Peter M. Groen / knowledgetree

Commit 6e938a444338422ddcedcfc57e09271c08d2ed78

Authored by rob
1 parent 5ff94c78

Updated table names in SQL queries 


git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@179 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 1 changed file with 24 additions and 10 deletions
lib/security/permission.inc
  View file @6e938a4
... ... @@ -15,8 +15,22 @@
15 15 class Permission {
16 16  
17 17 /**
  18 + * Checks if the current user has write permission for a specific document.
  19 + * To have document write permission the user must satisfy ONE of the following conditions:
  20 + * o have write permission for the folder in which the document resides
  21 + * o be assigned a role which has write permission for the document
  22 + *
  23 + * @param $iDocumentID Primary key of document to check
  24 + *
  25 + * @return true is the current user has document write permission, false otherwise and set $_SESSION["errorMessage"]
  26 + */
  27 + function userHasDocumentWritePermission($iDocumentID) {
  28 +
  29 + }
  30 +
  31 + /**
18 32 * Checks if the current user has write permission for a specific folder
19   - * To have write permission on a folder the user must satisfy ONE of the following conditions
  33 + * To have write permission on a folder the user must satisfy ONE of the following conditions:
20 34 * o be in the system administrator group
21 35 * o be in the unit administrator group for the unit to which the folder belongs
22 36 * o belong to a group that has write access to the folder
... ... @@ -91,7 +105,7 @@ class Permission {
91 105 function userIsInUnitAdministratorGroup($iFolderID) {
92 106 global $lang_err_user_unitadmin_group, $default;
93 107 $sql = new Owl_DB();
94   - $sql->query("SELECT * FROM " . $default->owl_group_folders_link_table ." AS GFL INNER JOIN " . $default->owl_groups_users_link_table . " as GUL ON GFL.group_id = GUL.group_id " .
  108 + $sql->query("SELECT * FROM " . $default->owl_group_folders_table ." AS GFL INNER JOIN " . $default->owl_groups_users_link_table . " as GUL ON GFL.group_id = GUL.group_id " .
95 109 "INNER JOIN " . $default->owl_groups_table . " AS G ON G.ID = GFL.group_id " .
96 110 "WHERE GFL.folder_id = " . $iFolderID . " " .
97 111 "AND GUL.user_id = " . $_SESSION["user_id"] . " " .
... ... @@ -114,7 +128,7 @@ class Permission {
114 128 function userHasGroupWritePermissionForFolder($iFolderID) {
115 129 global $default, $lang_err_user_folder_write;
116 130 $sql = new Owl_DB();
117   - $sql->query("SELECT * FROM " . $default->groups_folders_link = "groups_folders_link" . " WHERE folder_id = " . $iFolderID . " AND user_id = " . $_SESSION["user_id"] . " AND can_write = 1";
  131 + $sql->query("SELECT * FROM " . $default->owl_groups_folders_table . " WHERE folder_id = " . $iFolderID . " AND user_id = " . $_SESSION["user_id"] . " AND can_write = 1";
118 132 if ($sql->next_record()) {
119 133 return true;
120 134 }
... ... @@ -132,7 +146,7 @@ class Permission {
132 146 function userHasGroupReadPermissionForFolder($iFolderID) {
133 147 global $default, $lang_err_user_folder_read;
134 148 $sql = new Owl_DB();
135   - $sql->query("SELECT * FROM " . $default->owl_groups_folders_link_table = "groups_folders_link" . " WHERE folder_id = " . $iFolderID . " AND user_id = " . $_SESSION["user_id"] . " AND can_read = 1";
  149 + $sql->query("SELECT * FROM " . $default->owl_groups_folders_table = "groups_folders_link" . " WHERE folder_id = " . $iFolderID . " AND user_id = " . $_SESSION["user_id"] . " AND can_read = 1";
