diff --git a/presentation/lookAndFeel/knowledgeTree/documentmanagement/addDocumentLinkBL.php b/presentation/lookAndFeel/knowledgeTree/documentmanagement/addDocumentLinkBL.php index e38c1b5..d348265 100644 --- a/presentation/lookAndFeel/knowledgeTree/documentmanagement/addDocumentLinkBL.php +++ b/presentation/lookAndFeel/knowledgeTree/documentmanagement/addDocumentLinkBL.php @@ -37,10 +37,12 @@ if (checkSession()) { require_once("$default->fileSystemRoot/lib/visualpatterns/PatternCustom.inc"); require_once("$default->fileSystemRoot/lib/security/Permission.inc"); require_once("$default->fileSystemRoot/presentation/Html.inc"); + require_once("$default->fileSystemRoot/lib/foldermanagement/Folder.inc"); require_once("documentUI.inc"); require_once("addDocumentLinkUI.inc"); - if (Permission::userHasDocumentWritePermission($fDocumentID)) { + $oDocument = Document::get($fDocumentID); + if (Permission::userHasDocumentWritePermission($oDocument)) { //user has permission to link this document to another if (isset($fForStore)) { //create a new document link diff --git a/presentation/lookAndFeel/knowledgeTree/documentmanagement/checkInDocumentBL.php b/presentation/lookAndFeel/knowledgeTree/documentmanagement/checkInDocumentBL.php index ff03e9e..9d8e280 100644 --- a/presentation/lookAndFeel/knowledgeTree/documentmanagement/checkInDocumentBL.php +++ b/presentation/lookAndFeel/knowledgeTree/documentmanagement/checkInDocumentBL.php @@ -60,13 +60,13 @@ if (checkSession()) { require_once("$default->fileSystemRoot/lib/subscriptions/SubscriptionEngine.inc"); $oPatternCustom = & new PatternCustom(); - + if (isset($fDocumentID)) { // instantiate the document $oDocument = & Document::get($fDocumentID); if ($oDocument) { // user has permission to check the document in - if (Permission::userHasDocumentWritePermission($fDocumentID)) { + if (Permission::userHasDocumentWritePermission($oDocument)) { // and the document is checked out if ($oDocument->getIsCheckedOut()) { // by you diff --git a/presentation/lookAndFeel/knowledgeTree/documentmanagement/checkOutDocumentBL.php b/presentation/lookAndFeel/knowledgeTree/documentmanagement/checkOutDocumentBL.php index 1771c2b..391a8de 100644 --- a/presentation/lookAndFeel/knowledgeTree/documentmanagement/checkOutDocumentBL.php +++ b/presentation/lookAndFeel/knowledgeTree/documentmanagement/checkOutDocumentBL.php @@ -61,13 +61,13 @@ if (checkSession()) { require_once("$default->fileSystemRoot/lib/subscriptions/SubscriptionEngine.inc"); $oPatternCustom = & new PatternCustom(); - + if (isset($fDocumentID)) { // instantiate the document $oDocument = & Document::get($fDocumentID); if ($oDocument) { // user has permission to check the document out - if (Permission::userHasDocumentWritePermission($fDocumentID)) { + if (Permission::userHasDocumentWritePermission($oDocument)) { // and its not checked out already if (!$oDocument->getIsCheckedOut()) { // if we're ready to perform the updates diff --git a/presentation/lookAndFeel/knowledgeTree/documentmanagement/collaborationBL.php b/presentation/lookAndFeel/knowledgeTree/documentmanagement/collaborationBL.php index 6d0f368..b2d9468 100644 --- a/presentation/lookAndFeel/knowledgeTree/documentmanagement/collaborationBL.php +++ b/presentation/lookAndFeel/knowledgeTree/documentmanagement/collaborationBL.php @@ -56,7 +56,8 @@ if (checkSession()) { //if the required form variabled are set if (isset($fFolderCollaborationID) && isset($fDocumentID)) { //if the user has write permission for the document - if (Permission::userHasDocumentWritePermission($fDocumentID)) { + $oDocument = Document::get($fDocumentID); + if (Permission::userHasDocumentWritePermission($oDocument)) { if ($fIsActive) { //if the document collaboration step the user is attempting to edit is underway, you may not edit it //so bounce the user back to the document view page and display an error message diff --git a/presentation/lookAndFeel/knowledgeTree/documentmanagement/deleteDocumentBL.php b/presentation/lookAndFeel/knowledgeTree/documentmanagement/deleteDocumentBL.php index 85308f3..2e72b97 100644 --- a/presentation/lookAndFeel/knowledgeTree/documentmanagement/deleteDocumentBL.php +++ b/presentation/lookAndFeel/knowledgeTree/documentmanagement/deleteDocumentBL.php @@ -43,8 +43,10 @@ require_once("$default->fileSystemRoot/presentation/lookAndFeel/knowledgeTree/fo require_once("deleteDocumentUI.inc"); if (checkSession()) { + if (isset($fDocumentID)) { - if (Permission::userHasDocumentWritePermission($fDocumentID)) { + $oDocument = Document::get($fDocumentID); + if (Permission::userHasDocumentWritePermission($oDocument)) { // check if there is collaboration for this document $aFolderUserRoles = FolderUserRole::getList("document_id = $fDocumentID"); // check if any of them are active diff --git a/presentation/lookAndFeel/knowledgeTree/documentmanagement/modifyBL.php b/presentation/lookAndFeel/knowledgeTree/documentmanagement/modifyBL.php index f4bad42..f3056d9 100644 --- a/presentation/lookAndFeel/knowledgeTree/documentmanagement/modifyBL.php +++ b/presentation/lookAndFeel/knowledgeTree/documentmanagement/modifyBL.php @@ -50,9 +50,9 @@ if (checkSession()) { require_once("$default->fileSystemRoot/presentation/lookAndFeel/knowledgeTree/foldermanagement/folderUI.inc"); require_once("$default->fileSystemRoot/presentation/Html.inc"); - if (Permission::userHasDocumentWritePermission($fDocumentID)) { + $oDocument = & Document::get($fDocumentID); + if (Permission::userHasDocumentWritePermission($oDocument)) { //if the user has write permission - $oDocument = & Document::get($fDocumentID); if (isset($fForUpdate)) { //if the user is updating the values $oDocument->setName($fDocumentName); diff --git a/presentation/lookAndFeel/knowledgeTree/documentmanagement/modifyGenericMetaDataBL.php b/presentation/lookAndFeel/knowledgeTree/documentmanagement/modifyGenericMetaDataBL.php index 5da1067..d463e8a 100644 --- a/presentation/lookAndFeel/knowledgeTree/documentmanagement/modifyGenericMetaDataBL.php +++ b/presentation/lookAndFeel/knowledgeTree/documentmanagement/modifyGenericMetaDataBL.php @@ -42,8 +42,10 @@ if (checkSession()) { require_once("documentUI.inc"); require_once("modifyGenericMetaDataUI.inc"); - if (Permission::userHasDocumentWritePermission($fDocumentID)) { - $oDocument = Document::get($fDocumentID); + + $oDocument = Document::get($fDocumentID); + if (Permission::userHasDocumentWritePermission($oDocument)) { + require_once("$default->fileSystemRoot/presentation/webpageTemplate.inc"); $oPatternCustom = & new PatternCustom(); $oPatternCustom->setHtml(getPage($fDocumentID, $oDocument->getDocumentTypeID(), $fFirstEdit)); diff --git a/presentation/lookAndFeel/knowledgeTree/documentmanagement/modifySpecificMetaDataBL.php b/presentation/lookAndFeel/knowledgeTree/documentmanagement/modifySpecificMetaDataBL.php index 1e4796d..b9ac9a8 100644 --- a/presentation/lookAndFeel/knowledgeTree/documentmanagement/modifySpecificMetaDataBL.php +++ b/presentation/lookAndFeel/knowledgeTree/documentmanagement/modifySpecificMetaDataBL.php @@ -38,8 +38,9 @@ if (checkSession()) { require_once("documentUI.inc"); require_once("modifySpecificMetaDataUI.inc"); - if (Permission::userHasDocumentWritePermission($fDocumentID)) { - $oDocument = Document::get($fDocumentID); + $oDocument = Document::get($fDocumentID); + if (Permission::userHasDocumentWritePermission($oDocument)) { + require_once("$default->fileSystemRoot/presentation/webpageTemplate.inc"); $oPatternCustom = & new PatternCustom(); $oPatternCustom->setHtml(getPage($fDocumentID, $oDocument->getDocumentTypeID(), $fFirstEdit)); diff --git a/presentation/lookAndFeel/knowledgeTree/documentmanagement/moveDocumentBL.php b/presentation/lookAndFeel/knowledgeTree/documentmanagement/moveDocumentBL.php index 62960b8..4105799 100644 --- a/presentation/lookAndFeel/knowledgeTree/documentmanagement/moveDocumentBL.php +++ b/presentation/lookAndFeel/knowledgeTree/documentmanagement/moveDocumentBL.php @@ -54,7 +54,7 @@ if (checkSession()) { $oDocument = & Document::get($fDocumentID); $oFolder = & Folder::get($fFolderID); $iOldFolderID = $oDocument->getFolderID(); - if (Permission::userHasDocumentWritePermission($fDocumentID) && Permission::userHasFolderWritePermission($fFolderID)) { + if (Permission::userHasDocumentWritePermission($oDocument) && Permission::userHasFolderWritePermission($oFolder)) { //if the user has both document and folder write permissions //get the old document path $sOldDocumentFileSystemPath = Folder::getFolderPath($iOldFolderID) . $oDocument->getFileName(); diff --git a/presentation/lookAndFeel/knowledgeTree/documentmanagement/removeDocumentLinkBL.php b/presentation/lookAndFeel/knowledgeTree/documentmanagement/removeDocumentLinkBL.php index 33ba2a6..c457a5f 100644 --- a/presentation/lookAndFeel/knowledgeTree/documentmanagement/removeDocumentLinkBL.php +++ b/presentation/lookAndFeel/knowledgeTree/documentmanagement/removeDocumentLinkBL.php @@ -37,10 +37,12 @@ if (checkSession()) { require_once("$default->fileSystemRoot/lib/documentmanagement/Document.inc"); require_once("$default->fileSystemRoot/lib/documentmanagement/DocumentLink.inc"); require_once("$default->fileSystemRoot/presentation/Html.inc"); + require_once("$default->fileSystemRoot/lib/foldermanagement/Folder.inc"); require_once("documentUI.inc"); require_once("removeDocumentLinkUI.inc"); - if (Permission::userHasDocumentWritePermission($fParentDocumentID)) { + $oDocument = Document::get($fDocumentID); + if (Permission::userHasDocumentWritePermission($oDocument)) { if (isset($fForDelete)) { //deleting a document link $oDocumentLink = DocumentLink::get($fDocumentLinkID); diff --git a/presentation/lookAndFeel/knowledgeTree/documentmanagement/viewBL.php b/presentation/lookAndFeel/knowledgeTree/documentmanagement/viewBL.php index 5b034aa..edbecd2 100644 --- a/presentation/lookAndFeel/knowledgeTree/documentmanagement/viewBL.php +++ b/presentation/lookAndFeel/knowledgeTree/documentmanagement/viewBL.php @@ -222,7 +222,7 @@ if (checkSession()) { } $main->setDHTMLScrolling(false); - } else if (Permission::userHasDocumentWritePermission($oDocument) || Permission::userHasDocumentReadPermission($fDocumentID)) { + } else if (Permission::userHasDocumentWritePermission($oDocument) || Permission::userHasDocumentReadPermission($oDocument)) { // check subscription flag // ?? @@ -238,7 +238,7 @@ if (checkSession()) { if ($oDocument->isLive()) { if (Permission::userHasDocumentWritePermission($oDocument)) { $oPatternCustom->setHtml(getPage($oDocument, true)); - } else if (Permission::userHasDocumentReadPermission($fDocumentID)) { + } else if (Permission::userHasDocumentReadPermission($oDocument)) { $oPatternCustom->setHtml(getPage($oDocument, false)); } $main->setDHTMLScrolling(false); diff --git a/tests/documentmanagement/viewBL.php b/tests/documentmanagement/viewBL.php index dbb480e..63b75fe 100644 --- a/tests/documentmanagement/viewBL.php +++ b/tests/documentmanagement/viewBL.php @@ -59,24 +59,25 @@ require_once("$default->fileSystemRoot/presentation/Html.inc"); if (checkSession()) { if (isset($fDocumentID)) { - if (isset($fCollaborationEdit) && Permission::userHasDocumentWritePermission($fDocumentID)) { + $oDocument = & Document::get($fDocumentID); + if (isset($fCollaborationEdit) && Permission::userHasDocumentWritePermission($oDocument)) { //return value from collaborationBL.php. User attempted to edt //a step in the document collaboration process that is currently being //executed require_once("$default->fileSystemRoot/presentation/webpageTemplate.inc"); - $oDocument = & Document::get($fDocumentID); + $oPatternCustom = & new PatternCustom(); $oPatternCustom->setHtml(getEditPage($oDocument)); $main->setCentralPayload($oPatternCustom); $main->setErrorMessage("You cannot edit a document collaboration step that is completed or currently underway"); $main->setFormAction("$default->rootUrl/control.php?action=modifyDocument&fDocumentID=" . $oDocument->getID()); $main->render(); - } else if (isset($fForInlineView) && Permission::userHasDocumentReadPermission($fDocumentID)) { + } else if (isset($fForInlineView) && Permission::userHasDocumentReadPermission($oDocument)) { $oDocumentTransaction = & new DocumentTransaction($fDocumentID, "Inline view", VIEW); $oDocumentTransaction->create(); PhysicalDocumentManager::inlineViewPhysicalDocument($fDocumentID); - } else if (isset($fForDownload) && Permission::userHasDocumentReadPermission($fDocumentID)) { + } else if (isset($fForDownload) && Permission::userHasDocumentReadPermission($oDocument)) { //if the user has document read permission, perform the download if (isset($fVersion)) { // we're downloading an old version of the document @@ -89,7 +90,7 @@ if (checkSession()) { $oDocumentTransaction->create(); PhysicalDocumentManager::downloadPhysicalDocument($fDocumentID); } - } else if (isset($fBeginCollaboration) && Permission::userHasDocumentWritePermission($fDocumentID)) { + } else if (isset($fBeginCollaboration) && Permission::userHasDocumentWritePermission($oDocument)) { require_once("$default->fileSystemRoot/presentation/webpageTemplate.inc"); //begin the collaboration process //first ensure that all steps in the collaboration process are assigned @@ -209,7 +210,7 @@ if (checkSession()) { $main->render(); } - } else if (Permission::userHasDocumentWritePermission($fDocumentID) || Permission::userHasDocumentReadPermission($fDocumentID)) { + } else if (Permission::userHasDocumentWritePermission($oDocument) || Permission::userHasDocumentReadPermission($oDocument)) { require_once("$default->fileSystemRoot/presentation/webpageTemplate.inc"); require_once("$default->fileSystemRoot/lib/subscriptions/SubscriptionEngine.inc"); @@ -227,9 +228,9 @@ if (checkSession()) { $oPatternCustom = & new PatternCustom(); if ($oDocument->isLive()) { - if (Permission::userHasDocumentWritePermission($fDocumentID)) { + if (Permission::userHasDocumentWritePermission($oDocument)) { $oPatternCustom->setHtml(getPage($oDocument, true)); - } else if (Permission::userHasDocumentReadPermission($fDocumentID)) { + } else if (Permission::userHasDocumentReadPermission($oDocument)) { $oPatternCustom->setHtml(getPage($oDocument, false)); } } else if ($oDocument->isArchived()) {