Commit b93653ffb819e340a0e269c1cf91b96072ba8a8a
1 parent
34c07b3d
KTS-1820
"Reachable folders being considered orphaned folders" Fixed. Added a check for folder details permission in addition to the check on read permission, in getBrowseableFolders(). Committed by: Megan Watson Reviewed by: Conrad Vermeulen git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@7678 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
19 additions
and
13 deletions
lib/browse/browseutil.inc.php
| ... | ... | @@ -7,32 +7,32 @@ |
| 7 | 7 | * KnowledgeTree Open Source Edition |
| 8 | 8 | * Document Management Made Simple |
| 9 | 9 | * Copyright (C) 2004 - 2007 The Jam Warehouse Software (Pty) Limited |
| 10 | - * | |
| 10 | + * | |
| 11 | 11 | * This program is free software; you can redistribute it and/or modify it under |
| 12 | 12 | * the terms of the GNU General Public License version 3 as published by the |
| 13 | 13 | * Free Software Foundation. |
| 14 | - * | |
| 14 | + * | |
| 15 | 15 | * This program is distributed in the hope that it will be useful, but WITHOUT |
| 16 | 16 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS |
| 17 | 17 | * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more |
| 18 | 18 | * details. |
| 19 | - * | |
| 19 | + * | |
| 20 | 20 | * You should have received a copy of the GNU General Public License |
| 21 | 21 | * along with this program. If not, see <http://www.gnu.org/licenses/>. |
| 22 | - * | |
| 22 | + * | |
| 23 | 23 | * You can contact The Jam Warehouse Software (Pty) Limited, Unit 1, Tramber Place, |
| 24 | 24 | * Blake Street, Observatory, 7925 South Africa. or email info@knowledgetree.com. |
| 25 | - * | |
| 25 | + * | |
| 26 | 26 | * The interactive user interfaces in modified source and object code versions |
| 27 | 27 | * of this program must display Appropriate Legal Notices, as required under |
| 28 | 28 | * Section 5 of the GNU General Public License version 3. |
| 29 | - * | |
| 29 | + * | |
| 30 | 30 | * In accordance with Section 7(b) of the GNU General Public License version 3, |
| 31 | 31 | * these Appropriate Legal Notices must retain the display of the "Powered by |
| 32 | - * KnowledgeTree" logo and retain the original copyright notice. If the display of the | |
| 32 | + * KnowledgeTree" logo and retain the original copyright notice. If the display of the | |
| 33 | 33 | * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices |
| 34 | - * must display the words "Powered by KnowledgeTree" and retain the original | |
| 35 | - * copyright notice. | |
| 34 | + * must display the words "Powered by KnowledgeTree" and retain the original | |
| 35 | + * copyright notice. | |
| 36 | 36 | * Contributor( s): ______________________________________ |
| 37 | 37 | */ |
| 38 | 38 | |
| ... | ... | @@ -381,20 +381,26 @@ class KTBrowseUtil { |
| 381 | 381 | } |
| 382 | 382 | $sPermissionDescriptors = DBUtil::paramArray($aPermissionDescriptors); |
| 383 | 383 | |
| 384 | + $oPermission = KTPermission::getByName('ktcore.permissions.read'); | |
| 385 | + $oPermission2 = KTPermission::getByName('ktcore.permissions.folder_details'); | |
| 386 | + $aPermissionIds = array($oPermission->getId(), $oPermission->getId(), $oPermission2->getId(), $oPermission2->getId()); | |
| 387 | + | |
| 384 | 388 | $sFoldersTable = KTUtil::getTableName('folders'); |
| 385 | 389 | $sPLTable = KTUtil::getTableName('permission_lookups'); |
| 386 | 390 | $sPLATable = KTUtil::getTableName('permission_lookup_assignments'); |
| 387 | - $oPermission = KTPermission::getByName('ktcore.permissions.read'); | |
| 388 | 391 | $sQuery = "SELECT DISTINCT F.id AS id FROM |
| 389 | 392 | $sFoldersTable AS F |
| 390 | - LEFT JOIN $sPLTable AS PL ON F.permission_lookup_id = PL.id LEFT JOIN $sPLATable AS PLA ON PLA.permission_lookup_id = PL.id AND PLA.permission_id = ? | |
| 393 | + LEFT JOIN $sPLTable AS PL ON F.permission_lookup_id = PL.id | |
| 394 | + LEFT JOIN $sPLATable AS PLA ON PLA.permission_lookup_id = PL.id AND (PLA.permission_id = ? || PLA.permission_id = ?) | |
| 395 | + | |
| 391 | 396 | LEFT JOIN $sFoldersTable AS F2 ON F.parent_id = F2.id |
| 392 | - LEFT JOIN $sPLTable AS PL2 ON F2.permission_lookup_id = PL2.id LEFT JOIN $sPLATable AS PLA2 ON PLA2.permission_lookup_id = PL2.id AND PLA2.permission_id = ? | |
| 397 | + LEFT JOIN $sPLTable AS PL2 ON F2.permission_lookup_id = PL2.id | |
| 398 | + LEFT JOIN $sPLATable AS PLA2 ON PLA2.permission_lookup_id = PL2.id AND (PLA2.permission_id = ? || PLA.permission_id = ?) | |
| 393 | 399 | WHERE |
| 394 | 400 | PLA.permission_descriptor_id IN ($sPermissionDescriptors) |
| 395 | 401 | AND F2.id <> 1 |
| 396 | 402 | AND NOT (PLA2.permission_descriptor_id IN ($sPermissionDescriptors))"; |
| 397 | - $aParams = kt_array_merge(array($oPermission->getId(), $oPermission->getId()), $aPermissionDescriptors, $aPermissionDescriptors); | |
| 403 | + $aParams = kt_array_merge($aPermissionIds, $aPermissionDescriptors, $aPermissionDescriptors); | |
| 398 | 404 | $res = DBUtil::getResultArrayKey(array($sQuery, $aParams), 'id'); |
| 399 | 405 | |
| 400 | 406 | if (PEAR::isError($res)) { | ... | ... |