reviewers/approvers after the review/approval
* process has been started, but only if _allowChangeRevAppInProcess
* explicitly allows it.
* The admin may even set reviewers/approvers if is disallowed in the
* settings.
*/
function maySetReviewersApprovers($document) { /* {{{ */
if($document->isType('document')) {
if($latestContent = $document->getLatestContent()) {
function maySetReviewersApprovers() { /* {{{ */
if($this->obj->isType('document')) {
if($latestContent = $this->obj->getLatestContent()) {
$status = $latestContent->getStatus();
$reviewstatus = $latestContent->getReviewStatus();
$hasreview = false;
@ -247,49 +245,7 @@ class SeedDMS_AccessOperation {
if($r['status'] == 1 || $r['status'] == -1)
$hasapproval = true;
}
if ((($this->settings->_enableVersionModification && ($document->getAccessMode($this->user) == M_ALL)) || $this->user->isAdmin()) && (($status["status"]==S_DRAFT_REV && (!$hasreview || ($this->user->isAdmin() && $this->settings->_allowChangeRevAppInProcess))) || ($status["status"]==S_DRAFT_APP && ((!$hasreview && !$hasapproval) || ($this->user->isAdmin() && $this->settings->_allowChangeRevAppInProcess))) || $status["status"]==S_DRAFT)) {
return true;
}
}
}
return false;
} /* }}} */
/**
* Check if recipients may be edited
*
* This check can only be done for documents. Setting the document
* recipients is only allowed if version modification is turned on
* in the settings. The
* admin may even set recipients if is disallowed in the
* settings.
*/
function maySetRecipients($document) { /* {{{ */
if($document->isType('document')) {
if($latestContent = $document->getLatestContent()) {
$status = $latestContent->getStatus();
if (($this->settings->_enableVersionModification && ($document->getAccessMode($this->user) >= M_READWRITE)) || $this->user->isAdmin()) {
return true;
}
}
}
return false;
} /* }}} */
/**
* Check if revisors may be edited
*
* This check can only be done for documents. Setting the document
* revisors is only allowed if version modification is turned on
* in the settings. The
* admin may even set revisors if is disallowed in the
* settings.
*/
function maySetRevisors($document) { /* {{{ */
if($document->isType('document')) {
if($latestContent = $document->getLatestContent()) {
$status = $latestContent->getStatus();
if ((($this->settings->_enableVersionModification && ($document->getAccessMode($this->user) == M_ALL)) || $this->user->isAdmin()) && ($status["status"]==S_RELEASED || $status["status"]==S_IN_REVISION)) {
if ((($this->settings->_enableVersionModification && ($this->obj->getAccessMode($this->user) == M_ALL)) || $this->user->isAdmin()) && (($status["status"]==S_DRAFT_REV && !$hasreview) || ($status["status"]==S_DRAFT_APP && !$hasreview && !$hasapproval))) {
return true;
}
}
@ -306,12 +262,12 @@ class SeedDMS_AccessOperation {
* admin may even set the workflow if is disallowed in the
* settings.
*/
function maySetWorkflow($document) { /* {{{ */
if($document->isType('document')) {
if($latestContent = $document->getLatestContent()) {
function maySetWorkflow() { /* {{{ */
if($this->obj->isType('document')) {
if($latestContent = $this->obj->getLatestContent()) {
$workflow = $latestContent->getWorkflow();
$workflowstate = $latestContent->getWorkflowState();
if ((($this->settings->_enableVersionModification && ($document->getAccessMode($this->user) == M_ALL)) || $this->user->isAdmin()) && (!$workflow || ($workflowstate && ($workflow->getInitState()->getID() == $workflowstate->getID())))) {
if ((($this->settings->_enableVersionModification && ($this->obj->getAccessMode($this->user) == M_ALL)) || $this->user->isAdmin()) && (!$workflow || ($workflowstate && ($workflow->getInitState()->getID() == $workflowstate->getID())))) {
return true;
}
}
@ -325,11 +281,11 @@ class SeedDMS_AccessOperation {
* This check can only be done for documents. Setting the documents
* expiration date is only allowed if the document has not been obsoleted.
*/
function maySetExpires($document) { /* {{{ */
if($document->isType('document')) {
if($latestContent = $document->getLatestContent()) {
function maySetExpires() { /* {{{ */
if($this->obj->isType('document')) {
if($latestContent = $this->obj->getLatestContent()) {
$status = $latestContent->getStatus();
if ((($document->getAccessMode($this->user) >= M_READWRITE) || $this->user->isAdmin()) && ($status["status"]!=S_OBSOLETE)) {
if ((($this->obj->getAccessMode($this->user) == M_ALL) || $this->user->isAdmin()) && ($status["status"]!=S_OBSOLETE)) {
return true;
}
}
@ -346,17 +302,17 @@ class SeedDMS_AccessOperation {
* The admin may set the comment even if is
* disallowed in the settings.
*/
function mayEditComment($document) { /* {{{ */
if($document->isType('document')) {
if($document->getAccessMode($this->user) < M_READWRITE)
function mayEditComment() { /* {{{ */
if($this->obj->isType('document')) {
if($this->obj->getAccessMode($this->user) < M_READWRITE)
return false;
if($document->isLocked()) {
$lockingUser = $document->getLockingUser();
if (($lockingUser->getID() != $this->user->getID()) && ($document->getAccessMode($this->user) != M_ALL)) {
if($this->obj->isLocked()) {
$lockingUser = $this->obj->getLockingUser();
if (($lockingUser->getID() != $this->user->getID()) && ($this->obj->getAccessMode($this->user) != M_ALL)) {
return false;
}
}
if($latestContent = $document->getLatestContent()) {
if($latestContent = $this->obj->getLatestContent()) {
$status = $latestContent->getStatus();
if (($this->settings->_enableVersionModification || $this->user->isAdmin()) && !in_array($status["status"], array(S_OBSOLETE, S_EXPIRED))) {
return true;
@ -374,15 +330,15 @@ class SeedDMS_AccessOperation {
* the settings or the document is still in an approval/review
* or intial workflow step.
*/
function mayEditAttributes($document) { /* {{{ */
if($document->isType('document')) {
if($latestContent = $document->getLatestContent()) {
function mayEditAttributes() { /* {{{ */
if($this->obj->isType('document')) {
if($latestContent = $this->obj->getLatestContent()) {
$status = $latestContent->getStatus();
$workflow = $latestContent->getWorkflow();
$workflowstate = $latestContent->getWorkflowState();
if($document->getAccessMode($this->user) < M_READWRITE)
if($this->obj->getAccessMode($this->user) < M_READWRITE)
return false;
if ($this->settings->_enableVersionModification || in_array($status["status"], array(S_DRAFT_REV, S_DRAFT_APP, S_IN_REVISION)) || ($workflow && $workflowstate && $workflow->getInitState()->getID() == $workflowstate->getID())) {
if ($this->settings->_enableVersionModification || in_array($status["status"], array(S_DRAFT_REV, S_DRAFT_APP)) || ($workflow && $workflowstate && $workflow->getInitState()->getID() == $workflowstate->getID())) {
return true;
}
}
@ -397,11 +353,11 @@ class SeedDMS_AccessOperation {
* review. There are other requirements which are not taken into
* account here.
*/
function mayReview($document) { /* {{{ */
if($document->isType('document')) {
if($latestContent = $document->getLatestContent()) {
function mayReview() { /* {{{ */
if($this->obj->isType('document')) {
if($latestContent = $this->obj->getLatestContent()) {
$status = $latestContent->getStatus();
if ($document->getAccessMode($this->user) >= M_READ && $status["status"]==S_DRAFT_REV) {
if ($status["status"]==S_DRAFT_REV) {
return true;
}
}
@ -415,24 +371,9 @@ class SeedDMS_AccessOperation {
* A review may only be updated by the user who originaly addedd the
* review and if it is allowed in the settings
*/
function mayUpdateReview($document, $updateUser) { /* {{{ */
if($document->isType('document')) {
if($this->settings->_enableUpdateRevApp && ($updateUser == $this->user) && $document->getAccessMode($this->user) >= M_READ && !$document->hasExpired()) {
return true;
}
}
return false;
} /* }}} */
/**
* Check if a approval maybe edited
*
* An approval may only be updated by the user who originaly addedd the
* approval and if it is allowed in the settings
*/
function mayUpdateApproval($document, $updateUser) { /* {{{ */
if($document->isType('document')) {
if($this->settings->_enableUpdateRevApp && ($updateUser == $this->user) && $document->getAccessMode($this->user) >= M_READ && !$document->hasExpired()) {
function mayUpdateReview($updateUser) { /* {{{ */
if($this->obj->isType('document')) {
if($this->settings->_enableUpdateRevApp && ($updateUser == $this->user) && !$this->obj->hasExpired()) {
return true;
}
}
@ -448,11 +389,11 @@ class SeedDMS_AccessOperation {
* There are other requirements which are not taken into
* account here.
*/
function mayApprove($document) { /* {{{ */
if($document->isType('document')) {
if($latestContent = $document->getLatestContent()) {
function mayApprove() { /* {{{ */
if($this->obj->isType('document')) {
if($latestContent = $this->obj->getLatestContent()) {
$status = $latestContent->getStatus();
if ($document->getAccessMode($this->user) >= M_READ && $status["status"]==S_DRAFT_APP) {
if ($status["status"]==S_DRAFT_APP) {
return true;
}
}
@ -461,70 +402,14 @@ class SeedDMS_AccessOperation {
} /* }}} */
/**
* Check if document content may be receipted
* Check if a approval maybe edited
*
* Reviewing a document content is only allowed if the document was not
* obsoleted. There are other requirements which are not taken into
* account here.
* An approval may only be updated by the user who originaly addedd the
* approval and if it is allowed in the settings
*/
function mayReceipt($document) { /* {{{ */
if($document->isType('document')) {
if($latestContent = $document->getLatestContent()) {
$status = $latestContent->getStatus();
if ($document->getAccessMode($this->user) >= M_READ && $status["status"]==S_RELEASED) {
return true;
}
}
}
return false;
} /* }}} */
/**
* Check if a review maybe edited
*
* A review may only be updated by the user who originaly addedd the
* review and if it is allowed in the settings
*/
function mayUpdateReceipt($document, $updateUser) { /* {{{ */
if($document->isType('document')) {
if($this->settings->_enableUpdateReceipt && ($updateUser == $this->user) && $document->getAccessMode($this->user) >= M_READ && !$document->hasExpired()) {
return true;
}
}
return false;
} /* }}} */
/**
* Check if document content may be revised
*
* Revising a document content is only allowed if the document was not
* obsoleted. There may be other requirements which are not taken into
* account here.
*/
function mayRevise($document) { /* {{{ */
if($document->isType('document')) {
if($latestContent = $document->getLatestContent()) {
$status = $latestContent->getStatus();
if ($document->getAccessMode($this->user) >= M_READ && $status["status"]!=S_OBSOLETE) {
return true;
}
}
}
return false;
} /* }}} */
/**
* Check if document content may be checked in
*
*
*/
function mayCheckIn($document) { /* {{{ */
if($document->isType('document')) {
$checkoutinfo = $document->getCheckOutInfo();
if(!$checkoutinfo)
return false;
$info = $checkoutinfo[0];
if($this->user->getID() == $info['userID'] || $document->getAccessMode($this->user) == M_ALL) {
function mayUpdateApproval($updateUser) { /* {{{ */
if($this->obj->isType('document')) {
if($this->settings->_enableUpdateRevApp && ($updateUser == $this->user) && !$this->obj->hasExpired()) {
return true;
}
}
@ -563,44 +448,11 @@ class SeedDMS_AccessOperation {
return false;
} /* }}} */
protected function check_controller_legacy_access($controller, $get=array()) { /* {{{ */
if($this->user->isAdmin())
return true;
if(is_string($controller)) {
$scripts = array($controller);
} elseif(is_array($controller)) {
$scripts = $controller;
} elseif(is_subclass_of($controller, 'SeedDMS_Controller_Common')) {
$scripts = array($controller->getParam('class'));
} else {
return false;
}
if($this->user->isGuest()) {
$user_allowed = $this->legacy_access['guest'];
} else {
$user_allowed = $this->legacy_access['user'];
}
if(array_intersect($scripts, $user_allowed))
return true;
return false;
} /* }}} */
/**
* Check for access permission on view
*
* If the parameter $view is an array then each element is considered the
* name of a view and true will be returned if one of them is accessible.
* Whether access is allowed also depends on the currently logged in user
* stored in the view object. If the user is an admin the access
* on a view must be explicitly disallowed. For regular users the access
* must be explicitly allowed.
*
* If advanced access control is turn off, this function will always return
* true for admins and false for other users.
* This function will always return true because it was added to smooth
* migration from 5.1.x to 6.0.x
*
* @param mixed $view Instanz of view, name of view or array of view names
* @param string $get query parameters possible containing the element 'action'
@ -608,79 +460,20 @@ class SeedDMS_AccessOperation {
* no specific access right is set, otherwise false
*/
function check_view_access($view, $get=array()) { /* {{{ */
if(!$this->settings->_advancedAcl) {
return $this->check_view_legacy_access($view, $get);
}
if(is_string($view)) {
$scripts = array($view);
} elseif(is_array($view)) {
$scripts = $view;
} elseif(is_subclass_of($view, 'SeedDMS_View_Common')) {
$scripts = array($view->getParam('class'));
} else {
return false;
}
$scope = 'Views';
$action = (isset($get['action']) && $get['action']) ? $get['action'] : 'show';
$acl = new SeedDMS_Acl($this->dms);
if(!$this->_aro)
$this->_aro = SeedDMS_Aro::getInstance($this->user->getRole(), $this->dms);
foreach($scripts as $script) {
$aco = SeedDMS_Aco::getInstance($scope.'/'.$script.'/'.$action, $this->dms);
$ll = $acl->check($this->_aro, $aco);
if($ll === 1 && !$this->user->isAdmin() || $ll !== -1 && $this->user->isAdmin())
return true;
}
return false;
} /* }}} */
/**
* Check for access permission on controller
*
* If the parameter $controller is an array then each element is considered the
* name of a controller and true will be returned if one is accesible.
* If advanced access controll is turn off, this function will return false
* for guest users and true otherwise.
* This function will always return true because it was added to smooth
* migration from 5.1.x to 6.0.x
*
* @param mixed $controller Instanz of controller, name of controller or array of controller names
* @param string $get query parameters
* @return boolean true if access is allowed otherwise false
*/
function check_controller_access($controller, $get=array()) { /* {{{ */
if(!$this->settings->_advancedAcl) {
return $this->check_controller_legacy_access($controller, $get);
/*
if($this->user->isGuest())
return false;
elseif($this->user->isAdmin())
return true;
else {
if($controller == 'AddDocument' && isset($get['action']) && $get['action'] == 'setOwner')
return false;
return true;
}
*/
}
if(is_string($controller)) {
$scripts = array($controller);
} elseif(is_array($controller)) {
$scripts = $controller;
} elseif(is_subclass_of($controller, 'SeedDMS_Controller_Common')) {
$scripts = array($controller->getParam('class'));
} else {
return false;
}
$scope = 'Controllers';
$action = (isset($get['action']) && $get['action']) ? $get['action'] : 'run';
$acl = new SeedDMS_Acl($this->dms);
if(!$this->_aro)
$this->_aro = SeedDMS_Aro::getInstance($this->user->getRole(), $this->dms);
foreach($scripts as $script) {
$aco = SeedDMS_Aco::getInstance($scope.'/'.$script.'/'.$action, $this->dms);
$ll = $acl->check($this->_aro, $aco);
if($ll === 1 && !$this->user->isAdmin() || $ll !== -1 && $this->user->isAdmin())
return true;
}
return false;
} /* }}} */
}

390
inc/inc.ClassAcl.php
View File

@ -1,390 +0,0 @@
<?php
/**
* Implementation of a access control list.
*
* SeedDMS uses access control list for setting permission,
* on various operations.
*
* @category DMS
* @package SeedDMS
* @license GPL 2
* @version @version@
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright 2016 Uwe Steinmann
* @version Release: @package_version@
*/
/**
* Class to represent an access request object
*
* This class provides a model for access request objects.
*
* @category DMS
* @package SeedDMS
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright 2016 Uwe Steinmann
* @version Release: @package_version@
*/
class SeedDMS_Acl { /* {{{ */
/**
* @var object $dms reference to dms object.
* @access public
*/
public $_dms;
/**
* Create a new instance of an acl
*
* @param object $dms object of dms
* @return object instance of SeedDMS_Acl
*/
public function __construct($dms) { /* {{{ */
$this->_dms = $dms;
} /* }}} */
/**
* Check if Aro has access on Aco
*
* @param object $aro access request object
* @param object $aco access control object
* @return integer/boolean -1 if access is explictly denied, 1 if access
* is explictly allow, 0 if no access restrictions exists, false if
* an error occured.
*/
public function check($aro, $aco) { /* {{{ */
$db = $this->_dms->getDB();
while($aco) {
$acoid = $aco->getID();
$queryStr = "SELECT * FROM `tblArosAcos` WHERE `aro`=".$aro->getID()." AND `aco`=".$acoid;
$resArr = $db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr === false)
return false;
if (count($resArr) == 1)
return((int) $resArr[0]['read']);
$aco = $aco->getParent();
}
return 0;
} /* }}} */
public function toggle($aro, $aco) { /* {{{ */
$db = $this->_dms->getDB();
$queryStr = "SELECT * FROM `tblArosAcos` WHERE `aro`=".$aro->getID()." AND `aco`=".$aco->getID();
$resArr = $db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr === false)
return false;
if (count($resArr) != 1)
return false;
$resArr = $resArr[0];
$newperm = $resArr['read'] == 1 ? -1 : 1;
$queryStr = "UPDATE `tblArosAcos` SET `read`=".$newperm." WHERE `aro`=".$aro->getID()." AND `aco`=".$aco->getID();
if (!$db->getResult($queryStr))
return false;
return true;
} /* }}} */
public function add($aro, $aco, $perm=-1) { /* {{{ */
$db = $this->_dms->getDB();
$queryStr = "SELECT * FROM `tblArosAcos` WHERE `aro`=".$aro->getID()." AND `aco`=".$aco->getID();
$resArr = $db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr === false)
return false;
if (count($resArr) == 1) {
$resArr = $resArr[0];
$newperm = $resArr['read'] == 1 ? -1 : 1;
$queryStr = "UPDATE `tblArosAcos` SET `read`=".$newperm." WHERE `aro`=".$aro->getID()." AND `aco`=".$aco->getID();
if (!$db->getResult($queryStr))
return false;
} else {
$queryStr = "INSERT INTO `tblArosAcos` (`aro`, `aco`, `read`) VALUES (".$aro->getID().", ".$aco->getID().", ".$perm.")";
if (!$db->getResult($queryStr))
return false;
}
return true;
} /* }}} */
public function remove($aro, $aco) { /* {{{ */
$db = $this->_dms->getDB();
$queryStr = "DELETE FROM `tblArosAcos` WHERE `aro`=".$aro->getID()." AND `aco`=".$aco->getID();
if (!$db->getResult($queryStr))
return false;
return true;
} /* }}} */
} /* }}} */
/**
* Class to represent an access request/controll object
*
* This class provides a model for access request/controll objects.
*
* @category DMS
* @package SeedDMS
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright 2016 Uwe Steinmann
* @version Release: @package_version@
*/
class SeedDMS_AroAco { /* {{{ */
/**
* @var object $dms reference to dms object.
* @access protected
*/
public $_dms;
/**
* @var integer id of access request object
*/
protected $_id;
/**
* @var integer id of parent of access request object
*/
protected $_parent;
/**
* @var string alias of access request object
*/
protected $_alias;
/**
* @var object object of access request object
*/
protected $_object;
/**
* Create a new instance of an aro
*
* @param object $dms object of dms
* @return object instance of SeedDMS_Aco
*/
function __construct($dms, $id, $parent, $object, $alias) { /* {{{ */
$this->_dms = $dms;
$this->_id = $id;
$this->_parent = $parent;
$this->_object = $object;
$this->_alias = $alias;
} /* }}} */
public function setDMS($dms) { /* {{{ */
$this->_dms = $dms;
} /* }}} */
public function getDMS() { /* {{{ */
return($this->_dms);
} /* }}} */
public function getID() { /* {{{ */
return $this->_id;
} /* }}} */
public function getAlias() { /* {{{ */
return $this->_alias;
} /* }}} */
public function getObject() { /* {{{ */
return $this->_object;
} /* }}} */
} /* }}} */
/**
* Class to represent an access request object
*
* This class provides a model for access request objects.
*
* @category DMS
* @package SeedDMS
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright 2016 Uwe Steinmann
* @version Release: @package_version@
*/
class SeedDMS_Aro extends SeedDMS_AroAco { /* {{{ */
/**
* Create a new instance of an aro
*
* @param object $dms object to access the underlying database
* @return object instance of SeedDMS_Aro
*/
public static function getInstance($id, $dms) { /* {{{ */
$db = $dms->getDB();
if(is_int($id)) {
$queryStr = "SELECT * FROM `tblAros` WHERE `id` = " . (int) $id;
$resArr = $db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr === false)
return null;
if (count($resArr) != 1)
return null;
$resArr = $resArr[0];
} elseif(is_object($id)) {
if($dms->getClassname('role') == get_class($id)) {
$model = 'Role';
$queryStr = "SELECT * FROM `tblAros` WHERE `model`=".$db->qstr($model)." AND `foreignid`=".$id->getID();
$resArr = $db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr === false)
return null;
if (count($resArr) == 0) {
$queryStr = "INSERT INTO `tblAros` (`parent`, `model`, `foreignid`) VALUES (0, ".$db->qstr($model).", ".$id->getID().")";
if (!$db->getResult($queryStr))
return null;
$id = $db->getInsertID();
$queryStr = "SELECT * FROM `tblAros` WHERE `id` = " . $id;
$resArr = $db->getResultArray($queryStr);
}
$resArr = $resArr[0];
} else {
return null;
}
}
if($resArr['model'] == 'Role') {
$classname = $dms->getClassname('role');
$object = $classname::getInstance($resArr['foreignid'], $dms);
} else {
$object = null;
}
$aro = new SeedDMS_Aro($dms, $resArr["id"], $resArr['parent'], $object, $resArr['alias']);
$aro->setDMS($dms);
return $aro;
} /* }}} */
} /* }}} */
/**
* Class to represent an access control object
*
* This class provides a model for access control objects.
*
* @category DMS
* @package SeedDMS
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright 2016 Uwe Steinmann
* @version Release: @package_version@
*/
class SeedDMS_Aco extends SeedDMS_AroAco{ /* {{{ */
/**
* Create a new instance of an aco
*
* @param object $dms object to access the underlying database
* @return object instance of SeedDMS_Aco
*/
public static function getInstance($id, $dms) { /* {{{ */
$db = $dms->getDB();
if(is_int($id)) {
$queryStr = "SELECT * FROM `tblAcos` WHERE `id` = " . (int) $id;
$resArr = $db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr === false)
return null;
if (count($resArr) == 0) {
return null;
}
$resArr = $resArr[0];
} elseif(is_string($id)) {
$tmp = explode('/', $id);
$parentid = 0;
foreach($tmp as $part) {
$queryStr = "SELECT * FROM `tblAcos` WHERE `alias` = " . $db->qstr($part);
// if($parentid)
$queryStr .= " AND parent=".$parentid;
$resArr = $db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr === false)
return null;
if (count($resArr) == 0) {
$queryStr = "INSERT INTO `tblAcos` (`parent`, `alias`, `model`) VALUES (".$parentid.",".$db->qstr($part).", '')";
if (!$db->getResult($queryStr))
return null;
$id = $db->getInsertID();
$queryStr = "SELECT * FROM `tblAcos` WHERE `id` = " . $id;
$resArr = $db->getResultArray($queryStr);
}
$parentid = (int) $resArr[0]['id'];
}
$resArr = $resArr[0];
}
if($resArr['model'] == 'Document') {
$classname = $dms->getClassname('document');
$object = $classname::getInstance($resArr['foreignid'], $dms);
} elseif($resArr['model'] == 'Folder') {
$classname = $dms->getClassname('focument');
$object = $classname::getInstance($resArr['foreignid'], $dms);
} else {
$object = null;
}
$aco = new SeedDMS_Aco($dms, $resArr["id"], $resArr['parent'], $object, $resArr['alias']);
$aco->setDMS($dms);
return $aco;
} /* }}} */
public function getChildren() { /* {{{ */
$dms = $this->getDMS();
$db = $dms->getDB();
$queryStr = "SELECT * FROM `tblAcos` WHERE `parent` = ".$this->_id." ORDER BY `alias`";
$resArr = $db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr === false)
return null;
if (count($resArr) == 0)
return null;
$acos = array();
foreach($resArr as $row) {
$aco = new SeedDMS_Aco($dms, $row["id"], $row['parent'], null, $row['alias']);
$aco->setDMS($dms);
$acos[] = $aco;
}
return $acos;
} /* }}} */
public function getPermission($aro) { /* {{{ */
if(!$aro)
return 0;
$dms = $this->getDMS();
$db = $dms->getDB();
$queryStr = "SELECT * FROM `tblArosAcos` WHERE `aro`=".$aro->getID()." AND `aco`=".$this->_id;
$resArr = $db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr === false)
return false;
if (count($resArr) != 1)
return 0;
return (int) $resArr[0]['read'];
} /* }}} */
public static function getRoot($dms) { /* {{{ */
$db = $dms->getDB();
$queryStr = "SELECT * FROM `tblAcos` WHERE `parent` = 0 ORDER BY `alias`";
$resArr = $db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr === false)
return null;
$acos = array();
foreach($resArr as $row) {
$aco = new SeedDMS_Aco($dms, $row["id"], $row['parent'], null, $row['alias']);
$aco->setDMS($dms);
$acos[] = $aco;
}
return $acos;
} /* }}} */
public function getParent() { /* {{{ */
$dms = $this->getDMS();
$db = $dms->getDB();
$queryStr = "SELECT * FROM `tblAcos` WHERE `id` = ".$this->_parent;
$resArr = $db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr === false)
return null;
if (count($resArr) != 1)
return null;
$row = $resArr[0];
$aco = new SeedDMS_Aco($dms, $row["id"], $row['parent'], null, $row['alias']);
$aco->setDMS($dms);
return $aco;
} /* }}} */
} /* }}} */

1
inc/inc.ClassController.php
View File

@ -52,7 +52,6 @@ class Controller {
require_once($filename);
$controller = new $classname($params);
/* Set some configuration parameters */
$controller->setParam('class', $class);
$controller->setParam('postVars', $_POST);
$controller->setParam('getVars', $_GET);
$controller->setParam('requestVars', $_REQUEST);

22
inc/inc.ClassControllerCommon.php
View File

@ -316,26 +316,4 @@ class SeedDMS_Controller_Common {
}
return false;
} /* }}} */
/**
* Check if the access on the contoller with given name or the current
* controller itself may be accessed.
*
* The function requires the parameter 'accessobject' to be available in the
* controller, because it calls SeedDMS_AccessOperation::check_controller_access()
* to check access rights. If the the optional $name is not set the
* current controller is used.
*
* @param string|array $name name of controller or list of controller names
* @return boolean true if access is allowed otherwise false
*/
protected function check_access($name='') { /* {{{ */
if(!$name)
$name = $this;
if(!isset($this->params['accessobject']))
return false;
$access = $this->params['accessobject']->check_controller_access($name);
return $access;
} /* }}} */
}

3
inc/inc.ClassEmailNotify.php
View File

@ -120,6 +120,7 @@ class SeedDMS_EmailNotify extends SeedDMS_Notify {
$from = $this->from_address;
}
$body = '';
if(!isset($params['__skip_header__']) || !$params['__skip_header__']) {
if(!isset($params['__header__']))
@ -277,12 +278,10 @@ class SeedDMS_EmailNotify extends SeedDMS_Notify {
* The dispatching is now done in SeedDMS_NotificationService::toList()
*/
function toList($sender, $recipients, $subject, $message, $params=array()) { /* {{{ */
/*
if ((!is_object($sender) && strcasecmp(get_class($sender), $this->_dms->getClassname('user'))) ||
(!is_array($recipients) && count($recipients)==0)) {
return false;
}
*/
$ret = true;
foreach ($recipients as $recipient) {

9
inc/inc.ClassExtensionMgr.php
View File

@ -148,10 +148,6 @@ class SeedDMS_Extension_Mgr {
}
} /* }}} */
public function getRepositoryUrl() { /* {{{ */
return $this->reposurl;
} /* }}} */
private function getStreamContext() { /* {{{ */
if(!$this->proxyurl)
return null;
@ -623,8 +619,8 @@ class SeedDMS_Extension_Mgr {
$result = array();
$vcache = array(); // keep highest version of extension
foreach($list as $e) {
if($e[0] != '#' && trim($e)) {
if($re = json_decode($e, true)) {
if($e[0] != '#') {
$re = json_decode($e, true);
if(!isset($result[$re['name']])) {
$result[$re['name']] = $re;
$vcache[$re['name']] = $re['version'];
@ -634,7 +630,6 @@ class SeedDMS_Extension_Mgr {
}
}
}
}
return $result;
} /* }}} */

