Peter M. Groen / knowledgetree

Commit 070a250d9a214a514bef94247f996d264d6bd2fa

Authored by Megan Watson
1 parent 6e08bea8

KTS-3908 

"Refactor DropDocuments Plugin"
Fixed. Added error catching, root session is only used when creating the folders.

Committed by: Megan Watson
Reviewed by: Tohir Solomons



git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@9595 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 1 changed file with 513 additions and 467 deletions
plugins/MyDropDocumentsPlugin/MyDropDocumentsPage.php
  View file @070a250
@@ -48,209 +48,247 @@ require_once(KT_LIB_DIR . "/roles/roleallocation.inc.php"); @@ -48,209 +48,247 @@ require_once(KT_LIB_DIR . "/roles/roleallocation.inc.php");
48 require_once(KT_LIB_DIR . "/permissions/permissionutil.inc.php"); 48 require_once(KT_LIB_DIR . "/permissions/permissionutil.inc.php");
49 require_once(KT_LIB_DIR . '/mime.inc.php'); 49 require_once(KT_LIB_DIR . '/mime.inc.php');
50 /* This page is run via an AJAX call from the update.js for this plugin. 50 /* This page is run via an AJAX call from the update.js for this plugin.
51 - * It checks to see if both the dropdocuments folder and the users personal folder exist.  
52 - * If they don't, it creates them and assigns permission and roles accordingly.  
53 - * If the dropdocuments folder does exist it checks if the WorkSpaceOwner role exists.  
54 - * If the role exists it assigns the current user to the role on the dropdocuments folder.  
55 - * Therefore any users running the plugin after the dropdocuments folder has been created will have access to it too.  
56 - * The underlying logic is that everyone is assigned to the WorkSpaceOwner Role, they have all permission except  
57 - * Delete, Rename Folder, Manage security and Manage workflow on the dropdocuments folder.  
58 - * This role is then assigned to their personal folder too (which is named according to their username) and is overidden  
59 - * to give only the current user full rights to their folder.  
60 - * Essentially everyone can look at the dropdocuments folder but will only see their own folder within it.  
61 - */ 51 +* It checks to see if both the dropdocuments folder and the users personal folder exist.
  52 +* If they don't, it creates them and assigns permission and roles accordingly.
  53 +* If the dropdocuments folder does exist it checks if the WorkSpaceOwner role exists.
  54 +* If the role exists it assigns the current user to the role on the dropdocuments folder.
  55 +* Therefore any users running the plugin after the dropdocuments folder has been created will have access to it too.
  56 +* The underlying logic is that everyone is assigned to the WorkSpaceOwner Role, they have all permission except
  57 +* Delete, Rename Folder, Manage security and Manage workflow on the dropdocuments folder.
  58 +* This role is then assigned to their personal folder too (which is named according to their username) and is overidden
  59 +* to give only the current user full rights to their folder.
  60 +* Essentially everyone can look at the dropdocuments folder but will only see their own folder within it.
  61 +*/
62 62
63 class MyDropDocumentsPage extends KTStandardDispatcher { 63 class MyDropDocumentsPage extends KTStandardDispatcher {
64 64
65 function do_main() { 65 function do_main() {
66 66
67 - $iRootID = (int)1;  
68 - $oUser = $this->oUser;  
69 - $sUserName = (string)$this->oUser->getUserName();  
70 - $this->ktapi = new KTAPI();  
71 - $this->session = $this->ktapi->start_system_session();  
72 -  
73 - if(!Folder::FolderExistsName('DroppedDocuments', $iRootID))  
74 - {  
75 -  
76 - $root=$this->ktapi->get_root_folder();  
77 -  
78 - //Create dropdocuments folder  
79 - $userFolder = $root->add_folder('DroppedDocuments'); 67 + // Check if users folder exists in DropDocuments folder
  68 + // - it does -> continue on to check for documents
  69 + // - it doesn't -> switch to root user and create it
80 70
81 - //In order to stop permission inheritance a copy of the parent permission object is created.  
82 - //This copy is then used to set separate permissions for this folder.  
83 - KTPermissionUtil::copyPermissionObject($userFolder->get_folder()); 71 + global $default;
  72 + $iRootID = (int)1;
  73 + $oUser = $this->oUser;
  74 + $sUserName = (string)$this->oUser->getUserName();
84 75
85 - //If WorkSpaceOwner role doesn't exist, create it  
86 - if(!$this->roleExistsName('WorkSpaceOwner'))  
87 - {  
88 - $oWorkSpaceOwnerRole = $this->createRole('WorkSpaceOwner');  
89 - if ($oWorkSpaceOwnerRole == null)  
90 - {  
91 - $this->session->logout();  
92 - return _kt('Error: Failed to create WorkSpaceOwner Role');  
93 - }  
94 - }  
95 76
96 - //$root=$this->ktapi->get_root_folder();  
97 - //$personalFolder = $root->get_folder_by_name('/dropdocuments/'.$sUserName); 77 + // Check for the DropDocuments folder in root
  78 + if(!Folder::FolderExistsName('DroppedDocuments', $iRootID))
  79 + {
  80 + // We need to be admin to create the folder and update its permissions
  81 + $this->ktapi = new KTAPI();
  82 + $this->session = $this->ktapi->start_system_session();
98 83
99 - //Get the folder object  
100 - $userFolderObject = $userFolder->get_folder(); 84 + // create the folder
  85 + $res = $this->createDropDocsFolder();
101 86
102 - //Get the permission object from the dropdocuments folder object  
103 - $oUserPO = KTPermissionObject::get($userFolderObject->getPermissionObjectId()); 87 + $this->session->logout();
104 88
105 - //Check to see if there are duplicate WorkSpaceOwner roles.  
106 - if (count($this->getRoleIdByName('WorkSpaceOwner')) > 1)  
107 - {  
108 - $this->session->logout();  
109 - return _kt('Error: cannot set user role permissions: more than one role named \'WorkSpaceOwner\' exists'); 89 + // Check if the creation was successful
  90 + if(!is_null($res)){
  91 + return $res;
  92 + }
  93 + }
110 94
111 - } 95 + $iDropDocsFolderID = $this->getFolderID('DroppedDocuments');
112 96
113 - //call the function to set the permission on the dropdocuments folder  
114 - $this->setUserDocsPermissions($oUserPO); 97 + // Check for users folder
  98 + if(!Folder::FolderExistsName($sUserName, $iDropDocsFolderID))
  99 + {
  100 + // We need to be admin to create the folder and update its permissions
  101 + $this->ktapi = new KTAPI();
  102 + $this->session = $this->ktapi->start_system_session();
115 103
116 - //Assign the current user to the WorkSpaceOwner role  
117 - $this->setUserDocsRoleAllocation($userFolderObject); 104 + // create the users personal folder in the DroppedDocuments folder
  105 + $res = $this->createPersonalFolder($sUserName, $iDropDocsFolderID);
118 106
119 - }  
120 - else  
121 - { 107 + $this->session->logout();
122 108
123 - $root = $this->ktapi->get_root_folder();  
124 - $userFolder = $root->get_folder_by_name('/DroppedDocuments'); 109 + // Check if the creation was successful
  110 + if(!is_null($res)){
  111 + return $res;
  112 + }
  113 + }
125 114
126 - //Get the dropdocuments folder object  
127 - $userFolderObject = $userFolder->get_folder(); 115 + // Get documents
  116 + return $this->getUsersDocument($sUserName, $iDropDocsFolderID);
  117 + }
128 118
129 - if(!$this->roleExistsName('WorkSpaceOwner'))  
130 - { 119 + /**
  120 + * Method to create the users personal folder where documents are added from the Drop Box.
