Peter M. Groen / knowledgetree

Commit 75f70700c06b3b7172c4da42d30e05928c04656a

Authored by Conrad Vermeulen
1 parent af2ae89a

"KTS-2113" 

"Split KTAPI into seperate files based on classes"
Implemented.

Reviewed By: Kevin Fourie

git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6797 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 5 changed files with 2216 additions and 2014 deletions
ktapi/KTAPIConstants.inc.php 0 → 100644
  View file @75f7070
  1 +<?
  2 +
  3 +/**
  4 + *
  5 + * The contents of this file are subject to the KnowledgeTree Public
  6 + * License Version 1.1.2 ("License"); You may not use this file except in
  7 + * compliance with the License. You may obtain a copy of the License at
  8 + * http://www.knowledgetree.com/KPL
  9 + *
  10 + * Software distributed under the License is distributed on an "AS IS"
  11 + * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied.
  12 + * See the License for the specific language governing rights and
  13 + * limitations under the License.
  14 + *
  15 + * All copies of the Covered Code must include on each user interface screen:
  16 + * (i) the "Powered by KnowledgeTree" logo and
  17 + * (ii) the KnowledgeTree copyright notice
  18 + * in the same form as they appear in the distribution. See the License for
  19 + * requirements.
  20 + *
  21 + * The Original Code is: KnowledgeTree Open Source
  22 + *
  23 + * The Initial Developer of the Original Code is The Jam Warehouse Software
  24 + * (Pty) Ltd, trading as KnowledgeTree.
  25 + * Portions created by The Jam Warehouse Software (Pty) Ltd are Copyright
  26 + * (C) 2007 The Jam Warehouse Software (Pty) Ltd;
  27 + * All Rights Reserved.
  28 + * Contributor( s): ______________________________________
  29 + *
  30 + */
  31 +
  32 +require_once('../config/dmsDefaults.php');
  33 +require_once(KT_LIB_DIR . '/filelike/fsfilelike.inc.php');
  34 +require_once(KT_LIB_DIR . '/foldermanagement/folderutil.inc.php');
  35 +
  36 +// Generic error messages used in the API. There may be some others specific to functionality
  37 +// directly in the code.
  38 +// TODO: Check that they are all relevant.
  39 +
  40 +define('KTAPI_ERROR_SESSION_INVALID', 'The session could not be resolved.');
  41 +define('KTAPI_ERROR_PERMISSION_INVALID', 'The permission could not be resolved.');
  42 +define('KTAPI_ERROR_FOLDER_INVALID', 'The folder could not be resolved.');
  43 +define('KTAPI_ERROR_DOCUMENT_INVALID', 'The document could not be resolved.');
  44 +define('KTAPI_ERROR_USER_INVALID', 'The user could not be resolved.');
  45 +define('KTAPI_ERROR_KTAPI_INVALID', 'The ktapi could not be resolved.');
  46 +define('KTAPI_ERROR_INSUFFICIENT_PERMISSIONS', 'The user does not have sufficient permissions to access the resource.');
  47 +define('KTAPI_ERROR_INTERNAL_ERROR', 'An internal error occurred. Please review the logs.');
  48 +define('KTAPI_ERROR_DOCUMENT_TYPE_INVALID', 'The document type could not be resolved.');
  49 +define('KTAPI_ERROR_DOCUMENT_CHECKED_OUT', 'The document is checked out.');
  50 +define('KTAPI_ERROR_DOCUMENT_NOT_CHECKED_OUT', 'The document is not checked out.');
  51 +define('KTAPI_ERROR_WORKFLOW_INVALID', 'The workflow could not be resolved.');
  52 +define('KTAPI_ERROR_WORKFLOW_NOT_IN_PROGRESS', 'The workflow is not in progress.');
  53 +
  54 +// Mapping of permissions to actions.
  55 +// TODO: Check that they are all correct.
  56 +// Note, currently, all core actions have permissions that are defined in the plugins.
  57 +// As the permissions are currently associated with actions which are quite closely linked
  58 +// to the web interface, it is not the nicest way to do things. They should be associated at
  59 +// a lower level, such as in the api. probably, better, would be at some stage to assocate
  60 +// the permissions to the action/transaction in the database so administrators can really customise
  61 +// as required.
  62 +
  63 +define('KTAPI_PERMISSION_DELETE', 'ktcore.permissions.delete');
  64 +define('KTAPI_PERMISSION_READ', 'ktcore.permissions.read');
  65 +define('KTAPI_PERMISSION_WRITE', 'ktcore.permissions.write');
  66 +define('KTAPI_PERMISSION_ADD_FOLDER', 'ktcore.permissions.addFolder');
  67 +define('KTAPI_PERMISSION_RENAME_FOLDER', 'ktcore.permissions.folder_rename');
  68 +define('KTAPI_PERMISSION_CHANGE_OWNERSHIP', 'ktcore.permissions.security');
  69 +define('KTAPI_PERMISSION_DOCUMENT_MOVE', 'ktcore.permissions.write');
  70 +define('KTAPI_PERMISSION_WORKFLOW', 'ktcore.permissions.workflow');
  71 +
  72 +?>
0 \ No newline at end of file 73 \ No newline at end of file
ktapi/KTAPIDocument.inc.php 0 → 100644
  View file @75f7070
  1 +<?
  2 +class KTAPI_Document extends KTAPI_FolderItem
  3 +{
  4 + /**
  5 + * This is a reference to the internal document object.
  6 + *
  7 + * @var Document
  8 + */
  9 + var $document;
  10 + /**
  11 + * This is the id of the document.
  12 + *
  13 + * @var int
  14 + */
  15 + var $documentid;
  16 + /**
  17 + * This is a reference to the parent folder.
  18 + *
  19 + * @var KTAPI_Folder
  20 + */
  21 + var $ktapi_folder;
  22 +
  23 + function get_documentid()
  24 + {
  25 + return $this->documentid;
  26 + }
  27 +
  28 + /**
  29 + * This is used to get a document based on document id.
  30 + *
  31 + * @static
  32 + * @access public
  33 + * @param KTAPI $ktapi
  34 + * @param int $documentid
  35 + * @return KTAPI_Document
  36 + */
  37 + function &get(&$ktapi, $documentid)
  38 + {
  39 + assert(!is_null($ktapi));
  40 + assert(is_a($ktapi, 'KTAPI'));
  41 + assert(is_numeric($documentid));
  42 +
  43 + $documentid += 0;
  44 +
  45 + $document = &Document::get($documentid);
  46 + if (is_null($document) || PEAR::isError($document))
  47 + {
  48 + return new PEAR_Error(KTAPI_ERROR_DOCUMENT_INVALID);
  49 + }
  50 +
  51 + $user = $ktapi->can_user_access_object_requiring_permission($document, KTAPI_PERMISSION_READ);
  52 +
  53 + if (is_null($user) || PEAR::isError($user))
  54 + {
  55 + return $user;
  56 + }
  57 +
  58 + $folderid = $document->getParentID();
  59 +
  60 + if (!is_null($folderid))
  61 + {
  62 + $ktapi_folder = &KTAPI_Folder::get($ktapi, $folderid);
  63 + }
  64 + else
  65 + {
  66 + $ktapi_folder = null;
  67 + }
  68 + // We don't do any checks on this folder as it could possibly be deleted, and is not required right now.
  69 +
  70 + return new KTAPI_Document($ktapi, $ktapi_folder, $document);
  71 + }
  72 +
  73 + function is_deleted()
  74 + {
  75 + return ($this->document->getStatusID() == 3);
  76 + }
  77 +
  78 + /**
  79 + * This is the constructor for the KTAPI_Folder.
  80 + *
  81 + * @access private
  82 + * @param KTAPI $ktapi
  83 + * @param Document $document
  84 + * @return KTAPI_Document
  85 + */
  86 + function KTAPI_Document(&$ktapi, &$ktapi_folder, &$document)
  87 + {
  88 + assert(is_a($ktapi,'KTAPI'));
  89 + assert(is_null($ktapi_folder) || is_a($ktapi_folder,'KTAPI_Folder'));
  90 +
  91 + $this->ktapi = &$ktapi;
  92 + $this->ktapi_folder = &$ktapi_folder;
  93 + $this->document = &$document;
  94 + $this->documentid = $document->getId();
  95 + }
  96 +
  97 + /**
  98 + * This checks a document into the repository
  99 + *
  100 + * @param string $filename
  101 + * @param string $reason
  102 + * @param string $tempfilename
  103 + * @param bool $major_update
  104 + */
  105 + function checkin($filename, $reason, $tempfilename, $major_update=false)
  106 + {
  107 + if (!is_file($tempfilename))
  108 + {
  109 + return new PEAR_Error('File does not exist.');
  110 + }
  111 +
  112 + $user = $this->can_user_access_object_requiring_permission($this->document, KTAPI_PERMISSION_WRITE);
  113 +
  114 + if (PEAR::isError($user))
  115 + {
  116 + return $user;
  117 + }
  118 +
  119 + if (!$this->document->getIsCheckedOut())
  120 + {
  121 + return new PEAR_Error(KTAPI_ERROR_DOCUMENT_NOT_CHECKED_OUT);
  122 + }
  123 +
  124 + $options = array('major_update'=>$major_update);
  125 +
  126 + $currentfilename = $this->document->getFileName();
  127 + if ($filename != $currentfilename)
  128 + {
  129 + $options['newfilename'] = $filename;
  130 + }
  131 +
  132 + DBUtil::startTransaction();
  133 + $result = KTDocumentUtil::checkin($this->document, $tempfilename, $reason, $user, $options);
  134 +
  135 + if (PEAR::isError($result))
  136 + {
  137 + DBUtil::rollback();
  138 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  139 + }
  140 + DBUtil::commit();
  141 +
  142 + $tempfilename=addslashes($tempfilename);
  143 + $sql = "DELETE FROM uploaded_files WHERE tempfilename='$tempfilename'";
  144 + $result = DBUtil::runQuery($sql);
  145 + if (PEAR::isError($result))
  146 + {
  147 + return $result;
  148 + }
  149 +
  150 + }
  151 +
  152 +
  153 + function is_checked_out()
  154 + {
  155 + return ($this->document->getIsCheckedOut());
  156 + }
  157 +
  158 + /**
  159 + * This reverses the checkout process.
  160 + *
  161 + * @param string $reason
  162 + */
  163 + function undo_checkout($reason)
  164 + {
  165 + $user = $this->can_user_access_object_requiring_permission($this->document, KTAPI_PERMISSION_WRITE);
  166 +
  167 + if (PEAR::isError($user))
  168 + {
  169 + return $user;
  170 + }
  171 +
  172 + if (!$this->document->getIsCheckedOut())
  173 + {
  174 + return new PEAR_Error(KTAPI_ERROR_DOCUMENT_NOT_CHECKED_OUT);
  175 + }
  176 +
  177 + DBUtil::startTransaction();
  178 +
  179 + $this->document->setIsCheckedOut(0);
  180 + $this->document->setCheckedOutUserID(-1);
  181 + $res = $this->document->update();
  182 + if (($res === false) || PEAR::isError($res))
  183 + {
  184 + DBUtil::rollback();
  185 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  186 + }
  187 +
  188 + $oDocumentTransaction = & new DocumentTransaction($this->document, $reason, 'ktcore.transactions.force_checkin');
  189 +
  190 + $res = $oDocumentTransaction->create();
  191 + if (($res === false) || PEAR::isError($res)) {
  192 + DBUtil::rollback();
  193 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  194 + }
  195 + DBUtil::commit();
  196 + }
  197 +
  198 + /**
  199 + * This returns a URL to the file that can be downloaded.
  200 + *
  201 + * @param string $reason
  202 + */
  203 + function checkout($reason)
  204 + {
  205 + $user = $this->can_user_access_object_requiring_permission($this->document, KTAPI_PERMISSION_WRITE);
  206 +
  207 + if (PEAR::isError($user))
  208 + {
  209 + return $user;
  210 + }
  211 +
  212 + if ($this->document->getIsCheckedOut())
  213 + {
  214 + return new PEAR_Error(KTAPI_ERROR_DOCUMENT_CHECKED_OUT);
  215 + }
  216 +
  217 + DBUtil::startTransaction();
  218 + $res = KTDocumentUtil::checkout($this->document, $reason, $user);
  219 + if (PEAR::isError($res))
  220 + {
  221 + DBUtil::rollback();
  222 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  223 + }
  224 +
  225 + DBUtil::commit();
  226 + }
  227 +
  228 + /**
  229 + * This deletes a document from the folder.
  230 + *
  231 + * @param string $reason
  232 + */
  233 + function delete($reason)
  234 + {
  235 + $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_DELETE);
  236 +
  237 + if (PEAR::isError($user))
  238 + {
  239 + return $user;
  240 + }
  241 +
  242 + if ($this->document->getIsCheckedOut())
  243 + {
  244 + return new PEAR_Error(KTAPI_ERROR_DOCUMENT_CHECKED_OUT);
  245 + }
  246 +
  247 + DBUtil::startTransaction();
  248 + $res = KTDocumentUtil::delete($this->document, $reason);
  249 + if (PEAR::isError($res))
  250 + {
  251 + DBUtil::rollback();
  252 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  253 + }
  254 +
  255 + DBUtil::commit();
  256 + }
  257 +
  258 + /**
  259 + * This changes the owner of the file.
  260 + *
  261 + * @param string $ktapi_newuser
  262 + */
  263 + function change_owner($newusername, $reason='Changing of owner.')
  264 + {
  265 + $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_CHANGE_OWNERSHIP);
  266 +
  267 + if (PEAR::isError($user))
  268 + {
  269 + return $user;
  270 + }
  271 +
  272 + DBUtil::startTransaction();
  273 +
  274 + $user = &User::getByUserName($newusername);
  275 + if (is_null($user) || PEAR::isError($user))
  276 + {
  277 + return new PEAR_Error('User could not be found');
  278 + }
  279 +
  280 + $newuserid = $user->getId();
  281 +
  282 + $this->document->setOwnerID($newuserid);
  283 +
  284 + $res = $this->document->update();
  285 +
  286 + if (PEAR::isError($res))
  287 + {
  288 + DBUtil::rollback();
  289 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  290 + }
  291 +
  292 + $res = KTPermissionUtil::updatePermissionLookup($this->document);
  293 + if (PEAR::isError($res))
  294 + {
  295 + DBUtil::rollback();
  296 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  297 + }
  298 +
  299 + $oDocumentTransaction = & new DocumentTransaction($this->document, $reason, 'ktcore.transactions.permissions_change');
  300 +
  301 + $res = $oDocumentTransaction->create();
  302 + if (($res === false) || PEAR::isError($res)) {
  303 + DBUtil::rollback();
  304 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  305 + }
  306 +
  307 + DBUtil::commit();
  308 + }
  309 +
  310 + /**
  311 + * This copies the document to another folder.
  312 + *
  313 + * @param KTAPI_Folder $ktapi_target_folder
  314 + * @param string $reason
  315 + * @param string $newname
  316 + * @param string $newfilename
  317 + */
  318 + function copy(&$ktapi_target_folder, $reason, $newname=null, $newfilename=null)
  319 + {
  320 + assert(!is_null($ktapi_target_folder));
  321 + assert(is_a($ktapi_target_folder,'KTAPI_Folder'));
  322 +
  323 + if (empty($newname))
  324 + {
  325 + $newname=null;
  326 + }
  327 + if (empty($newfilename))
  328 + {
  329 + $newfilename=null;
  330 + }
  331 +
  332 + $user = $this->ktapi->get_user();
  333 +
  334 + if ($this->document->getIsCheckedOut())
  335 + {
  336 + return new PEAR_Error(KTAPI_ERROR_DOCUMENT_CHECKED_OUT);
  337 + }
  338 +
  339 + $target_folder = &$ktapi_target_folder->get_folder();
  340 +
  341 + $result = $this->can_user_access_object_requiring_permission( $target_folder, KTAPI_PERMISSION_WRITE);
  342 +
  343 + if (PEAR::isError($result))
  344 + {
  345 + return $result;
  346 + }
  347 +
  348 + $name = $this->document->getName();
  349 + $clash = KTDocumentUtil::nameExists($target_folder, $name);
  350 + if ($clash && !is_null($newname))
  351 + {
  352 + $name = $newname;
  353 + $clash = KTDocumentUtil::nameExists($target_folder, $name);
  354 + }
  355 + if ($clash)
  356 + {
  357 + return new PEAR_Error('A document with this title already exists in your chosen folder. Please choose a different folder, or specify a new title for the copied document.');
  358 + }
  359 +
  360 + $filename=$this->document->getFilename();
  361 + $clash = KTDocumentUtil::fileExists($target_folder, $filename);
  362 +
  363 + if ($clash && !is_null($newname))
  364 + {
  365 + $filename = $newfilename;
  366 + $clash = KTDocumentUtil::fileExists($target_folder, $filename);
  367 + }
  368 + if ($clash)
  369 + {
  370 + return new PEAR_Error('A document with this filename already exists in your chosen folder. Please choose a different folder, or specify a new filename for the copied document.');
  371 + }
  372 +
  373 + DBUtil::startTransaction();
  374 +
  375 + $new_document = KTDocumentUtil::copy($this->document, $target_folder, $reason);
  376 + if (PEAR::isError($new_document))
  377 + {
  378 + DBUtil::rollback();
  379 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  380 + }
  381 +
  382 + $new_document->setName($name);
  383 + $new_document->setFilename($filename);
  384 +
  385 + $res = $new_document->update();
  386 +
  387 + if (PEAR::isError($res))
  388 + {
  389 + DBUtil::rollback();
  390 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  391 + }
  392 +
  393 + DBUtil::commit();
  394 +
  395 + // FIXME do we need to refactor all trigger usage into the util function?
  396 + $oKTTriggerRegistry = KTTriggerRegistry::getSingleton();
  397 + $aTriggers = $oKTTriggerRegistry->getTriggers('copyDocument', 'postValidate');
  398 + foreach ($aTriggers as $aTrigger) {
  399 + $sTrigger = $aTrigger[0];
  400 + $oTrigger = new $sTrigger;
  401 + $aInfo = array(
  402 + 'document' => $new_document,
  403 + 'old_folder' => $this->folder->get_folder(),
  404 + 'new_folder' => $target_folder,
  405 + );
  406 + $oTrigger->setInfo($aInfo);
  407 + $ret = $oTrigger->postValidate();
  408 + }
  409 + }
  410 +
  411 + /**
  412 + * This moves the document to another folder.