192
inc/inc.ClassNotificationService.php
View File

@ -51,8 +51,6 @@ class SeedDMS_NotificationService {
const RECV_APPROVER = 4;
const RECV_WORKFLOW = 5;
const RECV_UPLOADER = 6;
const RECV_REVISOR = 7;
const RECV_RECIPIENT = 8;
public function __construct($logger = null, $settings = null) { /* {{{ */
$this->services = array();
@ -1177,80 +1175,6 @@ class SeedDMS_NotificationService {
$this->toIndividual($user, $content->getUser(), $subject, $message, $params, SeedDMS_NotificationService::RECV_UPLOADER);
} /* }}} */
public function sendSubmittedReceiptMail($content, $user, $receiptlog) { /* {{{ */
$document = $content->getDocument();
$nl=$document->getNotifyList();
$folder = $document->getFolder();
$subject = "receipt_submit_email_subject";
$message = "receipt_submit_email_body";
$params = array();
$params['name'] = $document->getName();
$params['document_id'] = $document->getId();
$params['version'] = $content->getVersion();
$params['folder_path'] = $folder->getFolderPathPlain();
$params['status'] = getReceiptStatusText($receiptlog["status"]);
$params['comment'] = $receiptlog['comment'];
$params['username'] = $user->getFullName();
$params['url'] = getBaseUrl().$this->settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID();
$params['sitename'] = $this->settings->_siteName;
$params['http_root'] = $this->settings->_httpRoot;
$this->toList($user, $nl["users"], $subject, $message, $params, SeedDMS_NotificationService::RECV_NOTIFICATION);
foreach ($nl["groups"] as $grp) {
$this->toGroup($user, $grp, $subject, $message, $params, SeedDMS_NotificationService::RECV_NOTIFICATION);
}
/* Send mail to owner only if the currently logged in user is not the
* owner and the owner is not already in the list of notifiers.
*/
/*
if($user->getID() != $document->getOwner()->getID() && false === SeedDMS_Core_DMS::inList($document->getOwner(), $nl['users']))
$this->toIndividual($user, $document->getOwner(), $subject, $message, $params, SeedDMS_NotificationService::RECV_OWNER);
*/
/* Send mail to uploader of version only if the uploader is not the owner and
* the currently logged in user is not the
* owner and the owner is not already in the list of notifiers.
*/
if($user->getID() != $content->getUser()->getID() /* && $content->getUser()->getID() != $document->getOwner()->getID() */ && false === SeedDMS_Core_DMS::inList($content->getUser(), $nl['users']))
$this->toIndividual($user, $content->getUser(), $subject, $message, $params, SeedDMS_NotificationService::RECV_UPLOADER);
} /* }}} */
public function sendSubmittedRevisionMail($content, $user, $revisionlog) { /* {{{ */
$document = $content->getDocument();
$nl=$document->getNotifyList();
$folder = $document->getFolder();
$subject = "revision_submit_email_subject";
$message = "revision_submit_email_body";
$params = array();
$params['name'] = $document->getName();
$params['document_id'] = $document->getId();
$params['version'] = $content->getVersion();
$params['folder_path'] = $folder->getFolderPathPlain();
$params['status'] = getRevisionStatusText($revisionlog["status"]);
$params['comment'] = $revisionlog['comment'];
$params['username'] = $user->getFullName();
$params['url'] = getBaseUrl().$this->settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID();
$params['sitename'] = $this->settings->_siteName;
$params['http_root'] = $this->settings->_httpRoot;
$this->toList($user, $nl["users"], $subject, $message, $params, SeedDMS_NotificationService::RECV_NOTIFICATION);
foreach ($nl["groups"] as $grp) {
$this->toGroup($user, $grp, $subject, $message, $params, SeedDMS_NotificationService::RECV_NOTIFICATION);
}
/* Send mail to owner only if the currently logged in user is not the
* owner and the owner is not already in the list of notifiers.
*/
/*
if($user->getID() != $document->getOwner()->getID() && false === SeedDMS_Core_DMS::inList($document->getOwner(), $nl['users']))
$this->toIndividual($user, $document->getOwner(), $subject, $message, $params, SeedDMS_NotificationService::RECV_OWNER);
*/
/* Send mail to uploader of version only if the uploader is not the owner and
* the currently logged in user is not the
* owner and the owner is not already in the list of notifiers.
*/
if($user->getID() != $content->getUser()->getID() /* && $content->getUser()->getID() != $document->getOwner()->getID() */ && false === SeedDMS_Core_DMS::inList($content->getUser(), $nl['users']))
$this->toIndividual($user, $content->getUser(), $subject, $message, $params, SeedDMS_NotificationService::RECV_UPLOADER);
} /* }}} */
public function sendDeleteApprovalMail($content, $user, $approver) { /* {{{ */
$document = $content->getDocument();
$folder = $document->getFolder();
@ -1284,11 +1208,7 @@ class SeedDMS_NotificationService {
$params['folder_path'] = $folder->getFolderPathPlain();
$params['version'] = $content->getVersion();
$params['comment'] = $content->getComment();
if($reviewer->isType('user'))
$params['reviewer'] = $reviewer->getFullName();
elseif($reviewer->isType('group'))
$params['reviewer'] = $reviewer->getName();
$params['username'] = $user->getName();
$params['username'] = $user->getFullName();
$params['sitename'] = $this->settings->_siteName;
$params['http_root'] = $this->settings->_httpRoot;
$params['url'] = getBaseUrl().$this->settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID();
@ -1299,58 +1219,6 @@ class SeedDMS_NotificationService {
$this->toGroup($user, $reviewer, $subject, $message, $params, SeedDMS_NotificationService::RECV_REVIEWER);
} /* }}} */
public function sendDeleteRevisionMail($content, $user, $revisor) { /* {{{ */
$document = $content->getDocument();
$folder = $document->getFolder();
$subject = "revision_deletion_email_subject";
$message = "revision_deletion_email_body";
$params = array();
$params['name'] = $document->getName();
$params['document_id'] = $document->getId();
$params['folder_path'] = $folder->getFolderPathPlain();
$params['version'] = $content->getVersion();
$params['comment'] = $content->getComment();
if($revisor->isType('user'))
$params['revisor'] = $revisor->getFullName();
elseif($revisor->isType('group'))
$params['revisor'] = $revisor->getName();
$params['username'] = $user->getFullName();
$params['sitename'] = $this->settings->_siteName;
$params['http_root'] = $this->settings->_httpRoot;
$params['url'] = getBaseUrl().$this->settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID();
if($revisor->isType('user'))
$this->toIndividual($user, $revisor, $subject, $message, $params, SeedDMS_NotificationService::RECV_REVISOR);
elseif($revisor->isType('group'))
$this->toGroup($user, $revisor, $subject, $message, $params, SeedDMS_NotificationService::RECV_REVISOR);
} /* }}} */
public function sendDeleteReceiptMail($content, $user, $recipient) { /* {{{ */
$document = $content->getDocument();
$folder = $document->getFolder();
$subject = "receipt_deletion_email_subject";
$message = "receipt_deletion_email_body";
$params = array();
$params['name'] = $document->getName();
$params['document_id'] = $document->getId();
$params['folder_path'] = $folder->getFolderPathPlain();
$params['version'] = $content->getVersion();
$params['comment'] = $content->getComment();
if($recipient->isType('user'))
$params['recipient'] = $recipient->getFullName();
elseif($recipient->isType('group'))
$params['recipient'] = $recipient->getName();
$params['username'] = $user->getFullName();
$params['sitename'] = $this->settings->_siteName;
$params['http_root'] = $this->settings->_httpRoot;
$params['url'] = getBaseUrl().$this->settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID();
if($recipient->isType('user'))
$this->toIndividual($user, $recipient, $subject, $message, $params, SeedDMS_NotificationService::RECV_RECIPIENT);
elseif($recipient->isType('group'))
$this->toGroup($user, $recipient, $subject, $message, $params, SeedDMS_NotificationService::RECV_RECIPIENT);
} /* }}} */
/**
* This notification is send if a new approver is added.
*
@ -1402,10 +1270,6 @@ class SeedDMS_NotificationService {
$params['folder_path'] = $folder->getFolderPathPlain();
$params['version'] = $content->getVersion();
$params['comment'] = $content->getComment();
if($reviewer->isType('user'))
$params['reviewer'] = $reviewer->getFullName();
elseif($reviewer->isType('group'))
$params['reviewer'] = $reviewer->getName();
$params['username'] = $user->getFullName();
$params['url'] = getBaseUrl().$this->settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID();
$params['sitename'] = $this->settings->_siteName;
@ -1417,60 +1281,6 @@ class SeedDMS_NotificationService {
$this->toGroup($user, $reviewer, $subject, $message, $params, SeedDMS_NotificationService::RECV_REVIEWER);
} /* }}} */
public function sendAddRevisionMail($content, $user, $revisor) { /* {{{ */
$document = $content->getDocument();
$folder = $document->getFolder();
$subject = "revision_request_email_subject";
$message = "revision_request_email_body";
$params = array();
$params['name'] = $document->getName();
$params['document_id'] = $document->getId();
$params['folder_path'] = $folder->getFolderPathPlain();
$params['version'] = $content->getVersion();
$params['comment'] = $content->getComment();
if($revisor->isType('user'))
$params['revisor'] = $revisor->getFullName();
elseif($revisor->isType('group'))
$params['revisor'] = $user->getName();
$params['username'] = $user->getFullName();
$params['url'] = getBaseUrl().$this->settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID();
$params['sitename'] = $this->settings->_siteName;
$params['http_root'] = $this->settings->_httpRoot;
if($revisor->isType('user'))
$this->toIndividual($user, $revisor, $subject, $message, $params, SeedDMS_NotificationService::RECV_REVISOR);
elseif($revisor->isType('group'))
$this->toGroup($user, $revisor, $subject, $message, $params, SeedDMS_NotificationService::RECV_REVISOR);
} /* }}} */
public function sendAddReceiptMail($content, $user, $recipient) { /* {{{ */
$document = $content->getDocument();
$folder = $document->getFolder();
$subject = "receipt_request_email_subject";
$message = "receipt_request_email_body";
$params = array();
$params['name'] = $document->getName();
$params['document_id'] = $document->getId();
$params['folder_path'] = $folder->getFolderPathPlain();
$params['version'] = $content->getVersion();
$params['comment'] = $content->getComment();
if($recipient->isType('user'))
$params['recipient'] = $recipient->getFullName();
elseif($recipient->isType('group'))
$params['recipient'] = $user->getName();
$params['username'] = $user->getFullName();
$params['url'] = getBaseUrl().$this->settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID();
$params['sitename'] = $this->settings->_siteName;
$params['http_root'] = $this->settings->_httpRoot;
if($recipient->isType('user'))
$this->toIndividual($user, $recipient, $subject, $message, $params, SeedDMS_NotificationService::RECV_RECIPIENT);
elseif($recipient->isType('group'))
$this->toGroup($user, $recipient, $subject, $message, $params, SeedDMS_NotificationService::RECV_RECIPIENT);
} /* }}} */
public function sendChangedDocumentOwnerMail($document, $user, $oldowner) { /* {{{ */
if($oldowner->getID() != $document->getOwner()->getID()) {
$notifyList = $document->getNotifyList();

74
inc/inc.ClassScheduler.php
View File

@ -1,74 +0,0 @@
<?php
/**
* Implementation of an SchedulerTask.
*
* SeedDMS can be extended by extensions. Extension usually implement
* hook.
*
* @category DMS
* @package SeedDMS
* @license GPL 2
* @version @version@
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright 2018 Uwe Steinmann
* @version Release: @package_version@
*/
/**
* Class to represent a SchedulerTask
*
* This class provides some very basic methods to manage extensions.
*
* @category DMS
* @package SeedDMS
* @author Markus Westphal, Malcolm Cowe, Uwe Steinmann <uwe@steinmann.cx>
* @copyright 2011 Uwe Steinmann
* @version Release: @package_version@
*/
class SeedDMS_Scheduler {
/**
* Instanz of database
*/
protected $db;
public function getTask($id) { /* {{{ */
return SeedDMS_SchedulerTask::getInstance($id, $this->db);
} /* }}} */
public function getTasksByExtension($extname, $taskname) { /* {{{ */
return SeedDMS_SchedulerTask::getInstancesByExtension($extname, $taskname, $this->db);
} /* }}} */
public function getTasks() { /* {{{ */
return SeedDMS_SchedulerTask::getInstances($this->db);
} /* }}} */
public function addTask($extname, $taskname, $name, $description, $frequency, $disabled, $params) { /* {{{ */
$db = $this->db;
if(!$extname)
return false;
if(!$taskname)
return false;
try {
$cron = Cron\CronExpression::factory($frequency);
} catch (Exception $e) {
return false;
}
$nextrun = $cron->getNextRunDate()->format('Y-m-d H:i:s');
$queryStr = "INSERT INTO `tblSchedulerTask` (`extension`, `task`, `name`, `description`, `frequency`, `disabled`, `params`, `nextrun`, `lastrun`) VALUES (".$db->qstr($extname).", ".$db->qstr($taskname).", ".$db->qstr($name).", ".$db->qstr($description).", ".$db->qstr($frequency).", ".intval($disabled).", ".$db->qstr(json_encode($params)).", '".$nextrun."', NULL)";
$res = $db->getResult($queryStr);
if (!$res)
return false;
$task = SeedDMS_SchedulerTask::getInstance($db->getInsertID('tblSchedulerTask'), $db);
return $task;
} /* }}} */
function __construct($db) {
$this->db = $db;
}
}

347
inc/inc.ClassSchedulerTask.php
View File

@ -1,347 +0,0 @@
<?php
/**
* Implementation of an SchedulerTask.
*
* SeedDMS can be extended by extensions. Extension usually implement
* hook.
*
* @category DMS
* @package SeedDMS
* @license GPL 2
* @version @version@
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright 2018 Uwe Steinmann
* @version Release: @package_version@
*/
/**
* Class to represent a SchedulerTask
*
* This class provides some very basic methods to manage extensions.
*
* @category DMS
* @package SeedDMS
* @author Markus Westphal, Malcolm Cowe, Uwe Steinmann <uwe@steinmann.cx>
* @copyright 2011 Uwe Steinmann
* @version Release: @package_version@
*/
class SeedDMS_SchedulerTask {
/**
* Instanz of database
*/
protected $db;
/**
* @var integer unique id of task
*/
protected $_id;
/**
* @var string name of task
*/
protected $_name;
/**
* @var string description of task
*/
protected $_description;
/**
* @var string extension of task
*/
protected $_extension;
/**
* @var string task of task
*/
protected $_task;
/**
* @var string frequency of task
*/
protected $_frequency;
/**
* @var integer set if disabled
*/
protected $_disabled;
/**
* @var array list of parameters
*/
protected $_params;
/**
* @var integer last run
*/
protected $_lastrun;
/**
* @var integer next run
*/
protected $_nextrun;
public static function getInstance($id, $db) { /* {{{ */
$queryStr = "SELECT * FROM `tblSchedulerTask` WHERE `id` = " . (int) $id;
$resArr = $db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr == false)
return false;
if (count($resArr) != 1)
return null;
$row = $resArr[0];
$task = new self($row["id"], $row['name'], $row["description"], $row["extension"], $row["task"], $row["frequency"], $row['disabled'], json_decode($row['params'], true), $row["nextrun"], $row["lastrun"]);
$task->setDB($db);
return $task;
} /* }}} */
public static function getInstances($db) { /* {{{ */
$queryStr = "SELECT * FROM `tblSchedulerTask`";
$resArr = $db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr == false)
return false;
if (count($resArr) == 0)
return array();
$tasks = array();
foreach($resArr as $row) {
$task = new self($row["id"], $row['name'], $row["description"], $row["extension"], $row["task"], $row["frequency"], $row['disabled'], json_decode($row['params'], true), $row["nextrun"], $row["lastrun"]);
$task->setDB($db);
$tasks[] = $task;
}
return $tasks;
} /* }}} */
public static function getInstancesByExtension($extname, $taskname, $db) { /* {{{ */
$queryStr = "SELECT * FROM `tblSchedulerTask` WHERE `extension` = '".$extname."' AND `task` = '".$taskname."'";
$resArr = $db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr == false)
return false;
if (count($resArr) == 0)
return array();
$tasks = array();
foreach($resArr as $row) {
$task = new self($row["id"], $row['name'], $row["description"], $row["extension"], $row["task"], $row["frequency"], $row['disabled'], json_decode($row['params'], true), $row["nextrun"], $row["lastrun"]);
$task->setDB($db);
$tasks[] = $task;
}
return $tasks;
} /* }}} */
function __construct($id, $name, $description, $extension, $task, $frequency, $disabled, $params, $nextrun, $lastrun) {
$this->_id = $id;
$this->_name = $name;
$this->_description = $description;
$this->_extension = $extension;
$this->_task = $task;
$this->_frequency = $frequency;
$this->_disabled = $disabled;
$this->_params = $params;
$this->_nextrun = $nextrun;
$this->_lastrun = $lastrun;
}
public function setDB($db) {
$this->db = $db;
}
public function getID() {
return $this->_id;
}
public function getName() {
return $this->_name;
}
public function setName($newName) { /* {{{ */
$db = $this->db;
$queryStr = "UPDATE `tblSchedulerTask` SET `name` =".$db->qstr($newName)." WHERE `id` = " . $this->_id;
$res = $db->getResult($queryStr);
if (!$res)
return false;
$this->_name = $newName;
return true;
} /* }}} */
public function getDescription() {
return $this->_description;
}
public function setDescription($newDescripion) { /* {{{ */
$db = $this->db;
$queryStr = "UPDATE `tblSchedulerTask` SET `description` =".$db->qstr($newDescripion)." WHERE `id` = " . $this->_id;
$res = $db->getResult($queryStr);
if (!$res)
return false;
$this->_description = $newDescripion;
return true;
} /* }}} */
public function getExtension() {
return $this->_extension;
}
public function getTask() {
return $this->_task;
}
public function getFrequency() {
return $this->_frequency;
}
public function setFrequency($newFrequency) { /* {{{ */
$db = $this->db;
try {
$cron = Cron\CronExpression::factory($newFrequency);
} catch (Exception $e) {
return false;
}
$nextrun = $cron->getNextRunDate()->format('Y-m-d H:i:s');
$queryStr = "UPDATE `tblSchedulerTask` SET `frequency` =".$db->qstr($newFrequency).", `nextrun` = '".$nextrun."' WHERE `id` = " . $this->_id;
$res = $db->getResult($queryStr);
if (!$res)
return false;
$this->_frequency = $newFrequency;
$this->_nextrun = $nextrun;
return true;
} /* }}} */
public function getNextRun() {
return $this->_nextrun;
}
public function getLastRun() {
return $this->_lastrun;
}
public function getDisabled() {
return $this->_disabled;
}
public function setDisabled($newDisabled) { /* {{{ */
$db = $this->db;
$queryStr = "UPDATE `tblSchedulerTask` SET `disabled` =".intval($newDisabled)." WHERE `id` = " . $this->_id;
$res = $db->getResult($queryStr);
if (!$res)
return false;
$this->_disabled = $newDisabled;
return true;
} /* }}} */
public function setParameter($newParams) { /* {{{ */
$db = $this->db;
$queryStr = "UPDATE `tblSchedulerTask` SET `params` =".$db->qstr(json_encode($newParams))." WHERE `id` = " . $this->_id;
$res = $db->getResult($queryStr);
if (!$res)
return false;
$this->_params = $newParams;
return true;
} /* }}} */
public function getParameter($name = '') {
if($name)
return isset($this->_params[$name]) ? $this->_params[$name] : null;
return $this->_params;
}
/**
* Check if task is due
*
* This methods compares the current time with the time in the database
* field `nextrun`.
* If nextrun is smaller than the current time, the the task is due.
* The methode does not rely on the value in the class variable `_nextrun`,
* because that value could be 'very old', retrieved at a time
* when the task list was fetched for checking due tasks e.g. by the
* scheduler client. There is good reason to always take the current
* value of nextrun from the database.
*
* Assuming there are two tasks. Task 1 takes 13 mins and task 2 takes only
* 30 sec. Task 1 is run every hour and task 2 starts at 8:06. The cronjob
* runs every 5 min. At e.g. 8:00 the list of tasks is read from the database
* task 1 is due and starts running and before it runs it sets the database
* field nextrun to 9:00. Task 2 isn't due at that time.
* At 8:05 the cron job runs again, task 1 has already a new nextrun value
* and will not run again. Task 2 isn't due yet and task 1 started at 8:00 is
* still running.
* At 8:10 task 1 is still running an not due again, but task 2 is due and
* will be run. The database field `nextrun` of task 2 will be set to 8:06
* on the next day.
* At 8:13 task 1 which started at 8:00 is finished and the list of tasks
* from that time will be processed further. Task 2 still has the old value
* in the class variable `_nextrun` (8:06 the current day),
* though the database field `nextrun` has been updated in
* between. Taking the value of the class variable would rerun task 2 again,
* though it ran at 8:10 already.
* That's why this method always takes the current value of nextrun
* from the database.
*
* @return boolean true if task is due, otherwise false
*/
public function isDue() {
$db = $this->db;
$queryStr = "SELECT * FROM `tblSchedulerTask` WHERE `id` = " . $this->_id;
$resArr = $db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr == false)
return false;
if (count($resArr) != 1)
return false;
$row = $resArr[0];
$this->_nextrun = $row['nextrun'];
return $this->_nextrun < date('Y-m-d H:i:s');
}
public function updateLastNextRun() {
$db = $this->db;
$lastrun = date('Y-m-d H:i:s');
try {
$cron = Cron\CronExpression::factory($this->_frequency);
$nextrun = $cron->getNextRunDate()->format('Y-m-d H:i:s');
} catch (Exception $e) {
$nextrun = null;
}
$queryStr = "UPDATE `tblSchedulerTask` SET `lastrun`=".$db->qstr($lastrun).", `nextrun`=".($nextrun ? $db->qstr($nextrun) : "NULL")." WHERE `id` = " . $this->_id;
$res = $db->getResult($queryStr);
if (!$res)
return false;
$this->_lastrun = $lastrun;
$this->_nextrun = $nextrun;
}
/**
* Delete task
*
* @return boolean true on success or false in case of an error
*/
function remove() { /* {{{ */
$db = $this->db;
$queryStr = "DELETE FROM `tblSchedulerTask` WHERE `id` = " . $this->_id;
if (!$db->getResult($queryStr)) {
return false;
}
return true;
} /* }}} */
}

139
inc/inc.ClassSchedulerTaskBase.php
View File

@ -1,139 +0,0 @@
<?php
/***************************************************************
* Copyright notice
*
* (c) 2018 Uwe Steinmann <uwe@steinmann.cx>
* All rights reserved
*
* This script is part of the SeedDMS project. The SeedDMS project is
* free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* The GNU General Public License can be found at
* http://www.gnu.org/copyleft/gpl.html.
*
* This script is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* This copyright notice MUST APPEAR in all copies of the script!
***************************************************************/
/**
* Base class for scheduler task
*
* @author Uwe Steinmann <uwe@steinmann.cx>
* @package SeedDMS
*/
class SeedDMS_SchedulerTaskBase {
var $dms;
var $user;
var $settings;
var $logger;
var $fulltextservice;
var $notifier;
var $conversionmgr;
/**
* Call a hook with a given name
*
* Checks if a hook with the given name and for the current task
* exists and executes it. The name of the current task is taken
* from the current class name by lower casing the first char.
* This function will execute all registered hooks in the order
* they were registered.
*
* Attention: as func_get_arg() cannot handle references passed to the hook,
* callHook() should not be called if that is required. In that case get
* a list of hook objects with getHookObjects() and call the hooks yourself.
*
* @params string $hook name of hook
* @return string concatenated string, merged arrays or whatever the hook
* function returns
*/
public function callHook($hook) { /* {{{ */
$tmps = array();
$tmp = explode('_', get_class($this));
$tmps[] = $tmp[1];
$tmp = explode('_', get_parent_class($this));
$tmps[] = $tmp[1];
/* Run array_unique() in case the parent class has the same suffix */
$tmps = array_unique($tmps);
$ret = null;
foreach($tmps as $tmp)
if(isset($GLOBALS['SEEDDMS_HOOKS']['task'][lcfirst($tmp)])) {
foreach($GLOBALS['SEEDDMS_HOOKS']['task'][lcfirst($tmp)] as $hookObj) {
if (method_exists($hookObj, $hook)) {
switch(func_num_args()) {
case 1:
$tmpret = $hookObj->$hook($this);
break;
case 2:
$tmpret = $hookObj->$hook($this, func_get_arg(1));
break;
case 3:
$tmpret = $hookObj->$hook($this, func_get_arg(1), func_get_arg(2));
break;
case 4:
$tmpret = $hookObj->$hook($this, func_get_arg(1), func_get_arg(2), func_get_arg(3));
break;
default:
case 5:
$tmpret = $hookObj->$hook($this, func_get_arg(1), func_get_arg(2), func_get_arg(3), func_get_arg(4));
break;
}
if($tmpret !== null) {
if(is_string($tmpret)) {
$ret = ($ret === null) ? $tmpret : (is_string($ret) ? $ret.$tmpret : array_merge($ret, array($tmpret)));
} elseif(is_array($tmpret) || is_object($tmpret)) {
$ret = ($ret === null) ? $tmpret : (is_string($ret) ? array_merge(array($ret), $tmpret) : array_merge($ret, $tmpret));
} else
$ret = $tmpret;
}
}
}
}
return $ret;
} /* }}} */
public function __construct($dms=null, $user=null, $settings=null, $logger=null, $fulltextservice=null, $notifier=null, $conversionmgr=null) { /* {{{ */
$this->dms = $dms;
$this->user = $user;
$this->settings = $settings;
$this->logger = $logger;
$this->fulltextservice = $fulltextservice;
$this->notifier = $notifier;
$this->conversionmgr = $conversionmgr;
} /* }}} */
public function execute(SeedDMS_SchedulerTask $task) { /* {{{ */
return true;
} /* }}} */
public function getDescription() { /* {{{ */
return '';
} /* }}} */
public function getAdditionalParams() { /* {{{ */
return array();
} /* }}} */
public function getAdditionalParamByName($name) { /* {{{ */
foreach($this->getAdditionalParams() as $param) {
if($param['name'] == $name)
return $param;
}
return null;
} /* }}} */
}
?>

100
inc/inc.ClassSettings.php
View File

@ -45,8 +45,6 @@ class Settings { /* {{{ */
var $_enableGuestLogin = false;
// If you even want guest to be logged in automatically, set the following to true
var $_enableGuestAutoLogin = false;
// Set to true for 2-factor Authentication
var $_enable2FactorAuthentication = false;
// If you want to allow login by email, set the following to true
var $_enableLoginByEmail = false;
// Allow users to reset their password
@ -118,12 +116,6 @@ class Settings { /* {{{ */
var $_dropFolderDir = null;
// Where the backup directory is located
var $_backupDir = null;
// Where the library folder is located
var $_libraryFolder = 1;
// Where the checked out files are located
var $_checkOutDir = null;
// Create checkout dir if it doesn't exists
var $_createCheckOutDir = false;
// Where the repository for extensions is located
var $_repositoryUrl = null;
// URL of proxy
@ -194,18 +186,6 @@ class Settings { /* {{{ */
var $_enableUpdateRevApp = false;
// enable/disable removal of a review/approval by the administrator
var $_enableRemoveRevApp = false;
// enable/disable listing logged in user as recipient
var $_enableSelfReceipt = false;
// enable/disable hidden user as recipient
var $_enableHiddenReceipt = true;
// enable/disable update of a receipt by the recipient
var $_enableUpdateReceipt = false;
// enable/disable listing administrator as recipient
var $_enableAdminReceipt = false;
// enable/disable listing owner as recipient
var $_enableOwnerReceipt = false;
// enable/disable filter for receipt by the recipient
var $_enableFilterReceipt = false;
// group manager is mandatory reviewer
var $_addManagerAsReviewer = false;
// group manager is mandatory approver
@ -228,12 +208,8 @@ class Settings { /* {{{ */
var $_enableDuplicateDocNames = true;
// enable/disable duplicate names of a subfolder in a folder
var $_enableDuplicateSubFolderNames = true;
// allow/disallow to cancel a checkout
var $_enableCancelCheckout = true;
// override mimetype set by browser when uploading a file
var $_overrideMimeType = false;
// advanced access control lists
var $_advancedAcl = false;
// enable/disable notification when added as a reviewer/approver
var $_enableNotificationAppRev = true;
// enable/disable notification of users/group who need to take action for
@ -243,26 +219,12 @@ class Settings { /* {{{ */
var $_enableNotificationWorkflow = false;
// preset expiration date
var $_presetExpirationDate = "";
// initial document status
var $_initialDocumentStatus = 2; //S_RELEASED;
// the name of the versioning info file created by the backup tool
var $_versioningFileName = "versioning_info.txt";
// the mode of workflow
var $_workflowMode = "traditional";
// enable/disable acknowledge workflow
var $_enableReceiptWorkflow = true;
// enable/disable reject of reception
var $_enableReceiptReject = false;
// enable/disable comment of reception
var $_disableReceiptComment = false;
// enable/disable revision workflow
var $_enableRevisionWorkflow = true;
// enable/disable revision on vote reject
var $_enableRevisionOneVoteReject = true;
// Allow to set just a reviewer in tradional workflow
var $_allowReviewerOnly = true;
// Allow to change reviewer/approver after review/approval has started
var $_allowChangeRevAppInProcess = false;
// enable/disable log system
var $_logFileEnable = true;
// enable/disable log system
@ -297,12 +259,8 @@ class Settings { /* {{{ */
var $_enableClipboard = true;
// show always clipboard in main menu, even if empty
var $_alwaysShowClipboard = false;
// enable/disable list of transmittals in main menu
var $_enableMenuTransmittals = false;
// enable/disable list of tasks in main menu
var $_enableMenuTasks = true;
// select which tasks show up in main menu
var $_tasksInMenu = array();
// show always tasks in main menu, even if none are due
var $_alwaysShowMenuTasks = true;
// enable/disable list of files in drop folder
@ -475,18 +433,6 @@ class Settings { /* {{{ */
return $out;
} /* }}} */
/**
* Check if a variable is a string and returns an array
*
* @param array $var value
* @return true/false
*/
function arrayVal($var) { /* {{{ */
if((string) $var)
return explode(';', $var);
return array();
} /* }}} */
/**
* Return ';' seperated string from array
*
@ -611,10 +557,8 @@ class Settings { /* {{{ */
$this->_enableSessionList = Settings::boolVal($tab["enableSessionList"]);
$this->_enableClipboard = Settings::boolVal($tab["enableClipboard"]);
$this->_alwaysShowClipboard = Settings::boolVal($tab["alwaysShowClipboard"]);
$this->_enableMenuTransmittals = Settings::boolVal($tab["enableMenuTransmittals"]);
$this->_enableMenuTasks = Settings::boolVal($tab["enableMenuTasks"]);
$this->_alwaysShowMenuTasks = Settings::boolVal($tab["alwaysShowMenuTasks"]);
$this->_tasksInMenu = Settings::arrayVal($tab["tasksInMenu"]);
$this->_enableDropFolderList = Settings::boolVal($tab["enableDropFolderList"]);
$this->_enableDropUpload = Settings::boolVal($tab["enableDropUpload"]);
$this->_enableMultiUpload = Settings::boolVal($tab["enableMultiUpload"]);
@ -638,7 +582,6 @@ class Settings { /* {{{ */
$this->_sortUsersInList = strval($tab["sortUsersInList"]);
$this->_sortFoldersDefault = strval($tab["sortFoldersDefault"]);
$this->_expandFolderTree = intval($tab["expandFolderTree"]);
$this->_libraryFolder = intval($tab["libraryFolder"]);
$this->_defaultDocPosition = strval($tab["defaultDocPosition"]);
$this->_defaultFolderPosition = strval($tab["defaultFolderPosition"]);
@ -682,8 +625,6 @@ class Settings { /* {{{ */
$this->_luceneDir = strval($tab["luceneDir"]);
$this->_dropFolderDir = strval($tab["dropFolderDir"]);
$this->_backupDir = strval($tab["backupDir"]);
$this->_checkOutDir = strval($tab["checkOutDir"]);
$this->_createCheckOutDir = Settings::boolVal($tab["createCheckOutDir"]);
$this->_repositoryUrl = strval($tab["repositoryUrl"]);
$this->_proxyUrl = strval($tab["proxyUrl"]);
$this->_proxyUser = strval($tab["proxyUser"]);
@ -695,13 +636,14 @@ class Settings { /* {{{ */
$this->_partitionSize = strval($tab["partitionSize"]);
$this->_maxUploadSize = strval($tab["maxUploadSize"]);
$this->_enableXsendfile = Settings::boolVal($tab["enableXsendfile"]);
}
// XML Path: /configuration/system/authentication
$node = $xml->xpath('/configuration/system/authentication');
if($node) {
$tab = $node[0]->attributes();
$this->_enableGuestLogin = Settings::boolVal($tab["enableGuestLogin"]);
$this->_enableGuestAutoLogin = Settings::boolVal($tab["enableGuestAutoLogin"]);
$this->_enable2FactorAuthentication = Settings::boolVal($tab["enable2FactorAuthentication"]);
$this->_enableLoginByEmail = Settings::boolVal($tab["enableLoginByEmail"]);
$this->_enablePasswordForgotten = Settings::boolVal($tab["enablePasswordForgotten"]);
$this->_passwordStrength = intval($tab["passwordStrength"]);
@ -839,11 +781,6 @@ class Settings { /* {{{ */
$this->_enableHiddenRevApp = Settings::boolval($tab["enableHiddenRevApp"]);
$this->_enableUpdateRevApp = Settings::boolval($tab["enableUpdateRevApp"]);
$this->_enableRemoveRevApp = Settings::boolval($tab["enableRemoveRevApp"]);
$this->_enableSelfReceipt = Settings::boolval($tab["enableSelfReceipt"]);
$this->_enableAdminReceipt = Settings::boolval($tab["enableAdminReceipt"]);
$this->_enableOwnerReceipt = Settings::boolval($tab["enableOwnerReceipt"]);
$this->_enableUpdateReceipt = Settings::boolval($tab["enableUpdateReceipt"]);
$this->_enableFilterReceipt = Settings::boolval($tab["enableFilterReceipt"]);
$this->_addManagerAsReviewer = Settings::boolval($tab["addManagerAsReviewer"]);
$this->_addManagerAsApprover = Settings::boolval($tab["addManagerAsApprover"]);
if(trim(strval($tab["globalReviewer"])))
@ -855,23 +792,14 @@ class Settings { /* {{{ */
if(trim(strval($tab["globalGroupApprover"])))
$this->_globalGroupApprover = explode(',',strval($tab["globalGroupApprover"]));
$this->_presetExpirationDate = strval($tab["presetExpirationDate"]);
$this->_initialDocumentStatus = intval($tab["initialDocumentStatus"]);
$this->_versioningFileName = strval($tab["versioningFileName"]);
$this->_workflowMode = strval($tab["workflowMode"]);
$this->_enableReceiptWorkflow = Settings::boolval($tab["enableReceiptWorkflow"]);
$this->_enableReceiptReject = Settings::boolval($tab["enableReceiptReject"]);
$this->_disableReceiptComment = Settings::boolval($tab["disableReceiptComment"]);
$this->_enableRevisionWorkflow = Settings::boolval($tab["enableRevisionWorkflow"]);
$this->_enableRevisionOneVoteReject = Settings::boolval($tab["enableRevisionOneVoteReject"]);
$this->_allowReviewerOnly = Settings::boolval($tab["allowReviewerOnly"]);
$this->_allowChangeRevAppInProcess = Settings::boolval($tab["allowChangeRevAppInProcess"]);
$this->_enableVersionDeletion = Settings::boolval($tab["enableVersionDeletion"]);
$this->_enableVersionModification = Settings::boolval($tab["enableVersionModification"]);
$this->_enableDuplicateDocNames = Settings::boolval($tab["enableDuplicateDocNames"]);
$this->_enableDuplicateSubFolderNames = Settings::boolval($tab["enableDuplicateSubFolderNames"]);
$this->_enableCancelCheckout = Settings::boolval($tab["enableCancelCheckout"]);
$this->_overrideMimeType = Settings::boolval($tab["overrideMimeType"]);
$this->_advancedAcl = Settings::boolval($tab["advancedAcl"]);
$this->_removeFromDropFolder = Settings::boolval($tab["removeFromDropFolder"]);
$this->_uploadedAttachmentIsPublic = Settings::boolval($tab["uploadedAttachmentIsPublic"]);
}
@ -956,8 +884,6 @@ class Settings { /* {{{ */
$attributValue = "true";
else
$attributValue = "false";
} elseif(is_array($attributValue)) {
$attributValue = implode(';', $attributValue);
}
if (isset($node[$attributName])) {
@ -1041,10 +967,8 @@ class Settings { /* {{{ */
$this->setXMLAttributValue($node, "enableSessionList", $this->_enableSessionList);
$this->setXMLAttributValue($node, "enableClipboard", $this->_enableClipboard);
$this->setXMLAttributValue($node, "alwaysShowClipboard", $this->_alwaysShowClipboard);
$this->setXMLAttributValue($node, "enableMenuTransmittals", $this->_enableMenuTransmittals);
$this->setXMLAttributValue($node, "enableMenuTasks", $this->_enableMenuTasks);
$this->setXMLAttributValue($node, "alwaysShowMenuTasks", $this->_alwaysShowMenuTasks);
$this->setXMLAttributValue($node, "tasksInMenu", $this->_tasksInMenu);
$this->setXMLAttributValue($node, "enableDropFolderList", $this->_enableDropFolderList);
$this->setXMLAttributValue($node, "enableDropUpload", $this->_enableDropUpload);
$this->setXMLAttributValue($node, "enableMultiUpload", $this->_enableMultiUpload);
@ -1066,7 +990,6 @@ class Settings { /* {{{ */
$this->setXMLAttributValue($node, "stopWordsFile", $this->_stopWordsFile);
$this->setXMLAttributValue($node, "sortUsersInList", $this->_sortUsersInList);
$this->setXMLAttributValue($node, "sortFoldersDefault", $this->_sortFoldersDefault);
$this->setXMLAttributValue($node, "libraryFolder", $this->_libraryFolder);
$this->setXMLAttributValue($node, "defaultDocPosition", $this->_defaultDocPosition);
$this->setXMLAttributValue($node, "defaultFolderPosition", $this->_defaultFolderPosition);
@ -1098,8 +1021,6 @@ class Settings { /* {{{ */
$this->setXMLAttributValue($node, "luceneDir", $this->_luceneDir);
$this->setXMLAttributValue($node, "dropFolderDir", $this->_dropFolderDir);
$this->setXMLAttributValue($node, "backupDir", $this->_backupDir);
$this->setXMLAttributValue($node, "checkOutDir", $this->_checkOutDir);
$this->setXMLAttributValue($node, "createCheckOutDir", $this->_createCheckOutDir);
$this->setXMLAttributValue($node, "repositoryUrl", $this->_repositoryUrl);
$this->setXMLAttributValue($node, "proxyUrl", $this->_proxyUrl);
$this->setXMLAttributValue($node, "proxyUser", $this->_proxyUser);
@ -1116,7 +1037,6 @@ class Settings { /* {{{ */
$node = $this->getXMLNode($xml, '/configuration/system', 'authentication');
$this->setXMLAttributValue($node, "enableGuestLogin", $this->_enableGuestLogin);
$this->setXMLAttributValue($node, "enableGuestAutoLogin", $this->_enableGuestAutoLogin);
$this->setXMLAttributValue($node, "enable2FactorAuthentication", $this->_enable2FactorAuthentication);
$this->setXMLAttributValue($node, "enableLoginByEmail", $this->_enableLoginByEmail);
$this->setXMLAttributValue($node, "enablePasswordForgotten", $this->_enablePasswordForgotten);
$this->setXMLAttributValue($node, "passwordStrength", $this->_passwordStrength);
@ -1228,13 +1148,6 @@ class Settings { /* {{{ */
$this->setXMLAttributValue($node, "enableHiddenRevApp", $this->_enableHiddenRevApp);
$this->setXMLAttributValue($node, "enableUpdateRevApp", $this->_enableUpdateRevApp);
$this->setXMLAttributValue($node, "enableRemoveRevApp", $this->_enableRemoveRevApp);
$this->setXMLAttributValue($node, "enableSelfReceipt", $this->_enableSelfReceipt);
$this->setXMLAttributValue($node, "enableAdminReceipt", $this->_enableAdminReceipt);
$this->setXMLAttributValue($node, "enableOwnerReceipt", $this->_enableOwnerReceipt);
$this->setXMLAttributValue($node, "enableUpdateReceipt", $this->_enableUpdateReceipt);
$this->setXMLAttributValue($node, "enableFilterReceipt", $this->_enableFilterReceipt);
$this->setXMLAttributValue($node, "presetExpirationDate", $this->_presetExpirationDate);
$this->setXMLAttributValue($node, "initialDocumentStatus", $this->_initialDocumentStatus);
$this->setXMLAttributValue($node, "addManagerAsReviewer", $this->_addManagerAsReviewer);
$this->setXMLAttributValue($node, "addManagerAsApprover", $this->_addManagerAsApprover);
$this->setXMLAttributValue($node, "globalReviewer", implode(',', $this->_globalReviewer));
@ -1244,21 +1157,14 @@ class Settings { /* {{{ */
$this->setXMLAttributValue($node, "presetExpirationDate", $this->_presetExpirationDate);
$this->setXMLAttributValue($node, "apiOrigin", $this->_apiOrigin);
$this->setXMLAttributValue($node, "versioningFileName", $this->_versioningFileName);
$this->setXMLAttributValue($node, "presetExpirationDate", $this->_presetExpirationDate);
$this->setXMLAttributValue($node, "workflowMode", $this->_workflowMode);
$this->setXMLAttributValue($node, "enableReceiptWorkflow", $this->_enableReceiptWorkflow);
$this->setXMLAttributValue($node, "enableReceiptReject", $this->_enableReceiptReject);
$this->setXMLAttributValue($node, "disableReceiptComment", $this->_disableReceiptComment);
$this->setXMLAttributValue($node, "enableRevisionWorkflow", $this->_enableRevisionWorkflow);
$this->setXMLAttributValue($node, "enableRevisionOneVoteReject", $this->_enableRevisionOneVoteReject);
$this->setXMLAttributValue($node, "allowReviewerOnly", $this->_allowReviewerOnly);
$this->setXMLAttributValue($node, "allowChangeRevAppInProcess", $this->_allowChangeRevAppInProcess);
$this->setXMLAttributValue($node, "enableVersionDeletion", $this->_enableVersionDeletion);
$this->setXMLAttributValue($node, "enableVersionModification", $this->_enableVersionModification);
$this->setXMLAttributValue($node, "enableDuplicateDocNames", $this->_enableDuplicateDocNames);
$this->setXMLAttributValue($node, "enableDuplicateSubFolderNames", $this->_enableDuplicateSubFolderNames);
$this->setXMLAttributValue($node, "enableCancelCheckout", $this->_enableCancelCheckout);
$this->setXMLAttributValue($node, "overrideMimeType", $this->_overrideMimeType);
$this->setXMLAttributValue($node, "advancedAcl", $this->_advancedAcl);
$this->setXMLAttributValue($node, "removeFromDropFolder", $this->_removeFromDropFolder);
$this->setXMLAttributValue($node, "uploadedAttachmentIsPublic", $this->_uploadedAttachmentIsPublic);