  121 + *
  122 + */
  123 + function createPersonalFolder($sUserName, $iDropDocsFolderID)
  124 + {
  125 + // Add the users folder
  126 + // Add the user to the WorkSpaceAdmin role on the DroppedDocuments folder
  127 + // Define users folder permissions
131 128
132 - $oWorkSpaceOwnerRole = $this->createRole('WorkSpaceOwner');  
133 - if ($oWorkSpaceOwnerRole == null)  
134 - {  
135 - $this->session->logout();  
136 - return _kt('Error: Failed to create WorkSpaceOwner Role');  
137 - } 129 + // Get the root folder
  130 + $root = $this->ktapi->get_root_folder();
138 131
139 - //set permissions  
140 - $oUserPO = KTPermissionObject::get($userFolderObject->getPermissionObjectId());  
141 - $this->setUserDocsPermissions($oUserPO);  
142 - //assign current user to role  
143 - $this->setUserDocsRoleAllocation($userFolderObject);  
144 - }  
145 - else  
146 - { 132 + if(PEAR::isError($root)){
  133 + $default->log->debug('MyDropDocuments: could not get root folder '.$root->getMessage());
  134 + return _kt('Error - could not get the root folder: ').$root->getMessage();
  135 + }
147 136
148 - //update WrokSpaceOwner role to include current user  
149 - $this->updateUserDocsRoleAllocation($userFolderObject);  
150 - } 137 + /* ** Get the Dropped Documents folder object and assign the user to the role */
  138 + // Get the DroppedDocuments folder
  139 + $dropDocsFolder = $root->get_folder_by_name('/DroppedDocuments');
151 140
152 - } 141 + if(PEAR::isError($dropDocsFolder)){
  142 + $default->log->debug('MyDropDocuments: could not get DroppedDocuments folder '.$dropDocsFolder->getMessage());
  143 + return _kt('Error - could not get the DropppedDocuments folder: ').$dropDocsFolder->getMessage();
  144 + }
153 145
154 - $iUserDocsFolderID = $this->getFolderID('DroppedDocuments');  
155 - $oUserDocsFolder = Folder::get($iUserDocsFolderID); 146 + $oDropDocsFolder = $dropDocsFolder->get_folder();
156 147
157 - if(!Folder::FolderExistsName($sUserName, $iUserDocsFolderID))  
158 - { 148 + // Get the permission object from the dropdocuments folder object
  149 + $oDropDocsPO = KTPermissionObject::get($oDropDocsFolder->getPermissionObjectId());
159 150
  151 + // Check to see if there are duplicate WorkSpaceOwner roles.
  152 + if (count($this->getRoleIdByName('WorkSpaceOwner')) > 1)
  153 + {
  154 + return _kt('Error: cannot set user role permissions: more than one role named \'WorkSpaceOwner\' exists');
  155 + }
160 156
161 - $root=$this->ktapi->get_root_folder();  
162 - $userDocsFolder = $root->get_folder_by_name('/DroppedDocuments'); 157 + // Assign the current user to the WorkSpaceOwner role
  158 + $this->updateUserDocsRoleAllocation($oDropDocsFolder);
163 159
164 - //create the personal folder. (Use the username to create it)  
165 - $personalFolder = $userDocsFolder->add_folder($sUserName); 160 + /* ** Create the users personal folder */
  161 + // Create the users personal folder using the username as the folder name
  162 + $personalFolder = $dropDocsFolder->add_folder($sUserName);
166 163
167 - //Copy the permission object to stop permission inheritance  
168 - KTPermissionUtil::copyPermissionObject($personalFolder->get_folder()); 164 + if(PEAR::isError($personalFolder)){
  165 + $default->log->debug('MyDropDocuments: could not create user folder '.$personalFolder->getMessage());
  166 + return _kt('Error - could not create the personal folder: ').$personalFolder->getMessage();
  167 + }
169 168
170 - //The role should exist by now.  
171 - //In both the if and else statements for the dropdocuments above the role is created  
172 - //If its doesn't exist by now there is an error  
173 - if(!$this->roleExistsName('WorkSpaceOwner'))  
174 - { 169 + $oPersonalFolder = $personalFolder->get_folder();
175 170
176 - $this->session->logout();  
177 - return _kt('Error: WorkSpaceOwner Role not setup, cannot assign to Personal Folder'); 171 + // The folder defines its own permissions - copy the permission object
  172 + KTPermissionUtil::copyPermissionObject($oPersonalFolder);
178 173
179 - } 174 + // The role should exist by now.
  175 + if(!$this->roleExistsName('WorkSpaceOwner'))
  176 + {
  177 + return _kt('Error: WorkSpaceOwner Role not setup, cannot assign to Personal Folder');
  178 + }
180 179
181 - $personalFolderRole = $root->get_folder_by_name('/DroppedDocuments/'.$sUserName);  
182 - $PersonalFolderObject = ($personalFolderRole->get_folder()); 180 + //Get permission object
  181 + $oPO = KTPermissionObject::get($oPersonalFolder->getPermissionObjectId());
183 182
184 - //Get permission object  
185 - $oPO = KTPermissionObject::get($PersonalFolderObject->getPermissionObjectId()); 183 + if(PEAR::isError($oPO)){
  184 + $default->log->debug('MyDropDocuments: could not get permission object for user folder '.$oPO->getMessage());
  185 + return _kt('Error - could not get permission object for the personal folder: ').$oPO->getMessage();
  186 + }
186 187
187 - //Check for duplicate WorkSpaceOwner roles  
188 - if (count($this->getRoleIdByName('WorkSpaceOwner')) > 1)  
189 - {  
190 - $this->session->logout();  
191 - return _kt('Error: cannot set personal folder role permissions: more than one role named \'WorkSpaceOwner\' exists'); 188 + $this->setPersonalFolderPermissions($oPO);
192 189
193 - } 190 + $this->updatePersonalFolderRoleAllocation($oPersonalFolder);
194 191
195 - $this->setPersonalFolderPermissions($oPO); 192 + // Folder just created so no top list of last modified documents
  193 + return _kt('<span class="descriptiveText"> You do not have any dropped documents </span><br><br><br>');
  194 + }
196 195
197 - $this->updatePersonalFolderRoleAllocation($PersonalFolderObject); 196 + /**
  197 + * Method to create the DroppedDocuments folder within the Root Folder
  198 + *
  199 + * @return string|null Returns an error message or null on success
  200 + */
  201 + function createDropDocsFolder()
  202 + {
  203 + $root = $this->ktapi->get_root_folder();
198 204
  205 + if(PEAR::isError($root)){
  206 + $default->log->debug('MyDropDocuments: could not get root folder '.$root->getMessage());
  207 + return _kt('Error - could not get the root folder: ').$root->getMessage();
  208 + }
199 209
200 - //folder just created so no top list of last modified documents 210 + //Create dropdocuments folder
  211 + $dropDocsFolder = $root->add_folder('DroppedDocuments');
201 212
202 - $iMyDocsFolderID = $this->getFolderID($sUserName);  
203 - $this->session->logout();  
204 - return _kt('<span class="descriptiveText"> You do not have any dropped documents </span><br><br><br>'); 213 + if(PEAR::isError($dropDocsFolder)){
  214 + $default->log->debug('MyDropDocuments: could not create DroppedDocuments folder '.$dropDocsFolder->getMessage());
  215 + return _kt('Error - could not create the DropppedDocuments folder: ').$dropDocsFolder->getMessage();
  216 + }
205 217
  218 + // Get the DropDocuments folder object
  219 + $dropDocsFolderObject = $dropDocsFolder->get_folder();
206 220
207 - } 221 + // The folder must define its own permissions so create a copy of the root folder
  222 + KTPermissionUtil::copyPermissionObject($dropDocsFolderObject);
208 223
209 - else //if personal folder does exist  
210 - {  
211 - //Getting personal folder id  
212 - $iMyDocsFolderID = $this->getFolderID($sUserName); 224 + // Each user is added to the WorkSpaceOwner role on their personal folder
  225 + // Check if the role exists and create it if it doesn't
  226 + if(!$this->roleExistsName('WorkSpaceOwner'))
  227 + {
  228 + $oWorkSpaceOwnerRole = $this->createRole('WorkSpaceOwner');
  229 + if ($oWorkSpaceOwnerRole == null)
  230 + {
  231 + return _kt('Error: Failed to create WorkSpaceOwner Role');
  232 + }
  233 + }
213 234
  235 + // Get the permission object from the dropdocuments folder object
  236 + $oDropDocsPO = KTPermissionObject::get($dropDocsFolderObject->getPermissionObjectId());
214 237
215 - if(!$this->roleExistsName('WorkSpaceOwner'))  
216 - {  
217 - $this->session->logout();  
218 - return _kt('Error: WorkSpaceOwner Role does not exist');  
219 - }  
220 - else  
221 - { 238 + if(PEAR::isError($oDropDocsPO)){
  239 + $default->log->debug('MyDropDocuments: could not get permission object for DroppedDocuments folder '.$oDropDocsPO->getMessage());
  240 + return _kt('Error - could not create the DropppedDocuments folder: ').$oDropDocsPO->getMessage();
  241 + }
222 242
223 - $oTempPersonalFolder = $root->get_folder_by_name('/DroppedDocuments/'.$sUserName);  
224 - $oPersonalFolder = $oTempPersonalFolder->get_folder();  
225 - //update WorkSpaceOwner role to include current user 243 + // Check to see if there are duplicate WorkSpaceOwner roles.
