Peter M. Groen / knowledgetree

Commit 75f70700c06b3b7172c4da42d30e05928c04656a

Authored by Conrad Vermeulen
1 parent af2ae89a

"KTS-2113" 

"Split KTAPI into seperate files based on classes"
Implemented.

Reviewed By: Kevin Fourie

git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6797 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 5 changed files with 2216 additions and 2014 deletions
ktapi/KTAPIConstants.inc.php 0 → 100644
  View file @75f7070
  1 +<?
  2 +
  3 +/**
  4 + *
  5 + * The contents of this file are subject to the KnowledgeTree Public
  6 + * License Version 1.1.2 ("License"); You may not use this file except in
  7 + * compliance with the License. You may obtain a copy of the License at
  8 + * http://www.knowledgetree.com/KPL
  9 + *
  10 + * Software distributed under the License is distributed on an "AS IS"
  11 + * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied.
  12 + * See the License for the specific language governing rights and
  13 + * limitations under the License.
  14 + *
  15 + * All copies of the Covered Code must include on each user interface screen:
  16 + * (i) the "Powered by KnowledgeTree" logo and
  17 + * (ii) the KnowledgeTree copyright notice
  18 + * in the same form as they appear in the distribution. See the License for
  19 + * requirements.
  20 + *
  21 + * The Original Code is: KnowledgeTree Open Source
  22 + *
  23 + * The Initial Developer of the Original Code is The Jam Warehouse Software
  24 + * (Pty) Ltd, trading as KnowledgeTree.
  25 + * Portions created by The Jam Warehouse Software (Pty) Ltd are Copyright
  26 + * (C) 2007 The Jam Warehouse Software (Pty) Ltd;
  27 + * All Rights Reserved.
  28 + * Contributor( s): ______________________________________
  29 + *
  30 + */
  31 +
  32 +require_once('../config/dmsDefaults.php');
  33 +require_once(KT_LIB_DIR . '/filelike/fsfilelike.inc.php');
  34 +require_once(KT_LIB_DIR . '/foldermanagement/folderutil.inc.php');
  35 +
  36 +// Generic error messages used in the API. There may be some others specific to functionality
  37 +// directly in the code.
  38 +// TODO: Check that they are all relevant.
  39 +
  40 +define('KTAPI_ERROR_SESSION_INVALID', 'The session could not be resolved.');
  41 +define('KTAPI_ERROR_PERMISSION_INVALID', 'The permission could not be resolved.');
  42 +define('KTAPI_ERROR_FOLDER_INVALID', 'The folder could not be resolved.');
  43 +define('KTAPI_ERROR_DOCUMENT_INVALID', 'The document could not be resolved.');
  44 +define('KTAPI_ERROR_USER_INVALID', 'The user could not be resolved.');
  45 +define('KTAPI_ERROR_KTAPI_INVALID', 'The ktapi could not be resolved.');
  46 +define('KTAPI_ERROR_INSUFFICIENT_PERMISSIONS', 'The user does not have sufficient permissions to access the resource.');
  47 +define('KTAPI_ERROR_INTERNAL_ERROR', 'An internal error occurred. Please review the logs.');
  48 +define('KTAPI_ERROR_DOCUMENT_TYPE_INVALID', 'The document type could not be resolved.');
  49 +define('KTAPI_ERROR_DOCUMENT_CHECKED_OUT', 'The document is checked out.');
  50 +define('KTAPI_ERROR_DOCUMENT_NOT_CHECKED_OUT', 'The document is not checked out.');
  51 +define('KTAPI_ERROR_WORKFLOW_INVALID', 'The workflow could not be resolved.');
  52 +define('KTAPI_ERROR_WORKFLOW_NOT_IN_PROGRESS', 'The workflow is not in progress.');
  53 +
  54 +// Mapping of permissions to actions.
  55 +// TODO: Check that they are all correct.
  56 +// Note, currently, all core actions have permissions that are defined in the plugins.
  57 +// As the permissions are currently associated with actions which are quite closely linked
  58 +// to the web interface, it is not the nicest way to do things. They should be associated at
  59 +// a lower level, such as in the api. probably, better, would be at some stage to assocate
  60 +// the permissions to the action/transaction in the database so administrators can really customise
  61 +// as required.
  62 +
  63 +define('KTAPI_PERMISSION_DELETE', 'ktcore.permissions.delete');
  64 +define('KTAPI_PERMISSION_READ', 'ktcore.permissions.read');
  65 +define('KTAPI_PERMISSION_WRITE', 'ktcore.permissions.write');
  66 +define('KTAPI_PERMISSION_ADD_FOLDER', 'ktcore.permissions.addFolder');
  67 +define('KTAPI_PERMISSION_RENAME_FOLDER', 'ktcore.permissions.folder_rename');
  68 +define('KTAPI_PERMISSION_CHANGE_OWNERSHIP', 'ktcore.permissions.security');
  69 +define('KTAPI_PERMISSION_DOCUMENT_MOVE', 'ktcore.permissions.write');
  70 +define('KTAPI_PERMISSION_WORKFLOW', 'ktcore.permissions.workflow');
  71 +
  72 +?>
0 73 \ No newline at end of file
... ...
ktapi/KTAPIDocument.inc.php 0 → 100644
  View file @75f7070
  1 +<?
  2 +class KTAPI_Document extends KTAPI_FolderItem
  3 +{
  4 + /**
  5 + * This is a reference to the internal document object.
  6 + *
  7 + * @var Document
  8 + */
  9 + var $document;
  10 + /**
  11 + * This is the id of the document.
  12 + *
  13 + * @var int
  14 + */
  15 + var $documentid;
  16 + /**
  17 + * This is a reference to the parent folder.
  18 + *
  19 + * @var KTAPI_Folder
  20 + */
  21 + var $ktapi_folder;
  22 +
  23 + function get_documentid()
  24 + {
  25 + return $this->documentid;
  26 + }
  27 +
  28 + /**
  29 + * This is used to get a document based on document id.
  30 + *
  31 + * @static
  32 + * @access public
  33 + * @param KTAPI $ktapi
  34 + * @param int $documentid
  35 + * @return KTAPI_Document
  36 + */
  37 + function &get(&$ktapi, $documentid)
  38 + {
  39 + assert(!is_null($ktapi));
  40 + assert(is_a($ktapi, 'KTAPI'));
  41 + assert(is_numeric($documentid));
  42 +
  43 + $documentid += 0;
  44 +
  45 + $document = &Document::get($documentid);
  46 + if (is_null($document) || PEAR::isError($document))
  47 + {
  48 + return new PEAR_Error(KTAPI_ERROR_DOCUMENT_INVALID);
  49 + }
  50 +
  51 + $user = $ktapi->can_user_access_object_requiring_permission($document, KTAPI_PERMISSION_READ);
  52 +
  53 + if (is_null($user) || PEAR::isError($user))
  54 + {
  55 + return $user;
  56 + }
  57 +
  58 + $folderid = $document->getParentID();
  59 +
  60 + if (!is_null($folderid))
  61 + {
  62 + $ktapi_folder = &KTAPI_Folder::get($ktapi, $folderid);
  63 + }
  64 + else
  65 + {
  66 + $ktapi_folder = null;
  67 + }
  68 + // We don't do any checks on this folder as it could possibly be deleted, and is not required right now.
  69 +
  70 + return new KTAPI_Document($ktapi, $ktapi_folder, $document);
  71 + }
  72 +
  73 + function is_deleted()
  74 + {
  75 + return ($this->document->getStatusID() == 3);
  76 + }
  77 +
  78 + /**
  79 + * This is the constructor for the KTAPI_Folder.
  80 + *
  81 + * @access private
  82 + * @param KTAPI $ktapi
  83 + * @param Document $document
  84 + * @return KTAPI_Document
  85 + */
  86 + function KTAPI_Document(&$ktapi, &$ktapi_folder, &$document)
  87 + {
  88 + assert(is_a($ktapi,'KTAPI'));
  89 + assert(is_null($ktapi_folder) || is_a($ktapi_folder,'KTAPI_Folder'));
  90 +
  91 + $this->ktapi = &$ktapi;
  92 + $this->ktapi_folder = &$ktapi_folder;
  93 + $this->document = &$document;
  94 + $this->documentid = $document->getId();
  95 + }
  96 +
  97 + /**
  98 + * This checks a document into the repository
  99 + *
  100 + * @param string $filename
  101 + * @param string $reason
  102 + * @param string $tempfilename
  103 + * @param bool $major_update
  104 + */
  105 + function checkin($filename, $reason, $tempfilename, $major_update=false)
  106 + {
  107 + if (!is_file($tempfilename))
  108 + {
  109 + return new PEAR_Error('File does not exist.');
  110 + }
  111 +
  112 + $user = $this->can_user_access_object_requiring_permission($this->document, KTAPI_PERMISSION_WRITE);
  113 +
  114 + if (PEAR::isError($user))
  115 + {
  116 + return $user;
  117 + }
  118 +
  119 + if (!$this->document->getIsCheckedOut())
  120 + {
  121 + return new PEAR_Error(KTAPI_ERROR_DOCUMENT_NOT_CHECKED_OUT);
  122 + }
  123 +
  124 + $options = array('major_update'=>$major_update);
  125 +
  126 + $currentfilename = $this->document->getFileName();
  127 + if ($filename != $currentfilename)
  128 + {
  129 + $options['newfilename'] = $filename;
  130 + }
  131 +
  132 + DBUtil::startTransaction();
  133 + $result = KTDocumentUtil::checkin($this->document, $tempfilename, $reason, $user, $options);
  134 +
  135 + if (PEAR::isError($result))
  136 + {
  137 + DBUtil::rollback();
  138 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  139 + }
  140 + DBUtil::commit();
  141 +
  142 + $tempfilename=addslashes($tempfilename);
  143 + $sql = "DELETE FROM uploaded_files WHERE tempfilename='$tempfilename'";
  144 + $result = DBUtil::runQuery($sql);
  145 + if (PEAR::isError($result))
  146 + {
  147 + return $result;
  148 + }
  149 +
  150 + }
  151 +
  152 +
  153 + function is_checked_out()
  154 + {
  155 + return ($this->document->getIsCheckedOut());
  156 + }
  157 +
  158 + /**
  159 + * This reverses the checkout process.
  160 + *
  161 + * @param string $reason
  162 + */
  163 + function undo_checkout($reason)
  164 + {
  165 + $user = $this->can_user_access_object_requiring_permission($this->document, KTAPI_PERMISSION_WRITE);
  166 +
  167 + if (PEAR::isError($user))
  168 + {
  169 + return $user;
  170 + }
  171 +
  172 + if (!$this->document->getIsCheckedOut())
  173 + {
  174 + return new PEAR_Error(KTAPI_ERROR_DOCUMENT_NOT_CHECKED_OUT);
  175 + }
  176 +
  177 + DBUtil::startTransaction();
  178 +
  179 + $this->document->setIsCheckedOut(0);
  180 + $this->document->setCheckedOutUserID(-1);
  181 + $res = $this->document->update();
  182 + if (($res === false) || PEAR::isError($res))
  183 + {
  184 + DBUtil::rollback();
  185 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  186 + }
  187 +
  188 + $oDocumentTransaction = & new DocumentTransaction($this->document, $reason, 'ktcore.transactions.force_checkin');
  189 +
  190 + $res = $oDocumentTransaction->create();
  191 + if (($res === false) || PEAR::isError($res)) {
  192 + DBUtil::rollback();
  193 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  194 + }
  195 + DBUtil::commit();
  196 + }
  197 +
  198 + /**
  199 + * This returns a URL to the file that can be downloaded.
  200 + *
  201 + * @param string $reason
  202 + */
  203 + function checkout($reason)
  204 + {
  205 + $user = $this->can_user_access_object_requiring_permission($this->document, KTAPI_PERMISSION_WRITE);
  206 +
  207 + if (PEAR::isError($user))
  208 + {
  209 + return $user;
  210 + }
  211 +
  212 + if ($this->document->getIsCheckedOut())
  213 + {
  214 + return new PEAR_Error(KTAPI_ERROR_DOCUMENT_CHECKED_OUT);
  215 + }
  216 +
  217 + DBUtil::startTransaction();
  218 + $res = KTDocumentUtil::checkout($this->document, $reason, $user);
  219 + if (PEAR::isError($res))
  220 + {
  221 + DBUtil::rollback();
  222 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  223 + }
  224 +
  225 + DBUtil::commit();
  226 + }
  227 +
  228 + /**
  229 + * This deletes a document from the folder.
  230 + *
  231 + * @param string $reason
  232 + */
  233 + function delete($reason)
  234 + {
  235 + $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_DELETE);
  236 +
  237 + if (PEAR::isError($user))
  238 + {
  239 + return $user;
  240 + }
  241 +
  242 + if ($this->document->getIsCheckedOut())
  243 + {
  244 + return new PEAR_Error(KTAPI_ERROR_DOCUMENT_CHECKED_OUT);
  245 + }
  246 +
  247 + DBUtil::startTransaction();
  248 + $res = KTDocumentUtil::delete($this->document, $reason);
  249 + if (PEAR::isError($res))
  250 + {
  251 + DBUtil::rollback();
  252 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  253 + }
  254 +
  255 + DBUtil::commit();
  256 + }
  257 +
  258 + /**
  259 + * This changes the owner of the file.
  260 + *
  261 + * @param string $ktapi_newuser
  262 + */
  263 + function change_owner($newusername, $reason='Changing of owner.')
  264 + {
  265 + $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_CHANGE_OWNERSHIP);
  266 +
  267 + if (PEAR::isError($user))
  268 + {
  269 + return $user;
  270 + }
  271 +
  272 + DBUtil::startTransaction();
  273 +
  274 + $user = &User::getByUserName($newusername);
  275 + if (is_null($user) || PEAR::isError($user))
  276 + {
  277 + return new PEAR_Error('User could not be found');
  278 + }
  279 +
  280 + $newuserid = $user->getId();
  281 +
  282 + $this->document->setOwnerID($newuserid);
  283 +
  284 + $res = $this->document->update();
  285 +
  286 + if (PEAR::isError($res))
  287 + {
  288 + DBUtil::rollback();
  289 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  290 + }
  291 +
  292 + $res = KTPermissionUtil::updatePermissionLookup($this->document);
  293 + if (PEAR::isError($res))
  294 + {
  295 + DBUtil::rollback();
  296 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  297 + }
  298 +
  299 + $oDocumentTransaction = & new DocumentTransaction($this->document, $reason, 'ktcore.transactions.permissions_change');
  300 +
  301 + $res = $oDocumentTransaction->create();
  302 + if (($res === false) || PEAR::isError($res)) {
  303 + DBUtil::rollback();
  304 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  305 + }
  306 +
  307 + DBUtil::commit();
  308 + }
  309 +
  310 + /**
  311 + * This copies the document to another folder.
  312 + *
  313 + * @param KTAPI_Folder $ktapi_target_folder
  314 + * @param string $reason
  315 + * @param string $newname
  316 + * @param string $newfilename
  317 + */
  318 + function copy(&$ktapi_target_folder, $reason, $newname=null, $newfilename=null)
  319 + {
  320 + assert(!is_null($ktapi_target_folder));
  321 + assert(is_a($ktapi_target_folder,'KTAPI_Folder'));
  322 +
  323 + if (empty($newname))
  324 + {
  325 + $newname=null;
  326 + }
  327 + if (empty($newfilename))
  328 + {
  329 + $newfilename=null;
  330 + }
  331 +
  332 + $user = $this->ktapi->get_user();
  333 +
  334 + if ($this->document->getIsCheckedOut())
  335 + {
  336 + return new PEAR_Error(KTAPI_ERROR_DOCUMENT_CHECKED_OUT);
  337 + }
  338 +
  339 + $target_folder = &$ktapi_target_folder->get_folder();
  340 +
  341 + $result = $this->can_user_access_object_requiring_permission( $target_folder, KTAPI_PERMISSION_WRITE);
  342 +
  343 + if (PEAR::isError($result))
  344 + {
  345 + return $result;
  346 + }
  347 +
  348 + $name = $this->document->getName();
  349 + $clash = KTDocumentUtil::nameExists($target_folder, $name);
  350 + if ($clash && !is_null($newname))
  351 + {
  352 + $name = $newname;
  353 + $clash = KTDocumentUtil::nameExists($target_folder, $name);
  354 + }
  355 + if ($clash)
  356 + {
  357 + return new PEAR_Error('A document with this title already exists in your chosen folder. Please choose a different folder, or specify a new title for the copied document.');
  358 + }
  359 +
  360 + $filename=$this->document->getFilename();
  361 + $clash = KTDocumentUtil::fileExists($target_folder, $filename);
  362 +
  363 + if ($clash && !is_null($newname))
  364 + {
  365 + $filename = $newfilename;
  366 + $clash = KTDocumentUtil::fileExists($target_folder, $filename);
  367 + }
  368 + if ($clash)
  369 + {
  370 + return new PEAR_Error('A document with this filename already exists in your chosen folder. Please choose a different folder, or specify a new filename for the copied document.');
  371 + }
  372 +
  373 + DBUtil::startTransaction();
  374 +
  375 + $new_document = KTDocumentUtil::copy($this->document, $target_folder, $reason);
  376 + if (PEAR::isError($new_document))
  377 + {
  378 + DBUtil::rollback();
  379 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  380 + }
  381 +
  382 + $new_document->setName($name);
  383 + $new_document->setFilename($filename);
  384 +
  385 + $res = $new_document->update();
  386 +
  387 + if (PEAR::isError($res))
  388 + {
  389 + DBUtil::rollback();
  390 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  391 + }
  392 +
  393 + DBUtil::commit();
  394 +
  395 + // FIXME do we need to refactor all trigger usage into the util function?