9
inc/inc.ClassUI.php
View File

@ -20,7 +20,6 @@
require_once('inc.ClassUI_Default.php');
require_once('inc.ClassViewCommon.php');
require_once('inc.ClassAccessOperation.php');
/* $theme was possibly set in inc.Authentication.php */
if (!isset($theme) || strlen($theme)==0) {
@ -46,7 +45,7 @@ class UI extends UI_Default {
* @return object an object of a class implementing the view
*/
static function factory($theme, $class='', $params=array()) { /* {{{ */
global $settings, $dms, $user, $session, $extMgr, $request, $logger, $notifier;
global $settings, $session, $extMgr, $request, $logger, $notifier;
if(!$class) {
$class = 'Bootstrap';
$class = 'Style';
@ -128,7 +127,6 @@ class UI extends UI_Default {
$params['settings'] = $settings;
$view = new $classname($params, $theme);
/* Set some configuration parameters */
$view->setParam('accessobject', new SeedDMS_AccessOperation($dms, $user, $settings));
$view->setParam('referer', isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '');
$view->setParam('requesturi', $_SERVER['REQUEST_URI']);
$view->setParam('absbaseprefix', $settings->_httpRoot.$httpbasedir);
@ -155,14 +153,11 @@ class UI extends UI_Default {
$view->setParam('enablefoldertree', $settings->_enableFolderTree);
$view->setParam('enablelanguageselector', $settings->_enableLanguageSelector);
$view->setParam('enableclipboard', $settings->_enableClipboard);
$view->setParam('enablemenutransmittals', $settings->_enableMenuTransmittals);
$view->setParam('enablemenutasks', $settings->_enableMenuTasks);
$view->setParam('tasksinmenu', $settings->_tasksInMenu);
$view->setParam('enabledropfolderlist', $settings->_enableDropFolderList);
$view->setParam('dropfolderdir', $settings->_dropFolderDir);
$view->setParam('enablesessionlist', $settings->_enableSessionList);
$view->setParam('workflowmode', $settings->_workflowMode);
$view->setParam('checkoutdir', $settings->_checkOutDir);
$view->setParam('partitionsize', SeedDMS_Core_File::parse_filesize( $settings->_partitionSize));
$view->setParam('maxuploadsize', $settings->getMaximumUploadSize());
$view->setParam('showmissingtranslations', $settings->_showMissingTranslations);
@ -198,6 +193,7 @@ class UI extends UI_Default {
static function exitError($pagetitle, $error, $noexit=false, $plain=false) {
global $theme, $dms, $user, $settings;
$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings);
$view = UI::factory($theme, 'ErrorDlg');
$request = $view->getParam('request');
if($request) {
@ -205,6 +201,7 @@ class UI extends UI_Default {
}
$view->setParam('dms', $dms);
$view->setParam('user', $user);
$view->setParam('accessobject', $accessop);
$view->setParam('pagetitle', $pagetitle);
$view->setParam('errormsg', $error);
$view->setParam('plain', $plain);

4
inc/inc.ClassViewCommon.php
View File

@ -322,10 +322,8 @@ class SeedDMS_View_Common {
*/
protected function html_url($view, $urlparams=array()) { /* {{{ */
$url = $this->params['settings']->_httpRoot."out/out.".$view.".php";
if(is_array($urlparams))
if($urlparams)
$url .= "?".http_build_query($urlparams);
elseif(is_string($urlparams))
$url .= "?".$urlparams;
return $url;
} /* }}} */

1
inc/inc.DBInit.php
View File

@ -87,7 +87,6 @@ if(isset($GLOBALS['SEEDDMS_HOOKS']['initDMS'])) {
}
}
require_once('inc/inc.Tasks.php');
require_once("inc.ConversionInit.php");
require_once('inc.FulltextInit.php');
require_once('inc.AuthenticationInit.php');

1
inc/inc.Extension.php
View File

@ -14,7 +14,6 @@
global $logger;
require "inc.ClassExtensionMgr.php";
require_once "inc.ClassSchedulerTaskBase.php";
require_once "inc.ClassExtBase.php";
$extMgr = new SeedDMS_Extension_Mgr($settings->_rootDir."/ext", $settings->_cacheDir, $settings->_repositoryUrl, $settings->_proxyUrl, $settings->_proxyUser, $settings->_proxyPassword);

1
inc/inc.FulltextInit.php
View File

@ -26,7 +26,6 @@ $fulltextservice = null;
if($settings->_enableFullSearch) {
require_once("inc.ClassFulltextService.php");
$fulltextservice = new SeedDMS_FulltextService();
$fulltextservice->setLogger($logger);
if($settings->_fullSearchEngine == 'sqlitefts') {
$indexconf = array(

71
inc/inc.Language.php
View File

@ -174,68 +174,6 @@ function getReviewStatusText($status, $date=0) { /* {{{ */
}
} /* }}} */
function printReceiptStatusText($status, $date=0) { /* {{{ */
print getReceiptStatusText($status, $date);
} /* }}} */
function getReceiptStatusText($status, $date=0) { /* {{{ */
if (is_null($status)) {
return getMLText("status_unknown");
}
else {
switch ($status) {
case -2:
return getMLText("status_recipient_removed");
break;
case -1:
return getMLText("status_receipt_rejected").($date !=0 ? " ".$date : "");
break;
case 0:
return getMLText("status_not_receipted");
break;
case 1:
return getMLText("status_receipted").($date !=0 ? " ".$date : "");
break;
default:
return getMLText("status_unknown");
break;
}
}
} /* }}} */
function printRevisionStatusText($status, $date=0) { /* {{{ */
print getRevisionStatusText($status, $date);
} /* }}} */
function getRevisionStatusText($status, $date=0) { /* {{{ */
if (is_null($status)) {
return getMLText("status_unknown");
}
else {
switch ($status) {
case -3:
return getMLText("status_revision_sleeping");
break;
case -2:
return getMLText("status_revisor_removed");
break;
case -1:
return getMLText("status_needs_correction").($date !=0 ? " ".$date : "");
return getMLText("status_revision_rejected").($date !=0 ? " ".$date : "");
break;
case 0:
return getMLText("status_not_revised");
break;
case 1:
return getMLText("status_revised").($date !=0 ? " ".$date : "");
break;
default:
return getMLText("status_unknown");
break;
}
}
} /* }}} */
function printApprovalStatusText($status, $date=0) { /* {{{ */
if (is_null($status)) {
print getMLText("status_unknown");
@ -317,15 +255,6 @@ function getOverallStatusText($status) { /* {{{ */
case S_EXPIRED:
return getMLText("expired");
break;
case S_IN_REVISION:
return getMLText("in_revision");
break;
case S_DRAFT:
return getMLText("draft");
break;
case S_NEEDS_CORRECTION:
return getMLText("needs_correction");
break;
default:
return getMLText("status_unknown");
break;

17
inc/inc.Scheduler.php
View File

@ -1,17 +0,0 @@
<?php
/**
* Initialize scheduler
*
* @category DMS
* @package SeedDMS
* @license GPL 2
* @version @version@
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2018 Uwe Steinmann
* @version Release: @package_version@
*/
require_once "inc.ClassSchedulerTaskBase.php";
require_once "inc.ClassScheduler.php";
require_once "inc.ClassSchedulerTask.php";

1047
inc/inc.Tasks.php
View File

File diff suppressed because it is too large Load Diff

27
inc/inc.Utils.php
View File

@ -447,7 +447,7 @@ function utf8_basename($path, $suffix='') { /* {{{ */
* @return string valid file name
*/
function getFilenameByDocname($content) { /* {{{ */
if(is_string($content)) {
if(is_string) {
$filename = $content;
} else {
$document = $content->getDocument();
@ -795,18 +795,6 @@ function addDirSep($str, $chr=DIRECTORY_SEPARATOR) { /* {{{ */
} /* }}} */
/**
* Formats comments for aknowledge of reception.
*
* Only use in documentListRow()
*/
function formatComment($an) { /* {{{ */
$t = array();
foreach($an as $a)
$t[] = $a['n']." × ".$a['c'];
return $t;
} /* }}} */
/*
* Determines if a command exists on the current environment
*
* @param string $command The command to check
@ -982,19 +970,6 @@ function seed_pass_verify($password, $hash) { /* {{{ */
return $hash === md5($password);
} /* }}} */
function resolveTask($task) { /* {{{ */
global $dms, $user, $settings, $logger, $fulltextservice, $notifier, $conversionmgr;
if(is_object($task))
return $task;
if(is_string($task)) {
if(class_exists($task)) {
$task = new $task($dms, $user, $settings, $logger, $fulltextservice, $notifier, $conversionmgr);
}
}
return $task;
} /* }}} */
/**
* Return nonce for CSP
*

2
inc/inc.Version.php
View File

@ -20,7 +20,7 @@
class SeedDMS_Version { /* {{{ */
const _number = "6.0.30";
const _number = "5.1.36";
const _string = "SeedDMS";
function __construct() {

322
install/create_tables-innodb.sql
View File

@ -46,21 +46,6 @@ CREATE TABLE `tblAttributeDefinitions` (
-- --------------------------------------------------------
--
-- Table structure for table `tblRoles`
--
CREATE TABLE `tblRoles` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(50) DEFAULT NULL,
`role` smallint(1) NOT NULL DEFAULT '0',
`noaccess` varchar(30) NOT NULL DEFAULT '',
PRIMARY KEY (`id`),
UNIQUE (`name`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for table `tblUsers`
--
@ -69,13 +54,12 @@ CREATE TABLE `tblUsers` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`login` varchar(50) DEFAULT NULL,
`pwd` varchar(50) DEFAULT NULL,
`secret` varchar(50) DEFAULT NULL,
`fullName` varchar(100) DEFAULT NULL,
`email` varchar(70) DEFAULT NULL,
`language` varchar(32) NOT NULL,
`theme` varchar(32) NOT NULL,
`comment` text NOT NULL,
`role` int(11) NOT NULL,
`role` smallint(1) NOT NULL DEFAULT '0',
`hidden` smallint(1) NOT NULL DEFAULT '0',
`pwdExpiration` datetime DEFAULT NULL,
`loginfailures` tinyint(4) NOT NULL DEFAULT '0',
@ -83,28 +67,11 @@ CREATE TABLE `tblUsers` (
`quota` bigint(20) DEFAULT NULL,
`homefolder` int(11) DEFAULT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `login` (`login`),
CONSTRAINT `tblUsers_role` FOREIGN KEY (`role`) REFERENCES `tblRoles` (`id`)
UNIQUE KEY `login` (`login`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for table `tblUserSubstitutes`
--
CREATE TABLE `tblUserSubstitutes` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`user` int(11) DEFAULT null,
`substitute` int(11) DEFAULT null,
PRIMARY KEY (`id`),
UNIQUE KEY `user` (`user`,`substitute`),
CONSTRAINT `tblUserSubstitutes_user` FOREIGN KEY (`user`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
CONSTRAINT `tblUserSubstitutes_substitute` FOREIGN KEY (`user`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
);
-- --------------------------------------------------------
--
-- Table structure for table `tblUserPasswordRequest`
--
@ -255,7 +222,6 @@ CREATE TABLE `tblDocumentApprovers` (
UNIQUE KEY `documentID` (`documentID`,`version`,`type`,`required`),
CONSTRAINT `tblDocumentApprovers_document` FOREIGN KEY (`documentID`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE INDEX `indDocumentApproversRequired` ON `tblDocumentApprovers` (`required`);
-- --------------------------------------------------------
@ -296,7 +262,6 @@ CREATE TABLE `tblDocumentContent` (
`mimeType` varchar(100) NOT NULL DEFAULT '',
`fileSize` bigint(20) DEFAULT NULL,
`checksum` char(32) DEFAULT NULL,
`revisiondate` datetime DEFAULT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `document` (`document`,`version`),
CONSTRAINT `tblDocumentContent_document` FOREIGN KEY (`document`) REFERENCES `tblDocuments` (`id`)
@ -384,23 +349,6 @@ CREATE TABLE `tblDocumentLocks` (
-- --------------------------------------------------------
--
-- Table structure for table `tblDocumentCheckOuts`
--
CREATE TABLE `tblDocumentCheckOuts` (
`document` int(11) NOT NULL DEFAULT '0',
`version` smallint(5) unsigned NOT NULL DEFAULT '0',
`userID` int(11) NOT NULL DEFAULT '0',
`date` datetime NOT NULL,
`filename` varchar(255) NOT NULL DEFAULT '',
PRIMARY KEY (`document`),
CONSTRAINT `tblDocumentCheckOuts_document` FOREIGN KEY (`document`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
CONSTRAINT `tblDocumentCheckOuts_user` FOREIGN KEY (`userID`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for table `tblDocumentReviewers`
--
@ -415,7 +363,6 @@ CREATE TABLE `tblDocumentReviewers` (
UNIQUE KEY `documentID` (`documentID`,`version`,`type`,`required`),
CONSTRAINT `tblDocumentReviewers_document` FOREIGN KEY (`documentID`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE INDEX `indDocumentReviewersRequired` ON `tblDocumentReviewers` (`required`);
-- --------------------------------------------------------
@ -439,83 +386,6 @@ CREATE TABLE `tblDocumentReviewLog` (
-- --------------------------------------------------------
--
-- Table structure for table `tblDocumentRecipients`
--
CREATE TABLE `tblDocumentRecipients` (
`receiptID` int(11) NOT NULL AUTO_INCREMENT,
`documentID` int(11) NOT NULL DEFAULT '0',
`version` smallint(5) unsigned NOT NULL DEFAULT '0',
`type` tinyint(4) NOT NULL DEFAULT '0',
`required` int(11) NOT NULL DEFAULT '0',
PRIMARY KEY (`receiptID`),
UNIQUE KEY `documentID` (`documentID`,`version`,`type`,`required`),
CONSTRAINT `tblDocumentRecipients_document` FOREIGN KEY (`documentID`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE INDEX `indDocumentRecipientsRequired` ON `tblDocumentRecipients` (`required`);
-- --------------------------------------------------------
--
-- Table structure for table `tblDocumentReceiptLog`
--
CREATE TABLE `tblDocumentReceiptLog` (
`receiptLogID` int(11) NOT NULL AUTO_INCREMENT,
`receiptID` int(11) NOT NULL DEFAULT '0',
`status` tinyint(4) NOT NULL DEFAULT '0',
`comment` text NOT NULL,
`date` datetime NOT NULL,
`userID` int(11) NOT NULL DEFAULT '0',
PRIMARY KEY (`receiptLogID`),
KEY `tblDocumentReceiptLog_receipt` (`receiptID`),
KEY `tblDocumentReceiptLog_user` (`userID`),
CONSTRAINT `tblDocumentReceiptLog_recipient` FOREIGN KEY (`receiptID`) REFERENCES `tblDocumentRecipients` (`receiptID`) ON DELETE CASCADE,
CONSTRAINT `tblDocumentReceiptLog_user` FOREIGN KEY (`userID`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for table `tblDocumentRevisors`
--
CREATE TABLE `tblDocumentRevisors` (
`revisionID` int(11) NOT NULL AUTO_INCREMENT,
`documentID` int(11) NOT NULL DEFAULT '0',
`version` smallint(5) unsigned NOT NULL DEFAULT '0',
`type` tinyint(4) NOT NULL DEFAULT '0',
`required` int(11) NOT NULL DEFAULT '0',
`startdate` datetime DEFAULT NULL,
PRIMARY KEY (`revisionID`),
UNIQUE KEY `documentID` (`documentID`,`version`,`type`,`required`),
CONSTRAINT `tblDocumentRevisors_document` FOREIGN KEY (`documentID`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE INDEX `indDocumentRevisorsRequired` ON `tblDocumentRevisors` (`required`);
-- --------------------------------------------------------
--
-- Table structure for table `tblDocumentRevisionLog`
--
CREATE TABLE `tblDocumentRevisionLog` (
`revisionLogID` int(11) NOT NULL AUTO_INCREMENT,
`revisionID` int(11) NOT NULL DEFAULT '0',
`status` tinyint(4) NOT NULL DEFAULT '0',
`comment` text NOT NULL,
`date` datetime NOT NULL,
`userID` int(11) NOT NULL DEFAULT '0',
PRIMARY KEY (`revisionLogID`),
KEY `tblDocumentRevisionLog_revision` (`revisionID`),
KEY `tblDocumentRevisionLog_user` (`userID`),
CONSTRAINT `tblDocumentRevisionLog_revision` FOREIGN KEY (`revisionID`) REFERENCES `tblDocumentRevisors` (`revisionID`) ON DELETE CASCADE,
CONSTRAINT `tblDocumentRevisionLog_user` FOREIGN KEY (`userID`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for table `tblDocumentStatus`
--
@ -738,7 +608,6 @@ CREATE TABLE `tblWorkflows` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` text NOT NULL,
`initstate` int(11) NOT NULL,
`layoutdata` text DEFAULT NULL,
PRIMARY KEY (`id`),
KEY `tblWorkflow_initstate` (`initstate`),
CONSTRAINT `tblWorkflow_initstate` FOREIGN KEY (`initstate`) REFERENCES `tblWorkflowStates` (`id`) ON DELETE CASCADE
@ -805,48 +674,49 @@ CREATE TABLE `tblWorkflowTransitionGroups` (
-- --------------------------------------------------------
--
-- Table structure for table `tblWorkflowDocumentContent`
--
CREATE TABLE `tblWorkflowDocumentContent` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`parent` int(11) DEFAULT NULL,
`workflow` int(11) DEFAULT NULL,
`document` int(11) DEFAULT NULL,
`version` smallint(5) DEFAULT NULL,
`state` int(11) DEFAULT NULL,
`date` datetime NOT NULL,
PRIMARY KEY (`id`),
KEY `tblWorkflowDocument_document` (`document`),
KEY `tblWorkflowDocument_workflow` (`workflow`),
KEY `tblWorkflowDocument_state` (`state`),
CONSTRAINT `tblWorkflowDocument_document` FOREIGN KEY (`document`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
CONSTRAINT `tblWorkflowDocument_state` FOREIGN KEY (`state`) REFERENCES `tblWorkflowStates` (`id`) ON DELETE CASCADE,
CONSTRAINT `tblWorkflowDocumentContent_parent` FOREIGN KEY (`parent`) REFERENCES `tblWorkflowDocumentContent` (`id`) ON DELETE CASCADE,
CONSTRAINT `tblWorkflowDocument_workflow` FOREIGN KEY (`workflow`) REFERENCES `tblWorkflows` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for table `tblWorkflowLog`
--
CREATE TABLE `tblWorkflowLog` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`workflowdocumentcontent` int(11) NOT NULL DEFAULT '0',
`document` int(11) DEFAULT NULL,
`version` smallint(5) DEFAULT NULL,
`workflow` int(11) DEFAULT NULL,
`userid` int(11) DEFAULT NULL,
`transition` int(11) DEFAULT NULL,
`date` datetime NOT NULL,
`comment` text,
PRIMARY KEY (`id`),
KEY `tblWorkflowLog_document` (`document`),
KEY `tblWorkflowLog_workflow` (`workflow`),
KEY `tblWorkflowLog_userid` (`userid`),
KEY `tblWorkflowLog_transition` (`transition`),
KEY `tblWorkflowLog_workflowdocumentcontent` (`workflowdocumentcontent`),
CONSTRAINT `tblWorkflowLog_workflowdocumentcontent` FOREIGN KEY (`workflowdocumentcontent`) REFERENCES `tblWorkflowDocumentContent` (`id`) ON DELETE CASCADE,
CONSTRAINT `tblWorkflowLog_document` FOREIGN KEY (`document`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
CONSTRAINT `tblWorkflowLog_transition` FOREIGN KEY (`transition`) REFERENCES `tblWorkflowTransitions` (`id`) ON DELETE CASCADE,
CONSTRAINT `tblWorkflowLog_userid` FOREIGN KEY (`userid`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
CONSTRAINT `tblWorkflowLog_userid` FOREIGN KEY (`userid`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
CONSTRAINT `tblWorkflowLog_workflow` FOREIGN KEY (`workflow`) REFERENCES `tblWorkflows` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for table `tblWorkflowDocumentContent`
--
CREATE TABLE `tblWorkflowDocumentContent` (
`parentworkflow` int(11) DEFAULT '0',
`workflow` int(11) DEFAULT NULL,
`document` int(11) DEFAULT NULL,
`version` smallint(5) DEFAULT NULL,
`state` int(11) DEFAULT NULL,
`date` datetime NOT NULL,
KEY `tblWorkflowDocument_document` (`document`),
KEY `tblWorkflowDocument_workflow` (`workflow`),
KEY `tblWorkflowDocument_state` (`state`),
CONSTRAINT `tblWorkflowDocument_document` FOREIGN KEY (`document`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
CONSTRAINT `tblWorkflowDocument_state` FOREIGN KEY (`state`) REFERENCES `tblWorkflowStates` (`id`) ON DELETE CASCADE,
CONSTRAINT `tblWorkflowDocument_workflow` FOREIGN KEY (`workflow`) REFERENCES `tblWorkflows` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
@ -866,127 +736,6 @@ CREATE TABLE `tblWorkflowMandatoryWorkflow` (
-- --------------------------------------------------------
--
-- Table structure for transmittal
--
CREATE TABLE `tblTransmittals` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` text NOT NULL,
`comment` text NOT NULL,
`userID` int(11) NOT NULL DEFAULT '0',
`date` datetime DEFAULT NULL,
`public` tinyint(1) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`),
CONSTRAINT `tblTransmittals_user` FOREIGN KEY (`userID`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for transmittal item
--
CREATE TABLE `tblTransmittalItems` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`transmittal` int(11) NOT NULL DEFAULT '0',
`document` int(11) DEFAULT NULL,
`version` smallint(5) unsigned NOT NULL DEFAULT '0',
`date` datetime DEFAULT NULL,
PRIMARY KEY (`id`),
UNIQUE (transmittal, document, version),
CONSTRAINT `tblTransmittalItems_document` FOREIGN KEY (`document`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
CONSTRAINT `tblTransmittalItem_transmittal` FOREIGN KEY (`transmittal`) REFERENCES `tblTransmittals` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for cached read access
--
CREATE TABLE `tblCachedAccess` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`document` int(11) DEFAULT NULL,
`user` int(11) DEFAULT null,
`mode` tinyint(4) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`),
CONSTRAINT `tblCachedAccess_document` FOREIGN KEY (`document`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
CONSTRAINT `tblCachedAccess_user` FOREIGN KEY (`user`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for access request objects
--
CREATE TABLE `tblAros` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`parent` int(11),
`model` text NOT NULL,
`foreignid` int(11) NOT NULL DEFAULT '0',
`alias` varchar(255),
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for access control objects
--
CREATE TABLE `tblAcos` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`parent` int(11),
`model` text NOT NULL,
`foreignid` int(11) NOT NULL DEFAULT '0',
`alias` varchar(255),
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for acos/aros relation
--
CREATE TABLE `tblArosAcos` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`aro` int(11) NOT NULL DEFAULT '0',
`aco` int(11) NOT NULL DEFAULT '0',
`create` tinyint(4) NOT NULL DEFAULT '-1',
`read` tinyint(4) NOT NULL DEFAULT '-1',
`update` tinyint(4) NOT NULL DEFAULT '-1',
`delete` tinyint(4) NOT NULL DEFAULT '-1',
PRIMARY KEY (`id`),
UNIQUE (aco, aro),
CONSTRAINT `tblArosAcos_acos` FOREIGN KEY (`aco`) REFERENCES `tblAcos` (`id`) ON DELETE CASCADE,
CONSTRAINT `tblArosAcos_aros` FOREIGN KEY (`aro`) REFERENCES `tblAros` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for table `tblSchedulerTask`
--
CREATE TABLE `tblSchedulerTask` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(100) DEFAULT NULL,
`description` text DEFAULT NULL,
`disabled` smallint(1) NOT NULL DEFAULT '0',
`extension` varchar(100) DEFAULT NULL,
`task` varchar(100) DEFAULT NULL,
`frequency` varchar(100) DEFAULT NULL,
`params` text DEFAULT NULL,
`nextrun` datetime DEFAULT NULL,
`lastrun` datetime DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for table `tblVersion`
--
@ -1004,10 +753,7 @@ CREATE TABLE `tblVersion` (
-- Initial content for database
--
INSERT INTO `tblRoles` (`id`, `name`, `role`) VALUES (1, 'Admin', 1);
INSERT INTO `tblRoles` (`id`, `name`, `role`) VALUES (2, 'Guest', 2);
INSERT INTO `tblRoles` (`id`, `name`, `role`) VALUES (3, 'User', 0);
INSERT INTO tblUsers VALUES (1, 'admin', '21232f297a57a5a743894a0e4a801fc3', '', 'Administrator', 'info@seeddms.org', '', '', '', 1, 0, NULL, 0, 0, 0, NULL);
INSERT INTO tblUsers VALUES (2, 'guest', NULL, '', 'Guest User', NULL, '', '', '', 2, 0, NULL, 0, 0, 0, NULL);
INSERT INTO tblUsers VALUES (1, 'admin', '21232f297a57a5a743894a0e4a801fc3', 'Administrator', 'info@seeddms.org', '', '', '', 1, 0, NULL, 0, 0, 0, NULL);
INSERT INTO tblUsers VALUES (2, 'guest', NULL, 'Guest User', NULL, '', '', '', 2, 0, NULL, 0, 0, 0, NULL);
INSERT INTO tblFolders VALUES (1, 'DMS', 0, '', 'DMS root', UNIX_TIMESTAMP(), 1, 0, 2, 0);
INSERT INTO tblVersion VALUES (NOW(), 6, 0, 0);
INSERT INTO tblVersion VALUES (NOW(), 5, 1, 0);