  413 + *
  414 + * @param KTAPI_Folder $ktapi_target_folder
  415 + * @param string $reason
  416 + * @param string $newname
  417 + * @param string $newfilename
  418 + */
  419 + function move(&$ktapi_target_folder, $reason, $newname=null, $newfilename=null)
  420 + {
  421 + assert(!is_null($ktapi_target_folder));
  422 + assert(is_a($ktapi_target_folder,'KTAPI_Folder'));
  423 +
  424 + if (empty($newname))
  425 + {
  426 + $newname=null;
  427 + }
  428 + if (empty($newfilename))
  429 + {
  430 + $newfilename=null;
  431 + }
  432 +
  433 + $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_DOCUMENT_MOVE);
  434 +
  435 + if (PEAR::isError($user))
  436 + {
  437 + return $user;
  438 + }
  439 +
  440 + if ($this->document->getIsCheckedOut())
  441 + {
  442 + return new PEAR_Error(KTAPI_ERROR_DOCUMENT_CHECKED_OUT);
  443 + }
  444 +
  445 + $target_folder = $ktapi_target_folder->get_folder();
  446 +
  447 + $result= $this->can_user_access_object_requiring_permission( $target_folder, KTAPI_PERMISSION_WRITE);
  448 +
  449 + if (PEAR::isError($result))
  450 + {
  451 + return $result;
  452 + }
  453 +
  454 + if (!KTDocumentUtil::canBeMoved($this->document))
  455 + {
  456 + return new PEAR_Error('Document cannot be moved.');
  457 + }
  458 +
  459 + $name = $this->document->getName();
  460 + $clash = KTDocumentUtil::nameExists($target_folder, $name);
  461 + if ($clash && !is_null($newname))
  462 + {
  463 + $name = $newname;
  464 + $clash = KTDocumentUtil::nameExists($target_folder, $name);
  465 + }
  466 + if ($clash)
  467 + {
  468 + return new PEAR_Error('A document with this title already exists in your chosen folder. Please choose a different folder, or specify a new title for the moved document.');
  469 + }
  470 +
  471 + $filename=$this->document->getFilename();
  472 + $clash = KTDocumentUtil::fileExists($target_folder, $filename);
  473 +
  474 + if ($clash && !is_null($newname))
  475 + {
  476 + $filename = $newfilename;
  477 + $clash = KTDocumentUtil::fileExists($target_folder, $filename);
  478 + }
  479 + if ($clash)
  480 + {
  481 + return new PEAR_Error('A document with this filename already exists in your chosen folder. Please choose a different folder, or specify a new filename for the moved document.');
  482 + }
  483 +
  484 + DBUtil::startTransaction();
  485 +
  486 + $res = KTDocumentUtil::move($this->document, $target_folder, $user, $reason);
  487 + if (PEAR::isError($res))
  488 + {
  489 + DBUtil::rollback();
  490 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  491 + }
  492 +
  493 + $this->document->setName($name);
  494 + $this->document->setFilename($filename);
  495 +
  496 + $res = $this->document->update();
  497 +
  498 + if (PEAR::isError($res))
  499 + {
  500 + DBUtil::rollback();
  501 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  502 + }
  503 +
  504 + DBUtil::commit();
  505 + }
  506 +
  507 + /**
  508 + * This changes the filename of the document.
  509 + *
  510 + * @param string $newname
  511 + */
  512 + function renameFile($newname)
  513 + {
  514 + $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WRITE);
  515 +
  516 + if (PEAR::isError($user))
  517 + {
  518 + return $user;
  519 + }
  520 +
  521 + DBUtil::startTransaction();
  522 + $res = KTDocumentUtil::rename($this->document, $newname, $user);
  523 + if (PEAR::isError($res))
  524 + {
  525 + DBUtil::rollback();
  526 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  527 + }
  528 + DBUtil::commit();
  529 + }
  530 +
  531 + /**
  532 + * This changes the document type of the document.
  533 + *
  534 + * @param string $newname
  535 + */
  536 + function change_document_type($documenttype)
  537 + {
  538 + $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WRITE);
  539 +
  540 + if (PEAR::isError($user))
  541 + {
  542 + return $user;
  543 + }
  544 +
  545 + $doctypeid = KTAPI::get_documenttypeid($documenttype);
  546 +
  547 + if ($this->document->getDocumentTypeId() != $doctypeid)
  548 + {
  549 + DBUtil::startTransaction();
  550 + $this->document->setDocumentTypeId($doctypeid);
  551 + $res = $this->document->update();
  552 +
  553 + if (PEAR::isError($res))
  554 + {
  555 + DBUtil::rollback();
  556 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  557 + }
  558 + DBUtil::commit();
  559 + }
  560 + }
  561 +
  562 + /**
  563 + * This changes the title of the document.
  564 + *
  565 + * @param string $newname
  566 + */
  567 + function rename($newname)
  568 + {
  569 + $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WRITE);
  570 +
  571 + if (PEAR::isError($user))
  572 + {
  573 + return $user;
  574 + }
  575 +
  576 + if ($this->document->getName() != $newname)
  577 + {
  578 +
  579 + DBUtil::startTransaction();
  580 + $this->document->setName($newname);
  581 + $res = $this->document->update();
  582 +
  583 + if (PEAR::isError($res))
  584 + {
  585 + DBUtil::rollback();
  586 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  587 + }
  588 + DBUtil::commit();
  589 + }
  590 + }
  591 +
  592 + /**
  593 + * This flags the document as 'archived'.
  594 + *
  595 + * @param string $reason
  596 + */
  597 + function archive($reason)
  598 + {
  599 + $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WRITE);
  600 +
  601 + if (PEAR::isError($user))
  602 + {
  603 + return $user;
  604 + }
  605 +
  606 + list($permission, $user) = $perm_and_user;
  607 +
  608 + DBUtil::startTransaction();
  609 + $this->document->setStatusID(ARCHIVED);
  610 + $res = $this->document->update();
  611 + if (($res === false) || PEAR::isError($res)) {
  612 + DBUtil::rollback();
  613 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  614 + }
  615 +
  616 + $oDocumentTransaction = & new DocumentTransaction($this->document, sprintf(_kt('Document archived: %s'), $reason), 'ktcore.transactions.update');
  617 + $oDocumentTransaction->create();
  618 +
  619 + DBUtil::commit();
  620 +
  621 + $oKTTriggerRegistry = KTTriggerRegistry::getSingleton();
  622 + $aTriggers = $oKTTriggerRegistry->getTriggers('archive', 'postValidate');
  623 + foreach ($aTriggers as $aTrigger)
  624 + {
  625 + $sTrigger = $aTrigger[0];
  626 + $oTrigger = new $sTrigger;
  627 + $aInfo = array(
  628 + 'document' => $this->document,
  629 + );
  630 + $oTrigger->setInfo($aInfo);
  631 + $ret = $oTrigger->postValidate();
  632 + }
  633 + }
  634 +
  635 + /**
  636 + * This starts a workflow on a document.
  637 + *
  638 + * @param string $workflow
  639 + */
  640 + function start_workflow($workflow)
  641 + {
  642 + $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WORKFLOW);
  643 +
  644 + if (PEAR::isError($user))
  645 + {
  646 + return $user;
  647 + }
  648 +
  649 + $workflowid = $this->document->getWorkflowId();
  650 +
  651 + if (!empty($workflowid))
  652 + {
  653 + return new PEAR_Error('A workflow is already defined.');
  654 + }
  655 +
  656 + $workflow = KTWorkflow::getByName($workflow);
  657 + if (is_null($workflow) || PEAR::isError($workflow))
  658 + {
  659 + return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);
  660 + }
  661 +
  662 + DBUtil::startTransaction();
  663 + $result = KTWorkflowUtil::startWorkflowOnDocument($workflow, $this->document);
  664 + if (is_null($result) || PEAR::isError($result))
  665 + {
  666 + DBUtil::rollback();
  667 + return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);
  668 + }
  669 + DBUtil::commit();
  670 + }
  671 +
  672 + /**
  673 + * This deletes the workflow on the document.
  674 + *
  675 + */
  676 + function delete_workflow()
  677 + {
  678 + $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WORKFLOW);
  679 +
  680 + if (PEAR::isError($user))
  681 + {
  682 + return $user;
  683 + }
  684 +
  685 + $workflowid=$this->document->getWorkflowId();
  686 + if (!empty($workflowid))
  687 + {
  688 + return new PEAR_Error(KTAPI_ERROR_WORKFLOW_NOT_IN_PROGRESS);
  689 + }
  690 +
  691 + DBUtil::startTransaction();
  692 + $result = KTWorkflowUtil::startWorkflowOnDocument(null, $this->document);
  693 + if (is_null($result) || PEAR::isError($result))
  694 + {
  695 + DBUtil::rollback();
  696 + return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);
  697 + }
  698 + DBUtil::commit();
  699 + }
  700 +
  701 + /**
  702 + * This performs a transition on the workflow
  703 + *
  704 + * @param string $transition
  705 + * @param string $reason
  706 + */
  707 + function perform_workflow_transition($transition, $reason)
  708 + {
  709 + $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WORKFLOW);
  710 +
  711 + if (PEAR::isError($user))
  712 + {
  713 + return $user;
  714 + }
  715 +
  716 + $workflowid=$this->document->getWorkflowId();
  717 + if (empty($workflowid))
  718 + {
  719 + return new PEAR_Error(KTAPI_ERROR_WORKFLOW_NOT_IN_PROGRESS);
  720 + }
  721 +
  722 + $transition = &KTWorkflowTransition::getByName($transition);
  723 + if (is_null($transition) || PEAR::isError($transition))
  724 + {
  725 + return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);
  726 + }
  727 +
  728 + DBUtil::startTransaction();
  729 + $result = KTWorkflowUtil::performTransitionOnDocument($transition, $this->document, $user, $reason);
  730 + if (is_null($result) || PEAR::isError($result))
  731 + {
  732 + DBUtil::rollback();
  733 + return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);
  734 + }
  735 + DBUtil::commit();
  736 + }
  737 +
  738 +
  739 +
  740 + /**
  741 + * This returns all metadata for the document.
  742 + *
  743 + * @return array
  744 + */
  745 + function get_metadata()
  746 + {
  747 + $doctypeid = $this->document->getDocumentTypeID();
  748 + $fieldsets = (array) KTMetadataUtil::fieldsetsForDocument($this->document, $doctypeid);
  749 +
  750 + $results = array();
  751 +
  752 + foreach ($fieldsets as $fieldset)
  753 + {
  754 + if ($fieldset->getIsConditional()) { /* this is not implemented...*/ continue; }
  755 +
  756 + $fields = $fieldset->getFields();
  757 + $result = array('fieldset' => $fieldset->getName(),
  758 + 'description' => $fieldset->getDescription());
  759 +
  760 + $fieldsresult = array();
  761 +
  762 + foreach ($fields as $field)
  763 + {
  764 + $value = 'n/a';
  765 +
  766 + $fieldvalue = DocumentFieldLink::getByDocumentAndField($this->document, $field);
  767 + if (!is_null($fieldvalue) && (!PEAR::isError($fieldvalue)))
  768 + {
  769 + $value = $fieldvalue->getValue();
  770 + }
  771 +
  772 + $controltype = 'string';
  773 + if ($field->getHasLookup())
  774 + {
  775 + $controltype = 'lookup';
  776 + if ($field->getHasLookupTree())
  777 + {
  778 + $controltype = 'tree';
  779 + }
  780 + }
  781 +
  782 + switch ($controltype)
  783 + {
  784 + case 'lookup':
  785 + $selection = KTAPI::get_metadata_lookup($field->getId());
  786 + break;
  787 + case 'tree':
  788 + $selection = KTAPI::get_metadata_tree($field->getId());
  789 + break;
  790 + default:
  791 + $selection= array();
  792 + }
  793 +
  794 +
  795 + $fieldsresult[] = array(
  796 + 'name' => $field->getName(),
  797 + 'required' => $field->getIsMandatory(),
  798 + 'value' => $value,
  799 + 'description' => $field->getDescription(),
  800 + 'control_type' => $controltype,
  801 + 'selection' => $selection
  802 +
  803 + );
  804 +
  805 + }
  806 + $result['fields'] = $fieldsresult;
  807 + $results [] = $result;
  808 + }
  809 +
  810 + return $results;
  811 + }
  812 +
  813 + /**
  814 + * This updates the metadata on the file. This includes the 'title'.
  815 + *
  816 + * @param array This is an array containing the metadata to be associated with the file.
  817 + */
  818 + function update_metadata($metadata)
  819 + {
  820 + $packed = array();
  821 +
  822 + foreach($metadata as $fieldset_metadata)
  823 + {
  824 + $fieldsetname=$fieldset_metadata['fieldset'];
  825 + $fieldset = KTFieldset::getByName($fieldsetname);
  826 + if (is_null($fieldset) || PEAR::isError($fieldset))
  827 + {
  828 + // exit graciously
  829 + continue;
  830 + }
  831 +
  832 + foreach($fieldset_metadata['fields'] as $fieldinfo)
  833 + {
  834 + $fieldname = $fieldinfo['name'];
  835 + $field = DocumentField::getByFieldsetAndName($fieldset, $fieldname);
  836 + if (is_null($field) || PEAR::isError($fieldset))
  837 + {
  838 + // exit graciously
  839 + continue;
  840 + }
  841 + $value = $fieldinfo['value'];
  842 +
  843 + $packed[] = array($field, $value);
  844 + }
  845 + }
  846 +
  847 + DBUtil::startTransaction();
  848 + $result = KTDocumentUtil::saveMetadata($this->document, $packed);
  849 +
  850 + if (is_null($result))
  851 + {
  852 + DBUtil::rollback();
  853 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  854 + }
  855 + if (PEAR::isError($result))
  856 + {
  857 + DBUtil::rollback();
  858 + return new PEAR_Error(sprintf(_kt("Unexpected validation failure: %s."), $result->getMessage()));
  859 + }
  860 + DBUtil::commit();
  861 + }
  862 +
  863 +
  864 + /**
  865 + * This returns a workflow transition
  866 + *
  867 + * @return array
  868 + */
  869 + function get_workflow_transitions()
  870 + {
  871 + $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WORKFLOW);
  872 +
  873 + if (PEAR::isError($user))
  874 + {
  875 + return $user;
  876 + }
  877 +
  878 + $workflowid=$this->document->getWorkflowId();
  879 + if (empty($workflowid))
  880 + {
  881 + return new PEAR_Error(KTAPI_ERROR_WORKFLOW_NOT_IN_PROGRESS);
  882 + }
  883 +
  884 + $result = array();
  885 +
  886 + $transitions = KTWorkflowUtil::getTransitionsForDocumentUser($this->document, $user);
  887 + if (is_null($transitions) || PEAR::isError($transitions))
  888 + {
  889 + return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);
  890 + }
  891 + foreach($transitions as $transition)
  892 + {
  893 + $result[] = $transition->getName();
  894 + }
  895 +
  896 + return $result;
  897 + }
  898 +
  899 + /**
  900 + * This returns the current workflow state
  901 + *
  902 + * @return string
  903 + */
  904 + function get_workflow_state()
  905 + {
  906 + $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WORKFLOW);
  907 +
  908 + if (PEAR::isError($user))
  909 + {
  910 + return $user;
  911 + }
  912 +
  913 + $workflowid=$this->document->getWorkflowId();
  914 + if (empty($workflowid))
  915 + {
  916 + return new PEAR_Error(KTAPI_ERROR_WORKFLOW_NOT_IN_PROGRESS);
  917 + }
  918 +
  919 + $result = array();
  920 +
  921 + $state = KTWorkflowUtil::getWorkflowStateForDocument($this->document);
  922 + if (is_null($state) || PEAR::isError($state))
  923 + {
  924 + return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);
  925 + }
  926 +
  927 + $statename = $state->getName();
  928 +
  929 + return $statename;
  930 +
  931 + }
  932 +
  933 + /**
  934 + * This returns detailed information on the document.
  935 + *
  936 + * @return array
  937 + */
  938 + function get_detail()
  939 + {
  940 + $detail = array();
  941 + $document = $this->document;
  942 +
  943 + $detail['title'] = $document->getName();
  944 +
  945 + $documenttypeid=$document->getDocumentTypeID();
  946 + if (is_numeric($documenttypeid))
  947 + {
  948 + $documenttype = DocumentType::get($documenttypeid);
  949 +
  950 + $documenttype=$documenttype->getName();
  951 + }
  952 + else
  953 + {
  954 + $documenttype = '* unknown *';
  955 + }
  956 + $detail['document_type'] = $documenttype;
  957 +
  958 + $detail['version'] = $document->getVersion();
  959 + $detail['filename'] = $document->getFilename();
  960 +
  961 + $detail['created_date'] = $document->getCreatedDateTime();
  962 +
  963 + $userid = $document->getCreatorID();
  964 + if (is_numeric($userid))
  965 + {
  966 + $user = User::get($userid);
  967 + $username=(is_null($user) || PEAR::isError($user))?'* unknown *':$user->getName();
  968 + }
  969 + else
  970 + {
  971 + $username='n/a';
  972 + }
  973 + $detail['created_by'] = $username;
  974 + $detail['updated_date'] = $document->getLastModifiedDate();
  975 +
  976 + $userid = $document->getModifiedUserId();
  977 + if (is_numeric($userid))
  978 + {
  979 + $user = User::get($userid);
  980 + $username=(is_null($user) || PEAR::isError($user))?'* unknown *':$user->getName();
  981 + }
  982 + else
  983 + {
  984 + $username='n/a';
  985 + }
  986 + $detail['updated_by'] = $username;
  987 + $detail['document_id'] = (int) $document->getId();
  988 + $detail['folder_id'] = (int) $document->getFolderID();
  989 +
  990 + $workflowid = $document->getWorkflowId();
  991 + if (is_numeric($workflowid))
  992 + {
  993 + $workflow = KTWorkflow::get($workflowid);
  994 + $workflowname=(is_null($workflow) || PEAR::isError($workflow))?'* unknown *':$workflow->getName();
  995 + }
  996 + else
  997 + {
  998 + $workflowname='n/a';
  999 + }
  1000 + $detail['workflow'] = $workflowname;
  1001 +
  1002 + $stateid = $document->getWorkflowStateId();
  1003 + if (is_numeric($stateid))
  1004 + {
  1005 + $state = KTWorkflowState::get($stateid);
  1006 + $workflowstate=(is_null($state) || PEAR::isError($state))?'* unknown *':$state->getName();
  1007 + }
  1008 + else
  1009 + {
  1010 + $workflowstate = 'n/a';
  1011 + }
  1012 + $detail['workflow_state']=$workflowstate;
  1013 +
  1014 + $userid = $document->getCheckedOutUserID();
  1015 +
  1016 + if (is_numeric($userid))
  1017 + {
  1018 + $user = User::get($userid);
  1019 + $username=(is_null($user) || PEAR::isError($user))?'* unknown *':$user->getName();
  1020 + }
  1021 + else
  1022 + {
  1023 + $username = 'n/a';
  1024 + }
  1025 + $detail['checkout_by'] = $username;
  1026 +
  1027 + $detail['full_path'] = $this->ktapi_folder->get_full_path() . '/' . $this->get_title();
  1028 +
  1029 + return $detail;
  1030 + }
  1031 +
  1032 + function get_title()
  1033 + {
  1034 + return $this->document->getDescription();
  1035 + }
  1036 +
  1037 + /**
  1038 + * This does a download of a version of the document.