  396 + $oKTTriggerRegistry = KTTriggerRegistry::getSingleton();
  397 + $aTriggers = $oKTTriggerRegistry->getTriggers('copyDocument', 'postValidate');
  398 + foreach ($aTriggers as $aTrigger) {
  399 + $sTrigger = $aTrigger[0];
  400 + $oTrigger = new $sTrigger;
  401 + $aInfo = array(
  402 + 'document' => $new_document,
  403 + 'old_folder' => $this->folder->get_folder(),
  404 + 'new_folder' => $target_folder,
  405 + );
  406 + $oTrigger->setInfo($aInfo);
  407 + $ret = $oTrigger->postValidate();
  408 + }
  409 + }
  410 +
  411 + /**
  412 + * This moves the document to another folder.
  413 + *
  414 + * @param KTAPI_Folder $ktapi_target_folder
  415 + * @param string $reason
  416 + * @param string $newname
  417 + * @param string $newfilename
  418 + */
  419 + function move(&$ktapi_target_folder, $reason, $newname=null, $newfilename=null)
  420 + {
  421 + assert(!is_null($ktapi_target_folder));
  422 + assert(is_a($ktapi_target_folder,'KTAPI_Folder'));
  423 +
  424 + if (empty($newname))
  425 + {
  426 + $newname=null;
  427 + }
  428 + if (empty($newfilename))
  429 + {
  430 + $newfilename=null;
  431 + }
  432 +
  433 + $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_DOCUMENT_MOVE);
  434 +
  435 + if (PEAR::isError($user))
  436 + {
  437 + return $user;
  438 + }
  439 +
  440 + if ($this->document->getIsCheckedOut())
  441 + {
  442 + return new PEAR_Error(KTAPI_ERROR_DOCUMENT_CHECKED_OUT);
  443 + }
  444 +
  445 + $target_folder = $ktapi_target_folder->get_folder();
  446 +
  447 + $result= $this->can_user_access_object_requiring_permission( $target_folder, KTAPI_PERMISSION_WRITE);
  448 +
  449 + if (PEAR::isError($result))
  450 + {
  451 + return $result;
  452 + }
  453 +
  454 + if (!KTDocumentUtil::canBeMoved($this->document))
  455 + {
  456 + return new PEAR_Error('Document cannot be moved.');
  457 + }
  458 +
  459 + $name = $this->document->getName();
  460 + $clash = KTDocumentUtil::nameExists($target_folder, $name);
  461 + if ($clash && !is_null($newname))
  462 + {
  463 + $name = $newname;
  464 + $clash = KTDocumentUtil::nameExists($target_folder, $name);
  465 + }
  466 + if ($clash)
  467 + {
  468 + return new PEAR_Error('A document with this title already exists in your chosen folder. Please choose a different folder, or specify a new title for the moved document.');
  469 + }
  470 +
  471 + $filename=$this->document->getFilename();
  472 + $clash = KTDocumentUtil::fileExists($target_folder, $filename);
  473 +
  474 + if ($clash && !is_null($newname))
  475 + {
  476 + $filename = $newfilename;
  477 + $clash = KTDocumentUtil::fileExists($target_folder, $filename);
  478 + }
  479 + if ($clash)
  480 + {
  481 + return new PEAR_Error('A document with this filename already exists in your chosen folder. Please choose a different folder, or specify a new filename for the moved document.');
  482 + }
  483 +
  484 + DBUtil::startTransaction();
  485 +
  486 + $res = KTDocumentUtil::move($this->document, $target_folder, $user, $reason);
  487 + if (PEAR::isError($res))
  488 + {
  489 + DBUtil::rollback();
  490 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  491 + }
  492 +
  493 + $this->document->setName($name);
  494 + $this->document->setFilename($filename);
  495 +
  496 + $res = $this->document->update();
  497 +
  498 + if (PEAR::isError($res))
  499 + {
  500 + DBUtil::rollback();
  501 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  502 + }
  503 +
  504 + DBUtil::commit();
  505 + }
  506 +
  507 + /**
  508 + * This changes the filename of the document.
  509 + *
  510 + * @param string $newname
  511 + */
  512 + function renameFile($newname)
  513 + {
  514 + $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WRITE);
  515 +
  516 + if (PEAR::isError($user))
  517 + {
  518 + return $user;
  519 + }
  520 +
  521 + DBUtil::startTransaction();
  522 + $res = KTDocumentUtil::rename($this->document, $newname, $user);
  523 + if (PEAR::isError($res))
  524 + {
  525 + DBUtil::rollback();
  526 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  527 + }
  528 + DBUtil::commit();
  529 + }
  530 +
  531 + /**
  532 + * This changes the document type of the document.
  533 + *
  534 + * @param string $newname
  535 + */
  536 + function change_document_type($documenttype)
  537 + {
  538 + $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WRITE);
  539 +
  540 + if (PEAR::isError($user))
  541 + {
  542 + return $user;
  543 + }
  544 +
  545 + $doctypeid = KTAPI::get_documenttypeid($documenttype);
  546 +
  547 + if ($this->document->getDocumentTypeId() != $doctypeid)
  548 + {
  549 + DBUtil::startTransaction();
  550 + $this->document->setDocumentTypeId($doctypeid);
  551 + $res = $this->document->update();
  552 +
  553 + if (PEAR::isError($res))
  554 + {
  555 + DBUtil::rollback();
  556 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  557 + }
  558 + DBUtil::commit();
  559 + }
  560 + }
  561 +
  562 + /**
  563 + * This changes the title of the document.
  564 + *
  565 + * @param string $newname
  566 + */
  567 + function rename($newname)
  568 + {
  569 + $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WRITE);
  570 +
  571 + if (PEAR::isError($user))
  572 + {
  573 + return $user;
  574 + }
  575 +
  576 + if ($this->document->getName() != $newname)
  577 + {
  578 +
  579 + DBUtil::startTransaction();
  580 + $this->document->setName($newname);
  581 + $res = $this->document->update();
  582 +
  583 + if (PEAR::isError($res))
  584 + {
  585 + DBUtil::rollback();
  586 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  587 + }
  588 + DBUtil::commit();
  589 + }
  590 + }
  591 +
  592 + /**
  593 + * This flags the document as 'archived'.
  594 + *
  595 + * @param string $reason
  596 + */
  597 + function archive($reason)
  598 + {
  599 + $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WRITE);
  600 +
  601 + if (PEAR::isError($user))
  602 + {
  603 + return $user;
  604 + }
  605 +
  606 + list($permission, $user) = $perm_and_user;
  607 +
  608 + DBUtil::startTransaction();
  609 + $this->document->setStatusID(ARCHIVED);
  610 + $res = $this->document->update();
  611 + if (($res === false) || PEAR::isError($res)) {
  612 + DBUtil::rollback();
  613 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  614 + }
  615 +
  616 + $oDocumentTransaction = & new DocumentTransaction($this->document, sprintf(_kt('Document archived: %s'), $reason), 'ktcore.transactions.update');
  617 + $oDocumentTransaction->create();
  618 +
  619 + DBUtil::commit();
  620 +
  621 + $oKTTriggerRegistry = KTTriggerRegistry::getSingleton();
  622 + $aTriggers = $oKTTriggerRegistry->getTriggers('archive', 'postValidate');
  623 + foreach ($aTriggers as $aTrigger)
  624 + {
  625 + $sTrigger = $aTrigger[0];
  626 + $oTrigger = new $sTrigger;
  627 + $aInfo = array(
  628 + 'document' => $this->document,
  629 + );
  630 + $oTrigger->setInfo($aInfo);
  631 + $ret = $oTrigger->postValidate();
  632 + }
  633 + }
  634 +
  635 + /**
  636 + * This starts a workflow on a document.
  637 + *
  638 + * @param string $workflow
  639 + */
  640 + function start_workflow($workflow)
  641 + {
  642 + $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WORKFLOW);
  643 +
  644 + if (PEAR::isError($user))
  645 + {
  646 + return $user;
  647 + }
  648 +
  649 + $workflowid = $this->document->getWorkflowId();
  650 +
  651 + if (!empty($workflowid))
  652 + {
  653 + return new PEAR_Error('A workflow is already defined.');
  654 + }
  655 +
  656 + $workflow = KTWorkflow::getByName($workflow);
  657 + if (is_null($workflow) || PEAR::isError($workflow))
  658 + {
  659 + return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);
  660 + }
  661 +
  662 + DBUtil::startTransaction();
  663 + $result = KTWorkflowUtil::startWorkflowOnDocument($workflow, $this->document);
  664 + if (is_null($result) || PEAR::isError($result))
  665 + {
  666 + DBUtil::rollback();
  667 + return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);
  668 + }
  669 + DBUtil::commit();
  670 + }
  671 +
  672 + /**
  673 + * This deletes the workflow on the document.
  674 + *
  675 + */
  676 + function delete_workflow()
  677 + {
  678 + $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WORKFLOW);
  679 +
  680 + if (PEAR::isError($user))
  681 + {
  682 + return $user;
  683 + }
  684 +
  685 + $workflowid=$this->document->getWorkflowId();
  686 + if (!empty($workflowid))
  687 + {
  688 + return new PEAR_Error(KTAPI_ERROR_WORKFLOW_NOT_IN_PROGRESS);
  689 + }
  690 +
  691 + DBUtil::startTransaction();
  692 + $result = KTWorkflowUtil::startWorkflowOnDocument(null, $this->document);
  693 + if (is_null($result) || PEAR::isError($result))
  694 + {
  695 + DBUtil::rollback();
  696 + return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);
  697 + }
  698 + DBUtil::commit();
  699 + }
  700 +
  701 + /**
  702 + * This performs a transition on the workflow
  703 + *
  704 + * @param string $transition
  705 + * @param string $reason
  706 + */
  707 + function perform_workflow_transition($transition, $reason)
  708 + {
  709 + $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WORKFLOW);
  710 +
  711 + if (PEAR::isError($user))
  712 + {
  713 + return $user;
  714 + }
  715 +
  716 + $workflowid=$this->document->getWorkflowId();
  717 + if (empty($workflowid))
  718 + {
  719 + return new PEAR_Error(KTAPI_ERROR_WORKFLOW_NOT_IN_PROGRESS);
  720 + }
  721 +
  722 + $transition = &KTWorkflowTransition::getByName($transition);
  723 + if (is_null($transition) || PEAR::isError($transition))
  724 + {
  725 + return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);
  726 + }
  727 +
  728 + DBUtil::startTransaction();
  729 + $result = KTWorkflowUtil::performTransitionOnDocument($transition, $this->document, $user, $reason);
  730 + if (is_null($result) || PEAR::isError($result))
  731 + {
  732 + DBUtil::rollback();
  733 + return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);
  734 + }
  735 + DBUtil::commit();
  736 + }
  737 +
  738 +
  739 +
  740 + /**
  741 + * This returns all metadata for the document.
  742 + *
  743 + * @return array
  744 + */
  745 + function get_metadata()
  746 + {
  747 + $doctypeid = $this->document->getDocumentTypeID();
  748 + $fieldsets = (array) KTMetadataUtil::fieldsetsForDocument($this->document, $doctypeid);
  749 +
  750 + $results = array();
  751 +
  752 + foreach ($fieldsets as $fieldset)
  753 + {
  754 + if ($fieldset->getIsConditional()) { /* this is not implemented...*/ continue; }
  755 +
  756 + $fields = $fieldset->getFields();
  757 + $result = array('fieldset' => $fieldset->getName(),
  758 + 'description' => $fieldset->getDescription());
  759 +
  760 + $fieldsresult = array();
  761 +
  762 + foreach ($fields as $field)
  763 + {
  764 + $value = 'n/a';
  765 +
  766 + $fieldvalue = DocumentFieldLink::getByDocumentAndField($this->document, $field);
  767 + if (!is_null($fieldvalue) && (!PEAR::isError($fieldvalue)))
  768 + {
  769 + $value = $fieldvalue->getValue();
  770 + }
  771 +
  772 + $controltype = 'string';
  773 + if ($field->getHasLookup())
  774 + {
  775 + $controltype = 'lookup';
  776 + if ($field->getHasLookupTree())
  777 + {
  778 + $controltype = 'tree';
  779 + }
  780 + }
  781 +
  782 + switch ($controltype)
  783 + {
  784 + case 'lookup':
  785 + $selection = KTAPI::get_metadata_lookup($field->getId());
  786 + break;
  787 + case 'tree':
  788 + $selection = KTAPI::get_metadata_tree($field->getId());
  789 + break;
  790 + default:
  791 + $selection= array();
  792 + }
  793 +
  794 +
  795 + $fieldsresult[] = array(
  796 + 'name' => $field->getName(),
  797 + 'required' => $field->getIsMandatory(),
  798 + 'value' => $value,
  799 + 'description' => $field->getDescription(),
  800 + 'control_type' => $controltype,
  801 + 'selection' => $selection
  802 +
  803 + );
  804 +
  805 + }
  806 + $result['fields'] = $fieldsresult;
  807 + $results [] = $result;
  808 + }
  809 +
  810 + return $results;
  811 + }
  812 +
  813 + /**
  814 + * This updates the metadata on the file. This includes the 'title'.
  815 + *
  816 + * @param array This is an array containing the metadata to be associated with the file.
  817 + */
  818 + function update_metadata($metadata)
  819 + {
  820 + $packed = array();
  821 +
  822 + foreach($metadata as $fieldset_metadata)
  823 + {
  824 + $fieldsetname=$fieldset_metadata['fieldset'];
  825 + $fieldset = KTFieldset::getByName($fieldsetname);
  826 + if (is_null($fieldset) || PEAR::isError($fieldset))
  827 + {
  828 + // exit graciously
  829 + continue;
  830 + }
  831 +
  832 + foreach($fieldset_metadata['fields'] as $fieldinfo)
  833 + {
  834 + $fieldname = $fieldinfo['name'];
  835 + $field = DocumentField::getByFieldsetAndName($fieldset, $fieldname);
  836 + if (is_null($field) || PEAR::isError($fieldset))
  837 + {
  838 + // exit graciously
  839 + continue;
  840 + }
  841 + $value = $fieldinfo['value'];
  842 +
  843 + $packed[] = array($field, $value);
  844 + }
  845 + }
  846 +
  847 + DBUtil::startTransaction();
  848 + $result = KTDocumentUtil::saveMetadata($this->document, $packed);
  849 +
  850 + if (is_null($result))
  851 + {
  852 + DBUtil::rollback();
  853 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  854 + }
  855 + if (PEAR::isError($result))
  856 + {
  857 + DBUtil::rollback();
  858 + return new PEAR_Error(sprintf(_kt("Unexpected validation failure: %s."), $result->getMessage()));
  859 + }
  860 + DBUtil::commit();
  861 + }
  862 +
  863 +
  864 + /**
  865 + * This returns a workflow transition
  866 + *
  867 + * @return array
  868 + */
  869 + function get_workflow_transitions()
  870 + {
  871 + $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WORKFLOW);
  872 +
  873 + if (PEAR::isError($user))
  874 + {
  875 + return $user;
  876 + }
  877 +
  878 + $workflowid=$this->document->getWorkflowId();
  879 + if (empty($workflowid))
  880 + {
  881 + return new PEAR_Error(KTAPI_ERROR_WORKFLOW_NOT_IN_PROGRESS);
  882 + }
  883 +
  884 + $result = array();
  885 +
  886 + $transitions = KTWorkflowUtil::getTransitionsForDocumentUser($this->document, $user);
  887 + if (is_null($transitions) || PEAR::isError($transitions))
  888 + {
  889 + return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);
  890 + }
  891 + foreach($transitions as $transition)
  892 + {
  893 + $result[] = $transition->getName();
  894 + }
  895 +
  896 + return $result;
  897 + }
  898 +
  899 + /**
  900 + * This returns the current workflow state
  901 + *
  902 + * @return string
  903 + */
  904 + function get_workflow_state()
  905 + {
  906 + $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WORKFLOW);
  907 +
  908 + if (PEAR::isError($user))
  909 + {
  910 + return $user;
  911 + }
  912 +
  913 + $workflowid=$this->document->getWorkflowId();
  914 + if (empty($workflowid))
  915 + {
  916 + return new PEAR_Error(KTAPI_ERROR_WORKFLOW_NOT_IN_PROGRESS);
  917 + }
  918 +
  919 + $result = array();
  920 +
  921 + $state = KTWorkflowUtil::getWorkflowStateForDocument($this->document);
  922 + if (is_null($state) || PEAR::isError($state))
  923 + {
  924 + return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);
  925 + }
  926 +
  927 + $statename = $state->getName();
  928 +
  929 + return $statename;
  930 +
  931 + }
  932 +
  933 + /**
  934 + * This returns detailed information on the document.
