Peter M. Groen / knowledgetree

Commit 3f8beba386aba16c00a3721f81ecd99ae41f1461

Authored by kevin_fourie
1 parent 2670b6e4

Merged in from DEV trunk... 

KTS-3415
"Add work spaces plugin to on-premise"
Updated. Corrected license header.

Committed By: Kevin Fourie
Reviewed By: Conrad Vermeulen


git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/STABLE/trunk@8937 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 2 changed files with 738 additions and 720 deletions
plugins/MyDropDocumentsPlugin/MyDropDocumentsDashlet.php
  View file @3f8beba
1   -<?php
2   -/*
3   - * The contents of this file are subject to the KnowledgeTree Public
4   - * License Version 1.1.2 ("License"); You may not use this file except in
5   - * compliance with the License. You may obtain a copy of the License at
6   - * http://www.knowledgetree.com/KPL
7   - *
8   - * Software distributed under the License is distributed on an "AS IS"
9   - * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied.
10   - * See the License for the specific language governing rights and
11   - * limitations under the License.
12   - *
13   - * All copies of the Covered Code must include on each user interface screen:
14   - * (i) the "Powered by KnowledgeTree" logo and
15   - * (ii) the KnowledgeTree copyright notice
16   - * in the same form as they appear in the distribution. See the License for
17   - * requirements.
18   - *
19   - * The Original Code is: KnowledgeTree Open Source
20   - *
21   - * The Initial Developer of the Original Code is The Jam Warehouse Software
22   - * (Pty) Ltd, trading as KnowledgeTree.
23   - * Portions created by The Jam Warehouse Software (Pty) Ltd are Copyright
24   - * (C) 2007 The Jam Warehouse Software (Pty) Ltd;
25   - * All Rights Reserved.
26   - * Contributor( s): ______________________________________
27   - *
28   - */
29   -
30   -class MyDropDocumentsDashlet extends KTBaseDashlet {
31   - var $oUser;
32   - //var $sClass = 'ktError';
33   -
34   - function MyDropDocumentsDashlet(){
35   - $this->sTitle = _kt('My Dropped Documents');
36   - }
37   -
38   - function is_active($oUser) {
39   - $this->oUser = $oUser;
40   - return true;
41   - }
42   -
43   -
44   -/*
45   - function is_active($oUser) {
46   - $this->oUser = $oUser;
47   - return Permission::userIsSystemAdministrator($oUser);
48   - }
49   -*/
50   -
51   - function render() {
52   - global $main;
53   - $main->requireJSResource("plugins/MyDropDocumentsPlugin/js/update.js");
54   -
55   - $oPlugin =& $this->oPlugin;
56   -
57   - $oTemplating =& KTTemplating::getSingleton();
58   - $oTemplate = $oTemplating->loadTemplate('MyDropDocumentsPlugin/dashlet');
59   -
60   - $aTemplateData = array(
61   - 'context' => $this,
62   - 'url' => $oPlugin->getPagePath('MyDropDocuments'),
63   -
64   - );
65   -
66   -
67   - return $oTemplate->render($aTemplateData);
68   - }
69   -}
70   -?>
71 1 \ No newline at end of file
  2 +<?php
  3 +/**
  4 + * $Id: $
  5 + *
  6 + * KnowledgeTree Community Edition
  7 + * Document Management Made Simple
  8 + * Copyright (C) 2008 KnowledgeTree Inc.
  9 + * Portions copyright The Jam Warehouse Software (Pty) Limited
  10 + *
  11 + * This program is free software; you can redistribute it and/or modify it under
  12 + * the terms of the GNU General Public License version 3 as published by the
  13 + * Free Software Foundation.
  14 + *
  15 + * This program is distributed in the hope that it will be useful, but WITHOUT
  16 + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
  17 + * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
  18 + * details.
  19 + *
  20 + * You should have received a copy of the GNU General Public License
  21 + * along with this program. If not, see <http://www.gnu.org/licenses/>.
  22 + *
  23 + * You can contact KnowledgeTree Inc., PO Box 7775 #87847, San Francisco,
  24 + * California 94120-7775, or email info@knowledgetree.com.
  25 + *
  26 + * The interactive user interfaces in modified source and object code versions
  27 + * of this program must display Appropriate Legal Notices, as required under
  28 + * Section 5 of the GNU General Public License version 3.
  29 + *
  30 + * In accordance with Section 7(b) of the GNU General Public License version 3,
  31 + * these Appropriate Legal Notices must retain the display of the "Powered by
  32 + * KnowledgeTree" logo and retain the original copyright notice. If the display of the
  33 + * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices
  34 + * must display the words "Powered by KnowledgeTree" and retain the original
  35 + * copyright notice.
  36 + * Contributor( s): ______________________________________
  37 + *
  38 + */
  39 +
  40 +class MyDropDocumentsDashlet extends KTBaseDashlet {
  41 + var $oUser;
  42 + //var $sClass = 'ktError';
  43 +
  44 + function MyDropDocumentsDashlet(){
  45 + $this->sTitle = _kt('My Dropped Documents');
  46 + }
  47 +
  48 + function is_active($oUser) {
  49 + $this->oUser = $oUser;
  50 + return true;
  51 + }
  52 +
  53 +
  54 +/*
  55 + function is_active($oUser) {
  56 + $this->oUser = $oUser;
  57 + return Permission::userIsSystemAdministrator($oUser);
  58 + }
  59 +*/
  60 +
  61 + function render() {
  62 + global $main;
  63 + $main->requireJSResource("plugins/MyDropDocumentsPlugin/js/update.js");
  64 +
  65 + $oPlugin =& $this->oPlugin;
  66 +
  67 + $oTemplating =& KTTemplating::getSingleton();
  68 + $oTemplate = $oTemplating->loadTemplate('MyDropDocumentsPlugin/dashlet');
  69 +
  70 + $aTemplateData = array(
  71 + 'context' => $this,
  72 + 'url' => $oPlugin->getPagePath('MyDropDocuments'),
  73 +
  74 + );
  75 +
  76 +
  77 + return $oTemplate->render($aTemplateData);
  78 + }
  79 +}
  80 +?>
... ...
plugins/MyDropDocumentsPlugin/MyDropDocumentsPage.php
  View file @3f8beba
1   -<?php
2   -/*
3   - * The contents of this file are subject to the KnowledgeTree Public
4   - * License Version 1.1.2 ("License"); You may not use this file except in
5   - * compliance with the License. You may obtain a copy of the License at
6   - * http://www.knowledgetree.com/KPL
7   - *
8   - * Software distributed under the License is distributed on an "AS IS"
9   - * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied.
10   - * See the License for the specific language governing rights and
11   - * limitations under the License.
12   - *
13   - * All copies of the Covered Code must include on each user interface screen:
14   - * (i) the "Powered by KnowledgeTree" logo and
15   - * (ii) the KnowledgeTree copyright notice
16   - * in the same form as they appear in the distribution. See the License for
17   - * requirements.
18   - *
19   - * The Original Code is: KnowledgeTree Open Source
20   - *
21   - * The Initial Developer of the Original Code is The Jam Warehouse Software
22   - * (Pty) Ltd, trading as KnowledgeTree.
23   - * Portions created by The Jam Warehouse Software (Pty) Ltd are Copyright
24   - * (C) 2007 The Jam Warehouse Software (Pty) Ltd;
25   - * All Rights Reserved.
26   - * Contributor( s): ______________________________________
27   - *
28   - */
29   -
30   -require_once(KT_DIR . "/ktapi/ktapi.inc.php");
31   -require_once(KT_LIB_DIR . "/plugins/plugin.inc.php");
32   -require_once(KT_LIB_DIR . "/plugins/pluginregistry.inc.php");
33   -require_once(KT_LIB_DIR . "/dashboard/dashlet.inc.php");
34   -require_once(KT_DIR . "/plugins/ktcore/KTFolderActions.php");
35   -require_once(KT_DIR . "/plugins/network/extendedtransactioninfo/simpletransactionutil.inc.php");
36   -require_once(KT_DIR . "/ktapi/KTAPIFolder.inc.php");
37   -require_once(KT_LIB_DIR . "/roles/Role.inc");
38   -require_once(KT_LIB_DIR . "/roles/roleallocation.inc.php");
39   -require_once(KT_LIB_DIR . "/permissions/permissionutil.inc.php");
40   -require_once(KT_LIB_DIR . '/mime.inc.php');
41   -/* This page is run via an AJAX call from the update.js for this plugin.