  244 + if (count($this->getRoleIdByName('WorkSpaceOwner')) > 1)
  245 + {
  246 + return _kt('Error: cannot set user role permissions: more than one role named \'WorkSpaceOwner\' exists');
  247 + }
226 248
227 - //Get permission object  
228 - $oPO = KTPermissionObject::get($oPersonalFolder->getPermissionObjectId()); 249 + // call the function to set the permission on the dropdocuments folder
  250 + $this->setUserDocsPermissions($oDropDocsPO);
229 251
230 - $this->setPersonalFolderPermissions($oPO); 252 + // Assign the current user to the WorkSpaceOwner role
  253 + $this->setUserDocsRoleAllocation($dropDocsFolderObject);
  254 + return null;
  255 + }
231 256
232 - $this->updatePersonalFolderRoleAllocation($oPersonalFolder); 257 + /**
  258 + * Method to get any documents added by the user via the Drop Box.
  259 + * Returns the HTML displaying the document list.
  260 + *
  261 + * @param string $sUserName
  262 + * @param numeric $iDropDocsFolderID
  263 + * @return string HTML - the document list on success or an error message on failure
  264 + */
  265 + function getUsersDocument($sUserName, $iDropDocsFolderID)
  266 + {
  267 + $oUser = $this->oUser;
  268 + $oDropDocsFolder = Folder::get($iDropDocsFolderID);
233 269
234 - } 270 + $fullPath = $oDropDocsFolder->getFullPath() . '/' . $sUserName;
235 271
236 - $fullPath = $oUserDocsFolder->getFullPath() . '/' . $sUserName; 272 + $aExternalWhereClauses[] = '(DT.transaction_namespace IN (?,?,?) AND (D.full_path LIKE "'.$fullPath.'/%"))';
  273 + $aExternalWhereParams[] = 'ktcore.transactions.create';
  274 + $aExternalWhereParams[] = 'ktcore.transactions.check_in';
  275 + $aExternalWhereParams[] = 'ktcore.transactions.event';
237 276
238 - $aExternalWhereClauses[] = '(DT.transaction_namespace IN (?,?,?) AND (D.full_path LIKE "'.$fullPath.'/%"))';  
239 - $aExternalWhereParams[] = 'ktcore.transactions.create';  
240 - $aExternalWhereParams[] = 'ktcore.transactions.check_in';  
241 - $aExternalWhereParams[] = 'ktcore.transactions.event';  
242 277
  278 + $aDocumentTransactions = $this->getTransactionsMatchingQuery($oUser, '', $aExternalWhereClauses, $aExternalWhereParams);
  279 + if (empty($aDocumentTransactions) || PEAR::isError($aDocumentTransactions))
  280 + {
  281 + if(PEAR::isError($aDocumentTransactions)){
  282 + global $default;
  283 + $default->log->debug('Error retrieving dropped documents - '.$aDocumentTransactions->getMessage());
  284 + }
243 285
244 - $aDocumentTransactions = $this->getTransactionsMatchingQuery($oUser, '', $aExternalWhereClauses, $aExternalWhereParams);  
245 - if (empty($aDocumentTransactions))  
246 - {  
247 - $this->session->logout();  
248 - return _kt('<span class="descriptiveText"> You do not have any dropped documents </span><br><br><br>');  
249 - } 286 + return _kt('<span class="descriptiveText"> You do not have any dropped documents </span><br><br><br>');
  287 + }
250 288
251 - $maxcount = 5; 289 + $maxcount = 5;
252 290
253 - $sReturnTable = '<span class="descriptiveText">'._kt('Recently Dropped Documents').'</span> 291 + $sReturnTable = '<span class="descriptiveText">'._kt('Recently Dropped Documents').'</span>
254 <table width="100%" class="kt_collection drop_box" cellspacing="0"> 292 <table width="100%" class="kt_collection drop_box" cellspacing="0">
255 293
256 <thead> 294 <thead>
@@ -261,242 +299,250 @@ class MyDropDocumentsPage extends KTStandardDispatcher { @@ -261,242 +299,250 @@ class MyDropDocumentsPage extends KTStandardDispatcher {
261 </thead> 299 </thead>
262 <tbody>'; 300 <tbody>';
263 301
264 - $sOddorEven = '';  
265 - $count = 1;  
266 - $rendered = array();  
267 - foreach ($aDocumentTransactions as $aRow)  
268 - {  
269 - $documentId = $aRow['document_id'];  
270 - if (in_array($documentId, $rendered))  
271 - {  
272 - continue;  
273 - }  
274 -  
275 - $rendered[] = $documentId;  
276 - $oDocument = Document::get($documentId);  
277 -  
278 - $sContentType = KTMime::getIconPath($oDocument->getMimeTypeID());  
279 - $aAnchorData = $this->getDocInfo($documentId);  
280 - $sLink = $aAnchorData[0];  
281 - $sShortDocName = $sDocName = $aAnchorData[1];  
282 -  
283 - $iDocLength = strlen($sDocName);  
284 - $iMax = 40;  
285 - if ( $iDocLength > $iMax )  
286 - {  
287 - $sShortDocName = substr($sDocName, 0, $iMax) . '...';  
288 - }  
289 -  
290 - $sOddorEven = ($count%2 == 0)?'even':'odd';  
291 -  
292 - $sReturnTable .= '<tr class="'.$sOddorEven.'">'.  