  935 + *
  936 + * @return array
  937 + */
  938 + function get_detail()
  939 + {
  940 + $detail = array();
  941 + $document = $this->document;
  942 +
  943 + $detail['title'] = $document->getName();
  944 +
  945 + $documenttypeid=$document->getDocumentTypeID();
  946 + if (is_numeric($documenttypeid))
  947 + {
  948 + $documenttype = DocumentType::get($documenttypeid);
  949 +
  950 + $documenttype=$documenttype->getName();
  951 + }
  952 + else
  953 + {
  954 + $documenttype = '* unknown *';
  955 + }
  956 + $detail['document_type'] = $documenttype;
  957 +
  958 + $detail['version'] = $document->getVersion();
  959 + $detail['filename'] = $document->getFilename();
  960 +
  961 + $detail['created_date'] = $document->getCreatedDateTime();
  962 +
  963 + $userid = $document->getCreatorID();
  964 + if (is_numeric($userid))
  965 + {
  966 + $user = User::get($userid);
  967 + $username=(is_null($user) || PEAR::isError($user))?'* unknown *':$user->getName();
  968 + }
  969 + else
  970 + {
  971 + $username='n/a';
  972 + }
  973 + $detail['created_by'] = $username;
  974 + $detail['updated_date'] = $document->getLastModifiedDate();
  975 +
  976 + $userid = $document->getModifiedUserId();
  977 + if (is_numeric($userid))
  978 + {
  979 + $user = User::get($userid);
  980 + $username=(is_null($user) || PEAR::isError($user))?'* unknown *':$user->getName();
  981 + }
  982 + else
  983 + {
  984 + $username='n/a';
  985 + }
  986 + $detail['updated_by'] = $username;
  987 + $detail['document_id'] = (int) $document->getId();
  988 + $detail['folder_id'] = (int) $document->getFolderID();
  989 +
  990 + $workflowid = $document->getWorkflowId();
  991 + if (is_numeric($workflowid))
  992 + {
  993 + $workflow = KTWorkflow::get($workflowid);
  994 + $workflowname=(is_null($workflow) || PEAR::isError($workflow))?'* unknown *':$workflow->getName();
  995 + }
  996 + else
  997 + {
  998 + $workflowname='n/a';
  999 + }
  1000 + $detail['workflow'] = $workflowname;
  1001 +
  1002 + $stateid = $document->getWorkflowStateId();
  1003 + if (is_numeric($stateid))
  1004 + {
  1005 + $state = KTWorkflowState::get($stateid);
  1006 + $workflowstate=(is_null($state) || PEAR::isError($state))?'* unknown *':$state->getName();
  1007 + }
  1008 + else
  1009 + {
  1010 + $workflowstate = 'n/a';
  1011 + }
  1012 + $detail['workflow_state']=$workflowstate;
  1013 +
  1014 + $userid = $document->getCheckedOutUserID();
  1015 +
  1016 + if (is_numeric($userid))
  1017 + {
  1018 + $user = User::get($userid);
  1019 + $username=(is_null($user) || PEAR::isError($user))?'* unknown *':$user->getName();
  1020 + }
  1021 + else
  1022 + {
  1023 + $username = 'n/a';
  1024 + }
  1025 + $detail['checkout_by'] = $username;
  1026 +
  1027 + $detail['full_path'] = $this->ktapi_folder->get_full_path() . '/' . $this->get_title();
  1028 +
  1029 + return $detail;
  1030 + }
  1031 +
  1032 + function get_title()
  1033 + {
  1034 + return $this->document->getDescription();
  1035 + }
  1036 +
  1037 + /**
  1038 + * This does a download of a version of the document.
  1039 + *
  1040 + * @param string $version
  1041 + */
  1042 + function download($version=null)
  1043 + {
  1044 + $storage =& KTStorageManagerUtil::getSingleton();
  1045 + $options = array();
  1046 +
  1047 +
  1048 + $oDocumentTransaction = & new DocumentTransaction($this->document, 'Document downloaded', 'ktcore.transactions.download', $aOptions);
  1049 + $oDocumentTransaction->create();
  1050 + }
  1051 +
  1052 + /**
  1053 + * This returns the transaction history for the document.
  1054 + *
  1055 + * @return array
  1056 + */
  1057 + function get_transaction_history()
  1058 + {
  1059 + $sQuery = 'SELECT DTT.name AS transaction_name, U.name AS username, DT.version AS version, DT.comment AS comment, DT.datetime AS datetime ' .
  1060 + 'FROM ' . KTUtil::getTableName('document_transactions') . ' AS DT INNER JOIN ' . KTUtil::getTableName('users') . ' AS U ON DT.user_id = U.id ' .
  1061 + 'INNER JOIN ' . KTUtil::getTableName('transaction_types') . ' AS DTT ON DTT.namespace = DT.transaction_namespace ' .
  1062 + 'WHERE DT.document_id = ? ORDER BY DT.datetime DESC';
  1063 + $aParams = array($this->documentid);
  1064 +
  1065 + $transactions = DBUtil::getResultArray(array($sQuery, $aParams));
  1066 + if (is_null($transactions) || PEAR::isError($transactions))
  1067 + {
  1068 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  1069 + }
  1070 +
  1071 + return $transactions;
  1072 + }
  1073 +
  1074 + /**
  1075 + * This returns the version history on the document.
  1076 + *
  1077 + * @return array
  1078 + */
  1079 + function get_version_history()
  1080 + {
  1081 + $metadata_versions = KTDocumentMetadataVersion::getByDocument($this->document);
  1082 +
  1083 + $versions = array();
  1084 + foreach ($metadata_versions as $version)
  1085 + {
  1086 + $document = &Document::get($this->documentid, $version->getId());
  1087 +
  1088 + $version = array();
  1089 +
  1090 + $userid = $document->getModifiedUserId();
  1091 + $user = User::get($userid);
  1092 +
  1093 + $version['user'] = $user->getName();
  1094 + $version['metadata_version'] = $document->getMetadataVersion();
  1095 + $version['content_version'] = $document->getVersion();
  1096 +
  1097 + $versions[] = $version;
  1098 + }
  1099 + return $versions;
  1100 + }
  1101 +
  1102 + /**
  1103 + * This expunges a document from the system.
  1104 + *
  1105 + * @access public
  1106 + */
  1107 + function expunge()
  1108 + {
  1109 + if ($this->document->getStatusID() != 3)
  1110 + {
  1111 + return new PEAR_Error('You should not purge this');
  1112 + }
  1113 + DBUtil::startTransaction();
  1114 +
  1115 + $transaction = & new DocumentTransaction($this->document, "Document expunged", 'ktcore.transactions.expunge');
  1116 +
  1117 + $transaction->create();
  1118 +
  1119 + $this->document->delete();
  1120 +
  1121 + $this->document->cleanupDocumentData($this->documentid);
  1122 +
  1123 + $storage =& KTStorageManagerUtil::getSingleton();
  1124 +
  1125 + $result= $storage->expunge($this->document);
  1126 +
  1127 + DBUtil::commit();
  1128 + }
  1129 +
  1130 + /**
  1131 + * This expunges a document from the system.
  1132 + *
  1133 + * @access public
  1134 + */
  1135 + function restore()
  1136 + {
  1137 + DBUtil::startTransaction();
  1138 +
  1139 + $storage =& KTStorageManagerUtil::getSingleton();
  1140 +
  1141 + $folder = Folder::get($this->document->getRestoreFolderId());
  1142 + if (PEAR::isError($folder))
  1143 + {
  1144 + $this->document->setFolderId(1);
  1145 + $folder = Folder::get(1);
  1146 + }
  1147 + else
  1148 + {
  1149 + $this->document->setFolderId($this->document->getRestoreFolderId());
  1150 + }
  1151 +
  1152 + $storage->restore($this->document);
  1153 +
  1154 + $this->document->setStatusId(LIVE);
  1155 + $this->document->setPermissionObjectId($folder->getPermissionObjectId());
  1156 + $res = $this->document->update();
  1157 +
  1158 + $res = KTPermissionUtil::updatePermissionLookup($this->document);
  1159 +
  1160 + $user = $this->ktapi->get_user();
  1161 +
  1162 + $oTransaction = new DocumentTransaction($this->document, 'Restored from deleted state by ' . $user->getName(), 'ktcore.transactions.update');
  1163 + $oTransaction->create();
  1164 +
  1165 + DBUtil::commit();
  1166 + }
  1167 +}
  1168 +?>
0 1169 \ No newline at end of file
... ...
ktapi/KTAPIFolder.inc.php 0 → 100644
  View file @75f7070
  1 +<?
  2 +
  3 +
  4 +class KTAPI_Folder extends KTAPI_FolderItem
  5 +{
  6 + /**
  7 + * This is a reference to a base Folder object.
  8 + *
  9 + * @access private
  10 + * @var Folder
  11 + */
  12 + var $folder;
  13 +
  14 + /**
  15 + * This is the id of the folder on the database.
  16 + *
  17 + * @access private
  18 + * @var int
  19 + */
  20 + var $folderid;
  21 +
  22 + /**
  23 + * This is used to get a folder based on a folder id.
  24 + *
  25 + * @access private
  26 + * @param KTAPI $ktapi
  27 + * @param int $folderid
  28 + * @return KTAPI_Folder
  29 + */
  30 + function &get(&$ktapi, $folderid)
  31 + {
  32 + assert(!is_null($ktapi));
  33 + assert(is_a($ktapi, 'KTAPI'));
  34 + assert(is_numeric($folderid));
  35 +
  36 + $folderid += 0;
  37 +
  38 + $folder = &Folder::get($folderid);
  39 + if (is_null($folder) || PEAR::isError($folder))
  40 + {
  41 + return new PEAR_Error(KTAPI_ERROR_FOLDER_INVALID);
  42 + }
  43 +
  44 + $user = $ktapi->can_user_access_object_requiring_permission($folder, KTAPI_PERMISSION_READ);
  45 +
  46 + if (is_null($user) || PEAR::isError($user))
  47 + {
  48 + return $user;
  49 + }
  50 +
  51 + return new KTAPI_Folder($ktapi, $folder);
  52 + }
  53 +
  54 + /**
  55 + * This is the constructor for the KTAPI_Folder.
  56 + *
  57 + * @access private
  58 + * @param KTAPI $ktapi
  59 + * @param Folder $folder
  60 + * @return KTAPI_Folder
  61 + */
  62 + function KTAPI_Folder(&$ktapi, &$folder)
  63 + {
  64 + $this->ktapi = &$ktapi;
  65 + $this->folder = &$folder;
  66 + $this->folderid = $folder->getId();
  67 + }
  68 +
  69 + /**
  70 + * This returns a reference to the internal folder object.
  71 + *
  72 + * @access protected
  73 + * @return Folder
  74 + */
  75 + function &get_folder()
  76 + {
  77 + return $this->folder;
  78 + }
  79 +
  80 +
  81 + /**
  82 + * This returns detailed information on the document.
  83 + *
  84 + * @return array
  85 + */
  86 + function get_detail()
  87 + {
  88 + $detail = array(
  89 + 'id'=>(int) $this->folderid,
  90 + 'folder_name'=>$this->get_folder_name(),
  91 + 'parent_id'=>(int) $this->get_parent_folder_id(),
  92 + 'full_path'=>$this->get_full_path(),
  93 + );
  94 +
  95 + return $detail;
  96 + }
  97 +
  98 + function get_parent_folder_id()
  99 + {
  100 + return (int) $this->folder->getParentID();
  101 + }
  102 +
  103 + function get_folder_name()
  104 + {
  105 + return $this->folder->getFolderName($this->folderid);
  106 + }
  107 +
  108 +
  109 + /**
  110 + * This returns the folderid.
  111 + *
  112 + * @return int
  113 + */
  114 + function get_folderid()
  115 + {
  116 + return (int) $this->folderid;
  117 + }
  118 +
  119 + /**
  120 + * This can resolve a folder relative to the current directy by name
  121 + *
  122 + * @access public
  123 + * @param string $foldername
  124 + * @return KTAPI_Folder
  125 + */
  126 + function &get_folder_by_name($foldername)
  127 + {
  128 + $foldername=trim($foldername);
  129 + if (empty($foldername))
  130 + {
  131 + return new PEAR_Error('A valid folder name must be specified.');
  132 + }
  133 +
  134 + $split = explode('/', $foldername);
  135 +
  136 + $folderid=$this->folderid;
  137 + foreach($split as $foldername)
  138 + {
  139 + if (empty($foldername))
  140 + {
  141 + continue;
  142 + }
  143 + $sql = "SELECT id FROM folders WHERE name='$foldername' and parent_id=$folderid";
  144 + $row = DBUtil::getOneResult($sql);
  145 + if (is_null($row) || PEAR::isError($row))
  146 + {
  147 + return new PEAR_Error(KTAPI_ERROR_FOLDER_INVALID);
  148 + }
  149 + $folderid = $row['id'];
  150 + }
  151 +
  152 + return KTAPI_Folder::get($this->ktapi, $folderid);
  153 + }
  154 +
  155 + function get_full_path()
  156 + {
  157 + $path = $this->folder->getFullPath() . '/' . $this->folder->getName();
  158 +
  159 + return $path;
  160 + }
  161 +
  162 + /**
  163 + * This gets a document by filename or name.
  164 + *
  165 + * @access private
  166 + * @param string $documentname
  167 + * @param string $function
  168 + * @return KTAPI_Document
  169 + */
  170 + function &_get_document_by_name($documentname, $function='getByNameAndFolder')
  171 + {
  172 + $documentname=trim($documentname);
  173 + if (empty($documentname))
  174 + {
  175 + return new PEAR_Error('A valid document name must be specified.');
  176 + }
  177 +
  178 + $foldername = dirname($documentname);
  179 + $documentname = basename($documentname);
  180 +
  181 + $ktapi_folder = $this;
  182 +
  183 + if (!empty($foldername) && ($foldername != '.'))
  184 + {
  185 + $ktapi_folder = $this->get_folder_by_name($foldername);
  186 + }
  187 +
  188 + if (is_null($ktapi_folder) || PEAR::isError($ktapi_folder))
  189 + {
  190 + return new PEAR_Error(KTAPI_ERROR_FOLDER_INVALID);
  191 + }
  192 +
  193 + //$folder = $ktapi_folder->get_folder();
  194 + $folderid = $ktapi_folder->folderid;
  195 +
  196 + $document = Document::$function($documentname, $folderid);
  197 + if (is_null($document) || PEAR::isError($document))
  198 + {
  199 + return new PEAR_Error(KTAPI_ERROR_DOCUMENT_INVALID);
  200 + }
  201 +
  202 + $user = $this->can_user_access_object_requiring_permission($document, KTAPI_PERMISSION_READ);
  203 + if (PEAR::isError($user))
  204 + {
  205 + return $user;
  206 + }
  207 +
  208 + return new KTAPI_Document($this->ktapi, $ktapi_folder, $document);
  209 + }
  210 +
  211 + /**
  212 + * This can resolve a document relative to the current directy by name.
  213 + *
  214 + * @access public
  215 + * @param string $documentname
  216 + * @return KTAPI_Document
  217 + */
  218 + function &get_document_by_name($documentname)
  219 + {
  220 + return $this->_get_document_by_name($documentname,'getByNameAndFolder');
  221 + }
  222 +
  223 + /**
  224 + * This can resolve a document relative to the current directy by filename .
  225 + *
  226 + * @access public
  227 + * @param string $documentname
  228 + * @return KTAPI_Document
  229 + */
  230 + function &get_document_by_filename($documentname)
  231 + {
  232 + return $this->_get_document_by_name($documentname,'getByFilenameAndFolder');
  233 + }
  234 +
  235 + function get_listing($depth=1, $what='DF')
  236 + {
  237 + if ($depth < 1)
  238 + {
  239 + return array();
  240 + }
  241 + $permission = &KTPermission::getByName(KTAPI_PERMISSION_READ);
  242 + $permissionid= $permission->getId();
  243 +
  244 + $user = $this->ktapi->get_user();
  245 + $descriptors=KTPermissionUtil::getPermissionDescriptorsForUser($user);
  246 + if (is_null($descriptors) || PEAR::isError($descriptors))
  247 + {
  248 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR . ': problem with descriptors for user');
  249 + }
  250 + if (count($descriptors == 0))
  251 + {
  252 + $descriptors=array(0);
  253 + }
  254 +
  255 + $aPermissionDescriptors = implode(',',$descriptors);
  256 +
  257 + $sql = '';
  258 + if (strpos($what,'D') !== false)
  259 + {
  260 + $sql .= "SELECT
  261 + d.id,
  262 + 'D' as item_type,
  263 + dmv.name as title,
  264 + ifnull(uc.name, 'n/a') AS creator,
  265 + ifnull(cou.name, 'n/a') AS checkedoutby,
  266 + ifnull(mu.name, 'n/a') AS modifiedby,
  267 + dcv.filename,
  268 + dcv.size,
  269 + dcv.major_version,
  270 + dcv.minor_version,
  271 + dcv.storage_path,
  272 + ifnull(mt.mimetypes, 'unknown') as mime_type,
  273 + ifnull(mt.icon_path, 'unknown') as mime_icon_path,
  274 + ifnull(mt.friendly_name, 'unknown') as mime_display
  275 + FROM
  276 + documents d
  277 + INNER JOIN permission_lookups AS PL ON d.permission_lookup_id = PL.id
  278 + INNER JOIN permission_lookup_assignments AS PLA ON PL.id = PLA.permission_lookup_id AND PLA.permission_id = $permissionid
  279 + INNER JOIN document_metadata_version AS dmv ON d.metadata_version_id=dmv.id
  280 + INNER JOIN document_content_version AS dcv ON dmv.content_version_id=dcv.id
  281 + LEFT OUTER JOIN mime_types mt ON dcv.mime_id = mt.id
  282 + LEFT OUTER JOIN users AS uc ON d.creator_id=uc.id
  283 + LEFT OUTER JOIN users AS cou ON d.checked_out_user_id=cou.id
  284 + LEFT OUTER JOIN users AS mu ON d.modified_user_id=mu.id
  285 + WHERE
  286 + d.folder_id=$this->folderid
  287 + AND d.status_id = 1
  288 + AND PLA.permission_descriptor_id IN ($aPermissionDescriptors)";
  289 + }
  290 +
  291 + if (strpos($what,'F') !== false)
  292 + {
  293 + if (strpos($what,'D') !== false)
  294 + {
  295 + $sql .= ' UNION ';
  296 + }
  297 +
  298 + $sql .= "
  299 + SELECT
  300 + f.id,
  301 + 'F' as item_type,
  302 + f.name as title,
  303 + ifnull(uc.name, 'n/a') AS creator,
  304 + 'n/a' checkedoutby,
  305 + 'n/a' AS modifiedby,
  306 + f.name as filename,
  307 + 'n/a' as size,
  308 + 'n/a' as major_version,
  309 + 'n/a' as minor_version,
  310 + 'n/a' as storage_path,
  311 + 'folder' as mime_type,
  312 + 'folder' as mime_icon_path,
  313 + 'Folder' as mime_display
  314 + FROM
  315 + folders f
  316 + INNER JOIN permission_lookups AS PL ON f.permission_lookup_id = PL.id
  317 + INNER JOIN permission_lookup_assignments AS PLA ON PL.id = PLA.permission_lookup_id AND PLA.permission_id = $permissionid
  318 + LEFT OUTER JOIN users AS uc ON f.creator_id=uc.id
  319 +
  320 + WHERE
  321 + f.parent_id=$this->folderid
  322 +
  323 + AND PLA.permission_descriptor_id IN ($aPermissionDescriptors)
  324 + ORDER BY item_type DESC, title, filename
  325 + ";
  326 + }
  327 +
  328 + $contents = DBUtil::getResultArray($sql);
  329 + if (is_null($contents) || PEAR::isError($contents))
  330 + {
  331 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  332 + }
  333 +
  334 + $num_items = count($contents);
  335 + for($i=0;$i<$num_items;$i++)
  336 + {
  337 + $contents[$i]['id'] = (int) $contents[$i]['id'];
  338 + if ($contents[$i]['item_type'] == 'D')
  339 + {
  340 + $contents[$i]['items'] = array();
  341 + }
  342 + else
  343 + {
  344 + if ($depth-1 > 0)
  345 + {
  346 + $folder = &$this->ktapi->get_folder_by_id($item['id']);
  347 + $contents[$i]['items'] = $folder->get_listing($depth-1);
  348 + }
  349 + else
  350 + {
  351 + $contents[$i]['items'] = array();
  352 + }
  353 + }
  354 + }
  355 +
  356 + return $contents;
  357 + }
  358 +
  359 + /**
  360 + * This adds a document to the current folder.
