Peter M. Groen / knowledgetree

Commit 0443fdd8f9c73a729610e84d7970f5b99069e8d7

Authored by michael
1 parent d48e248e

updated permission logic and lookups for browseByFolder method 


git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@531 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 1 changed file with 50 additions and 85 deletions
lib/documentmanagement/DocumentBrowser.inc
  View file @0443fdd
1 1 <?php
2 2  
3 3 require_once("$default->owl_fs_root/lib/security/permission.inc");
  4 +require_once("$default->owl_fs_root/lib/users/User.inc");
4 5 require_once("$default->owl_fs_root/lib/documentmanagement/Document.inc");
5 6 require_once("$default->owl_fs_root/lib/foldermanagement/Folder.inc");
6 7  
... ... @@ -34,108 +35,72 @@ class DocumentBrowser {
34 35  
35 36 // no folder specified, so depending on the users groups, resolve to the right folderID
36 37 if ($folderID == -1) {
37   - // no folder specified, so start at the root for this users organisation
  38 + // no folder specified, so start at the root folder
38 39  
39   - // TODO: check that all these lookup calls succeed?
40   -
41   - // lookup this users groups
42   - $groupIDs = lookupGroupIDs($_SESSION["userID"]);
43   - $default->log->debug("DocumentBrowser::browseByFolder: groupIDs=" . arrayToString($groupIDs));
44   - /*
45   - // look up this users unit
46   - // FIXME: what if the user belongs to multiple units?
47   - $unitID = lookupField($default->owl_groups_units_table, "unit_id", "group_id", $groupIDs[0]);
48   - // lookup the unit name
49   - $unitName = lookupField($default->owl_units_table, "name", "id", $unitID);
50   - $default->log->debug("DocumentBrowser::browseByFolder: unitID=$unitID; unitName=$unitName");
51   -
52   - // look up the organisation name for this user
53   - $organisationID = lookupField($default->owl_units_table, "organisation_id", "id", $unitID);
54   - $organisationName = lookupField($default->owl_organisations_table, "name", "id", $organisationID);
55   - $default->log->debug("DocumentBrowser::browseByFolder: organisationID=$organisationID; orgName=$organisationName");
56   -
57   - // construct the folder name from the organisation
58   - $rootFolderName = $organisationName . " Document Root";
59   -
60   - // lookup the id of the root folder
61   - $folderID = lookupID($default->owl_folders_table, "name", $rootFolderName);
62   - $default->log->debug("DocumentBrowser::browseByFolder: root folderID=$folderID, root folder name=$rootFolderName");
63   - */
64 40 // if this is a system administrator, start her at the root folder
65   - // TODO: add to default->sysadmin_group
66   - if ($this->checkGroup("System Administrators", $groupIDs)) {
  41 + if (Permission::userIsSystemAdministrator()) {
67 42 $folderID = lookupID($default->owl_folders_table, "parent_id", 0);
68   - //$folderQuery = "SELECT * FROM $default->owl_folders_table WHERE name='$rootFolderName'";
69   - //$results["folders"][] = & Folder::get($folderID);
70   - $default->log->info("DocumentBrowser::browseByFolder looked up org root folderID=$folderID; org root foldername=$rootFolderName");
  43 + $default->log->info("DocumentBrowser::browseByFolder looked up org root folderID=$folderID");
71 44 } else {
72   - // otherwise start everyone relative to their unit
73   -
74   - // FIXME: actually need to lookup the unit root folder- which should map to the unitname
75   - // and descend directly from the organisation document root
  45 + // start everyone else relative to their unit
  46 +
  47 + // look up this users unit
  48 + // FIXME: what if the user belongs to multiple units?
  49 + //$unitID = lookupField($default->owl_groups_units_table, "unit_id", "group_id", $groupIDs[0]);
  50 + $unitID = User::getUnitID($_SESSION["userID"]);
  51 + // lookup the unit name
  52 + $unitName = lookupField($default->owl_units_table, "name", "id", $unitID);
  53 + $default->log->debug("DocumentBrowser::browseByFolder: unitID=$unitID; unitName=$unitName");
76 54  
77   - $default->log->debug("DocumentBrowser::browseByFolder: unitName=$unitName");
78   -
79   - $unitRootFolderName = $unitName;// . " Root Folder";
  55 + // the unit root folder has the same name as the unit
  56 + // FIXME: dodgy i know, but its easy
  57 + $unitRootFolderName = $unitName;
80 58  
81   - // lookup descendant folders with the appropriate unit set
82   - //$folderQuery = "SELECT from $default->owl_folders_table " .
83   - // "WHERE parent_id=$folderID and name='$unitRootFolder' and unit_id=$unitID";