42   - * It checks to see if both the dropdocuments folder and the users personal folder exist.
43   - * If they don't, it creates them and assigns permission and roles accordingly.
44   - * If the dropdocuments folder does exist it checks if the WorkSpaceOwner role exists.
45   - * If the role exists it assigns the current user to the role on the dropdocuments folder.
46   - * Therefore any users running the plugin after the dropdocuments folder has been created will have access to it too.
47   - * The underlying logic is that everyone is assigned to the WorkSpaceOwner Role, they have all permission except
48   - * Delete, Rename Folder, Manage security and Manage workflow on the dropdocuments folder.
49   - * This role is then assigned to their personal folder too (which is named according to their username) and is overidden
50   - * to give only the current user full rights to their folder.
51   - * Essentially everyone can look at the dropdocuments folder but will only see their own folder within it.
52   - */
53   -
54   -class MyDropDocumentsPage extends KTStandardDispatcher {
55   -
56   - function do_main() {
57   -
58   - $iRootID = (int)1;
59   - $oUser = $this->oUser;
60   - $sUserName = (string)$this->oUser->getUserName();
61   - $this->ktapi = new KTAPI();
62   - $this->session = $this->ktapi->start_system_session();
63   -
64   - if(!Folder::FolderExistsName('DroppedDocuments', $iRootID))
65   - {
66   -
67   - $root=$this->ktapi->get_root_folder();
68   -
69   - //Create dropdocuments folder
70   - $userFolder = $root->add_folder('DroppedDocuments');
71   -
72   - //In order to stop permission inheritance a copy of the parent permission object is created.
73   - //This copy is then used to set separate permissions for this folder.
74   - KTPermissionUtil::copyPermissionObject($userFolder->get_folder());
75   -
76   - //If WorkSpaceOwner role doesn't exist, create it
77   - if(!$this->roleExistsName('WorkSpaceOwner'))
78   - {
79   - $oWorkSpaceOwnerRole = $this->createRole('WorkSpaceOwner');
80   - if ($oWorkSpaceOwnerRole == null)
81   - {
82   - $this->session->logout();
83   - return _kt('Error: Failed to create WorkSpaceOwner Role');
84   - }
85   - }
86   -
87   - //$root=$this->ktapi->get_root_folder();
88   - //$personalFolder = $root->get_folder_by_name('/dropdocuments/'.$sUserName);
89   -
90   - //Get the folder object
91   - $userFolderObject = $userFolder->get_folder();
92   -
93   - //Get the permission object from the dropdocuments folder object
94   - $oUserPO = KTPermissionObject::get($userFolderObject->getPermissionObjectId());
95   -
96   - //Check to see if there are duplicate WorkSpaceOwner roles.
97   - if (count($this->getRoleIdByName('WorkSpaceOwner')) > 1)
98   - {
99   - $this->session->logout();
100   - return _kt('Error: cannot set user role permissions: more than one role named \'WorkSpaceOwner\' exists');
101   -
102   - }
103   -
104   - //call the function to set the permission on the dropdocuments folder
105   - $this->setUserDocsPermissions($oUserPO);
106   -
107   - //Assign the current user to the WorkSpaceOwner role
108   - $this->setUserDocsRoleAllocation($userFolderObject);
109   -
110   - }
111   - else
112   - {
113   -
114   - $root = $this->ktapi->get_root_folder();
115   - $userFolder = $root->get_folder_by_name('/DroppedDocuments');
116   -
117   - //Get the dropdocuments folder object
118   - $userFolderObject = $userFolder->get_folder();
119   -
120   - if(!$this->roleExistsName('WorkSpaceOwner'))
121   - {
122   -
123   - $oWorkSpaceOwnerRole = $this->createRole('WorkSpaceOwner');
124   - if ($oWorkSpaceOwnerRole == null)
125   - {
126   - $this->session->logout();
127   - return _kt('Error: Failed to create WorkSpaceOwner Role');
128   - }
129   -
130   - //set permissions
131   - $oUserPO = KTPermissionObject::get($userFolderObject->getPermissionObjectId());
132   - $this->setUserDocsPermissions($oUserPO);
133   - //assign current user to role
134   - $this->setUserDocsRoleAllocation($userFolderObject);
135   - }
136   - else
137   - {
138   -
139   - //update WrokSpaceOwner role to include current user
140   - $this->updateUserDocsRoleAllocation($userFolderObject);
141   - }
142   -
143   - }
144   -
145   - $iUserDocsFolderID = $this->getFolderID('DroppedDocuments');
146   - $oUserDocsFolder = Folder::get($iUserDocsFolderID);
147   -
148   - if(!Folder::FolderExistsName($sUserName, $iUserDocsFolderID))
149   - {
150   -
151   -
152   - $root=$this->ktapi->get_root_folder();
153   - $userDocsFolder = $root->get_folder_by_name('/DroppedDocuments');
154   -
155   - //create the personal folder. (Use the username to create it)
156   - $personalFolder = $userDocsFolder->add_folder($sUserName);
157   -
158   - //Copy the permission object to stop permission inheritance
159   - KTPermissionUtil::copyPermissionObject($personalFolder->get_folder());
160   -
161   - //The role should exist by now.
162   - //In both the if and else statements for the dropdocuments above the role is created
163   - //If its doesn't exist by now there is an error
164   - if(!$this->roleExistsName('WorkSpaceOwner'))
165   - {
166   -
167   - $this->session->logout();
168   - return _kt('Error: WorkSpaceOwner Role not setup, cannot assign to Personal Folder');
169   -
170   - }
171   -
172   - $personalFolderRole = $root->get_folder_by_name('/DroppedDocuments/'.$sUserName);
173   - $PersonalFolderObject = ($personalFolderRole->get_folder());
174   -
175   - //Get permission object
176   - $oPO = KTPermissionObject::get($PersonalFolderObject->getPermissionObjectId());
177   -
178   - //Check for duplicate WorkSpaceOwner roles
179   - if (count($this->getRoleIdByName('WorkSpaceOwner')) > 1)
180   - {
181   - $this->session->logout();
182   - return _kt('Error: cannot set personal folder role permissions: more than one role named \'WorkSpaceOwner\' exists');
183   -
184   - }
185   -
186   - $this->setPersonalFolderPermissions($oPO);
187   -
188   - $this->updatePersonalFolderRoleAllocation($PersonalFolderObject);
189   -
190   -
191   - //folder just created so no top list of last modified documents
192   -
193   - $iMyDocsFolderID = $this->getFolderID($sUserName);
194   - $this->session->logout();
195   - return _kt('<span class="descriptiveText"> You do not have any dropped documents </span><br><br><br>');
196   -
197   -
198   - }
199   -
200   - else //if personal folder does exist
201   - {
202   - //Getting personal folder id
203   - $iMyDocsFolderID = $this->getFolderID($sUserName);
204   -
205   -
206   - if(!$this->roleExistsName('WorkSpaceOwner'))
207   - {
208   - $this->session->logout();
209   - return _kt('Error: WorkSpaceOwner Role does not exist');
210   - }
211   - else
212   - {
213   -
214   - $oTempPersonalFolder = $root->get_folder_by_name('/DroppedDocuments/'.$sUserName);
215   - $oPersonalFolder = $oTempPersonalFolder->get_folder();
216   - //update WorkSpaceOwner role to include current user
217   -
218   - //Get permission object
219   - $oPO = KTPermissionObject::get($oPersonalFolder->getPermissionObjectId());
220   -
