Peter M. Groen / knowledgetree

Commit 5e41bfc8a1c61da0c3e484084cfbfc3c61c42aaa

Authored by kevin_fourie
1 parent 5ebab2b0

Merged in from DEV trunk... 

KTS-2666
"Permissions not properly inherited"
Fixed. Changed check in Permission.php and hasPermission in User.inc to use userHasPermissionOnItem function.

Committed By: Jonathan Byrne
Reviewed By: Jalaloedien Abrahams


git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/STABLE/branches/3.5.2c-Release-Branch@8423 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 2 changed files with 5 additions and 59 deletions
lib/users/User.inc
  View file @5e41bfc
@@ -499,64 +499,10 @@ class User extends KTEntity { @@ -499,64 +499,10 @@ class User extends KTEntity {
499 499
500 } 500 }
501 501
502 - function hasPermission(&$oPermissionDescriptor, $iUserId = null) {  
503 - if(empty($iUserId)){  
504 - $iUserId = $_SESSION['iUserId'];  
505 - }  
506 -  
507 - $pdgTable = KTUtil::getTableName('permission_descriptor_groups');  
508 - global $default;  
509 - $uglTable = $default->users_groups_table;  
510 - $sQuery = "SELECT COUNT(*) AS num FROM $pdgTable pd  
511 - INNER JOIN $uglTable ug ON ug.group_id = pd.group_id  
512 - WHERE pd.descriptor_id = ? AND ug.user_id = ?";  
513 -  
514 - $aParams = array($oPermissionDescriptor->getID(), $iUserId);  
515 - $res = DBUtil::getOneResultKey(array($sQuery, $aParams), 'num');  
516 -  
517 - if (PEAR::isError($res) || empty($res)) {  
518 -  
519 - $aSubGrpOneParams = array($oPermissionDescriptor->getID());  
520 -  
521 - //Checking if user is in a subgroup  
522 - //Query One is the get any groups with permissions  
523 - $sSubGrpQueryOne = "SELECT group_id FROM $pdgTable pd  
524 - WHERE pd.descriptor_id = ?";  
525 - $aSubRes = DBUtil::getResultArrayKey(array($sSubGrpQueryOne, $aSubGrpOneParams), 'group_id');  
526 -  
527 - if(!(PEAR::isError($aSubRes) || empty($aSubRes)))  
528 - {  
529 - $list = implode(',', $aSubRes);  
530 -  
531 - $sSubGroupTable = KTUtil::getTableName('groups_groups_link');  
532 - $aParams = array($iUserId);  
533 -  
534 - //Query two is to check if the current user's group is a sub group of the  
535 - //group with permissions  
536 - $sSubGrpQueryTwo = "SELECT COUNT(member_group_id) count FROM $sSubGroupTable ggl  
537 - INNER JOIN users_groups_link ugl ON (ugl.group_id = ggl.member_group_id)  
538 - WHERE ugl.user_id = ? AND parent_group_id IN ($list)";  
539 - $aSubResTwo = DBUtil::getOneResultKey(array($sSubGrpQueryTwo, $aParams), 'count');  
540 -  
541 - if(PEAR::isError($aSubResTwo) || empty($aSubResTwo))  
542 - {  
543 - return false;  
544 - }  
545 - else  
546 - {  
547 - return true;  
548 - }  
549 - }  
550 - else  
551 - {  
552 - return false;  
553 - }  
554 -  
555 - }  
556 - else  
557 - {  
558 - return true;  
559 - } 502 + function hasPermission($oUser, $oPermission, $oFolderOrDocument) {
  503 + return KTPermissionUtil::userHasPermissionOnItem($oUser, $oPermission, $oFolderOrDocument);
  504 +
560 } 505 }
  506 +
561 } 507 }
562 ?> 508 ?>
563 \ No newline at end of file 509 \ No newline at end of file
plugins/ktcore/folder/Permissions.php
  View file @5e41bfc
@@ -216,7 +216,7 @@ class KTFolderPermissionsAction extends KTFolderAction { @@ -216,7 +216,7 @@ class KTFolderPermissionsAction extends KTFolderAction {
216 // TODO : paginate this page, when there are too many users 216 // TODO : paginate this page, when there are too many users
217 foreach ($aUsers as $oUser) { 217 foreach ($aUsers as $oUser) {
218 if ($everyone || ($authenticated && $oUser->isAnonymous()) || 218 if ($everyone || ($authenticated && $oUser->isAnonymous()) ||
219 - $oUser->hasPermission($oDescriptor, $oUser->getId())) { 219 + KTPermissionUtil::userHasPermissionOnItem($oUser, $oPermission, $this->oFolder)){
220 $aMapPermissionUser[$iPermissionID][$oUser->getId()] = true; 220 $aMapPermissionUser[$iPermissionID][$oUser->getId()] = true;
221 } 221 }
222 } 222 }