Peter M. Groen / knowledgetree

Commit 0443fdd8f9c73a729610e84d7970f5b99069e8d7

Authored by michael
1 parent d48e248e

updated permission logic and lookups for browseByFolder method 


git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@531 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 1 changed file with 50 additions and 85 deletions
lib/documentmanagement/DocumentBrowser.inc
  View file @0443fdd
1 <?php 1 <?php
2 2
3 require_once("$default->owl_fs_root/lib/security/permission.inc"); 3 require_once("$default->owl_fs_root/lib/security/permission.inc");
  4 +require_once("$default->owl_fs_root/lib/users/User.inc");
4 require_once("$default->owl_fs_root/lib/documentmanagement/Document.inc"); 5 require_once("$default->owl_fs_root/lib/documentmanagement/Document.inc");
5 require_once("$default->owl_fs_root/lib/foldermanagement/Folder.inc"); 6 require_once("$default->owl_fs_root/lib/foldermanagement/Folder.inc");
6 7
@@ -34,108 +35,72 @@ class DocumentBrowser { @@ -34,108 +35,72 @@ class DocumentBrowser {
34 35
35 // no folder specified, so depending on the users groups, resolve to the right folderID 36 // no folder specified, so depending on the users groups, resolve to the right folderID
36 if ($folderID == -1) { 37 if ($folderID == -1) {
37 - // no folder specified, so start at the root for this users organisation 38 + // no folder specified, so start at the root folder
38 39
39 - // TODO: check that all these lookup calls succeed?  
40 -  
41 - // lookup this users groups  
42 - $groupIDs = lookupGroupIDs($_SESSION["userID"]);  
43 - $default->log->debug("DocumentBrowser::browseByFolder: groupIDs=" . arrayToString($groupIDs));  
44 - /*  
45 - // look up this users unit  
46 - // FIXME: what if the user belongs to multiple units?  
47 - $unitID = lookupField($default->owl_groups_units_table, "unit_id", "group_id", $groupIDs[0]);  
48 - // lookup the unit name  
49 - $unitName = lookupField($default->owl_units_table, "name", "id", $unitID);  
50 - $default->log->debug("DocumentBrowser::browseByFolder: unitID=$unitID; unitName=$unitName");  
51 -  
52 - // look up the organisation name for this user  
53 - $organisationID = lookupField($default->owl_units_table, "organisation_id", "id", $unitID);  
54 - $organisationName = lookupField($default->owl_organisations_table, "name", "id", $organisationID);  
55 - $default->log->debug("DocumentBrowser::browseByFolder: organisationID=$organisationID; orgName=$organisationName");  
56 -  
57 - // construct the folder name from the organisation  
58 - $rootFolderName = $organisationName . " Document Root";  
59 -  
60 - // lookup the id of the root folder  
61 - $folderID = lookupID($default->owl_folders_table, "name", $rootFolderName);  
62 - $default->log->debug("DocumentBrowser::browseByFolder: root folderID=$folderID, root folder name=$rootFolderName");  
63 - */  
64 // if this is a system administrator, start her at the root folder 40 // if this is a system administrator, start her at the root folder
65 - // TODO: add to default->sysadmin_group  
66 - if ($this->checkGroup("System Administrators", $groupIDs)) { 41 + if (Permission::userIsSystemAdministrator()) {
67 $folderID = lookupID($default->owl_folders_table, "parent_id", 0); 42 $folderID = lookupID($default->owl_folders_table, "parent_id", 0);
68 - //$folderQuery = "SELECT * FROM $default->owl_folders_table WHERE name='$rootFolderName'";  
69 - //$results["folders"][] = & Folder::get($folderID);  
70 - $default->log->info("DocumentBrowser::browseByFolder looked up org root folderID=$folderID; org root foldername=$rootFolderName"); 43 + $default->log->info("DocumentBrowser::browseByFolder looked up org root folderID=$folderID");
71 } else { 44 } else {
72 - // otherwise start everyone relative to their unit  
73 -  
74 - // FIXME: actually need to lookup the unit root folder- which should map to the unitname  
75 - // and descend directly from the organisation document root 45 + // start everyone else relative to their unit
  46 +
  47 + // look up this users unit
  48 + // FIXME: what if the user belongs to multiple units?
  49 + //$unitID = lookupField($default->owl_groups_units_table, "unit_id", "group_id", $groupIDs[0]);
  50 + $unitID = User::getUnitID($_SESSION["userID"]);
  51 + // lookup the unit name
  52 + $unitName = lookupField($default->owl_units_table, "name", "id", $unitID);
  53 + $default->log->debug("DocumentBrowser::browseByFolder: unitID=$unitID; unitName=$unitName");
76 54
77 - $default->log->debug("DocumentBrowser::browseByFolder: unitName=$unitName");  
78 -  
79 - $unitRootFolderName = $unitName;// . " Root Folder"; 55 + // the unit root folder has the same name as the unit
  56 + // FIXME: dodgy i know, but its easy
  57 + $unitRootFolderName = $unitName;
80 58
81 - // lookup descendant folders with the appropriate unit set  
82 - //$folderQuery = "SELECT from $default->owl_folders_table " .  