  361 + *
  362 + * @access public
  363 + * @param string $title This is the title for the file in the repository.
  364 + * @param string $filename This is the filename in the system for the file.
  365 + * @param string $documenttype This is the name or id of the document type. It first looks by name, then by id.
  366 + * @param string $tempfilename This is a reference to the file that is accessible locally on the file system.
  367 + * @return KTAPI_Document
  368 + */
  369 + function &add_document($title, $filename, $documenttype, $tempfilename)
  370 + {
  371 + if (!is_file($tempfilename))
  372 + {
  373 + return new PEAR_Error('File does not exist.');
  374 + }
  375 +
  376 + $user = $this->can_user_access_object_requiring_permission($this->folder, KTAPI_PERMISSION_WRITE);
  377 + if (PEAR::isError($user))
  378 + {
  379 + return $user;
  380 + }
  381 +
  382 + $filename = basename($filename);
  383 + $documenttypeid = KTAPI::get_documenttypeid($documenttype);
  384 +
  385 + $options = array(
  386 + 'contents' => new KTFSFileLike($tempfilename),
  387 + 'novalidate' => true,
  388 + 'documenttype' => DocumentType::get($documenttypeid),
  389 + 'description' => $title,
  390 + 'metadata'=>array(),
  391 + 'cleanup_initial_file' => true
  392 + );
  393 +
  394 + DBUtil::startTransaction();
  395 + $document =& KTDocumentUtil::add($this->folder, $filename, $user, $options);
  396 +
  397 + if (!is_a($document,'Document'))
  398 + {
  399 + DBUtil::rollback();
  400 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  401 + }
  402 + DBUtil::commit();
  403 +
  404 + $tempfilename=addslashes($tempfilename);
  405 + $sql = "DELETE FROM uploaded_files WHERE tempfilename='$tempfilename'";
  406 + $result = DBUtil::runQuery($sql);
  407 + if (PEAR::isError($result))
  408 + {
  409 + return $result;
  410 + }
  411 +
  412 + return new KTAPI_Document($this->ktapi, $this, $document);
  413 + }
  414 +
  415 + /**
  416 + * This adds a subfolder folder to the current folder.
  417 + *
  418 + * @access public
  419 + * @param string $foldername
  420 + * @return KTAPI_Folder
  421 + */
  422 + function &add_folder($foldername)
  423 + {
  424 + $user = $this->can_user_access_object_requiring_permission($this->folder, KTAPI_PERMISSION_ADD_FOLDER);
  425 +
  426 + if (PEAR::isError($user))
  427 + {
  428 + return $user;
  429 + }
  430 +
  431 + DBUtil::startTransaction();
  432 + $result = KTFolderUtil::add($this->folder, $foldername, $user);
  433 +
  434 + if (PEAR::isError($result))
  435 + {
  436 + DBUtil::rollback();
  437 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  438 + }
  439 + DBUtil::commit();
  440 + $folderid = $result->getId();
  441 +
  442 + return $this->ktapi->get_folder_by_id($folderid);
  443 + }
  444 +
  445 + /**
  446 + * This deletes the current folder.
  447 + *
  448 + * @param string $reason
  449 + */
  450 + function delete($reason)
  451 + {
  452 + $user = $this->can_user_access_object_requiring_permission($this->folder, KTAPI_PERMISSION_DELETE);
  453 + if (PEAR::isError($user))
  454 + {
  455 + return $user;
  456 + }
  457 +
  458 + if ($this->folderid == 1)
  459 + {
  460 + return new PEAR_Error('Cannot delete root folder!');
  461 + }
  462 +
  463 + DBUtil::startTransaction();
  464 + $result = KTFolderUtil::delete($this->folder, $user, $reason);
  465 +
  466 + if (PEAR::isError($result))
  467 + {
  468 + DBUtil::rollback();
  469 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  470 + }
  471 + DBUtil::commit();
  472 + }
  473 +
  474 + /**
  475 + * This renames the folder
  476 + *
  477 + * @param string $newname
  478 + */
  479 + function rename($newname)
  480 + {
  481 + $user = $this->can_user_access_object_requiring_permission($this->folder, KTAPI_PERMISSION_RENAME_FOLDER);
  482 + if (PEAR::isError($user))
  483 + {
  484 + return $user;
  485 + }
  486 +
  487 + DBUtil::startTransaction();
  488 + $result = KTFolderUtil::rename($this->folder, $newname, $user);
  489 +
  490 + if (PEAR::isError($result))
  491 + {
  492 + DBUtil::rollback();
  493 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  494 + }
  495 + DBUtil::commit();
  496 + }
  497 +
  498 + /**
  499 + * This moves the folder to another location.
  500 + *
  501 + * @param KTAPI_Folder $ktapi_target_folder
  502 + * @param string $reason
  503 + */
  504 + function move($ktapi_target_folder, $reason='')
  505 + {
  506 + assert(!is_null($ktapi_target_folder));
  507 + assert(is_a($ktapi_target_folder,'KTAPI_Folder'));
  508 +
  509 + $user = $this->ktapi->get_user();
  510 +
  511 + $target_folder = $ktapi_target_folder->get_folder();
  512 +
  513 + $result = $this->can_user_access_object_requiring_permission($target_folder, KTAPI_PERMISSION_WRITE);
  514 + if (PEAR::isError($result))
  515 + {
  516 + return $result;
  517 + }
  518 +
  519 + DBUtil::startTransaction();
  520 + $result = KTFolderUtil::copy($this->folder, $target_folder, $user, $reason);
  521 +
  522 + if (PEAR::isError($result))
  523 + {
  524 + DBUtil::rollback();
  525 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  526 + }
  527 + DBUtil::commit();
  528 + }
  529 +
  530 + /**
  531 + * This copies a folder to another location.
  532 + *
  533 + * @param KTAPI_Folder $ktapi_target_folder
  534 + * @param string $reason
  535 + */
  536 + function copy($ktapi_target_folder, $reason='')
  537 + {
  538 + assert(!is_null($ktapi_target_folder));
  539 + assert(is_a($ktapi_target_folder,'KTAPI_Folder'));
  540 +
  541 + $user = $this->ktapi->get_user();
  542 +
  543 + $target_folder = $ktapi_target_folder->get_folder();
  544 +
  545 + $result =$this->can_user_access_object_requiring_permission($target_folder, KTAPI_PERMISSION_WRITE);
  546 +
  547 + if (PEAR::isError($result))
  548 + {
  549 + return $result;
  550 + }
  551 +
  552 + DBUtil::startTransaction();
  553 + $result = KTFolderUtil::copy($this->folder, $target_folder, $user, $reason);
  554 +
  555 + if (PEAR::isError($result))
  556 + {
  557 + DBUtil::rollback();
  558 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  559 + }
  560 + DBUtil::commit();
  561 + }
  562 +
  563 + /**
  564 + * This returns all permissions linked to the folder.
  565 + *
  566 + * @access public
  567 + * @return array
  568 + */
  569 + function get_permissions()
  570 + {
  571 + return new PEAR_Error('TODO');
  572 + }
  573 +
  574 + /**
  575 + * This returns a transaction history listing.
  576 + *
  577 + * @access public
  578 + * @return array
  579 + */
  580 + function get_transaction_history()
  581 + {
  582 + return new PEAR_Error('TODO');
  583 + }
  584 +}
  585 +
  586 +?>
0 587 \ No newline at end of file
... ...
ktapi/KTAPISession.inc.php 0 → 100644
  View file @75f7070
  1 +<?
  2 +
  3 +class KTAPI_Session
  4 +{
  5 + var $ktapi;
  6 + var $user = null;
  7 + var $session = '';
  8 + var $sessionid = -1;
  9 + var $active;
  10 +
  11 + function KTAPI_Session(&$ktapi, &$user)
  12 + {
  13 + assert(!is_null($ktapi));
  14 + assert(is_a($ktapi,'KTAPI'));
  15 + assert(!is_null($user));
  16 + assert(is_a($user,'User'));
  17 +
  18 + $this->ktapi=&$ktapi;
  19 + $this->user=&$user;
  20 + $this->active = false;
  21 + }
  22 +
  23 + /**
  24 + * return the session string
  25 + *
  26 + * @return string
  27 + */
  28 + function get_session()
  29 + {
  30 + die('get_session() should be overloaded!');
  31 + }
  32 +
  33 + /**
  34 + * Return the session id
  35 + *
  36 + * @return int
  37 + */
  38 + function get_sessionid()
  39 + {
  40 + die('get_sessionid() should be overloaded!');
  41 + }
  42 +
  43 + /**
  44 + * Return the user
  45 + *
  46 + * @return User
  47 + */
  48 + function &get_user()
  49 + {
  50 + return $this->user;
  51 + }
  52 +
  53 + function logout()
  54 + {
  55 + $this->active=false;
  56 + // don't need to do anything really
  57 + }
  58 +
  59 + function is_active()
  60 + {
  61 + return $this->active;
  62 + }
  63 +
  64 +}
  65 +
  66 +
  67 +class KTAPI_UserSession extends KTAPI_Session
  68 +{
  69 + var $ip = null;
  70 +
  71 + function KTAPI_UserSession(&$ktapi, &$user, $session, $sessionid, $ip)
  72 + {
  73 + parent::KTAPI_Session($ktapi, $user);
  74 +
  75 + $this->ktapi = &$ktapi;
  76 + $this->user = &$user;
  77 + $this->session = $session;
  78 + $this->sessionid = $sessionid;
  79 + $this->ip = $ip;
  80 +
  81 + // TODO: get documenttransaction to not look at the session variable!
  82 + $_SESSION["userID"] = $user->getId();
  83 + $_SESSION["sessionID"] = $this->sessionid;
  84 + $this->active = true;
  85 + }
  86 +
  87 + /**
  88 + * This returns the session string
  89 + *
  90 + * @return string
  91 + */
  92 + function get_session()
  93 + {
  94 + return $this->session;
  95 + }
  96 +
  97 + /**
  98 + * This returns the sessionid in the database.
  99 + *
  100 + * @return int
  101 + */
  102 + function get_sessionid()
  103 + {
  104 + return $this->sessionid;
  105 + }
  106 +
  107 + /**
  108 + * This resolves the user's ip
  109 + *
  110 + * @access private
  111 + * @return string
  112 + */
  113 + function resolveIP()
  114 + {
  115 + if (getenv("REMOTE_ADDR"))
  116 + {
  117 + $ip = getenv("REMOTE_ADDR");
  118 + }
  119 + elseif (getenv("HTTP_X_FORWARDED_FOR"))
  120 + {
  121 + $forwardedip = getenv("HTTP_X_FORWARDED_FOR");
  122 + list($ip,$ip2,$ip3,$ip4)= split (",", $forwardedip);
  123 + }
  124 + elseif (getenv("HTTP_CLIENT_IP"))
  125 + {
  126 + $ip = getenv("HTTP_CLIENT_IP");
  127 + }
  128 +
  129 + if ($ip == '')
  130 + {
  131 + $ip = '127.0.0.1';
  132 + }
  133 +
  134 + return $ip;
  135 + }
  136 +
  137 + /**
  138 + *
  139 + * @access protected
  140 + * @static
  141 + * @param User $user
  142 + */
  143 + function _check_session(&$user)
  144 + {
  145 + session_start();
  146 +
  147 + $user_id = $user->getId();
  148 +
  149 + $sql = "SELECT count(*) >= u.max_sessions as over_limit FROM active_sessions ass INNER JOIN users u ON ass.user_id=u.id WHERE ass.user_id = $user_id";
  150 + $row = DBUtil::getOneResult($sql);
  151 + if (PEAR::isError($row))
  152 + {
  153 + return $row;
  154 + }
  155 + if (is_null($row))
  156 + {
  157 + return new PEAR_Error('No record found for user?');
  158 + }
  159 + if ($row['over_limit'] == 1)
  160 + {
  161 + return new PEAR_Error('Session limit exceeded. Logout of any active sessions.');
  162 + }
  163 +
  164 + $session = session_id();
  165 +
  166 + $sessionid = DBUtil::autoInsert('active_sessions',
  167 + array(
  168 + 'user_id' => $user_id,
  169 + 'session_id' => session_id(),
  170 + 'lastused' => date('Y-m-d H:i:s'),
  171 + 'ip' => $ip
  172 + ));
  173 + if (PEAR::isError($sessionid) )
  174 + {
  175 + return $sessionid;
  176 + }
  177 +
  178 + return array($session,$sessionid);
  179 + }
  180 +
  181 +
  182 + /**
  183 + * This returns a session object based on authentication credentials.
  184 + *
  185 + * @access public
  186 + * @static
  187 + * @param string $username
  188 + * @param string $password
  189 + * @return KTAPI_Session
  190 + */
  191 + function &start_session(&$ktapi, $username, $password, $ip=null)
  192 + {
  193 + $this->active=false;
  194 + if ( empty($username) )
  195 + {
  196 + return new PEAR_Error(_kt('The username is empty.'));
  197 + }
  198 +
  199 + $user =& User::getByUsername($username);
  200 + if (PEAR::isError($user) || ($user === false))
  201 + {
  202 + return new PEAR_Error(_kt("The user '$username' cound not be found."));
  203 + }
  204 +
  205 + if ( empty($password) )
  206 + {
  207 + return new PEAR_Error(_kt('The password is empty.'));
  208 + }
  209 +
  210 + $authenticated = KTAuthenticationUtil::checkPassword($user, $password);
  211 +
  212 + if (PEAR::isError($authenticated) || $authenticated === false)
  213 + {
  214 + return new PEAR_Error(_kt("The password is invalid."));
  215 + }
  216 +
  217 + if (is_null($ip))
  218 + {
  219 + $ip = '127.0.0.1';
  220 + //$ip = KTAPI_Session::resolveIP();
  221 + }
  222 +
  223 + list($session,$sessionid) = KTAPI_UserSession::_check_session($user);
  224 + if (PEAR::isError($sessionid))
  225 + {
  226 + return $sessionid;
  227 + }
  228 +
  229 + $session = &new KTAPI_UserSession($ktapi, $user, $session, $sessionid, $ip);
  230 +
  231 + return $session;
  232 + }
  233 +
  234 + /**
  235 + * This returns an active session.
  236 + *
  237 + * @param KTAPI $ktapi
  238 + * @param string $session
  239 + * @param string $ip
  240 + * @return KTAPI_Session
  241 + */
  242 + function &get_active_session(&$ktapi, $session, $ip)
  243 + {
  244 + $sql = "SELECT id, user_id FROM active_sessions WHERE session_id='$session'";
  245 + if (!empty($ip))
  246 + {
  247 + $sql .= " AND ip='$ip'";
  248 + }
  249 +
  250 + $row = DBUtil::getOneResult($sql);
  251 + if (is_null($row) || PEAR::isError($row))
  252 + {
  253 + return new PEAR_Error(KTAPI_ERROR_SESSION_INVALID);
  254 + }
  255 +
  256 + $sessionid = $row['id'];
  257 + $userid = $row['user_id'];
  258 +
  259 + $user = &User::get($userid);
  260 + if (is_null($user) || PEAR::isError($user))
  261 + {
  262 + return new PEAR_Error(KTAPI_ERROR_USER_INVALID);
  263 + }
  264 +
  265 +
  266 +
  267 + $now=date('Y-m-d H:i:s');
  268 + $sql = "UPDATE active_sessions SET last_used='$now' WHERE id=$sessionid";
  269 + DBUtil::runQuery($sql);
  270 +
  271 + $session = &new KTAPI_Session($ktapi, $user, $session, $sessionid, $ip);
  272 + return $session;
  273 + }
  274 +
  275 + /**
  276 + * This closes the current session.