248
install/create_tables-postgres.sql
View File

@ -43,19 +43,6 @@ CREATE TABLE "tblAttributeDefinitions" (
-- --------------------------------------------------------
--
-- Table structure for table `tblRoles`
--
CREATE TABLE "tblRoles" (
"id" SERIAL UNIQUE,
"name" varchar(50) default NULL,
"role" INTEGER NOT NULL default '0',
"noaccess" varchar(30) NOT NULL default ''
) ;
-- --------------------------------------------------------
--
-- Table structure for table "tblUsers"
--
@ -64,7 +51,6 @@ CREATE TABLE "tblUsers" (
"id" SERIAL UNIQUE,
"login" varchar(50) default NULL,
"pwd" varchar(50) default NULL,
"secret" varchar(50) default NULL,
"fullName" varchar(100) default NULL,
"email" varchar(70) default NULL,
"language" varchar(32) NOT NULL,
@ -82,18 +68,6 @@ CREATE TABLE "tblUsers" (
-- --------------------------------------------------------
--
-- Table structure for table `tblUserSubstitutes`
--
CREATE TABLE "tblUserSubstitutes" (
"id" SERIAL UNIQUE,
"user" INTEGER NOT NULL default '0' REFERENCES "tblUsers" ("id") ON DELETE CASCADE,
"substitute" INTEGER NOT NULL default '0' REFERENCES "tblUsers" ("id") ON DELETE CASCADE
);
-- --------------------------------------------------------
--
-- Table structure for table "tblUserPasswordRequest"
--
@ -251,7 +225,6 @@ CREATE TABLE "tblDocumentContent" (
"mimeType" varchar(100) NOT NULL default '',
"fileSize" BIGINT,
"checksum" char(32),
"revisiondate" TIMESTAMP default NULL,
UNIQUE ("document","version")
) ;
@ -317,21 +290,6 @@ CREATE TABLE "tblDocumentLocks" (
-- --------------------------------------------------------
--
-- Table structure for table `tblDocumentCheckOuts`
--
CREATE TABLE "tblDocumentCheckOuts" (
"document" INTEGER REFERENCES "tblDocuments" ("id") ON DELETE CASCADE,
"version" INTEGER NOT NULL default '0',
"userID" INTEGER NOT NULL default '0' REFERENCES "tblUsers" ("id"),
"date" TEXT NOT NULL,
"filename" varchar(255) NOT NULL default '',
UNIQUE ("document")
) ;
-- --------------------------------------------------------
--
-- Table structure for table "tblDocumentReviewers"
--
@ -362,67 +320,6 @@ CREATE TABLE "tblDocumentReviewLog" (
-- --------------------------------------------------------
--
-- Table structure for table `tblDocumentRecipients`
--
CREATE TABLE "tblDocumentRecipients" (
"receiptID" SERIAL UNIQUE,
"documentID" INTEGER NOT NULL default '0' REFERENCES "tblDocuments" ("id") ON DELETE CASCADE,
"version" INTEGER NOT NULL default '0',
"type" INTEGER NOT NULL default '0',
"required" INTEGER NOT NULL default '0',
UNIQUE ("documentID","version","type","required")
) ;
-- --------------------------------------------------------
--
-- Table structure for table "tblDocumentReceiptLog"
--
CREATE TABLE "tblDocumentReceiptLog" (
"receiptLogID" SERIAL UNIQUE,
"receiptID" INTEGER NOT NULL default 0 REFERENCES "tblDocumentRecipients" ("receiptID") ON DELETE CASCADE,
"status" INTEGER NOT NULL default 0,
"comment" TEXT NOT NULL,
"date" TEXT NOT NULL,
"userID" INTEGER NOT NULL default 0 REFERENCES "tblUsers" ("id") ON DELETE CASCADE
) ;
-- --------------------------------------------------------
--
-- Table structure for table `tblDocumentRevisors`
--
CREATE TABLE "tblDocumentRevisors" (
"revisionID" SERIAL UNIQUE,
"documentID" INTEGER NOT NULL default '0' REFERENCES "tblDocuments" ("id") ON DELETE CASCADE,
"version" INTEGER NOT NULL default '0',
"type" INTEGER NOT NULL default '0',
"required" INTEGER NOT NULL default '0',
"startdate" TIMESTAMP default NULL,
UNIQUE ("documentID","version","type","required")
) ;
-- --------------------------------------------------------
--
-- Table structure for table "tblDocumentRevisionLog"
--
CREATE TABLE "tblDocumentRevisionLog" (
"revisionLogID" SERIAL UNIQUE,
"revisionID" INTEGER NOT NULL default 0 REFERENCES "tblDocumentRevisors" ("revisionID") ON DELETE CASCADE,
"status" INTEGER NOT NULL default 0,
"comment" TEXT NOT NULL,
"date" TIMESTAMP default NULL,
"userID" INTEGER NOT NULL default 0 REFERENCES "tblUsers" ("id") ON DELETE CASCADE
) ;
-- --------------------------------------------------------
--
-- Table structure for table "tblDocumentStatus"
--
@ -617,8 +514,7 @@ CREATE TABLE "tblWorkflowActions" (
CREATE TABLE "tblWorkflows" (
"id" SERIAL UNIQUE,
"name" text NOT NULL,
"initstate" INTEGER NOT NULL REFERENCES "tblWorkflowStates" ("id") ON DELETE CASCADE,
"layoutdata" text default NULL
"initstate" INTEGER NOT NULL REFERENCES "tblWorkflowStates" ("id") ON DELETE CASCADE
) ;
-- --------------------------------------------------------
@ -663,29 +559,15 @@ CREATE TABLE "tblWorkflowTransitionGroups" (
-- --------------------------------------------------------
--
-- Table structure for workflow document relation
--
CREATE TABLE "tblWorkflowDocumentContent" (
"id" SERIAL UNIQUE,
"parent" INTEGER DEFAULT NULL REFERENCES "tblWorkflowDocumentContent" ("id") ON DELETE CASCADE,
"workflow" INTEGER DEFAULT NULL REFERENCES "tblWorkflows" ("id") ON DELETE CASCADE,
"document" INTEGER DEFAULT NULL REFERENCES "tblDocuments" ("id") ON DELETE CASCADE,
"version" INTEGER DEFAULT NULL,
"state" INTEGER DEFAULT NULL REFERENCES "tblWorkflowStates" ("id") ON DELETE CASCADE,
"date" TIMESTAMP default NULL
) ;
-- --------------------------------------------------------
--
-- Table structure for workflow log
--
CREATE TABLE "tblWorkflowLog" (
"id" SERIAL UNIQUE,
"workflowdocumentcontent" INTEGER DEFAULT NULL REFERENCES "tblWorkflowDocumentContent" ("id") ON DELETE CASCADE,
"document" INTEGER default NULL REFERENCES "tblDocuments" ("id") ON DELETE CASCADE,
"version" INTEGER default NULL,
"workflow" INTEGER default NULL REFERENCES "tblWorkflows" ("id") ON DELETE CASCADE,
"userid" INTEGER default NULL REFERENCES "tblUsers" ("id") ON DELETE CASCADE,
"transition" INTEGER default NULL REFERENCES "tblWorkflowTransitions" ("id") ON DELETE CASCADE,
"date" TIMESTAMP default NULL,
@ -694,6 +576,21 @@ CREATE TABLE "tblWorkflowLog" (
-- --------------------------------------------------------
--
-- Table structure for workflow document relation
--
CREATE TABLE "tblWorkflowDocumentContent" (
"parentworkflow" INTEGER DEFAULT 0,
"workflow" INTEGER DEFAULT NULL REFERENCES "tblWorkflows" ("id") ON DELETE CASCADE,
"document" INTEGER DEFAULT NULL REFERENCES "tblDocuments" ("id") ON DELETE CASCADE,
"version" INTEGER DEFAULT NULL,
"state" INTEGER DEFAULT NULL REFERENCES "tblWorkflowStates" ("id") ON DELETE CASCADE,
"date" TIMESTAMP default NULL
) ;
-- --------------------------------------------------------
--
-- Table structure for mandatory workflows
--
@ -706,101 +603,6 @@ CREATE TABLE "tblWorkflowMandatoryWorkflow" (
-- --------------------------------------------------------
--
-- Table structure for transmittal
--
CREATE TABLE "tblTransmittals" (
"id" SERIAL UNIQUE,
"name" text NOT NULL,
"comment" text NOT NULL,
"userID" INTEGER NOT NULL default '0' REFERENCES "tblUsers" ("id") ON DELETE CASCADE,
"date" TIMESTAMP default NULL,
"public" INTEGER NOT NULL default '0'
);
-- --------------------------------------------------------
--
-- Table structure for transmittal item
--
CREATE TABLE "tblTransmittalItems" (
"id" SERIAL UNIQUE,
"transmittal" INTEGER NOT NULL DEFAULT '0' REFERENCES "tblTransmittals" ("id") ON DELETE CASCADE,
"document" INTEGER default NULL REFERENCES "tblDocuments" ("id") ON DELETE CASCADE,
"version" INTEGER NOT NULL default '0',
"date" TIMESTAMP default NULL,
UNIQUE (transmittal, document, version)
);
-- --------------------------------------------------------
--
-- Table structure for access request objects
--
CREATE TABLE "tblAros" (
"id" SERIAL UNIQUE,
"parent" INTEGER,
"model" TEXT NOT NULL,
"foreignid" INTEGER NOT NULL DEFAULT '0',
"alias" TEXT
) ;
-- --------------------------------------------------------
--
-- Table structure for access control objects
--
CREATE TABLE "tblAcos" (
"id" SERIAL UNIQUE,
"parent" INTEGER,
"model" TEXT NOT NULL,
"foreignid" INTEGER NOT NULL DEFAULT '0',
"alias" TEXT
) ;
-- --------------------------------------------------------
--
-- Table structure for acos/aros relation
--
CREATE TABLE "tblArosAcos" (
"id" SERIAL UNIQUE,
"aro" INTEGER NOT NULL DEFAULT '0' REFERENCES "tblAros" ("id") ON DELETE CASCADE,
"aco" INTEGER NOT NULL DEFAULT '0' REFERENCES "tblAcos" ("id") ON DELETE CASCADE,
"create" INTEGER NOT NULL DEFAULT '-1',
"read" INTEGER NOT NULL DEFAULT '-1',
"update" INTEGER NOT NULL DEFAULT '-1',
"delete" INTEGER NOT NULL DEFAULT '-1',
UNIQUE (aco, aro)
) ;
-- --------------------------------------------------------
--
-- Table structure for tblSchedulerTask
--
CREATE TABLE "tblSchedulerTask" (
"id" SERIAL UNIQUE,
"name" varchar(100) DEFAULT NULL,
"description" TEXT DEFAULT NULL,
"disabled" INTEGER NOT NULL DEFAULT '0',
"extension" varchar(100) DEFAULT NULL,
"task" varchar(100) DEFAULT NULL,
"frequency" varchar(100) DEFAULT NULL,
"params" TEXT DEFAULT NULL,
"nextrun" TIMESTAMP DEFAULT NULL,
"lastrun" TIMESTAMP DEFAULT NULL
) ;
-- --------------------------------------------------------
--
-- Table structure for version
--
@ -818,16 +620,10 @@ CREATE TABLE "tblVersion" (
-- Initial content for database
--
INSERT INTO "tblRoles" ("id", "name", "role") VALUES (1, 'Admin', 1);
SELECT nextval('"tblRoles_id_seq"');
INSERT INTO "tblRoles" ("id", "name", "role") VALUES (2, 'Guest', 2);
SELECT nextval('"tblRoles_id_seq"');
INSERT INTO "tblRoles" ("id", "name", "role") VALUES (3, 'User', 0);
SELECT nextval('"tblRoles_id_seq"');
INSERT INTO "tblUsers" VALUES (1, 'admin', '21232f297a57a5a743894a0e4a801fc3', '', 'Administrator', 'info@seeddms.org', '', '', '', 1, 0, NULL, 0, 0, 0, NULL);
INSERT INTO "tblUsers" VALUES (1, 'admin', '21232f297a57a5a743894a0e4a801fc3', 'Administrator', 'info@seeddms.org', '', '', '', 1, 0, NULL, 0, 0, 0, NULL);
SELECT nextval('"tblUsers_id_seq"');
INSERT INTO "tblUsers" VALUES (2, 'guest', NULL, '', 'Guest User', NULL, '', '', '', 2, 0, NULL, 0, 0, 0, NULL);
INSERT INTO "tblUsers" VALUES (2, 'guest', NULL, 'Guest User', NULL, '', '', '', 2, 0, NULL, 0, 0, 0, NULL);
SELECT nextval('"tblUsers_id_seq"');
INSERT INTO "tblFolders" VALUES (1, 'DMS', 0, '', 'DMS root', extract(epoch from now()), 1, 0, 2, 0);
SELECT nextval('"tblFolders_id_seq"');
INSERT INTO "tblVersion" VALUES (CURRENT_TIMESTAMP, 6, 0, 0);
INSERT INTO "tblVersion" VALUES (CURRENT_TIMESTAMP, 5, 1, 0);

262
install/create_tables-sqlite3.sql
View File

@ -43,20 +43,6 @@ CREATE TABLE `tblAttributeDefinitions` (
-- --------------------------------------------------------
--
-- Table structure for table `tblRoles`
--
CREATE TABLE `tblRoles` (
`id` INTEGER PRIMARY KEY AUTOINCREMENT,
`name` varchar(50) default NULL,
`role` INTEGER NOT NULL default '0',
`noaccess` varchar(30) NOT NULL default '',
UNIQUE (`name`)
) ;
-- --------------------------------------------------------
--
-- Table structure for table `tblUsers`
--
@ -65,13 +51,12 @@ CREATE TABLE `tblUsers` (
`id` INTEGER PRIMARY KEY AUTOINCREMENT,
`login` varchar(50) default NULL,
`pwd` varchar(50) default NULL,
`secret` varchar(50) default NULL,
`fullName` varchar(100) default NULL,
`email` varchar(70) default NULL,
`language` varchar(32) NOT NULL,
`theme` varchar(32) NOT NULL,
`comment` text NOT NULL,
`role` INTEGER NOT NULL REFERENCES `tblRoles` (`id`),
`role` INTEGER NOT NULL default '0',
`hidden` INTEGER NOT NULL default '0',
`pwdExpiration` TEXT default NULL,
`loginfailures` INTEGER NOT NULL default '0',
@ -83,19 +68,6 @@ CREATE TABLE `tblUsers` (
-- --------------------------------------------------------
--
-- Table structure for table `tblUserSubstitutes`
--
CREATE TABLE `tblUserSubstitutes` (
`id` INTEGER PRIMARY KEY AUTOINCREMENT,
`user` INTEGER NOT NULL default '0' REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
`substitute` INTEGER NOT NULL default '0' REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
UNIQUE (`user`, `substitute`)
);
-- --------------------------------------------------------
--
-- Table structure for table `tblUserPasswordRequest`
--
@ -163,7 +135,7 @@ CREATE TABLE `tblFolderAttributes` (
`folder` INTEGER default NULL REFERENCES `tblFolders` (`id`) ON DELETE CASCADE,
`attrdef` INTEGER default NULL REFERENCES `tblAttributeDefinitions` (`id`),
`value` text default NULL,
UNIQUE (`folder`, `attrdef`)
UNIQUE (folder, attrdef)
) ;
-- --------------------------------------------------------
@ -199,7 +171,7 @@ CREATE TABLE `tblDocumentAttributes` (
`document` INTEGER default NULL REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
`attrdef` INTEGER default NULL REFERENCES `tblAttributeDefinitions` (`id`),
`value` text default NULL,
UNIQUE (`document`, `attrdef`)
UNIQUE (document, attrdef)
) ;
-- --------------------------------------------------------
@ -216,7 +188,6 @@ CREATE TABLE `tblDocumentApprovers` (
`required` INTEGER NOT NULL default '0',
UNIQUE (`documentID`,`version`,`type`,`required`)
) ;
CREATE INDEX `indDocumentApproversRequired` ON `tblDocumentApprovers` (`required`);
-- --------------------------------------------------------
@ -232,7 +203,6 @@ CREATE TABLE `tblDocumentApproveLog` (
`date` TEXT NOT NULL,
`userID` INTEGER NOT NULL default '0' REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
) ;
CREATE INDEX `indDocumentApproveLogApproveID` ON `tblDocumentApproveLog` (`approveID`);
-- --------------------------------------------------------
@ -253,7 +223,6 @@ CREATE TABLE `tblDocumentContent` (
`mimeType` varchar(100) NOT NULL default '',
`fileSize` INTEGER,
`checksum` char(32),
`revisiondate` TEXT default NULL,
UNIQUE (`document`,`version`)
) ;
@ -268,7 +237,7 @@ CREATE TABLE `tblDocumentContentAttributes` (
`content` INTEGER default NULL REFERENCES `tblDocumentContent` (`id`) ON DELETE CASCADE,
`attrdef` INTEGER default NULL REFERENCES `tblAttributeDefinitions` (`id`),
`value` text default NULL,
UNIQUE (`content`, `attrdef`)
UNIQUE (content, attrdef)
) ;
-- --------------------------------------------------------
@ -319,21 +288,6 @@ CREATE TABLE `tblDocumentLocks` (
-- --------------------------------------------------------
--
-- Table structure for table `tblDocumentCheckOuts`
--
CREATE TABLE `tblDocumentCheckOuts` (
`document` INTEGER REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
`version` INTEGER unsigned NOT NULL default '0',
`userID` INTEGER NOT NULL default '0' REFERENCES `tblUsers` (`id`),
`date` TEXT NOT NULL,
`filename` varchar(255) NOT NULL default '',
UNIQUE (`document`)
) ;
-- --------------------------------------------------------
--
-- Table structure for table `tblDocumentReviewers`
--
@ -346,7 +300,6 @@ CREATE TABLE `tblDocumentReviewers` (
`required` INTEGER NOT NULL default '0',
UNIQUE (`documentID`,`version`,`type`,`required`)
) ;
CREATE INDEX `indDocumentReviewersRequired` ON `tblDocumentReviewers` (`required`);
-- --------------------------------------------------------
@ -362,72 +315,6 @@ CREATE TABLE `tblDocumentReviewLog` (
`date` TEXT NOT NULL,
`userID` INTEGER NOT NULL default 0 REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
) ;
CREATE INDEX `indDocumentReviewLogReviewID` ON `tblDocumentReviewLog` (`reviewID`);
-- --------------------------------------------------------
--
-- Table structure for table `tblDocumentRecipients`
--
CREATE TABLE `tblDocumentRecipients` (
`receiptID` INTEGER PRIMARY KEY AUTOINCREMENT,
`documentID` INTEGER NOT NULL default '0' REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
`version` INTEGER unsigned NOT NULL default '0',
`type` INTEGER NOT NULL default '0',
`required` INTEGER NOT NULL default '0',
UNIQUE (`documentID`,`version`,`type`,`required`)
) ;
CREATE INDEX `indDocumentRecipientsRequired` ON `tblDocumentRecipients` (`required`);
-- --------------------------------------------------------
--
-- Table structure for table `tblDocumentReceiptLog`
--
CREATE TABLE `tblDocumentReceiptLog` (
`receiptLogID` INTEGER PRIMARY KEY AUTOINCREMENT,
`receiptID` INTEGER NOT NULL default 0 REFERENCES `tblDocumentRecipients` (`receiptID`) ON DELETE CASCADE,
`status` INTEGER NOT NULL default 0,
`comment` TEXT NOT NULL,
`date` TEXT NOT NULL,
`userID` INTEGER NOT NULL default 0 REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
) ;
CREATE INDEX `indDocumentReceiptLogReceiptID` ON `tblDocumentReceiptLog` (`receiptID`);
-- --------------------------------------------------------
--
-- Table structure for table `tblDocumentRevisors`
--
CREATE TABLE `tblDocumentRevisors` (
`revisionID` INTEGER PRIMARY KEY AUTOINCREMENT,
`documentID` INTEGER NOT NULL default '0' REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
`version` INTEGER unsigned NOT NULL default '0',
`type` INTEGER NOT NULL default '0',
`required` INTEGER NOT NULL default '0',
`startdate` TEXT default NULL,
UNIQUE (`documentID`,`version`,`type`,`required`)
) ;
CREATE INDEX `indDocumentRevisorsRequired` ON `tblDocumentRevisors` (`required`);
-- --------------------------------------------------------
--
-- Table structure for table `tblDocumentRevisionLog`
--
CREATE TABLE `tblDocumentRevisionLog` (
`revisionLogID` INTEGER PRIMARY KEY AUTOINCREMENT,
`revisionID` INTEGER NOT NULL default 0 REFERENCES `tblDocumentRevisors` (`revisionID`) ON DELETE CASCADE,
`status` INTEGER NOT NULL default 0,
`comment` TEXT NOT NULL,
`date` TEXT NOT NULL,
`userID` INTEGER NOT NULL default 0 REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
) ;
CREATE INDEX `indDocumentRevisionLogRevisionID` ON `tblDocumentRevisionLog` (`revisionID`);
-- --------------------------------------------------------
@ -456,7 +343,6 @@ CREATE TABLE `tblDocumentStatusLog` (
`date` TEXT NOT NULL,
`userID` INTEGER NOT NULL default '0' REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
) ;
CREATE INDEX `indDocumentStatusLogStatusID` ON `tblDocumentStatusLog` (`StatusID`);
-- --------------------------------------------------------
@ -626,8 +512,7 @@ CREATE TABLE `tblWorkflowActions` (
CREATE TABLE `tblWorkflows` (
`id` INTEGER PRIMARY KEY AUTOINCREMENT,
`name` text NOT NULL,
`initstate` INTEGER NOT NULL REFERENCES `tblWorkflowStates` (`id`) ON DELETE CASCADE,
`layoutdata` text default NULL
`initstate` INTEGER NOT NULL REFERENCES `tblWorkflowStates` (`id`) ON DELETE CASCADE
) ;
-- --------------------------------------------------------
@ -672,29 +557,15 @@ CREATE TABLE `tblWorkflowTransitionGroups` (
-- --------------------------------------------------------
--
-- Table structure for table `tblWorkflowDocumentContent`
--
CREATE TABLE `tblWorkflowDocumentContent` (
`id` INTEGER PRIMARY KEY AUTOINCREMENT,
`parent` INTEGER DEFAULT NULL REFERENCES `tblWorkflowDocumentContent` (`id`) ON DELETE CASCADE,
`workflow` INTEGER DEFAULT NULL REFERENCES `tblWorkflows` (`id`) ON DELETE CASCADE,
`document` INTEGER DEFAULT NULL REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
`version` INTEGER DEFAULT NULL,
`state` INTEGER DEFAULT NULL REFERENCES `tblWorkflowStates` (`id`) ON DELETE CASCADE,
`date` datetime NOT NULL
) ;
-- --------------------------------------------------------
--
-- Table structure for table `tblWorkflowLog`
--
CREATE TABLE `tblWorkflowLog` (
`id` INTEGER PRIMARY KEY AUTOINCREMENT,
`workflowdocumentcontent` INTEGER DEFAULT NULL REFERENCES `tblWorkflowDocumentContent` (`id`) ON DELETE CASCADE,
`document` INTEGER default NULL REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
`version` INTEGER default NULL,
`workflow` INTEGER default NULL REFERENCES `tblWorkflows` (`id`) ON DELETE CASCADE,
`userid` INTEGER default NULL REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
`transition` INTEGER default NULL REFERENCES `tblWorkflowTransitions` (`id`) ON DELETE CASCADE,
`date` datetime NOT NULL,
@ -703,6 +574,21 @@ CREATE TABLE `tblWorkflowLog` (
-- --------------------------------------------------------
--
-- Table structure for table `tblWorkflowDocumentContent`
--
CREATE TABLE `tblWorkflowDocumentContent` (
`parentworkflow` INTEGER DEFAULT 0,
`workflow` INTEGER DEFAULT NULL REFERENCES `tblWorkflows` (`id`) ON DELETE CASCADE,
`document` INTEGER DEFAULT NULL REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
`version` INTEGER DEFAULT NULL,
`state` INTEGER DEFAULT NULL REFERENCES `tblWorkflowStates` (`id`) ON DELETE CASCADE,
`date` datetime NOT NULL
) ;
-- --------------------------------------------------------
--
-- Table structure for table `tblWorkflowMandatoryWorkflow`
--
@ -710,102 +596,7 @@ CREATE TABLE `tblWorkflowLog` (
CREATE TABLE `tblWorkflowMandatoryWorkflow` (
`userid` INTEGER default NULL REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
`workflow` INTEGER default NULL REFERENCES `tblWorkflows` (`id`) ON DELETE CASCADE,
UNIQUE(`userid`, `workflow`)
) ;
-- --------------------------------------------------------
--
-- Table structure for transmittal
--
CREATE TABLE `tblTransmittals` (
`id` INTEGER PRIMARY KEY AUTOINCREMENT,
`name` text NOT NULL,
`comment` text NOT NULL,
`userID` INTEGER NOT NULL default '0' REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
`date` TEXT default NULL,
`public` INTEGER NOT NULL default '0'
);
-- --------------------------------------------------------
--
-- Table structure for transmittal item
--
CREATE TABLE `tblTransmittalItems` (
`id` INTEGER PRIMARY KEY AUTOINCREMENT,
`transmittal` INTEGER NOT NULL DEFAULT '0' REFERENCES `tblTransmittals` (`id`) ON DELETE CASCADE,
`document` INTEGER default NULL REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
`version` INTEGER unsigned NOT NULL default '0',
`date` TEXT default NULL,
UNIQUE (`transmittal`, `document`, `version`)
);
-- --------------------------------------------------------
--
-- Table structure for access request objects
--
CREATE TABLE `tblAros` (
`id` INTEGER PRIMARY KEY AUTOINCREMENT,
`parent` INTEGER,
`model` TEXT NOT NULL,
`foreignid` INTEGER NOT NULL DEFAULT '0',
`alias` TEXT
) ;
-- --------------------------------------------------------
--
-- Table structure for access control objects
--
CREATE TABLE `tblAcos` (
`id` INTEGER PRIMARY KEY AUTOINCREMENT,
`parent` INTEGER,
`model` TEXT NOT NULL,
`foreignid` INTEGER NOT NULL DEFAULT '0',
`alias` TEXT
) ;
-- --------------------------------------------------------
--
-- Table structure for acos/aros relation
--
CREATE TABLE `tblArosAcos` (
`id` INTEGER PRIMARY KEY AUTOINCREMENT,
`aro` INTEGER NOT NULL DEFAULT '0' REFERENCES `tblAros` (`id`) ON DELETE CASCADE,
`aco` INTEGER NOT NULL DEFAULT '0' REFERENCES `tblAcos` (`id`) ON DELETE CASCADE,
`create` INTEGER NOT NULL DEFAULT '-1',
`read` INTEGER NOT NULL DEFAULT '-1',
`update` INTEGER NOT NULL DEFAULT '-1',
`delete` INTEGER NOT NULL DEFAULT '-1',
UNIQUE (`aco`, `aro`)
) ;
-- --------------------------------------------------------
--
-- Table structure for table `tblSchedulerTask`
--
CREATE TABLE `tblSchedulerTask` (
`id` INTEGER PRIMARY KEY AUTOINCREMENT,
`name` varchar(100) DEFAULT NULL,
`description` TEXT DEFAULT NULL,
`disabled` INTEGER NOT NULL DEFAULT '0',
`extension` varchar(100) DEFAULT NULL,
`task` varchar(100) DEFAULT NULL,
`frequency` varchar(100) DEFAULT NULL,
`params` TEXT DEFAULT NULL,
`nextrun` TEXT DEFAULT NULL,
`lastrun` TEXT DEFAULT NULL
UNIQUE(userid, workflow)
) ;
-- --------------------------------------------------------
@ -827,10 +618,7 @@ CREATE TABLE `tblVersion` (
-- Initial content for database
--
INSERT INTO `tblRoles` (`id`, `name`, `role`) VALUES (1, 'Admin', 1);
INSERT INTO `tblRoles` (`id`, `name`, `role`) VALUES (2, 'Guest', 2);
INSERT INTO `tblRoles` (`id`, `name`, `role`) VALUES (3, 'User', 0);
INSERT INTO `tblUsers` (`id`, `login`, `pwd`, `fullName`, `email`, `language`, `theme`, `comment`, `role`, `hidden`, `pwdExpiration`, `loginfailures`, `disabled`, `quota`, `homefolder`) VALUES (1, 'admin', '21232f297a57a5a743894a0e4a801fc3', 'Administrator', 'info@seeddms.org', '', '', '', 1, 0, '', 0, 0, 0, NULL);
INSERT INTO `tblUsers` (`id`, `login`, `pwd`, `fullName`, `email`, `language`, `theme`, `comment`, `role`, `hidden`, `pwdExpiration`, `loginfailures`, `disabled`, `quota`, `homefolder`) VALUES (2, 'guest', NULL, 'Guest User', NULL, '', '', '', 2, 0, '', 0, 0, 0, NULL);
INSERT INTO `tblFolders` (`id`, `name`, `parent`, `folderList`, `comment`, `date`, `owner`, `inheritAccess`, `defaultAccess`, `sequence`) VALUES (1, 'DMS', NULL, '', 'DMS root', strftime('%s','now'), 1, 0, 2, 0);
INSERT INTO `tblVersion` VALUES (DATETIME(), 6, 0, 0);
INSERT INTO `tblVersion` VALUES (DATETIME(), 5, 1, 0);