221   - $this->setPersonalFolderPermissions($oPO);
222   -
223   - $this->updatePersonalFolderRoleAllocation($oPersonalFolder);
224   -
225   - }
226   -
227   -
228   -
229   - $aExternalWhereClauses[] = '(DT.transaction_namespace IN (?,?,?) AND (D.parent_folder_ids LIKE "%,'.$iMyDocsFolderID.',%" OR D.parent_folder_ids LIKE "%,'.$iMyDocsFolderID.'"))';
230   - $aExternalWhereParams[] = 'ktcore.transactions.create';
231   - $aExternalWhereParams[] = 'ktcore.transactions.check_in';
232   - $aExternalWhereParams[] = 'ktcore.transactions.event';
233   -
234   -
235   - $aDocumentTransactions = KTSimpleTransactionUtil::getTransactionsMatchingQuery($oUser, '', $aExternalWhereClauses, $aExternalWhereParams);
236   - if (empty($aDocumentTransactions))
237   - {
238   - $this->session->logout();
239   - return _kt('<span class="descriptiveText"> You do not have any dropped documents </span><br><br><br>');
240   - }
241   -
242   - $maxcount = 5;
243   - $aDocumentTransactions = array_slice($aDocumentTransactions, 0, $maxcount);
244   -
245   - $sReturnTable = '<span class="descriptiveText">'._kt('Recently Dropped Documents').'</span>
246   - <table width="100%" class="kt_collection drop_box" cellspacing="0">
247   -
248   - <thead>
249   - <tr>
250   - <th width="100%">'._kt('Document').'</th>
251   - <th width="1%">'._kt('Date Dropped').'</th>
252   - </tr>
253   - </thead>
254   - <tbody>';
255   -
256   - $sOddorEven = '';
257   - $count = 1;
258   - foreach ($aDocumentTransactions as $aRow)
259   - {
260   - $oDocument = Document::get($aRow[document_id]);
261   - $aParentFolders = explode('/',$oDocument->getFullPath());
262   - $sPath = '';
263   -
264   - for($i = 0; $i < count($aParentFolders); $i++)
265   - {
266   - if ($i > 2)
267   - {
268   - $sPath .= '/'.$aParentFolders[$i];
269   - }
270   - }
271   -
272   - $sContentType = KTMime::getIconPath($oDocument->getMimeTypeID());
273   - $aAnchorData = $this->getDocInfo($aRow[document_id]);
274   - $sLink = $aAnchorData[0];
275   - $sDocName = $aAnchorData[1];
276   - $sShortDocName = $sDocName;
277   - if(strlen($sPath) > 0)
278   - {
279   - $sDocName = $sPath.'/'.$sDocName;
280   - }
281   -
282   - $sFullDocName = $sDocName;
283   - $iDocLength = strlen($sDocName);
284   - if ( $iDocLength > 30 )
285   - {
286   - $sDocName = substr($sDocName, ($iDocLength - 30), $iDocLength);
287   - $sDocName = '...'.$sDocName;
288   - }
289   -
290   - if($count%2 == 0)
291   - {
292   - $sOddorEven = 'even';
293   - }
294   - else
295   - {
296   - $sOddorEven = 'odd';
297   - }
298   -
299   - $sReturnTable .= '<tr class="'.$sOddorEven.'">'.
300   - '<td width="100%"><span class="contenttype '.$sContentType.'"><a title="'.$sShortDocName.'" href='.$sLink.'>'.$sDocName.'</a></span></td>'.
301   - '<td width="1%">'.$aRow[datetime].'</td>'.
302   - '</tr>';
303   - $count ++;
304   - }
305   -
306   - $location = 'browse.php?fFolderId='.$iMyDocsFolderID;
307   - $sReturnTable .= '</tbody>'.
308   - '</table>'.
309   - '<br>'.
310   - '<a href="'.$location.'">'._kt(' View All').' </a><br><br>';
311   - $this->session->logout();
312   -
313   - return $sReturnTable;
314   -
315   - }
316   - }
317   -
318   - function handleOutput($sOutput) {
319   - print $sOutput;
320   - }
321   -
322   - //This function is used to set the permission on the dropdocuments folder
323   - function setUserDocsPermissions($oUserPO)
324   - {
325   - //arrays returned from get Role ID's
326   - $aWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner');
327   - $aAdminGroupID = $this->getGroupIdByName('System Administrators');
328   -
329   - //arrays used to make integers for $aAllowed array variable
330   - $iWorkSpaceOwnerRoleID = $aWorkSpaceOwnerRoleID[0]['id'];
331   - $iAdminGroupID = $aAdminGroupID[0]['id'];
332   - //$aBothAllowed is used to give permissions to the admin group and the WorkSpaceOwner role
333   - $aBothAllowed = array('group' => array($iAdminGroupID), 'role' => array($iWorkSpaceOwnerRoleID));
334   -
335   - //$aAdminAllowed is used to give permissions to the admin group only
336   - $aAdminAllowed = array('group' => array($iAdminGroupID));
337   -
338   - //Get the list of permissions
339   - $aPermissions = KTPermission::getList();
340   -
341   - foreach ($aPermissions as $oPermission)
342   - {
343   - //If the permission is not one of the below then both are allowed the permission
344   - //Otherwise only the admin group is allowed the permission
345   - if($oPermission->getHumanName() != 'Delete' && $oPermission->getHumanName() != 'Rename Folder'
346   - && $oPermission->getHumanName() != 'Manage security' && $oPermission->getHumanName() != 'Manage workflow')
347   - {
348   - KTPermissionUtil::setPermissionForId($oPermission, $oUserPO, $aBothAllowed);
349   - }
350   - else
351   - {
352   - KTPermissionUtil::setPermissionForId($oPermission, $oUserPO, $aAdminAllowed);
353   - }
354   - }
355   -
356   - //UPdate the permission lookup
357   - KTPermissionUtil::updatePermissionLookupForPO($oUserPO);
358   - }
359   -
360   - //This function is used for allocating the user to the WorkSpaceOwner role only when the dropdocuments folder
361   - //has just been created.
362   - function setUserDocsRoleAllocation($oUserFolderObject)
363   - {
364   - $userFolderID = $oUserFolderObject->getId();
365   -
366   - $tempWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner');
367   - $WorkSpaceOwnerRoleID = $tempWorkSpaceOwnerRoleID[0]['id'];
368   -
369   - //create a new role allocation
370   - $oDropdocumentsRoleAllocation = new RoleAllocation();
371   - if ($oDropdocumentsRoleAllocation == null)
372   - {
373   - $this->session->logout();
374   - return _kt('Error: cannot create WorkSpaceOwner role allocation');
375   - }
376   -
377   - //set the folder and role for the allocation
378   - $oDropdocumentsRoleAllocation->setFolderId($userFolderID);
379   - $oDropdocumentsRoleAllocation->setRoleId($WorkSpaceOwnerRoleID);
380   -
381   - $aWorkSpaceOwnerRoleAllowed = array();
382   - $oDropdocumentsRoleAllocation->setAllowed($aWorkSpaceOwnerRoleAllowed);
383   - //It might be a problem that i'm not doing a "start transaction" here.
384   - //Unable to roll back in event of db failure
385   - $res = $oDropdocumentsRoleAllocation->create();
386   -
387   - //The role is created and then updated by adding the current user to the allowed list
388   -
389   - $oPD = $oDropdocumentsRoleAllocation->getPermissionDescriptor();
390   - $aWorkSpaceOwnerRoleAssignAllowed = $oPD->getAllowed();
391   - $aUserId[] = $this->oUser->getId();
392   - $aWorkSpaceOwnerRoleAssignAllowed['user'] = $aUserId;
393   - $oDropdocumentsRoleAllocation->setAllowed($aWorkSpaceOwnerRoleAssignAllowed);
394   - $res = $oDropdocumentsRoleAllocation->update();
395   -
396   - //Update all info linked to the role
397   - $this->renegeratePermissionsForRole($oDropdocumentsRoleAllocation->getRoleId(), $userFolderID);
398   - }
399   -
400   - //This function is used to allocate the current user to the WorkSpaceOwner role after the Dropdocuments folder
401   - //has already been created.