84   - $folderID = lookupID($default->owl_folders_table, "name", $unitRootFolderName);
85   - //$results["folders"][] = & Folder::get($folderID);
86   - $default->log->info("DocumentBrowser::browseByFolder looked up unit root folderID=$folderID; unit root foldername=$unitRootFolderName");
  59 + // now lookup the folderID
  60 + $folderID = lookupID($default->owl_folders_table, "name", $unitRootFolderName);
  61 + $default->log->info("DocumentBrowser::browseByFolder looked up unit root folderID=$folderID; unit root foldername=$unitRootFolderName");
87 62 }
88 63 } else {
89 64 $default->log->info("DocumentBrowser::browseByFolder starting at passed in folderID=$folderID");
90   - // start from the specified folder
91   - //$folderQuery = "SELECT * FROM $default->owl_folders_table WHERE id=$folderID";
92 65 }
93 66  
94 67 $default->log->debug("DocumentBrowser::browseByFolder: folderID=$folderID");
95 68  
96   - // check if the user has access to this folder
97   - //if (Permission::userHasFolderReadPermission($folderID)) {
98   - // get the folder
99   - $results["folders"][] = & Folder::get($folderID);
100   - $default->log->debug("DocumentBrowser::browseByFolder: results=" . arrayToString($results));
101   -
102   - // now find all the child folders relative to this one
103   - // FIXME: in the same unit?
104   - $folderQuery = "SELECT id from $default->owl_folders_table WHERE parent_id=" . $folderID;
105   - $default->log->debug("DocumentBrowser::browseByFolder child folder query=$folderQuery");
106   - if ($sql->query($folderQuery)) {
107   - while ($sql->next_record()) {
108   - // add the child folders to the array
109   - $results["folders"][] = & Folder::get($sql->f("id"));
110   - }
  69 + // get the folder
  70 + $results["folders"][] = & Folder::get($folderID);
  71 + $default->log->debug("DocumentBrowser::browseByFolder: results=" . arrayToString($results));
  72 +
  73 + // now find all the child folders relative to this one
  74 + // FIXME: in the same unit?
  75 + $folderQuery = "SELECT id from $default->owl_folders_table WHERE parent_id=" . $folderID;
  76 + $default->log->debug("DocumentBrowser::browseByFolder child folder query=$folderQuery");
  77 + if ($sql->query($folderQuery)) {
  78 + while ($sql->next_record()) {
  79 + // add the child folders to the array
  80 + $results["folders"][] = & Folder::get($sql->f("id"));
111 81 }
112   - $default->log->debug("DocumentBrowser::browseByFolder: after child folders added; results=" . arrayToString($results));
113   -
114   - // create query to retrieve documents in this folder
115   - $documentQuery = "SELECT id FROM $default->owl_documents_table WHERE folder_id=$folderID";
116   - $default->log->debug("DocumentBrowser::browseByFolder about to execute $documentQuery");
117   - if ($sql->query($documentQuery)) {
118   - while ($sql->next_record()) {
119   - // check permissions
120   - if (Permission::userHasDocumentReadPermission($sql->f("id"))) {
121   - // add documents to array
122   - // set file attributes
123   - $results["documents"][] = & Document::get($sql->f("id"));
124   - } else {
125   - $default->log->debug("DocumentBrowser::browseByFolder: read permission denied for document id=" . $sql->f("id"));
126   - }
  82 + }
  83 + $default->log->debug("DocumentBrowser::browseByFolder: after child folders added; results=" . arrayToString($results));
  84 +
  85 + // create query to retrieve documents in this folder
  86 + $documentQuery = "SELECT id FROM $default->owl_documents_table WHERE folder_id=$folderID";
  87 + $default->log->debug("DocumentBrowser::browseByFolder about to execute $documentQuery");
  88 + if ($sql->query($documentQuery)) {
  89 + while ($sql->next_record()) {
  90 + // check permissions
  91 + if (Permission::userHasDocumentReadPermission($sql->f("id"))) {
  92 + // add documents to array
  93 + // set file attributes
  94 + $results["documents"][] = & Document::get($sql->f("id"));
  95 + } else {
  96 + $default->log->debug("DocumentBrowser::browseByFolder: read permission denied for document id=" . $sql->f("id"));
127 97 }
128   - } else {
129   - $_SESSION["errorMessage"] = "documents table select failed";
130 98 }
131   -
132   - return $results;
133   - /*
134 99 } else {
135   - // permission to view this folder denied
136   - $_SESSION["errorMessage"] = "you do not have permission to view this folder (" . $_SESSION["errorMessage"] . ")";
137   - return false;
138   - }*/
  100 + $_SESSION["errorMessage"] = "documents table select failed";
  101 + }
  102 +
  103 + return $results;
139 104 }
140 105  
141 106 /**
... ...