181
install/update-6.0.0/update-postgres.sql
View File

@ -1,181 +0,0 @@
START TRANSACTION;
ALTER TABLE "tblDocumentContent" ADD COLUMN "revisiondate" TIMESTAMP default NULL;
ALTER TABLE "tblUsers" ADD COLUMN "secret" varchar(50) default NULL;
ALTER TABLE "tblWorkflows" ADD COLUMN "layoutdata" text default NULL;
ALTER TABLE "tblWorkflowDocumentContent" ADD COLUMN "id" SERIAL UNIQUE;
ALTER TABLE "tblWorkflowLog" ADD COLUMN "workflowdocumentcontent" INTEGER NOT NULL DEFAULT '0';
UPDATE "tblWorkflowLog" SET "workflowdocumentcontent" = "tblWorkflowDocumentContent"."id" FROM "tblWorkflowDocumentContent" WHERE "tblWorkflowLog"."document" = "tblWorkflowDocumentContent"."document" AND "tblWorkflowLog"."version" = "tblWorkflowDocumentContent"."version" AND "tblWorkflowLog"."workflow" = "tblWorkflowDocumentContent"."workflow";
INSERT INTO "tblWorkflowDocumentContent" ("parentworkflow", "workflow", "document", "version", "state", "date") SELECT 0 AS "parentworkflow", "workflow", "document", "version", NULL AS "state", max("date") AS "date" FROM "tblWorkflowLog" WHERE "workflowdocumentcontent" = 0 GROUP BY "workflow", "document", "version";
UPDATE "tblWorkflowLog" SET "workflowdocumentcontent" = "tblWorkflowDocumentContent"."id" FROM "tblWorkflowDocumentContent" WHERE "tblWorkflowLog"."document" = "tblWorkflowDocumentContent"."document" AND "tblWorkflowLog"."version" = "tblWorkflowDocumentContent"."version" AND "tblWorkflowLog"."workflow" = "tblWorkflowDocumentContent"."workflow";
ALTER TABLE "tblWorkflowLog" ADD CONSTRAINT "tblWorkflowLog_workflowdocumentcontent" FOREIGN KEY ("workflowdocumentcontent") REFERENCES "tblWorkflowDocumentContent" ("id") ON DELETE CASCADE;
ALTER TABLE "tblWorkflowDocumentContent" ADD COLUMN "parent" INTEGER DEFAULT NULL;
ALTER TABLE "tblWorkflowDocumentContent" ADD CONSTRAINT "tblWorkflowDocumentContent_parent" FOREIGN KEY ("parent") REFERENCES "tblWorkflowDocumentContent" ("id") ON DELETE CASCADE;
ALTER TABLE "tblWorkflowDocumentContent" DROP COLUMN "parentworkflow";
ALTER TABLE "tblWorkflowLog" DROP COLUMN "document";
ALTER TABLE "tblWorkflowLog" DROP COLUMN "version";
ALTER TABLE "tblWorkflowLog" DROP COLUMN "workflow";
CREATE TABLE "tblUserSubstitutes" (
"id" SERIAL UNIQUE,
"user" INTEGER default null,
"substitute" INTEGER default null,
UNIQUE ("user", "substitute"),
CONSTRAINT "tblUserSubstitutes_user" FOREIGN KEY ("user") REFERENCES "tblUsers" ("id") ON DELETE CASCADE,
CONSTRAINT "tblUserSubstitutes_substitute" FOREIGN KEY ("user") REFERENCES "tblUsers" ("id") ON DELETE CASCADE
);
CREATE TABLE "tblDocumentCheckOuts" (
"document" INTEGER NOT NULL default '0',
"version" INTEGER NOT NULL default '0',
"userID" INTEGER NOT NULL default '0',
"date" TIMESTAMP NOT NULL,
"filename" varchar(255) NOT NULL default '',
CONSTRAINT "tblDocumentCheckOuts_document" FOREIGN KEY ("document") REFERENCES "tblDocuments" ("id") ON DELETE CASCADE,
CONSTRAINT "tblDocumentCheckOuts_user" FOREIGN KEY ("userID") REFERENCES "tblUsers" ("id") ON DELETE CASCADE
);
CREATE TABLE "tblDocumentRecipients" (
"receiptID" SERIAL UNIQUE,
"documentID" INTEGER NOT NULL default '0',
"version" INTEGER NOT NULL default '0',
"type" INTEGER NOT NULL default '0',
"required" INTEGER NOT NULL default '0',
UNIQUE ("documentID","version","type","required"),
CONSTRAINT "tblDocumentRecipients_document" FOREIGN KEY ("documentID") REFERENCES "tblDocuments" ("id") ON DELETE CASCADE
);
CREATE TABLE "tblDocumentReceiptLog" (
"receiptLogID" SERIAL UNIQUE,
"receiptID" INTEGER NOT NULL default '0',
"status" INTEGER NOT NULL default '0',
"comment" text NOT NULL,
"date" TIMESTAMP NOT NULL,
"userID" INTEGER NOT NULL default '0',
CONSTRAINT "tblDocumentReceiptLog_recipient" FOREIGN KEY ("receiptID") REFERENCES "tblDocumentRecipients" ("receiptID") ON DELETE CASCADE,
CONSTRAINT "tblDocumentReceiptLog_user" FOREIGN KEY ("userID") REFERENCES "tblUsers" ("id") ON DELETE CASCADE
);
CREATE TABLE "tblDocumentRevisors" (
"revisionID" SERIAL UNIQUE,
"documentID" INTEGER NOT NULL default '0',
"version" INTEGER NOT NULL default '0',
"type" INTEGER NOT NULL default '0',
"required" INTEGER NOT NULL default '0',
"startdate" TIMESTAMP default NULL,
UNIQUE ("documentID","version","type","required"),
CONSTRAINT "tblDocumentRevisors_document" FOREIGN KEY ("documentID") REFERENCES "tblDocuments" ("id") ON DELETE CASCADE
);
CREATE TABLE "tblDocumentRevisionLog" (
"revisionLogID" SERIAL UNIQUE,
"revisionID" INTEGER NOT NULL default '0',
"status" INTEGER NOT NULL default '0',
"comment" text NOT NULL,
"date" TIMESTAMP NOT NULL,
"userID" INTEGER NOT NULL default '0',
CONSTRAINT "tblDocumentRevisionLog_revision" FOREIGN KEY ("revisionID") REFERENCES "tblDocumentRevisors" ("revisionID") ON DELETE CASCADE,
CONSTRAINT "tblDocumentRevisionLog_user" FOREIGN KEY ("userID") REFERENCES "tblUsers" ("id") ON DELETE CASCADE
);
CREATE TABLE "tblTransmittals" (
"id" SERIAL UNIQUE,
"name" text NOT NULL,
"comment" text NOT NULL,
"userID" INTEGER NOT NULL default '0',
"date" TIMESTAMP default NULL,
"public" INTEGER NOT NULL default '0',
CONSTRAINT "tblTransmittals_user" FOREIGN KEY ("userID") REFERENCES "tblUsers" ("id") ON DELETE CASCADE
);
CREATE TABLE "tblTransmittalItems" (
"id" SERIAL UNIQUE,
"transmittal" INTEGER NOT NULL DEFAULT '0',
"document" INTEGER default NULL,
"version" INTEGER NOT NULL default '0',
"date" TIMESTAMP default NULL,
UNIQUE ("transmittal", "document", "version"),
CONSTRAINT "tblTransmittalItems_document" FOREIGN KEY ("document") REFERENCES "tblDocuments" ("id") ON DELETE CASCADE,
CONSTRAINT "tblTransmittalItem_transmittal" FOREIGN KEY ("transmittal") REFERENCES "tblTransmittals" ("id") ON DELETE CASCADE
);
CREATE TABLE "tblRoles" (
"id" SERIAL UNIQUE,
"name" varchar(50) default NULL,
"role" INTEGER NOT NULL default '0',
"noaccess" varchar(30) NOT NULL default '',
UNIQUE ("name")
);
INSERT INTO "tblRoles" ("id", "name", "role") VALUES (1, 'Admin', 1);
SELECT nextval('"tblRoles_id_seq"');
INSERT INTO "tblRoles" ("id", "name", "role") VALUES (2, 'Guest', 2);
SELECT nextval('"tblRoles_id_seq"');
INSERT INTO "tblRoles" ("id", "name", "role") VALUES (3, 'User', 0);
SELECT nextval('"tblRoles_id_seq"');
ALTER TABLE "tblUsers" ALTER "role" DROP DEFAULT;
ALTER TABLE "tblUsers" ALTER "role" SET NOT NULL;
UPDATE "tblUsers" SET role=3 WHERE role=0;
ALTER TABLE "tblUsers" ADD CONSTRAINT "tblUsers_role" FOREIGN KEY ("role") REFERENCES "tblRoles" ("id");
CREATE TABLE "tblAros" (
"id" SERIAL UNIQUE,
"parent" INTEGER,
"model" text NOT NULL,
"foreignid" INTEGER NOT NULL DEFAULT '0',
"alias" varchar(255)
);
CREATE TABLE "tblAcos" (
"id" SERIAL UNIQUE,
"parent" INTEGER,
"model" text NOT NULL,
"foreignid" INTEGER NOT NULL DEFAULT '0',
"alias" varchar(255)
);
CREATE TABLE "tblArosAcos" (
"id" SERIAL UNIQUE,
"aro" INTEGER NOT NULL DEFAULT '0',
"aco" INTEGER NOT NULL DEFAULT '0',
"create" INTEGER NOT NULL DEFAULT '-1',
"read" INTEGER NOT NULL DEFAULT '-1',
"update" INTEGER NOT NULL DEFAULT '-1',
"delete" INTEGER NOT NULL DEFAULT '-1',
UNIQUE ("aco", "aro"),
CONSTRAINT "tblArosAcos_acos" FOREIGN KEY ("aco") REFERENCES "tblAcos" ("id") ON DELETE CASCADE,
CONSTRAINT "tblArosAcos_aros" FOREIGN KEY ("aro") REFERENCES "tblAros" ("id") ON DELETE CASCADE
);
CREATE TABLE "tblSchedulerTask" (
"id" SERIAL UNIQUE,
"name" varchar(100) DEFAULT NULL,
"description" TEXT DEFAULT NULL,
"disabled" INTEGER NOT NULL DEFAULT '0',
"extension" varchar(100) DEFAULT NULL,
"task" varchar(100) DEFAULT NULL,
"frequency" varchar(100) DEFAULT NULL,
"params" TEXT DEFAULT NULL,
"nextrun" TIMESTAMP DEFAULT NULL,
"lastrun" TIMESTAMP DEFAULT NULL
) ;
UPDATE "tblVersion" set "major"=6, "minor"=0, "subminor"=0;
COMMIT;

206
install/update-6.0.0/update-sqlite3.sql
View File

@ -1,206 +0,0 @@
BEGIN;
ALTER TABLE `tblDocumentContent` ADD COLUMN `revisiondate` TEXT default NULL;
ALTER TABLE `tblUsers` ADD COLUMN `secret` varchar(50) default NULL;
ALTER TABLE `tblWorkflows` ADD COLUMN `layoutdata` text default NULL;
CREATE TABLE `new_tblWorkflowDocumentContent` (
`id` INTEGER PRIMARY KEY AUTOINCREMENT,
`parent` INTEGER DEFAULT NULL REFERENCES `tblWorkflowDocumentContent` (`id`) ON DELETE CASCADE,
`workflow` INTEGER DEFAULT NULL REFERENCES `tblWorkflows` (`id`) ON DELETE CASCADE,
`document` INTEGER DEFAULT NULL REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
`version` INTEGER DEFAULT NULL,
`state` INTEGER DEFAULT NULL REFERENCES `tblWorkflowStates` (`id`) ON DELETE CASCADE,
`date` datetime NOT NULL
) ;
INSERT INTO `new_tblWorkflowDocumentContent` (`parent`, `workflow`, `document`, `version`, `state`, `date`) SELECT NULL as `parent`, `workflow`, `document`, `version`, `state`, `date` FROM `tblWorkflowDocumentContent`;
INSERT INTO `new_tblWorkflowDocumentContent` (`parent`, `workflow`, `document`, `version`, `state`, `date`) SELECT NULL, `a`.`workflow`, `a`.`document`, `a`.`version`, NULL AS `state`, max(`a`.`date`) FROM `tblWorkflowLog` `a` LEFT JOIN `tblWorkflowDocumentContent` `b` ON `a`.`document`=`b`.`document` AND `a`.`version`=`b`.`version` AND `a`.`workflow`=`b`.`workflow` WHERE `b`.`document` IS NULL GROUP BY `a`.`document`, `a`.`version`, `a`.`workflow`;
CREATE TABLE `new_tblWorkflowLog` (
`id` INTEGER PRIMARY KEY AUTOINCREMENT,
`workflowdocumentcontent` INTEGER DEFAULT NULL REFERENCES `tblWorkflowDocumentContent` (`id`) ON DELETE CASCADE,
`userid` INTEGER default NULL REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
`transition` INTEGER default NULL REFERENCES `tblWorkflowTransitions` (`id`) ON DELETE CASCADE,
`date` datetime NOT NULL,
`comment` text
) ;
INSERT INTO `new_tblWorkflowLog` (`id`, `workflowdocumentcontent`, `userid`, `transition`, `date`, `comment`) SELECT `a`.`id`, `b`.`id`, `a`.`userid`, `a`.`transition`, `a`.`date`, `a`.`comment` FROM `tblWorkflowLog` `a` LEFT JOIN `new_tblWorkflowDocumentContent` `b` ON `a`.`document`=`b`.`document` AND `a`.`version`=`b`.`version` AND `a`.`workflow`=`b`.`workflow` WHERE `b`.`document` IS NOT NULL;
DROP TABLE `tblWorkflowLog`;
ALTER TABLE `new_tblWorkflowLog` RENAME TO `tblWorkflowLog`;
DROP TABLE `tblWorkflowDocumentContent`;
ALTER TABLE `new_tblWorkflowDocumentContent` RENAME TO `tblWorkflowDocumentContent`;
CREATE TABLE `tblUserSubstitutes` (
`id` INTEGER PRIMARY KEY AUTOINCREMENT,
`user` INTEGER NOT NULL default '0' REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
`substitute` INTEGER NOT NULL default '0' REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
UNIQUE (`user`, `substitute`)
);
CREATE TABLE `tblDocumentCheckOuts` (
`document` INTEGER REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
`version` INTEGER unsigned NOT NULL default '0',
`userID` INTEGER NOT NULL default '0' REFERENCES `tblUsers` (`id`),
`date` TEXT NOT NULL,
`filename` varchar(255) NOT NULL default '',
UNIQUE (`document`)
) ;
CREATE TABLE `tblDocumentRecipients` (
`receiptID` INTEGER PRIMARY KEY AUTOINCREMENT,
`documentID` INTEGER NOT NULL default '0' REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
`version` INTEGER unsigned NOT NULL default '0',
`type` INTEGER NOT NULL default '0',
`required` INTEGER NOT NULL default '0',
UNIQUE (`documentID`,`version`,`type`,`required`)
) ;
CREATE INDEX `indDocumentRecipientsRequired` ON `tblDocumentRecipients` (`required`);
CREATE TABLE `tblDocumentReceiptLog` (
`receiptLogID` INTEGER PRIMARY KEY AUTOINCREMENT,
`receiptID` INTEGER NOT NULL default 0 REFERENCES `tblDocumentRecipients` (`receiptID`) ON DELETE CASCADE,
`status` INTEGER NOT NULL default 0,
`comment` TEXT NOT NULL,
`date` TEXT NOT NULL,
`userID` INTEGER NOT NULL default 0 REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
) ;
CREATE INDEX `indDocumentReceiptLogReceiptID` ON `tblDocumentReceiptLog` (`receiptID`);
CREATE TABLE `tblDocumentRevisors` (
`revisionID` INTEGER PRIMARY KEY AUTOINCREMENT,
`documentID` INTEGER NOT NULL default '0' REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
`version` INTEGER unsigned NOT NULL default '0',
`type` INTEGER NOT NULL default '0',
`required` INTEGER NOT NULL default '0',
`startdate` TEXT default NULL,
UNIQUE (`documentID`,`version`,`type`,`required`)
) ;
CREATE INDEX `indDocumentRevisorsRequired` ON `tblDocumentRevisors` (`required`);
CREATE TABLE `tblDocumentRevisionLog` (
`revisionLogID` INTEGER PRIMARY KEY AUTOINCREMENT,
`revisionID` INTEGER NOT NULL default 0 REFERENCES `tblDocumentRevisors` (`revisionID`) ON DELETE CASCADE,
`status` INTEGER NOT NULL default 0,
`comment` TEXT NOT NULL,
`date` TEXT NOT NULL,
`userID` INTEGER NOT NULL default 0 REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
) ;
CREATE INDEX `indDocumentRevisionLogRevisionID` ON `tblDocumentRevisionLog` (`revisionID`);
CREATE TABLE `tblTransmittals` (
`id` INTEGER PRIMARY KEY AUTOINCREMENT,
`name` text NOT NULL,
`comment` text NOT NULL,
`userID` INTEGER NOT NULL default '0' REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
`date` TEXT default NULL,
`public` INTEGER NOT NULL default '0'
);
CREATE TABLE `tblTransmittalItems` (
`id` INTEGER PRIMARY KEY AUTOINCREMENT,
`transmittal` INTEGER NOT NULL DEFAULT '0' REFERENCES `tblTransmittals` (`id`) ON DELETE CASCADE,
`document` INTEGER default NULL REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
`version` INTEGER unsigned NOT NULL default '0',
`date` TEXT default NULL,
UNIQUE (transmittal, document, version)
);
CREATE TABLE `tblRoles` (
`id` INTEGER PRIMARY KEY AUTOINCREMENT,
`name` varchar(50) default NULL,
`role` INTEGER NOT NULL default '0',
`noaccess` varchar(30) NOT NULL default '',
UNIQUE (`name`)
);
INSERT INTO `tblRoles` (`id`, `name`, `role`) VALUES (1, 'Admin', 1);
INSERT INTO `tblRoles` (`id`, `name`, `role`) VALUES (2, 'Guest', 2);
INSERT INTO `tblRoles` (`id`, `name`, `role`) VALUES (3, 'User', 0);
UPDATE `tblUsers` SET role=3 WHERE role=0;
CREATE TABLE `new_tblUsers` (
`id` INTEGER PRIMARY KEY AUTOINCREMENT,
`login` varchar(50) default NULL,
`pwd` varchar(50) default NULL,
`fullName` varchar(100) default NULL,
`email` varchar(70) default NULL,
`language` varchar(32) NOT NULL,
`theme` varchar(32) NOT NULL,
`comment` text NOT NULL,
`role` INTEGER NOT NULL REFERENCES `tblRoles` (`id`),
`hidden` INTEGER NOT NULL default '0',
`pwdExpiration` TEXT default NULL,
`loginfailures` INTEGER NOT NULL default '0',
`disabled` INTEGER NOT NULL default '0',
`quota` INTEGER,
`homefolder` INTEGER default NULL REFERENCES `tblFolders` (`id`),
`secret` varchar(50) default NULL,
UNIQUE (`login`)
);
INSERT INTO new_tblUsers SELECT * FROM tblUsers;
DROP TABLE tblUsers;
ALTER TABLE new_tblUsers RENAME TO tblUsers;
CREATE TABLE `tblAros` (
`id` INTEGER PRIMARY KEY AUTOINCREMENT,
`parent` INTEGER,
`model` TEXT NOT NULL,
`foreignid` INTEGER NOT NULL DEFAULT '0',
`alias` TEXT
) ;
CREATE TABLE `tblAcos` (
`id` INTEGER PRIMARY KEY AUTOINCREMENT,
`parent` INTEGER,
`model` TEXT NOT NULL,
`foreignid` INTEGER NOT NULL DEFAULT '0',
`alias` TEXT
) ;
CREATE TABLE `tblArosAcos` (
`id` INTEGER PRIMARY KEY AUTOINCREMENT,
`aro` INTEGER NOT NULL DEFAULT '0' REFERENCES `tblAros` (`id`) ON DELETE CASCADE,
`aco` INTEGER NOT NULL DEFAULT '0' REFERENCES `tblAcos` (`id`) ON DELETE CASCADE,
`create` INTEGER NOT NULL DEFAULT '-1',
`read` INTEGER NOT NULL DEFAULT '-1',
`update` INTEGER NOT NULL DEFAULT '-1',
`delete` INTEGER NOT NULL DEFAULT '-1',
UNIQUE (aco, aro)
) ;
CREATE INDEX `indDocumentStatusLogStatusID` ON `tblDocumentStatusLog` (`StatusID`);
CREATE INDEX `indDocumentApproversRequired` ON `tblDocumentApprovers` (`required`);
CREATE INDEX `indDocumentApproveLogApproveID` ON `tblDocumentApproveLog` (`approveID`);
CREATE INDEX `indDocumentReviewersRequired` ON `tblDocumentReviewers` (`required`);
CREATE INDEX `indDocumentReviewLogReviewID` ON `tblDocumentReviewLog` (`reviewID`);
CREATE TABLE `tblSchedulerTask` (
`id` INTEGER PRIMARY KEY AUTOINCREMENT,
`name` varchar(100) DEFAULT NULL,
`description` TEXT DEFAULT NULL,
`disabled` INTEGER NOT NULL DEFAULT '0',
`extension` varchar(100) DEFAULT NULL,
`task` varchar(100) DEFAULT NULL,
`frequency` varchar(100) DEFAULT NULL,
`params` TEXT DEFAULT NULL,
`nextrun` TEXT DEFAULT NULL,
`lastrun` TEXT DEFAULT NULL
) ;
UPDATE tblVersion set major=6, minor=0, subminor=0;
COMMIT;

200
install/update-6.0.0/update.sql
View File

@ -1,200 +0,0 @@
START TRANSACTION;
ALTER TABLE `tblDocumentContent` ADD COLUMN `revisiondate` datetime DEFAULT NULL;
ALTER TABLE `tblUsers` ADD COLUMN `secret` varchar(50) DEFAULT NULL AFTER `pwd`;
ALTER TABLE `tblWorkflows` ADD COLUMN `layoutdata` text DEFAULT NULL AFTER `initstate`;
ALTER TABLE `tblWorkflowDocumentContent` ADD COLUMN `id` int(11) NOT NULL AUTO_INCREMENT FIRST, ADD PRIMARY KEY (`id`);
ALTER TABLE `tblWorkflowLog` ADD COLUMN `workflowdocumentcontent` int(11) NOT NULL DEFAULT '0' AFTER `id`;
UPDATE `tblWorkflowLog` a, `tblWorkflowDocumentContent` b SET a.`workflowdocumentcontent` = b.`id` WHERE a.`document` = b.`document` AND a.`version` = b.`version` AND a.`workflow` = b.`workflow`;
INSERT INTO `tblWorkflowDocumentContent` (`parentworkflow`, `workflow`, `document`, `version`, `state`, `date`) SELECT 0 AS `parentworkflow`, `workflow`, `document`, `version`, NULL AS `state`, max(`date`) AS `date` FROM `tblWorkflowLog` WHERE `workflowdocumentcontent` = 0 GROUP BY `workflow`, `document`, `version`;
UPDATE `tblWorkflowLog` a, `tblWorkflowDocumentContent` b SET a.`workflowdocumentcontent` = b.`id` WHERE a.`document` = b.`document` AND a.`version` = b.`version` AND a.`workflow` = b.`workflow`;
ALTER TABLE `tblWorkflowLog` ADD CONSTRAINT `tblWorkflowLog_workflowdocumentcontent` FOREIGN KEY (`workflowdocumentcontent`) REFERENCES `tblWorkflowDocumentContent` (`id`) ON DELETE CASCADE;
ALTER TABLE `tblWorkflowDocumentContent` ADD COLUMN `parent` int(11) DEFAULT NULL AFTER `id`;
ALTER TABLE `tblWorkflowDocumentContent` ADD CONSTRAINT `tblWorkflowDocumentContent_parent` FOREIGN KEY (`parent`) REFERENCES `tblWorkflowDocumentContent` (`id`) ON DELETE CASCADE;
ALTER TABLE `tblWorkflowDocumentContent` DROP COLUMN `parentworkflow`;
ALTER TABLE `tblWorkflowLog` DROP FOREIGN KEY `tblWorkflowLog_document`;
ALTER TABLE `tblWorkflowLog` DROP COLUMN `document`;
ALTER TABLE `tblWorkflowLog` DROP COLUMN `version`;
ALTER TABLE `tblWorkflowLog` DROP FOREIGN KEY `tblWorkflowLog_workflow`;
ALTER TABLE `tblWorkflowLog` DROP COLUMN `workflow`;
CREATE TABLE `tblUserSubstitutes` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`user` int(11) DEFAULT null,
`substitute` int(11) DEFAULT null,
PRIMARY KEY (`id`),
UNIQUE (`user`, `substitute`),
CONSTRAINT `tblUserSubstitutes_user` FOREIGN KEY (`user`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
CONSTRAINT `tblUserSubstitutes_substitute` FOREIGN KEY (`user`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE TABLE `tblDocumentCheckOuts` (
`document` int(11) NOT NULL DEFAULT '0',
`version` smallint(5) unsigned NOT NULL DEFAULT '0',
`userID` int(11) NOT NULL DEFAULT '0',
`date` datetime NOT NULL,
`filename` varchar(255) NOT NULL DEFAULT '',
PRIMARY KEY (`document`),
CONSTRAINT `tblDocumentCheckOuts_document` FOREIGN KEY (`document`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
CONSTRAINT `tblDocumentCheckOuts_user` FOREIGN KEY (`userID`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE TABLE `tblDocumentRecipients` (
`receiptID` int(11) NOT NULL AUTO_INCREMENT,
`documentID` int(11) NOT NULL DEFAULT '0',
`version` smallint(5) unsigned NOT NULL DEFAULT '0',
`type` tinyint(4) NOT NULL DEFAULT '0',
`required` int(11) NOT NULL DEFAULT '0',
PRIMARY KEY (`receiptID`),
UNIQUE KEY `documentID` (`documentID`,`version`,`type`,`required`),
CONSTRAINT `tblDocumentRecipients_document` FOREIGN KEY (`documentID`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE INDEX `indDocumentRecipientsRequired` ON `tblDocumentRecipients` (`required`);
CREATE TABLE `tblDocumentReceiptLog` (
`receiptLogID` int(11) NOT NULL AUTO_INCREMENT,
`receiptID` int(11) NOT NULL DEFAULT '0',
`status` tinyint(4) NOT NULL DEFAULT '0',
`comment` text NOT NULL,
`date` datetime NOT NULL,
`userID` int(11) NOT NULL DEFAULT '0',
PRIMARY KEY (`receiptLogID`),
KEY `tblDocumentReceiptLog_receipt` (`receiptID`),
KEY `tblDocumentReceiptLog_user` (`userID`),
CONSTRAINT `tblDocumentReceiptLog_recipient` FOREIGN KEY (`receiptID`) REFERENCES `tblDocumentRecipients` (`receiptID`) ON DELETE CASCADE,
CONSTRAINT `tblDocumentReceiptLog_user` FOREIGN KEY (`userID`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE TABLE `tblDocumentRevisors` (
`revisionID` int(11) NOT NULL AUTO_INCREMENT,
`documentID` int(11) NOT NULL DEFAULT '0',
`version` smallint(5) unsigned NOT NULL DEFAULT '0',
`type` tinyint(4) NOT NULL DEFAULT '0',
`required` int(11) NOT NULL DEFAULT '0',
`startdate` datetime DEFAULT NULL,
PRIMARY KEY (`revisionID`),
UNIQUE KEY `documentID` (`documentID`,`version`,`type`,`required`),
CONSTRAINT `tblDocumentRevisors_document` FOREIGN KEY (`documentID`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE INDEX `indDocumentRevisorsRequired` ON `tblDocumentRevisors` (`required`);
CREATE TABLE `tblDocumentRevisionLog` (
`revisionLogID` int(11) NOT NULL AUTO_INCREMENT,
`revisionID` int(11) NOT NULL DEFAULT '0',
`status` tinyint(4) NOT NULL DEFAULT '0',
`comment` text NOT NULL,
`date` datetime NOT NULL,
`userID` int(11) NOT NULL DEFAULT '0',
PRIMARY KEY (`revisionLogID`),
KEY `tblDocumentRevisionLog_revision` (`revisionID`),
KEY `tblDocumentRevisionLog_user` (`userID`),
CONSTRAINT `tblDocumentRevisionLog_revision` FOREIGN KEY (`revisionID`) REFERENCES `tblDocumentRevisors` (`revisionID`) ON DELETE CASCADE,
CONSTRAINT `tblDocumentRevisionLog_user` FOREIGN KEY (`userID`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE TABLE `tblTransmittals` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` text NOT NULL,
`comment` text NOT NULL,
`userID` int(11) NOT NULL DEFAULT '0',
`date` datetime DEFAULT NULL,
`public` tinyint(1) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`),
CONSTRAINT `tblTransmittals_user` FOREIGN KEY (`userID`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE TABLE `tblTransmittalItems` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`transmittal` int(11) NOT NULL DEFAULT '0',
`document` int(11) DEFAULT NULL,
`version` smallint(5) unsigned NOT NULL DEFAULT '0',
`date` datetime DEFAULT NULL,
PRIMARY KEY (`id`),
UNIQUE (transmittal, document, version),
CONSTRAINT `tblTransmittalItems_document` FOREIGN KEY (`document`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
CONSTRAINT `tblTransmittalItem_transmittal` FOREIGN KEY (`transmittal`) REFERENCES `tblTransmittals` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE TABLE `tblRoles` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(50) DEFAULT NULL,
`role` smallint(1) NOT NULL DEFAULT '0',
`noaccess` varchar(30) NOT NULL DEFAULT '',
PRIMARY KEY (`id`),
UNIQUE (`name`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
INSERT INTO `tblRoles` (`id`, `name`, `role`) VALUES (1, 'Admin', 1);
INSERT INTO `tblRoles` (`id`, `name`, `role`) VALUES (2, 'Guest', 2);
INSERT INTO `tblRoles` (`id`, `name`, `role`) VALUES (3, 'User', 0);
ALTER TABLE `tblRoles` AUTO_INCREMENT=4;
ALTER TABLE tblUsers CHANGE role role int(11) NOT NULL;
UPDATE `tblUsers` SET role=3 WHERE role=0;
ALTER TABLE tblUsers ADD CONSTRAINT `tblUsers_role` FOREIGN KEY (`role`) REFERENCES `tblRoles` (`id`);
CREATE TABLE `tblAros` (
`id` int(11) NOT NULL auto_increment,
`parent` int(11),
`model` text NOT NULL,
`foreignid` int(11) NOT NULL DEFAULT '0',
`alias` varchar(255),
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE TABLE `tblAcos` (
`id` int(11) NOT NULL auto_increment,
`parent` int(11),
`model` text NOT NULL,
`foreignid` int(11) NOT NULL DEFAULT '0',
`alias` varchar(255),
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE TABLE `tblArosAcos` (
`id` int(11) NOT NULL auto_increment,
`aro` int(11) NOT NULL DEFAULT '0',
`aco` int(11) NOT NULL DEFAULT '0',
`create` tinyint(4) NOT NULL DEFAULT '-1',
`read` tinyint(4) NOT NULL DEFAULT '-1',
`update` tinyint(4) NOT NULL DEFAULT '-1',
`delete` tinyint(4) NOT NULL DEFAULT '-1',
PRIMARY KEY (`id`),
UNIQUE (aco, aro),
CONSTRAINT `tblArosAcos_acos` FOREIGN KEY (`aco`) REFERENCES `tblAcos` (`id`) ON DELETE CASCADE,
CONSTRAINT `tblArosAcos_aros` FOREIGN KEY (`aro`) REFERENCES `tblAros` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE TABLE `tblSchedulerTask` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(100) DEFAULT NULL,
`description` text DEFAULT NULL,
`disabled` smallint(1) NOT NULL DEFAULT '0',
`extension` varchar(100) DEFAULT NULL,
`task` varchar(100) DEFAULT NULL,
`frequency` varchar(100) DEFAULT NULL,
`params` text DEFAULT NULL,
`nextrun` datetime DEFAULT NULL,
`lastrun` datetime DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
UPDATE tblVersion set major=6, minor=0, subminor=0;
COMMIT;

52
install/update-6.0.0/update.txt
View File

@ -1,52 +0,0 @@
Caution when you update seeddms with workflow mode `advanced`
=============================================================
The previous database layout for tracking the workflow state of a
document content was not very well done. It did not allow to run
the document through another workflow at a later time, expecially
the same workflow, e.g. for a scheduled revision of a document.
Technical details
==================
This update modifies the tables tblWorkflowDocumentContent and
tblWorkflowLog. It adds a new autoincrement field as a primary key
(id) to tblWorkflowDocumentContent and references that field in
tblWorkflowLog (workflowdocumentcontent). Till now the two tables
where linked by the fields `document`, `version`, and `workflow` which will
be replaced by the two new fields. The fields `document`, `version`, and
`workflow` will be removed from tblWorkflowLog. tblWorkflowDocumentContent
contained just the workflows currently active for a particlar document.
From now on the table will also contain finished workflows, which
will have the field `state` set to null. This allows to run even the
same workflow again and still be able to distinguish the log entries.
MySQL
------
The update process will first add the new auto incrementing, primary
field to tblWorkflowDocumentContent and a referencing field to
tblWorkflowLog. It will then fill out the referencing field with the
automatically incremented field value from tblWorkflowDocumentContent
by joining the two tables with its common fields document, version,
and workflow. This will not fill out all referencing field values,
because once a workflow has ended the record in
tblWorkflowDocumentContent will be deleted and just the records in
tblWorkflowLog are kept. The still missing records in
tblWorkflowDocumentContent for already completed workflows will be
reconstructed from the records in tblWorkflowLog which do not have a
reference to tblWorkflowDocumentContent yet. Once that is done the
referencing field in tblWorkflowLog can be filled in a second pass.
The date of the new records in tblWorkflowDocumentContent will be
taken from the last record for that workflow in tblWorkflowLog. The
state of the new records will be set null, indicating that this
workflow is no longer active.
SQLite
-------
The update process will first create new table for tblWorkflowDocumentContent
containing a new field for the primary key field. It then copies the
records from the old table to the new table. The missing records for
workflows which has been finished already are recreated from the old
table `tblWorkflowLog`. Which is then replaced by a new table having
the foreign key to table `tblWorkflowDocumentContent`.