  277 + *
  278 + */
  279 + function logout()
  280 + {
  281 + $sql = "DELETE FROM active_sessions WHERE id=$this->sessionid";
  282 + $result = DBUtil::runQuery($sql);
  283 + if (PEAR::isError($result))
  284 + {
  285 + return $result;
  286 + }
  287 +
  288 + $this->user = null;
  289 + $this->session = '';
  290 + $this->sessionid = -1;
  291 + $this->active=false;
  292 + }
  293 +
  294 +}
  295 +
  296 +class KTAPI_AnonymousSession extends KTAPI_UserSession
  297 +{
  298 + function &start_session(&$ktapi, $ip=null)
  299 + {
  300 + $user =& User::get(-2);
  301 + if (is_null($user) || PEAR::isError($user) || ($user === false) || !$user->isAnonymous())
  302 + {
  303 + return new PEAR_Error(_kt("The anonymous user could not be found."));
  304 + }
  305 +
  306 + $authenticated = true;
  307 +
  308 + $config = &KTConfig::getSingleton();
  309 + $allow_anonymous = $config->get('session/allowAnonymousLogin', false);
  310 +
  311 + if (!$allow_anonymous)
  312 + {
  313 + return new PEAR_Error(_kt('Anonymous user not allowed'));
  314 + }
  315 +
  316 + if (is_null($ip))
  317 + {
  318 + $ip = '127.0.0.1';
  319 + //$ip = KTAPI_Session::resolveIP();
  320 + }
  321 +
  322 + list($session,$sessionid) = KTAPI_UserSession::_check_session($user);
  323 + if (PEAR::isError($sessionid))
  324 + {
  325 + return $sessionid;
  326 + }
  327 +
  328 + $session = &new KTAPI_AnonymousSession($ktapi, $user, $session, $sessionid, $ip);
  329 +
  330 + return $session;
  331 + }
  332 +}
  333 +
  334 +
  335 +
  336 +class KTAPI_SystemSession extends KTAPI_Session
  337 +{
  338 + function KTAPI_SystemSession(&$ktapi, &$user)
  339 + {
  340 + parent::KTAPI_Session($ktapi, $user);
  341 + $this->active=true;
  342 + }
  343 +}
  344 +
  345 +?>
0 346 \ No newline at end of file
... ...
ktapi/ktapi.inc.php
  View file @75f7070
... ... @@ -34,2022 +34,24 @@ require_once(&#39;../config/dmsDefaults.php&#39;);
34 34 require_once(KT_LIB_DIR . '/filelike/fsfilelike.inc.php');
35 35 require_once(KT_LIB_DIR . '/foldermanagement/folderutil.inc.php');
36 36  
37   -// Generic error messages used in the API. There may be some others specific to functionality
38   -// directly in the code.
39   -// TODO: Check that they are all relevant.
40   -
41   -define('KTAPI_ERROR_SESSION_INVALID', 'The session could not be resolved.');
42   -define('KTAPI_ERROR_PERMISSION_INVALID', 'The permission could not be resolved.');
43   -define('KTAPI_ERROR_FOLDER_INVALID', 'The folder could not be resolved.');
44   -define('KTAPI_ERROR_DOCUMENT_INVALID', 'The document could not be resolved.');
45   -define('KTAPI_ERROR_USER_INVALID', 'The user could not be resolved.');
46   -define('KTAPI_ERROR_KTAPI_INVALID', 'The ktapi could not be resolved.');
47   -define('KTAPI_ERROR_INSUFFICIENT_PERMISSIONS', 'The user does not have sufficient permissions to access the resource.');
48   -define('KTAPI_ERROR_INTERNAL_ERROR', 'An internal error occurred. Please review the logs.');
49   -define('KTAPI_ERROR_DOCUMENT_TYPE_INVALID', 'The document type could not be resolved.');
50   -define('KTAPI_ERROR_DOCUMENT_CHECKED_OUT', 'The document is checked out.');
51   -define('KTAPI_ERROR_DOCUMENT_NOT_CHECKED_OUT', 'The document is not checked out.');
52   -define('KTAPI_ERROR_WORKFLOW_INVALID', 'The workflow could not be resolved.');
53   -define('KTAPI_ERROR_WORKFLOW_NOT_IN_PROGRESS', 'The workflow is not in progress.');
54   -
55   -// Mapping of permissions to actions.
56   -// TODO: Check that they are all correct.
57   -// Note, currently, all core actions have permissions that are defined in the plugins.
58   -// As the permissions are currently associated with actions which are quite closely linked
59   -// to the web interface, it is not the nicest way to do things. They should be associated at
60   -// a lower level, such as in the api. probably, better, would be at some stage to assocate
61   -// the permissions to the action/transaction in the database so administrators can really customise
62   -// as required.
63   -
64   -define('KTAPI_PERMISSION_DELETE', 'ktcore.permissions.delete');
65   -define('KTAPI_PERMISSION_READ', 'ktcore.permissions.read');
66   -define('KTAPI_PERMISSION_WRITE', 'ktcore.permissions.write');
67   -define('KTAPI_PERMISSION_ADD_FOLDER', 'ktcore.permissions.addFolder');
68   -define('KTAPI_PERMISSION_RENAME_FOLDER', 'ktcore.permissions.folder_rename');
69   -define('KTAPI_PERMISSION_CHANGE_OWNERSHIP', 'ktcore.permissions.security');
70   -define('KTAPI_PERMISSION_DOCUMENT_MOVE', 'ktcore.permissions.write');
71   -define('KTAPI_PERMISSION_WORKFLOW', 'ktcore.permissions.workflow');
72   -
73   -//
74   -
75   -class KTAPI_Session
76   -{
77   - var $ktapi;
78   - var $user = null;
79   - var $session = '';
80   - var $sessionid = -1;
81   - var $ip = null;
82   -
83   - function KTAPI_Session(&$ktapi, &$user, $session, $sessionid, $ip)
84   - {
85   - assert(!is_null($ktapi));
86   - assert(is_a($ktapi,'KTAPI'));
87   - assert(!is_null($user));
88   - assert(is_a($user,'User'));
89   -
90   - $this->ktapi = &$ktapi;
91   - $this->user = &$user;
92   - $this->session = $session;
93   - $this->sessionid = $sessionid;
94   - $this->ip = $ip;
95   -
96   - // TODO: get documenttransaction to not look at the session variable!
97   - $_SESSION["userID"] = $user->getId();
98   - $_SESSION["sessionID"] = $this->sessionid;
99   - }
100   -
101   - /**
102   - * This returns the session string
103   - *
104   - * @return string
105   - */
106   - function get_session()
107   - {
108   - return $this->session;
109   - }
110   -
111   - /**
112   - * This returns the sessionid in the database.
113   - *
114   - * @return int
115   - */
116   - function get_sessionid()
117   - {
118   - return $this->sessionid;
119   - }
120   -
121   - /**
122   - * This returns a user object for the use rassociated with the session.
123   - *
124   - * @return User
125   - */
126   - function &get_user()
127   - {
128   - return $this->user;
129   - }
130   -
131   - /**
132   - * This resolves the user's ip
133   - *
134   - * @access private
135   - * @return string
136   - */
137   - function resolveIP()
138   - {
139   - if (getenv("REMOTE_ADDR"))
140   - {
141   - $ip = getenv("REMOTE_ADDR");
142   - }
143   - elseif (getenv("HTTP_X_FORWARDED_FOR"))
144   - {
145   - $forwardedip = getenv("HTTP_X_FORWARDED_FOR");
146   - list($ip,$ip2,$ip3,$ip4)= split (",", $forwardedip);
147   - }
148   - elseif (getenv("HTTP_CLIENT_IP"))
149   - {
150   - $ip = getenv("HTTP_CLIENT_IP");
151   - }
152   -
153   - if ($ip == '')
154   - {
155   - $ip = '127.0.0.1';
156   - }
157   -
158   - return $ip;
159   - }
160   -
161   - /**
162   - * This returns a session object based on authentication credentials.
163   - *
164   - * @access private
165   - * @param string $username
166   - * @param string $password
167   - * @return KTAPI_Session
168   - */
169   - function &start_session(&$ktapi, $username, $password, $ip=null)
170   - {
171   -
172   - if ( empty($username) )
173   - {
174   - return new PEAR_Error(_kt('The username is empty.'));
175   - }
176   -
177   - $user =& User::getByUsername($username);
178   - if (PEAR::isError($user) || ($user === false))
179   - {
180   - return new PEAR_Error(_kt("The user '$username' cound not be found."));
181   - }
182   -
183   - if ($user->isAnonymous())
184   - {
185   - $authenticated = true;
186   -
187   - $config = &KTConfig::getSingleton();
188   - $allow_anonymous = $config->get('session/allowAnonymousLogin', false);
189   -
190   - if (!$allow_anonymous)
191   - {
192   - return new PEAR_Error(_kt('Anonymous user not allowed'));
193   - }
194   -
195   - }
196   - else
197   - {
198   -
199   - if ( empty($password) )
200   - {
201   - return new PEAR_Error(_kt('The password is empty.'));
202   - }
203   -
204   - $authenticated = KTAuthenticationUtil::checkPassword($user, $password);
205   -
206   - if (PEAR::isError($authenticated) || $authenticated === false)
207   - {
208   - return new PEAR_Error(_kt("The password is invalid."));
209   - }
210   - }
211   -
212   -
213   -
214   -
215   - if (is_null($ip))
216   - {
217   - $ip = '127.0.0.1';
218   - //$ip = KTAPI_Session::resolveIP();
219   - }
220   -
221   - session_start();
222   -
223   - $user_id = $user->getId();
224   -
225   - $sql = "SELECT count(*) >= u.max_sessions as over_limit FROM active_sessions ass INNER JOIN users u ON ass.user_id=u.id WHERE ass.user_id = $user_id";
226   - $row = DBUtil::getOneResult($sql);
227   - if (PEAR::isError($row))
228   - {
229   - return $row;
230   - }
231   - if (is_null($row))
232   - {
233   - return new PEAR_Error('No record found for user?');
234   - }
235   - if ($row['over_limit'] == 1)
236   - {
237   - return new PEAR_Error('Session limit exceeded. Logout of any active sessions.');
238   - }
239   -
240   - $session = session_id();
241   -
242   - $sessionid = DBUtil::autoInsert('active_sessions',
243   - array(
244   - 'user_id' => $user_id,
245   - 'session_id' => session_id(),
246   - 'lastused' => date('Y-m-d H:i:s'),
247   - 'ip' => $ip
248   - ));
249   - if (PEAR::isError($sessionid) )
250   - {
251   - return $sessionid;
252   - }
253   -
254   - $session = &new KTAPI_Session($ktapi, $user, $session, $sessionid, $ip);
255   -
256   - return $session;
257   - }
258   -
259   - /**
260   - * This returns an active session.
261   - *
262   - * @param KTAPI $ktapi
263   - * @param string $session
264   - * @param string $ip
265   - * @return KTAPI_Session
266   - */
267   - function &get_active_session(&$ktapi, $session, $ip)
268   - {
269   - $sql = "SELECT id, user_id FROM active_sessions WHERE session_id='$session'";
270   - if (!empty($ip))
271   - {
272   - $sql .= " AND ip='$ip'";
273   - }
274   -
275   - $row = DBUtil::getOneResult($sql);
276   - if (is_null($row) || PEAR::isError($row))
277   - {
278   - return new PEAR_Error(KTAPI_ERROR_SESSION_INVALID);
279   - }
280   -
281   - $sessionid = $row['id'];
282   - $userid = $row['user_id'];
283   -
284   - $user = &User::get($userid);
285   - if (is_null($user) || PEAR::isError($user))
286   - {
287   - return new PEAR_Error(KTAPI_ERROR_USER_INVALID);
288   - }
289   -
290   -
291   -
292   - $now=date('Y-m-d H:i:s');
293   - $sql = "UPDATE active_sessions SET last_used='$now' WHERE id=$sessionid";
294   - DBUtil::runQuery($sql);
295   -
296   - $session = &new KTAPI_Session($ktapi, $user, $session, $sessionid, $ip);
297   - return $session;
298   - }
299   -
300   - /**
301   - * This closes the current session.
302   - *
303   - */
304   - function logout()
305   - {
306   - $sql = "DELETE FROM active_sessions WHERE id=$this->sessionid";
307   - $result = DBUtil::runQuery($sql);
308   - if (PEAR::isError($result))
309   - {
310   - return $result;
311   - }
312   -
313   - $this->user = null;
314   - $this->session = '';
315   - $this->sessionid = -1;
316   - }
317   -
318   -}
319   -
320   -class KTAPI_FolderItem
321   -{
322   - /**
323   - * This is a reference to the core KTAPI controller
324   - *
325   - * @access protected
326   - * @var KTAPI
327   - */
328   - var $ktapi;
329   -
330   - function &can_user_access_object_requiring_permission(&$object, $permission)
331   - {
332   - return $this->ktapi->can_user_access_object_requiring_permission($object, $permission);
333   - }
334   -}
335   -
336   -
337   -class KTAPI_Folder extends KTAPI_FolderItem
338   -{
339   - /**
340   - * This is a reference to a base Folder object.
341   - *
342   - * @access private
343   - * @var Folder
344   - */
345   - var $folder;
346   -
347   - /**
348   - * This is the id of the folder on the database.
349   - *
350   - * @access private
351   - * @var int
352   - */
353   - var $folderid;
354   -
355   - /**
356   - * This is used to get a folder based on a folder id.
357   - *
358   - * @access private
359   - * @param KTAPI $ktapi
360   - * @param int $folderid
361   - * @return KTAPI_Folder
362   - */
363   - function &get(&$ktapi, $folderid)
364   - {
365   - assert(!is_null($ktapi));
366   - assert(is_a($ktapi, 'KTAPI'));
367   - assert(is_numeric($folderid));
368   -
369   - $folderid += 0;
370   -
371   - $folder = &Folder::get($folderid);
372   - if (is_null($folder) || PEAR::isError($folder))
373   - {
374   - return new PEAR_Error(KTAPI_ERROR_FOLDER_INVALID);
375   - }
376   -
377   - $user = $ktapi->can_user_access_object_requiring_permission($folder, KTAPI_PERMISSION_READ);
378   -
379   - if (is_null($user) || PEAR::isError($user))
380   - {
381   - return $user;
382   - }
383   -
384   - return new KTAPI_Folder($ktapi, $folder);
385   - }
386   -
387   - /**
388   - * This is the constructor for the KTAPI_Folder.
389   - *
390   - * @access private
391   - * @param KTAPI $ktapi
392   - * @param Folder $folder
393   - * @return KTAPI_Folder
394   - */
395   - function KTAPI_Folder(&$ktapi, &$folder)
396   - {
397   - $this->ktapi = &$ktapi;
398   - $this->folder = &$folder;
399   - $this->folderid = $folder->getId();
400   - }
401   -
402   - /**
403   - * This returns a reference to the internal folder object.
404   - *
405   - * @access protected
406   - * @return Folder
407   - */
408   - function &get_folder()
409   - {
410   - return $this->folder;
411   - }
412   -
413   -
414   - /**
415   - * This returns detailed information on the document.
416   - *
417   - * @return array
418   - */
419   - function get_detail()
420   - {
421   - $detail = array(
422   - 'id'=>(int) $this->folderid,
423   - 'folder_name'=>$this->get_folder_name(),
424   - 'parent_id'=>(int) $this->get_parent_folder_id(),
425   - 'full_path'=>$this->get_full_path(),
426   - );
427   -
428   - return $detail;
429   - }
430   -
431   - function get_parent_folder_id()
432   - {
433   - return (int) $this->folder->getParentID();
434   - }
435   -
436   - function get_folder_name()
437   - {
438   - return $this->folder->getFolderName($this->folderid);
439   - }
440   -
441   -
442   - /**
443   - * This returns the folderid.
444   - *
445   - * @return int
446   - */
447   - function get_folderid()
448   - {
449   - return (int) $this->folderid;
450   - }
451   -
452   - /**
453   - * This can resolve a folder relative to the current directy by name
454   - *
455   - * @access public
456   - * @param string $foldername
457   - * @return KTAPI_Folder
458   - */
459   - function &get_folder_by_name($foldername)
460   - {
461   - $foldername=trim($foldername);
462   - if (empty($foldername))
463   - {
464   - return new PEAR_Error('A valid folder name must be specified.');
465   - }
466   -
467   - $split = explode('/', $foldername);
468   -
469   - $folderid=$this->folderid;
470   - foreach($split as $foldername)
471   - {
472   - $sql = "SELECT id FROM folders WHERE name='$foldername' and parent_id=$folderid";
473   - $row = DBUtil::getOneResult($sql);
474   - if (is_null($row) || PEAR::isError($row))
475   - {
476   - return new PEAR_Error(KTAPI_ERROR_FOLDER_INVALID);
477   - }
478   - $folderid = $row['id'];
479   - }
480   -
481   - return KTAPI_Folder::get($this->ktapi, $folderid);
482   - }
483   -
484   - function get_full_path()
485   - {
486   - $path = $this->folder->getFullPath() . '/' . $this->folder->getName();
487   -
488   - return $path;
489   - }
490   -
491   - /**
492   - * This gets a document by filename or name.