293 - '<td width="100%"><span class="contenttype '.$sContentType.'"><a title="'.$sDocName.'" href='.$sLink.'>'.$sShortDocName.'</a></span></td>'.  
294 - '<td width="1%">'.$aRow['datetime'].'</td>'.  
295 - '</tr>';  
296 - if (++$count > 5)  
297 - {  
298 - break;  
299 - }  
300 - }  
301 -  
302 - $location = 'browse.php?fFolderId='.$iMyDocsFolderID;  
303 - $sReturnTable .= '</tbody>'.  
304 - '</table>'.  
305 - '<br>'.  
306 - '<a href="'.$location.'">'._kt(' View All').' </a><br><br>';  
307 - $this->session->logout();  
308 -  
309 - return $sReturnTable;  
310 -  
311 - }  
312 - } 302 + $sOddorEven = '';
  303 + $count = 1;
  304 + $rendered = array();
  305 + foreach ($aDocumentTransactions as $aRow)
  306 + {
  307 + $documentId = $aRow['document_id'];
  308 + if (in_array($documentId, $rendered))
  309 + {
  310 + continue;
  311 + }
  312 +
  313 + $rendered[] = $documentId;
  314 + $oDocument = Document::get($documentId);
  315 +
  316 + $sContentType = KTMime::getIconPath($oDocument->getMimeTypeID());
  317 + $aAnchorData = $this->getDocInfo($documentId);
  318 + $sLink = $aAnchorData[0];
  319 + $sShortDocName = $sDocName = $aAnchorData[1];
  320 +
  321 + $iDocLength = strlen($sDocName);
  322 + $iMax = 40;
  323 + if ( $iDocLength > $iMax )
  324 + {
  325 + $sShortDocName = substr($sDocName, 0, $iMax) . '...';
  326 + }
  327 +
  328 + $sOddorEven = ($count%2 == 0)?'even':'odd';
  329 +
  330 + $sReturnTable .= '<tr class="'.$sOddorEven.'">'.
  331 + '<td width="100%"><span class="contenttype '.$sContentType.'"><a title="'.$sDocName.'" href='.$sLink.'>'.$sShortDocName.'</a></span></td>'.
  332 + '<td width="1%">'.$aRow['datetime'].'</td>'.
  333 + '</tr>';
  334 + if (++$count > 5)
  335 + {
  336 + break;
  337 + }
  338 + }
  339 +
  340 + $location = 'browse.php?fFolderId='.$iMyDocsFolderID;
  341 + $sReturnTable .= '</tbody>'.
  342 + '</table>'.
  343 + '<br>'.
  344 + '<a href="'.$location.'">'._kt(' View All').' </a><br><br>';
  345 + //$this->session->logout();
  346 +
  347 + return $sReturnTable;
  348 + }
313 349
314 function handleOutput($sOutput) { 350 function handleOutput($sOutput) {
315 print $sOutput; 351 print $sOutput;
316 } 352 }
317 353
318 //This function is used to set the permission on the dropdocuments folder 354 //This function is used to set the permission on the dropdocuments folder
319 - function setUserDocsPermissions($oUserPO)  
320 - {  
321 - //arrays returned from get Role ID's  
322 - $aWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner');  
323 - $aAdminGroupID = $this->getGroupIdByName('System Administrators');  
324 -  
325 - //arrays used to make integers for $aAllowed array variable  
326 - $iWorkSpaceOwnerRoleID = $aWorkSpaceOwnerRoleID[0]['id'];  
327 - $iAdminGroupID = $aAdminGroupID[0]['id'];  
328 - //$aBothAllowed is used to give permissions to the admin group and the WorkSpaceOwner role  
329 - $aBothAllowed = array('group' => array($iAdminGroupID), 'role' => array($iWorkSpaceOwnerRoleID));  
330 -  
331 - //$aAdminAllowed is used to give permissions to the admin group only  
332 - $aAdminAllowed = array('group' => array($iAdminGroupID));  
333 -  
334 - //Get the list of permissions  
335 - $aPermissions = KTPermission::getList();  
336 -  
337 - foreach ($aPermissions as $oPermission)  
338 - {  
339 - //If the permission is not one of the below then both are allowed the permission  
340 - //Otherwise only the admin group is allowed the permission  
341 - if($oPermission->getHumanName() != 'Delete' && $oPermission->getHumanName() != 'Rename Folder'  
342 - && $oPermission->getHumanName() != 'Manage security' && $oPermission->getHumanName() != 'Manage workflow')  
343 - {  
344 - KTPermissionUtil::setPermissionForId($oPermission, $oUserPO, $aBothAllowed);  
345 - }  
346 - else  
347 - {  
348 - KTPermissionUtil::setPermissionForId($oPermission, $oUserPO, $aAdminAllowed);  
349 - }  
350 - } 355 + function setUserDocsPermissions($oUserPO)
  356 + {
  357 + //arrays returned from get Role ID's
  358 + $aWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner');
  359 + $aAdminGroupID = $this->getGroupIdByName('System Administrators');
  360 +
  361 + //arrays used to make integers for $aAllowed array variable
  362 + $iWorkSpaceOwnerRoleID = $aWorkSpaceOwnerRoleID[0]['id'];
  363 + $iAdminGroupID = $aAdminGroupID[0]['id'];
  364 + //$aBothAllowed is used to give permissions to the admin group and the WorkSpaceOwner role
  365 + $aBothAllowed = array('group' => array($iAdminGroupID), 'role' => array($iWorkSpaceOwnerRoleID));
  366 +
  367 + //$aAdminAllowed is used to give permissions to the admin group only
  368 + $aAdminAllowed = array('group' => array($iAdminGroupID));
  369 +
  370 + //Get the list of permissions
  371 + $aPermissions = KTPermission::getList();
  372 +
  373 + foreach ($aPermissions as $oPermission)
  374 + {
  375 + //If the permission is not one of the below then both are allowed the permission
  376 + //Otherwise only the admin group is allowed the permission
  377 + if($oPermission->getHumanName() != 'Delete' && $oPermission->getHumanName() != 'Rename Folder'
  378 + && $oPermission->getHumanName() != 'Manage security' && $oPermission->getHumanName() != 'Manage workflow')
  379 + {
  380 + KTPermissionUtil::setPermissionForId($oPermission, $oUserPO, $aBothAllowed);
  381 + }
  382 + else
  383 + {
  384 + KTPermissionUtil::setPermissionForId($oPermission, $oUserPO, $aAdminAllowed);
  385 + }
  386 + }
351 387
352 //UPdate the permission lookup 388 //UPdate the permission lookup
353 KTPermissionUtil::updatePermissionLookupForPO($oUserPO); 389 KTPermissionUtil::updatePermissionLookupForPO($oUserPO);
354 - } 390 + }
355 391
356 - //This function is used for allocating the user to the WorkSpaceOwner role only when the dropdocuments folder  
357 - //has just been created.  
358 - function setUserDocsRoleAllocation($oUserFolderObject)  
359 - {  
360 - $userFolderID = $oUserFolderObject->getId(); 392 + //This function is used for allocating the user to the WorkSpaceOwner role only when the dropdocuments folder
  393 + //has just been created.