118
op/op.Acl.php
View File

@ -1,118 +0,0 @@
<?php
// MyDMS. Document Management System
// Copyright (C) 2002-2005 Markus Westphal
// Copyright (C) 2006-2008 Malcolm Cowe
// Copyright (C) 2010 Matteo Lucarelli
// Copyright (C) 2010-2012 Uwe Steinmann
//
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
require_once("../inc/inc.Settings.php");
require_once("../inc/inc.Utils.php");
require_once("../inc/inc.LogInit.php");
require_once("../inc/inc.Language.php");
require_once("../inc/inc.Init.php");
require_once("../inc/inc.Extension.php");
require_once("../inc/inc.DBInit.php");
require_once("../inc/inc.ClassUI.php");
require_once("../inc/inc.Authentication.php");
if (!$user->isAdmin()) {
$result = array('type'=>'error', 'msg'=>getMLText("access_denied"));
echo json_encode($result);
exit;
}
if (isset($_GET["action"])) $action=$_GET["action"];
else $action=NULL;
if($action == 'add_aro') {
if (isset($_GET["roleid"])) {
if(!($role = SeedDMS_Core_Role::getInstance((int) $_GET["roleid"], $dms))) {
$result = array('type'=>'error', 'msg'=>getMLText("access_denied"));
echo json_encode($result);
exit;
}
} else {
$result = array('type'=>'error', 'msg'=>getMLText("access_denied"));
echo json_encode($result);
exit;
}
} else {
if (isset($_GET["aroid"])) {
if(!($aro = SeedDMS_Aro::getInstance((int) $_GET["aroid"], $dms))) {
$result = array('type'=>'error', 'msg'=>getMLText("access_denied"));
echo json_encode($result);
exit;
}
} else {
$result = array('type'=>'error', 'msg'=>getMLText("access_denied"));
echo json_encode($result);
exit;
}
if (isset($_GET["acoid"])) {
if(!($aco = SeedDMS_Aco::getInstance((int) $_GET["acoid"], $dms))) {
$result = array('type'=>'error', 'msg'=>getMLText("access_denied"));
echo json_encode($result);
exit;
}
} else {
$result = array('type'=>'error', 'msg'=>getMLText("access_denied"));
echo json_encode($result);
exit;
}
}
switch($action) {
case "toggle_permission":
$acl = new SeedDMS_Acl($dms);
if($acl->toggle($aro, $aco))
$result = array('type'=>'success', 'msg'=>getMLText('success_toogle_permission'));
else
$result = array('type'=>'error', 'msg'=>getMLText('error_toogle_permission'));
header('Content-Type: application/json');
echo json_encode($result);
break;
case "add_permission":
$acl = new SeedDMS_Acl($dms);
if($acl->add($aro, $aco))
$result = array('type'=>'success', 'msg'=>getMLText('success_add_permission'));
else
$result = array('type'=>'error', 'msg'=>getMLText('error_add_permission'));
header('Content-Type: application/json');
echo json_encode($result);
break;
case "remove_permission":
$acl = new SeedDMS_Acl($dms);
if($acl->remove($aro, $aco))
$result = array('type'=>'success', 'msg'=>getMLText('success_remove_permission'));
else
$result = array('type'=>'error', 'msg'=>getMLText('error_remove_permission'));
header('Content-Type: application/json');
echo json_encode($result);
break;
case "add_aro":
if(SeedDMS_Aro::getInstance($role, $dms)) {
$result = array('type'=>'success', 'msg'=>getMLText('success_add_aro'));
} else {
$result = array('type'=>'error', 'msg'=>getMLText('error_add_aro'));
}
header('Content-Type: application/json');
echo json_encode($result);
break;
}

85
op/op.AddDocument.php
View File

@ -69,9 +69,8 @@ if($settings->_quota > 0) {
}
}
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if ($accessop->check_controller_access($controller, array('action'=>'setOwner'))) {
$ownerid = (int) $_POST["ownerid"];
if($user->isAdmin()) {
$ownerid = !empty($_POST['ownerid']) ? (int) $_POST["ownerid"] : null;
if($ownerid) {
if(!($owner = $dms->getUser($ownerid))) {
UI::exitError(getMLText("folder_title", array("foldername" => $folder->getName())),getMLText("error_occured"));
@ -174,13 +173,10 @@ default:
// Get the list of reviewers and approvers for this document.
$reviewers = array();
$approvers = array();
$recipients = array();
$reviewers["i"] = array();
$reviewers["g"] = array();
$approvers["i"] = array();
$approvers["g"] = array();
$recipients["i"] = array();
$recipients["g"] = array();
$workflow = null;
if($settings->_workflowMode == 'traditional' || $settings->_workflowMode == 'traditional_only_approval') {
@ -197,16 +193,6 @@ if($settings->_workflowMode == 'traditional' || $settings->_workflowMode == 'tra
$reviewers["g"][] = $grp;
}
}
// Retrieve the list of reviewer groups whose members become individual reviewers
if (isset($_POST["grpIndReviewers"])) {
foreach ($_POST["grpIndReviewers"] as $grp) {
if($group = $dms->getGroup($grp)) {
$members = $group->getUsers();
foreach($members as $member)
$reviewers["i"][] = $member->getID();
}
}
}
}
// Retrieve the list of individual approvers from the form.
@ -221,17 +207,6 @@ if($settings->_workflowMode == 'traditional' || $settings->_workflowMode == 'tra
$approvers["g"][] = $grp;
}
}
// Retrieve the list of reviewer groups whose members become individual approvers
if (isset($_POST["grpIndApprovers"])) {
foreach ($_POST["grpIndApprovers"] as $grp) {
if($group = $dms->getGroup($grp)) {
$members = $group->getUsers();
foreach($members as $member)
$approvers["i"][] = $member->getID();
}
}
}
// add mandatory reviewers/approvers
if($settings->_workflowMode == 'traditional') {
$mreviewers = getMandatoryReviewers($folder, null, $user);
@ -269,35 +244,6 @@ if($settings->_workflowMode == 'traditional' || $settings->_workflowMode == 'tra
}
}
// Retrieve the list of individual recipients from the form.
$recipients["i"] = array();
if (isset($_POST["indRecipients"])) {
foreach ($_POST["indRecipients"] as $ind) {
$recipients["i"][] = $ind;
}
}
// Retrieve the list of recipient groups from the form.
$recipients["g"] = array();
if (isset($_POST["grpRecipients"])) {
foreach ($_POST["grpRecipients"] as $grp) {
$recipients["g"][] = $grp;
}
}
// Retrieve the list of recipient groups whose members become individual recipients
if (isset($_POST["grpIndRecipients"])) {
foreach ($_POST["grpIndRecipients"] as $grp) {
if($group = $dms->getGroup($grp)) {
$members = $group->getUsers();
foreach($members as $member) {
/* Do not add the uploader itself and reviewers */
if(!$settings->_enableFilterReceipt || ($member->getID() != $user->getID() && !in_array($member->getID(), $reviewers['i'])))
if(!in_array($member->getID(), $recipients["i"]))
$recipients["i"][] = $member->getID();
}
}
}
}
function reArrayFiles(&$file_post) {
$file_ary = array();
$file_count = count($file_post['name']);
@ -360,31 +306,6 @@ if(isset($_POST[$prefix.'-fine-uploader-uuids']) && $_POST[$prefix.'-fine-upload
}
}
if($settings->_libraryFolder) {
if(isset($_POST["librarydoc"]) && $_POST["librarydoc"]) {
if($clonedoc = $dms->getDocument($_POST["librarydoc"])) {
if($content = $clonedoc->getLatestContent()) {
$docsource = 'library';
$fullfile = tempnam(sys_get_temp_dir(), '');
if(SeedDMS_Core_File::copyFile($dms->contentDir . $content->getPath(), $fullfile)) {
if($_POST["name"]!="") {
$oext = pathinfo($content->getOriginalFileName(), PATHINFO_EXTENSION);
$origfilename = getFilenameByDocname(trim($_POST['name'])).".".$oext;
} else
$origfilename = $content->getOriginalFileName();
$file_ary[] = array(
'tmp_name' => $fullfile,
'type' => $content->getMimeType(),
'name' => $origfilename,
'size' => $content->getFileSize(),
'error' => 0,
'source' => 'library',
);
}
}
}
}
}
if($controller->hasHook('getDocument')) {
$file_ary = array_merge($file_ary, $controller->callHook('getDocument', $_POST));
}
@ -472,7 +393,6 @@ foreach($file_ary as $file) {
$controller->setParam('sequence', $sequence);
$controller->setParam('reviewers', $reviewers);
$controller->setParam('approvers', $approvers);
$controller->setParam('recipients', $recipients);
$controller->setParam('reqversion', $reqversion);
$controller->setParam('versioncomment', $version_comment);
$controller->setParam('attributes', $attributes);
@ -480,7 +400,6 @@ foreach($file_ary as $file) {
$controller->setParam('workflow', $workflow);
$controller->setParam('notificationgroups', $notgroups);
$controller->setParam('notificationusers', $notusers);
$controller->setParam('initialdocumentstatus', $settings->_initialDocumentStatus);
$controller->setParam('maxsizeforfulltext', $settings->_maxSizeForFullText);
$controller->setParam('defaultaccessdocs', $settings->_defaultAccessDocs);

1
op/op.AddDocumentLink.php
View File

@ -73,5 +73,4 @@ if (!$document->addDocumentLink($docid, $user->getID(), $public)){
}
header("Location:../out/out.ViewDocument.php?documentid=".$documentid."&currenttab=links");
?>

85
op/op.AddToTransmittal.php
View File

@ -1,85 +0,0 @@
<?php
// MyDMS. Document Management System
// Copyright (C) 2002-2005 Markus Westphal
// Copyright (C) 2006-2008 Malcolm Cowe
//
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
include("../inc/inc.Settings.php");
include("../inc/inc.Utils.php");
include("../inc/inc.LogInit.php");
include("../inc/inc.Language.php");
include("../inc/inc.Init.php");
include("../inc/inc.Extension.php");
include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.Authentication.php");
/* Check if the form data comes for a trusted request */
if(!checkFormKey('addtotransmittal')) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_request_token"))),getMLText("invalid_request_token"));
}
if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
$documentid = $_POST["documentid"];
$document = $dms->getDocument($documentid);
if (!is_object($document)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
if ($document->getAccessMode($user) < M_READ) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
}
if (!isset($_POST["version"]) || !is_numeric($_POST["version"]) || intval($_POST["version"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
$version_num = $_POST["version"];
$version = $document->getContentByVersion($version_num);
if (!is_object($version)) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
if (!isset($_POST["assignTo"]) || !is_numeric($_POST["assignTo"]) || intval($_POST["assignTo"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
$transmittalid = $_POST["assignTo"];
$transmittal = $dms->getTransmittal($transmittalid);
if (!is_object($transmittal)) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
if ($transmittal->getUser()->getID() != $user->getID()) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_transmittal"));
}
if($transmittal->addContent($version)) {
$session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_add_to_transmittal')));
} else {
$session->setSplashMsg(array('type'=>'error', 'msg'=>getMLText('splash_error_add_to_transmittal')));
}
add_log_line("?documentid=".$documentid."&version".$version_num);
header("Location:../out/out.ViewDocument.php?documentid=".$documentid);
?>

49
op/op.AddTransmittal.php
View File

@ -1,49 +0,0 @@
<?php
// MyDMS. Document Management System
// Copyright (C) 2002-2005 Markus Westphal
// Copyright (C) 2006-2008 Malcolm Cowe
// Copyright (C) 2010 Matteo Lucarelli
//
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
include("../inc/inc.Settings.php");
include("../inc/inc.Utils.php");
include("../inc/inc.LogInit.php");
include("../inc/inc.Language.php");
include("../inc/inc.Init.php");
include("../inc/inc.Extension.php");
include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.Authentication.php");
/* Check if the form data comes for a trusted request */
if(!checkFormKey('addtransmittal')) {
UI::exitError(getMLText("my_documents"), getMLText("invalid_request_token"));
}
$name = $_POST["name"];
$comment = $_POST["comment"];
$transmittal = $dms->addTransmittal($name, $comment, $user);
if (!is_object($transmittal)) {
UI::exitError(getMLText("my_documents"), getMLText("error_occured"));
}
add_log_line("?name=".$name);
header("Location:../out/out.MyDocuments.php");
?>

86
op/op.Ajax.php
View File

@ -53,12 +53,9 @@ if (isset($_COOKIE["mydms_session"])) {
echo json_encode(array('error'=>1));
exit;
}
if($resArr["su"] && $su = $dms->getUser($resArr["su"])) {
if($user->isAdmin() || $user->maySwitchToUser($su)) {
$user = $su;
} else {
$session->resetSu();
if($user->isAdmin()) {
if($resArr["su"]) {
$user = $dms->getUser($resArr["su"]);
}
}
$dms->setUser($user);
@ -66,8 +63,6 @@ if (isset($_COOKIE["mydms_session"])) {
$dms->checkWithinRootDir = true;
$dms->setRootFolderID($user->getHomeFolder());
}
$role = $user->getRole();
$dms->noReadForStatus = $role->getNoAccess();
include $settings->_rootDir . "languages/" . $resArr["language"] . "/lang.inc";
} else {
@ -110,13 +105,11 @@ switch($command) {
}
break; /* }}} */
/* Used for document chooser */
case 'searchdocument': /* {{{ */
if($user) {
$query = $_GET['query'];
$status = isset($_GET['status']) ? (is_array($_GET['status']) ? $_GET['status'] : array($_GET['status'])) : array();
$hits = $dms->search($query, $limit=0, $offset=0, $logicalmode='AND', $searchin=array(), $startFolder=$dms->getRootFolder(), $owner=null, $status, $creationstartdate=array(), $creationenddate=array(), $modificationstartdate=array(), $modificationenddate=array(), $categories=array(), $attributes=array(), $mode=0x1, $expirationstartdate=array(), $expirationenddate=array());
$hits = $dms->search($query, $limit=0, $offset=0, $logicalmode='AND', $searchin=array(), $startFolder=$dms->getRootFolder(), $owner=null, $status = array(), $creationstartdate=array(), $creationenddate=array(), $modificationstartdate=array(), $modificationenddate=array(), $categories=array(), $attributes=array(), $mode=0x1, $expirationstartdate=array(), $expirationenddate=array());
if($hits) {
$result = array();
foreach($hits['docs'] as $hit) {
@ -903,7 +896,6 @@ switch($command) {
$controller->setParam('workflow', $workflow);
$controller->setParam('notificationgroups', array());
$controller->setParam('notificationusers', array());
$controller->setParam('initialdocumentstatus', $settings->_initialDocumentStatus);
$controller->setParam('maxsizeforfulltext', $settings->_maxSizeForFullText);
$controller->setParam('defaultaccessdocs', $settings->_defaultAccessDocs);
@ -935,41 +927,6 @@ switch($command) {
}
break; /* }}} */
/* Deprecated, has moved to op/op.TransmittalMgr.php */
case '___removetransmittalitem': /* {{{ */
if($user) {
if(!checkFormKey('removetransmittalitem', 'GET')) {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>getMLText('invalid_request_token'), 'data'=>''));
} else {
$item = SeedDMS_Core_TransmittalItem::getInstance((int) $_REQUEST['id'], $dms);
if($item) {
$transmittal = $item->getTransmittal();
if($transmittal) {
if ($transmittal->getUser()->getID() == $user->getID()) {
if($item->remove()) {
header('Content-Type: application/json');
echo json_encode(array('success'=>true, 'message'=>'', 'data'=>''));
} else {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>'Error removing transmittal item', 'data'=>''));
}
} else {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>'No access', 'data'=>''));
}
} else {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>'No transmittal', 'data'=>''));
}
} else {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>'No transmittal item', 'data'=>''));
}
}
}
break; /* }}} */
case 'updatedocument': /* {{{ */
if($user) {
if(checkFormKey('')) {
@ -1126,41 +1083,6 @@ switch($command) {
}
break; /* }}} */
/* Deprecated, has moved to op/op.TransmittalMgr.php */
case '___updatetransmittalitem': /* {{{ */
if($user) {
if(!checkFormKey('updatetransmittalitem', 'GET')) {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>getMLText('invalid_request_token'), 'data'=>''));
} else {
$item = SeedDMS_Core_TransmittalItem::getInstance((int) $_REQUEST['id'], $dms);
if($item) {
$transmittal = $item->getTransmittal();
if($transmittal) {
if ($transmittal->getUser()->getID() == $user->getID()) {
if($item->updateContent()) {
header('Content-Type: application/json');
echo json_encode(array('success'=>true, 'message'=>'', 'data'=>''));
} else {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>'Error removing transmittal item', 'data'=>''));
}
} else {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>'No access', 'data'=>''));
}
} else {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>'No transmittal', 'data'=>''));
}
} else {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>'No transmittal item', 'data'=>''));
}
}
}
break; /* }}} */
case 'addfolder': /* {{{ */
if($user) {
if(checkFormKey('')) {

6
op/op.ApproveDocument.php
View File

@ -32,7 +32,6 @@ include("../inc/inc.ClassController.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
/* Check if the form data comes from a trusted request */
if(!checkFormKey('approvedocument')) {
@ -73,8 +72,11 @@ if ($latestContent->getVersion()!=$version) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
/* Create object for checking access to certain operations */
$accessop = new SeedDMS_AccessOperation($dms, $document, $user, $settings);
// verify if document may be approved
if (!$accessop->mayApprove($document)){
if (!$accessop->mayApprove()){
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
}

56
op/op.CancelCheckOut.php
View File

@ -1,56 +0,0 @@
<?php
// SeedDMS. Document Management System
// Copyright (C) 2015 Uwe Steinmann
//
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
include("../inc/inc.Settings.php");
include("../inc/inc.Utils.php");
include("../inc/inc.LogInit.php");
include("../inc/inc.Language.php");
include("../inc/inc.Init.php");
include("../inc/inc.Extension.php");
include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.Authentication.php");
/* Check if the form data comes from a trusted request */
if(!checkFormKey('cancelcheckout')) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_request_token"))),getMLText("invalid_request_token"));
}
if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
$documentid = $_POST["documentid"];
$document = $dms->getDocument($documentid);
$checkoutstatus = $document->checkOutStatus();
/* Check out of files which has been changed, can only be canceled if allowed in the configuration */
if($checkoutstatus == 0 && empty($settings->_enableCancelCheckout)) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("operation_disallowed"));
}
if(empty($_POST['confirm'])) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("operation_disallowed"));
}
if(!$document->cancelCheckOut()) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("error_cancel_checkout"));
}
$session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_cancel_checkout')));
add_log_line("?documentid=".$documentid);
header("Location:../out/out.ViewDocument.php?documentid=".$documentid);

311
op/op.CheckInDocument.php
View File

@ -1,311 +0,0 @@
<?php
// SeedDMS. Document Management System
// Copyright (C) 2015 Uwe Steinmann
//
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
include("../inc/inc.Settings.php");
include("../inc/inc.Utils.php");
include("../inc/inc.LogInit.php");
include("../inc/inc.Language.php");
include("../inc/inc.Init.php");
include("../inc/inc.Extension.php");
include("../inc/inc.DBInit.php");
include("../inc/inc.Authentication.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.ClassController.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_controller_access($controller, $_POST)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("access_denied"));
}
/* if post_max_size is to small, then $_POST will not be set and the content
* lenght will exceed post_max_size
*/
if(empty($_POST) && $_SERVER['CONTENT_LENGTH'] > SeedDMS_Core_File::parse_filesize(ini_get('post_max_size'))) {
UI::exitError(getMLText("folder_title", array("foldername" => '')),getMLText("uploading_postmaxsize"));
}
/* Check if the form data comes from a trusted request */
if(!checkFormKey('checkindocument')) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_request_token"))),getMLText("invalid_request_token"));
}
if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
$documentid = $_POST["documentid"];
$document = $dms->getDocument($documentid);
$folder = $document->getFolder();
if (!is_object($document)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
if ($document->getAccessMode($user, 'checkinDocument') < M_READWRITE) {
UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("access_denied"));
}
if($settings->_quota > 0) {
$remain = checkQuota($user);
if ($remain < 0) {
UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("quota_exceeded", array('bytes'=>SeedDMS_Core_File::format_filesize(abs($remain)))));
}
}
if ($document->isLocked()) {
$lockingUser = $document->getLockingUser();
if (($lockingUser->getID() != $user->getID()) && ($document->getAccessMode($user) != M_ALL)) {
UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("no_update_cause_locked"));
}
else $document->setLocked(false);
}
if(!$accessop->mayCheckIn($document)) {
UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("access_denied"));
}
if(isset($_POST["comment"]))
$comment = $_POST["comment"];
else
$comment = "";
$oldexpires = $document->getExpires();
switch($_POST["presetexpdate"]) {
case "date":
$expires = makeTsFromDate($_POST["expdate"]);
// $tmp = explode('-', $_POST["expdate"]);
// $expires = mktime(0,0,0, $tmp[1], $tmp[2], $tmp[0]);
break;
case "1w":
$tmp = explode('-', date('Y-m-d'));
$expires = mktime(0,0,0, $tmp[1], $tmp[2]+7, $tmp[0]);
break;
case "1m":
$tmp = explode('-', date('Y-m-d'));
$expires = mktime(0,0,0, $tmp[1]+1, $tmp[2], $tmp[0]);
break;
case "1y":
$tmp = explode('-', date('Y-m-d'));
$expires = mktime(0,0,0, $tmp[1], $tmp[2], $tmp[0]+1);
break;
case "2y":
$tmp = explode('-', date('Y-m-d'));
$expires = mktime(0,0,0, $tmp[1], $tmp[2], $tmp[0]+2);
break;
case "never":
default:
$expires = null;
break;
}
// Get the list of reviewers and approvers for this document.
$reviewers = array();
$approvers = array();
$recipients = array();
$reviewers["i"] = array();
$reviewers["g"] = array();
$approvers["i"] = array();
$approvers["g"] = array();
$recipients["i"] = array();
$recipients["g"] = array();
$workflow = null;
if($settings->_workflowMode == 'traditional' || $settings->_workflowMode == 'traditional_only_approval') {
if($settings->_workflowMode == 'traditional') {
// Retrieve the list of individual reviewers from the form.
$reviewers["i"] = array();
if (isset($_POST["indReviewers"])) {
foreach ($_POST["indReviewers"] as $ind) {
$reviewers["i"][] = $ind;
}
}
// Retrieve the list of reviewer groups from the form.
$reviewers["g"] = array();
if (isset($_POST["grpReviewers"])) {
foreach ($_POST["grpReviewers"] as $grp) {
$reviewers["g"][] = $grp;
}
}
// Retrieve the list of reviewer groups whose members become individual reviewers
if (isset($_POST["grpIndReviewers"])) {
foreach ($_POST["grpIndReviewers"] as $grp) {
if($group = $dms->getGroup($grp)) {
$members = $group->getUsers();
foreach($members as $member)
$reviewers["i"][] = $member->getID();
}
}
}
}
// Retrieve the list of individual approvers from the form.
$approvers["i"] = array();
if (isset($_POST["indApprovers"])) {
foreach ($_POST["indApprovers"] as $ind) {
$approvers["i"][] = $ind;
}
}
// Retrieve the list of approver groups from the form.
$approvers["g"] = array();
if (isset($_POST["grpApprovers"])) {
foreach ($_POST["grpApprovers"] as $grp) {
$approvers["g"][] = $grp;
}
}
// Retrieve the list of reviewer groups whose members become individual approvers
if (isset($_POST["grpIndApprovers"])) {
foreach ($_POST["grpIndApprovers"] as $grp) {
if($group = $dms->getGroup($grp)) {
$members = $group->getUsers();
foreach($members as $member)
$approvers["i"][] = $member->getID();
}
}
}
// add mandatory reviewers/approvers
if($settings->_workflowMode == 'traditional') {
$mreviewers = getMandatoryReviewers($folder, $document, $user);
if($mreviewers['i'])
$reviewers['i'] = array_merge($reviewers['i'], $mreviewers['i']);
if($mreviewers['g'])
$reviewers['g'] = array_merge($reviewers['g'], $mreviewers['g']);
}
$mapprovers = getMandatoryApprovers($folder, $document, $user);
if($mapprovers['i'])
$approvers['i'] = array_merge($approvers['i'], $mapprovers['i']);
if($mapprovers['g'])
$approvers['g'] = array_merge($approvers['g'], $mapprovers['g']);
if($settings->_workflowMode == 'traditional' && !$settings->_allowReviewerOnly) {
/* Check if reviewers are send but no approvers */
if(($reviewers["i"] || $reviewers["g"]) && !$approvers["i"] && !$approvers["g"]) {
UI::exitError(getMLText("folder_title", array("foldername" => $folder->getName())),getMLText("error_uploading_reviewer_only"));
}
}
} elseif($settings->_workflowMode == 'advanced') {
if(!$workflows = $user->getMandatoryWorkflows()) {
if(isset($_POST["workflow"]))
$workflow = $dms->getWorkflow($_POST["workflow"]);
else
$workflow = null;
} else {
/* If there is excactly 1 mandatory workflow, then set no matter what has
* been posted in 'workflow', otherwise check if the posted workflow is in the
* list of mandatory workflows. If not, then take the first one.
*/
$workflow = array_shift($workflows);
foreach($workflows as $mw)
if($mw->getID() == $_POST['workflow']) {$workflow = $mw; break;}
}
}
// Retrieve the list of individual recipients from the form.
$recipients["i"] = array();
if (isset($_POST["indRecipients"])) {
foreach ($_POST["indRecipients"] as $ind) {
$recipients["i"][] = $ind;
}
}
// Retrieve the list of recipient groups from the form.
$recipients["g"] = array();
if (isset($_POST["grpRecipients"])) {
foreach ($_POST["grpRecipients"] as $grp) {
$recipients["g"][] = $grp;
}
}
// Retrieve the list of recipient groups whose members become individual recipients
if (isset($_POST["grpIndRecipients"])) {
foreach ($_POST["grpIndRecipients"] as $grp) {
if($group = $dms->getGroup($grp)) {
$members = $group->getUsers();
foreach($members as $member) {
/* Do not add the uploader itself as recipient */
if(!$settings->_enableFilterReceipt || ($member->getID() != $user->getID() && !in_array($member->getID(), $reviewers['i'])))
if(!in_array($member->getID(), $recipients["i"]))
$recipients["i"][] = $member->getID();
}
}
}
}
if(isset($_POST["attributes_version"]) && $_POST["attributes_version"]) {
$attributes = $_POST["attributes_version"];
foreach($attributes as $attrdefid=>$attribute) {
$attrdef = $dms->getAttributeDefinition($attrdefid);
if($attribute) {
switch($attrdef->getType()) {
case SeedDMS_Core_AttributeDefinition::type_date:
$attribute = date('Y-m-d', makeTsFromDate($attribute));
break;
}
if(!$attrdef->validate($attribute, null, true)) {
$errmsg = getAttributeValidationText($attrdef->getValidationError(), $attrdef->getName(), $attribute);
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())), $errmsg);
}
} elseif($attrdef->getMinValues() > 0) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("attr_min_values", array("attrname"=>$attrdef->getName())));
}
}
} else {
$attributes = array();
}
$controller->setParam('documentsource', 'checkin');
$controller->setParam('folder', $folder);
$controller->setParam('document', $document);
$controller->setParam('fulltextservice', $fulltextservice);
$controller->setParam('comment', $comment);
if($oldexpires != $expires)
$controller->setParam('expires', $expires);
$controller->setParam('reviewers', $reviewers);
$controller->setParam('approvers', $approvers);
$controller->setParam('recipients', $recipients);
$controller->setParam('attributes', $attributes);
$controller->setParam('workflow', $workflow);
$controller->setParam('initialdocumentstatus', $settings->_initialDocumentStatus);
$controller->setParam('maxsizeforfulltext', $settings->_maxSizeForFullText);
if(!$content = $controller()) {
$err = $controller->getErrorMsg();
if(is_string($err))
$errmsg = getMLText($err);
elseif(is_array($err)) {
$errmsg = getMLText($err[0], $err[1]);
} else {
$errmsg = $err;
}
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())), $errmsg);
} else {
if($controller->hasHook('cleanUpDocument')) {
$controller->callHook('cleanUpDocument', $document, $file);
}
// Send notification to subscribers.
if($notifier) {
$notifier->sendNewDocumentVersionMail($document, $user);
$notifier->sendChangedExpiryMail($document, $user, $oldexpires);
}
}
add_log_line("checkin document ".$documentid." with version ".$content->getVersion());
header("Location:../out/out.ViewDocument.php?documentid=".$documentid);

79
op/op.CheckOutDocument.php
View File

@ -1,79 +0,0 @@
<?php
// SeedDMS. Document Management System
// Copyright (C) 2015 Uwe Steinmann
//
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
include("../inc/inc.Settings.php");
include("../inc/inc.Utils.php");
include("../inc/inc.LogInit.php");
include("../inc/inc.Language.php");
include("../inc/inc.Init.php");
include("../inc/inc.Extension.php");
include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.Authentication.php");
if (!isset($_GET["documentid"]) || !is_numeric($_GET["documentid"]) || intval($_GET["documentid"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
$documentid = $_GET["documentid"];
$document = $dms->getDocument($documentid);
if (!is_object($document)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
if(!$settings->_checkOutDir) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("checkout_is_disabled"));
}
if ($document->getAccessMode($user) < M_READWRITE) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
}
if ($document->isLocked()) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("document_already_locked"));
}
if ($document->isCheckedOut()) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("document_already_checkedout"));
}
if($session->getSu()) {
$origuser = $dms->getUser($session->getUser());
$checkoutpath = sprintf($settings->_checkOutDir.'/', preg_replace('/[^A-Za-z0-9_-]/', '', $origuser->getLogin()));
} else {
$checkoutpath = sprintf($settings->_checkOutDir.'/', preg_replace('/[^A-Za-z0-9_-]/', '', $user->getLogin()));
}
if(!file_exists($checkoutpath) && $settings->_createCheckOutDir) {
SeedDMS_Core_File::makeDir($checkoutpath);
}
if(!file_exists($checkoutpath)) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("checkoutpath_does_not_exist"));
}
if (!$document->checkOut($user, $checkoutpath)) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("error_occured"));
}
$session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_document_checkedout')));
add_log_line();
header("Location:../out/out.ViewDocument.php?documentid=".$documentid);
?>

60
op/op.Cron.php
View File

@ -1,60 +0,0 @@
<?php
// MyDMS. Document Management System
// Copyright (C) 2002-2005 Markus Westphal
// Copyright (C) 2006-2008 Malcolm Cowe
// Copyright (C) 2010 Matteo Lucarelli
// Copyright (C) 2010-2016 Uwe Steinmann
//
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
require_once("../inc/inc.Settings.php");
require_once("../inc/inc.Utils.php");
require_once("../inc/inc.LogInit.php");
require_once("../inc/inc.Language.php");
require_once("../inc/inc.Init.php");
require_once("../inc/inc.Extension.php");
require_once("../inc/inc.DBInit.php");
require_once("../inc/inc.ClassController.php");
require_once("../inc/inc.Scheduler.php");
require_once("../inc/inc.BasicAuthentication.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
if($user->getLogin() != 'cli_scheduler') {
header('WWW-Authenticate: Basic realm="'.$settings->_siteName.'"');
header('HTTP/1.0 401 Unauthorized');
echo "Wrong user";
exit;
}
$mode = 'list';
if(!empty($_GET['mode']) && in_array($_GET['mode'], array('list', 'run', 'dryrun', 'check')))
$mode = $_GET['mode'];
$task = '';
if(!empty($_GET['task']))
$task = $_GET['task'];
$controller->setParam('settings', $settings);
$controller->setParam('logger', $logger);
$controller->setParam('mode', $mode);
$controller->setParam('task', $task);
if(!$controller->run()) {
echo getMLText("error_occured");
exit;
}
add_log_line();
exit();

96
op/op.Download.php
View File

@ -32,10 +32,6 @@ include("../inc/inc.Authentication.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_controller_access($controller, $_POST)) {
UI::exitError(getMLText("document_title", array("documentname" => "")),getMLText("access_denied"));
}
if (isset($_GET["version"])) { /* {{{ */
@ -102,9 +98,19 @@ elseif (isset($_GET["file"])) { /* {{{ */
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_file_id"));
}
$controller->setParam('file', $file);
$controller->setParam('type', 'file');
$controller->run();
if(!file_exists($dms->contentDir . $file->getPath())) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("missing_file"));
}
header("Content-Transfer-Encoding: binary");
header("Content-Length: " . filesize($dms->contentDir . $file->getPath() ));
$efilename = rawurlencode($file->getOriginalFileName());
header("Content-Disposition: attachment; filename=\"" . $efilename . "\"; filename*=UTF-8''".$efilename);
header("Content-Type: " . $file->getMimeType());
header("Cache-Control: must-revalidate");
sendFile($dms->contentDir . $file->getPath());
} /* }}} */
elseif (isset($_GET["arkname"])) { /* {{{ */
$filename = basename($_GET["arkname"]);
@ -124,9 +130,16 @@ elseif (isset($_GET["arkname"])) { /* {{{ */
UI::exitError(getMLText("admin_tools"),getMLText("missing_file"));
}
$controller->setParam('basedir', $backupdir);
$controller->setParam('file', $filename);
$controller->archive();
header('Content-Description: File Transfer');
header("Content-Type: application/zip");
header("Content-Transfer-Encoding: binary");
header("Content-Length: " . filesize($backupdir . $filename ));
$efilename = rawurlencode($filename);
header("Content-Disposition: attachment; filename=\"" .$efilename . "\"; filename*=UTF-8''".$efilename);
header("Cache-Control: must-revalidate");
sendFile($backupdir .$filename );
} /* }}} */
elseif (isset($_GET["logname"])) { /* {{{ */
$filename = basename($_GET["logname"], '.log').'.log';
@ -145,9 +158,14 @@ elseif (isset($_GET["logname"])) { /* {{{ */
UI::exitError(getMLText("admin_tools"),getMLText("missing_file"));
}
$controller->setParam('file', $filename);
$controller->setParam('basedir', $settings->_contentDir . 'log/');
$controller->log();
header("Content-Type: text/plain");
header("Content-Transfer-Encoding: binary");
header("Content-Length: " . filesize($settings->_contentDir.'log/' . $filename ));
$efilename = rawurlencode($filename);
header("Content-Disposition: attachment; filename=\"" .$efilename . "\"; filename*=UTF-8''".$efilename);
header("Cache-Control: must-revalidate");
sendFile($settings->_contentDir . 'log/' . $filename );
} /* }}} */
elseif (isset($_GET["vfile"])) { /* {{{ */
@ -197,9 +215,14 @@ elseif (isset($_GET["dumpname"])) { /* {{{ */
UI::exitError(getMLText("admin_tools"),getMLText("missing_file"));
}
$controller->setParam('basedir', $backupdir);
$controller->setParam('file', $filename);
$controller->sqldump();
header("Content-Type: application/zip");
header("Content-Transfer-Encoding: binary");
header("Content-Length: " . filesize($backupdir . $filename ));
$efilename = rawurlencode($filename);
header("Content-Disposition: attachment; filename=\"" .$efilename . "\"; filename*=UTF-8''".$efilename);
header("Cache-Control: must-revalidate");
sendFile($backupdir .$filename );
} /* }}} */
elseif (isset($_GET["reviewlogid"])) { /* {{{ */
if (!isset($_GET["documentid"]) || !is_numeric($_GET["documentid"]) || intval($_GET["documentid"])<1) {
@ -220,15 +243,22 @@ elseif (isset($_GET["reviewlogid"])) { /* {{{ */
UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("access_denied"));
}
$controller->setParam('document', $document);
$controller->setParam('reviewlogid', (int) $_GET['reviewlogid']);
$controller->setParam('type', 'review');
$controller->run();
switch($controller->getErrorNo()) {
case 1:
$filename = $dms->contentDir . $document->getDir().'r'.(int) $_GET['reviewlogid'];
if (!file_exists($filename) ) {
UI::exitError(getMLText("admin_tools"),getMLText("missing_file"));
break;
}
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$mimetype = finfo_file($finfo, $filename);
header("Content-Type: ".$mimetype);
header("Content-Transfer-Encoding: binary");
header("Content-Length: " . filesize($filename ));
header("Content-Disposition: attachment; filename=\"review-" . $document->getID()."-".(int) $_GET['reviewlogid'] . get_extension($mimetype) . "\"");
header("Cache-Control: must-revalidate");
sendFile($filename);
} /* }}} */
elseif (isset($_GET["approvelogid"])) { /* {{{ */
if (!isset($_GET["documentid"]) || !is_numeric($_GET["documentid"]) || intval($_GET["documentid"])<1) {
@ -249,15 +279,21 @@ elseif (isset($_GET["approvelogid"])) { /* {{{ */
UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("access_denied"));
}
$controller->setParam('document', $document);
$controller->setParam('approvelogid', (int) $_GET['approvelogid']);
$controller->setParam('type', 'approval');
$controller->run();
switch($controller->getErrorNo()) {
case 1:
$filename = $dms->contentDir . $document->getDir().'a'.(int) $_GET['approvelogid'];
if (!file_exists($filename) ) {
UI::exitError(getMLText("admin_tools"),getMLText("missing_file"));
break;
}
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$mimetype = finfo_file($finfo, $filename);
header("Content-Type: ".$mimetype);
header("Content-Transfer-Encoding: binary");
header("Content-Length: " . filesize($filename ));
header("Content-Disposition: attachment; filename=\"approval-" . $document->getID()."-".(int) $_GET['approvelogid'] . get_extension($mimetype) . "\"");
header("Cache-Control: must-revalidate");
sendFile($filename);
} /* }}} */
add_log_line();