493   - *
494   - * @access private
495   - * @param string $documentname
496   - * @param string $function
497   - * @return KTAPI_Document
498   - */
499   - function &_get_document_by_name($documentname, $function='getByNameAndFolder')
500   - {
501   - $documentname=trim($documentname);
502   - if (empty($documentname))
503   - {
504   - return new PEAR_Error('A valid document name must be specified.');
505   - }
506   -
507   - $foldername = dirname($documentname);
508   - $documentname = basename($documentname);
509   -
510   - $ktapi_folder = $this;
511   -
512   - if (!empty($foldername) && ($foldername != '.'))
513   - {
514   - $ktapi_folder = $this->get_folder_by_name($foldername);
515   - }
516   -
517   - if (is_null($ktapi_folder) || PEAR::isError($ktapi_folder))
518   - {
519   - return new PEAR_Error(KTAPI_ERROR_FOLDER_INVALID);
520   - }
521   -
522   - //$folder = $ktapi_folder->get_folder();
523   - $folderid = $ktapi_folder->folderid;
524   -
525   - $document = Document::$function($documentname, $folderid);
526   - if (is_null($document) || PEAR::isError($document))
527   - {
528   - return new PEAR_Error(KTAPI_ERROR_DOCUMENT_INVALID);
529   - }
530   -
531   - $user = $this->can_user_access_object_requiring_permission($document, KTAPI_PERMISSION_READ);
532   - if (PEAR::isError($user))
533   - {
534   - return $user;
535   - }
536   -
537   - return new KTAPI_Document($this->ktapi, $ktapi_folder, $document);
538   - }
539   -
540   - /**
541   - * This can resolve a document relative to the current directy by name.
542   - *
543   - * @access public
544   - * @param string $documentname
545   - * @return KTAPI_Document
546   - */
547   - function &get_document_by_name($documentname)
548   - {
549   - return $this->_get_document_by_name($documentname,'getByNameAndFolder');
550   - }
551   -
552   - /**
553   - * This can resolve a document relative to the current directy by filename .
554   - *
555   - * @access public
556   - * @param string $documentname
557   - * @return KTAPI_Document
558   - */
559   - function &get_document_by_filename($documentname)
560   - {
561   - return $this->_get_document_by_name($documentname,'getByFilenameAndFolder');
562   - }
563   -
564   - function get_listing($depth=1, $what='DF')
565   - {
566   - if ($depth < 1)
567   - {
568   - return array();
569   - }
570   - $permission = &KTPermission::getByName(KTAPI_PERMISSION_READ);
571   - $permissionid= $permission->getId();
572   -
573   - $user = $this->ktapi->get_user();
574   - $aPermissionDescriptors = implode(',',KTPermissionUtil::getPermissionDescriptorsForUser($user));
575   -
576   - $sql = '';
577   - if (strpos($what,'D') !== false)
578   - {
579   - $sql .= "SELECT
580   - d.id,
581   - 'D' as item_type,
582   - dmv.name as title,
583   - ifnull(uc.name, 'n/a') AS creator,
584   - ifnull(cou.name, 'n/a') AS checkedoutby,
585   - ifnull(mu.name, 'n/a') AS modifiedby,
586   - dcv.filename,
587   - dcv.size,
588   - dcv.major_version,
589   - dcv.minor_version,
590   - dcv.storage_path,
591   - ifnull(mt.mimetypes, 'unknown') as mime_type,
592   - ifnull(mt.icon_path, 'unknown') as mime_icon_path,
593   - ifnull(mt.friendly_name, 'unknown') as mime_display
594   - FROM
595   - documents d
596   - INNER JOIN permission_lookups AS PL ON d.permission_lookup_id = PL.id
597   - INNER JOIN permission_lookup_assignments AS PLA ON PL.id = PLA.permission_lookup_id AND PLA.permission_id = $permissionid
598   - INNER JOIN document_metadata_version AS dmv ON d.metadata_version_id=dmv.id
599   - INNER JOIN document_content_version AS dcv ON dmv.content_version_id=dcv.id
600   - LEFT OUTER JOIN mime_types mt ON dcv.mime_id = mt.id
601   - LEFT OUTER JOIN users AS uc ON d.creator_id=uc.id
602   - LEFT OUTER JOIN users AS cou ON d.checked_out_user_id=cou.id
603   - LEFT OUTER JOIN users AS mu ON d.modified_user_id=mu.id
604   - WHERE
605   - d.folder_id=$this->folderid
606   - AND d.status_id = 1
607   - AND PLA.permission_descriptor_id IN ($aPermissionDescriptors)";
608   - }
609   -
610   - if (strpos($what,'F') !== false)
611   - {
612   - if (strpos($what,'D') !== false)
613   - {
614   - $sql .= ' UNION ';
615   - }
616   -
617   - $sql .= "
618   - SELECT
619   - f.id,
620   - 'F' as item_type,
621   - f.name as title,
622   - ifnull(uc.name, 'n/a') AS creator,
623   - 'n/a' checkedoutby,
624   - 'n/a' AS modifiedby,
625   - f.name as filename,
626   - 'n/a' as size,
627   - 'n/a' as major_version,
628   - 'n/a' as minor_version,
629   - 'n/a' as storage_path,
630   - 'folder' as mime_type,
631   - 'folder' as mime_icon_path,
632   - 'Folder' as mime_display
633   - FROM
634   - folders f
635   - INNER JOIN permission_lookups AS PL ON f.permission_lookup_id = PL.id
636   - INNER JOIN permission_lookup_assignments AS PLA ON PL.id = PLA.permission_lookup_id AND PLA.permission_id = $permissionid
637   - LEFT OUTER JOIN users AS uc ON f.creator_id=uc.id
638   -
639   - WHERE
640   - f.parent_id=$this->folderid
641   -
642   - AND PLA.permission_descriptor_id IN ($aPermissionDescriptors)
643   - ORDER BY item_type DESC, title, filename
644   - ";
645   - }
646   -
647   - $contents = DBUtil::getResultArray($sql);
648   - if (is_null($contents) || PEAR::isError($contents))
649   - {
650   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
651   - }
652   -
653   - $num_items = count($contents);
654   - for($i=0;$i<$num_items;$i++)
655   - {
656   - $contents[$i]['id'] = (int) $contents[$i]['id'];
657   - if ($contents[$i]['item_type'] == 'D')
658   - {
659   - $contents[$i]['items'] = array();
660   - }
661   - else
662   - {
663   - if ($depth-1 > 0)
664   - {
665   - $folder = &$this->ktapi->get_folder_by_id($item['id']);
666   - $contents[$i]['items'] = $folder->get_listing($depth-1);
667   - }
668   - else
669   - {
670   - $contents[$i]['items'] = array();
671   - }
672   - }
673   - }
674   -
675   - return $contents;
676   - }
677   -
678   - /**
679   - * This adds a document to the current folder.
680   - *
681   - * @access public
682   - * @param string $title This is the title for the file in the repository.
683   - * @param string $filename This is the filename in the system for the file.
684   - * @param string $documenttype This is the name or id of the document type. It first looks by name, then by id.
685   - * @param string $tempfilename This is a reference to the file that is accessible locally on the file system.
686   - * @return KTAPI_Document
687   - */
688   - function &add_document($title, $filename, $documenttype, $tempfilename)
689   - {
690   - if (!is_file($tempfilename))
691   - {
692   - return new PEAR_Error('File does not exist.');
693   - }
694   -
695   - $user = $this->can_user_access_object_requiring_permission($this->folder, KTAPI_PERMISSION_WRITE);
696   - if (PEAR::isError($user))
697   - {
698   - return $user;
699   - }
700   -
701   - $filename = basename($filename);
702   - $documenttypeid = KTAPI::get_documenttypeid($documenttype);
703   -
704   - $options = array(
705   - 'contents' => new KTFSFileLike($tempfilename),
706   - 'novalidate' => true,
707   - 'documenttype' => DocumentType::get($documenttypeid),
708   - 'description' => $title,
709   - 'metadata'=>array(),
710   - 'cleanup_initial_file' => true
711   - );
712   -
713   - DBUtil::startTransaction();
714   - $document =& KTDocumentUtil::add($this->folder, $filename, $user, $options);
715   -
716   - if (!is_a($document,'Document'))
717   - {
718   - DBUtil::rollback();
719   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
720   - }
721   - DBUtil::commit();
722   -
723   - $tempfilename=addslashes($tempfilename);
724   - $sql = "DELETE FROM uploaded_files WHERE tempfilename='$tempfilename'";
725   - $result = DBUtil::runQuery($sql);
726   - if (PEAR::isError($result))
727   - {
728   - return $result;
729   - }
730   -
731   - return new KTAPI_Document($this->ktapi, $this, $document);
732   - }
733   -
734   - /**
735   - * This adds a subfolder folder to the current folder.
736   - *
737   - * @access public
738   - * @param string $foldername
739   - * @return KTAPI_Folder
740   - */
741   - function &add_folder($foldername)
742   - {
743   - $user = $this->can_user_access_object_requiring_permission($this->folder, KTAPI_PERMISSION_ADD_FOLDER);
744   -
745   - if (PEAR::isError($user))
746   - {
747   - return $user;
748   - }
749   -
750   - DBUtil::startTransaction();
751   - $result = KTFolderUtil::add($this->folder, $foldername, $user);
752   -
753   - if (PEAR::isError($result))
754   - {
755   - DBUtil::rollback();
756   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
757   - }
758   - DBUtil::commit();
759   - $folderid = $result->getId();
760   -
761   - return $this->ktapi->get_folder_by_id($folderid);
762   - }
763   -
764   - /**
765   - * This deletes the current folder.
766   - *
767   - * @param string $reason
768   - */
769   - function delete($reason)
770   - {
771   - $user = $this->can_user_access_object_requiring_permission($this->folder, KTAPI_PERMISSION_DELETE);
772   - if (PEAR::isError($user))
773   - {
774   - return $user;
775   - }
776   -
777   - if ($this->folderid == 1)
778   - {
779   - return new PEAR_Error('Cannot delete root folder!');
780   - }
781   -
782   - DBUtil::startTransaction();
783   - $result = KTFolderUtil::delete($this->folder, $user, $reason);
784   -
785   - if (PEAR::isError($result))
786   - {
787   - DBUtil::rollback();
788   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
789   - }
790   - DBUtil::commit();
791   - }
792   -
793   - /**
794   - * This renames the folder
795   - *
796   - * @param string $newname
797   - */
798   - function rename($newname)
799   - {
800   - $user = $this->can_user_access_object_requiring_permission($this->folder, KTAPI_PERMISSION_RENAME_FOLDER);
801   - if (PEAR::isError($user))
802   - {
803   - return $user;
804   - }
805   -
806   - DBUtil::startTransaction();
807   - $result = KTFolderUtil::rename($this->folder, $newname, $user);
808   -
809   - if (PEAR::isError($result))
810   - {
811   - DBUtil::rollback();
812   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
813   - }
814   - DBUtil::commit();
815   - }
816   -
817   - /**
818   - * This moves the folder to another location.
819   - *
820   - * @param KTAPI_Folder $ktapi_target_folder
821   - * @param string $reason
822   - */
823   - function move($ktapi_target_folder, $reason='')
824   - {
825   - assert(!is_null($ktapi_target_folder));
826   - assert(is_a($ktapi_target_folder,'KTAPI_Folder'));
827   -
828   - $user = $this->ktapi->get_user();
829   -
830   - $target_folder = $ktapi_target_folder->get_folder();
831   -
832   - $result = $this->can_user_access_object_requiring_permission($target_folder, KTAPI_PERMISSION_WRITE);
833   - if (PEAR::isError($result))
834   - {
835   - return $result;
836   - }
837   -
838   - DBUtil::startTransaction();
839   - $result = KTFolderUtil::copy($this->folder, $target_folder, $user, $reason);
840   -
841   - if (PEAR::isError($result))
842   - {
843   - DBUtil::rollback();
844   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
845   - }
846   - DBUtil::commit();
847   - }
848   -
849   - /**
850   - * This copies a folder to another location.
851   - *
852   - * @param KTAPI_Folder $ktapi_target_folder
853   - * @param string $reason
854   - */
855   - function copy($ktapi_target_folder, $reason='')
856   - {
857   - assert(!is_null($ktapi_target_folder));
858   - assert(is_a($ktapi_target_folder,'KTAPI_Folder'));
859   -
860   - $user = $this->ktapi->get_user();
861   -
862   - $target_folder = $ktapi_target_folder->get_folder();
863   -
864   - $result =$this->can_user_access_object_requiring_permission($target_folder, KTAPI_PERMISSION_WRITE);
865   -
866   - if (PEAR::isError($result))
867   - {
868   - return $result;
869   - }
870   -
871   - DBUtil::startTransaction();
872   - $result = KTFolderUtil::copy($this->folder, $target_folder, $user, $reason);
873   -
874   - if (PEAR::isError($result))
875   - {
876   - DBUtil::rollback();
877   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
878   - }
879   - DBUtil::commit();
880   - }
881   -
882   - /**
883   - * This returns all permissions linked to the folder.
884   - *
885   - * @access public
886   - * @return array
887   - */
888   - function get_permissions()
889   - {
890   - return new PEAR_Error('TODO');
891   - }
892   -
893   - /**
894   - * This returns a transaction history listing.
895   - *
896   - * @access public
897   - * @return array
898   - */
899   - function get_transaction_history()
900   - {
901   - return new PEAR_Error('TODO');
902   - }
903   -}
904   -
905   -class KTAPI_Document extends KTAPI_FolderItem
906   -{
907   - /**
908   - * This is a reference to the internal document object.
909   - *
910   - * @var Document
911   - */
912   - var $document;
913   - /**
914   - * This is the id of the document.
915   - *
916   - * @var int
917   - */
918   - var $documentid;
919   - /**
920   - * This is a reference to the parent folder.
921   - *
922   - * @var KTAPI_Folder
923   - */
924   - var $ktapi_folder;
925   -
926   - /**
927   - * This is used to get a document based on document id.
928   - *
929   - * @static
930   - * @access public
931   - * @param KTAPI $ktapi
932   - * @param int $documentid
933   - * @return KTAPI_Document
934   - */
935   - function &get(&$ktapi, $documentid)
936   - {
937   - assert(!is_null($ktapi));
938   - assert(is_a($ktapi, 'KTAPI'));
939   - assert(is_numeric($documentid));
940   -
941   - $documentid += 0;
942   -
943   - $document = &Document::get($documentid);
944   - if (is_null($document) || PEAR::isError($document))
945   - {
946   - return new PEAR_Error(KTAPI_ERROR_DOCUMENT_INVALID);
947   - }
948   -
949   - $user = $ktapi->can_user_access_object_requiring_permission($document, KTAPI_PERMISSION_READ);
950   -
951   - if (is_null($user) || PEAR::isError($user))
952   - {
953   - return $user;
954   - }
955   -
956   - $folderid = $document->getParentID();
957   -
958   - if (!is_null($folderid))
959   - {
960   - $ktapi_folder = &KTAPI_Folder::get($ktapi, $folderid);
961   - }
962   - else
963   - {
964   - $ktapi_folder = null;
965   - }
966   - // We don't do any checks on this folder as it could possibly be deleted, and is not required right now.
967   -
968   - return new KTAPI_Document($ktapi, $ktapi_folder, $document);
969   - }
970   -
971   - /**
972   - * This is the constructor for the KTAPI_Folder.
973   - *
974   - * @access private
975   - * @param KTAPI $ktapi
976   - * @param Document $document
977   - * @return KTAPI_Document
978   - */
979   - function KTAPI_Document(&$ktapi, &$ktapi_folder, &$document)
980   - {
981   - assert(is_a($ktapi,'KTAPI'));
982   - assert(is_null($ktapi_folder) || is_a($ktapi_folder,'KTAPI_Folder'));
983   -
984   - $this->ktapi = &$ktapi;
985   - $this->ktapi_folder = &$ktapi_folder;
986   - $this->document = &$document;
987   - $this->documentid = $document->getId();
988   - }
989   -
990   - /**
991   - * This checks a document into the repository
992   - *
993   - * @param string $filename
994   - * @param string $reason
995   - * @param string $tempfilename
996   - * @param bool $major_update
997   - */
998   - function checkin($filename, $reason, $tempfilename, $major_update=false)
999   - {
1000   - if (!is_file($tempfilename))
1001   - {
1002   - return new PEAR_Error('File does not exist.');
1003   - }
1004   -
1005   - $user = $this->can_user_access_object_requiring_permission($this->document, KTAPI_PERMISSION_WRITE);
1006   -
1007   - if (PEAR::isError($user))
1008   - {
1009   - return $user;
1010   - }
1011   -
1012   - if (!$this->document->getIsCheckedOut())
1013   - {
1014   - return new PEAR_Error(KTAPI_ERROR_DOCUMENT_NOT_CHECKED_OUT);
1015   - }
1016   -
1017   - $options = array('major_update'=>$major_update);
1018   -
1019   - $currentfilename = $this->document->getFileName();
1020   - if ($filename != $currentfilename)
1021   - {
1022   - $options['newfilename'] = $filename;
1023   - }
1024   -
1025   - DBUtil::startTransaction();
1026   - $result = KTDocumentUtil::checkin($this->document, $tempfilename, $reason, $user, $options);
1027   -
1028   - if (PEAR::isError($result))
1029   - {
1030   - DBUtil::rollback();
1031   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
1032   - }
1033   - DBUtil::commit();
1034   -
1035   - $tempfilename=addslashes($tempfilename);
1036   - $sql = "DELETE FROM uploaded_files WHERE tempfilename='$tempfilename'";
1037   - $result = DBUtil::runQuery($sql);
1038   - if (PEAR::isError($result))
1039   - {
1040   - return $result;
1041   - }
1042   -
1043   - }
1044   -
1045   - /**
1046   - * This reverses the checkout process.