402   - function updateUserDocsRoleAllocation($oUserFolder)
403   - {
404   - $userFolderID = $oUserFolder->getId();
405   - $tempWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner');//$oUserRole->getId();
406   - $WorkSpaceOwnerRoleID = $tempWorkSpaceOwnerRoleID[0]['id'];
407   -
408   - //Get the role allocation object for the Dropdocuments folder and the WorkSpaceOwner role
409   - $oDropdocumentsRoleAllocation = $oRoleAllocation = RoleAllocation::getAllocationsForFolderAndRole($userFolderID, $WorkSpaceOwnerRoleID);
410   -
411   - //check that the object is not null
412   - if ($oDropdocumentsRoleAllocation == null)
413   - {
414   - $this->session->logout();
415   - return _kt('Error: cannot find WorkSpaceOwner role allocation');
416   - }
417   -
418   - $oPD = $oDropdocumentsRoleAllocation->getPermissionDescriptor();
419   - $aWorkSpaceOwnerRoleAssignAllowed = $oPD->getAllowed();
420   -
421   - //If the user ID is not in the allowed list already then add it to the list.
422   - if(!in_array($this->oUser->getId(), $aWorkSpaceOwnerRoleAssignAllowed['user']))
423   - {
424   - $aNewAllowed = array();
425   - $aNewAllowed = $aWorkSpaceOwnerRoleAssignAllowed['user'];
426   - $aNewAllowed[] = $this->oUser->getId();
427   - $aWorkSpaceOwnerRoleAssignAllowed['user'] = $aNewAllowed;
428   - $oDropdocumentsRoleAllocation->setAllowed($aWorkSpaceOwnerRoleAssignAllowed);
429   - $res = $oDropdocumentsRoleAllocation->update();
430   - $this->renegeratePermissionsForRole($oDropdocumentsRoleAllocation->getRoleId(), $userFolderID);
431   - }
432   - }
433   -
434   - function setPersonalFolderPermissions($oPO)
435   - {
436   - $aWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner');
437   - $aAdminGroupID = $this->getGroupIdByName('System Administrators');
438   -
439   - //arrays used to make integers for $aAllowed array variable
440   - $iWorkSpaceOwnerRoleID = $aWorkSpaceOwnerRoleID[0]['id'];
441   - $iAdminGroupID = $aAdminGroupID[0]['id'];
442   -
443   - //set permissions for the role and the admin group
444   - $aAllowed = array('role' => array($iWorkSpaceOwnerRoleID), 'group' => array($iAdminGroupID));
445   -
446   - //Get the List of all the permissions
447   - $aPersonalFolderPermissions = KTPermission::getList();
448   -
449   - //Iterate through and apply all permissions to the current user and the admin group
450   - foreach ($aPersonalFolderPermissions as $oPersonalFolderPermission)
451   - {
452   - KTPermissionUtil::setPermissionForId($oPersonalFolderPermission, $oPO, $aAllowed);
453   -
454   - }
455   -
456   - //Update permission lookup
457   - KTPermissionUtil::updatePermissionLookupForPO($oPO);
458   - }
459   -
460   - function updatePersonalFolderRoleAllocation($oPersonalFolder)
461   - {
462   - //Assign user to the WorkSpaceOwner role
463   - $personalFolderID = $oPersonalFolder->getId();
464   - $tempWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner');
465   - $WorkSpaceOwnerRoleID = $tempWorkSpaceOwnerRoleID[0]['id'];
466   -
467   - $oRoleAllocation = new RoleAllocation();
468   - if ($oRoleAllocation == null)
469   - {
470   - $this->session->logout();
471   - return _kt('Error: Cannot create WorkSpaceOwner role allocation on personal folder');
472   - }
473   - $oRoleAllocation->setFolderId($personalFolderID);
474   - $oRoleAllocation->setRoleId($WorkSpaceOwnerRoleID);
475   -
476   - $aRoleAllowed = array();
477   - $oRoleAllocation->setAllowed($aRoleAllowed);
478   -
479   - //It might be a problem that i'm not doing a "start transaction" here.
480   - //Unable to roll back in event of db failure
481   - $res = $oRoleAllocation->create();
482   -
483   - //The role is first created and then the current user is allocated to the role below
484   -
485   - $oPD = $oRoleAllocation->getPermissionDescriptor();
486   - $aRoleAssignAllowed = $oPD->getAllowed();
487   - $aUserId[] = $this->oUser->getId();
488   - $aRoleAssignAllowed['user'] = $aUserId;
489   - $oRoleAllocation->setAllowed($aRoleAssignAllowed);
490   - $res = $oRoleAllocation->update();
491   - $this->renegeratePermissionsForRole($oRoleAllocation->getRoleId(), $personalFolderID);
492   - }
493   -
494   - //FIXME: Direct Database access
495   - function getFolderID($sFolderName) {
496   - $sQuery = 'SELECT id FROM folders WHERE name = \''.$sFolderName.'\'';
497   -
498   - $id = DBUtil::getResultArray($sQuery);
499   - return $id[0]['id'];
500   - }
501   -
502   - //this function returns the document link and document name to be displayed on the dashlet
503   - function getDocInfo($iDocId) {
504   - $oDocument = Document::get($iDocId);
505   -
506   - if (PEAR::isError($oDocument)) {
507   - return _kt('Document no longer exists.');
508   - }
509   -
510   - $sName = htmlentities($oDocument->getName(), ENT_NOQUOTES, 'UTF-8');
511   - $sLink = KTBrowseUtil::getUrlForDocument($oDocument);
512   -
513   - $aAnchorData = array();
514   - $aAnchorData[] = $sLink;
515   - $aAnchorData[] = $sName;
516   - return $aAnchorData;
517   - }
518   -
519   - //This function is used to create the role, role allocation is done separately
520   - function createRole ($sName)
521   - {
522   - $this->startTransaction();
523   - $oRole = Role::createFromArray(array('name' => $sName));
524   -
525   - if (PEAR::isError($oRole) || ($oRole == false))
526   - {
527   - if ($this->bTransactionStarted)
528   - {
529   - $this->rollbackTransaction();
530   - }
531   - //return null on failure
532   - return null;
533   - }
534   - else
535   - {
536   - return $oRole;
537   -
538   - }
539   - }
540   -
541   - //FIXME: Direct Database access
542   - function roleExistsName ($sName)
543   - {
544   - $sQuery = "SELECT id FROM roles WHERE name = ?";
545   - $aParams = array($sName);
546   - $res = DBUtil::getResultArray(array($sQuery, $aParams));
547   -
548   - if (count($res) != 0)
549   - {
550   - return true;
551   - }
552   - return false;
553   - }
554   -
555   - //FIXME: Direct Database access
556   - function groupExistsName ($sName)
557   - {
558   - $sQuery = "SELECT id FROM groups_lookup WHERE name = ?";
559   - $aParams = array($sName);
560   - $res = DBUtil::getResultArray(array($sQuery, $aParams));
561   -
562   - if (count($res) != 0)
563   - {
564   - return true;
565   - }
566   - return false;
567   - }
568   -
569   - //FIXME: Direct Database access
570   - function getRoleIdByName($sName)
571   - {
572   - $sQuery = "SELECT id FROM roles WHERE name = ?";
573   - $aParams = array($sName);
574   - $res = DBUtil::getResultArray(array($sQuery, $aParams));
575   - return $res;
576   - }
577   -
578   - //FIXME: Direct Database access
579   - function getGroupIdByName ($sName)
580   - {
581   - $sQuery = "SELECT id FROM groups_lookup WHERE name = ?";
582   - $aParams = array($sName);
583   - $res = DBUtil::getResultArray(array($sQuery, $aParams));
584   - return $res;
585   - }
586   -
587   - //function taken from KTPermission.php and edited to work here
588   - function renegeratePermissionsForRole($iRoleId, $iFolderId) {
589   - $iStartFolderId = $iFolderId;
590   - /*
591   - * 1. find all folders & documents "below" this one which use the role
592   - * definition _active_ (not necessarily present) at this point.
593   - * 2. tell permissionutil to regen their permissions.
594   - *
595   - * The find algorithm is:
596   - *
597   - * folder_queue <- (iStartFolderId)
598   - * while folder_queue is not empty:
599   - * active_folder =
600   - * for each folder in the active_folder:
601   - * find folders in _this_ folder without a role-allocation on the iRoleId
602   - * add them to the folder_queue
603   - * update the folder's permissions.
604   - * find documents in this folder:
605   - * update their permissions.