  394 + function setUserDocsRoleAllocation($oUserFolderObject)
  395 + {
  396 + $userFolderID = $oUserFolderObject->getId();
361 397
362 $tempWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner'); 398 $tempWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner');
363 $WorkSpaceOwnerRoleID = $tempWorkSpaceOwnerRoleID[0]['id']; 399 $WorkSpaceOwnerRoleID = $tempWorkSpaceOwnerRoleID[0]['id'];
364 400
365 //create a new role allocation 401 //create a new role allocation
366 - $oDropdocumentsRoleAllocation = new RoleAllocation();  
367 - if ($oDropdocumentsRoleAllocation == null)  
368 - {  
369 - $this->session->logout();  
370 - return _kt('Error: cannot create WorkSpaceOwner role allocation');  
371 - }  
372 -  
373 - //set the folder and role for the allocation  
374 - $oDropdocumentsRoleAllocation->setFolderId($userFolderID);  
375 - $oDropdocumentsRoleAllocation->setRoleId($WorkSpaceOwnerRoleID);  
376 -  
377 - $aWorkSpaceOwnerRoleAllowed = array();  
378 - $oDropdocumentsRoleAllocation->setAllowed($aWorkSpaceOwnerRoleAllowed);  
379 - //It might be a problem that i'm not doing a "start transaction" here.  
380 - //Unable to roll back in event of db failure  
381 - $res = $oDropdocumentsRoleAllocation->create();  
382 -  
383 - //The role is created and then updated by adding the current user to the allowed list  
384 -  
385 - $oPD = $oDropdocumentsRoleAllocation->getPermissionDescriptor();  
386 - $aWorkSpaceOwnerRoleAssignAllowed = $oPD->getAllowed();  
387 - $aUserId[] = $this->oUser->getId();  
388 - $aWorkSpaceOwnerRoleAssignAllowed['user'] = $aUserId;  
389 - $oDropdocumentsRoleAllocation->setAllowed($aWorkSpaceOwnerRoleAssignAllowed);  
390 - $res = $oDropdocumentsRoleAllocation->update();  
391 -  
392 - //Update all info linked to the role  
393 - $this->renegeratePermissionsForRole($oDropdocumentsRoleAllocation->getRoleId(), $userFolderID);  
394 - }  
395 -  
396 - //This function is used to allocate the current user to the WorkSpaceOwner role after the Dropdocuments folder  
397 - //has already been created.  
398 - function updateUserDocsRoleAllocation($oUserFolder)  
399 - {  
400 - $userFolderID = $oUserFolder->getId();  
401 - $tempWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner');//$oUserRole->getId(); 402 + $oDropdocumentsRoleAllocation = new RoleAllocation();
  403 + if ($oDropdocumentsRoleAllocation == null)
  404 + {
  405 + $this->session->logout();
  406 + return _kt('Error: cannot create WorkSpaceOwner role allocation');
  407 + }
  408 +
  409 + //set the folder and role for the allocation
  410 + $oDropdocumentsRoleAllocation->setFolderId($userFolderID);
  411 + $oDropdocumentsRoleAllocation->setRoleId($WorkSpaceOwnerRoleID);
  412 +
  413 + $aWorkSpaceOwnerRoleAllowed = array();
  414 + $oDropdocumentsRoleAllocation->setAllowed($aWorkSpaceOwnerRoleAllowed);
  415 + //It might be a problem that i'm not doing a "start transaction" here.
  416 + //Unable to roll back in event of db failure
  417 + $res = $oDropdocumentsRoleAllocation->create();
  418 +
  419 + if(!$res === true){
  420 + $this->session->logout();
  421 + return _kt('Error: cannot create role allocation');
  422 + }
  423 +
  424 + //The role is created and then updated by adding the current user to the allowed list
  425 +
  426 + $oPD = $oDropdocumentsRoleAllocation->getPermissionDescriptor();
  427 + $aWorkSpaceOwnerRoleAssignAllowed = $oPD->getAllowed();
  428 + $aUserId[] = $this->oUser->getId();
  429 + $aWorkSpaceOwnerRoleAssignAllowed['user'] = $aUserId;
  430 + $oDropdocumentsRoleAllocation->setAllowed($aWorkSpaceOwnerRoleAssignAllowed);
  431 + $res = $oDropdocumentsRoleAllocation->update();
  432 +
  433 + //Update all info linked to the role
  434 + $this->renegeratePermissionsForRole($oDropdocumentsRoleAllocation->getRoleId(), $userFolderID);
  435 + }
  436 +
  437 + //This function is used to allocate the current user to the WorkSpaceOwner role after the Dropdocuments folder
  438 + //has already been created.
  439 + function updateUserDocsRoleAllocation($oUserFolder)
  440 + {
  441 + $userFolderID = $oUserFolder->getId();
  442 + $tempWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner');//$oUserRole->getId();
402 $WorkSpaceOwnerRoleID = $tempWorkSpaceOwnerRoleID[0]['id']; 443 $WorkSpaceOwnerRoleID = $tempWorkSpaceOwnerRoleID[0]['id'];
403 444
404 //Get the role allocation object for the Dropdocuments folder and the WorkSpaceOwner role 445 //Get the role allocation object for the Dropdocuments folder and the WorkSpaceOwner role
405 $oDropdocumentsRoleAllocation = $oRoleAllocation = RoleAllocation::getAllocationsForFolderAndRole($userFolderID, $WorkSpaceOwnerRoleID); 446 $oDropdocumentsRoleAllocation = $oRoleAllocation = RoleAllocation::getAllocationsForFolderAndRole($userFolderID, $WorkSpaceOwnerRoleID);
406 447
407 - //check that the object is not null  
408 - if ($oDropdocumentsRoleAllocation == null)  
409 - {  
410 - $this->session->logout();  
411 - return _kt('Error: cannot find WorkSpaceOwner role allocation');  
412 - }  
413 -  
414 - $oPD = $oDropdocumentsRoleAllocation->getPermissionDescriptor();  
415 - $aWorkSpaceOwnerRoleAssignAllowed = $oPD->getAllowed();  
416 -  
417 - //If the user ID is not in the allowed list already then add it to the list.  
418 - if(!in_array($this->oUser->getId(), $aWorkSpaceOwnerRoleAssignAllowed['user']))  
419 - {  
420 - $aNewAllowed = array();  
421 - $aNewAllowed = $aWorkSpaceOwnerRoleAssignAllowed['user'];  
422 - $aNewAllowed[] = $this->oUser->getId();  
423 - $aWorkSpaceOwnerRoleAssignAllowed['user'] = $aNewAllowed;  
424 - $oDropdocumentsRoleAllocation->setAllowed($aWorkSpaceOwnerRoleAssignAllowed);  
425 - $res = $oDropdocumentsRoleAllocation->update();  
426 - $this->renegeratePermissionsForRole($oDropdocumentsRoleAllocation->getRoleId(), $userFolderID);  
427 - }  
428 - }  
429 -  
430 - function setPersonalFolderPermissions($oPO)  
431 - {  
432 - $aWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner');  
433 - $aAdminGroupID = $this->getGroupIdByName('System Administrators');  
434 -  
435 - //arrays used to make integers for $aAllowed array variable  
436 - $iWorkSpaceOwnerRoleID = $aWorkSpaceOwnerRoleID[0]['id'];  
437 - $iAdminGroupID = $aAdminGroupID[0]['id'];  
438 -  
439 - //set permissions for the role and the admin group  
440 - $aAllowed = array('role' => array($iWorkSpaceOwnerRoleID), 'group' => array($iAdminGroupID));  
441 -  
442 - //Get the List of all the permissions  
443 - $aPersonalFolderPermissions = KTPermission::getList();  
444 -  
445 - //Iterate through and apply all permissions to the current user and the admin group  
446 - foreach ($aPersonalFolderPermissions as $oPersonalFolderPermission)  
447 - {  
448 - KTPermissionUtil::setPermissionForId($oPersonalFolderPermission, $oPO, $aAllowed);  
449 -  
450 - }  
451 -  
452 - //Update permission lookup  
453 - KTPermissionUtil::updatePermissionLookupForPO($oPO);  
454 - }  
455 -  
456 - function updatePersonalFolderRoleAllocation($oPersonalFolder)  
457 - {  
458 - //Assign user to the WorkSpaceOwner role 448 + //check that the object is not null
  449 + if ($oDropdocumentsRoleAllocation == null)
  450 + {
  451 + $this->session->logout();
  452 + return _kt('Error: cannot find WorkSpaceOwner role allocation');
  453 + }
  454 +
  455 + $oPD = $oDropdocumentsRoleAllocation->getPermissionDescriptor();
  456 + $aWorkSpaceOwnerRoleAssignAllowed = $oPD->getAllowed();
  457 +
  458 + //If the user ID is not in the allowed list already then add it to the list.