1047   - *
1048   - * @param string $reason
1049   - */
1050   - function undo_checkout($reason)
1051   - {
1052   - $user = $this->can_user_access_object_requiring_permission($this->document, KTAPI_PERMISSION_WRITE);
1053   -
1054   - if (PEAR::isError($user))
1055   - {
1056   - return $user;
1057   - }
1058   -
1059   - if (!$this->document->getIsCheckedOut())
1060   - {
1061   - return new PEAR_Error(KTAPI_ERROR_DOCUMENT_NOT_CHECKED_OUT);
1062   - }
1063   -
1064   - DBUtil::startTransaction();
1065   -
1066   - $this->document->setIsCheckedOut(0);
1067   - $this->document->setCheckedOutUserID(-1);
1068   - $res = $this->document->update();
1069   - if (($res === false) || PEAR::isError($res))
1070   - {
1071   - DBUtil::rollback();
1072   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
1073   - }
1074   -
1075   - $oDocumentTransaction = & new DocumentTransaction($this->document, $reason, 'ktcore.transactions.force_checkin');
1076   -
1077   - $res = $oDocumentTransaction->create();
1078   - if (($res === false) || PEAR::isError($res)) {
1079   - DBUtil::rollback();
1080   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
1081   - }
1082   - DBUtil::commit();
1083   - }
1084   -
1085   - /**
1086   - * This returns a URL to the file that can be downloaded.
1087   - *
1088   - * @param string $reason
1089   - */
1090   - function checkout($reason)
1091   - {
1092   - $user = $this->can_user_access_object_requiring_permission($this->document, KTAPI_PERMISSION_WRITE);
1093   -
1094   - if (PEAR::isError($user))
1095   - {
1096   - return $user;
1097   - }
1098   -
1099   - if ($this->document->getIsCheckedOut())
1100   - {
1101   - return new PEAR_Error(KTAPI_ERROR_DOCUMENT_CHECKED_OUT);
1102   - }
1103   -
1104   - DBUtil::startTransaction();
1105   - $res = KTDocumentUtil::checkout($this->document, $reason, $user);
1106   - if (PEAR::isError($res))
1107   - {
1108   - DBUtil::rollback();
1109   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
1110   - }
1111   -
1112   - DBUtil::commit();
1113   - }
1114   -
1115   - /**
1116   - * This deletes a document from the folder.
1117   - *
1118   - * @param string $reason
1119   - */
1120   - function delete($reason)
1121   - {
1122   - $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_DELETE);
1123   -
1124   - if (PEAR::isError($user))
1125   - {
1126   - return $user;
1127   - }
1128   -
1129   - if ($this->document->getIsCheckedOut())
1130   - {
1131   - return new PEAR_Error(KTAPI_ERROR_DOCUMENT_CHECKED_OUT);
1132   - }
1133   -
1134   - DBUtil::startTransaction();
1135   - $res = KTDocumentUtil::delete($this->document, $reason);
1136   - if (PEAR::isError($res))
1137   - {
1138   - DBUtil::rollback();
1139   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
1140   - }
1141   -
1142   - DBUtil::commit();
1143   - }
1144   -
1145   - /**
1146   - * This changes the owner of the file.
1147   - *
1148   - * @param string $ktapi_newuser
1149   - */
1150   - function change_owner($newusername, $reason='Changing of owner.')
1151   - {
1152   - $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_CHANGE_OWNERSHIP);
1153   -
1154   - if (PEAR::isError($user))
1155   - {
1156   - return $user;
1157   - }
1158   -
1159   - DBUtil::startTransaction();
1160   -
1161   - $user = &User::getByUserName($newusername);
1162   - if (is_null($user) || PEAR::isError($user))
1163   - {
1164   - return new PEAR_Error('User could not be found');
1165   - }
1166   -
1167   - $newuserid = $user->getId();
1168   -
1169   - $this->document->setOwnerID($newuserid);
1170   -
1171   - $res = $this->document->update();
1172   -
1173   - if (PEAR::isError($res))
1174   - {
1175   - DBUtil::rollback();
1176   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
1177   - }
1178   -
1179   - $res = KTPermissionUtil::updatePermissionLookup($this->document);
1180   - if (PEAR::isError($res))
1181   - {
1182   - DBUtil::rollback();
1183   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
1184   - }
1185   -
1186   - $oDocumentTransaction = & new DocumentTransaction($this->document, $reason, 'ktcore.transactions.permissions_change');
1187   -
1188   - $res = $oDocumentTransaction->create();
1189   - if (($res === false) || PEAR::isError($res)) {
1190   - DBUtil::rollback();
1191   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
1192   - }
1193   -
1194   - DBUtil::commit();
1195   - }
1196   -
1197   - /**
1198   - * This copies the document to another folder.
1199   - *
1200   - * @param KTAPI_Folder $ktapi_target_folder
1201   - * @param string $reason
1202   - * @param string $newname
1203   - * @param string $newfilename
1204   - */
1205   - function copy(&$ktapi_target_folder, $reason, $newname=null, $newfilename=null)
1206   - {
1207   - assert(!is_null($ktapi_target_folder));
1208   - assert(is_a($ktapi_target_folder,'KTAPI_Folder'));
1209   -
1210   - if (empty($newname))
1211   - {
1212   - $newname=null;
1213   - }
1214   - if (empty($newfilename))
1215   - {
1216   - $newfilename=null;
1217   - }
1218   -
1219   - $user = $this->ktapi->get_user();
1220   -
1221   - if ($this->document->getIsCheckedOut())
1222   - {
1223   - return new PEAR_Error(KTAPI_ERROR_DOCUMENT_CHECKED_OUT);
1224   - }
1225   -
1226   - $target_folder = &$ktapi_target_folder->get_folder();
1227   -
1228   - $result = $this->can_user_access_object_requiring_permission( $target_folder, KTAPI_PERMISSION_WRITE);
1229   -
1230   - if (PEAR::isError($result))
1231   - {
1232   - return $result;
1233   - }
1234   -
1235   - $name = $this->document->getName();
1236   - $clash = KTDocumentUtil::nameExists($target_folder, $name);
1237   - if ($clash && !is_null($newname))
1238   - {
1239   - $name = $newname;
1240   - $clash = KTDocumentUtil::nameExists($target_folder, $name);
1241   - }
1242   - if ($clash)
1243   - {
1244   - return new PEAR_Error('A document with this title already exists in your chosen folder. Please choose a different folder, or specify a new title for the copied document.');
1245   - }
1246   -
1247   - $filename=$this->document->getFilename();
1248   - $clash = KTDocumentUtil::fileExists($target_folder, $filename);
1249   -
1250   - if ($clash && !is_null($newname))
1251   - {
1252   - $filename = $newfilename;
1253   - $clash = KTDocumentUtil::fileExists($target_folder, $filename);
1254   - }
1255   - if ($clash)
1256   - {
1257   - return new PEAR_Error('A document with this filename already exists in your chosen folder. Please choose a different folder, or specify a new filename for the copied document.');
1258   - }
1259   -
1260   - DBUtil::startTransaction();
1261   -
1262   - $new_document = KTDocumentUtil::copy($this->document, $target_folder, $reason);
1263   - if (PEAR::isError($new_document))
1264   - {
1265   - DBUtil::rollback();
1266   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
1267   - }
1268   -
1269   - $new_document->setName($name);
1270   - $new_document->setFilename($filename);
1271   -
1272   - $res = $new_document->update();
1273   -
1274   - if (PEAR::isError($res))
1275   - {
1276   - DBUtil::rollback();
1277   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
1278   - }
1279   -
1280   - DBUtil::commit();
1281   -
1282   - // FIXME do we need to refactor all trigger usage into the util function?
1283   - $oKTTriggerRegistry = KTTriggerRegistry::getSingleton();
1284   - $aTriggers = $oKTTriggerRegistry->getTriggers('copyDocument', 'postValidate');
1285   - foreach ($aTriggers as $aTrigger) {
1286   - $sTrigger = $aTrigger[0];
1287   - $oTrigger = new $sTrigger;
1288   - $aInfo = array(
1289   - 'document' => $new_document,
1290   - 'old_folder' => $this->folder->get_folder(),
1291   - 'new_folder' => $target_folder,
1292   - );
1293   - $oTrigger->setInfo($aInfo);
1294   - $ret = $oTrigger->postValidate();
1295   - }
1296   - }
1297   -
1298   - /**
1299   - * This moves the document to another folder.
1300   - *
1301   - * @param KTAPI_Folder $ktapi_target_folder
1302   - * @param string $reason
1303   - * @param string $newname
1304   - * @param string $newfilename
1305   - */
1306   - function move(&$ktapi_target_folder, $reason, $newname=null, $newfilename=null)
1307   - {
1308   - assert(!is_null($ktapi_target_folder));
1309   - assert(is_a($ktapi_target_folder,'KTAPI_Folder'));
1310   -
1311   - if (empty($newname))
1312   - {
1313   - $newname=null;
1314   - }
1315   - if (empty($newfilename))
1316   - {
1317   - $newfilename=null;
1318   - }
1319   -
1320   - $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_DOCUMENT_MOVE);
1321   -
1322   - if (PEAR::isError($user))
1323   - {
1324   - return $user;
1325   - }
1326   -
1327   - if ($this->document->getIsCheckedOut())
1328   - {
1329   - return new PEAR_Error(KTAPI_ERROR_DOCUMENT_CHECKED_OUT);
1330   - }
1331   -
1332   - $target_folder = $ktapi_target_folder->get_folder();
1333   -
1334   - $result= $this->can_user_access_object_requiring_permission( $target_folder, KTAPI_PERMISSION_WRITE);
1335   -
1336   - if (PEAR::isError($result))
1337   - {
1338   - return $result;
1339   - }
1340   -
1341   - if (!KTDocumentUtil::canBeMoved($this->document))
1342   - {
1343   - return new PEAR_Error('Document cannot be moved.');
1344   - }
1345   -
1346   - $name = $this->document->getName();
1347   - $clash = KTDocumentUtil::nameExists($target_folder, $name);
1348   - if ($clash && !is_null($newname))
1349   - {
1350   - $name = $newname;
1351   - $clash = KTDocumentUtil::nameExists($target_folder, $name);
1352   - }
1353   - if ($clash)
1354   - {
1355   - return new PEAR_Error('A document with this title already exists in your chosen folder. Please choose a different folder, or specify a new title for the moved document.');
1356   - }
1357   -
1358   - $filename=$this->document->getFilename();
1359   - $clash = KTDocumentUtil::fileExists($target_folder, $filename);
1360   -
1361   - if ($clash && !is_null($newname))
1362   - {
1363   - $filename = $newfilename;
1364   - $clash = KTDocumentUtil::fileExists($target_folder, $filename);
1365   - }
1366   - if ($clash)
1367   - {
1368   - return new PEAR_Error('A document with this filename already exists in your chosen folder. Please choose a different folder, or specify a new filename for the moved document.');
1369   - }
1370   -
1371   - DBUtil::startTransaction();
1372   -
1373   - $res = KTDocumentUtil::move($this->document, $target_folder, $user, $reason);
1374   - if (PEAR::isError($res))
1375   - {
1376   - DBUtil::rollback();
1377   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
1378   - }
1379   -
1380   - $this->document->setName($name);
1381   - $this->document->setFilename($filename);
1382   -
1383   - $res = $this->document->update();
1384   -
1385   - if (PEAR::isError($res))
1386   - {
1387   - DBUtil::rollback();
1388   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
1389   - }
1390   -
1391   - DBUtil::commit();
1392   - }
1393   -
1394   - /**
1395   - * This changes the filename of the document.
1396   - *
1397   - * @param string $newname
1398   - */
1399   - function renameFile($newname)
1400   - {
1401   - $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WRITE);
1402   -
1403   - if (PEAR::isError($user))
1404   - {
1405   - return $user;
1406   - }
1407   -
1408   - DBUtil::startTransaction();
1409   - $res = KTDocumentUtil::rename($this->document, $newname, $user);
1410   - if (PEAR::isError($res))
1411   - {
1412   - DBUtil::rollback();
1413   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
1414   - }
1415   - DBUtil::commit();
1416   - }
1417   -
1418   - /**
1419   - * This changes the document type of the document.
1420   - *
1421   - * @param string $newname
1422   - */
1423   - function change_document_type($documenttype)
1424   - {
1425   - $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WRITE);
1426   -
1427   - if (PEAR::isError($user))
1428   - {
1429   - return $user;
1430   - }
1431   -
1432   - $doctypeid = KTAPI::get_documenttypeid($documenttype);
1433   -
1434   - if ($this->document->getDocumentTypeId() != $doctypeid)
1435   - {
1436   - DBUtil::startTransaction();
1437   - $this->document->setDocumentTypeId($doctypeid);
1438   - $res = $this->document->update();
1439   -
1440   - if (PEAR::isError($res))
1441   - {
1442   - DBUtil::rollback();
1443   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
1444   - }
1445   - DBUtil::commit();
1446   - }
1447   - }
1448   -
1449   - /**
1450   - * This changes the title of the document.
1451   - *
1452   - * @param string $newname
1453   - */
1454   - function rename($newname)
1455   - {
1456   - $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WRITE);
1457   -
1458   - if (PEAR::isError($user))
1459   - {
1460   - return $user;
1461   - }
1462   -
1463   - if ($this->document->getName() != $newname)
1464   - {
1465   -
1466   - DBUtil::startTransaction();
1467   - $this->document->setName($newname);
1468   - $res = $this->document->update();
1469   -
1470   - if (PEAR::isError($res))
1471   - {
1472   - DBUtil::rollback();
1473   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
1474   - }
1475   - DBUtil::commit();
1476   - }
1477   - }
1478   -
1479   - /**
1480   - * This flags the document as 'archived'.
1481   - *
1482   - * @param string $reason
1483   - */
1484   - function archive($reason)
1485   - {
1486   - $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WRITE);
1487   -
1488   - if (PEAR::isError($user))
1489   - {
1490   - return $user;
1491   - }
1492   -
1493   - list($permission, $user) = $perm_and_user;
1494   -
1495   - DBUtil::startTransaction();
1496   - $this->document->setStatusID(ARCHIVED);
1497   - $res = $this->document->update();
1498   - if (($res === false) || PEAR::isError($res)) {
1499   - DBUtil::rollback();
1500   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
1501   - }
1502   -
1503   - $oDocumentTransaction = & new DocumentTransaction($this->document, sprintf(_kt('Document archived: %s'), $reason), 'ktcore.transactions.update');
1504   - $oDocumentTransaction->create();
1505   -
1506   - DBUtil::commit();
1507   -
1508   - $oKTTriggerRegistry = KTTriggerRegistry::getSingleton();
1509   - $aTriggers = $oKTTriggerRegistry->getTriggers('archive', 'postValidate');
1510   - foreach ($aTriggers as $aTrigger)
1511   - {
1512   - $sTrigger = $aTrigger[0];
1513   - $oTrigger = new $sTrigger;
1514   - $aInfo = array(
1515   - 'document' => $this->document,
1516   - );
1517   - $oTrigger->setInfo($aInfo);
1518   - $ret = $oTrigger->postValidate();
1519   - }
1520   - }
1521   -
1522   - /**
1523   - * This starts a workflow on a document.
1524   - *
1525   - * @param string $workflow
1526   - */
1527   - function start_workflow($workflow)
1528   - {
1529   - $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WORKFLOW);
1530   -
1531   - if (PEAR::isError($user))
1532   - {
1533   - return $user;
1534   - }
1535   -
1536   - $workflowid = $this->document->getWorkflowId();
1537   -
1538   - if (!empty($workflowid))
1539   - {
1540   - return new PEAR_Error('A workflow is already defined.');
1541   - }
1542   -
1543   - $workflow = KTWorkflow::getByName($workflow);
1544   - if (is_null($workflow) || PEAR::isError($workflow))
1545   - {
1546   - return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);
1547   - }
1548   -
1549   - DBUtil::startTransaction();
1550   - $result = KTWorkflowUtil::startWorkflowOnDocument($workflow, $this->document);
1551   - if (is_null($result) || PEAR::isError($result))
1552   - {
1553   - DBUtil::rollback();
1554   - return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);
1555   - }
1556   - DBUtil::commit();
1557   - }
1558   -
1559   - /**
1560   - * This deletes the workflow on the document.
1561   - *
1562   - */
1563   - function delete_workflow()
1564   - {
1565   - $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WORKFLOW);
1566   -
1567   - if (PEAR::isError($user))
1568   - {
1569   - return $user;
1570   - }
1571   -
1572   - $workflowid=$this->document->getWorkflowId();
1573   - if (!empty($workflowid))
1574   - {
1575   - return new PEAR_Error(KTAPI_ERROR_WORKFLOW_NOT_IN_PROGRESS);
1576   - }
1577   -
1578   - DBUtil::startTransaction();
1579   - $result = KTWorkflowUtil::startWorkflowOnDocument(null, $this->document);
1580   - if (is_null($result) || PEAR::isError($result))
1581   - {
1582   - DBUtil::rollback();
1583   - return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);
1584   - }
1585   - DBUtil::commit();
1586   - }
1587   -
1588   - /**
1589   - * This performs a transition on the workflow
1590   - *
1591   - * @param string $transition
1592   - * @param string $reason
1593   - */
1594   - function perform_workflow_transition($transition, $reason)
1595   - {
1596   - $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WORKFLOW);
1597   -
1598   - if (PEAR::isError($user))
1599   - {
1600   - return $user;
1601   - }
1602   -
1603   - $workflowid=$this->document->getWorkflowId();
1604   - if (empty($workflowid))
1605   - {
1606   - return new PEAR_Error(KTAPI_ERROR_WORKFLOW_NOT_IN_PROGRESS);
1607   - }
1608   -
1609   - $transition = &KTWorkflowTransition::getByName($transition);
1610   - if (is_null($transition) || PEAR::isError($transition))
1611   - {
1612   - return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);
1613   - }
1614   -
1615   - DBUtil::startTransaction();
1616   - $result = KTWorkflowUtil::performTransitionOnDocument($transition, $this->document, $user, $reason);
1617   - if (is_null($result) || PEAR::isError($result))
1618   - {
1619   - DBUtil::rollback();
1620   - return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);
1621   - }
1622   - DBUtil::commit();
1623   - }
1624   -
1625   -
1626   -
1627   - /**
1628   - * This returns all metadata for the document.