606   - */
607   -
608   - $sRoleAllocTable = KTUtil::getTableName('role_allocations');
609   - $sFolderTable = KTUtil::getTableName('folders');
610   - $sQuery = sprintf('SELECT f.id as id FROM %s AS f LEFT JOIN %s AS ra ON (f.id = ra.folder_id) WHERE ra.id IS NULL AND f.parent_id = ?', $sFolderTable, $sRoleAllocTable);
611   -
612   -
613   - $folder_queue = array($iStartFolderId);
614   - while (!empty($folder_queue)) {
615   - $active_folder = array_pop($folder_queue);
616   -
617   - $aParams = array($active_folder);
618   -
619   - $aNewFolders = DBUtil::getResultArrayKey(array($sQuery, $aParams), 'id');
620   - if (PEAR::isError($aNewFolders)) {
621   - //$this->errorRedirectToMain(_kt('Failure to generate folderlisting.'));
622   - echo _kt('Failure to generate folderlisting.');
623   - }
624   - $folder_queue = kt_array_merge ($folder_queue, (array) $aNewFolders); // push.
625   -
626   -
627   - // update the folder.
628   - $oFolder =& Folder::get($active_folder);
629   - if (PEAR::isError($oFolder) || ($oFolder == false)) {
630   - //$this->errorRedirectToMain(_kt('Unable to locate folder: ') . $active_folder);
631   - echo _kt('Unable to locate folder: ').$active_folder;
632   - }
633   -
634   - KTPermissionUtil::updatePermissionLookup($oFolder);
635   - $aDocList =& Document::getList(array('folder_id = ?', $active_folder));
636   - if (PEAR::isError($aDocList) || ($aDocList === false)) {
637   - //$this->errorRedirectToMain(sprintf(_kt('Unable to get documents in folder %s: %s'), $active_folder, $aDocList->getMessage()));
638   - echo _kt('Unable to get documents in folder ').$active_folder;
639   - }
640   -
641   - foreach ($aDocList as $oDoc) {
642   - if (!PEAR::isError($oDoc)) {
643   - KTPermissionUtil::updatePermissionLookup($oDoc);
644   - }
645   - }
646   - }
647   - }
648   -
649   -}
650   -?>
651 1 \ No newline at end of file
  2 +<?php
  3 +/**
  4 + * $Id: $
  5 + *
  6 + * KnowledgeTree Community Edition
  7 + * Document Management Made Simple
  8 + * Copyright (C) 2008 KnowledgeTree Inc.
  9 + * Portions copyright The Jam Warehouse Software (Pty) Limited
  10 + *
  11 + * This program is free software; you can redistribute it and/or modify it under
  12 + * the terms of the GNU General Public License version 3 as published by the
  13 + * Free Software Foundation.
  14 + *
  15 + * This program is distributed in the hope that it will be useful, but WITHOUT
  16 + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
  17 + * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
  18 + * details.
  19 + *
  20 + * You should have received a copy of the GNU General Public License
  21 + * along with this program. If not, see <http://www.gnu.org/licenses/>.
  22 + *
  23 + * You can contact KnowledgeTree Inc., PO Box 7775 #87847, San Francisco,
  24 + * California 94120-7775, or email info@knowledgetree.com.
  25 + *
  26 + * The interactive user interfaces in modified source and object code versions
  27 + * of this program must display Appropriate Legal Notices, as required under
  28 + * Section 5 of the GNU General Public License version 3.
  29 + *
  30 + * In accordance with Section 7(b) of the GNU General Public License version 3,
  31 + * these Appropriate Legal Notices must retain the display of the "Powered by
  32 + * KnowledgeTree" logo and retain the original copyright notice. If the display of the
  33 + * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices
  34 + * must display the words "Powered by KnowledgeTree" and retain the original
  35 + * copyright notice.
  36 + * Contributor( s): ______________________________________
  37 + *
  38 + */
  39 +
  40 +require_once(KT_DIR . "/ktapi/ktapi.inc.php");
  41 +require_once(KT_LIB_DIR . "/plugins/plugin.inc.php");
  42 +require_once(KT_LIB_DIR . "/plugins/pluginregistry.inc.php");
  43 +require_once(KT_LIB_DIR . "/dashboard/dashlet.inc.php");
  44 +require_once(KT_DIR . "/plugins/ktcore/KTFolderActions.php");
  45 +require_once(KT_DIR . "/plugins/network/extendedtransactioninfo/simpletransactionutil.inc.php");
  46 +require_once(KT_DIR . "/ktapi/KTAPIFolder.inc.php");
  47 +require_once(KT_LIB_DIR . "/roles/Role.inc");
  48 +require_once(KT_LIB_DIR . "/roles/roleallocation.inc.php");
  49 +require_once(KT_LIB_DIR . "/permissions/permissionutil.inc.php");
  50 +require_once(KT_LIB_DIR . '/mime.inc.php');
  51 +/* This page is run via an AJAX call from the update.js for this plugin.
  52 + * It checks to see if both the dropdocuments folder and the users personal folder exist.
  53 + * If they don't, it creates them and assigns permission and roles accordingly.
  54 + * If the dropdocuments folder does exist it checks if the WorkSpaceOwner role exists.
  55 + * If the role exists it assigns the current user to the role on the dropdocuments folder.
  56 + * Therefore any users running the plugin after the dropdocuments folder has been created will have access to it too.
  57 + * The underlying logic is that everyone is assigned to the WorkSpaceOwner Role, they have all permission except
  58 + * Delete, Rename Folder, Manage security and Manage workflow on the dropdocuments folder.
  59 + * This role is then assigned to their personal folder too (which is named according to their username) and is overidden
  60 + * to give only the current user full rights to their folder.
  61 + * Essentially everyone can look at the dropdocuments folder but will only see their own folder within it.
  62 + */
  63 +
  64 +class MyDropDocumentsPage extends KTStandardDispatcher {
  65 +
  66 + function do_main() {
  67 +
  68 + $iRootID = (int)1;
  69 + $oUser = $this->oUser;
  70 + $sUserName = (string)$this->oUser->getUserName();
  71 + $this->ktapi = new KTAPI();
  72 + $this->session = $this->ktapi->start_system_session();
  73 +
  74 + if(!Folder::FolderExistsName('DroppedDocuments', $iRootID))
  75 + {
  76 +
  77 + $root=$this->ktapi->get_root_folder();
  78 +
  79 + //Create dropdocuments folder
  80 + $userFolder = $root->add_folder('DroppedDocuments');
  81 +
  82 + //In order to stop permission inheritance a copy of the parent permission object is created.
  83 + //This copy is then used to set separate permissions for this folder.
  84 + KTPermissionUtil::copyPermissionObject($userFolder->get_folder());
  85 +
  86 + //If WorkSpaceOwner role doesn't exist, create it
  87 + if(!$this->roleExistsName('WorkSpaceOwner'))
  88 + {
  89 + $oWorkSpaceOwnerRole = $this->createRole('WorkSpaceOwner');
  90 + if ($oWorkSpaceOwnerRole == null)
  91 + {
  92 + $this->session->logout();
  93 + return _kt('Error: Failed to create WorkSpaceOwner Role');
  94 + }
  95 + }
  96 +
  97 + //$root=$this->ktapi->get_root_folder();
  98 + //$personalFolder = $root->get_folder_by_name('/dropdocuments/'.$sUserName);
  99 +
  100 + //Get the folder object
  101 + $userFolderObject = $userFolder->get_folder();
  102 +
  103 + //Get the permission object from the dropdocuments folder object
  104 + $oUserPO = KTPermissionObject::get($userFolderObject->getPermissionObjectId());
  105 +
  106 + //Check to see if there are duplicate WorkSpaceOwner roles.