  459 + if(!in_array($this->oUser->getId(), $aWorkSpaceOwnerRoleAssignAllowed['user']))
  460 + {
  461 + $aNewAllowed = array();
  462 + $aNewAllowed = $aWorkSpaceOwnerRoleAssignAllowed['user'];
  463 + $aNewAllowed[] = $this->oUser->getId();
  464 + $aWorkSpaceOwnerRoleAssignAllowed['user'] = $aNewAllowed;
  465 + $oDropdocumentsRoleAllocation->setAllowed($aWorkSpaceOwnerRoleAssignAllowed);
  466 + $res = $oDropdocumentsRoleAllocation->update();
  467 + $this->renegeratePermissionsForRole($oDropdocumentsRoleAllocation->getRoleId(), $userFolderID);
  468 + }
  469 + }
  470 +
  471 + function setPersonalFolderPermissions($oPO)
  472 + {
  473 + $aWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner');
  474 + $aAdminGroupID = $this->getGroupIdByName('System Administrators');
  475 +
  476 + //arrays used to make integers for $aAllowed array variable
  477 + $iWorkSpaceOwnerRoleID = $aWorkSpaceOwnerRoleID[0]['id'];
  478 + $iAdminGroupID = $aAdminGroupID[0]['id'];
  479 +
  480 + //set permissions for the role and the admin group
  481 + $aAllowed = array('role' => array($iWorkSpaceOwnerRoleID), 'group' => array($iAdminGroupID));
  482 +
  483 + //Get the List of all the permissions
  484 + $aPersonalFolderPermissions = KTPermission::getList();
  485 +
  486 + //Iterate through and apply all permissions to the current user and the admin group
  487 + foreach ($aPersonalFolderPermissions as $oPersonalFolderPermission)
  488 + {
  489 + KTPermissionUtil::setPermissionForId($oPersonalFolderPermission, $oPO, $aAllowed);
  490 +
  491 + }
  492 +
  493 + //Update permission lookup
  494 + KTPermissionUtil::updatePermissionLookupForPO($oPO);
  495 + }
  496 +
  497 + function updatePersonalFolderRoleAllocation($oPersonalFolder)
  498 + {
  499 + //Assign user to the WorkSpaceOwner role
459 $personalFolderID = $oPersonalFolder->getId(); 500 $personalFolderID = $oPersonalFolder->getId();
460 $tempWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner'); 501 $tempWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner');
461 $WorkSpaceOwnerRoleID = $tempWorkSpaceOwnerRoleID[0]['id']; 502 $WorkSpaceOwnerRoleID = $tempWorkSpaceOwnerRoleID[0]['id'];
462 503
463 - $oRoleAllocation = new RoleAllocation();  
464 - if ($oRoleAllocation == null)  
465 - {  
466 - $this->session->logout();  
467 - return _kt('Error: Cannot create WorkSpaceOwner role allocation on personal folder');  
468 - }  
469 - $oRoleAllocation->setFolderId($personalFolderID);  
470 - $oRoleAllocation->setRoleId($WorkSpaceOwnerRoleID);  
471 -  
472 - $aRoleAllowed = array();  
473 - $oRoleAllocation->setAllowed($aRoleAllowed);  
474 -  
475 - //It might be a problem that i'm not doing a "start transaction" here.  
476 - //Unable to roll back in event of db failure  
477 - $res = $oRoleAllocation->create();  
478 -  
479 - //The role is first created and then the current user is allocated to the role below  
480 -  
481 - $oPD = $oRoleAllocation->getPermissionDescriptor();  
482 - $aRoleAssignAllowed = $oPD->getAllowed();  
483 - $aUserId[] = $this->oUser->getId();  
484 - $aRoleAssignAllowed['user'] = $aUserId;  
485 - $oRoleAllocation->setAllowed($aRoleAssignAllowed);  
486 - $res = $oRoleAllocation->update();  
487 - $this->renegeratePermissionsForRole($oRoleAllocation->getRoleId(), $personalFolderID);  
488 - }  
489 -  
490 - //FIXME: Direct Database access 504 + $oRoleAllocation = new RoleAllocation();
  505 + if ($oRoleAllocation == null)
  506 + {
  507 + $this->session->logout();
  508 + return _kt('Error: Cannot create WorkSpaceOwner role allocation on personal folder');
  509 + }
  510 + $oRoleAllocation->setFolderId($personalFolderID);
  511 + $oRoleAllocation->setRoleId($WorkSpaceOwnerRoleID);
  512 +
  513 + $aRoleAllowed = array();
  514 + $oRoleAllocation->setAllowed($aRoleAllowed);
  515 +
  516 + //It might be a problem that i'm not doing a "start transaction" here.
