Commit 3959695ad2593cce8899ee30c484f207315ef77d
1 parent
dad3e991
Override permissions based on the state of the document.
git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@4807 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
31 additions
and
0 deletions
lib/permissions/permissionutil.inc.php
| ... | ... | @@ -12,6 +12,8 @@ require_once(KT_LIB_DIR . "/permissions/permissiondynamiccondition.inc.php"); |
| 12 | 12 | require_once(KT_LIB_DIR . "/groups/GroupUtil.php"); |
| 13 | 13 | require_once(KT_LIB_DIR . "/roles/roleallocation.inc.php"); |
| 14 | 14 | |
| 15 | +require_once(KT_LIB_DIR . "/workflow/workflowstatepermissionsassignment.inc.php"); | |
| 16 | + | |
| 15 | 17 | class KTPermissionUtil { |
| 16 | 18 | // {{{ generateDescriptor |
| 17 | 19 | /** |
| ... | ... | @@ -115,6 +117,15 @@ class KTPermissionUtil { |
| 115 | 117 | } |
| 116 | 118 | // }}} |
| 117 | 119 | |
| 120 | + // {{{ updatePermissionLookupForState | |
| 121 | + function updatePermissionLookupForState($oState) { | |
| 122 | + $aDocuments = Document::getByState($oState); | |
| 123 | + foreach ($aDocuments as $oDocument) { | |
| 124 | + KTPermissionUtil::updatePermissionLookup($oDocument); | |
| 125 | + } | |
| 126 | + } | |
| 127 | + // }}} | |
| 128 | + | |
| 118 | 129 | // {{{ updatePermissionLookupForPO |
| 119 | 130 | /** |
| 120 | 131 | * Updates permission lookups for all objects of a certain |
| ... | ... | @@ -236,6 +247,26 @@ class KTPermissionUtil { |
| 236 | 247 | } |
| 237 | 248 | } |
| 238 | 249 | |
| 250 | + if (!is_a($oFolderOrDocument, 'Folder')) { | |
| 251 | + $oState = KTWorkflowUtil::getWorkflowStateForDocument($oFolderOrDocument); | |
| 252 | + $aWorkflowStatePermissionAssignments = KTWorkflowStatePermissionAssignment::getByState($oState); | |
| 253 | + foreach ($aWorkflowStatePermissionAssignments as $oAssignment) { | |
| 254 | + $iPermissionId = $oAssignment->getPermissionId(); | |
| 255 | + $iPermissionDescriptorId = $oAssignment->getDescriptorId(); | |
| 256 | + | |
| 257 | + $oPD = KTPermissionDescriptor::get($iPermissionDescriptorId); | |
| 258 | + $aGroupIDs = $oPD->getGroups(); | |
| 259 | + $aUserIDs = array(); | |
| 260 | + $aRoleIDs = $oPD->getRoles(); | |
| 261 | + $aAllowed = array( | |
| 262 | + "group" => $aGroupIDs, | |
| 263 | + "user" => $aUserIDs, | |
| 264 | + "role" => $aRoleIDs, | |
| 265 | + ); | |
| 266 | + $aMapPermAllowed[$iPermissionId] = $aAllowed; | |
| 267 | + } | |
| 268 | + } | |
| 269 | + | |
| 239 | 270 | // if we have roles: nearest folder. |
| 240 | 271 | $iRoleSourceFolder = null; |
| 241 | 272 | if (is_a($oFolderOrDocument, 'KTDocumentCore') || is_a($oFolderOrDocument, 'Document')) { $iRoleSourceFolder = $oFolderOrDocument->getFolderID(); } | ... | ... |