  1039 + *
  1040 + * @param string $version
  1041 + */
  1042 + function download($version=null)
  1043 + {
  1044 + $storage =& KTStorageManagerUtil::getSingleton();
  1045 + $options = array();
  1046 +
  1047 +
  1048 + $oDocumentTransaction = & new DocumentTransaction($this->document, 'Document downloaded', 'ktcore.transactions.download', $aOptions);
  1049 + $oDocumentTransaction->create();
  1050 + }
  1051 +
  1052 + /**
  1053 + * This returns the transaction history for the document.
  1054 + *
  1055 + * @return array
  1056 + */
  1057 + function get_transaction_history()
  1058 + {
  1059 + $sQuery = 'SELECT DTT.name AS transaction_name, U.name AS username, DT.version AS version, DT.comment AS comment, DT.datetime AS datetime ' .
  1060 + 'FROM ' . KTUtil::getTableName('document_transactions') . ' AS DT INNER JOIN ' . KTUtil::getTableName('users') . ' AS U ON DT.user_id = U.id ' .
  1061 + 'INNER JOIN ' . KTUtil::getTableName('transaction_types') . ' AS DTT ON DTT.namespace = DT.transaction_namespace ' .
  1062 + 'WHERE DT.document_id = ? ORDER BY DT.datetime DESC';
  1063 + $aParams = array($this->documentid);
  1064 +
  1065 + $transactions = DBUtil::getResultArray(array($sQuery, $aParams));
  1066 + if (is_null($transactions) || PEAR::isError($transactions))
  1067 + {
  1068 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  1069 + }
  1070 +
  1071 + return $transactions;
  1072 + }
  1073 +
  1074 + /**
  1075 + * This returns the version history on the document.
  1076 + *
  1077 + * @return array
  1078 + */
  1079 + function get_version_history()
  1080 + {
  1081 + $metadata_versions = KTDocumentMetadataVersion::getByDocument($this->document);
  1082 +
  1083 + $versions = array();
  1084 + foreach ($metadata_versions as $version)
  1085 + {
  1086 + $document = &Document::get($this->documentid, $version->getId());
  1087 +
  1088 + $version = array();
  1089 +
  1090 + $userid = $document->getModifiedUserId();
  1091 + $user = User::get($userid);
  1092 +
  1093 + $version['user'] = $user->getName();
  1094 + $version['metadata_version'] = $document->getMetadataVersion();
  1095 + $version['content_version'] = $document->getVersion();
  1096 +
  1097 + $versions[] = $version;
  1098 + }
  1099 + return $versions;
  1100 + }
  1101 +
  1102 + /**
  1103 + * This expunges a document from the system.
  1104 + *
  1105 + * @access public
  1106 + */
  1107 + function expunge()
  1108 + {
  1109 + if ($this->document->getStatusID() != 3)
  1110 + {
  1111 + return new PEAR_Error('You should not purge this');
  1112 + }
  1113 + DBUtil::startTransaction();
  1114 +
  1115 + $transaction = & new DocumentTransaction($this->document, "Document expunged", 'ktcore.transactions.expunge');
  1116 +
  1117 + $transaction->create();
  1118 +
  1119 + $this->document->delete();
  1120 +
  1121 + $this->document->cleanupDocumentData($this->documentid);
  1122 +
  1123 + $storage =& KTStorageManagerUtil::getSingleton();
  1124 +
  1125 + $result= $storage->expunge($this->document);
  1126 +
  1127 + DBUtil::commit();
  1128 + }
  1129 +
  1130 + /**
  1131 + * This expunges a document from the system.
  1132 + *
  1133 + * @access public
  1134 + */
  1135 + function restore()
  1136 + {
  1137 + DBUtil::startTransaction();
  1138 +
  1139 + $storage =& KTStorageManagerUtil::getSingleton();
  1140 +
  1141 + $folder = Folder::get($this->document->getRestoreFolderId());
  1142 + if (PEAR::isError($folder))
  1143 + {
  1144 + $this->document->setFolderId(1);
  1145 + $folder = Folder::get(1);
  1146 + }
  1147 + else
  1148 + {
  1149 + $this->document->setFolderId($this->document->getRestoreFolderId());
  1150 + }
  1151 +
  1152 + $storage->restore($this->document);
  1153 +
  1154 + $this->document->setStatusId(LIVE);
  1155 + $this->document->setPermissionObjectId($folder->getPermissionObjectId());
  1156 + $res = $this->document->update();
  1157 +
  1158 + $res = KTPermissionUtil::updatePermissionLookup($this->document);
  1159 +
  1160 + $user = $this->ktapi->get_user();
  1161 +
  1162 + $oTransaction = new DocumentTransaction($this->document, 'Restored from deleted state by ' . $user->getName(), 'ktcore.transactions.update');
  1163 + $oTransaction->create();
  1164 +
  1165 + DBUtil::commit();
  1166 + }
  1167 +}
  1168 +?>
0 \ No newline at end of file 1169 \ No newline at end of file
ktapi/KTAPIFolder.inc.php 0 → 100644
  View file @75f7070
  1 +<?
  2 +
  3 +
  4 +class KTAPI_Folder extends KTAPI_FolderItem
  5 +{
  6 + /**
  7 + * This is a reference to a base Folder object.
  8 + *
  9 + * @access private
  10 + * @var Folder
  11 + */
  12 + var $folder;
  13 +
  14 + /**
  15 + * This is the id of the folder on the database.
  16 + *
  17 + * @access private
  18 + * @var int
  19 + */
  20 + var $folderid;
  21 +
  22 + /**
  23 + * This is used to get a folder based on a folder id.
  24 + *
  25 + * @access private
  26 + * @param KTAPI $ktapi
  27 + * @param int $folderid
  28 + * @return KTAPI_Folder
  29 + */
  30 + function &get(&$ktapi, $folderid)
  31 + {
  32 + assert(!is_null($ktapi));
  33 + assert(is_a($ktapi, 'KTAPI'));
  34 + assert(is_numeric($folderid));
  35 +
  36 + $folderid += 0;
  37 +
  38 + $folder = &Folder::get($folderid);
  39 + if (is_null($folder) || PEAR::isError($folder))
  40 + {
  41 + return new PEAR_Error(KTAPI_ERROR_FOLDER_INVALID);
  42 + }
  43 +
  44 + $user = $ktapi->can_user_access_object_requiring_permission($folder, KTAPI_PERMISSION_READ);
  45 +
  46 + if (is_null($user) || PEAR::isError($user))
  47 + {
  48 + return $user;
  49 + }
  50 +
  51 + return new KTAPI_Folder($ktapi, $folder);
  52 + }
  53 +
  54 + /**
  55 + * This is the constructor for the KTAPI_Folder.
  56 + *
  57 + * @access private
  58 + * @param KTAPI $ktapi
  59 + * @param Folder $folder
  60 + * @return KTAPI_Folder
  61 + */
  62 + function KTAPI_Folder(&$ktapi, &$folder)
  63 + {
  64 + $this->ktapi = &$ktapi;
  65 + $this->folder = &$folder;
  66 + $this->folderid = $folder->getId();
  67 + }
  68 +
  69 + /**
  70 + * This returns a reference to the internal folder object.
  71 + *
  72 + * @access protected
  73 + * @return Folder
  74 + */
  75 + function &get_folder()
  76 + {
  77 + return $this->folder;
  78 + }
  79 +
  80 +
  81 + /**
  82 + * This returns detailed information on the document.
  83 + *
  84 + * @return array
  85 + */
  86 + function get_detail()
  87 + {
  88 + $detail = array(
  89 + 'id'=>(int) $this->folderid,
  90 + 'folder_name'=>$this->get_folder_name(),
  91 + 'parent_id'=>(int) $this->get_parent_folder_id(),
  92 + 'full_path'=>$this->get_full_path(),
  93 + );
  94 +
  95 + return $detail;
  96 + }
  97 +
  98 + function get_parent_folder_id()
  99 + {
  100 + return (int) $this->folder->getParentID();
  101 + }
  102 +
  103 + function get_folder_name()
  104 + {
  105 + return $this->folder->getFolderName($this->folderid);
  106 + }
  107 +
  108 +
  109 + /**
  110 + * This returns the folderid.
  111 + *
  112 + * @return int
  113 + */
  114 + function get_folderid()
  115 + {
  116 + return (int) $this->folderid;
  117 + }
  118 +
  119 + /**
  120 + * This can resolve a folder relative to the current directy by name
  121 + *
  122 + * @access public
  123 + * @param string $foldername
  124 + * @return KTAPI_Folder
  125 + */
  126 + function &get_folder_by_name($foldername)
  127 + {
  128 + $foldername=trim($foldername);
  129 + if (empty($foldername))
  130 + {
  131 + return new PEAR_Error('A valid folder name must be specified.');
  132 + }
  133 +
  134 + $split = explode('/', $foldername);
  135 +
  136 + $folderid=$this->folderid;
  137 + foreach($split as $foldername)
  138 + {
  139 + if (empty($foldername))
  140 + {
  141 + continue;
  142 + }
  143 + $sql = "SELECT id FROM folders WHERE name='$foldername' and parent_id=$folderid";
  144 + $row = DBUtil::getOneResult($sql);
  145 + if (is_null($row) || PEAR::isError($row))
  146 + {
  147 + return new PEAR_Error(KTAPI_ERROR_FOLDER_INVALID);
  148 + }
  149 + $folderid = $row['id'];
  150 + }
  151 +
  152 + return KTAPI_Folder::get($this->ktapi, $folderid);
  153 + }
  154 +
  155 + function get_full_path()
  156 + {
  157 + $path = $this->folder->getFullPath() . '/' . $this->folder->getName();
  158 +
  159 + return $path;
  160 + }
  161 +
  162 + /**
  163 + * This gets a document by filename or name.
  164 + *
  165 + * @access private
  166 + * @param string $documentname
  167 + * @param string $function
  168 + * @return KTAPI_Document
  169 + */
  170 + function &_get_document_by_name($documentname, $function='getByNameAndFolder')
  171 + {
  172 + $documentname=trim($documentname);
  173 + if (empty($documentname))
  174 + {
  175 + return new PEAR_Error('A valid document name must be specified.');
  176 + }
  177 +
  178 + $foldername = dirname($documentname);
  179 + $documentname = basename($documentname);
  180 +
  181 + $ktapi_folder = $this;
  182 +
  183 + if (!empty($foldername) && ($foldername != '.'))
  184 + {
  185 + $ktapi_folder = $this->get_folder_by_name($foldername);
  186 + }
  187 +
  188 + if (is_null($ktapi_folder) || PEAR::isError($ktapi_folder))
  189 + {
  190 + return new PEAR_Error(KTAPI_ERROR_FOLDER_INVALID);
  191 + }
  192 +
  193 + //$folder = $ktapi_folder->get_folder();
  194 + $folderid = $ktapi_folder->folderid;
  195 +
  196 + $document = Document::$function($documentname, $folderid);
  197 + if (is_null($document) || PEAR::isError($document))
  198 + {
  199 + return new PEAR_Error(KTAPI_ERROR_DOCUMENT_INVALID);
  200 + }
  201 +
  202 + $user = $this->can_user_access_object_requiring_permission($document, KTAPI_PERMISSION_READ);
  203 + if (PEAR::isError($user))
  204 + {
  205 + return $user;
  206 + }
  207 +
  208 + return new KTAPI_Document($this->ktapi, $ktapi_folder, $document);
  209 + }
  210 +
  211 + /**
  212 + * This can resolve a document relative to the current directy by name.
  213 + *
  214 + * @access public
  215 + * @param string $documentname
  216 + * @return KTAPI_Document
  217 + */
  218 + function &get_document_by_name($documentname)
  219 + {
  220 + return $this->_get_document_by_name($documentname,'getByNameAndFolder');
  221 + }
  222 +
  223 + /**
  224 + * This can resolve a document relative to the current directy by filename .
  225 + *
  226 + * @access public
  227 + * @param string $documentname
  228 + * @return KTAPI_Document
  229 + */
  230 + function &get_document_by_filename($documentname)
  231 + {
  232 + return $this->_get_document_by_name($documentname,'getByFilenameAndFolder');
  233 + }
  234 +
  235 + function get_listing($depth=1, $what='DF')
  236 + {
  237 + if ($depth < 1)
  238 + {
  239 + return array();
  240 + }
  241 + $permission = &KTPermission::getByName(KTAPI_PERMISSION_READ);
  242 + $permissionid= $permission->getId();
  243 +
  244 + $user = $this->ktapi->get_user();
  245 + $descriptors=KTPermissionUtil::getPermissionDescriptorsForUser($user);
  246 + if (is_null($descriptors) || PEAR::isError($descriptors))
  247 + {
  248 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR . ': problem with descriptors for user');
  249 + }
  250 + if (count($descriptors == 0))
  251 + {
  252 + $descriptors=array(0);
  253 + }
  254 +
  255 + $aPermissionDescriptors = implode(',',$descriptors);
  256 +
  257 + $sql = '';
  258 + if (strpos($what,'D') !== false)
  259 + {
  260 + $sql .= "SELECT
  261 + d.id,
  262 + 'D' as item_type,
  263 + dmv.name as title,
  264 + ifnull(uc.name, 'n/a') AS creator,
  265 + ifnull(cou.name, 'n/a') AS checkedoutby,
  266 + ifnull(mu.name, 'n/a') AS modifiedby,
  267 + dcv.filename,
  268 + dcv.size,
  269 + dcv.major_version,
  270 + dcv.minor_version,
  271 + dcv.storage_path,
  272 + ifnull(mt.mimetypes, 'unknown') as mime_type,
  273 + ifnull(mt.icon_path, 'unknown') as mime_icon_path,
  274 + ifnull(mt.friendly_name, 'unknown') as mime_display
  275 + FROM
  276 + documents d
  277 + INNER JOIN permission_lookups AS PL ON d.permission_lookup_id = PL.id
  278 + INNER JOIN permission_lookup_assignments AS PLA ON PL.id = PLA.permission_lookup_id AND PLA.permission_id = $permissionid
  279 + INNER JOIN document_metadata_version AS dmv ON d.metadata_version_id=dmv.id
  280 + INNER JOIN document_content_version AS dcv ON dmv.content_version_id=dcv.id
  281 + LEFT OUTER JOIN mime_types mt ON dcv.mime_id = mt.id
  282 + LEFT OUTER JOIN users AS uc ON d.creator_id=uc.id
  283 + LEFT OUTER JOIN users AS cou ON d.checked_out_user_id=cou.id
  284 + LEFT OUTER JOIN users AS mu ON d.modified_user_id=mu.id
  285 + WHERE
  286 + d.folder_id=$this->folderid
  287 + AND d.status_id = 1
  288 + AND PLA.permission_descriptor_id IN ($aPermissionDescriptors)";
  289 + }
  290 +
  291 + if (strpos($what,'F') !== false)
  292 + {
  293 + if (strpos($what,'D') !== false)
  294 + {
  295 + $sql .= ' UNION ';
  296 + }
  297 +
  298 + $sql .= "
  299 + SELECT
  300 + f.id,
  301 + 'F' as item_type,
  302 + f.name as title,
  303 + ifnull(uc.name, 'n/a') AS creator,
  304 + 'n/a' checkedoutby,
  305 + 'n/a' AS modifiedby,
  306 + f.name as filename,
  307 + 'n/a' as size,
  308 + 'n/a' as major_version,
  309 + 'n/a' as minor_version,
  310 + 'n/a' as storage_path,
  311 + 'folder' as mime_type,
  312 + 'folder' as mime_icon_path,
  313 + 'Folder' as mime_display
  314 + FROM
  315 + folders f
  316 + INNER JOIN permission_lookups AS PL ON f.permission_lookup_id = PL.id
  317 + INNER JOIN permission_lookup_assignments AS PLA ON PL.id = PLA.permission_lookup_id AND PLA.permission_id = $permissionid
  318 + LEFT OUTER JOIN users AS uc ON f.creator_id=uc.id
  319 +
  320 + WHERE
  321 + f.parent_id=$this->folderid
  322 +
  323 + AND PLA.permission_descriptor_id IN ($aPermissionDescriptors)
  324 + ORDER BY item_type DESC, title, filename
  325 + ";
  326 + }
  327 +
  328 + $contents = DBUtil::getResultArray($sql);
  329 + if (is_null($contents) || PEAR::isError($contents))
  330 + {
  331 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  332 + }
  333 +
  334 + $num_items = count($contents);
  335 + for($i=0;$i<$num_items;$i++)
  336 + {
  337 + $contents[$i]['id'] = (int) $contents[$i]['id'];
  338 + if ($contents[$i]['item_type'] == 'D')
  339 + {
  340 + $contents[$i]['items'] = array();
  341 + }
  342 + else
  343 + {
  344 + if ($depth-1 > 0)
  345 + {
  346 + $folder = &$this->ktapi->get_folder_by_id($item['id']);
  347 + $contents[$i]['items'] = $folder->get_listing($depth-1);
  348 + }
  349 + else
  350 + {
  351 + $contents[$i]['items'] = array();
  352 + }
  353 + }
  354 + }
  355 +
  356 + return $contents;
  357 + }
  358 +
  359 + /**
  360 + * This adds a document to the current folder.