  107 + if (count($this->getRoleIdByName('WorkSpaceOwner')) > 1)
  108 + {
  109 + $this->session->logout();
  110 + return _kt('Error: cannot set user role permissions: more than one role named \'WorkSpaceOwner\' exists');
  111 +
  112 + }
  113 +
  114 + //call the function to set the permission on the dropdocuments folder
  115 + $this->setUserDocsPermissions($oUserPO);
  116 +
  117 + //Assign the current user to the WorkSpaceOwner role
  118 + $this->setUserDocsRoleAllocation($userFolderObject);
  119 +
  120 + }
  121 + else
  122 + {
  123 +
  124 + $root = $this->ktapi->get_root_folder();
  125 + $userFolder = $root->get_folder_by_name('/DroppedDocuments');
  126 +
  127 + //Get the dropdocuments folder object
  128 + $userFolderObject = $userFolder->get_folder();
  129 +
  130 + if(!$this->roleExistsName('WorkSpaceOwner'))
  131 + {
  132 +
  133 + $oWorkSpaceOwnerRole = $this->createRole('WorkSpaceOwner');
  134 + if ($oWorkSpaceOwnerRole == null)
  135 + {
  136 + $this->session->logout();
  137 + return _kt('Error: Failed to create WorkSpaceOwner Role');
  138 + }
  139 +
  140 + //set permissions
  141 + $oUserPO = KTPermissionObject::get($userFolderObject->getPermissionObjectId());
  142 + $this->setUserDocsPermissions($oUserPO);
  143 + //assign current user to role
  144 + $this->setUserDocsRoleAllocation($userFolderObject);
  145 + }
  146 + else
  147 + {
  148 +
  149 + //update WrokSpaceOwner role to include current user
  150 + $this->updateUserDocsRoleAllocation($userFolderObject);
  151 + }
  152 +
  153 + }
  154 +
  155 + $iUserDocsFolderID = $this->getFolderID('DroppedDocuments');
  156 + $oUserDocsFolder = Folder::get($iUserDocsFolderID);
  157 +
  158 + if(!Folder::FolderExistsName($sUserName, $iUserDocsFolderID))
  159 + {
  160 +
  161 +
  162 + $root=$this->ktapi->get_root_folder();
  163 + $userDocsFolder = $root->get_folder_by_name('/DroppedDocuments');
  164 +
  165 + //create the personal folder. (Use the username to create it)
  166 + $personalFolder = $userDocsFolder->add_folder($sUserName);
  167 +
  168 + //Copy the permission object to stop permission inheritance
  169 + KTPermissionUtil::copyPermissionObject($personalFolder->get_folder());
  170 +
  171 + //The role should exist by now.
  172 + //In both the if and else statements for the dropdocuments above the role is created
  173 + //If its doesn't exist by now there is an error
  174 + if(!$this->roleExistsName('WorkSpaceOwner'))
  175 + {
  176 +
  177 + $this->session->logout();
  178 + return _kt('Error: WorkSpaceOwner Role not setup, cannot assign to Personal Folder');
  179 +
  180 + }
  181 +
  182 + $personalFolderRole = $root->get_folder_by_name('/DroppedDocuments/'.$sUserName);
  183 + $PersonalFolderObject = ($personalFolderRole->get_folder());
  184 +
  185 + //Get permission object
  186 + $oPO = KTPermissionObject::get($PersonalFolderObject->getPermissionObjectId());
  187 +
  188 + //Check for duplicate WorkSpaceOwner roles
  189 + if (count($this->getRoleIdByName('WorkSpaceOwner')) > 1)
  190 + {
  191 + $this->session->logout();
  192 + return _kt('Error: cannot set personal folder role permissions: more than one role named \'WorkSpaceOwner\' exists');
  193 +
  194 + }
  195 +
  196 + $this->setPersonalFolderPermissions($oPO);
  197 +
  198 + $this->updatePersonalFolderRoleAllocation($PersonalFolderObject);
  199 +
  200 +
  201 + //folder just created so no top list of last modified documents
  202 +
  203 + $iMyDocsFolderID = $this->getFolderID($sUserName);
  204 + $this->session->logout();
  205 + return _kt('<span class="descriptiveText"> You do not have any dropped documents </span><br><br><br>');
  206 +
  207 +
  208 + }
  209 +
  210 + else //if personal folder does exist
  211 + {
  212 + //Getting personal folder id
  213 + $iMyDocsFolderID = $this->getFolderID($sUserName);
  214 +
  215 +
  216 + if(!$this->roleExistsName('WorkSpaceOwner'))
  217 + {
  218 + $this->session->logout();
  219 + return _kt('Error: WorkSpaceOwner Role does not exist');
  220 + }
  221 + else
  222 + {
  223 +
  224 + $oTempPersonalFolder = $root->get_folder_by_name('/DroppedDocuments/'.$sUserName);
  225 + $oPersonalFolder = $oTempPersonalFolder->get_folder();
  226 + //update WorkSpaceOwner role to include current user
  227 +
  228 + //Get permission object
  229 + $oPO = KTPermissionObject::get($oPersonalFolder->getPermissionObjectId());
  230 +
  231 + $this->setPersonalFolderPermissions($oPO);
  232 +
  233 + $this->updatePersonalFolderRoleAllocation($oPersonalFolder);
  234 +
  235 + }
  236 +
  237 +
  238 +
  239 + $aExternalWhereClauses[] = '(DT.transaction_namespace IN (?,?,?) AND (D.parent_folder_ids LIKE "%,'.$iMyDocsFolderID.',%" OR D.parent_folder_ids LIKE "%,'.$iMyDocsFolderID.'"))';
  240 + $aExternalWhereParams[] = 'ktcore.transactions.create';
  241 + $aExternalWhereParams[] = 'ktcore.transactions.check_in';
  242 + $aExternalWhereParams[] = 'ktcore.transactions.event';
  243 +
  244 +
  245 + $aDocumentTransactions = KTSimpleTransactionUtil::getTransactionsMatchingQuery($oUser, '', $aExternalWhereClauses, $aExternalWhereParams);
  246 + if (empty($aDocumentTransactions))
  247 + {
  248 + $this->session->logout();
  249 + return _kt('<span class="descriptiveText"> You do not have any dropped documents </span><br><br><br>');
  250 + }
  251 +
  252 + $maxcount = 5;
  253 + $aDocumentTransactions = array_slice($aDocumentTransactions, 0, $maxcount);
  254 +
  255 + $sReturnTable = '<span class="descriptiveText">'._kt('Recently Dropped Documents').'</span>
  256 + <table width="100%" class="kt_collection drop_box" cellspacing="0">
  257 +
  258 + <thead>
  259 + <tr>
  260 + <th width="100%">'._kt('Document').'</th>
  261 + <th width="1%">'._kt('Date Dropped').'</th>
  262 + </tr>
  263 + </thead>
  264 + <tbody>';
  265 +
  266 + $sOddorEven = '';
  267 + $count = 1;
  268 + foreach ($aDocumentTransactions as $aRow)
  269 + {
  270 + $oDocument = Document::get($aRow[document_id]);
  271 + $aParentFolders = explode('/',$oDocument->getFullPath());
  272 + $sPath = '';
  273 +
  274 + for($i = 0; $i < count($aParentFolders); $i++)
  275 + {
  276 + if ($i > 2)
  277 + {
  278 + $sPath .= '/'.$aParentFolders[$i];
  279 + }
  280 + }
  281 +
  282 + $sContentType = KTMime::getIconPath($oDocument->getMimeTypeID());
  283 + $aAnchorData = $this->getDocInfo($aRow[document_id]);
  284 + $sLink = $aAnchorData[0];
  285 + $sDocName = $aAnchorData[1];
  286 + $sShortDocName = $sDocName;
  287 + if(strlen($sPath) > 0)
  288 + {
  289 + $sDocName = $sPath.'/'.$sDocName;
  290 + }
  291 +
  292 + $sFullDocName = $sDocName;
  293 + $iDocLength = strlen($sDocName);
  294 + if ( $iDocLength > 30 )
  295 + {
  296 + $sDocName = substr($sDocName, ($iDocLength - 30), $iDocLength);
  297 + $sDocName = '...'.$sDocName;
  298 + }
  299 +
  300 + if($count%2 == 0)
  301 + {
  302 + $sOddorEven = 'even';
  303 + }
  304 + else
  305 + {
  306 + $sOddorEven = 'odd';
  307 + }
  308 +
  309 + $sReturnTable .= '<tr class="'.$sOddorEven.'">'.
  310 + '<td width="100%"><span class="contenttype '.$sContentType.'"><a title="'.$sShortDocName.'" href='.$sLink.'>'.$sDocName.'</a></span></td>'.