136 150 if ($sql->next_record()) {
137 151 return true;
138 152 }
... ... @@ -150,7 +164,7 @@ class Permission {
150 164 function userIsInGroupID($iGroupID) {
151 165 global $default, $lang_err_user_group;
152 166 $sql = new Owl_DB();
153   - $sql->query("SELECT id FROM " . $default->owl_groups_users_link_table . " WHERE id = " $iGroupID . " AND user_id = " . $_SESSION["user_id"]);
  167 + $sql->query("SELECT id FROM " . $default->owl_groups_users_table . " WHERE id = " $iGroupID . " AND user_id = " . $_SESSION["user_id"]);
154 168 if ($sql->next_record()) {
155 169 return true;
156 170 }
... ... @@ -168,7 +182,7 @@ class Permission {
168 182 function userIsInGroupName($sGroupName) {
169 183 global $default, $lang_err_user_group;
170 184 $sql = new Owl_DB();
171   - $sql->query("SELECT id FROM " . $default->owl_groups_users_link_table . " AS GULT INNER JOIN " . $default->owl_groups_table . " AS G ON GULT.group_id = G.ID WHERE G.name = '" . $sGroupName . "' AND user_id = " . $_SESSION["user_id"]);
  185 + $sql->query("SELECT id FROM " . $default->owl_groups_users_table . " AS GULT INNER JOIN " . $default->owl_groups_table . " AS G ON GULT.group_id = G.ID WHERE G.name = '" . $sGroupName . "' AND user_id = " . $_SESSION["user_id"]);
172 186 if ($sql->next_record()) {
173 187 return true;
174 188 }
... ... @@ -187,7 +201,7 @@ class Permission {
187 201 function userHasWriteRoleForFolder($iFolderID) {
188 202 global $default, $lang_err_user_role;
189 203 $sql = new Owl_DB();
190   - $sql->query("SELECT * FROM " . $default->owl_folders_user_links_table . " AS FURL INNER JOIN " . $default->owl_role_table . " AS R ON FURL.role_id = R.id WHERE folder_id = " . $iFolderID . " AND user_id = " . $_SESSION["user_id"] . " AND R.can_write = 1");
  204 + $sql->query("SELECT * FROM " . $default->owl_folders_user_table . " AS FURL INNER JOIN " . $default->owl_role_table . " AS R ON FURL.role_id = R.id WHERE folder_id = " . $iFolderID . " AND user_id = " . $_SESSION["user_id"] . " AND R.can_write = 1");
191 205 if ($sql->next_record()) {
192 206 return true;
193 207 }
... ... @@ -205,7 +219,7 @@ class Permission {
205 219 function roleIDExists($iRoleID) {
206 220 global $default, $lang_err_role_not_exist;
207 221 $sql = new Owl_DB();
208   - $sql->query("SELECT id FROM " . $default->owl_role_table . " WHERE id = " . $iRoleID;
  222 + $sql->query("SELECT id FROM " . $default->owl_roles_table . " WHERE id = " . $iRoleID;
209 223 if (sql->next_record()) {
210 224 return true;
211 225 }
... ... @@ -223,7 +237,7 @@ class Permission {
223 237 function roleNameExists($sRoleName) {
224 238 global $default, $lang_err_role_not_exist;
225 239 $sql = new Owl_DB();
226   - $sql->query("SELECT id FROM " . $default->owl_role_table . " WHERE name = '" . $sRoleName . "'";
  240 + $sql->query("SELECT id FROM " . $default->owl_roles_table . " WHERE name = '" . $sRoleName . "'";
227 241 if (sql->next_record()) {
228 242 return true;
229 243 }
... ... @@ -242,7 +256,7 @@ class Permission {
242 256 global $default, $lang_database_error;
243 257 if (roleExists($sRoleName) {
244 258 $sql = new Owl_DB();
245   - $sql->query("SELECT id FROM " . $default->owl_role_table . " WHERE name = '" . $sRoleName . "'";
  259 + $sql->query("SELECT id FROM " . $default->owl_roles_table . " WHERE name = '" . $sRoleName . "'";
246 260 sql->next_record();
247 261 return sql->f("id");
248 262 }
... ...