KTS-1820

"Reachable folders being considered orphaned folders" Fixed. Added a check for folder details permission in addition to the check on read permission, in getBrowseableFolders(). Committed by: Megan Watson Reviewed by: Conrad Vermeulen git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@7678 c91229c3-7414-0410-bfa2-8a42b809f60b

KTS-1820
"Reachable folders being considered orphaned folders" Fixed. Added a check for folder details permission in addition to the check on read permission, in getBrowseableFolders(). Committed by: Megan Watson Reviewed by: Conrad Vermeulen git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@7678 c91229c3-7414-0410-bfa2-8a42b809f60b
megan_w
1 parent 34c07b3d
Showing 1 changed file with 19 additions and 13 deletions
lib/browse/browseutil.inc.php
@@ -7,32 +7,32 @@
  * KnowledgeTree Open Source Edition
  * Document Management Made Simple
  * Copyright (C) 2004 - 2007 The Jam Warehouse Software (Pty) Limited
- * 
+ *
  * This program is free software; you can redistribute it and/or modify it under
  * the terms of the GNU General Public License version 3 as published by the
  * Free Software Foundation.
- * 
+ *
  * This program is distributed in the hope that it will be useful, but WITHOUT
  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
  * FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
  * details.
- * 
+ *
  * You should have received a copy of the GNU General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- * 
+ *
  * You can contact The Jam Warehouse Software (Pty) Limited, Unit 1, Tramber Place,
  * Blake Street, Observatory, 7925 South Africa. or email info@knowledgetree.com.
- * 
+ *
  * The interactive user interfaces in modified source and object code versions
  * of this program must display Appropriate Legal Notices, as required under
  * Section 5 of the GNU General Public License version 3.
- * 
+ *
  * In accordance with Section 7(b) of the GNU General Public License version 3,
  * these Appropriate Legal Notices must retain the display of the "Powered by
- * KnowledgeTree" logo and retain the original copyright notice. If the display of the 
+ * KnowledgeTree" logo and retain the original copyright notice. If the display of the
  * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices
- * must display the words "Powered by KnowledgeTree" and retain the original 
- * copyright notice. 
+ * must display the words "Powered by KnowledgeTree" and retain the original
+ * copyright notice.
  * Contributor( s): ______________________________________
  */
@@ -381,20 +381,26 @@ class KTBrowseUtil {
         }
         $sPermissionDescriptors = DBUtil::paramArray($aPermissionDescriptors);
+        $oPermission = KTPermission::getByName('ktcore.permissions.read');
+        $oPermission2 = KTPermission::getByName('ktcore.permissions.folder_details');
+        $aPermissionIds = array($oPermission->getId(), $oPermission->getId(), $oPermission2->getId(), $oPermission2->getId());
+
         $sFoldersTable = KTUtil::getTableName('folders');
         $sPLTable = KTUtil::getTableName('permission_lookups');
         $sPLATable = KTUtil::getTableName('permission_lookup_assignments');
-        $oPermission = KTPermission::getByName('ktcore.permissions.read');
         $sQuery = "SELECT DISTINCT F.id AS id FROM
             $sFoldersTable AS F
-                LEFT JOIN $sPLTable AS PL ON F.permission_lookup_id = PL.id LEFT JOIN $sPLATable AS PLA ON PLA.permission_lookup_id = PL.id AND PLA.permission_id = ?
+                LEFT JOIN $sPLTable AS PL ON F.permission_lookup_id = PL.id
+                LEFT JOIN $sPLATable AS PLA ON PLA.permission_lookup_id = PL.id AND (PLA.permission_id = ? || PLA.permission_id = ?)
+
             LEFT JOIN $sFoldersTable AS F2 ON F.parent_id = F2.id
-                LEFT JOIN $sPLTable AS PL2 ON F2.permission_lookup_id = PL2.id LEFT JOIN $sPLATable AS PLA2 ON PLA2.permission_lookup_id = PL2.id AND PLA2.permission_id = ?
+                LEFT JOIN $sPLTable AS PL2 ON F2.permission_lookup_id = PL2.id
+                LEFT JOIN $sPLATable AS PLA2 ON PLA2.permission_lookup_id = PL2.id AND (PLA2.permission_id = ? || PLA.permission_id = ?)
             WHERE
                 PLA.permission_descriptor_id IN ($sPermissionDescriptors)
                 AND F2.id <> 1
                 AND NOT (PLA2.permission_descriptor_id IN ($sPermissionDescriptors))";
-        $aParams = kt_array_merge(array($oPermission->getId(), $oPermission->getId()), $aPermissionDescriptors, $aPermissionDescriptors);
+        $aParams = kt_array_merge($aPermissionIds, $aPermissionDescriptors, $aPermissionDescriptors);
         $res = DBUtil::getResultArrayKey(array($sQuery, $aParams), 'id');
         if (PEAR::isError($res)) {