  311 + '<td width="1%">'.$aRow[datetime].'</td>'.
  312 + '</tr>';
  313 + $count ++;
  314 + }
  315 +
  316 + $location = 'browse.php?fFolderId='.$iMyDocsFolderID;
  317 + $sReturnTable .= '</tbody>'.
  318 + '</table>'.
  319 + '<br>'.
  320 + '<a href="'.$location.'">'._kt(' View All').' </a><br><br>';
  321 + $this->session->logout();
  322 +
  323 + return $sReturnTable;
  324 +
  325 + }
  326 + }
  327 +
  328 + function handleOutput($sOutput) {
  329 + print $sOutput;
  330 + }
  331 +
  332 + //This function is used to set the permission on the dropdocuments folder
  333 + function setUserDocsPermissions($oUserPO)
  334 + {
  335 + //arrays returned from get Role ID's
  336 + $aWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner');
  337 + $aAdminGroupID = $this->getGroupIdByName('System Administrators');
  338 +
  339 + //arrays used to make integers for $aAllowed array variable
  340 + $iWorkSpaceOwnerRoleID = $aWorkSpaceOwnerRoleID[0]['id'];
  341 + $iAdminGroupID = $aAdminGroupID[0]['id'];
  342 + //$aBothAllowed is used to give permissions to the admin group and the WorkSpaceOwner role
  343 + $aBothAllowed = array('group' => array($iAdminGroupID), 'role' => array($iWorkSpaceOwnerRoleID));
  344 +
  345 + //$aAdminAllowed is used to give permissions to the admin group only
  346 + $aAdminAllowed = array('group' => array($iAdminGroupID));
  347 +
  348 + //Get the list of permissions
  349 + $aPermissions = KTPermission::getList();
  350 +
  351 + foreach ($aPermissions as $oPermission)
  352 + {
  353 + //If the permission is not one of the below then both are allowed the permission
  354 + //Otherwise only the admin group is allowed the permission
  355 + if($oPermission->getHumanName() != 'Delete' && $oPermission->getHumanName() != 'Rename Folder'
  356 + && $oPermission->getHumanName() != 'Manage security' && $oPermission->getHumanName() != 'Manage workflow')
  357 + {
  358 + KTPermissionUtil::setPermissionForId($oPermission, $oUserPO, $aBothAllowed);
  359 + }
  360 + else
  361 + {
  362 + KTPermissionUtil::setPermissionForId($oPermission, $oUserPO, $aAdminAllowed);
  363 + }
  364 + }
  365 +
  366 + //UPdate the permission lookup
  367 + KTPermissionUtil::updatePermissionLookupForPO($oUserPO);
  368 + }
  369 +
  370 + //This function is used for allocating the user to the WorkSpaceOwner role only when the dropdocuments folder
  371 + //has just been created.
  372 + function setUserDocsRoleAllocation($oUserFolderObject)
  373 + {
  374 + $userFolderID = $oUserFolderObject->getId();
  375 +
  376 + $tempWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner');
  377 + $WorkSpaceOwnerRoleID = $tempWorkSpaceOwnerRoleID[0]['id'];
  378 +
  379 + //create a new role allocation
  380 + $oDropdocumentsRoleAllocation = new RoleAllocation();
  381 + if ($oDropdocumentsRoleAllocation == null)
  382 + {
  383 + $this->session->logout();
  384 + return _kt('Error: cannot create WorkSpaceOwner role allocation');
  385 + }
  386 +
  387 + //set the folder and role for the allocation
  388 + $oDropdocumentsRoleAllocation->setFolderId($userFolderID);
  389 + $oDropdocumentsRoleAllocation->setRoleId($WorkSpaceOwnerRoleID);
  390 +
  391 + $aWorkSpaceOwnerRoleAllowed = array();
  392 + $oDropdocumentsRoleAllocation->setAllowed($aWorkSpaceOwnerRoleAllowed);
  393 + //It might be a problem that i'm not doing a "start transaction" here.
  394 + //Unable to roll back in event of db failure
  395 + $res = $oDropdocumentsRoleAllocation->create();
  396 +
  397 + //The role is created and then updated by adding the current user to the allowed list
  398 +
  399 + $oPD = $oDropdocumentsRoleAllocation->getPermissionDescriptor();
  400 + $aWorkSpaceOwnerRoleAssignAllowed = $oPD->getAllowed();
  401 + $aUserId[] = $this->oUser->getId();
  402 + $aWorkSpaceOwnerRoleAssignAllowed['user'] = $aUserId;
  403 + $oDropdocumentsRoleAllocation->setAllowed($aWorkSpaceOwnerRoleAssignAllowed);
  404 + $res = $oDropdocumentsRoleAllocation->update();
  405 +
  406 + //Update all info linked to the role
  407 + $this->renegeratePermissionsForRole($oDropdocumentsRoleAllocation->getRoleId(), $userFolderID);
  408 + }
  409 +
  410 + //This function is used to allocate the current user to the WorkSpaceOwner role after the Dropdocuments folder
  411 + //has already been created.
  412 + function updateUserDocsRoleAllocation($oUserFolder)
  413 + {
  414 + $userFolderID = $oUserFolder->getId();
  415 + $tempWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner');//$oUserRole->getId();
  416 + $WorkSpaceOwnerRoleID = $tempWorkSpaceOwnerRoleID[0]['id'];
  417 +
  418 + //Get the role allocation object for the Dropdocuments folder and the WorkSpaceOwner role
  419 + $oDropdocumentsRoleAllocation = $oRoleAllocation = RoleAllocation::getAllocationsForFolderAndRole($userFolderID, $WorkSpaceOwnerRoleID);
  420 +
  421 + //check that the object is not null
  422 + if ($oDropdocumentsRoleAllocation == null)
  423 + {
  424 + $this->session->logout();
  425 + return _kt('Error: cannot find WorkSpaceOwner role allocation');
  426 + }
  427 +
  428 + $oPD = $oDropdocumentsRoleAllocation->getPermissionDescriptor();
  429 + $aWorkSpaceOwnerRoleAssignAllowed = $oPD->getAllowed();
  430 +
  431 + //If the user ID is not in the allowed list already then add it to the list.
  432 + if(!in_array($this->oUser->getId(), $aWorkSpaceOwnerRoleAssignAllowed['user']))
  433 + {
  434 + $aNewAllowed = array();
  435 + $aNewAllowed = $aWorkSpaceOwnerRoleAssignAllowed['user'];
  436 + $aNewAllowed[] = $this->oUser->getId();
  437 + $aWorkSpaceOwnerRoleAssignAllowed['user'] = $aNewAllowed;
  438 + $oDropdocumentsRoleAllocation->setAllowed($aWorkSpaceOwnerRoleAssignAllowed);
  439 + $res = $oDropdocumentsRoleAllocation->update();
  440 + $this->renegeratePermissionsForRole($oDropdocumentsRoleAllocation->getRoleId(), $userFolderID);
  441 + }
  442 + }
  443 +
  444 + function setPersonalFolderPermissions($oPO)
  445 + {
  446 + $aWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner');
  447 + $aAdminGroupID = $this->getGroupIdByName('System Administrators');
  448 +
  449 + //arrays used to make integers for $aAllowed array variable
  450 + $iWorkSpaceOwnerRoleID = $aWorkSpaceOwnerRoleID[0]['id'];
  451 + $iAdminGroupID = $aAdminGroupID[0]['id'];
  452 +
  453 + //set permissions for the role and the admin group
  454 + $aAllowed = array('role' => array($iWorkSpaceOwnerRoleID), 'group' => array($iAdminGroupID));
  455 +
  456 + //Get the List of all the permissions
  457 + $aPersonalFolderPermissions = KTPermission::getList();
  458 +
  459 + //Iterate through and apply all permissions to the current user and the admin group
  460 + foreach ($aPersonalFolderPermissions as $oPersonalFolderPermission)
  461 + {
  462 + KTPermissionUtil::setPermissionForId($oPersonalFolderPermission, $oPO, $aAllowed);
  463 +
  464 + }
  465 +
  466 + //Update permission lookup
  467 + KTPermissionUtil::updatePermissionLookupForPO($oPO);
  468 + }
  469 +
  470 + function updatePersonalFolderRoleAllocation($oPersonalFolder)
  471 + {
  472 + //Assign user to the WorkSpaceOwner role
  473 + $personalFolderID = $oPersonalFolder->getId();
  474 + $tempWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner');
  475 + $WorkSpaceOwnerRoleID = $tempWorkSpaceOwnerRoleID[0]['id'];
  476 +
  477 + $oRoleAllocation = new RoleAllocation();
  478 + if ($oRoleAllocation == null)
  479 + {
  480 + $this->session->logout();
  481 + return _kt('Error: Cannot create WorkSpaceOwner role allocation on personal folder');
  482 + }
  483 + $oRoleAllocation->setFolderId($personalFolderID);
  484 + $oRoleAllocation->setRoleId($WorkSpaceOwnerRoleID);
  485 +
  486 + $aRoleAllowed = array();
  487 + $oRoleAllocation->setAllowed($aRoleAllowed);
  488 +
  489 + //It might be a problem that i'm not doing a "start transaction" here.