1629   - *
1630   - * @return array
1631   - */
1632   - function get_metadata()
1633   - {
1634   - $doctypeid = $this->document->getDocumentTypeID();
1635   - $fieldsets = (array) KTMetadataUtil::fieldsetsForDocument($this->document, $doctypeid);
1636   -
1637   - $results = array();
1638   -
1639   - foreach ($fieldsets as $fieldset)
1640   - {
1641   - if ($fieldset->getIsConditional()) { /* this is not implemented...*/ continue; }
1642   -
1643   - $fields = $fieldset->getFields();
1644   - $result = array('fieldset' => $fieldset->getName(),
1645   - 'description' => $fieldset->getDescription());
1646   -
1647   - $fieldsresult = array();
1648   -
1649   - foreach ($fields as $field)
1650   - {
1651   - $value = 'n/a';
1652   -
1653   - $fieldvalue = DocumentFieldLink::getByDocumentAndField($this->document, $field);
1654   - if (!is_null($fieldvalue) && (!PEAR::isError($fieldvalue)))
1655   - {
1656   - $value = $fieldvalue->getValue();
1657   - }
1658   -
1659   - $controltype = 'string';
1660   - if ($field->getHasLookup())
1661   - {
1662   - $controltype = 'lookup';
1663   - if ($field->getHasLookupTree())
1664   - {
1665   - $controltype = 'tree';
1666   - }
1667   - }
1668   -
1669   - switch ($controltype)
1670   - {
1671   - case 'lookup':
1672   - $selection = KTAPI::get_metadata_lookup($field->getId());
1673   - break;
1674   - case 'tree':
1675   - $selection = KTAPI::get_metadata_tree($field->getId());
1676   - break;
1677   - default:
1678   - $selection= array();
1679   - }
1680   -
1681   -
1682   - $fieldsresult[] = array(
1683   - 'name' => $field->getName(),
1684   - 'required' => $field->getIsMandatory(),
1685   - 'value' => $value,
1686   - 'description' => $field->getDescription(),
1687   - 'control_type' => $controltype,
1688   - 'selection' => $selection
1689   -
1690   - );
1691   -
1692   - }
1693   - $result['fields'] = $fieldsresult;
1694   - $results [] = $result;
1695   - }
1696   -
1697   - return $results;
1698   - }
1699   -
1700   - /**
1701   - * This updates the metadata on the file. This includes the 'title'.
1702   - *
1703   - * @param array This is an array containing the metadata to be associated with the file.
1704   - */
1705   - function update_metadata($metadata)
1706   - {
1707   - $packed = array();
1708   -
1709   - foreach($metadata as $fieldset_metadata)
1710   - {
1711   - $fieldsetname=$fieldset_metadata['fieldset'];
1712   - $fieldset = KTFieldset::getByName($fieldsetname);
1713   - if (is_null($fieldset) || PEAR::isError($fieldset))
1714   - {
1715   - // exit graciously
1716   - continue;
1717   - }
1718   -
1719   - foreach($fieldset_metadata['fields'] as $fieldinfo)
1720   - {
1721   - $fieldname = $fieldinfo['name'];
1722   - $field = DocumentField::getByFieldsetAndName($fieldset, $fieldname);
1723   - if (is_null($field) || PEAR::isError($fieldset))
1724   - {
1725   - // exit graciously
1726   - continue;
1727   - }
1728   - $value = $fieldinfo['value'];
1729   -
1730   - $packed[] = array($field, $value);
1731   - }
1732   - }
1733   -
1734   - DBUtil::startTransaction();
1735   - $result = KTDocumentUtil::saveMetadata($this->document, $packed);
1736   -
1737   - if (is_null($result))
1738   - {
1739   - DBUtil::rollback();
1740   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
1741   - }
1742   - if (PEAR::isError($result))
1743   - {
1744   - DBUtil::rollback();
1745   - return new PEAR_Error(sprintf(_kt("Unexpected validation failure: %s."), $result->getMessage()));
1746   - }
1747   - DBUtil::commit();
1748   - }
1749   -
1750   -
1751   - /**
1752   - * This returns a workflow transition
1753   - *
1754   - * @return array
1755   - */
1756   - function get_workflow_transitions()
1757   - {
1758   - $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WORKFLOW);
1759   -
1760   - if (PEAR::isError($user))
1761   - {
1762   - return $user;
1763   - }
1764   -
1765   - $workflowid=$this->document->getWorkflowId();
1766   - if (empty($workflowid))
1767   - {
1768   - return new PEAR_Error(KTAPI_ERROR_WORKFLOW_NOT_IN_PROGRESS);
1769   - }
1770   -
1771   - $result = array();
1772   -
1773   - $transitions = KTWorkflowUtil::getTransitionsForDocumentUser($this->document, $user);
1774   - if (is_null($transitions) || PEAR::isError($transitions))
1775   - {
1776   - return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);
1777   - }
1778   - foreach($transitions as $transition)
1779   - {
1780   - $result[] = $transition->getName();
1781   - }
1782   -
1783   - return $result;
1784   - }
1785   -
1786   - /**
1787   - * This returns the current workflow state
1788   - *
1789   - * @return string
1790   - */
1791   - function get_workflow_state()
1792   - {
1793   - $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WORKFLOW);
1794   -
1795   - if (PEAR::isError($user))
1796   - {
1797   - return $user;
1798   - }
1799   -
1800   - $workflowid=$this->document->getWorkflowId();
1801   - if (empty($workflowid))
1802   - {
1803   - return new PEAR_Error(KTAPI_ERROR_WORKFLOW_NOT_IN_PROGRESS);
1804   - }
1805   -
1806   - $result = array();
1807   -
1808   - $state = KTWorkflowUtil::getWorkflowStateForDocument($this->document);
1809   - if (is_null($state) || PEAR::isError($state))
1810   - {
1811   - return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);
1812   - }
1813   -
1814   - $statename = $state->getName();
1815   -
1816   - return $statename;
1817   -
1818   - }
1819   -
1820   - /**
1821   - * This returns detailed information on the document.
1822   - *
1823   - * @return array
1824   - */
1825   - function get_detail()
1826   - {
1827   - $detail = array();
1828   - $document = $this->document;
1829   -
1830   - $detail['title'] = $document->getName();
1831   -
1832   - $documenttypeid=$document->getDocumentTypeID();
1833   - if (is_numeric($documenttypeid))
1834   - {
1835   - $documenttype = DocumentType::get($documenttypeid);
1836   -
1837   - $documenttype=$documenttype->getName();
1838   - }
1839   - else
1840   - {
1841   - $documenttype = '* unknown *';
1842   - }
1843   - $detail['document_type'] = $documenttype;
1844   -
1845   - $detail['version'] = $document->getVersion();
1846   - $detail['filename'] = $document->getFilename();
1847   -
1848   - $detail['created_date'] = $document->getCreatedDateTime();
1849   -
1850   - $userid = $document->getCreatorID();
1851   - if (is_numeric($userid))
1852   - {
1853   - $user = User::get($userid);
1854   - $username=(is_null($user) || PEAR::isError($user))?'* unknown *':$user->getName();
1855   - }
1856   - else
1857   - {
1858   - $username='n/a';
1859   - }
1860   - $detail['created_by'] = $username;
1861   - $detail['updated_date'] = $document->getLastModifiedDate();
1862   -
1863   - $userid = $document->getModifiedUserId();
1864   - if (is_numeric($userid))
1865   - {
1866   - $user = User::get($userid);
1867   - $username=(is_null($user) || PEAR::isError($user))?'* unknown *':$user->getName();
1868   - }
1869   - else
1870   - {
1871   - $username='n/a';
1872   - }
1873   - $detail['updated_by'] = $username;
1874   - $detail['document_id'] = (int) $document->getId();
1875   - $detail['folder_id'] = (int) $document->getFolderID();
1876   -
1877   - $workflowid = $document->getWorkflowId();
1878   - if (is_numeric($workflowid))
1879   - {
1880   - $workflow = KTWorkflow::get($workflowid);
1881   - $workflowname=(is_null($workflow) || PEAR::isError($workflow))?'* unknown *':$workflow->getName();
1882   - }
1883   - else
1884   - {
1885   - $workflowname='n/a';
1886   - }
1887   - $detail['workflow'] = $workflowname;
1888   -
1889   - $stateid = $document->getWorkflowStateId();
1890   - if (is_numeric($stateid))
1891   - {
1892   - $state = KTWorkflowState::get($stateid);
1893   - $workflowstate=(is_null($state) || PEAR::isError($state))?'* unknown *':$state->getName();
1894   - }
1895   - else
1896   - {
1897   - $workflowstate = 'n/a';
1898   - }
1899   - $detail['workflow_state']=$workflowstate;
1900   -
1901   - $userid = $document->getCheckedOutUserID();
1902   -
1903   - if (is_numeric($userid))
1904   - {
1905   - $user = User::get($userid);
1906   - $username=(is_null($user) || PEAR::isError($user))?'* unknown *':$user->getName();
1907   - }
1908   - else
1909   - {
1910   - $username = 'n/a';
1911   - }
1912   - $detail['checkout_by'] = $username;
1913   -
1914   - $detail['full_path'] = $this->ktapi_folder->get_full_path() . '/' . $this->get_title();
1915   -
1916   - return $detail;
1917   - }
1918   -
1919   - function get_title()
1920   - {
1921   - return $this->document->getDescription();
1922   - }
1923   -
1924   - /**
1925   - * This does a download of a version of the document.
1926   - *
1927   - * @param string $version
1928   - */
1929   - function download($version=null)
1930   - {
1931   - $storage =& KTStorageManagerUtil::getSingleton();
1932   - $options = array();
1933   -
1934   -
1935   - $oDocumentTransaction = & new DocumentTransaction($this->document, 'Document downloaded', 'ktcore.transactions.download', $aOptions);
1936   - $oDocumentTransaction->create();
1937   - }
1938   -
1939   - /**
1940   - * This returns the transaction history for the document.
1941   - *
1942   - * @return array
1943   - */
1944   - function get_transaction_history()
1945   - {
1946   - $sQuery = 'SELECT DTT.name AS transaction_name, U.name AS username, DT.version AS version, DT.comment AS comment, DT.datetime AS datetime ' .
1947   - 'FROM ' . KTUtil::getTableName('document_transactions') . ' AS DT INNER JOIN ' . KTUtil::getTableName('users') . ' AS U ON DT.user_id = U.id ' .
1948   - 'INNER JOIN ' . KTUtil::getTableName('transaction_types') . ' AS DTT ON DTT.namespace = DT.transaction_namespace ' .
1949   - 'WHERE DT.document_id = ? ORDER BY DT.datetime DESC';
1950   - $aParams = array($this->documentid);
1951   -
1952   - $transactions = DBUtil::getResultArray(array($sQuery, $aParams));
1953   - if (is_null($transactions) || PEAR::isError($transactions))
1954   - {
1955   - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
1956   - }
1957   -
1958   - return $transactions;
1959   - }
1960   -
1961   - /**
1962   - * This returns the version history on the document.
1963   - *
1964   - * @return array
1965   - */
1966   - function get_version_history()
1967   - {
1968   - $metadata_versions = KTDocumentMetadataVersion::getByDocument($this->document);
1969   -
1970   - $versions = array();
1971   - foreach ($metadata_versions as $version)
1972   - {
1973   - $document = &Document::get($this->documentid, $version->getId());
1974   -
1975   - $version = array();
1976   -
1977   - $userid = $document->getModifiedUserId();
1978   - $user = User::get($userid);
1979   -
1980   - $version['user'] = $user->getName();
1981   - $version['metadata_version'] = $document->getMetadataVersion();
1982   - $version['content_version'] = $document->getVersion();
1983   -
1984   - $versions[] = $version;
1985   - }
1986   - return $versions;
1987   - }
  37 +require_once('KTAPIConstants.inc.php');
  38 +require_once('KTAPISession.inc.php');
  39 +require_once('KTAPIFolder.inc.php');
  40 +require_once('KTAPIDocument.inc.php');
1988 41  
  42 +class KTAPI_FolderItem
  43 +{
1989 44 /**
1990   - * This expunges a document from the system.
  45 + * This is a reference to the core KTAPI controller
1991 46 *
1992   - * @access public
  47 + * @access protected
  48 + * @var KTAPI
1993 49 */
1994   - function expunge()
1995   - {
1996   - if ($this->document->getStatusID() != 3)
1997   - {
1998   - return new PEAR_Error('You should not purge this');
1999   - }
2000   - DBUtil::startTransaction();
2001   -
2002   - $transaction = & new DocumentTransaction($this->document, "Document expunged", 'ktcore.transactions.expunge');
2003   -
2004   - $transaction->create();
2005   -
2006   - $this->document->delete();
2007   -
2008   - $this->document->cleanupDocumentData($this->documentid);
2009   -
2010   - $storage =& KTStorageManagerUtil::getSingleton();
2011   -
2012   - $result= $storage->expunge($this->document);
2013   -
2014   - DBUtil::commit();
2015   - }
  50 + var $ktapi;
2016 51  
2017   - /**
2018   - * This expunges a document from the system.
2019   - *
2020   - * @access public
2021   - */
2022   - function restore()
2023   - {
2024   - DBUtil::startTransaction();
2025   -
2026   - $storage =& KTStorageManagerUtil::getSingleton();
2027   -
2028   - $folder = Folder::get($this->document->getRestoreFolderId());
2029   - if (PEAR::isError($folder))
2030   - {
2031   - $this->document->setFolderId(1);
2032   - $folder = Folder::get(1);
2033   - }
2034   - else
2035   - {
2036   - $this->document->setFolderId($this->document->getRestoreFolderId());
2037   - }
2038   -
2039   - $storage->restore($this->document);
2040   -
2041   - $this->document->setStatusId(LIVE);
2042   - $this->document->setPermissionObjectId($folder->getPermissionObjectId());
2043   - $res = $this->document->update();
2044   -
2045   - $res = KTPermissionUtil::updatePermissionLookup($this->document);
2046   -
2047   - $user = $this->ktapi->get_user();
2048   -
2049   - $oTransaction = new DocumentTransaction($this->document, 'Restored from deleted state by ' . $user->getName(), 'ktcore.transactions.update');
2050   - $oTransaction->create();
2051   -
2052   - DBUtil::commit();
  52 + function &can_user_access_object_requiring_permission(&$object, $permission)
  53 + {
  54 + return $this->ktapi->can_user_access_object_requiring_permission($object, $permission);
2053 55 }
2054 56 }
2055 57  
... ... @@ -2163,7 +165,7 @@ class KTAPI
2163 165 return new PEAR_Error('A session is currently active.');
2164 166 }
2165 167  
2166   - $session = &KTAPI_Session::get_active_session($this, $session, $ip);
  168 + $session = &KTAPI_UserSession::get_active_session($this, $session, $ip);
2167 169  
2168 170 if (is_null($session) || PEAR::isError($session))
2169 171 {
... ... @@ -2189,7 +191,7 @@ class KTAPI
2189 191 return new PEAR_Error('A session is currently active.');
2190 192 }
2191 193  
2192   - $session = &KTAPI_Session::start_session($this, $username, $password, $ip);
  194 + $session = &KTAPI_UserSession::start_session($this, $username, $password, $ip);
2193 195 if (is_null($session))
2194 196 {
2195 197 return new PEAR_Error('Session is null.');
... ... @@ -2203,6 +205,19 @@ class KTAPI
2203 205 return $session;
2204 206 }
2205 207  
  208 +
  209 + function & start_system_session()
  210 + {
  211 + $user = User::get(1);
  212 +
  213 + $session = & new KTAPI_SystemSession($this, $user);
  214 + $this->session = &$session;
  215 +
  216 + return $session;
  217 + }
  218 +
  219 +
  220 +
2206 221 /**
2207 222 * Starts an anonymous session.
2208 223 *
... ... @@ -2211,7 +226,23 @@ class KTAPI
2211 226 */
2212 227 function &start_anonymous_session($ip=null)
2213 228 {
2214   - return $this->start_session('anonymous','',$ip);
  229 + if (!is_null($this->session))
  230 + {
  231 + return new PEAR_Error('A session is currently active.');
  232 + }
  233 +
  234 + $session = &KTAPI_AnonymousSession::start_session($this, $ip);
  235 + if (is_null($session))
  236 + {
  237 + return new PEAR_Error('Session is null.');
  238 + }
  239 + if (PEAR::isError($session))
  240 + {
  241 + return new PEAR_Error('Session is invalid. ' . $session->getMessage());
  242 + }
  243 + $this->session = &$session;
  244 +
  245 + return $session;
2215 246 }
2216 247  
2217 248  
... ...