  517 + //Unable to roll back in event of db failure
  518 + $res = $oRoleAllocation->create();
  519 +
  520 + if(!$res === true){
  521 + $this->session->logout();
  522 + return _kt('Error: cannot create role allocation');
  523 + }
  524 +
  525 + //The role is first created and then the current user is allocated to the role below
  526 +
  527 + $oPD = $oRoleAllocation->getPermissionDescriptor();
  528 + $aRoleAssignAllowed = $oPD->getAllowed();
  529 + $aUserId[] = $this->oUser->getId();
  530 + $aRoleAssignAllowed['user'] = $aUserId;
  531 + $oRoleAllocation->setAllowed($aRoleAssignAllowed);
  532 + $res = $oRoleAllocation->update();
  533 + $this->renegeratePermissionsForRole($oRoleAllocation->getRoleId(), $personalFolderID);
  534 + }
  535 +
  536 + //FIXME: Direct Database access
491 function getFolderID($sFolderName) { 537 function getFolderID($sFolderName) {
492 $sQuery = 'SELECT id FROM folders WHERE name = \''.$sFolderName.'\''; 538 $sQuery = 'SELECT id FROM folders WHERE name = \''.$sFolderName.'\'';
493 539
494 - $id = DBUtil::getResultArray($sQuery);  
495 - return $id[0]['id'];  
496 - } 540 + $id = DBUtil::getResultArray($sQuery);
  541 + return $id[0]['id'];
  542 + }
497 543
498 - //this function returns the document link and document name to be displayed on the dashlet  
499 - function getDocInfo($iDocId) { 544 + //this function returns the document link and document name to be displayed on the dashlet
  545 + function getDocInfo($iDocId) {
500 $oDocument = Document::get($iDocId); 546 $oDocument = Document::get($iDocId);
501 547
502 if (PEAR::isError($oDocument)) { 548 if (PEAR::isError($oDocument)) {
@@ -506,30 +552,30 @@ class MyDropDocumentsPage extends KTStandardDispatcher { @@ -506,30 +552,30 @@ class MyDropDocumentsPage extends KTStandardDispatcher {
506 $sName = htmlentities($oDocument->getName(), ENT_NOQUOTES, 'UTF-8'); 552 $sName = htmlentities($oDocument->getName(), ENT_NOQUOTES, 'UTF-8');
507 $sLink = KTBrowseUtil::getUrlForDocument($oDocument); 553 $sLink = KTBrowseUtil::getUrlForDocument($oDocument);
508 554
509 - $aAnchorData = array();  
510 - $aAnchorData[] = $sLink;  
511 - $aAnchorData[] = $sName;  
512 - return $aAnchorData; 555 + $aAnchorData = array();
  556 + $aAnchorData[] = $sLink;
  557 + $aAnchorData[] = $sName;
  558 + return $aAnchorData;
513 } 559 }
514 560
515 //This function is used to create the role, role allocation is done separately 561 //This function is used to create the role, role allocation is done separately
516 function createRole ($sName) 562 function createRole ($sName)
517 { 563 {
518 - $this->startTransaction(); 564 + $this->startTransaction();
519 $oRole = Role::createFromArray(array('name' => $sName)); 565 $oRole = Role::createFromArray(array('name' => $sName));
520 566
521 if (PEAR::isError($oRole) || ($oRole == false)) 567 if (PEAR::isError($oRole) || ($oRole == false))
522 { 568 {
523 - if ($this->bTransactionStarted) 569 + if ($this->bTransactionStarted)
524 { 570 {
525 - $this->rollbackTransaction();  
526 - } 571 + $this->rollbackTransaction();
  572 + }
527 //return null on failure 573 //return null on failure
528 return null; 574 return null;
529 } 575 }
530 else 576 else
531 { 577 {
532 - return $oRole; 578 + return $oRole;
533 579
534 } 580 }
535 } 581 }
@@ -537,131 +583,131 @@ class MyDropDocumentsPage extends KTStandardDispatcher { @@ -537,131 +583,131 @@ class MyDropDocumentsPage extends KTStandardDispatcher {
537 //FIXME: Direct Database access 583 //FIXME: Direct Database access
538 function roleExistsName ($sName) 584 function roleExistsName ($sName)
539 { 585 {
540 - $sQuery = "SELECT id FROM roles WHERE name = ?"; 586 + $sQuery = "SELECT id FROM roles WHERE name = ?";
541 $aParams = array($sName); 587 $aParams = array($sName);
542 - $res = DBUtil::getResultArray(array($sQuery, $aParams)); 588 + $res = DBUtil::getResultArray(array($sQuery, $aParams));
543 589
544 - if (count($res) != 0)  
545 - {  
546 - return true;  
547 - }  
548 - return false; 590 + if (count($res) != 0)
  591 + {
  592 + return true;
  593 + }
  594 + return false;
549 } 595 }
550 596
551 //FIXME: Direct Database access 597 //FIXME: Direct Database access
552 function groupExistsName ($sName) 598 function groupExistsName ($sName)
553 { 599 {
554 - $sQuery = "SELECT id FROM groups_lookup WHERE name = ?"; 600 + $sQuery = "SELECT id FROM groups_lookup WHERE name = ?";
555 $aParams = array($sName); 601 $aParams = array($sName);
556 - $res = DBUtil::getResultArray(array($sQuery, $aParams)); 602 + $res = DBUtil::getResultArray(array($sQuery, $aParams));
557 603
558 - if (count($res) != 0)  
559 - {  
560 - return true;  
561 - }  
562 - return false; 604 + if (count($res) != 0)
  605 + {
  606 + return true;
  607 + }
  608 + return false;
563 } 609 }
564 610
565 //FIXME: Direct Database access 611 //FIXME: Direct Database access
566 function getRoleIdByName($sName) 612 function getRoleIdByName($sName)
567 { 613 {
568 - $sQuery = "SELECT id FROM roles WHERE name = ?"; 614 + $sQuery = "SELECT id FROM roles WHERE name = ?";
569 $aParams = array($sName); 615 $aParams = array($sName);
570 - $res = DBUtil::getResultArray(array($sQuery, $aParams));  
571 - return $res; 616 + $res = DBUtil::getResultArray(array($sQuery, $aParams));
  617 + return $res;
572 } 618 }
573 619
574 //FIXME: Direct Database access 620 //FIXME: Direct Database access
575 function getGroupIdByName ($sName) 621 function getGroupIdByName ($sName)
576 { 622 {
577 - $sQuery = "SELECT id FROM groups_lookup WHERE name = ?"; 623 + $sQuery = "SELECT id FROM groups_lookup WHERE name = ?";
578 $aParams = array($sName); 624 $aParams = array($sName);
579 - $res = DBUtil::getResultArray(array($sQuery, $aParams));  
580 - return $res; 625 + $res = DBUtil::getResultArray(array($sQuery, $aParams));
  626 + return $res;
581 } 627 }
582 628
583 //function taken from KTPermission.php and edited to work here 629 //function taken from KTPermission.php and edited to work here
584 function renegeratePermissionsForRole($iRoleId, $iFolderId) { 630 function renegeratePermissionsForRole($iRoleId, $iFolderId) {
585 - $iStartFolderId = $iFolderId;  
586 - /*  
587 - * 1. find all folders & documents "below" this one which use the role  
588 - * definition _active_ (not necessarily present) at this point.  
589 - * 2. tell permissionutil to regen their permissions.  
590 - *  
591 - * The find algorithm is:  
592 - *  
593 - * folder_queue <- (iStartFolderId)  
594 - * while folder_queue is not empty:  
595 - * active_folder =  
596 - * for each folder in the active_folder:  
597 - * find folders in _this_ folder without a role-allocation on the iRoleId  
598 - * add them to the folder_queue  
599 - * update the folder's permissions.  
600 - * find documents in this folder:  
601 - * update their permissions.  
602 - */  
603 -  
604 - $sRoleAllocTable = KTUtil::getTableName('role_allocations');  
605 - $sFolderTable = KTUtil::getTableName('folders');  
606 - $sQuery = sprintf('SELECT f.id as id FROM %s AS f LEFT JOIN %s AS ra ON (f.id = ra.folder_id) WHERE ra.id IS NULL AND f.parent_id = ?', $sFolderTable, $sRoleAllocTable);  
607 -  
608 -  
609 - $folder_queue = array($iStartFolderId);  
610 - while (!empty($folder_queue)) {  
611 - $active_folder = array_pop($folder_queue);  
612 -  
613 - $aParams = array($active_folder);  
614 -  
615 - $aNewFolders = DBUtil::getResultArrayKey(array($sQuery, $aParams), 'id');  
616 - if (PEAR::isError($aNewFolders)) {  
617 - //$this->errorRedirectToMain(_kt('Failure to generate folderlisting.'));  
618 - echo _kt('Failure to generate folderlisting.');  
619 - }  
620 - $folder_queue = kt_array_merge ($folder_queue, (array) $aNewFolders); // push.  
621 -  
622 -  
623 - // update the folder.  