5
op/op.EditAttributes.php
View File

@ -34,11 +34,6 @@ if(!checkFormKey('editattributes')) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_request_token"))),getMLText("invalid_request_token"));
}
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_controller_access('EditAttributes', $_POST)) {
UI::exitError(getMLText("folder_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("access_denied"));
}
if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}

5
op/op.EditComment.php
View File

@ -34,11 +34,6 @@ if(!checkFormKey('editcomment')) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_request_token"))),getMLText("invalid_request_token"));
}
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_controller_access('EditComment', $_POST)) {
UI::exitError(getMLText("folder_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("access_denied"));
}
if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}

4
op/op.EditDocument.php
View File

@ -31,10 +31,6 @@ include("../inc/inc.Authentication.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_controller_access($controller, $_POST)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("access_denied"));
}
/* Check if the form data comes from a trusted request */
if(!checkFormKey('editdocument')) {

4
op/op.EditDocumentFile.php
View File

@ -32,10 +32,6 @@ include("../inc/inc.Authentication.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_controller_access($controller, $_POST)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("access_denied"));
}
/* Check if the form data comes from a trusted request */
if(!checkFormKey('editdocumentfile')) {

4
op/op.EditFolder.php
View File

@ -31,10 +31,6 @@ include("../inc/inc.Authentication.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_controller_access($controller, $_POST)) {
UI::exitError(getMLText("folder_title", array("foldername" => getMLText("invalid_folder_id"))),getMLText("access_denied"));
}
/* Check if the form data comes from a trusted request */
if(!checkFormKey('editfolder')) {

18
op/op.EditOnline.php
View File

@ -28,38 +28,28 @@ include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.Authentication.php");
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_controller_access('EditOnline', $_POST)) {
echo json_encode(array('success'=>false, 'message'=>getMLText('access_denied')));
exit;
}
if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) {
echo json_encode(array('success'=>false, 'message'=>getMLText('invalid_doc_id')));
exit;
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
$documentid = $_POST["documentid"];
$document = $dms->getDocument($documentid);
if (!is_object($document)) {
echo json_encode(array('success'=>false, 'message'=>getMLText('invalid_doc_id')));
exit;
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
$folder = $document->getFolder();
$docPathHTML = getFolderPathHTML($folder, true). " / <a href=\"../out/out.ViewDocument.php?documentid=".$documentid."\">".$document->getName()."</a>";
if ($document->getAccessMode($user, 'editOnline') < M_READWRITE) {
echo json_encode(array('success'=>false, 'message'=>getMLText('access_denied')));
exit;
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
}
if($document->isLocked()) {
$lockingUser = $document->getLockingUser();
if (($lockingUser->getID() != $user->getID()) && ($document->getAccessMode($user, 'editOnline') != M_ALL)) {
echo json_encode(array('success'=>false, 'message'=>getMLText("lock_message", array("email" => $lockingUser->getEmail(), "username" => htmlspecialchars($lockingUser->getFullName())))));
exit;
UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("lock_message", array("email" => $lockingUser->getEmail(), "username" => htmlspecialchars($lockingUser->getFullName()))));
}
}

25
op/op.ImportUsers.php
View File

@ -125,21 +125,26 @@ function renderGroupData($colname, $objdata) { /* {{{ */
} /* }}} */
function getRoleData($colname, $coldata, $objdata) { /* {{{ */
global $dms;
if($role = $dms->getRoleByName($coldata)) {
$objdata['role'] = $role;
} else {
$objdata['role'] = null;
switch($coldata) {
case 'admin':
$role = 1;
break;
case 'guest':
$role = 2;
break;
case 'user':
$role = 0;
break;
default:
$role = 0;
$objdata['__logs__'][] = array('type'=>'error', 'msg'=> "No such role with name '".$coldata."'");
}
$objdata['role'] = $role;
return $objdata;
} /* }}} */
function renderRoleData($colname, $objdata) { /* {{{ */
$html = '';
if($objdata[$colname])
$html .= $objdata[$colname]->getName();
return $html;
return ($objdata[$colname] == 1 ? 'admin' : ($objdata[$colname] == 2 ? 'guest' : 'user'));
} /* }}} */
if (!$user->isAdmin()) {
@ -313,7 +318,7 @@ if (isset($_FILES['userdata']) && $_FILES['userdata']['error'] == 0) {
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings);
if($view) {
$view->setParam('log', $log);
$view->setParam('newusers', $newusers);

10
op/op.LockDocument.php
View File

@ -29,11 +29,6 @@ require_once("inc/inc.DBInit.php");
require_once("inc/inc.ClassUI.php");
require_once("inc/inc.Authentication.php");
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_controller_access('LockDocument', $_POST)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("access_denied"));
}
/* Check if the form data comes from a trusted request */
if(!checkFormKey('lockdocument', 'GET')) {
UI::exitError(getMLText("document_title"), getMLText("invalid_request_token"));
@ -50,11 +45,6 @@ if (!is_object($document)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_controller_access('LockDocument', $_POST)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("access_denied"));
}
$folder = $document->getFolder();
$docPathHTML = getFolderPathHTML($folder, true). " / <a href=\"../out/out.ViewDocument.php?documentid=".$documentid."\">".$document->getName()."</a>";

5
op/op.MoveDocument.php
View File

@ -33,11 +33,6 @@ if(!checkFormKey('movedocument', 'GET')) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_request_token"))),getMLText("invalid_request_token"));
}
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_controller_access('MoveDocument', $_POST)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("access_denied"));
}
if (!isset($_GET["documentid"]) || !is_numeric($_GET["documentid"]) || intval($_GET["documentid"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}

5
op/op.MoveFolder.php
View File

@ -33,11 +33,6 @@ if(!checkFormKey('movefolder', 'GET')) {
UI::exitError(getMLText("folder_title", array("foldername" => getMLText("invalid_request_token"))),getMLText("invalid_request_token"));
}
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_controller_access('MoveFolder', $_POST)) {
UI::exitError(getMLText("folder_title", array("foldername" => getMLText("invalid_folder_id"))),getMLText("access_denied"));
}
if (!isset($_GET["folderid"]) || !is_numeric($_GET["folderid"]) || intval($_GET["folderid"])<1) {
UI::exitError(getMLText("folder_title", array("foldername" => getMLText("invalid_folder_id"))),getMLText("invalid_folder_id"));
}

9
op/op.OverrideContentStatus.php
View File

@ -28,13 +28,6 @@ include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.Authentication.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
//$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if(!$accessop->check_controller_access($tmp[1] /*$controller*/)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("access_denied"));
}
/* Check if the form data comes from a trusted request */
if(!checkFormKey('overridecontentstatus')) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_request_token"))),getMLText("invalid_request_token"));
@ -65,7 +58,7 @@ if (!is_object($content)) {
}
if (!isset($_POST["overrideStatus"]) || !is_numeric($_POST["overrideStatus"]) ||
(intval($_POST["overrideStatus"]) != S_RELEASED && intval($_POST["overrideStatus"]) != S_OBSOLETE && intval($_POST["overrideStatus"]) != S_DRAFT && intval($_POST["overrideStatus"]) != S_NEEDS_CORRECTION)) {
(intval($_POST["overrideStatus"])<-3 && intval($_POST["overrideStatus"])>2)) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_status"));
}

105
op/op.ReceiptDocument.php
View File

@ -1,105 +0,0 @@
<?php
// MyDMS. Document Management System
// Copyright (C) 2002-2005 Markus Westphal
// Copyright (C) 2006-2008 Malcolm Cowe
// Copyright (C) 2010 Matteo Lucarelli
//
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
include("../inc/inc.Settings.php");
include("../inc/inc.Utils.php");
include("../inc/inc.LogInit.php");
include("../inc/inc.Language.php");
include("../inc/inc.Init.php");
include("../inc/inc.Extension.php");
include("../inc/inc.DBInit.php");
include("../inc/inc.Authentication.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.ClassController.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
/* Check if the form data comes for a trusted request */
if(!checkFormKey('receiptdocument')) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_request_token"))),getMLText("invalid_request_token"));
}
if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
$documentid = $_POST["documentid"];
$document = $dms->getDocument($documentid);
if (!is_object($document)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
// verify if document may be receіpted
if (!$accessop->mayReceipt($document)){
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
}
$folder = $document->getFolder();
if (!isset($_POST["version"]) || !is_numeric($_POST["version"]) || intval($_POST["version"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
$version = $_POST["version"];
$content = $document->getContentByVersion($version);
if (!is_object($content)) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
// operation is only allowed for the last document version
$latestContent = $document->getLatestContent();
if ($latestContent->getVersion()!=$version) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
if (!isset($_POST["receiptStatus"]) || !is_numeric($_POST["receiptStatus"]) ||
(intval($_POST["receiptStatus"])!=1 && intval($_POST["receiptStatus"])!=-1)) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_receipt_status"));
}
$controller->setParam('document', $document);
$controller->setParam('content', $latestContent);
$controller->setParam('receiptstatus', $_POST["receiptStatus"]);
$controller->setParam('receipttype', $_POST["receiptType"]);
if ($_POST["receiptType"] == "grp") {
$group = $dms->getGroup($_POST['receiptGroup']);
} else {
$group = null;
}
$controller->setParam('group', $group);
$controller->setParam('comment', $_POST["comment"]);
if(!$controller->run()) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText($controller->getErrorMsg()));
}
if ($_POST["receiptType"] == "ind" || $_POST["receiptType"] == "grp") {
if($notifier) {
$receiptlog = $latestContent->getReceiptLog();
$notifier->sendSubmittedReceiptMail($latestContent, $user, $receiptlog ? $receiptlog[0] : false);
}
}
add_log_line("documentid=".$documentid."&version=".$version);
header("Location:../out/out.ViewDocument.php?documentid=".$documentid."&currenttab=recipients");

4
op/op.RemoveDocument.php
View File

@ -31,10 +31,6 @@ include("../inc/inc.Authentication.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_controller_access($controller, $_POST)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("access_denied"));
}
/* Check if the form data comes from a trusted request */
if(!checkFormKey('removedocument')) {

5
op/op.RemoveDocumentFile.php
View File

@ -27,11 +27,6 @@ include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.Authentication.php");
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_controller_access('RemoveDocumentFile', $_POST)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("access_denied"));
}
/* Check if the form data comes from a trusted request */
if(!checkFormKey('removedocumentfile')) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_request_token"))),getMLText("invalid_request_token"));

4
op/op.RemoveVersion.php
View File

@ -44,10 +44,10 @@ if (!is_object($document)) {
}
/* Create object for checking access to certain operations */
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
$accessop = new SeedDMS_AccessOperation($dms, $document, $user, $settings);
// verify if document may be reviewed
if (!$accessop->mayRemoveVersion($document)){
if (!$accessop->mayRemoveVersion()){
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
}

6
op/op.ReviewDocument.php
View File

@ -32,7 +32,6 @@ include("../inc/inc.ClassController.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
/* Check if the form data comes from a trusted request */
if(!checkFormKey('reviewdocument')) {
@ -73,8 +72,11 @@ if ($latestContent->getVersion()!=$version) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
/* Create object for checking access to certain operations */
$accessop = new SeedDMS_AccessOperation($dms, $document, $user, $settings);
// verify if document may be reviewed
if (!$accessop->mayReview($document)){
if (!$accessop->mayReview()){
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
}

120
op/op.ReviseDocument.php
View File

@ -1,120 +0,0 @@
<?php
// MyDMS. Document Management System
// Copyright (C) 2002-2005 Markus Westphal
// Copyright (C) 2006-2008 Malcolm Cowe
// Copyright (C) 2010 Matteo Lucarelli
//
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
include("../inc/inc.Settings.php");
include("../inc/inc.Utils.php");
include("../inc/inc.LogInit.php");
include("../inc/inc.Language.php");
include("../inc/inc.Init.php");
include("../inc/inc.Extension.php");
include("../inc/inc.DBInit.php");
include("../inc/inc.Authentication.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.ClassController.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
/* Check if the form data comes for a trusted request */
if(!checkFormKey('revisedocument')) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_request_token"))),getMLText("invalid_request_token"));
}
if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
$documentid = $_POST["documentid"];
$document = $dms->getDocument($documentid);
if (!is_object($document)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
// verify if document maybe revised
if (!$accessop->mayRevise($document)){
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
}
$folder = $document->getFolder();
if (!isset($_POST["version"]) || !is_numeric($_POST["version"]) || intval($_POST["version"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
$version = $_POST["version"];
$content = $document->getContentByVersion($version);
if (!is_object($content)) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
// operation is only allowed for the last document version
$latestContent = $document->getLatestContent();
if ($latestContent->getVersion()!=$version) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
$olddocstatus = $content->getStatus();
if (!isset($_POST["revisionStatus"]) || !is_numeric($_POST["revisionStatus"]) ||
(!in_array(intval($_POST["revisionStatus"]), array(1, -1, 6)))) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_revision_status"));
}
$controller->setParam('document', $document);
$controller->setParam('content', $content);
$controller->setParam('revisionstatus', $_POST["revisionStatus"]);
$controller->setParam('revisiontype', $_POST["revisionType"]);
if ($_POST["revisionType"] == "grp") {
$group = $dms->getGroup($_POST['revisionGroup']);
} else {
$group = null;
}
$controller->setParam('group', $group);
$controller->setParam('comment', $_POST["comment"]);
$controller->setParam('onevotereject', $settings->_enableRevisionOneVoteReject);
if(!$controller->run()) {
$err = $controller->getErrorMsg();
if(is_string($err))
$errmsg = getMLText($err);
elseif(is_array($err)) {
$errmsg = getMLText($err[0], $err[1]);
} else {
$errmsg = $err;
}
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText($errmsg));
}
if($notifier) {
if ($_POST["revisionType"] == "ind" || $_POST["revisionType"] == "grp") {
$revisionlog = $latestContent->getRevisionLog();
$notifier->sendSubmittedRevisionMail($latestContent, $user, $revisionlog ? $revisionlog[0] : false);
}
/* Send notification about status change only if status has actually changed */
if($controller->oldstatus != $controller->newstatus)
$notifier->sendChangedDocumentStatusMail($latestContent, $user, $controller->oldstatus);
}
add_log_line("documentid=".$documentid."&version=".$version);
header("Location:../out/out.ViewDocument.php?documentid=".$documentid."&currenttab=revision");

133
op/op.RoleMgr.php
View File

@ -1,133 +0,0 @@
<?php
// MyDMS. Document Management System
// Copyright (C) 2002-2005 Markus Westphal
// Copyright (C) 2006-2008 Malcolm Cowe
// Copyright (C) 2010 Matteo Lucarelli
// Copyright (C) 2010-2012 Uwe Steinmann
//
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
include("../inc/inc.Settings.php");
include("../inc/inc.Utils.php");
include("../inc/inc.LogInit.php");
include("../inc/inc.Language.php");
include("../inc/inc.Init.php");
include("../inc/inc.Extension.php");
include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.ClassController.php");
include("../inc/inc.Authentication.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_controller_access($controller, $_POST)) {
UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
}
if (isset($_POST["action"])) $action=$_POST["action"];
else $action=NULL;
if(!in_array($action, array('addrole', 'removerole', 'editrole')))
UI::exitError(getMLText("admin_tools"),getMLText("unknown_command"));
/* Check if the form data comes for a trusted request */
if(!checkFormKey($action)) {
UI::exitError(getMLText("admin_tools"),getMLText("invalid_request_token"));
}
$roleid = 0;
if(in_array($action, array('removerole', 'editrole'))) {
if (isset($_POST["roleid"])) {
$roleid = $_POST["roleid"];
}
if (!isset($roleid) || !is_numeric($roleid) || intval($roleid)<1) {
UI::exitError(getMLText("admin_tools"),getMLText("invalid_role_id"));
}
$roleobj = $dms->getRole($roleid);
if (!is_object($roleobj)) {
UI::exitError(getMLText("admin_tools"),getMLText("invalid_role_id"));
}
$controller->setParam('roleobj', $roleobj);
}
// add new role ---------------------------------------------------------
if ($action == "addrole") {
$name = $_POST["name"];
$role = preg_replace('/[^0-2]+/', '', $_POST["role"]);
if (is_object($dms->getRoleByName($name))) {
UI::exitError(getMLText("admin_tools"),getMLText("role_exists"));
}
if ($role === '') {
UI::exitError(getMLText("admin_tools"),getMLText("missing_role_type"));
}
$controller->setParam('name', $name);
$controller->setParam('role', $role);
$newRole = $controller($_POST);
if ($newRole) {
}
else UI::exitError(getMLText("admin_tools"),getMLText("error_occured"));
$roleid=$newRole->getID();
$session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_add_role')));
add_log_line(".php&action=".$action."&name=".$name);
}
// delete role ------------------------------------------------------------
else if ($action == "removerole") {
if (!$controller($_POST)) {
UI::exitError(getMLText("admin_tools"),getMLText("error_occured"));
}
add_log_line(".php&action=".$action."&roleid=".$roleid);
$session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_rm_role')));
$roleid=-1;
}
// modify role ------------------------------------------------------------
else if ($action == "editrole") {
$name = $_POST["name"];
$role = preg_replace('/[^0-2]+/', '', $_POST["role"]);
$noaccess = isset($_POST['noaccess']) ? $_POST['noaccess'] : null;
$controller->setParam('name', $name);
$controller->setParam('role', $role);
$controller->setParam('noaccess', $noaccess);
if (!$controller($_POST)) {
UI::exitError(getMLText("admin_tools"),getMLText("error_occured"));
}
$session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_edit_role')));
add_log_line(".php&action=".$action."&roleid=".$roleid);
}
header("Location:../out/out.RoleMgr.php?roleid=".$roleid);
?>

144
op/op.SchedulerTaskMgr.php
View File

@ -1,144 +0,0 @@
<?php
// MyDMS. Document Management System
// Copyright (C) 2002-2005 Markus Westphal
// Copyright (C) 2006-2008 Malcolm Cowe
// Copyright (C) 2010 Matteo Lucarelli
// Copyright (C) 2010-2012 Uwe Steinmann
//
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
include("../inc/inc.Settings.php");
include("../inc/inc.Utils.php");
include("../inc/inc.LogInit.php");
include("../inc/inc.Language.php");
include("../inc/inc.Init.php");
include("../inc/inc.Extension.php");
include("../inc/inc.DBInit.php");
include("../inc/inc.Scheduler.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.Authentication.php");
if ($user->isGuest()) {
UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
}
if (isset($_POST["action"])) $action=$_POST["action"];
else $action=NULL;
$scheduler = new SeedDMS_Scheduler($dms->getDB());
// add new task ---------------------------------------------------
if ($action == "addtask") { /* {{{ */
/* Check if the form data comes for a trusted request */
if(!checkFormKey('addtask')) {
UI::exitError(getMLText("admin_tools"),getMLText("invalid_request_token"));
}
$extension = $_POST["extension"];
$task = $_POST["task"];
$name = $_POST["name"];
$description = $_POST["description"];
$frequency = $_POST["frequency"];
$disabled = isset($_POST["disabled"]) ? $_POST["disabled"] : 0;
$params = isset($_POST["params"]) ? $_POST["params"] : null;
$newtask = $scheduler->addTask($extension, $task, $name, $description, $frequency, $disabled, $params);
if ($newtask) {
}
else UI::exitError(getMLText("admin_tools"),getMLText("error_occured"));
$taskid=$newtask->getID();
$session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_add_task')));
add_log_line(".php&action=addtask&name=".$name);
} /* }}} */
// modify task ----------------------------------------------------
else if ($action == "edittask") { /* {{{ */
/* Check if the form data comes for a trusted request */
if(!checkFormKey('edittask')) {
UI::exitError(getMLText("admin_tools"),getMLText("invalid_request_token"));
}
if (!isset($_POST["taskid"]) || !is_numeric($_POST["taskid"]) || intval($_POST["taskid"])<1) {
UI::exitError(getMLText("admin_tools"),getMLText("invalid_task"));
}
$taskid=$_POST["taskid"];
$editedtask = $scheduler->getTask($taskid);
if (!is_object($editedtask)) {
UI::exitError(getMLText("admin_tools"),getMLText("invalid_task"));
}
$name = $_POST["name"];
$description = $_POST["description"];
$frequency = $_POST["frequency"];
$disabled = isset($_POST["disabled"]) ? $_POST["disabled"] : 0;
$params = isset($_POST["params"]) ? $_POST["params"] : null;
if ($editedtask->getName() != $name)
$editedtask->setName($name);
if ($editedtask->getDescription() != $description)
$editedtask->setDescription($description);
$editedtask->setDisabled($disabled);
$editedtask->setParameter($params);
if($editedtask->setFrequency($frequency))
$session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_edit_task')));
else
$session->setSplashMsg(array('type'=>'error', 'msg'=>getMLText('error_edit_task')));
add_log_line(".php&action=edittask&taskid=".$taskid);
} /* }}} */
// delete task -------------------------------------------------------------
else if ($action == "removetask") { /* {{{ */
header('Content-Type: application/json');
/* Check if the form data comes from a trusted request */
if(!checkFormKey('removetask')) {
echo json_encode(array('success'=>false, 'message'=>getMLText("invalid_request_token")));
exit;
}
if (!isset($_POST["taskid"]) || !is_numeric($_POST["taskid"]) || intval($_POST["taskid"])<1) {
echo json_encode(array('success'=>false, 'message'=>getMLText("invalid_task")));
exit;
}
$taskid=$_POST["taskid"];
$task = $scheduler->getTask($taskid);
if (!is_object($task)) {
echo json_encode(array('success'=>false, 'message'=>getMLText("invalid_task")));
exit;
}
if (!$task->remove()) {
echo json_encode(array('success'=>false, 'message'=>getMLText("error_occured")));
exit;
}
add_log_line("?taskid=".$_POST["taskid"]."&action=removetask");
echo json_encode(array('success'=>true, 'message'=>getMLText("task_removed")));
exit;
} /* }}} */
header("Location:../out/out.SchedulerTaskMgr.php");

2
op/op.SendNotification.php
View File

@ -31,7 +31,7 @@ include("../inc/inc.ClassController.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings);
if (!$accessop->check_controller_access($controller, $_GET)) {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>getMLText('access_denied')));

279
op/op.SetRecipients.php
View File

@ -1,279 +0,0 @@
<?php
// MyDMS. Document Management System
// Copyright (C) 2002-2005 Markus Westphal
// Copyright (C) 2006-2008 Malcolm Cowe
// Copyright (C) 2010 Matteo Lucarelli
// Copyright (C) 2010-2015 Uwe Steinmann
//
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
include("../inc/inc.Settings.php");
include("../inc/inc.Utils.php");
include("../inc/inc.LogInit.php");
include("../inc/inc.Language.php");
include("../inc/inc.Init.php");
include("../inc/inc.Extension.php");
include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.Authentication.php");
if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
$documentid = $_POST["documentid"];
$document = $dms->getDocument($documentid);
if (!is_object($document)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
if ($document->getAccessMode($user) < M_READWRITE) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
}
if (!isset($_POST["version"]) || !is_numeric($_POST["version"]) || intval($_POST["version"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
$version = $_POST["version"];
$content = $document->getContentByVersion($version);
if (!is_object($content)) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
$folder = $document->getFolder();
// Retrieve a list of all users and groups that have read rights.
// Afterwards, reorganize them in two arrays with its key being the
// userid or groupid
$docAccess = $document->getReadAccessList($settings->_enableAdminReceipt, $settings->_enableOwnerReceipt);
$accessIndex = array("i"=>array(), "g"=>array());
foreach ($docAccess["users"] as $i=>$da) {
$accessIndex["i"][$da->getID()] = $da;
}
foreach ($docAccess["groups"] as $i=>$da) {
$accessIndex["g"][$da->getID()] = $da;
}
// Retrieve list of currently assigned recipients, along with
// their latest status.
$receiptStatus = $content->getReceiptStatus();
// Index the receipt results for easy cross-reference with the Approvers List.
$receiptIndex = array("i"=>array(), "g"=>array());
foreach ($receiptStatus as $i=>$rs) {
if ($rs["status"]!=S_LOG_USER_REMOVED) {
if ($rs["type"]==0) {
$receiptIndex["i"][$rs["required"]] = array("status"=>$rs["status"], "idx"=>$i);
}
else if ($rs["type"]==1) {
$receiptIndex["g"][$rs["required"]] = array("status"=>$rs["status"], "idx"=>$i);
}
}
}
/* Get List of ind. reviewers, because they are taken out from the receivers
* if added as group.
*/
$reviewStatus = $content->getReviewStatus();
$reviewerids = [];
foreach ($reviewStatus as $r) {
if($r["type"] == 0 && $r["status"] > -2) {
$reviewerids[] = $r['required'];
}
}
// Get the list of proposed recipients, stripping out any duplicates.
$pIndRev = (isset($_POST["indRecipients"]) ? array_values(array_unique($_POST["indRecipients"])) : array());
// Retrieve the list of recipient groups whose members become individual recipients
if (isset($_POST["grpIndRecipients"])) {
foreach ($_POST["grpIndRecipients"] as $grp) {
if($group = $dms->getGroup($grp)) {
$members = $group->getUsers();
foreach($members as $member) {
/* Do not add the uploader itself and reviewers */
if(!$settings->_enableFilterReceipt || ($member->getID() != $content->getUser()->getID() && !in_array($member->getID(), $reviewerids)))
if(!in_array($member->getID(), $pIndRev))
$pIndRev[] = $member->getID();
}
}
}
}
$pGrpRev = (isset($_POST["grpRecipients"]) ? array_values(array_unique($_POST["grpRecipients"])) : array());
foreach ($pIndRev as $p) {
if (is_numeric($p)) {
if (isset($accessIndex["i"][$p])) {
// Proposed recipient is on the list of possible recipients.
if (!isset($receiptIndex["i"][$p])) {
// Proposed recipient is not a current recipient, so add as a new
// recipient.
$res = $content->addIndRecipient($accessIndex["i"][$p], $user);
$unm = $accessIndex["i"][$p]->getFullName();
$uml = $accessIndex["i"][$p]->getEmail();
switch ($res) {
case -1:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("internal_error"));
break;
case -2:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
break;
case -3:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("recipient_already_assigned"));
break;
case -4:
// email error
break;
default:
// Send an email notification to the new recipient.
if($settings->_enableNotificationAppRev) {
if ($notifier) {
$notifier->sendAddReceiptMail($content, $user, $accessIndex["i"][$p]);
}
}
break;
}
}
else {
// Proposed recipient is already in the list of recipients.
// Remove recipient from the index of possible recipients. If there are
// any recipients left over in the list of possible recipients, they
// will be removed from the receipt process for this document revision.
unset($receiptIndex["i"][$p]);
}
}
}
}
if (count($receiptIndex["i"]) > 0) {
foreach ($receiptIndex["i"] as $rx=>$rv) {
if ($rv["status"] == 0) {
// User is to be removed from the recipients list.
if (!isset($accessIndex["i"][$rx])) {
// User does not have any receipt privileges for this document
// revision or does not exist.
$res = $content->delIndRecipient($dms->getUser($rx), $user, getMLText("removed_recipient"));
}
else {
$res = $content->delIndRecipient($accessIndex["i"][$rx], $user);
$unm = $accessIndex["i"][$rx]->getFullName();
$uml = $accessIndex["i"][$rx]->getEmail();
switch ($res) {
case 0:
// Send an email notification to the recipients.
if($settings->_enableNotificationAppRev) {
if ($notifier) {
$notifier->sendDeleteReceiptMail($content, $user, $accessIndex["i"][$rx]);
}
}
break;
case -1:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("internal_error"));
break;
case -2:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
break;
case -3:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("recipient_already_removed"));
break;
case -4:
// email error
break;
}
}
}
}
}
foreach ($pGrpRev as $p) {
if (is_numeric($p)) {
if (isset($accessIndex["g"][$p])) {
// Proposed recipient is on the list of possible recipients.
if (!isset($receiptIndex["g"][$p])) {
// Proposed recipient is not a current recipient, so add as a new
// recipient.
$res = $content->addGrpRecipient($accessIndex["g"][$p], $user);
$gnm = $accessIndex["g"][$p]->getName();
switch ($res) {
case -1:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("internal_error"));
break;
case -2:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
break;
case -3:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("recipient_already_assigned"));
break;
case -4:
// email error
break;
default:
// Send an email notification to the new recipient.
if($settings->_enableNotificationAppRev) {
if ($notifier) {
$notifier->sendAddReceiptMail($content, $user, $accessIndex["g"][$p]);
}
}
break;
}
}
else {
// Remove recipient from the index of possible recipients.
unset($receiptIndex["g"][$p]);
}
}
}
}
if (count($receiptIndex["g"]) > 0) {
foreach ($receiptIndex["g"] as $rx=>$rv) {
if ($rv["status"] == 0) {
// Group is to be removed from the recipientist.
if (!isset($accessIndex["g"][$rx])) {
// Group does not have any receipt privileges for this document
// revision or does not exist.
$res = $content->delGrpRecipient($dms->getGroup($rx), $user, getMLText("removed_recipient"));
}
else {
$res = $content->delGrpRecipient($accessIndex["g"][$rx], $user);
$gnm = $accessIndex["g"][$rx]->getName();
switch ($res) {
case 0:
// Send an email notification to the recipients group.
if($settings->_enableNotificationAppRev) {
if ($notifier) {
$notifier->sendDeleteReceiptMail($content, $user, $accessIndex["g"][$rx]);
}
}
break;
case -1:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("internal_error"));
break;
case -2:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
break;
case -3:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("recipient_already_removed"));
break;
case -4:
// email error
break;
}
}
}
}
}
add_log_line("?documentid=".$documentid);
header("Location:../out/out.DocumentVersionDetail.php?documentid=".$documentid."&version=".$version);
?>

30
op/op.SetReviewersApprovers.php
View File

@ -82,7 +82,7 @@ $approvalStatus = $content->getApprovalStatus();
// Index the review results for easy cross-reference with the reviewers List.
$reviewIndex = array("i"=>array(), "g"=>array());
foreach ($reviewStatus as $i=>$rs) {
if ($rs["status"]!=S_LOG_USER_REMOVED) {
if ($rs["status"]!=-2) {
if ($rs["type"]==0) {
$reviewIndex["i"][$rs["required"]] = array("status"=>$rs["status"], "idx"=>$i);
}
@ -94,7 +94,7 @@ foreach ($reviewStatus as $i=>$rs) {
// Index the approval results for easy cross-reference with the approvers List.
$approvalIndex = array("i"=>array(), "g"=>array());
foreach ($approvalStatus as $i=>$rs) {
if ($rs["status"]!=S_LOG_USER_REMOVED) {
if ($rs["status"]!=-2) {
if ($rs["type"]==0) {
$approvalIndex["i"][$rs["required"]] = array("status"=>$rs["status"], "idx"=>$i);
}
@ -106,18 +106,6 @@ foreach ($approvalStatus as $i=>$rs) {
// Get the list of proposed reviewers, stripping out any duplicates.
$pIndRev = (isset($_POST["indReviewers"]) ? array_values(array_unique($_POST["indReviewers"])) : array());
// Retrieve the list of reviewer groups whose members become individual reviewers
if (isset($_POST["grpIndReviewers"])) {
foreach ($_POST["grpIndReviewers"] as $grp) {
if($group = $dms->getGroup($grp)) {
$members = $group->getUsers();
foreach($members as $member) {
if(!in_array($member->getID(), $pIndRev))
$pIndRev[] = $member->getID();
}
}
}
}
$pGrpRev = (isset($_POST["grpReviewers"]) ? array_values(array_unique($_POST["grpReviewers"])) : array());
if($user->getID() != $owner->getID()) {
$res=$owner->getMandatoryReviewers();
@ -294,18 +282,6 @@ if (count($reviewIndex["g"]) > 0) {
// Get the list of proposed approvers, stripping out any duplicates.
$pIndApp = (isset($_POST["indApprovers"]) ? array_values(array_unique($_POST["indApprovers"])) : array());
// Retrieve the list of approver groups whose members become individual reviewers
if (isset($_POST["grpIndApprovers"])) {
foreach ($_POST["grpIndApprovers"] as $grp) {
if($group = $dms->getGroup($grp)) {
$members = $group->getUsers();
foreach($members as $member) {
if(!in_array($member->getID(), $pIndApp))
$pIndApp[] = $member->getID();
}
}
}
}
$pGrpApp = (isset($_POST["grpApprovers"]) ? array_values(array_unique($_POST["grpApprovers"])) : array());
if($user->getID() != $owner->getID()) {
$res=$owner->getMandatoryApprovers();
@ -482,7 +458,7 @@ if (count($approvalIndex["g"]) > 0) {
$content->verifyStatus(false, $user, '', $settings->_initialDocumentStatus);
$content->verifyStatus(false,$user);
add_log_line("?documentid=".$documentid);
header("Location:../out/out.DocumentVersionDetail.php?documentid=".$documentid."&version=".$version);