  361 + *
  362 + * @access public
  363 + * @param string $title This is the title for the file in the repository.
  364 + * @param string $filename This is the filename in the system for the file.
  365 + * @param string $documenttype This is the name or id of the document type. It first looks by name, then by id.
  366 + * @param string $tempfilename This is a reference to the file that is accessible locally on the file system.
  367 + * @return KTAPI_Document
  368 + */
  369 + function &add_document($title, $filename, $documenttype, $tempfilename)
  370 + {
  371 + if (!is_file($tempfilename))
  372 + {
  373 + return new PEAR_Error('File does not exist.');
  374 + }
  375 +
  376 + $user = $this->can_user_access_object_requiring_permission($this->folder, KTAPI_PERMISSION_WRITE);
  377 + if (PEAR::isError($user))
  378 + {
  379 + return $user;
  380 + }
  381 +
  382 + $filename = basename($filename);
  383 + $documenttypeid = KTAPI::get_documenttypeid($documenttype);
  384 +
  385 + $options = array(
  386 + 'contents' => new KTFSFileLike($tempfilename),
  387 + 'novalidate' => true,
  388 + 'documenttype' => DocumentType::get($documenttypeid),
  389 + 'description' => $title,
  390 + 'metadata'=>array(),
  391 + 'cleanup_initial_file' => true
  392 + );
  393 +
  394 + DBUtil::startTransaction();
  395 + $document =& KTDocumentUtil::add($this->folder, $filename, $user, $options);
  396 +
  397 + if (!is_a($document,'Document'))
  398 + {
  399 + DBUtil::rollback();
  400 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  401 + }
  402 + DBUtil::commit();
  403 +
  404 + $tempfilename=addslashes($tempfilename);
  405 + $sql = "DELETE FROM uploaded_files WHERE tempfilename='$tempfilename'";
  406 + $result = DBUtil::runQuery($sql);
  407 + if (PEAR::isError($result))
  408 + {
  409 + return $result;
  410 + }
  411 +
  412 + return new KTAPI_Document($this->ktapi, $this, $document);
  413 + }
  414 +
  415 + /**
  416 + * This adds a subfolder folder to the current folder.
  417 + *
  418 + * @access public
  419 + * @param string $foldername
  420 + * @return KTAPI_Folder
  421 + */
  422 + function &add_folder($foldername)
  423 + {
  424 + $user = $this->can_user_access_object_requiring_permission($this->folder, KTAPI_PERMISSION_ADD_FOLDER);
  425 +
  426 + if (PEAR::isError($user))
  427 + {
  428 + return $user;
  429 + }
  430 +
  431 + DBUtil::startTransaction();
  432 + $result = KTFolderUtil::add($this->folder, $foldername, $user);
  433 +
  434 + if (PEAR::isError($result))
  435 + {
  436 + DBUtil::rollback();
  437 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  438 + }
  439 + DBUtil::commit();
  440 + $folderid = $result->getId();
  441 +
  442 + return $this->ktapi->get_folder_by_id($folderid);
  443 + }
  444 +
  445 + /**
  446 + * This deletes the current folder.
  447 + *
  448 + * @param string $reason
  449 + */
  450 + function delete($reason)
  451 + {
  452 + $user = $this->can_user_access_object_requiring_permission($this->folder, KTAPI_PERMISSION_DELETE);
  453 + if (PEAR::isError($user))
  454 + {
  455 + return $user;
  456 + }
  457 +
  458 + if ($this->folderid == 1)
  459 + {
  460 + return new PEAR_Error('Cannot delete root folder!');
  461 + }
  462 +
  463 + DBUtil::startTransaction();
  464 + $result = KTFolderUtil::delete($this->folder, $user, $reason);
  465 +
  466 + if (PEAR::isError($result))
  467 + {
  468 + DBUtil::rollback();
  469 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  470 + }
  471 + DBUtil::commit();
  472 + }
  473 +
  474 + /**
  475 + * This renames the folder
  476 + *
  477 + * @param string $newname
  478 + */
  479 + function rename($newname)
  480 + {
  481 + $user = $this->can_user_access_object_requiring_permission($this->folder, KTAPI_PERMISSION_RENAME_FOLDER);
  482 + if (PEAR::isError($user))
  483 + {
  484 + return $user;
  485 + }
  486 +
  487 + DBUtil::startTransaction();
  488 + $result = KTFolderUtil::rename($this->folder, $newname, $user);
  489 +
  490 + if (PEAR::isError($result))
  491 + {
  492 + DBUtil::rollback();
  493 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  494 + }
  495 + DBUtil::commit();
  496 + }
  497 +
  498 + /**
  499 + * This moves the folder to another location.
  500 + *
  501 + * @param KTAPI_Folder $ktapi_target_folder
  502 + * @param string $reason
  503 + */
  504 + function move($ktapi_target_folder, $reason='')
  505 + {
  506 + assert(!is_null($ktapi_target_folder));
  507 + assert(is_a($ktapi_target_folder,'KTAPI_Folder'));
  508 +
  509 + $user = $this->ktapi->get_user();
  510 +
  511 + $target_folder = $ktapi_target_folder->get_folder();
  512 +
  513 + $result = $this->can_user_access_object_requiring_permission($target_folder, KTAPI_PERMISSION_WRITE);
  514 + if (PEAR::isError($result))
  515 + {
  516 + return $result;
  517 + }
  518 +
  519 + DBUtil::startTransaction();
  520 + $result = KTFolderUtil::copy($this->folder, $target_folder, $user, $reason);
  521 +
  522 + if (PEAR::isError($result))
  523 + {
  524 + DBUtil::rollback();
  525 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  526 + }
  527 + DBUtil::commit();
  528 + }
  529 +
  530 + /**
  531 + * This copies a folder to another location.
  532 + *
  533 + * @param KTAPI_Folder $ktapi_target_folder
  534 + * @param string $reason
  535 + */
  536 + function copy($ktapi_target_folder, $reason='')
  537 + {
  538 + assert(!is_null($ktapi_target_folder));
  539 + assert(is_a($ktapi_target_folder,'KTAPI_Folder'));
  540 +
  541 + $user = $this->ktapi->get_user();
  542 +
  543 + $target_folder = $ktapi_target_folder->get_folder();
  544 +
  545 + $result =$this->can_user_access_object_requiring_permission($target_folder, KTAPI_PERMISSION_WRITE);
  546 +
  547 + if (PEAR::isError($result))
  548 + {
  549 + return $result;
  550 + }
  551 +
  552 + DBUtil::startTransaction();
  553 + $result = KTFolderUtil::copy($this->folder, $target_folder, $user, $reason);
  554 +
  555 + if (PEAR::isError($result))
  556 + {
  557 + DBUtil::rollback();
  558 + return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);
  559 + }
  560 + DBUtil::commit();
  561 + }
  562 +
  563 + /**
  564 + * This returns all permissions linked to the folder.
  565 + *
  566 + * @access public
  567 + * @return array
  568 + */
  569 + function get_permissions()
  570 + {
  571 + return new PEAR_Error('TODO');
  572 + }
  573 +
  574 + /**
  575 + * This returns a transaction history listing.
  576 + *
  577 + * @access public
  578 + * @return array
  579 + */
  580 + function get_transaction_history()
  581 + {
  582 + return new PEAR_Error('TODO');
  583 + }
  584 +}
  585 +
  586 +?>
0 \ No newline at end of file 587 \ No newline at end of file
ktapi/KTAPISession.inc.php 0 → 100644
  View file @75f7070
  1 +<?
  2 +
  3 +class KTAPI_Session
  4 +{
  5 + var $ktapi;
  6 + var $user = null;
  7 + var $session = '';
  8 + var $sessionid = -1;
  9 + var $active;
  10 +
  11 + function KTAPI_Session(&$ktapi, &$user)
  12 + {
  13 + assert(!is_null($ktapi));
  14 + assert(is_a($ktapi,'KTAPI'));
  15 + assert(!is_null($user));
  16 + assert(is_a($user,'User'));
  17 +
  18 + $this->ktapi=&$ktapi;
  19 + $this->user=&$user;
  20 + $this->active = false;
  21 + }
  22 +
  23 + /**
  24 + * return the session string
  25 + *
  26 + * @return string
  27 + */
  28 + function get_session()
  29 + {
  30 + die('get_session() should be overloaded!');
  31 + }
  32 +
  33 + /**
  34 + * Return the session id
  35 + *
  36 + * @return int
  37 + */
  38 + function get_sessionid()
  39 + {
  40 + die('get_sessionid() should be overloaded!');
  41 + }
  42 +
  43 + /**
  44 + * Return the user
  45 + *
  46 + * @return User
  47 + */
  48 + function &get_user()
  49 + {
  50 + return $this->user;
  51 + }
  52 +
  53 + function logout()
  54 + {
  55 + $this->active=false;
  56 + // don't need to do anything really
  57 + }
  58 +
  59 + function is_active()
  60 + {
  61 + return $this->active;
  62 + }
  63 +
  64 +}
  65 +
  66 +
  67 +class KTAPI_UserSession extends KTAPI_Session
  68 +{
  69 + var $ip = null;
  70 +
  71 + function KTAPI_UserSession(&$ktapi, &$user, $session, $sessionid, $ip)
  72 + {
  73 + parent::KTAPI_Session($ktapi, $user);
  74 +
  75 + $this->ktapi = &$ktapi;
  76 + $this->user = &$user;
  77 + $this->session = $session;
  78 + $this->sessionid = $sessionid;
  79 + $this->ip = $ip;
  80 +
  81 + // TODO: get documenttransaction to not look at the session variable!
  82 + $_SESSION["userID"] = $user->getId();
  83 + $_SESSION["sessionID"] = $this->sessionid;
  84 + $this->active = true;
  85 + }
  86 +
  87 + /**
  88 + * This returns the session string
  89 + *
  90 + * @return string
  91 + */
  92 + function get_session()
  93 + {
  94 + return $this->session;
  95 + }
  96 +
  97 + /**
  98 + * This returns the sessionid in the database.
  99 + *
  100 + * @return int
  101 + */
  102 + function get_sessionid()
  103 + {
  104 + return $this->sessionid;
  105 + }
  106 +
  107 + /**
  108 + * This resolves the user's ip
  109 + *
  110 + * @access private
  111 + * @return string
  112 + */
  113 + function resolveIP()
  114 + {
  115 + if (getenv("REMOTE_ADDR"))
  116 + {
  117 + $ip = getenv("REMOTE_ADDR");
  118 + }
  119 + elseif (getenv("HTTP_X_FORWARDED_FOR"))
  120 + {
  121 + $forwardedip = getenv("HTTP_X_FORWARDED_FOR");
  122 + list($ip,$ip2,$ip3,$ip4)= split (",", $forwardedip);
  123 + }
  124 + elseif (getenv("HTTP_CLIENT_IP"))
  125 + {
  126 + $ip = getenv("HTTP_CLIENT_IP");
  127 + }
  128 +
  129 + if ($ip == '')
  130 + {
  131 + $ip = '127.0.0.1';
  132 + }
  133 +
  134 + return $ip;
  135 + }
  136 +
  137 + /**
  138 + *
  139 + * @access protected
  140 + * @static
  141 + * @param User $user
  142 + */
  143 + function _check_session(&$user)
  144 + {
  145 + session_start();
  146 +
  147 + $user_id = $user->getId();
  148 +
  149 + $sql = "SELECT count(*) >= u.max_sessions as over_limit FROM active_sessions ass INNER JOIN users u ON ass.user_id=u.id WHERE ass.user_id = $user_id";
  150 + $row = DBUtil::getOneResult($sql);
  151 + if (PEAR::isError($row))
  152 + {
  153 + return $row;
  154 + }
  155 + if (is_null($row))
  156 + {
  157 + return new PEAR_Error('No record found for user?');
  158 + }
  159 + if ($row['over_limit'] == 1)
  160 + {
  161 + return new PEAR_Error('Session limit exceeded. Logout of any active sessions.');
  162 + }
  163 +
  164 + $session = session_id();
  165 +
  166 + $sessionid = DBUtil::autoInsert('active_sessions',
  167 + array(
  168 + 'user_id' => $user_id,
  169 + 'session_id' => session_id(),
  170 + 'lastused' => date('Y-m-d H:i:s'),
  171 + 'ip' => $ip
  172 + ));
  173 + if (PEAR::isError($sessionid) )
  174 + {
  175 + return $sessionid;
  176 + }
  177 +
  178 + return array($session,$sessionid);
  179 + }
  180 +
  181 +
  182 + /**
  183 + * This returns a session object based on authentication credentials.
  184 + *
  185 + * @access public
  186 + * @static
  187 + * @param string $username
  188 + * @param string $password
  189 + * @return KTAPI_Session
  190 + */
  191 + function &start_session(&$ktapi, $username, $password, $ip=null)
  192 + {
  193 + $this->active=false;
  194 + if ( empty($username) )
  195 + {
  196 + return new PEAR_Error(_kt('The username is empty.'));
  197 + }
  198 +
  199 + $user =& User::getByUsername($username);
  200 + if (PEAR::isError($user) || ($user === false))
  201 + {
  202 + return new PEAR_Error(_kt("The user '$username' cound not be found."));
  203 + }
  204 +
  205 + if ( empty($password) )
  206 + {
  207 + return new PEAR_Error(_kt('The password is empty.'));
  208 + }
  209 +
  210 + $authenticated = KTAuthenticationUtil::checkPassword($user, $password);
  211 +
  212 + if (PEAR::isError($authenticated) || $authenticated === false)
  213 + {
  214 + return new PEAR_Error(_kt("The password is invalid."));
  215 + }
  216 +
  217 + if (is_null($ip))
  218 + {
  219 + $ip = '127.0.0.1';
  220 + //$ip = KTAPI_Session::resolveIP();
  221 + }
  222 +
  223 + list($session,$sessionid) = KTAPI_UserSession::_check_session($user);
  224 + if (PEAR::isError($sessionid))
  225 + {
  226 + return $sessionid;
  227 + }
  228 +
  229 + $session = &new KTAPI_UserSession($ktapi, $user, $session, $sessionid, $ip);
  230 +
  231 + return $session;
  232 + }
  233 +
  234 + /**
  235 + * This returns an active session.
  236 + *
  237 + * @param KTAPI $ktapi
  238 + * @param string $session
  239 + * @param string $ip
  240 + * @return KTAPI_Session
  241 + */
  242 + function &get_active_session(&$ktapi, $session, $ip)
  243 + {
  244 + $sql = "SELECT id, user_id FROM active_sessions WHERE session_id='$session'";
  245 + if (!empty($ip))
  246 + {
  247 + $sql .= " AND ip='$ip'";
  248 + }
  249 +
  250 + $row = DBUtil::getOneResult($sql);
  251 + if (is_null($row) || PEAR::isError($row))
  252 + {
  253 + return new PEAR_Error(KTAPI_ERROR_SESSION_INVALID);
  254 + }
  255 +
  256 + $sessionid = $row['id'];
  257 + $userid = $row['user_id'];
  258 +
  259 + $user = &User::get($userid);
  260 + if (is_null($user) || PEAR::isError($user))
  261 + {
  262 + return new PEAR_Error(KTAPI_ERROR_USER_INVALID);
  263 + }
  264 +
  265 +
  266 +
  267 + $now=date('Y-m-d H:i:s');
  268 + $sql = "UPDATE active_sessions SET last_used='$now' WHERE id=$sessionid";
  269 + DBUtil::runQuery($sql);
  270 +
  271 + $session = &new KTAPI_Session($ktapi, $user, $session, $sessionid, $ip);
  272 + return $session;
  273 + }
  274 +
  275 + /**
  276 + * This closes the current session.
  277 + *
  278 + */
  279 + function logout()
  280 + {
  281 + $sql = "DELETE FROM active_sessions WHERE id=$this->sessionid";
  282 + $result = DBUtil::runQuery($sql);
  283 + if (PEAR::isError($result))
  284 + {
  285 + return $result;
  286 + }
  287 +
  288 + $this->user = null;
  289 + $this->session = '';
  290 + $this->sessionid = -1;
  291 + $this->active=false;
  292 + }
  293 +
  294 +}
  295 +
  296 +class KTAPI_AnonymousSession extends KTAPI_UserSession
  297 +{
  298 + function &start_session(&$ktapi, $ip=null)
  299 + {
  300 + $user =& User::get(-2);
  301 + if (is_null($user) || PEAR::isError($user) || ($user === false) || !$user->isAnonymous())
  302 + {
  303 + return new PEAR_Error(_kt("The anonymous user could not be found."));
  304 + }
  305 +
  306 + $authenticated = true;
  307 +
  308 + $config = &KTConfig::getSingleton();
  309 + $allow_anonymous = $config->get('session/allowAnonymousLogin', false);
  310 +
  311 + if (!$allow_anonymous)
  312 + {
  313 + return new PEAR_Error(_kt('Anonymous user not allowed'));
  314 + }
  315 +
  316 + if (is_null($ip))
  317 + {
  318 + $ip = '127.0.0.1';
  319 + //$ip = KTAPI_Session::resolveIP();
  320 + }
  321 +
  322 + list($session,$sessionid) = KTAPI_UserSession::_check_session($user);
  323 + if (PEAR::isError($sessionid))
  324 + {
  325 + return $sessionid;
  326 + }
  327 +
  328 + $session = &new KTAPI_AnonymousSession($ktapi, $user, $session, $sessionid, $ip);
  329 +
  330 + return $session;
  331 + }
  332 +}
  333 +
  334 +
  335 +
  336 +class KTAPI_SystemSession extends KTAPI_Session
  337 +{
  338 + function KTAPI_SystemSession(&$ktapi, &$user)
  339 + {
  340 + parent::KTAPI_Session($ktapi, $user);
  341 + $this->active=true;
  342 + }
  343 +}
  344 +
  345 +?>
0 \ No newline at end of file 346 \ No newline at end of file
ktapi/ktapi.inc.php
  View file @75f7070
@@ -34,2022 +34,24 @@ require_once(&#39;../config/dmsDefaults.php&#39;); @@ -34,2022 +34,24 @@ require_once(&#39;../config/dmsDefaults.php&#39;);
34 require_once(KT_LIB_DIR . '/filelike/fsfilelike.inc.php'); 34 require_once(KT_LIB_DIR . '/filelike/fsfilelike.inc.php');
35 require_once(KT_LIB_DIR . '/foldermanagement/folderutil.inc.php'); 35 require_once(KT_LIB_DIR . '/foldermanagement/folderutil.inc.php');
36 36
37 -// Generic error messages used in the API. There may be some others specific to functionality  
38 -// directly in the code.  