  490 + //Unable to roll back in event of db failure
  491 + $res = $oRoleAllocation->create();
  492 +
  493 + //The role is first created and then the current user is allocated to the role below
  494 +
  495 + $oPD = $oRoleAllocation->getPermissionDescriptor();
  496 + $aRoleAssignAllowed = $oPD->getAllowed();
  497 + $aUserId[] = $this->oUser->getId();
  498 + $aRoleAssignAllowed['user'] = $aUserId;
  499 + $oRoleAllocation->setAllowed($aRoleAssignAllowed);
  500 + $res = $oRoleAllocation->update();
  501 + $this->renegeratePermissionsForRole($oRoleAllocation->getRoleId(), $personalFolderID);
  502 + }
  503 +
  504 + //FIXME: Direct Database access
  505 + function getFolderID($sFolderName) {
  506 + $sQuery = 'SELECT id FROM folders WHERE name = \''.$sFolderName.'\'';
  507 +
  508 + $id = DBUtil::getResultArray($sQuery);
  509 + return $id[0]['id'];
  510 + }
  511 +
  512 + //this function returns the document link and document name to be displayed on the dashlet
  513 + function getDocInfo($iDocId) {
  514 + $oDocument = Document::get($iDocId);
  515 +
  516 + if (PEAR::isError($oDocument)) {
  517 + return _kt('Document no longer exists.');
  518 + }
  519 +
  520 + $sName = htmlentities($oDocument->getName(), ENT_NOQUOTES, 'UTF-8');
  521 + $sLink = KTBrowseUtil::getUrlForDocument($oDocument);
  522 +
  523 + $aAnchorData = array();
  524 + $aAnchorData[] = $sLink;
  525 + $aAnchorData[] = $sName;
  526 + return $aAnchorData;
  527 + }
  528 +
  529 + //This function is used to create the role, role allocation is done separately
  530 + function createRole ($sName)
  531 + {
  532 + $this->startTransaction();
  533 + $oRole = Role::createFromArray(array('name' => $sName));
  534 +
  535 + if (PEAR::isError($oRole) || ($oRole == false))
  536 + {
  537 + if ($this->bTransactionStarted)
  538 + {
  539 + $this->rollbackTransaction();
  540 + }
  541 + //return null on failure
  542 + return null;
  543 + }
  544 + else
  545 + {
  546 + return $oRole;
  547 +
  548 + }
  549 + }
  550 +
  551 + //FIXME: Direct Database access
  552 + function roleExistsName ($sName)
  553 + {
  554 + $sQuery = "SELECT id FROM roles WHERE name = ?";
  555 + $aParams = array($sName);
  556 + $res = DBUtil::getResultArray(array($sQuery, $aParams));
  557 +
  558 + if (count($res) != 0)
  559 + {
  560 + return true;
  561 + }
  562 + return false;
  563 + }
  564 +
  565 + //FIXME: Direct Database access
  566 + function groupExistsName ($sName)
  567 + {
  568 + $sQuery = "SELECT id FROM groups_lookup WHERE name = ?";
  569 + $aParams = array($sName);
  570 + $res = DBUtil::getResultArray(array($sQuery, $aParams));
  571 +
  572 + if (count($res) != 0)
  573 + {
  574 + return true;
  575 + }
  576 + return false;
  577 + }
  578 +
  579 + //FIXME: Direct Database access
  580 + function getRoleIdByName($sName)
  581 + {
  582 + $sQuery = "SELECT id FROM roles WHERE name = ?";
  583 + $aParams = array($sName);
  584 + $res = DBUtil::getResultArray(array($sQuery, $aParams));
  585 + return $res;
  586 + }
  587 +
  588 + //FIXME: Direct Database access
  589 + function getGroupIdByName ($sName)
  590 + {
  591 + $sQuery = "SELECT id FROM groups_lookup WHERE name = ?";
  592 + $aParams = array($sName);
  593 + $res = DBUtil::getResultArray(array($sQuery, $aParams));
  594 + return $res;
  595 + }
  596 +
  597 + //function taken from KTPermission.php and edited to work here
  598 + function renegeratePermissionsForRole($iRoleId, $iFolderId) {
  599 + $iStartFolderId = $iFolderId;
  600 + /*
  601 + * 1. find all folders & documents "below" this one which use the role
  602 + * definition _active_ (not necessarily present) at this point.
  603 + * 2. tell permissionutil to regen their permissions.
  604 + *
  605 + * The find algorithm is:
  606 + *
  607 + * folder_queue <- (iStartFolderId)
  608 + * while folder_queue is not empty:
  609 + * active_folder =
  610 + * for each folder in the active_folder:
  611 + * find folders in _this_ folder without a role-allocation on the iRoleId
  612 + * add them to the folder_queue
  613 + * update the folder's permissions.
  614 + * find documents in this folder:
  615 + * update their permissions.
  616 + */
  617 +
  618 + $sRoleAllocTable = KTUtil::getTableName('role_allocations');
  619 + $sFolderTable = KTUtil::getTableName('folders');
  620 + $sQuery = sprintf('SELECT f.id as id FROM %s AS f LEFT JOIN %s AS ra ON (f.id = ra.folder_id) WHERE ra.id IS NULL AND f.parent_id = ?', $sFolderTable, $sRoleAllocTable);
  621 +
  622 +
  623 + $folder_queue = array($iStartFolderId);
  624 + while (!empty($folder_queue)) {
  625 + $active_folder = array_pop($folder_queue);
  626 +
  627 + $aParams = array($active_folder);
  628 +
  629 + $aNewFolders = DBUtil::getResultArrayKey(array($sQuery, $aParams), 'id');
  630 + if (PEAR::isError($aNewFolders)) {
  631 + //$this->errorRedirectToMain(_kt('Failure to generate folderlisting.'));
  632 + echo _kt('Failure to generate folderlisting.');
  633 + }
  634 + $folder_queue = kt_array_merge ($folder_queue, (array) $aNewFolders); // push.
  635 +
  636 +
  637 + // update the folder.
  638 + $oFolder =& Folder::get($active_folder);
  639 + if (PEAR::isError($oFolder) || ($oFolder == false)) {
  640 + //$this->errorRedirectToMain(_kt('Unable to locate folder: ') . $active_folder);
  641 + echo _kt('Unable to locate folder: ').$active_folder;
  642 + }
  643 +
  644 + KTPermissionUtil::updatePermissionLookup($oFolder);
  645 + $aDocList =& Document::getList(array('folder_id = ?', $active_folder));
  646 + if (PEAR::isError($aDocList) || ($aDocList === false)) {
  647 + //$this->errorRedirectToMain(sprintf(_kt('Unable to get documents in folder %s: %s'), $active_folder, $aDocList->getMessage()));
  648 + echo _kt('Unable to get documents in folder ').$active_folder;
  649 + }
  650 +
  651 + foreach ($aDocList as $oDoc) {
  652 + if (!PEAR::isError($oDoc)) {
  653 + KTPermissionUtil::updatePermissionLookup($oDoc);
  654 + }
  655 + }
  656 + }
  657 + }
  658 +
  659 +}
  660 +?>
... ...