Commit 5817ec1aa6133d42a8d1f829196edea31f933674
1 parent
2ad6bdc9
KTS-2666
"Permissions not properly inherited" Fixed. Changed check in Permission.php and hasPermission in User.inc to use userHasPermissionOnItem function. Committed By: Jonathan Byrne Reviewed By: Jalaloedien Abrahams git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@8416 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
2 changed files
with
5 additions
and
59 deletions
lib/users/User.inc
| ... | ... | @@ -500,64 +500,10 @@ class User extends KTEntity { |
| 500 | 500 | |
| 501 | 501 | } |
| 502 | 502 | |
| 503 | - function hasPermission(&$oPermissionDescriptor, $iUserId = null) { | |
| 504 | - if(empty($iUserId)){ | |
| 505 | - $iUserId = $_SESSION['iUserId']; | |
| 506 | - } | |
| 507 | - | |
| 508 | - $pdgTable = KTUtil::getTableName('permission_descriptor_groups'); | |
| 509 | - global $default; | |
| 510 | - $uglTable = $default->users_groups_table; | |
| 511 | - $sQuery = "SELECT COUNT(*) AS num FROM $pdgTable pd | |
| 512 | - INNER JOIN $uglTable ug ON ug.group_id = pd.group_id | |
| 513 | - WHERE pd.descriptor_id = ? AND ug.user_id = ?"; | |
| 514 | - | |
| 515 | - $aParams = array($oPermissionDescriptor->getID(), $iUserId); | |
| 516 | - $res = DBUtil::getOneResultKey(array($sQuery, $aParams), 'num'); | |
| 517 | - | |
| 518 | - if (PEAR::isError($res) || empty($res)) { | |
| 519 | - | |
| 520 | - $aSubGrpOneParams = array($oPermissionDescriptor->getID()); | |
| 521 | - | |
| 522 | - //Checking if user is in a subgroup | |
| 523 | - //Query One is the get any groups with permissions | |
| 524 | - $sSubGrpQueryOne = "SELECT group_id FROM $pdgTable pd | |
| 525 | - WHERE pd.descriptor_id = ?"; | |
| 526 | - $aSubRes = DBUtil::getResultArrayKey(array($sSubGrpQueryOne, $aSubGrpOneParams), 'group_id'); | |
| 527 | - | |
| 528 | - if(!(PEAR::isError($aSubRes) || empty($aSubRes))) | |
| 529 | - { | |
| 530 | - $list = implode(',', $aSubRes); | |
| 531 | - | |
| 532 | - $sSubGroupTable = KTUtil::getTableName('groups_groups_link'); | |
| 533 | - $aParams = array($iUserId); | |
| 534 | - | |
| 535 | - //Query two is to check if the current user's group is a sub group of the | |
| 536 | - //group with permissions | |
| 537 | - $sSubGrpQueryTwo = "SELECT COUNT(member_group_id) count FROM $sSubGroupTable ggl | |
| 538 | - INNER JOIN users_groups_link ugl ON (ugl.group_id = ggl.member_group_id) | |
| 539 | - WHERE ugl.user_id = ? AND parent_group_id IN ($list)"; | |
| 540 | - $aSubResTwo = DBUtil::getOneResultKey(array($sSubGrpQueryTwo, $aParams), 'count'); | |
| 541 | - | |
| 542 | - if(PEAR::isError($aSubResTwo) || empty($aSubResTwo)) | |
| 543 | - { | |
| 544 | - return false; | |
| 545 | - } | |
| 546 | - else | |
| 547 | - { | |
| 548 | - return true; | |
| 549 | - } | |
| 550 | - } | |
| 551 | - else | |
| 552 | - { | |
| 553 | - return false; | |
| 554 | - } | |
| 555 | - | |
| 556 | - } | |
| 557 | - else | |
| 558 | - { | |
| 559 | - return true; | |
| 560 | - } | |
| 503 | + function hasPermission($oUser, $oPermission, $oFolderOrDocument) { | |
| 504 | + return KTPermissionUtil::userHasPermissionOnItem($oUser, $oPermission, $oFolderOrDocument); | |
| 505 | + | |
| 561 | 506 | } |
| 507 | + | |
| 562 | 508 | } |
| 563 | 509 | ?> |
| 564 | 510 | \ No newline at end of file | ... | ... |
plugins/ktcore/folder/Permissions.php
| ... | ... | @@ -217,7 +217,7 @@ class KTFolderPermissionsAction extends KTFolderAction { |
| 217 | 217 | // TODO : paginate this page, when there are too many users |
| 218 | 218 | foreach ($aUsers as $oUser) { |
| 219 | 219 | if ($everyone || ($authenticated && $oUser->isAnonymous()) || |
| 220 | - $oUser->hasPermission($oDescriptor, $oUser->getId())) { | |
| 220 | + KTPermissionUtil::userHasPermissionOnItem($oUser, $oPermission, $this->oFolder)){ | |
| 221 | 221 | $aMapPermissionUser[$iPermissionID][$oUser->getId()] = true; |
| 222 | 222 | } |
| 223 | 223 | } | ... | ... |