39 -// TODO: Check that they are all relevant.  
40 -  
41 -define('KTAPI_ERROR_SESSION_INVALID', 'The session could not be resolved.');  
42 -define('KTAPI_ERROR_PERMISSION_INVALID', 'The permission could not be resolved.');  
43 -define('KTAPI_ERROR_FOLDER_INVALID', 'The folder could not be resolved.');  
44 -define('KTAPI_ERROR_DOCUMENT_INVALID', 'The document could not be resolved.');  
45 -define('KTAPI_ERROR_USER_INVALID', 'The user could not be resolved.');  
46 -define('KTAPI_ERROR_KTAPI_INVALID', 'The ktapi could not be resolved.');  
47 -define('KTAPI_ERROR_INSUFFICIENT_PERMISSIONS', 'The user does not have sufficient permissions to access the resource.');  
48 -define('KTAPI_ERROR_INTERNAL_ERROR', 'An internal error occurred. Please review the logs.');  
49 -define('KTAPI_ERROR_DOCUMENT_TYPE_INVALID', 'The document type could not be resolved.');  
50 -define('KTAPI_ERROR_DOCUMENT_CHECKED_OUT', 'The document is checked out.');  
51 -define('KTAPI_ERROR_DOCUMENT_NOT_CHECKED_OUT', 'The document is not checked out.');  
52 -define('KTAPI_ERROR_WORKFLOW_INVALID', 'The workflow could not be resolved.');  
53 -define('KTAPI_ERROR_WORKFLOW_NOT_IN_PROGRESS', 'The workflow is not in progress.');  
54 -  
55 -// Mapping of permissions to actions.  
56 -// TODO: Check that they are all correct.  
57 -// Note, currently, all core actions have permissions that are defined in the plugins.  
58 -// As the permissions are currently associated with actions which are quite closely linked  
59 -// to the web interface, it is not the nicest way to do things. They should be associated at  
60 -// a lower level, such as in the api. probably, better, would be at some stage to assocate  
61 -// the permissions to the action/transaction in the database so administrators can really customise  
62 -// as required.  
63 -  
64 -define('KTAPI_PERMISSION_DELETE', 'ktcore.permissions.delete');  
65 -define('KTAPI_PERMISSION_READ', 'ktcore.permissions.read');  
66 -define('KTAPI_PERMISSION_WRITE', 'ktcore.permissions.write');  
67 -define('KTAPI_PERMISSION_ADD_FOLDER', 'ktcore.permissions.addFolder');  
68 -define('KTAPI_PERMISSION_RENAME_FOLDER', 'ktcore.permissions.folder_rename');  
69 -define('KTAPI_PERMISSION_CHANGE_OWNERSHIP', 'ktcore.permissions.security');  
70 -define('KTAPI_PERMISSION_DOCUMENT_MOVE', 'ktcore.permissions.write');  
71 -define('KTAPI_PERMISSION_WORKFLOW', 'ktcore.permissions.workflow');  
72 -  
73 -//  
74 -  
75 -class KTAPI_Session  
76 -{  
77 - var $ktapi;  
78 - var $user = null;  
79 - var $session = '';  
80 - var $sessionid = -1;  
81 - var $ip = null;  
82 -  
83 - function KTAPI_Session(&$ktapi, &$user, $session, $sessionid, $ip)  
84 - {  
85 - assert(!is_null($ktapi));  
86 - assert(is_a($ktapi,'KTAPI'));  
87 - assert(!is_null($user));  
88 - assert(is_a($user,'User'));  
89 -  
90 - $this->ktapi = &$ktapi;  
91 - $this->user = &$user;  
92 - $this->session = $session;  
93 - $this->sessionid = $sessionid;  
94 - $this->ip = $ip;  
95 -  
96 - // TODO: get documenttransaction to not look at the session variable!  
97 - $_SESSION["userID"] = $user->getId();  
98 - $_SESSION["sessionID"] = $this->sessionid;  
99 - }  
100 -  
101 - /**  
102 - * This returns the session string  
103 - *  
104 - * @return string  
105 - */  
106 - function get_session()  
107 - {  
108 - return $this->session;  
109 - }  
110 -  
111 - /**  
112 - * This returns the sessionid in the database.  
113 - *  
114 - * @return int  
115 - */  
116 - function get_sessionid()  
117 - {  
118 - return $this->sessionid;  
119 - }  
120 -  
121 - /**  
122 - * This returns a user object for the use rassociated with the session.  
123 - *  
124 - * @return User  
125 - */  
126 - function &get_user()  
127 - {  
128 - return $this->user;  
129 - }  
130 -  
131 - /**  
132 - * This resolves the user's ip  
133 - *  
134 - * @access private  
135 - * @return string  
136 - */  
137 - function resolveIP()  
138 - {  
139 - if (getenv("REMOTE_ADDR"))  
140 - {  
141 - $ip = getenv("REMOTE_ADDR");  
142 - }  
143 - elseif (getenv("HTTP_X_FORWARDED_FOR"))  
144 - {  
145 - $forwardedip = getenv("HTTP_X_FORWARDED_FOR");  
146 - list($ip,$ip2,$ip3,$ip4)= split (",", $forwardedip);  
147 - }  
148 - elseif (getenv("HTTP_CLIENT_IP"))  
149 - {  
150 - $ip = getenv("HTTP_CLIENT_IP");  
151 - }  
152 -  
153 - if ($ip == '')  
154 - {  
155 - $ip = '127.0.0.1';  
156 - }  
157 -  
158 - return $ip;  
159 - }  
160 -  
161 - /**  
162 - * This returns a session object based on authentication credentials.  
163 - *  
164 - * @access private  
165 - * @param string $username  
166 - * @param string $password  
167 - * @return KTAPI_Session  
168 - */  
169 - function &start_session(&$ktapi, $username, $password, $ip=null)  
170 - {  
171 -  
172 - if ( empty($username) )  
173 - {  
174 - return new PEAR_Error(_kt('The username is empty.'));  
175 - }  
176 -  
177 - $user =& User::getByUsername($username);  
178 - if (PEAR::isError($user) || ($user === false))  
179 - {  
180 - return new PEAR_Error(_kt("The user '$username' cound not be found."));  
181 - }  
182 -  
183 - if ($user->isAnonymous())  
184 - {  
185 - $authenticated = true;  
186 -  
187 - $config = &KTConfig::getSingleton();  
188 - $allow_anonymous = $config->get('session/allowAnonymousLogin', false);  
189 -  
190 - if (!$allow_anonymous)  
191 - {  
192 - return new PEAR_Error(_kt('Anonymous user not allowed'));  
193 - }  
194 -  
195 - }  
196 - else  
197 - {  
198 -  
199 - if ( empty($password) )  
200 - {  
201 - return new PEAR_Error(_kt('The password is empty.'));  
202 - }  
203 -  
204 - $authenticated = KTAuthenticationUtil::checkPassword($user, $password);  
205 -  
206 - if (PEAR::isError($authenticated) || $authenticated === false)  
207 - {  
208 - return new PEAR_Error(_kt("The password is invalid."));  
209 - }  
210 - }  
211 -  
212 -  
213 -  
214 -  
215 - if (is_null($ip))  
216 - {  
217 - $ip = '127.0.0.1';  
218 - //$ip = KTAPI_Session::resolveIP();  
219 - }  
220 -  
221 - session_start();  
222 -  
223 - $user_id = $user->getId();  
224 -  
225 - $sql = "SELECT count(*) >= u.max_sessions as over_limit FROM active_sessions ass INNER JOIN users u ON ass.user_id=u.id WHERE ass.user_id = $user_id";  
226 - $row = DBUtil::getOneResult($sql);  
227 - if (PEAR::isError($row))  
228 - {  
229 - return $row;  
230 - }  
231 - if (is_null($row))  
232 - {  
233 - return new PEAR_Error('No record found for user?');  
234 - }  
235 - if ($row['over_limit'] == 1)  
236 - {  
237 - return new PEAR_Error('Session limit exceeded. Logout of any active sessions.');  
238 - }  
239 -  
240 - $session = session_id();  
241 -  
242 - $sessionid = DBUtil::autoInsert('active_sessions',  
243 - array(  
244 - 'user_id' => $user_id,  
245 - 'session_id' => session_id(),  
246 - 'lastused' => date('Y-m-d H:i:s'),  
247 - 'ip' => $ip  
248 - ));  
249 - if (PEAR::isError($sessionid) )  
250 - {  
251 - return $sessionid;  
252 - }  
253 -  
254 - $session = &new KTAPI_Session($ktapi, $user, $session, $sessionid, $ip);  
255 -  
256 - return $session;  
257 - }  
258 -  
259 - /**  
260 - * This returns an active session.  
261 - *  
262 - * @param KTAPI $ktapi  
263 - * @param string $session  
264 - * @param string $ip  
265 - * @return KTAPI_Session  
266 - */  
267 - function &get_active_session(&$ktapi, $session, $ip)  
268 - {  
269 - $sql = "SELECT id, user_id FROM active_sessions WHERE session_id='$session'";  
270 - if (!empty($ip))  
271 - {  
272 - $sql .= " AND ip='$ip'";  
273 - }  
274 -  
275 - $row = DBUtil::getOneResult($sql);  
276 - if (is_null($row) || PEAR::isError($row))  
277 - {  
278 - return new PEAR_Error(KTAPI_ERROR_SESSION_INVALID);  
279 - }  
280 -  
281 - $sessionid = $row['id'];  
282 - $userid = $row['user_id'];  
283 -  
284 - $user = &User::get($userid);  
285 - if (is_null($user) || PEAR::isError($user))  
286 - {  
287 - return new PEAR_Error(KTAPI_ERROR_USER_INVALID);  
288 - }  
289 -  
290 -  
291 -  
292 - $now=date('Y-m-d H:i:s');  
293 - $sql = "UPDATE active_sessions SET last_used='$now' WHERE id=$sessionid";  
294 - DBUtil::runQuery($sql);  
295 -  
296 - $session = &new KTAPI_Session($ktapi, $user, $session, $sessionid, $ip);  
297 - return $session;  
298 - }  
299 -  
300 - /**  
301 - * This closes the current session.  
302 - *  
303 - */  
304 - function logout()  
305 - {  
306 - $sql = "DELETE FROM active_sessions WHERE id=$this->sessionid";  
307 - $result = DBUtil::runQuery($sql);  
308 - if (PEAR::isError($result))  
309 - {  
310 - return $result;  
311 - }  
312 -  
313 - $this->user = null;  
314 - $this->session = '';  
315 - $this->sessionid = -1;  
316 - }  
317 -  
318 -}  
319 -  
320 -class KTAPI_FolderItem  
321 -{  
322 - /**  
323 - * This is a reference to the core KTAPI controller  
324 - *  
325 - * @access protected  
326 - * @var KTAPI  
327 - */  
328 - var $ktapi;  
329 -  
330 - function &can_user_access_object_requiring_permission(&$object, $permission)  
331 - {  
332 - return $this->ktapi->can_user_access_object_requiring_permission($object, $permission);  
333 - }  
334 -}  
335 -  
336 -  
337 -class KTAPI_Folder extends KTAPI_FolderItem  
338 -{  
339 - /**  
340 - * This is a reference to a base Folder object.  
341 - *  
342 - * @access private  
343 - * @var Folder  
344 - */  
345 - var $folder;  
346 -  
347 - /**  
348 - * This is the id of the folder on the database.  
349 - *  
350 - * @access private  
351 - * @var int  
352 - */  
353 - var $folderid;  
354 -  
355 - /**  
356 - * This is used to get a folder based on a folder id.  
357 - *  
358 - * @access private  
359 - * @param KTAPI $ktapi  
360 - * @param int $folderid  
361 - * @return KTAPI_Folder  
362 - */  
363 - function &get(&$ktapi, $folderid)  
364 - {  
365 - assert(!is_null($ktapi));  
366 - assert(is_a($ktapi, 'KTAPI'));  
367 - assert(is_numeric($folderid));  
368 -  
369 - $folderid += 0;  
370 -  
371 - $folder = &Folder::get($folderid);  
372 - if (is_null($folder) || PEAR::isError($folder))  
373 - {  
374 - return new PEAR_Error(KTAPI_ERROR_FOLDER_INVALID);  
375 - }  
376 -  
377 - $user = $ktapi->can_user_access_object_requiring_permission($folder, KTAPI_PERMISSION_READ);  
378 -  
379 - if (is_null($user) || PEAR::isError($user))  
380 - {  
381 - return $user;  
382 - }  
383 -  
384 - return new KTAPI_Folder($ktapi, $folder);  
385 - }  
386 -  
387 - /**  
388 - * This is the constructor for the KTAPI_Folder.  
389 - *  
390 - * @access private  
391 - * @param KTAPI $ktapi  
392 - * @param Folder $folder  
393 - * @return KTAPI_Folder  
394 - */  
395 - function KTAPI_Folder(&$ktapi, &$folder)  
396 - {  
397 - $this->ktapi = &$ktapi;  
398 - $this->folder = &$folder;  
399 - $this->folderid = $folder->getId();  
400 - }  
401 -  
402 - /**  
403 - * This returns a reference to the internal folder object.  
404 - *  
405 - * @access protected  
406 - * @return Folder  
407 - */  
408 - function &get_folder()  
409 - {  
410 - return $this->folder;  
411 - }  
412 -  
413 -  
414 - /**  
415 - * This returns detailed information on the document.  
416 - *  
417 - * @return array  
418 - */  
419 - function get_detail()  
420 - {  
421 - $detail = array(  
422 - 'id'=>(int) $this->folderid,  
423 - 'folder_name'=>$this->get_folder_name(),  
424 - 'parent_id'=>(int) $this->get_parent_folder_id(),  
425 - 'full_path'=>$this->get_full_path(),  
426 - );  
427 -  
428 - return $detail;  
429 - }  
430 -  
431 - function get_parent_folder_id()  
432 - {  
433 - return (int) $this->folder->getParentID();  
434 - }  
435 -  
436 - function get_folder_name()  
437 - {  
438 - return $this->folder->getFolderName($this->folderid);  
439 - }  
440 -  
441 -  
442 - /**  
443 - * This returns the folderid.  
444 - *  
445 - * @return int  
446 - */  
447 - function get_folderid()  
448 - {  
449 - return (int) $this->folderid;  
450 - }  
451 -  
452 - /**  
453 - * This can resolve a folder relative to the current directy by name  
454 - *  
455 - * @access public  
456 - * @param string $foldername  
457 - * @return KTAPI_Folder  
458 - */  
459 - function &get_folder_by_name($foldername)  
460 - {  
461 - $foldername=trim($foldername);  
462 - if (empty($foldername))  
463 - {  
464 - return new PEAR_Error('A valid folder name must be specified.');  
465 - }  
466 -  
467 - $split = explode('/', $foldername);  
468 -  
469 - $folderid=$this->folderid;  
470 - foreach($split as $foldername)  
471 - {  
472 - $sql = "SELECT id FROM folders WHERE name='$foldername' and parent_id=$folderid";  
473 - $row = DBUtil::getOneResult($sql);  
474 - if (is_null($row) || PEAR::isError($row))  
475 - {  
476 - return new PEAR_Error(KTAPI_ERROR_FOLDER_INVALID);  
477 - }  
478 - $folderid = $row['id'];  
479 - }  
480 -  
481 - return KTAPI_Folder::get($this->ktapi, $folderid);  
482 - }  
483 -  
484 - function get_full_path()  
485 - {  
486 - $path = $this->folder->getFullPath() . '/' . $this->folder->getName();  
487 -  
488 - return $path;  
489 - }  
490 -  
491 - /**  
492 - * This gets a document by filename or name.  
493 - *  
494 - * @access private  
495 - * @param string $documentname  
496 - * @param string $function  
497 - * @return KTAPI_Document  
498 - */  
499 - function &_get_document_by_name($documentname, $function='getByNameAndFolder')  
500 - {  
501 - $documentname=trim($documentname);  
502 - if (empty($documentname))  
503 - {  
504 - return new PEAR_Error('A valid document name must be specified.');  
505 - }  
506 -  
507 - $foldername = dirname($documentname);  
508 - $documentname = basename($documentname);  
509 -  
510 - $ktapi_folder = $this;  
511 -  
512 - if (!empty($foldername) && ($foldername != '.'))  
513 - {  
514 - $ktapi_folder = $this->get_folder_by_name($foldername);  
515 - }  
516 -  
517 - if (is_null($ktapi_folder) || PEAR::isError($ktapi_folder))  
518 - {  
519 - return new PEAR_Error(KTAPI_ERROR_FOLDER_INVALID);  
520 - }  
521 -  
522 - //$folder = $ktapi_folder->get_folder();  
523 - $folderid = $ktapi_folder->folderid;  
524 -  
525 - $document = Document::$function($documentname, $folderid);  
526 - if (is_null($document) || PEAR::isError($document))  
527 - {  
528 - return new PEAR_Error(KTAPI_ERROR_DOCUMENT_INVALID);  
529 - }  
530 -  
531 - $user = $this->can_user_access_object_requiring_permission($document, KTAPI_PERMISSION_READ);  
532 - if (PEAR::isError($user))  
533 - {  
534 - return $user;  
535 - }  
536 -  
537 - return new KTAPI_Document($this->ktapi, $ktapi_folder, $document);  
538 - }  
539 -  
540 - /**  
541 - * This can resolve a document relative to the current directy by name.  
542 - *  
543 - * @access public  
544 - * @param string $documentname  
545 - * @return KTAPI_Document  
546 - */  
547 - function &get_document_by_name($documentname)  
548 - {  
549 - return $this->_get_document_by_name($documentname,'getByNameAndFolder');  
550 - }  
551 -  
552 - /**  
553 - * This can resolve a document relative to the current directy by filename .  