624 - $oFolder =& Folder::get($active_folder);  
625 - if (PEAR::isError($oFolder) || ($oFolder == false)) {  
626 - //$this->errorRedirectToMain(_kt('Unable to locate folder: ') . $active_folder);  
627 - echo _kt('Unable to locate folder: ').$active_folder;  
628 - }  
629 -  
630 - KTPermissionUtil::updatePermissionLookup($oFolder);  
631 - $aDocList =& Document::getList(array('folder_id = ?', $active_folder));  
632 - if (PEAR::isError($aDocList) || ($aDocList === false)) {  
633 - //$this->errorRedirectToMain(sprintf(_kt('Unable to get documents in folder %s: %s'), $active_folder, $aDocList->getMessage()));  
634 - echo _kt('Unable to get documents in folder ').$active_folder;  
635 - }  
636 -  
637 - foreach ($aDocList as $oDoc) {  
638 - if (!PEAR::isError($oDoc)) {  
639 - KTPermissionUtil::updatePermissionLookup($oDoc);  
640 - }  
641 - }  
642 - }  
643 - }  
644 -  
645 - /*  
646 - attempt to abstract the transaction-matching query.  
647 -  
648 - tables that are already defined (other than sec ones):  
649 -  
650 - - Documents (D)  
651 - - Users (U)  
652 - - TransactionTypes (DTT)  
653 - - Document Transactions (DT)  
654 -  
655 - so where clausess can take advantage of those.  
656 -  
657 - */ 631 + $iStartFolderId = $iFolderId;
  632 + /*
  633 + * 1. find all folders & documents "below" this one which use the role
  634 + * definition _active_ (not necessarily present) at this point.
  635 + * 2. tell permissionutil to regen their permissions.
  636 + *
  637 + * The find algorithm is:
  638 + *
  639 + * folder_queue <- (iStartFolderId)
  640 + * while folder_queue is not empty:
  641 + * active_folder =
  642 + * for each folder in the active_folder:
  643 + * find folders in _this_ folder without a role-allocation on the iRoleId
  644 + * add them to the folder_queue
  645 + * update the folder's permissions.
  646 + * find documents in this folder:
  647 + * update their permissions.
  648 + */
  649 +
  650 + $sRoleAllocTable = KTUtil::getTableName('role_allocations');
  651 + $sFolderTable = KTUtil::getTableName('folders');
  652 + $sQuery = sprintf('SELECT f.id as id FROM %s AS f LEFT JOIN %s AS ra ON (f.id = ra.folder_id) WHERE ra.id IS NULL AND f.parent_id = ?', $sFolderTable, $sRoleAllocTable);
  653 +
  654 +
  655 + $folder_queue = array($iStartFolderId);
  656 + while (!empty($folder_queue)) {
  657 + $active_folder = array_pop($folder_queue);
  658 +
  659 + $aParams = array($active_folder);
  660 +
  661 + $aNewFolders = DBUtil::getResultArrayKey(array($sQuery, $aParams), 'id');
  662 + if (PEAR::isError($aNewFolders)) {
  663 + //$this->errorRedirectToMain(_kt('Failure to generate folderlisting.'));
  664 + echo _kt('Failure to generate folderlisting.');
  665 + }
  666 + $folder_queue = kt_array_merge ($folder_queue, (array) $aNewFolders); // push.
  667 +
  668 +
  669 + // update the folder.
  670 + $oFolder =& Folder::get($active_folder);
  671 + if (PEAR::isError($oFolder) || ($oFolder == false)) {
  672 + //$this->errorRedirectToMain(_kt('Unable to locate folder: ') . $active_folder);
  673 + echo _kt('Unable to locate folder: ').$active_folder;
  674 + }
  675 +
  676 + KTPermissionUtil::updatePermissionLookup($oFolder);
  677 + $aDocList =& Document::getList(array('folder_id = ?', $active_folder));
  678 + if (PEAR::isError($aDocList) || ($aDocList === false)) {
  679 + //$this->errorRedirectToMain(sprintf(_kt('Unable to get documents in folder %s: %s'), $active_folder, $aDocList->getMessage()));
  680 + echo _kt('Unable to get documents in folder ').$active_folder;
  681 + }
  682 +
  683 + foreach ($aDocList as $oDoc) {
  684 + if (!PEAR::isError($oDoc)) {
  685 + KTPermissionUtil::updatePermissionLookup($oDoc);
  686 + }
  687 + }
  688 + }
  689 + }
  690 +
  691 + /*
  692 + attempt to abstract the transaction-matching query.
  693 +
  694 + tables that are already defined (other than sec ones):
  695 +
  696 + - Documents (D)
  697 + - Users (U)
  698 + - TransactionTypes (DTT)
  699 + - Document Transactions (DT)
  700 +
  701 + so where clausess can take advantage of those.
  702 +
  703 + */
658 function getTransactionsMatchingQuery($oUser, $sJoinClause, $aExternalWhereClauses, $aExternalWhereParams, $aOptions = null) { 704 function getTransactionsMatchingQuery($oUser, $sJoinClause, $aExternalWhereClauses, $aExternalWhereParams, $aOptions = null) {
659 705
660 $sSelectItems = 'DTT.name AS transaction_name, U.name AS user_name, DT.version AS version, DT.comment AS comment, DT.datetime AS datetime, D.id as document_id, DT.transaction_namespace as namespace'; 706 $sSelectItems = 'DTT.name AS transaction_name, U.name AS user_name, DT.version AS version, DT.comment AS comment, DT.datetime AS datetime, D.id as document_id, DT.transaction_namespace as namespace';
661 $sBaseJoin = "FROM " . KTUtil::getTableName("document_transactions") . " AS DT " . 707 $sBaseJoin = "FROM " . KTUtil::getTableName("document_transactions") . " AS DT " .
662 - "INNER JOIN " . KTUtil::getTableName("users") . " AS U ON DT.user_id = U.id " .  
663 - "INNER JOIN " . KTUtil::getTableName("transaction_types") . " AS DTT ON DTT.namespace = DT.transaction_namespace " .  
664 - "INNER JOIN " . KTUtil::getTableName("documents") . " AS D ON D.id = DT.document_id "; 708 + "INNER JOIN " . KTUtil::getTableName("users") . " AS U ON DT.user_id = U.id " .
  709 + "INNER JOIN " . KTUtil::getTableName("transaction_types") . " AS DTT ON DTT.namespace = DT.transaction_namespace " .
  710 + "INNER JOIN " . KTUtil::getTableName("documents") . " AS D ON D.id = DT.document_id ";
665 711
666 // now we're almost at partialquery like status. 712 // now we're almost at partialquery like status.
667 $perm_res = KTSearchUtil::permissionToSQL($oUser, 'ktcore.permissions.read'); 713 $perm_res = KTSearchUtil::permissionToSQL($oUser, 'ktcore.permissions.read');
@@ -687,13 +733,13 @@ class MyDropDocumentsPage extends KTStandardDispatcher { @@ -687,13 +733,13 @@ class MyDropDocumentsPage extends KTStandardDispatcher {
687 } 733 }
688 734
689 $sQuery = sprintf("SELECT %s %s %s %s %s ORDER BY %s", 735 $sQuery = sprintf("SELECT %s %s %s %s %s ORDER BY %s",
690 - $sSelectItems,  
691 - $sBaseJoin,  
692 - $sPermissionJoin,  
693 - $sJoinClause,  
694 - $sWhereClause,  
695 - $sOrderBy  
696 - ); 736 + $sSelectItems,
  737 + $sBaseJoin,
  738 + $sPermissionJoin,
  739 + $sJoinClause,
  740 + $sWhereClause,
  741 + $sOrderBy
  742 + );
697 743
698 //var_dump(array($sQuery, $aFinalWhereParams)); 744 //var_dump(array($sQuery, $aFinalWhereParams));
699 745