83 - // "WHERE parent_id=$folderID and name='$unitRootFolder' and unit_id=$unitID";  
84 - $folderID = lookupID($default->owl_folders_table, "name", $unitRootFolderName);  
85 - //$results["folders"][] = & Folder::get($folderID);  
86 - $default->log->info("DocumentBrowser::browseByFolder looked up unit root folderID=$folderID; unit root foldername=$unitRootFolderName"); 59 + // now lookup the folderID
  60 + $folderID = lookupID($default->owl_folders_table, "name", $unitRootFolderName);
  61 + $default->log->info("DocumentBrowser::browseByFolder looked up unit root folderID=$folderID; unit root foldername=$unitRootFolderName");
87 } 62 }
88 } else { 63 } else {
89 $default->log->info("DocumentBrowser::browseByFolder starting at passed in folderID=$folderID"); 64 $default->log->info("DocumentBrowser::browseByFolder starting at passed in folderID=$folderID");
90 - // start from the specified folder  
91 - //$folderQuery = "SELECT * FROM $default->owl_folders_table WHERE id=$folderID";  
92 } 65 }
93 66
94 $default->log->debug("DocumentBrowser::browseByFolder: folderID=$folderID"); 67 $default->log->debug("DocumentBrowser::browseByFolder: folderID=$folderID");
95 68
96 - // check if the user has access to this folder  
97 - //if (Permission::userHasFolderReadPermission($folderID)) {  
98 - // get the folder  
99 - $results["folders"][] = & Folder::get($folderID);  
100 - $default->log->debug("DocumentBrowser::browseByFolder: results=" . arrayToString($results));  
101 -  
102 - // now find all the child folders relative to this one  
103 - // FIXME: in the same unit?  
104 - $folderQuery = "SELECT id from $default->owl_folders_table WHERE parent_id=" . $folderID;  
105 - $default->log->debug("DocumentBrowser::browseByFolder child folder query=$folderQuery");  
106 - if ($sql->query($folderQuery)) {  
107 - while ($sql->next_record()) {  
108 - // add the child folders to the array  
109 - $results["folders"][] = & Folder::get($sql->f("id"));  
110 - } 69 + // get the folder
  70 + $results["folders"][] = & Folder::get($folderID);
  71 + $default->log->debug("DocumentBrowser::browseByFolder: results=" . arrayToString($results));
  72 +
  73 + // now find all the child folders relative to this one
  74 + // FIXME: in the same unit?
  75 + $folderQuery = "SELECT id from $default->owl_folders_table WHERE parent_id=" . $folderID;
  76 + $default->log->debug("DocumentBrowser::browseByFolder child folder query=$folderQuery");
  77 + if ($sql->query($folderQuery)) {
  78 + while ($sql->next_record()) {
  79 + // add the child folders to the array
  80 + $results["folders"][] = & Folder::get($sql->f("id"));
111 } 81 }
112 - $default->log->debug("DocumentBrowser::browseByFolder: after child folders added; results=" . arrayToString($results));  
113 -  
114 - // create query to retrieve documents in this folder  
115 - $documentQuery = "SELECT id FROM $default->owl_documents_table WHERE folder_id=$folderID";  
116 - $default->log->debug("DocumentBrowser::browseByFolder about to execute $documentQuery");  
117 - if ($sql->query($documentQuery)) {  
118 - while ($sql->next_record()) {  
119 - // check permissions  
120 - if (Permission::userHasDocumentReadPermission($sql->f("id"))) {  
121 - // add documents to array  
122 - // set file attributes  
123 - $results["documents"][] = & Document::get($sql->f("id"));  
124 - } else {  
125 - $default->log->debug("DocumentBrowser::browseByFolder: read permission denied for document id=" . $sql->f("id"));  
126 - } 82 + }
  83 + $default->log->debug("DocumentBrowser::browseByFolder: after child folders added; results=" . arrayToString($results));
  84 +
  85 + // create query to retrieve documents in this folder
  86 + $documentQuery = "SELECT id FROM $default->owl_documents_table WHERE folder_id=$folderID";
  87 + $default->log->debug("DocumentBrowser::browseByFolder about to execute $documentQuery");
  88 + if ($sql->query($documentQuery)) {
  89 + while ($sql->next_record()) {
  90 + // check permissions
  91 + if (Permission::userHasDocumentReadPermission($sql->f("id"))) {
  92 + // add documents to array
  93 + // set file attributes
  94 + $results["documents"][] = & Document::get($sql->f("id"));
  95 + } else {
  96 + $default->log->debug("DocumentBrowser::browseByFolder: read permission denied for document id=" . $sql->f("id"));
127 } 97 }
128 - } else {  
129 - $_SESSION["errorMessage"] = "documents table select failed";  
130 } 98 }
131 -  
132 - return $results;  
133 - /*  
134 } else { 99 } else {
135 - // permission to view this folder denied  
136 - $_SESSION["errorMessage"] = "you do not have permission to view this folder (" . $_SESSION["errorMessage"] . ")";  
137 - return false;  
138 - }*/ 100 + $_SESSION["errorMessage"] = "documents table select failed";
  101 + }
  102 +
  103 + return $results;
139 } 104 }
140 105
141 /** 106 /**