554 - *  
555 - * @access public  
556 - * @param string $documentname  
557 - * @return KTAPI_Document  
558 - */  
559 - function &get_document_by_filename($documentname)  
560 - {  
561 - return $this->_get_document_by_name($documentname,'getByFilenameAndFolder');  
562 - }  
563 -  
564 - function get_listing($depth=1, $what='DF')  
565 - {  
566 - if ($depth < 1)  
567 - {  
568 - return array();  
569 - }  
570 - $permission = &KTPermission::getByName(KTAPI_PERMISSION_READ);  
571 - $permissionid= $permission->getId();  
572 -  
573 - $user = $this->ktapi->get_user();  
574 - $aPermissionDescriptors = implode(',',KTPermissionUtil::getPermissionDescriptorsForUser($user));  
575 -  
576 - $sql = '';  
577 - if (strpos($what,'D') !== false)  
578 - {  
579 - $sql .= "SELECT  
580 - d.id,  
581 - 'D' as item_type,  
582 - dmv.name as title,  
583 - ifnull(uc.name, 'n/a') AS creator,  
584 - ifnull(cou.name, 'n/a') AS checkedoutby,  
585 - ifnull(mu.name, 'n/a') AS modifiedby,  
586 - dcv.filename,  
587 - dcv.size,  
588 - dcv.major_version,  
589 - dcv.minor_version,  
590 - dcv.storage_path,  
591 - ifnull(mt.mimetypes, 'unknown') as mime_type,  
592 - ifnull(mt.icon_path, 'unknown') as mime_icon_path,  
593 - ifnull(mt.friendly_name, 'unknown') as mime_display  
594 - FROM  
595 - documents d  
596 - INNER JOIN permission_lookups AS PL ON d.permission_lookup_id = PL.id  
597 - INNER JOIN permission_lookup_assignments AS PLA ON PL.id = PLA.permission_lookup_id AND PLA.permission_id = $permissionid  
598 - INNER JOIN document_metadata_version AS dmv ON d.metadata_version_id=dmv.id  
599 - INNER JOIN document_content_version AS dcv ON dmv.content_version_id=dcv.id  
600 - LEFT OUTER JOIN mime_types mt ON dcv.mime_id = mt.id  
601 - LEFT OUTER JOIN users AS uc ON d.creator_id=uc.id  
602 - LEFT OUTER JOIN users AS cou ON d.checked_out_user_id=cou.id  
603 - LEFT OUTER JOIN users AS mu ON d.modified_user_id=mu.id  
604 - WHERE  
605 - d.folder_id=$this->folderid  
606 - AND d.status_id = 1  
607 - AND PLA.permission_descriptor_id IN ($aPermissionDescriptors)";  
608 - }  
609 -  
610 - if (strpos($what,'F') !== false)  
611 - {  
612 - if (strpos($what,'D') !== false)  
613 - {  
614 - $sql .= ' UNION ';  
615 - }  
616 -  
617 - $sql .= "  
618 - SELECT  
619 - f.id,  
620 - 'F' as item_type,  
621 - f.name as title,  
622 - ifnull(uc.name, 'n/a') AS creator,  
623 - 'n/a' checkedoutby,  
624 - 'n/a' AS modifiedby,  
625 - f.name as filename,  
626 - 'n/a' as size,  
627 - 'n/a' as major_version,  
628 - 'n/a' as minor_version,  
629 - 'n/a' as storage_path,  
630 - 'folder' as mime_type,  
631 - 'folder' as mime_icon_path,  
632 - 'Folder' as mime_display  
633 - FROM  
634 - folders f  
635 - INNER JOIN permission_lookups AS PL ON f.permission_lookup_id = PL.id  
636 - INNER JOIN permission_lookup_assignments AS PLA ON PL.id = PLA.permission_lookup_id AND PLA.permission_id = $permissionid  
637 - LEFT OUTER JOIN users AS uc ON f.creator_id=uc.id  
638 -  
639 - WHERE  
640 - f.parent_id=$this->folderid  
641 -  
642 - AND PLA.permission_descriptor_id IN ($aPermissionDescriptors)  
643 - ORDER BY item_type DESC, title, filename  
644 - ";  
645 - }  
646 -  
647 - $contents = DBUtil::getResultArray($sql);  
648 - if (is_null($contents) || PEAR::isError($contents))  
649 - {  
650 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
651 - }  
652 -  
653 - $num_items = count($contents);  
654 - for($i=0;$i<$num_items;$i++)  
655 - {  
656 - $contents[$i]['id'] = (int) $contents[$i]['id'];  
657 - if ($contents[$i]['item_type'] == 'D')  
658 - {  
659 - $contents[$i]['items'] = array();  
660 - }  
661 - else  
662 - {  
663 - if ($depth-1 > 0)  
664 - {  
665 - $folder = &$this->ktapi->get_folder_by_id($item['id']);  
666 - $contents[$i]['items'] = $folder->get_listing($depth-1);  
667 - }  
668 - else  
669 - {  
670 - $contents[$i]['items'] = array();  
671 - }  
672 - }  
673 - }  
674 -  
675 - return $contents;  
676 - }  
677 -  
678 - /**  
679 - * This adds a document to the current folder.  
680 - *  
681 - * @access public  
682 - * @param string $title This is the title for the file in the repository.  
683 - * @param string $filename This is the filename in the system for the file.  
684 - * @param string $documenttype This is the name or id of the document type. It first looks by name, then by id.  
685 - * @param string $tempfilename This is a reference to the file that is accessible locally on the file system.  
686 - * @return KTAPI_Document  
687 - */  
688 - function &add_document($title, $filename, $documenttype, $tempfilename)  
689 - {  
690 - if (!is_file($tempfilename))  
691 - {  
692 - return new PEAR_Error('File does not exist.');  
693 - }  
694 -  
695 - $user = $this->can_user_access_object_requiring_permission($this->folder, KTAPI_PERMISSION_WRITE);  
696 - if (PEAR::isError($user))  
697 - {  
698 - return $user;  
699 - }  
700 -  
701 - $filename = basename($filename);  
702 - $documenttypeid = KTAPI::get_documenttypeid($documenttype);  
703 -  
704 - $options = array(  
705 - 'contents' => new KTFSFileLike($tempfilename),  
706 - 'novalidate' => true,  
707 - 'documenttype' => DocumentType::get($documenttypeid),  
708 - 'description' => $title,  
709 - 'metadata'=>array(),  
710 - 'cleanup_initial_file' => true  
711 - );  
712 -  
713 - DBUtil::startTransaction();  
714 - $document =& KTDocumentUtil::add($this->folder, $filename, $user, $options);  
715 -  
716 - if (!is_a($document,'Document'))  
717 - {  
718 - DBUtil::rollback();  
719 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
720 - }  
721 - DBUtil::commit();  
722 -  
723 - $tempfilename=addslashes($tempfilename);  
724 - $sql = "DELETE FROM uploaded_files WHERE tempfilename='$tempfilename'";  
725 - $result = DBUtil::runQuery($sql);  
726 - if (PEAR::isError($result))  
727 - {  
728 - return $result;  
729 - }  
730 -  
731 - return new KTAPI_Document($this->ktapi, $this, $document);  
732 - }  
733 -  
734 - /**  
735 - * This adds a subfolder folder to the current folder.  
736 - *  
737 - * @access public  
738 - * @param string $foldername  
739 - * @return KTAPI_Folder  
740 - */  
741 - function &add_folder($foldername)  
742 - {  
743 - $user = $this->can_user_access_object_requiring_permission($this->folder, KTAPI_PERMISSION_ADD_FOLDER);  
744 -  
745 - if (PEAR::isError($user))  
746 - {  
747 - return $user;  
748 - }  
749 -  
750 - DBUtil::startTransaction();  
751 - $result = KTFolderUtil::add($this->folder, $foldername, $user);  
752 -  
753 - if (PEAR::isError($result))  
754 - {  
755 - DBUtil::rollback();  
756 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
757 - }  
758 - DBUtil::commit();  
759 - $folderid = $result->getId();  
760 -  
761 - return $this->ktapi->get_folder_by_id($folderid);  
762 - }  
763 -  
764 - /**  
765 - * This deletes the current folder.  
766 - *  
767 - * @param string $reason  
768 - */  
769 - function delete($reason)  
770 - {  
771 - $user = $this->can_user_access_object_requiring_permission($this->folder, KTAPI_PERMISSION_DELETE);  
772 - if (PEAR::isError($user))  
773 - {  
774 - return $user;  
775 - }  
776 -  
777 - if ($this->folderid == 1)  
778 - {  
779 - return new PEAR_Error('Cannot delete root folder!');  
780 - }  
781 -  
782 - DBUtil::startTransaction();  
783 - $result = KTFolderUtil::delete($this->folder, $user, $reason);  
784 -  
785 - if (PEAR::isError($result))  
786 - {  
787 - DBUtil::rollback();  
788 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
789 - }  
790 - DBUtil::commit();  
791 - }  
792 -  
793 - /**  
794 - * This renames the folder  
795 - *  
796 - * @param string $newname  
797 - */  
798 - function rename($newname)  
799 - {  
800 - $user = $this->can_user_access_object_requiring_permission($this->folder, KTAPI_PERMISSION_RENAME_FOLDER);  
801 - if (PEAR::isError($user))  
802 - {  
803 - return $user;  
804 - }  
805 -  
806 - DBUtil::startTransaction();  
807 - $result = KTFolderUtil::rename($this->folder, $newname, $user);  
808 -  
809 - if (PEAR::isError($result))  
810 - {  
811 - DBUtil::rollback();  
812 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
813 - }  
814 - DBUtil::commit();  
815 - }  
816 -  
817 - /**  
818 - * This moves the folder to another location.  
819 - *  
820 - * @param KTAPI_Folder $ktapi_target_folder  
821 - * @param string $reason  
822 - */  
823 - function move($ktapi_target_folder, $reason='')  
824 - {  
825 - assert(!is_null($ktapi_target_folder));  
826 - assert(is_a($ktapi_target_folder,'KTAPI_Folder'));  
827 -  
828 - $user = $this->ktapi->get_user();  
829 -  
830 - $target_folder = $ktapi_target_folder->get_folder();  
831 -  
832 - $result = $this->can_user_access_object_requiring_permission($target_folder, KTAPI_PERMISSION_WRITE);  
833 - if (PEAR::isError($result))  
834 - {  
835 - return $result;  
836 - }  
837 -  
838 - DBUtil::startTransaction();  
839 - $result = KTFolderUtil::copy($this->folder, $target_folder, $user, $reason);  
840 -  
841 - if (PEAR::isError($result))  
842 - {  
843 - DBUtil::rollback();  
844 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
845 - }  
846 - DBUtil::commit();  
847 - }  
848 -  
849 - /**  
850 - * This copies a folder to another location.  
851 - *  
852 - * @param KTAPI_Folder $ktapi_target_folder  
853 - * @param string $reason  
854 - */  
855 - function copy($ktapi_target_folder, $reason='')  
856 - {  
857 - assert(!is_null($ktapi_target_folder));  
858 - assert(is_a($ktapi_target_folder,'KTAPI_Folder'));  
859 -  
860 - $user = $this->ktapi->get_user();  
861 -  
862 - $target_folder = $ktapi_target_folder->get_folder();  
863 -  
864 - $result =$this->can_user_access_object_requiring_permission($target_folder, KTAPI_PERMISSION_WRITE);  
865 -  
866 - if (PEAR::isError($result))  
867 - {  
868 - return $result;  
869 - }  
870 -  
871 - DBUtil::startTransaction();  
872 - $result = KTFolderUtil::copy($this->folder, $target_folder, $user, $reason);  
873 -  
874 - if (PEAR::isError($result))  
875 - {  
876 - DBUtil::rollback();  
877 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
878 - }  
879 - DBUtil::commit();  
880 - }  
881 -  
882 - /**  
883 - * This returns all permissions linked to the folder.  
884 - *  
885 - * @access public  
886 - * @return array  
887 - */  
888 - function get_permissions()  
889 - {  
890 - return new PEAR_Error('TODO');  
891 - }  
892 -  
893 - /**  
894 - * This returns a transaction history listing.  
895 - *  
896 - * @access public  
897 - * @return array  
898 - */  
899 - function get_transaction_history()  
900 - {  
901 - return new PEAR_Error('TODO');  
902 - }  
903 -}  
904 -  
905 -class KTAPI_Document extends KTAPI_FolderItem  
906 -{  
907 - /**  
908 - * This is a reference to the internal document object.  
909 - *  
910 - * @var Document  
911 - */  
912 - var $document;  
913 - /**  
914 - * This is the id of the document.  
915 - *  
916 - * @var int  
917 - */  
918 - var $documentid;  
919 - /**  
920 - * This is a reference to the parent folder.  
921 - *  
922 - * @var KTAPI_Folder  
923 - */  
924 - var $ktapi_folder;  
925 -  
926 - /**  
927 - * This is used to get a document based on document id.  
928 - *  
929 - * @static  
930 - * @access public  
931 - * @param KTAPI $ktapi  
932 - * @param int $documentid  
933 - * @return KTAPI_Document  
934 - */  
935 - function &get(&$ktapi, $documentid)  
936 - {  
937 - assert(!is_null($ktapi));  
938 - assert(is_a($ktapi, 'KTAPI'));  
939 - assert(is_numeric($documentid));  
940 -  
941 - $documentid += 0;  
942 -  
943 - $document = &Document::get($documentid);  
944 - if (is_null($document) || PEAR::isError($document))  
945 - {  
946 - return new PEAR_Error(KTAPI_ERROR_DOCUMENT_INVALID);  
947 - }  
948 -  
949 - $user = $ktapi->can_user_access_object_requiring_permission($document, KTAPI_PERMISSION_READ);  
950 -  
951 - if (is_null($user) || PEAR::isError($user))  
952 - {  
953 - return $user;  
954 - }  
955 -  
956 - $folderid = $document->getParentID();  
957 -  
958 - if (!is_null($folderid))  
959 - {  
960 - $ktapi_folder = &KTAPI_Folder::get($ktapi, $folderid);  
961 - }  
962 - else  
963 - {  
964 - $ktapi_folder = null;  
965 - }  
966 - // We don't do any checks on this folder as it could possibly be deleted, and is not required right now.  
967 -  
968 - return new KTAPI_Document($ktapi, $ktapi_folder, $document);  
969 - }  
970 -  
971 - /**  
972 - * This is the constructor for the KTAPI_Folder.  
973 - *  
974 - * @access private  
975 - * @param KTAPI $ktapi  
976 - * @param Document $document  
977 - * @return KTAPI_Document  
978 - */  
979 - function KTAPI_Document(&$ktapi, &$ktapi_folder, &$document)  
980 - {  
981 - assert(is_a($ktapi,'KTAPI'));  
982 - assert(is_null($ktapi_folder) || is_a($ktapi_folder,'KTAPI_Folder'));  
983 -  
984 - $this->ktapi = &$ktapi;  
985 - $this->ktapi_folder = &$ktapi_folder;  
986 - $this->document = &$document;  
987 - $this->documentid = $document->getId();  
988 - }  
989 -  
990 - /**  
991 - * This checks a document into the repository  
992 - *  
993 - * @param string $filename  
994 - * @param string $reason  
995 - * @param string $tempfilename  
996 - * @param bool $major_update  
997 - */  
998 - function checkin($filename, $reason, $tempfilename, $major_update=false)  
999 - {  
1000 - if (!is_file($tempfilename))  
1001 - {  
1002 - return new PEAR_Error('File does not exist.');  
1003 - }  
1004 -  
1005 - $user = $this->can_user_access_object_requiring_permission($this->document, KTAPI_PERMISSION_WRITE);  
1006 -  
1007 - if (PEAR::isError($user))  
1008 - {  
1009 - return $user;  
1010 - }  
1011 -  
1012 - if (!$this->document->getIsCheckedOut())  
1013 - {  
1014 - return new PEAR_Error(KTAPI_ERROR_DOCUMENT_NOT_CHECKED_OUT);  
1015 - }  
1016 -  
1017 - $options = array('major_update'=>$major_update);  
1018 -  
1019 - $currentfilename = $this->document->getFileName();  
1020 - if ($filename != $currentfilename)  
1021 - {  
1022 - $options['newfilename'] = $filename;  
1023 - }  
1024 -  
1025 - DBUtil::startTransaction();  
1026 - $result = KTDocumentUtil::checkin($this->document, $tempfilename, $reason, $user, $options);  
1027 -  
1028 - if (PEAR::isError($result))  
1029 - {  
1030 - DBUtil::rollback();  
1031 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
1032 - }  
1033 - DBUtil::commit();  
1034 -  
1035 - $tempfilename=addslashes($tempfilename);  
1036 - $sql = "DELETE FROM uploaded_files WHERE tempfilename='$tempfilename'";  
1037 - $result = DBUtil::runQuery($sql);  
1038 - if (PEAR::isError($result))  
1039 - {  
1040 - return $result;  
1041 - }  
1042 -  
1043 - }  
1044 -  
1045 - /**  
1046 - * This reverses the checkout process.  
1047 - *  
1048 - * @param string $reason  
1049 - */  
1050 - function undo_checkout($reason)  
1051 - {  
1052 - $user = $this->can_user_access_object_requiring_permission($this->document, KTAPI_PERMISSION_WRITE);  
1053 -  
1054 - if (PEAR::isError($user))  
1055 - {  
1056 - return $user;  
1057 - }  
1058 -  
1059 - if (!$this->document->getIsCheckedOut())  
1060 - {  
1061 - return new PEAR_Error(KTAPI_ERROR_DOCUMENT_NOT_CHECKED_OUT);  
1062 - }  
1063 -  
1064 - DBUtil::startTransaction();  
1065 -  
1066 - $this->document->setIsCheckedOut(0);  
1067 - $this->document->setCheckedOutUserID(-1);  
1068 - $res = $this->document->update();  
1069 - if (($res === false) || PEAR::isError($res))  
1070 - {  
1071 - DBUtil::rollback();  
1072 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
1073 - }  
1074 -  
1075 - $oDocumentTransaction = & new DocumentTransaction($this->document, $reason, 'ktcore.transactions.force_checkin');  
1076 -  
1077 - $res = $oDocumentTransaction->create();  
1078 - if (($res === false) || PEAR::isError($res)) {  
1079 - DBUtil::rollback();  
1080 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
1081 - }  
1082 - DBUtil::commit();  
1083 - }  
1084 -  
1085 - /**  
1086 - * This returns a URL to the file that can be downloaded.  