286
op/op.SetRevisors.php
View File

@ -1,286 +0,0 @@
<?php
// MyDMS. Document Management System
// Copyright (C) 2002-2005 Markus Westphal
// Copyright (C) 2006-2008 Malcolm Cowe
// Copyright (C) 2010 Matteo Lucarelli
// Copyright (C) 2010-2015 Uwe Steinmann
//
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
include("../inc/inc.Settings.php");
include("../inc/inc.Utils.php");
include("../inc/inc.LogInit.php");
include("../inc/inc.Language.php");
include("../inc/inc.Init.php");
include("../inc/inc.Extension.php");
include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.Authentication.php");
if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
$documentid = $_POST["documentid"];
$document = $dms->getDocument($documentid);
if (!is_object($document)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
if ($document->getAccessMode($user) < M_ALL) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
}
if (!isset($_POST["version"]) || !is_numeric($_POST["version"]) || intval($_POST["version"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
$version = $_POST["version"];
$content = $document->getContentByVersion($version);
if (!is_object($content)) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
if (isset($_POST["startdate"])) {
$ts = makeTsFromDate($_POST["startdate"]);
} else {
$ts = time();
}
$startdate = date('Y-m-d', $ts);
if(!$content->setRevisionDate($startdate)) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("error_occured"));
}
$folder = $document->getFolder();
// Retrieve a list of all users and groups that have read rights.
// Afterwards, reorganize them in two arrays with its key being the
// userid or groupid
$docAccess = $document->getReadAccessList($settings->_enableAdminRevApp, $settings->_enableOwnerRevApp);
$accessIndex = array("i"=>array(), "g"=>array());
foreach ($docAccess["users"] as $i=>$da) {
$accessIndex["i"][$da->getID()] = $da;
}
foreach ($docAccess["groups"] as $i=>$da) {
$accessIndex["g"][$da->getID()] = $da;
}
// Retrieve list of currently assigned recipients, along with
// their latest status.
$revisionStatus = $content->getRevisionStatus();
// Index the revision results for easy cross-reference with the Approvers List.
$revisionIndex = array("i"=>array(), "g"=>array());
foreach ($revisionStatus as $i=>$rs) {
if ($rs["status"]!=S_LOG_USER_REMOVED) {
if ($rs["type"]==0) {
$revisionIndex["i"][$rs["required"]] = array("status"=>$rs["status"], "idx"=>$i);
}
else if ($rs["type"]==1) {
$revisionIndex["g"][$rs["required"]] = array("status"=>$rs["status"], "idx"=>$i);
}
}
}
// Get the list of proposed revisors, stripping out any duplicates.
$pIndRev = (isset($_POST["indRevisors"]) ? array_values(array_unique($_POST["indRevisors"])) : array());
// Retrieve the list of revisor groups whose members become individual revisors
if (isset($_POST["grpIndRevisors"])) {
foreach ($_POST["grpIndRevisors"] as $grp) {
if($group = $dms->getGroup($grp)) {
$members = $group->getUsers();
foreach($members as $member) {
if(!in_array($member->getID(), $pIndRev))
$pIndRev[] = $member->getID();
}
}
}
}
$pGrpRev = (isset($_POST["grpRevisors"]) ? array_values(array_unique($_POST["grpRevisors"])) : array());
foreach ($pIndRev as $p) {
if (is_numeric($p)) {
if (isset($accessIndex["i"][$p])) {
// Proposed recipient is on the list of possible recipients.
if (!isset($revisionIndex["i"][$p])) {
// Proposed recipient is not a current recipient, so add as a new
// recipient.
$res = $content->addIndRevisor($accessIndex["i"][$p], $user);
$unm = $accessIndex["i"][$p]->getFullName();
$uml = $accessIndex["i"][$p]->getEmail();
switch ($res) {
case 0:
// Send an email notification to the new recipient.
if($settings->_enableNotificationAppRev) {
if ($notifier) {
$notifier->sendAddRevisionMail($content, $user, $accessIndex["i"][$p]);
}
}
break;
case -1:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("internal_error"));
break;
case -2:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
break;
case -3:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("revisor_already_assigned"));
break;
case -4:
// email error
break;
}
}
else {
// Proposed recipient is already in the list of recipients.
// Remove revisor from the index of possible revisors. If there are
// any revisors left over in the list of possible revisors, they
// will be removed from the revision process for this document revision.
unset($revisionIndex["i"][$p]);
}
}
}
}
if (count($revisionIndex["i"]) > 0) {
foreach ($revisionIndex["i"] as $rx=>$rv) {
// if ($rv["status"] == 0) {
// User is to be removed from the recipients list.
if (!isset($accessIndex["i"][$rx])) {
// User does not have any revision privileges for this document
// revision or does not exist.
$res = $content->delIndRevisor($dms->getUser($rx), $user, getMLText("removed_revisor"));
}
else {
$res = $content->delIndRevisor($accessIndex["i"][$rx], $user);
$unm = $accessIndex["i"][$rx]->getFullName();
$uml = $accessIndex["i"][$rx]->getEmail();
switch ($res) {
case 0:
// Send an email notification to the recipients.
if($settings->_enableNotificationAppRev) {
if ($notifier) {
$notifier->sendDeleteRevisionMail($content, $user, $accessIndex["i"][$rx]);
}
}
break;
case -1:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("internal_error"));
break;
case -2:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
break;
case -3:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("recipient_already_removed"));
break;
case -4:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("recipient_was_active"));
break;
}
}
// }
}
}
foreach ($pGrpRev as $p) {
if (is_numeric($p)) {
if (isset($accessIndex["g"][$p])) {
// Proposed recipient is on the list of possible recipients.
if (!isset($revisionIndex["g"][$p])) {
// Proposed recipient is not a current recipient, so add as a new
// recipient.
$res = $content->addGrpRevisor($accessIndex["g"][$p], $user);
$gnm = $accessIndex["g"][$p]->getName();
switch ($res) {
case 0:
// Send an email notification to the new recipient.
if($settings->_enableNotificationAppRev) {
if ($notifier) {
$notifier->sendAddRevisionMail($content, $user, $accessIndex["g"][$p]);
}
}
break;
case -1:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("internal_error"));
break;
case -2:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
break;
case -3:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("recipient_already_assigned"));
break;
case -4:
// email error
break;
}
}
else {
// Remove recipient from the index of possible revisors.
unset($revisionIndex["g"][$p]);
}
}
}
}
if (count($revisionIndex["g"]) > 0) {
foreach ($revisionIndex["g"] as $rx=>$rv) {
// if ($rv["status"] == 0) {
// Group is to be removed from the recipientist.
if (!isset($accessIndex["g"][$rx])) {
// Group does not have any revision privileges for this document
// revision or does not exist.
$res = $content->delGrpRevisor($dms->getGroup($rx), $user, getMLText("removed_revisor"));
}
else {
$res = $content->delGrpRevisor($accessIndex["g"][$rx], $user);
$gnm = $accessIndex["g"][$rx]->getName();
switch ($res) {
case 0:
// Send an email notification to the recipients group.
if($settings->_enableNotificationAppRev) {
if ($notifier) {
$notifier->sendDeleteRevisionMail($content, $user, $accessIndex["g"][$rx]);
}
}
break;
case -1:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("internal_error"));
break;
case -2:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
break;
case -3:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("recipient_already_removed"));
break;
case -4:
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("recipient_was_active"));
break;
}
}
// }
}
}
/* If all revisors has been removed, then clear the next revision date */
if(!$pIndRev && !$pGrpRev) {
$content->setRevisionDate(false);
}
/* Recheck status, because all revisors could have been removed */
$content->verifyStatus(false, $user, getMLText('automatic_status_update'), $settings->_initialDocumentStatus);
add_log_line("?documentid=".$documentid);
header("Location:../out/out.DocumentVersionDetail.php?documentid=".$documentid."&version=".$version);
?>

20
op/op.Settings.php
View File

@ -139,10 +139,8 @@ if ($action == "saveSettings")
setBoolValue("enableSessionList");
setBoolValue("enableClipboard");
setBoolValue("alwaysShowClipboard");
setBoolValue("enableMenuTransmittals");
setBoolValue("enableMenuTasks");
setBoolValue("alwaysShowMenuTasks");
$settings->_tasksInMenu = isset($_POST["tasksInMenu"]) ? $_POST["tasksInMenu"] : array();
setBoolValue("enableDropFolderList");
setBoolValue("enableDropUpload");
setBoolValue("enableMultiUpload");
@ -159,7 +157,6 @@ if ($action == "saveSettings")
setStrValue("sortFoldersDefault");
setStrValue("defaultDocPosition");
setStrValue("defaultFolderPosition");
setIntValue("libraryFolder");
// SETTINGS - SITE - WEBDAV
setBoolValue("enableWebdavReplaceDoc");
@ -185,8 +182,6 @@ if ($action == "saveSettings")
setDirValue("extraPath");
setDirValue("dropFolderDir");
setDirValue("backupDir");
setDirValue("checkOutDir");
setBoolValue("createCheckOutDir");
setStrValue("repositoryUrl");
setDirValue("proxyUrl");
setDirValue("proxyUser");
@ -202,7 +197,6 @@ if ($action == "saveSettings")
// SETTINGS - SYSTEM - AUTHENTICATION
setBoolValue("enableGuestLogin");
setBoolValue("enableGuestAutoLogin");
setBoolValue("enable2FactorAuthentication");
setBoolValue("enableLoginByEmail");
setBoolValue("restricted");
setBoolValue("enableUserImage");
@ -255,19 +249,11 @@ if ($action == "saveSettings")
// SETTINGS - ADVANCED - EDITION
setStrValue("versioningFileName");
setStrValue("presetExpirationDate");
setStrValue("initialDocumentStatus");
setStrValue("workflowMode");
setBoolValue("enableReceiptWorkflow");
setBoolValue("enableReceiptReject");
setBoolValue("disableReceiptComment");
setBoolValue("enableRevisionWorkflow");
setBoolValue("enableRevisionOnVoteReject");
setBoolValue("allowReviewerOnly");
setBoolValue("allowChangeRevAppInProcess");
setBoolValue("enableAdminRevApp");
setBoolValue("enableOwnerRevApp");
setBoolValue("enableSelfRevApp");
setBoolValue("enableSelfReceipt");
setBoolValue("addManagerAsReviewer");
setBoolValue("addManagerAsApprover");
setArrayValue("globalReviewer");
@ -276,17 +262,11 @@ if ($action == "saveSettings")
setArrayValue("globalGroupApprover");
setBoolValue("enableUpdateRevApp");
setBoolValue("enableRemoveRevApp");
setBoolValue("enableAdminReceipt");
setBoolValue("enableOwnerReceipt");
setBoolValue("enableUpdateReceipt");
setBoolValue("enableFilterReceipt");
setBoolValue("enableVersionDeletion");
setBoolValue("enableVersionModification");
setBoolValue("enableDuplicateDocNames");
setBoolValue("enableDuplicateSubFolderNames");
setBoolValue("enableCancelCheckout");
setBoolValue("overrideMimeType");
setBoolValue("advancedAcl");
setBoolValue("removeFromDropFolder");
setBoolValue("uploadedAttachmentIsPublic");

40
op/op.Setup2Factor.php
View File

@ -1,40 +0,0 @@
<?php
// MyDMS. Document Management System
// Copyright (C) 2002-2005 Markus Westphal
// Copyright (C) 2006-2008 Malcolm Cowe
// Copyright (C) 2009-2012 Uwe Steinmann
//
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
include("../inc/inc.Settings.php");
include("../inc/inc.LogInit.php");
include("../inc/inc.Language.php");
include("../inc/inc.Init.php");
include("../inc/inc.Extension.php");
include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.Authentication.php");
include("../inc/inc.ClassPasswordStrength.php");
include("../inc/inc.ClassPasswordHistoryManager.php");
if ($user->isGuest()) {
UI::exitError(getMLText("2_fact_auth"),getMLText("access_denied"));
}
$secret = $_POST["secret"];
$user->setSecret($secret);
header("Location:../out/out.Setup2Factor.php");

10
op/op.SubstituteUser.php
View File

@ -37,16 +37,6 @@ if (!isset($_GET["userid"])) {
/* Check if user is allowed to switch to a different user */
if (!$user->isAdmin()) {
$substitutes = $user->getReverseSubstitutes();
$found = false;
foreach($substitutes as $subsuser) {
/* Make sure a substitution is allowed and the substituted user
* is not an admin.
*/
if($subsuser->getID() == $_GET["userid"] && !$subsuser->isAdmin())
$found = true;
}
if(!$found)
UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
}

77
op/op.TimelineFeedPreview.php
View File

@ -1,77 +0,0 @@
<?php
// MyDMS. Document Management System
// Copyright (C) 2002-2005 Markus Westphal
// Copyright (C) 2006-2008 Malcolm Cowe
// Copyright (C) 2010 Matteo Lucarelli
// Copyright (C) 2010-2016 Uwe Steinmann
//
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
include("../inc/inc.Settings.php");
include("../inc/inc.Utils.php");
include("../inc/inc.LogInit.php");
include("../inc/inc.Language.php");
include("../inc/inc.Init.php");
include("../inc/inc.Extension.php");
include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.ClassController.php");
include("../inc/inc.BasicAuthentication.php");
if(empty($_GET['hash']))
exit;
$token = new SeedDMS_JwtToken($settings->_encryptionKey);
if(!($tokenstr = $token->jwtDecode($_GET['hash'])))
exit;
$tokendata = json_decode($tokenstr, true);
if (!isset($tokendata['d']) || !is_numeric($tokendata['d'])) {
exit;
}
$document = $dms->getDocument($tokendata['d']);
if (!is_object($document)) {
exit;
}
if (!isset($tokendata['u']) || !is_numeric($tokendata['u'])) {
exit;
}
$user = $dms->getUser($tokendata['u']);
if (!is_object($user)) {
exit;
}
if ($document->getAccessMode($user) < M_READ) {
exit;
}
if (!isset($tokendata['v']) || !is_numeric($tokendata['v'])) {
exit;
}
$controller = Controller::factory('Preview', array('dms'=>$dms, 'user'=>$user));
$controller->setParam('width', !empty($tokendata["w"]) ? $tokendata["w"] : null);
$controller->setParam('document', $document);
$controller->setParam('version', $tokendata['v']);
$controller->setParam('type', 'version');
if(!$controller->run()) {
header('Content-Type: image/svg+xml');
readfile('../views/'.$theme.'/images/empty.svg');
exit;
}

2
op/op.TransferDocument.php
View File

@ -31,7 +31,7 @@ include("../inc/inc.Authentication.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings);
if (!$accessop->check_controller_access($controller, $_POST)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("access_denied"));
}

51
op/op.TransmittalDownload.php
View File

@ -1,51 +0,0 @@
<?php
// MyDMS. Document Management System
// Copyright (C) 2002-2005 Markus Westphal
// Copyright (C) 2006-2008 Malcolm Cowe
// Copyright (C) 2010 Matteo Lucarelli
// Copyright (C) 2011-2013 Uwe Steinmann
//
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
include("../inc/inc.Settings.php");
include("../inc/inc.Utils.php");
include("../inc/inc.LogInit.php");
include("../inc/inc.Language.php");
include("../inc/inc.Init.php");
include("../inc/inc.Extension.php");
include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.ClassController.php");
include("../inc/inc.Authentication.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
if(isset($_GET["transmittalid"])) {
$transmittalid = $_GET["transmittalid"];
$transmittal = $dms->getTransmittal($transmittalid);
if (!is_object($transmittal)) {
UI::exitError(getMLText("my_account"), getMLText("invalid_version"));
}
if($transmittal->getUser()->getID() != $user->getID()) {
UI::exitError(getMLText("my_account"), getMLText("access_denied"));
}
$controller->setParam('transmittal', $transmittal);
$controller->run();
}

197
op/op.TransmittalMgr.php
View File

@ -1,197 +0,0 @@
<?php
// MyDMS. Document Management System
// Copyright (C) 2002-2005 Markus Westphal
// Copyright (C) 2006-2008 Malcolm Cowe
// Copyright (C) 2010 Matteo Lucarelli
// Copyright (C) 2010-2012 Uwe Steinmann
//
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
include("../inc/inc.Settings.php");
include("../inc/inc.Utils.php");
include("../inc/inc.LogInit.php");
include("../inc/inc.Language.php");
include("../inc/inc.Init.php");
include("../inc/inc.Extension.php");
include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.Authentication.php");
if ($user->isGuest()) {
UI::exitError(getMLText("my_transmittals"),getMLText("access_denied"));
}
if (isset($_POST["action"])) $action=$_POST["action"];
else $action=NULL;
// add new transmittal ---------------------------------------------------
if ($action == "addtransmittal") { /* {{{ */
/* Check if the form data comes for a trusted request */
if(!checkFormKey('addtransmittal')) {
UI::exitError(getMLText("my_transmittals"),getMLText("invalid_request_token"));
}
$name = $_POST["name"];
$comment = $_POST["comment"];
$newTransmittal = $dms->addTransmittal($name, $comment, $user);
if ($newTransmittal) {
}
else UI::exitError(getMLText("my_transmittals"),getMLText("access_denied"));
$transmittalid=$newTransmittal->getID();
$session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_add_transmittal')));
add_log_line(".php&action=addtransmittal&name=".$name);
} /* }}} */
// delete transmittal ------------------------------------------------------------
else if ($action == "removetransmittal") { /* {{{ */
/* Check if the form data comes for a trusted request */
if(!checkFormKey('removetransmittal')) {
UI::exitError(getMLText("my_transmittals"),getMLText("invalid_request_token"));
}
if (isset($_POST["transmittalid"])) {
$transmittalid = $_POST["transmittalid"];
}
if (!isset($transmittalid) || !is_numeric($transmittalid) || intval($transmittalid)<1) {
UI::exitError(getMLText("my_transmittals"),getMLText("invalid_transmittal_id"));
}
$transmittalToRemove = $dms->getTransmittal($transmittalid);
if (!is_object($transmittalToRemove)) {
UI::exitError(getMLText("my_transmittals"),getMLText("invalid_transmittal_id"));
}
if (!$transmittalToRemove->remove()) {
UI::exitError(getMLText("my_transmittals"),getMLText("error_occured"));
}
add_log_line(".php&action=removetransmittal&transmittalid=".$transmittalid);
$session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_rm_transmittal')));
$transmittalid=-1;
} /* }}} */
// modify transmittal ----------------------------------------------------
else if ($action == "edittransmittal") { /* {{{ */
/* Check if the form data comes for a trusted request */
if(!checkFormKey('edittransmittal')) {
UI::exitError(getMLText("my_transmittals"),getMLText("invalid_request_token"));
}
if (!isset($_POST["transmittalid"]) || !is_numeric($_POST["transmittalid"]) || intval($_POST["transmittalid"])<1) {
UI::exitError(getMLText("my_transmittals"),getMLText("invalid_transmittal"));
}
$transmittalid=$_POST["transmittalid"];
$editedTransmittal = $dms->getTransmittal($transmittalid);
if (!is_object($editedTransmittal)) {
UI::exitError(getMLText("my_transmittals"),getMLText("invalid_transmittal"));
}
$name = $_POST["name"];
$comment = $_POST["comment"];
if ($editedTransmittal->getName() != $name)
$editedTransmittal->setName($name);
if ($editedTransmittal->getComment() != $comment)
$editedTransmittal->setComment($comment);
$session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_edit_transmittal')));
add_log_line(".php&action=edittransmittal&transmittalid=".$transmittalid);
} /* }}} */
// remove transmittal item ------------------------------------------------
else if ($action == "removetransmittalitem") { /* {{{ */
if(!checkFormKey('removetransmittalitem', 'POST')) {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>getMLText('invalid_request_token'), 'data'=>''));
} else {
$item = SeedDMS_Core_TransmittalItem::getInstance((int) $_REQUEST['id'], $dms);
if($item) {
$transmittal = $item->getTransmittal();
if($transmittal) {
if ($transmittal->getUser()->getID() == $user->getID()) {
if($item->remove()) {
header('Content-Type: application/json');
echo json_encode(array('success'=>true, 'message'=>'', 'data'=>''));
} else {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>'Error removing transmittal item', 'data'=>''));
}
} else {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>'No access', 'data'=>''));
}
} else {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>'No transmittal', 'data'=>''));
}
} else {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>'No transmittal item', 'data'=>''));
}
}
add_log_line(".php&action=removetransmittalitem&id=".$_REQUEST['id']);
exit;
} /* }}} */
// update transmittal item ------------------------------------------------
else if ($action == "updatetransmittalitem") { /* {{{ */
if(!checkFormKey('updatetransmittalitem', 'POST')) {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>getMLText('invalid_request_token'), 'data'=>''));
} else {
$item = SeedDMS_Core_TransmittalItem::getInstance((int) $_REQUEST['id'], $dms);
if($item) {
$transmittal = $item->getTransmittal();
if($transmittal) {
if ($transmittal->getUser()->getID() == $user->getID()) {
if($item->updateContent()) {
header('Content-Type: application/json');
echo json_encode(array('success'=>true, 'message'=>'', 'data'=>''));
} else {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>'Error updating transmittal item', 'data'=>''));
}
} else {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>'No access', 'data'=>''));
}
} else {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>'No transmittal', 'data'=>''));
}
} else {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>'No transmittal item', 'data'=>''));
}
}
add_log_line(".php&action=updatetransmittalitem&id=".$_REQUEST['id']);
exit;
} /* }}} */
else UI::exitError(getMLText("my_transmittals"),getMLText("unknown_command"));
header("Location:../out/out.TransmittalMgr.php?transmittalid=".$transmittalid);

10
op/op.UnlockDocument.php
View File

@ -29,11 +29,6 @@ require_once("inc/inc.DBInit.php");
require_once("inc/inc.ClassUI.php");
require_once("inc/inc.Authentication.php");
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_controller_access('UnlockDocument', $_POST)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("access_denied"));
}
/* Check if the form data comes from a trusted request */
if(!checkFormKey('unlockdocument', 'GET')) {
UI::exitError(getMLText("document_title"), getMLText("invalid_request_token"));
@ -49,11 +44,6 @@ if (!is_object($document)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_controller_access('LockDocument', $_POST)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("access_denied"));
}
$folder = $document->getFolder();
$docPathHTML = getFolderPathHTML($folder, true). " / <a href=\"../out/out.ViewDocument.php?documentid=".$documentid."\">".$document->getName()."</a>";

65
op/op.UpdateDocument.php
View File

@ -31,10 +31,6 @@ include("../inc/inc.ClassController.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_controller_access($controller, $_POST)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("access_denied"));
}
/* if post_max_size is to small, then $_POST will not be set and the content
* lenght will exceed post_max_size
@ -214,13 +210,10 @@ default:
// Get the list of reviewers and approvers for this document.
$reviewers = array();
$approvers = array();
$recipients = array();
$reviewers["i"] = array();
$reviewers["g"] = array();
$approvers["i"] = array();
$approvers["g"] = array();
$recipients["i"] = array();
$recipients["g"] = array();
$workflow = null;
if($settings->_workflowMode == 'traditional' || $settings->_workflowMode == 'traditional_only_approval') {
@ -239,16 +232,6 @@ default:
$reviewers["g"][] = $grp;
}
}
// Retrieve the list of reviewer groups whose members become individual reviewers
if (isset($_POST["grpIndReviewers"])) {
foreach ($_POST["grpIndReviewers"] as $grp) {
if($group = $dms->getGroup($grp)) {
$members = $group->getUsers();
foreach($members as $member)
$reviewers["i"][] = $member->getID();
}
}
}
}
// Retrieve the list of individual approvers from the form.
@ -265,16 +248,6 @@ default:
$approvers["g"][] = $grp;
}
}
// Retrieve the list of reviewer groups whose members become individual approvers
if (isset($_POST["grpIndApprovers"])) {
foreach ($_POST["grpIndApprovers"] as $grp) {
if($group = $dms->getGroup($grp)) {
$members = $group->getUsers();
foreach($members as $member)
$approvers["i"][] = $member->getID();
}
}
}
// add mandatory reviewers/approvers
if($settings->_workflowMode == 'traditional') {
@ -289,13 +262,6 @@ default:
$approvers['i'] = array_merge($approvers['i'], $mapprovers['i']);
if($mapprovers['g'])
$approvers['g'] = array_merge($approvers['g'], $mapprovers['g']);
if($settings->_workflowMode == 'traditional' && !$settings->_allowReviewerOnly) {
/* Check if reviewers are send but no approvers */
if(($reviewers["i"] || $reviewers["g"]) && !$approvers["i"] && !$approvers["g"]) {
UI::exitError(getMLText("folder_title", array("foldername" => $folder->getName())),getMLText("error_uploading_reviewer_only"));
}
}
} elseif($settings->_workflowMode == 'advanced') {
if(!$workflows = $user->getMandatoryWorkflows()) {
if(isset($_POST["workflow"]))
@ -313,35 +279,6 @@ default:
}
}
// Retrieve the list of individual recipients from the form.
$recipients["i"] = array();
if (isset($_POST["indRecipients"])) {
foreach ($_POST["indRecipients"] as $ind) {
$recipients["i"][] = $ind;
}
}
// Retrieve the list of recipient groups from the form.
$recipients["g"] = array();
if (isset($_POST["grpRecipients"])) {
foreach ($_POST["grpRecipients"] as $grp) {
$recipients["g"][] = $grp;
}
}
// Retrieve the list of recipient groups whose members become individual recipients
if (isset($_POST["grpIndRecipients"])) {
foreach ($_POST["grpIndRecipients"] as $grp) {
if($group = $dms->getGroup($grp)) {
$members = $group->getUsers();
foreach($members as $member) {
/* Do not add the uploader itself as recipient */
if(!$settings->_enableFilterReceipt || ($member->getID() != $user->getID() && !in_array($member->getID(), $reviewers['i'])))
if(!in_array($member->getID(), $recipients["i"]))
$recipients["i"][] = $member->getID();
}
}
}
}
if(isset($_POST["attributes_version"]) && $_POST["attributes_version"]) {
$attributes = $_POST["attributes_version"];
foreach($attributes as $attrdefid=>$attribute) {
@ -378,10 +315,8 @@ default:
$controller->setParam('userfiletype', $userfiletype);
$controller->setParam('reviewers', $reviewers);
$controller->setParam('approvers', $approvers);
$controller->setParam('recipients', $recipients);
$controller->setParam('attributes', $attributes);
$controller->setParam('workflow', $workflow);
$controller->setParam('initialdocumentstatus', $settings->_initialDocumentStatus);
$controller->setParam('maxsizeforfulltext', $settings->_maxSizeForFullText);
if(!$content = $controller()) {

2
op/op.UpdateDocument2.php
View File

@ -155,7 +155,7 @@ if( move_uploaded_file( $source_file_path, $target_file_path ) ) {
}
$filesize = SeedDMS_Core_File::fileSize($userfiletmp);
$contentResult=$document->addContent($comment, $user, $userfiletmp, basename($userfilename), $fileType, $userfiletype, $reviewers, $approvers, $version=0, null, null, $settings->_initialDocumentStatus);
$contentResult=$document->addContent($comment, $user, $userfiletmp, basename($userfilename), $fileType, $userfiletype, $reviewers, $approvers);
unlink($userfiletmp);
if (is_bool($contentResult) && !$contentResult) {
echo getMLText("error_occured");

42
op/op.UsrMgr.php
View File

@ -34,7 +34,7 @@ if (!$user->isAdmin()) {
UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
}
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings);
if (!$accessop->check_controller_access('UsrMgr', $_POST)) {
UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
}
@ -69,7 +69,7 @@ if ($action == "adduser") {
if ($settings->_strictFormCheck && !$comment) {
UI::exitError(getMLText("admin_tools"),getMLText("user_comment_missing"));
}
$role = $dms->getRole($_POST["role"]);
$role = preg_replace('/[^0-2]+/', '', $_POST["role"]);
$isHidden = (isset($_POST["ishidden"]) && $_POST["ishidden"]==1 ? 1 : 0);
$isDisabled = (isset($_POST["isdisabled"]) && $_POST["isdisabled"]==1 ? 1 : 0);
$homefolder = (isset($_POST["homefolder"]) ? $_POST["homefolder"] : 0);
@ -103,14 +103,6 @@ if ($action == "adduser") {
$group->addUser($newUser);
}
}
/* Set substitute user if set */
if(isset($_POST["substitute"]) && $_POST["substitute"]) {
foreach($_POST["substitute"] as $substitute) {
$subsuser = $dms->getUser($substitute);
$newUser->addSubstitute($subsuser);
}
}
}
else UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
@ -235,10 +227,6 @@ else if ($action == "removefromprocesses") {
$_POST["status"]["review"] = array();
if(!isset($_POST["status"]["approval"]))
$_POST["status"]["approval"] = array();
if(!isset($_POST["status"]["receipt"]))
$_POST["status"]["receipt"] = array();
if(!isset($_POST["status"]["revision"]))
$_POST["status"]["revision"] = array();
if(!empty($_POST['needsdocs']) && empty($_POST['docs'])) {
$session->setSplashMsg(array('type'=>'error', 'msg'=>getMLText('error_rm_user_processes_no_docs')));
} else {
@ -374,7 +362,7 @@ else if ($action == "edituser") {
$email = $_POST["email"];
$comment = $_POST["comment"];
$theme = $_POST["theme"];
$role = $dms->getRole($_POST["role"]);
$role = preg_replace('/[^0-2]+/', '', $_POST["role"]);
$isHidden = (isset($_POST["ishidden"]) && $_POST["ishidden"]==1 ? 1 : 0);
$isDisabled = (isset($_POST["isdisabled"]) && $_POST["isdisabled"]==1 ? 1 : 0);
$homefolder = (isset($_POST["homefolder"]) ? $_POST["homefolder"] : 0);
@ -396,9 +384,9 @@ else if ($action == "edituser") {
}
if ($editedUser->getLogin() != $login)
$editedUser->setLogin($login);
if($pwdexpiration != 'keep')
if($pwdexpiration)
$editedUser->setPwdExpiration($pwdexpiration);
if($role->isGuest() && $clearpwd) {
if(($role == SeedDMS_Core_User::role_guest) && $clearpwd) {
$editedUser->setPwd('');
} else {
if (isset($pwd) && ($pwd != "")) {
@ -490,26 +478,6 @@ else if ($action == "edituser") {
$group->removeUser($editedUser);
}
/* Set substitute user if set */
if(isset($_POST["substitute"]) && $_POST["substitute"])
$newsubs = $_POST['substitute'];
else
$newsubs = array();
$oldsubs = array();
foreach($editedUser->getSubstitutes() as $k)
$oldsubs[] = $k->getID();
$addsubs = array_diff($newsubs, $oldsubs);
foreach($addsubs as $subid) {
$subsuser = $dms->getUser($subid);
$editedUser->addSubstitute($subsuser);
}
$delsubs = array_diff($oldsubs, $newsubs);
foreach($delsubs as $subid) {
$subsuser = $dms->getUser($subid);
$editedUser->removeSubstitute($subsuser);
}
$session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_edit_user')));
add_log_line(".php&action=edituser&userid=".$userid);
}

4
op/op.ViewOnline.php
View File

@ -31,10 +31,6 @@ include("../inc/inc.Authentication.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!$accessop->check_controller_access($controller, $_POST)) {
UI::exitError(getMLText("document_title", array("documentname" => "")),getMLText("access_denied"));
}
$documentid = $_GET["documentid"];
if (!isset($documentid) || !is_numeric($documentid) || intval($documentid)<1) {

Some files were not shown because too many files have changed in this diff Show More