Commit 12681aca9d1f5d3a31e2207a8ba2f59a22ff2389
1 parent
888f61f9
KTS-3739
"Although 'Action Restrictions' for 'Delete' and 'Download' are set the user can still Delete and Download the document via the bulk actions when in folder view." Fixed. Added a check on the workflow. Committed by: Megan Watson Reviewed by: Conrad Vermeulen git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@9439 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
3 changed files
with
23 additions
and
0 deletions
lib/documentmanagement/documentutil.inc.php
| ... | ... | @@ -908,6 +908,10 @@ $sourceDocument->getName(), |
| 908 | 908 | return PEAR::raiseError(sprintf(_kt('The document is checked out and cannot be deleted: %s'), $oDocument->getName())); |
| 909 | 909 | } |
| 910 | 910 | |
| 911 | + if(!KTWorkflowUtil::actionEnabledForDocument($oDocument, 'ktcore.actions.document.delete')){ | |
| 912 | + return PEAR::raiseError(_kt('Document cannot be deleted as it is restricted by the workflow.')); | |
| 913 | + } | |
| 914 | + | |
| 911 | 915 | // IF we're deleted ... |
| 912 | 916 | if ($oDocument->getStatusID() == DELETED) { |
| 913 | 917 | return true; | ... | ... |
plugins/ktcore/KTBulkActions.php
| ... | ... | @@ -57,6 +57,9 @@ class KTBulkDeleteAction extends KTBulkAction { |
| 57 | 57 | { |
| 58 | 58 | return PEAR::raiseError(_kt('Document cannot be deleted as it is immutable')); |
| 59 | 59 | } |
| 60 | + if(!KTWorkflowUtil::actionEnabledForDocument($oEntity, 'ktcore.actions.document.delete')){ | |
| 61 | + return PEAR::raiseError(_kt('Document cannot be deleted as it is restricted by the workflow.')); | |
| 62 | + } | |
| 60 | 63 | } |
| 61 | 64 | return parent::check_entity($oEntity); |
| 62 | 65 | } |
| ... | ... | @@ -705,6 +708,11 @@ class KTBrowseBulkExportAction extends KTBulkAction { |
| 705 | 708 | return PEAR::raiseError(_kt('You do not have the required permissions')); |
| 706 | 709 | } |
| 707 | 710 | } |
| 711 | + if(is_a($oEntity, 'Document')){ | |
| 712 | + if(!KTWorkflowUtil::actionEnabledForDocument($oEntity, 'ktcore.actions.document.view')){ | |
| 713 | + return PEAR::raiseError(_kt('Document cannot be exported as it is restricted by the workflow.')); | |
| 714 | + } | |
| 715 | + } | |
| 708 | 716 | return parent::check_entity($oEntity); |
| 709 | 717 | } |
| 710 | 718 | |
| ... | ... | @@ -844,6 +852,12 @@ class KTBrowseBulkExportAction extends KTBulkAction { |
| 844 | 852 | $oDocument->switchToLinkedCore(); |
| 845 | 853 | } |
| 846 | 854 | if(Permission::userHasDocumentReadPermission($oDocument)){ |
| 855 | + | |
| 856 | + if(!KTWorkflowUtil::actionEnabledForDocument($oDocument, 'ktcore.actions.document.view')){ | |
| 857 | + $this->addErrorMessage($oDocument->getName().': '._kt('Document cannot be exported as it is restricted by the workflow.')); | |
| 858 | + continue; | |
| 859 | + } | |
| 860 | + | |
| 847 | 861 | $sDocFolderId = $oDocument->getFolderID(); |
| 848 | 862 | $oFolder = isset($aFolderObjects[$sDocFolderId]) ? $aFolderObjects[$sDocFolderId] : Folder::get($sDocFolderId); |
| 849 | 863 | ... | ... |
plugins/ktstandard/KTBulkExportPlugin.php
| ... | ... | @@ -140,6 +140,11 @@ class KTBulkExportAction extends KTFolderAction { |
| 140 | 140 | $oDocument = Document::get($iId); |
| 141 | 141 | $sFolderId = $oDocument->getFolderID(); |
| 142 | 142 | |
| 143 | + if(!KTWorkflowUtil::actionEnabledForDocument($oDocument, 'ktcore.actions.document.view')){ | |
| 144 | + $this->addErrorMessage($oDocument->getName().': '._kt('Document cannot be exported as it is restricted by the workflow.')); | |
| 145 | + continue; | |
| 146 | + } | |
| 147 | + | |
| 143 | 148 | $oFolder = isset($aFolderObjects[$sFolderId]) ? $aFolderObjects[$sFolderId] : Folder::get($sFolderId); |
| 144 | 149 | |
| 145 | 150 | if ($bNoisy) { | ... | ... |