1087 - *  
1088 - * @param string $reason  
1089 - */  
1090 - function checkout($reason)  
1091 - {  
1092 - $user = $this->can_user_access_object_requiring_permission($this->document, KTAPI_PERMISSION_WRITE);  
1093 -  
1094 - if (PEAR::isError($user))  
1095 - {  
1096 - return $user;  
1097 - }  
1098 -  
1099 - if ($this->document->getIsCheckedOut())  
1100 - {  
1101 - return new PEAR_Error(KTAPI_ERROR_DOCUMENT_CHECKED_OUT);  
1102 - }  
1103 -  
1104 - DBUtil::startTransaction();  
1105 - $res = KTDocumentUtil::checkout($this->document, $reason, $user);  
1106 - if (PEAR::isError($res))  
1107 - {  
1108 - DBUtil::rollback();  
1109 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
1110 - }  
1111 -  
1112 - DBUtil::commit();  
1113 - }  
1114 -  
1115 - /**  
1116 - * This deletes a document from the folder.  
1117 - *  
1118 - * @param string $reason  
1119 - */  
1120 - function delete($reason)  
1121 - {  
1122 - $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_DELETE);  
1123 -  
1124 - if (PEAR::isError($user))  
1125 - {  
1126 - return $user;  
1127 - }  
1128 -  
1129 - if ($this->document->getIsCheckedOut())  
1130 - {  
1131 - return new PEAR_Error(KTAPI_ERROR_DOCUMENT_CHECKED_OUT);  
1132 - }  
1133 -  
1134 - DBUtil::startTransaction();  
1135 - $res = KTDocumentUtil::delete($this->document, $reason);  
1136 - if (PEAR::isError($res))  
1137 - {  
1138 - DBUtil::rollback();  
1139 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
1140 - }  
1141 -  
1142 - DBUtil::commit();  
1143 - }  
1144 -  
1145 - /**  
1146 - * This changes the owner of the file.  
1147 - *  
1148 - * @param string $ktapi_newuser  
1149 - */  
1150 - function change_owner($newusername, $reason='Changing of owner.')  
1151 - {  
1152 - $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_CHANGE_OWNERSHIP);  
1153 -  
1154 - if (PEAR::isError($user))  
1155 - {  
1156 - return $user;  
1157 - }  
1158 -  
1159 - DBUtil::startTransaction();  
1160 -  
1161 - $user = &User::getByUserName($newusername);  
1162 - if (is_null($user) || PEAR::isError($user))  
1163 - {  
1164 - return new PEAR_Error('User could not be found');  
1165 - }  
1166 -  
1167 - $newuserid = $user->getId();  
1168 -  
1169 - $this->document->setOwnerID($newuserid);  
1170 -  
1171 - $res = $this->document->update();  
1172 -  
1173 - if (PEAR::isError($res))  
1174 - {  
1175 - DBUtil::rollback();  
1176 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
1177 - }  
1178 -  
1179 - $res = KTPermissionUtil::updatePermissionLookup($this->document);  
1180 - if (PEAR::isError($res))  
1181 - {  
1182 - DBUtil::rollback();  
1183 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
1184 - }  
1185 -  
1186 - $oDocumentTransaction = & new DocumentTransaction($this->document, $reason, 'ktcore.transactions.permissions_change');  
1187 -  
1188 - $res = $oDocumentTransaction->create();  
1189 - if (($res === false) || PEAR::isError($res)) {  
1190 - DBUtil::rollback();  
1191 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
1192 - }  
1193 -  
1194 - DBUtil::commit();  
1195 - }  
1196 -  
1197 - /**  
1198 - * This copies the document to another folder.  
1199 - *  
1200 - * @param KTAPI_Folder $ktapi_target_folder  
1201 - * @param string $reason  
1202 - * @param string $newname  
1203 - * @param string $newfilename  
1204 - */  
1205 - function copy(&$ktapi_target_folder, $reason, $newname=null, $newfilename=null)  
1206 - {  
1207 - assert(!is_null($ktapi_target_folder));  
1208 - assert(is_a($ktapi_target_folder,'KTAPI_Folder'));  
1209 -  
1210 - if (empty($newname))  
1211 - {  
1212 - $newname=null;  
1213 - }  
1214 - if (empty($newfilename))  
1215 - {  
1216 - $newfilename=null;  
1217 - }  
1218 -  
1219 - $user = $this->ktapi->get_user();  
1220 -  
1221 - if ($this->document->getIsCheckedOut())  
1222 - {  
1223 - return new PEAR_Error(KTAPI_ERROR_DOCUMENT_CHECKED_OUT);  
1224 - }  
1225 -  
1226 - $target_folder = &$ktapi_target_folder->get_folder();  
1227 -  
1228 - $result = $this->can_user_access_object_requiring_permission( $target_folder, KTAPI_PERMISSION_WRITE);  
1229 -  
1230 - if (PEAR::isError($result))  
1231 - {  
1232 - return $result;  
1233 - }  
1234 -  
1235 - $name = $this->document->getName();  
1236 - $clash = KTDocumentUtil::nameExists($target_folder, $name);  
1237 - if ($clash && !is_null($newname))  
1238 - {  
1239 - $name = $newname;  
1240 - $clash = KTDocumentUtil::nameExists($target_folder, $name);  
1241 - }  
1242 - if ($clash)  
1243 - {  
1244 - return new PEAR_Error('A document with this title already exists in your chosen folder. Please choose a different folder, or specify a new title for the copied document.');  
1245 - }  
1246 -  
1247 - $filename=$this->document->getFilename();  
1248 - $clash = KTDocumentUtil::fileExists($target_folder, $filename);  
1249 -  
1250 - if ($clash && !is_null($newname))  
1251 - {  
1252 - $filename = $newfilename;  
1253 - $clash = KTDocumentUtil::fileExists($target_folder, $filename);  
1254 - }  
1255 - if ($clash)  
1256 - {  
1257 - return new PEAR_Error('A document with this filename already exists in your chosen folder. Please choose a different folder, or specify a new filename for the copied document.');  
1258 - }  
1259 -  
1260 - DBUtil::startTransaction();  
1261 -  
1262 - $new_document = KTDocumentUtil::copy($this->document, $target_folder, $reason);  
1263 - if (PEAR::isError($new_document))  
1264 - {  
1265 - DBUtil::rollback();  
1266 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
1267 - }  
1268 -  
1269 - $new_document->setName($name);  
1270 - $new_document->setFilename($filename);  
1271 -  
1272 - $res = $new_document->update();  
1273 -  
1274 - if (PEAR::isError($res))  
1275 - {  
1276 - DBUtil::rollback();  
1277 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
1278 - }  
1279 -  
1280 - DBUtil::commit();  
1281 -  
1282 - // FIXME do we need to refactor all trigger usage into the util function?  
1283 - $oKTTriggerRegistry = KTTriggerRegistry::getSingleton();  
1284 - $aTriggers = $oKTTriggerRegistry->getTriggers('copyDocument', 'postValidate');  
1285 - foreach ($aTriggers as $aTrigger) {  
1286 - $sTrigger = $aTrigger[0];  
1287 - $oTrigger = new $sTrigger;  
1288 - $aInfo = array(  
1289 - 'document' => $new_document,  
1290 - 'old_folder' => $this->folder->get_folder(),  
1291 - 'new_folder' => $target_folder,  
1292 - );  
1293 - $oTrigger->setInfo($aInfo);  
1294 - $ret = $oTrigger->postValidate();  
1295 - }  
1296 - }  
1297 -  
1298 - /**  
1299 - * This moves the document to another folder.  
1300 - *  
1301 - * @param KTAPI_Folder $ktapi_target_folder  
1302 - * @param string $reason  
1303 - * @param string $newname  
1304 - * @param string $newfilename  
1305 - */  
1306 - function move(&$ktapi_target_folder, $reason, $newname=null, $newfilename=null)  
1307 - {  
1308 - assert(!is_null($ktapi_target_folder));  
1309 - assert(is_a($ktapi_target_folder,'KTAPI_Folder'));  
1310 -  
1311 - if (empty($newname))  
1312 - {  
1313 - $newname=null;  
1314 - }  
1315 - if (empty($newfilename))  
1316 - {  
1317 - $newfilename=null;  
1318 - }  
1319 -  
1320 - $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_DOCUMENT_MOVE);  
1321 -  
1322 - if (PEAR::isError($user))  
1323 - {  
1324 - return $user;  
1325 - }  
1326 -  
1327 - if ($this->document->getIsCheckedOut())  
1328 - {  
1329 - return new PEAR_Error(KTAPI_ERROR_DOCUMENT_CHECKED_OUT);  
1330 - }  
1331 -  
1332 - $target_folder = $ktapi_target_folder->get_folder();  
1333 -  
1334 - $result= $this->can_user_access_object_requiring_permission( $target_folder, KTAPI_PERMISSION_WRITE);  
1335 -  
1336 - if (PEAR::isError($result))  
1337 - {  
1338 - return $result;  
1339 - }  
1340 -  
1341 - if (!KTDocumentUtil::canBeMoved($this->document))  
1342 - {  
1343 - return new PEAR_Error('Document cannot be moved.');  
1344 - }  
1345 -  
1346 - $name = $this->document->getName();  
1347 - $clash = KTDocumentUtil::nameExists($target_folder, $name);  
1348 - if ($clash && !is_null($newname))  
1349 - {  
1350 - $name = $newname;  
1351 - $clash = KTDocumentUtil::nameExists($target_folder, $name);  
1352 - }  
1353 - if ($clash)  
1354 - {  
1355 - return new PEAR_Error('A document with this title already exists in your chosen folder. Please choose a different folder, or specify a new title for the moved document.');  
1356 - }  
1357 -  
1358 - $filename=$this->document->getFilename();  
1359 - $clash = KTDocumentUtil::fileExists($target_folder, $filename);  
1360 -  
1361 - if ($clash && !is_null($newname))  
1362 - {  
1363 - $filename = $newfilename;  
1364 - $clash = KTDocumentUtil::fileExists($target_folder, $filename);  
1365 - }  
1366 - if ($clash)  
1367 - {  
1368 - return new PEAR_Error('A document with this filename already exists in your chosen folder. Please choose a different folder, or specify a new filename for the moved document.');  
1369 - }  
1370 -  
1371 - DBUtil::startTransaction();  
1372 -  
1373 - $res = KTDocumentUtil::move($this->document, $target_folder, $user, $reason);  
1374 - if (PEAR::isError($res))  
1375 - {  
1376 - DBUtil::rollback();  
1377 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
1378 - }  
1379 -  
1380 - $this->document->setName($name);  
1381 - $this->document->setFilename($filename);  
1382 -  
1383 - $res = $this->document->update();  
1384 -  
1385 - if (PEAR::isError($res))  
1386 - {  
1387 - DBUtil::rollback();  
1388 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
1389 - }  
1390 -  
1391 - DBUtil::commit();  
1392 - }  
1393 -  
1394 - /**  
1395 - * This changes the filename of the document.  
1396 - *  
1397 - * @param string $newname  
1398 - */  
1399 - function renameFile($newname)  
1400 - {  
1401 - $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WRITE);  
1402 -  
1403 - if (PEAR::isError($user))  
1404 - {  
1405 - return $user;  
1406 - }  
1407 -  
1408 - DBUtil::startTransaction();  
1409 - $res = KTDocumentUtil::rename($this->document, $newname, $user);  
1410 - if (PEAR::isError($res))  
1411 - {  
1412 - DBUtil::rollback();  
1413 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
1414 - }  
1415 - DBUtil::commit();  
1416 - }  
1417 -  
1418 - /**  
1419 - * This changes the document type of the document.  
1420 - *  
1421 - * @param string $newname  
1422 - */  
1423 - function change_document_type($documenttype)  
1424 - {  
1425 - $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WRITE);  
1426 -  
1427 - if (PEAR::isError($user))  
1428 - {  
1429 - return $user;  
1430 - }  
1431 -  
1432 - $doctypeid = KTAPI::get_documenttypeid($documenttype);  
1433 -  
1434 - if ($this->document->getDocumentTypeId() != $doctypeid)  
1435 - {  
1436 - DBUtil::startTransaction();  
1437 - $this->document->setDocumentTypeId($doctypeid);  
1438 - $res = $this->document->update();  
1439 -  
1440 - if (PEAR::isError($res))  
1441 - {  
1442 - DBUtil::rollback();  
1443 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
1444 - }  
1445 - DBUtil::commit();  
1446 - }  
1447 - }  
1448 -  
1449 - /**  
1450 - * This changes the title of the document.  
1451 - *  
1452 - * @param string $newname  
1453 - */  
1454 - function rename($newname)  
1455 - {  
1456 - $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WRITE);  
1457 -  
1458 - if (PEAR::isError($user))  
1459 - {  
1460 - return $user;  
1461 - }  
1462 -  
1463 - if ($this->document->getName() != $newname)  
1464 - {  
1465 -  
1466 - DBUtil::startTransaction();  
1467 - $this->document->setName($newname);  
1468 - $res = $this->document->update();  
1469 -  
1470 - if (PEAR::isError($res))  
1471 - {  
1472 - DBUtil::rollback();  
1473 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
1474 - }  
1475 - DBUtil::commit();  
1476 - }  
1477 - }  
1478 -  
1479 - /**  
1480 - * This flags the document as 'archived'.  
1481 - *  
1482 - * @param string $reason  
1483 - */  
1484 - function archive($reason)  
1485 - {  
1486 - $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WRITE);  
1487 -  
1488 - if (PEAR::isError($user))  
1489 - {  
1490 - return $user;  
1491 - }  
1492 -  
1493 - list($permission, $user) = $perm_and_user;  
1494 -  
1495 - DBUtil::startTransaction();  
1496 - $this->document->setStatusID(ARCHIVED);  
1497 - $res = $this->document->update();  
1498 - if (($res === false) || PEAR::isError($res)) {  
1499 - DBUtil::rollback();  
1500 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
1501 - }  
1502 -  
1503 - $oDocumentTransaction = & new DocumentTransaction($this->document, sprintf(_kt('Document archived: %s'), $reason), 'ktcore.transactions.update');  
1504 - $oDocumentTransaction->create();  
1505 -  
1506 - DBUtil::commit();  
1507 -  
1508 - $oKTTriggerRegistry = KTTriggerRegistry::getSingleton();  
1509 - $aTriggers = $oKTTriggerRegistry->getTriggers('archive', 'postValidate');  
1510 - foreach ($aTriggers as $aTrigger)  
1511 - {  
1512 - $sTrigger = $aTrigger[0];  
1513 - $oTrigger = new $sTrigger;  
1514 - $aInfo = array(  
1515 - 'document' => $this->document,  
1516 - );  
1517 - $oTrigger->setInfo($aInfo);  
1518 - $ret = $oTrigger->postValidate();  
1519 - }  
1520 - }  
1521 -  
1522 - /**  
1523 - * This starts a workflow on a document.  
1524 - *  
1525 - * @param string $workflow  
1526 - */  
1527 - function start_workflow($workflow)  
1528 - {  
1529 - $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WORKFLOW);  
1530 -  
1531 - if (PEAR::isError($user))  
1532 - {  
1533 - return $user;  
1534 - }  
1535 -  
1536 - $workflowid = $this->document->getWorkflowId();  
1537 -  
1538 - if (!empty($workflowid))  
1539 - {  
1540 - return new PEAR_Error('A workflow is already defined.');  
1541 - }  
1542 -  
1543 - $workflow = KTWorkflow::getByName($workflow);  
1544 - if (is_null($workflow) || PEAR::isError($workflow))  
1545 - {  
1546 - return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);  
1547 - }  
1548 -  
1549 - DBUtil::startTransaction();  
1550 - $result = KTWorkflowUtil::startWorkflowOnDocument($workflow, $this->document);  
1551 - if (is_null($result) || PEAR::isError($result))  
1552 - {  
1553 - DBUtil::rollback();  
1554 - return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);  
1555 - }  
1556 - DBUtil::commit();  
1557 - }  
1558 -  
1559 - /**  
1560 - * This deletes the workflow on the document.  
1561 - *  
1562 - */  
1563 - function delete_workflow()  
1564 - {  
1565 - $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WORKFLOW);  
1566 -  
1567 - if (PEAR::isError($user))  
1568 - {  
1569 - return $user;  
1570 - }  
1571 -  
1572 - $workflowid=$this->document->getWorkflowId();  
1573 - if (!empty($workflowid))  
1574 - {  
1575 - return new PEAR_Error(KTAPI_ERROR_WORKFLOW_NOT_IN_PROGRESS);  
1576 - }  
1577 -  
1578 - DBUtil::startTransaction();  
1579 - $result = KTWorkflowUtil::startWorkflowOnDocument(null, $this->document);  
1580 - if (is_null($result) || PEAR::isError($result))  
1581 - {  
1582 - DBUtil::rollback();  
1583 - return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);  
1584 - }  
1585 - DBUtil::commit();  
1586 - }  
1587 -  
1588 - /**  
1589 - * This performs a transition on the workflow  
1590 - *  
1591 - * @param string $transition  
1592 - * @param string $reason  
1593 - */  
1594 - function perform_workflow_transition($transition, $reason)  
1595 - {  
1596 - $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WORKFLOW);  
1597 -  
1598 - if (PEAR::isError($user))  
1599 - {  
1600 - return $user;  
1601 - }  
1602 -  
1603 - $workflowid=$this->document->getWorkflowId();  
1604 - if (empty($workflowid))  
1605 - {  
1606 - return new PEAR_Error(KTAPI_ERROR_WORKFLOW_NOT_IN_PROGRESS);  
1607 - }  
1608 -  
1609 - $transition = &KTWorkflowTransition::getByName($transition);  
1610 - if (is_null($transition) || PEAR::isError($transition))  
1611 - {  
1612 - return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);  
1613 - }  
1614 -  
1615 - DBUtil::startTransaction();  
1616 - $result = KTWorkflowUtil::performTransitionOnDocument($transition, $this->document, $user, $reason);  
1617 - if (is_null($result) || PEAR::isError($result))  
1618 - {  
1619 - DBUtil::rollback();  
1620 - return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);  
1621 - }  
1622 - DBUtil::commit();  
1623 - }  
1624 -  
1625 -  
1626 -  
1627 - /**  
1628 - * This returns all metadata for the document.  
