- ensure that dynamic conditions are copied with other permissions

- fix for KTS-1186: inherit permissions always shows. git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@5741 c91229c3-7414-0410-bfa2-8a42b809f60b

- ensure that dynamic conditions are copied with other permissions
- fix for KTS-1186: inherit permissions always shows. git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@5741 c91229c3-7414-0410-bfa2-8a42b809f60b
bshuttle
1 parent 3c893bec
Showing 5 changed files with 43 additions and 7 deletions
lib/permissions/permissionutil.inc.php
plugins/ktcore/folder/Permissions.php
templates/ktcore/folder/permissions.smarty
templates/ktcore/folder/resolved_permissions_user.smarty
templates/ktcore/folder/view_permissions.smarty
@@ -476,6 +476,18 @@ class KTPermissionUtil {
         $oDocumentOrFolder->setPermissionObjectID($oNewPO->getID());
         $oDocumentOrFolder->update();
  
+        // copy any dynamic conditions
+        $aDPO = KTPermissionDynamicCondition::getByPermissionObject($oOrigPO);
+        foreach ($aDPO as $oOrigDC) {
+            $oNewDC = KTPermissionDynamicCondition::createFromArray(array(
+                'permissionobjectid' => $oNewPO->getId(),
+                'groupid' => $oOrigDC->getGroupId(),
+                'conditionid' => $oOrigDC->getConditionId(),
+            ));
+            
+            $oNewDC->saveAssignment($oOrigDC->getAssignment());
+        }
+
         if (!is_a($oDocumentOrFolder, 'Folder')) {
             KTPermissionUtil::updatePermissionLookup($oDocumentOrFolder);
             return;
@@ -104,6 +104,10 @@ class KTFolderPermissionsAction extends KTFolderAction {
             $iInheritedFolderId = $oInherited->getId();
             $sInherited = join(" &raquo; ", $oInherited->getPathArray());
         }
+        // only allow inheritance if not inherited, -and- folders is editable
+        $bInheritable = $bEdit && ($oInherited->getId() !== $this->oFolder->getId());        
+        // only allow edit if the folder is editable.
+        $bEdit = $bEdit && ($oInherited->getId() == $this->oFolder->getId());
  
         $aConditions = array();
         $aDynConditions = KTPermissionDynamicCondition::getByPermissionObject($oPO);
@@ -139,6 +143,7 @@ class KTFolderPermissionsAction extends KTFolderAction {
             "aMapPermissionRole" => $aMapPermissionRole,
             "aMapPermissionUser" => $aMapPermissionUser,
             "edit" => $bEdit,
+            'inheritable' => $bInheritable,
             "inherited" => $sInherited,
             'foldername' => $this->oFolder->getName(),
             'conditions' => $aConditions,             
@@ -247,10 +252,17 @@ class KTFolderPermissionsAction extends KTFolderAction {
             $this->oValidator->userHasPermissionOnItem($this->oUser, $this->_sEditShowPermission, $this->oFolder, $aOptions);
         }
  
-	// copy permissions if they were inherited
+    	// copy permissions if they were inherited
         $oInherited = KTPermissionUtil::findRootObjectForPermissionObject($oPO);
         if ($oInherited->getId() !== $this->oFolder->getId()) {
-	    $this->_copyPermissions();
+            $override = KTUtil::arrayGet($_REQUEST, 'override', false);
+            if (empty($override)) { 
+                $this->errorRedirectToMain(_kt("This folder does not override its permissions"), sprintf("fFolderId=%d", $this->oFolder->getId()));
+            }
+            $this->startTransaction();
+    	    $this->_copyPermissions();
+            $this->commitTransaction();
+            $oPO = KTPermissionObject::get($this->oFolder->getPermissionObjectId());           
         }
  
  
@@ -475,7 +487,7 @@ class KTFolderPermissionsAction extends KTFolderAction {
         $this->oValidator->notErrorFalse($oTransaction, $aOptions);
  
         KTPermissionUtil::inheritPermissionObject($this->oFolder);
-        return $this->successRedirectTo('edit', _kt('Permissions updated'),
+        return $this->successRedirectTo('main', _kt('Permissions updated'),
                 array('fFolderId' => $this->oFolder->getId()));
     }
  
@@ -20,7 +20,6 @@
 <a class="ktActionLink ktDelete"
    kt:deleteMessage="Are you sure you wish to reinstate inherited permissions?"
    href="{addQS}action=inheritPermissions&fFolderId={$iFolderId}{/addQS}">{i18n}Inherit permissions{/i18n}</a>
-</span>
 </div>
 {/if}
  
@@ -12,8 +12,12 @@ this folder.{/i18n}&lt;/p&gt;
 <div class="ktInfo"><p>{i18n}No users have permissions on this item.{/i18n}</p></div>
 {else}
  
-<p>{i18n}Manage security{/i18n}: <a href="{addQS}fFolderId={$iFolderId}{/addQS}">{i18n}View permissions overview{/i18n}</a>
-| <a href="{addQS}action=edit&fFolderId={$oFolder->getId()}{/addQS}">{i18n}Edit permissions{/i18n}</a></p>
+{if $edit}
+{i18n}Manage security{/i18n}: <a href="{addQS}action=edit&fFolderId={$oFolder->getId()}{/addQS}">{i18n}Edit permissions{/i18n}</a> 
+| <a href="{addQS}fFolderId={$oFolder->getId()}{/addQS}">{i18n}View permissions overview{/i18n}</a> 
+{else}
+{i18n}Manage security{/i18n}: <a href="{addQS}fFolderId={$oFolder->getId()}{/addQS}">{i18n}View permissions overview{/i18n}</a> 
+{/if}
  
 <table   class="kt_collection narrow" cellspacing="0" cellpadding="0" border="0">
 <thead>
@@ -7,12 +7,21 @@ assigned are shown.{/i18n}&lt;/p&gt;
 {if $edit}
 {i18n}Manage security{/i18n}: <a href="{addQS}action=edit&fFolderId={$oFolder->getId()}{/addQS}">{i18n}Edit permissions{/i18n}</a> 
 | <a href="{addQS}action=resolved_users&fFolderId={$oFolder->getId()}{/addQS}">{i18n}View resolved permissions for user{/i18n}</a> 
+{else}
+{i18n}Manage security{/i18n}: <a href="{addQS}action=resolved_users&fFolderId={$oFolder->getId()}{/addQS}">{i18n}View resolved permissions for user{/i18n}</a> 
 {/if}
  
+
 {if $iFolderId != 1}
 <div class="ktInfo">
 { if $inherited }
-<p>{i18n arg_permission_source=$inherited}This folder <strong>inherits</strong> its permissions from #permission_source#.{/i18n}</p>
+<p>{i18n arg_permission_source=$inherited}This folder <strong>inherits</strong> its permissions from #permission_source#.{/i18n}
+{if $inheritable}
+<a class="ktActionLink ktDelete"
+   kt:deleteMessage="Are you sure you wish to override the permissions?"
+   href="{addQS}action=edit&fFolderId={$oFolder->getId()}&override=1{/addQS}">{i18n}Override permissions{/i18n}</a>
+{/if}
+</p>
 { else }
 <p>{i18n}This folder defines its own permissions.{/i18n}</p>
 { /if }