1629 - *  
1630 - * @return array  
1631 - */  
1632 - function get_metadata()  
1633 - {  
1634 - $doctypeid = $this->document->getDocumentTypeID();  
1635 - $fieldsets = (array) KTMetadataUtil::fieldsetsForDocument($this->document, $doctypeid);  
1636 -  
1637 - $results = array();  
1638 -  
1639 - foreach ($fieldsets as $fieldset)  
1640 - {  
1641 - if ($fieldset->getIsConditional()) { /* this is not implemented...*/ continue; }  
1642 -  
1643 - $fields = $fieldset->getFields();  
1644 - $result = array('fieldset' => $fieldset->getName(),  
1645 - 'description' => $fieldset->getDescription());  
1646 -  
1647 - $fieldsresult = array();  
1648 -  
1649 - foreach ($fields as $field)  
1650 - {  
1651 - $value = 'n/a';  
1652 -  
1653 - $fieldvalue = DocumentFieldLink::getByDocumentAndField($this->document, $field);  
1654 - if (!is_null($fieldvalue) && (!PEAR::isError($fieldvalue)))  
1655 - {  
1656 - $value = $fieldvalue->getValue();  
1657 - }  
1658 -  
1659 - $controltype = 'string';  
1660 - if ($field->getHasLookup())  
1661 - {  
1662 - $controltype = 'lookup';  
1663 - if ($field->getHasLookupTree())  
1664 - {  
1665 - $controltype = 'tree';  
1666 - }  
1667 - }  
1668 -  
1669 - switch ($controltype)  
1670 - {  
1671 - case 'lookup':  
1672 - $selection = KTAPI::get_metadata_lookup($field->getId());  
1673 - break;  
1674 - case 'tree':  
1675 - $selection = KTAPI::get_metadata_tree($field->getId());  
1676 - break;  
1677 - default:  
1678 - $selection= array();  
1679 - }  
1680 -  
1681 -  
1682 - $fieldsresult[] = array(  
1683 - 'name' => $field->getName(),  
1684 - 'required' => $field->getIsMandatory(),  
1685 - 'value' => $value,  
1686 - 'description' => $field->getDescription(),  
1687 - 'control_type' => $controltype,  
1688 - 'selection' => $selection  
1689 -  
1690 - );  
1691 -  
1692 - }  
1693 - $result['fields'] = $fieldsresult;  
1694 - $results [] = $result;  
1695 - }  
1696 -  
1697 - return $results;  
1698 - }  
1699 -  
1700 - /**  
1701 - * This updates the metadata on the file. This includes the 'title'.  
1702 - *  
1703 - * @param array This is an array containing the metadata to be associated with the file.  
1704 - */  
1705 - function update_metadata($metadata)  
1706 - {  
1707 - $packed = array();  
1708 -  
1709 - foreach($metadata as $fieldset_metadata)  
1710 - {  
1711 - $fieldsetname=$fieldset_metadata['fieldset'];  
1712 - $fieldset = KTFieldset::getByName($fieldsetname);  
1713 - if (is_null($fieldset) || PEAR::isError($fieldset))  
1714 - {  
1715 - // exit graciously  
1716 - continue;  
1717 - }  
1718 -  
1719 - foreach($fieldset_metadata['fields'] as $fieldinfo)  
1720 - {  
1721 - $fieldname = $fieldinfo['name'];  
1722 - $field = DocumentField::getByFieldsetAndName($fieldset, $fieldname);  
1723 - if (is_null($field) || PEAR::isError($fieldset))  
1724 - {  
1725 - // exit graciously  
1726 - continue;  
1727 - }  
1728 - $value = $fieldinfo['value'];  
1729 -  
1730 - $packed[] = array($field, $value);  
1731 - }  
1732 - }  
1733 -  
1734 - DBUtil::startTransaction();  
1735 - $result = KTDocumentUtil::saveMetadata($this->document, $packed);  
1736 -  
1737 - if (is_null($result))  
1738 - {  
1739 - DBUtil::rollback();  
1740 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
1741 - }  
1742 - if (PEAR::isError($result))  
1743 - {  
1744 - DBUtil::rollback();  
1745 - return new PEAR_Error(sprintf(_kt("Unexpected validation failure: %s."), $result->getMessage()));  
1746 - }  
1747 - DBUtil::commit();  
1748 - }  
1749 -  
1750 -  
1751 - /**  
1752 - * This returns a workflow transition  
1753 - *  
1754 - * @return array  
1755 - */  
1756 - function get_workflow_transitions()  
1757 - {  
1758 - $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WORKFLOW);  
1759 -  
1760 - if (PEAR::isError($user))  
1761 - {  
1762 - return $user;  
1763 - }  
1764 -  
1765 - $workflowid=$this->document->getWorkflowId();  
1766 - if (empty($workflowid))  
1767 - {  
1768 - return new PEAR_Error(KTAPI_ERROR_WORKFLOW_NOT_IN_PROGRESS);  
1769 - }  
1770 -  
1771 - $result = array();  
1772 -  
1773 - $transitions = KTWorkflowUtil::getTransitionsForDocumentUser($this->document, $user);  
1774 - if (is_null($transitions) || PEAR::isError($transitions))  
1775 - {  
1776 - return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);  
1777 - }  
1778 - foreach($transitions as $transition)  
1779 - {  
1780 - $result[] = $transition->getName();  
1781 - }  
1782 -  
1783 - return $result;  
1784 - }  
1785 -  
1786 - /**  
1787 - * This returns the current workflow state  
1788 - *  
1789 - * @return string  
1790 - */  
1791 - function get_workflow_state()  
1792 - {  
1793 - $user = $this->can_user_access_object_requiring_permission( $this->document, KTAPI_PERMISSION_WORKFLOW);  
1794 -  
1795 - if (PEAR::isError($user))  
1796 - {  
1797 - return $user;  
1798 - }  
1799 -  
1800 - $workflowid=$this->document->getWorkflowId();  
1801 - if (empty($workflowid))  
1802 - {  
1803 - return new PEAR_Error(KTAPI_ERROR_WORKFLOW_NOT_IN_PROGRESS);  
1804 - }  
1805 -  
1806 - $result = array();  
1807 -  
1808 - $state = KTWorkflowUtil::getWorkflowStateForDocument($this->document);  
1809 - if (is_null($state) || PEAR::isError($state))  
1810 - {  
1811 - return new PEAR_Error(KTAPI_ERROR_WORKFLOW_INVALID);  
1812 - }  
1813 -  
1814 - $statename = $state->getName();  
1815 -  
1816 - return $statename;  
1817 -  
1818 - }  
1819 -  
1820 - /**  
1821 - * This returns detailed information on the document.  
1822 - *  
1823 - * @return array  
1824 - */  
1825 - function get_detail()  
1826 - {  
1827 - $detail = array();  
1828 - $document = $this->document;  
1829 -  
1830 - $detail['title'] = $document->getName();  
1831 -  
1832 - $documenttypeid=$document->getDocumentTypeID();  
1833 - if (is_numeric($documenttypeid))  
1834 - {  
1835 - $documenttype = DocumentType::get($documenttypeid);  
1836 -  
1837 - $documenttype=$documenttype->getName();  
1838 - }  
1839 - else  
1840 - {  
1841 - $documenttype = '* unknown *';  
1842 - }  
1843 - $detail['document_type'] = $documenttype;  
1844 -  
1845 - $detail['version'] = $document->getVersion();  
1846 - $detail['filename'] = $document->getFilename();  
1847 -  
1848 - $detail['created_date'] = $document->getCreatedDateTime();  
1849 -  
1850 - $userid = $document->getCreatorID();  
1851 - if (is_numeric($userid))  
1852 - {  
1853 - $user = User::get($userid);  
1854 - $username=(is_null($user) || PEAR::isError($user))?'* unknown *':$user->getName();  
1855 - }  
1856 - else  
1857 - {  
1858 - $username='n/a';  
1859 - }  
1860 - $detail['created_by'] = $username;  
1861 - $detail['updated_date'] = $document->getLastModifiedDate();  
1862 -  
1863 - $userid = $document->getModifiedUserId();  
1864 - if (is_numeric($userid))  
1865 - {  
1866 - $user = User::get($userid);  
1867 - $username=(is_null($user) || PEAR::isError($user))?'* unknown *':$user->getName();  
1868 - }  
1869 - else  
1870 - {  
1871 - $username='n/a';  
1872 - }  
1873 - $detail['updated_by'] = $username;  
1874 - $detail['document_id'] = (int) $document->getId();  
1875 - $detail['folder_id'] = (int) $document->getFolderID();  
1876 -  
1877 - $workflowid = $document->getWorkflowId();  
1878 - if (is_numeric($workflowid))  
1879 - {  
1880 - $workflow = KTWorkflow::get($workflowid);  
1881 - $workflowname=(is_null($workflow) || PEAR::isError($workflow))?'* unknown *':$workflow->getName();  
1882 - }  
1883 - else  
1884 - {  
1885 - $workflowname='n/a';  
1886 - }  
1887 - $detail['workflow'] = $workflowname;  
1888 -  
1889 - $stateid = $document->getWorkflowStateId();  
1890 - if (is_numeric($stateid))  
1891 - {  
1892 - $state = KTWorkflowState::get($stateid);  
1893 - $workflowstate=(is_null($state) || PEAR::isError($state))?'* unknown *':$state->getName();  
1894 - }  
1895 - else  
1896 - {  
1897 - $workflowstate = 'n/a';  
1898 - }  
1899 - $detail['workflow_state']=$workflowstate;  
1900 -  
1901 - $userid = $document->getCheckedOutUserID();  
1902 -  
1903 - if (is_numeric($userid))  
1904 - {  
1905 - $user = User::get($userid);  
1906 - $username=(is_null($user) || PEAR::isError($user))?'* unknown *':$user->getName();  
1907 - }  
1908 - else  
1909 - {  
1910 - $username = 'n/a';  
1911 - }  
1912 - $detail['checkout_by'] = $username;  
1913 -  
1914 - $detail['full_path'] = $this->ktapi_folder->get_full_path() . '/' . $this->get_title();  
1915 -  
1916 - return $detail;  
1917 - }  
1918 -  
1919 - function get_title()  
1920 - {  
1921 - return $this->document->getDescription();  
1922 - }  
1923 -  
1924 - /**  
1925 - * This does a download of a version of the document.  
1926 - *  
1927 - * @param string $version  
1928 - */  
1929 - function download($version=null)  
1930 - {  
1931 - $storage =& KTStorageManagerUtil::getSingleton();  
1932 - $options = array();  
1933 -  
1934 -  
1935 - $oDocumentTransaction = & new DocumentTransaction($this->document, 'Document downloaded', 'ktcore.transactions.download', $aOptions);  
1936 - $oDocumentTransaction->create();  
1937 - }  
1938 -  
1939 - /**  
1940 - * This returns the transaction history for the document.  
1941 - *  
1942 - * @return array  
1943 - */  
1944 - function get_transaction_history()  
1945 - {  
1946 - $sQuery = 'SELECT DTT.name AS transaction_name, U.name AS username, DT.version AS version, DT.comment AS comment, DT.datetime AS datetime ' .  
1947 - 'FROM ' . KTUtil::getTableName('document_transactions') . ' AS DT INNER JOIN ' . KTUtil::getTableName('users') . ' AS U ON DT.user_id = U.id ' .  
1948 - 'INNER JOIN ' . KTUtil::getTableName('transaction_types') . ' AS DTT ON DTT.namespace = DT.transaction_namespace ' .  
1949 - 'WHERE DT.document_id = ? ORDER BY DT.datetime DESC';  
1950 - $aParams = array($this->documentid);  
1951 -  
1952 - $transactions = DBUtil::getResultArray(array($sQuery, $aParams));  
1953 - if (is_null($transactions) || PEAR::isError($transactions))  
1954 - {  
1955 - return new PEAR_Error(KTAPI_ERROR_INTERNAL_ERROR);  
1956 - }  
1957 -  
1958 - return $transactions;  
1959 - }  
1960 -  
1961 - /**  
1962 - * This returns the version history on the document.  
1963 - *  
1964 - * @return array  
1965 - */  
1966 - function get_version_history()  
1967 - {  
1968 - $metadata_versions = KTDocumentMetadataVersion::getByDocument($this->document);  
1969 -  
1970 - $versions = array();  
1971 - foreach ($metadata_versions as $version)  
1972 - {  
1973 - $document = &Document::get($this->documentid, $version->getId());  
1974 -  
1975 - $version = array();  
1976 -  
1977 - $userid = $document->getModifiedUserId();  
1978 - $user = User::get($userid);  
1979 -  
1980 - $version['user'] = $user->getName();  
1981 - $version['metadata_version'] = $document->getMetadataVersion();  
1982 - $version['content_version'] = $document->getVersion();  
1983 -  
1984 - $versions[] = $version;  
1985 - }  
1986 - return $versions;  
1987 - } 37 +require_once('KTAPIConstants.inc.php');
  38 +require_once('KTAPISession.inc.php');
  39 +require_once('KTAPIFolder.inc.php');
  40 +require_once('KTAPIDocument.inc.php');
1988 41
  42 +class KTAPI_FolderItem
  43 +{
1989 /** 44 /**
1990 - * This expunges a document from the system. 45 + * This is a reference to the core KTAPI controller
1991 * 46 *
1992 - * @access public 47 + * @access protected
  48 + * @var KTAPI
1993 */ 49 */
1994 - function expunge()  
1995 - {  
1996 - if ($this->document->getStatusID() != 3)  
1997 - {  
1998 - return new PEAR_Error('You should not purge this');  
1999 - }  
2000 - DBUtil::startTransaction();  
2001 -  
2002 - $transaction = & new DocumentTransaction($this->document, "Document expunged", 'ktcore.transactions.expunge');  
2003 -  
2004 - $transaction->create();  
2005 -  
2006 - $this->document->delete();  
2007 -  
2008 - $this->document->cleanupDocumentData($this->documentid);  
2009 -  
2010 - $storage =& KTStorageManagerUtil::getSingleton();  
2011 -  
2012 - $result= $storage->expunge($this->document);  
2013 -  
2014 - DBUtil::commit();  
2015 - } 50 + var $ktapi;
2016 51
2017 - /**  
2018 - * This expunges a document from the system.  
2019 - *  
2020 - * @access public  
2021 - */  
2022 - function restore()  
2023 - {  
2024 - DBUtil::startTransaction();  
2025 -  
2026 - $storage =& KTStorageManagerUtil::getSingleton();  
2027 -  
2028 - $folder = Folder::get($this->document->getRestoreFolderId());  
2029 - if (PEAR::isError($folder))  
2030 - {  
2031 - $this->document->setFolderId(1);  
2032 - $folder = Folder::get(1);  
2033 - }  
2034 - else  
2035 - {  
2036 - $this->document->setFolderId($this->document->getRestoreFolderId());  
2037 - }  
2038 -  
2039 - $storage->restore($this->document);  
2040 -  
2041 - $this->document->setStatusId(LIVE);  
2042 - $this->document->setPermissionObjectId($folder->getPermissionObjectId());  
2043 - $res = $this->document->update();  
2044 -  
2045 - $res = KTPermissionUtil::updatePermissionLookup($this->document);  
2046 -  
2047 - $user = $this->ktapi->get_user();  
2048 -  
2049 - $oTransaction = new DocumentTransaction($this->document, 'Restored from deleted state by ' . $user->getName(), 'ktcore.transactions.update');  
2050 - $oTransaction->create();  
2051 -  
2052 - DBUtil::commit(); 52 + function &can_user_access_object_requiring_permission(&$object, $permission)
  53 + {
  54 + return $this->ktapi->can_user_access_object_requiring_permission($object, $permission);
2053 } 55 }
2054 } 56 }
2055 57
@@ -2163,7 +165,7 @@ class KTAPI @@ -2163,7 +165,7 @@ class KTAPI
2163 return new PEAR_Error('A session is currently active.'); 165 return new PEAR_Error('A session is currently active.');
2164 } 166 }
2165 167
2166 - $session = &KTAPI_Session::get_active_session($this, $session, $ip); 168 + $session = &KTAPI_UserSession::get_active_session($this, $session, $ip);
2167 169
2168 if (is_null($session) || PEAR::isError($session)) 170 if (is_null($session) || PEAR::isError($session))
2169 { 171 {
@@ -2189,7 +191,7 @@ class KTAPI @@ -2189,7 +191,7 @@ class KTAPI
2189 return new PEAR_Error('A session is currently active.'); 191 return new PEAR_Error('A session is currently active.');
2190 } 192 }
2191 193
2192 - $session = &KTAPI_Session::start_session($this, $username, $password, $ip); 194 + $session = &KTAPI_UserSession::start_session($this, $username, $password, $ip);
2193 if (is_null($session)) 195 if (is_null($session))
2194 { 196 {
2195 return new PEAR_Error('Session is null.'); 197 return new PEAR_Error('Session is null.');
@@ -2203,6 +205,19 @@ class KTAPI @@ -2203,6 +205,19 @@ class KTAPI
2203 return $session; 205 return $session;
2204 } 206 }
2205 207
  208 +
  209 + function & start_system_session()
  210 + {
  211 + $user = User::get(1);
  212 +
  213 + $session = & new KTAPI_SystemSession($this, $user);
  214 + $this->session = &$session;
  215 +
  216 + return $session;
  217 + }
  218 +
  219 +
  220 +
2206 /** 221 /**
2207 * Starts an anonymous session. 222 * Starts an anonymous session.
2208 * 223 *
@@ -2211,7 +226,23 @@ class KTAPI @@ -2211,7 +226,23 @@ class KTAPI
2211 */ 226 */
2212 function &start_anonymous_session($ip=null) 227 function &start_anonymous_session($ip=null)
2213 { 228 {
2214 - return $this->start_session('anonymous','',$ip); 229 + if (!is_null($this->session))
  230 + {
  231 + return new PEAR_Error('A session is currently active.');
  232 + }
  233 +
  234 + $session = &KTAPI_AnonymousSession::start_session($this, $ip);
  235 + if (is_null($session))
  236 + {
  237 + return new PEAR_Error('Session is null.');
  238 + }
  239 + if (PEAR::isError($session))
  240 + {
  241 + return new PEAR_Error('Session is invalid. ' . $session->getMessage());
  242 + }
  243 + $this->session = &$session;
  244 +
  245 + return $session;
2215 } 246 }
2216 247
2217 248