From c041d149c7bb28ee7683414315849ea9b70cb667 Mon Sep 17 00:00:00 2001 From: Conrad Vermeulen Date: Wed, 20 Jun 2007 16:47:12 +0000 Subject: [PATCH] WSA-3 "Error occurs in >>ktws_eg_folder_listing.php<<" Fixed. Rewrote get_listing() to accomodate anonymous. --- ktapi/KTAPIConstants.inc.php | 1 + ktapi/KTAPIFolder.inc.php | 238 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++------------------------------------------------------------------------------------------------------ ktapi/KTAPISession.inc.php | 6 +++++- 3 files changed, 142 insertions(+), 103 deletions(-) diff --git a/ktapi/KTAPIConstants.inc.php b/ktapi/KTAPIConstants.inc.php index fe555c8..10f93eb 100644 --- a/ktapi/KTAPIConstants.inc.php +++ b/ktapi/KTAPIConstants.inc.php @@ -68,5 +68,6 @@ define('KTAPI_PERMISSION_RENAME_FOLDER', 'ktcore.permissions.folder_rename'); define('KTAPI_PERMISSION_CHANGE_OWNERSHIP', 'ktcore.permissions.security'); define('KTAPI_PERMISSION_DOCUMENT_MOVE', 'ktcore.permissions.write'); define('KTAPI_PERMISSION_WORKFLOW', 'ktcore.permissions.workflow'); +define('KTAPI_PERMISSION_VIEW_FOLDER', 'ktcore.permissions.folder_details'); ?> \ No newline at end of file diff --git a/ktapi/KTAPIFolder.inc.php b/ktapi/KTAPIFolder.inc.php index 86c9777..ca30164 100644 --- a/ktapi/KTAPIFolder.inc.php +++ b/ktapi/KTAPIFolder.inc.php @@ -232,127 +232,161 @@ class KTAPI_Folder extends KTAPI_FolderItem return $this->_get_document_by_name($documentname,'getByFilenameAndFolder'); } - function get_listing($depth=1, $what='DF') + function _resolve_user($userid) { + $user=null; + + if (!is_null($userid)) + { + $user=User::get($userid); + if (is_null($user) || PEAR::isError($user)) + { + $user=null; + } + } + return $user; + } + + + function get_listing($depth=1, $what='DF') + { if ($depth < 1) { return array(); } - $permission = &KTPermission::getByName(KTAPI_PERMISSION_READ); - $permissionid= $permission->getId(); - $user = $this->ktapi->get_user(); - $descriptors=KTPermissionUtil::getPermissionDescriptorsForUser($user); - if (is_null($descriptors) || PEAR::isError($descriptors)) - { - return new KTAPI_Error(KTAPI_ERROR_INTERNAL_ERROR . ': problem with descriptors for user', $descriptors); - } - if (count($descriptors == 0)) - { - $descriptors=array(0); - } + $what = strtoupper($what); + $read_permission = &KTPermission::getByName(KTAPI_PERMISSION_READ); + $folder_permission = &KTPermission::getByName(KTAPI_PERMISSION_VIEW_FOLDER); + - $aPermissionDescriptors = implode(',',$descriptors); + $user = $this->ktapi->get_user(); + + $contents = array(); - $sql = ''; - if (strpos($what,'D') !== false) - { - $sql .= "SELECT - d.id, - 'D' as item_type, - dmv.name as title, - ifnull(uc.name, 'n/a') AS creator, - ifnull(cou.name, 'n/a') AS checkedoutby, - ifnull(mu.name, 'n/a') AS modifiedby, - dcv.filename, - dcv.size, - dcv.major_version, - dcv.minor_version, - dcv.storage_path, - ifnull(mt.mimetypes, 'unknown') as mime_type, - ifnull(mt.icon_path, 'unknown') as mime_icon_path, - ifnull(mt.friendly_name, 'unknown') as mime_display - FROM - documents d - INNER JOIN permission_lookups AS PL ON d.permission_lookup_id = PL.id - INNER JOIN permission_lookup_assignments AS PLA ON PL.id = PLA.permission_lookup_id AND PLA.permission_id = $permissionid - INNER JOIN document_metadata_version AS dmv ON d.metadata_version_id=dmv.id - INNER JOIN document_content_version AS dcv ON dmv.content_version_id=dcv.id - LEFT OUTER JOIN mime_types mt ON dcv.mime_id = mt.id - LEFT OUTER JOIN users AS uc ON d.creator_id=uc.id - LEFT OUTER JOIN users AS cou ON d.checked_out_user_id=cou.id - LEFT OUTER JOIN users AS mu ON d.modified_user_id=mu.id - WHERE - d.folder_id=$this->folderid - AND d.status_id = 1 - AND PLA.permission_descriptor_id IN ($aPermissionDescriptors)"; - } - if (strpos($what,'F') !== false) { - if (strpos($what,'D') !== false) + $folder_children = Folder::getList(array('parent_id = ?', $this->folderid)); + + + foreach ($folder_children as $folder) { - $sql .= ' UNION '; + if(KTPermissionUtil::userHasPermissionOnItem($user, $folder_permission, $folder)) + { + $creator=$this->_resolve_user($folder->getCreatorID()); + + if ($depth-1 > 0) + { + $sub_folder = &$this->ktapi->get_folder_by_id($folder->getId()); + $items = $folder->get_listing($depth-1); + } + else + { + $items=array(); + } + + + $contents[] = array( + 'id' => (int) $folder->getId(), + 'item_type'=>'F', + 'title'=>$folder->getName(), + 'creator'=>is_null($creator)?'n/a':$creator->getName(), + 'checkedoutby'=>'n/a', + 'modifiedby'=>'n/a', + 'filename'=>$folder->getName(), + 'size'=>'n/a', + 'major_version'=>'n/a', + 'minor_version'=>'n/a', + 'storage_path'=>'n/a', + 'mime_type'=>'folder', + 'mime_icon_path'=>'folder', + 'mime_display'=>'Folder', + 'items'=>$items, + 'workflow'=>'n/a', + 'workflow_state'=>'n/a' + + ); + } } - - $sql .= " - SELECT - f.id, - 'F' as item_type, - f.name as title, - ifnull(uc.name, 'n/a') AS creator, - 'n/a' checkedoutby, - 'n/a' AS modifiedby, - f.name as filename, - 'n/a' as size, - 'n/a' as major_version, - 'n/a' as minor_version, - 'n/a' as storage_path, - 'folder' as mime_type, - 'folder' as mime_icon_path, - 'Folder' as mime_display - FROM - folders f - INNER JOIN permission_lookups AS PL ON f.permission_lookup_id = PL.id - INNER JOIN permission_lookup_assignments AS PLA ON PL.id = PLA.permission_lookup_id AND PLA.permission_id = $permissionid - LEFT OUTER JOIN users AS uc ON f.creator_id=uc.id - - WHERE - f.parent_id=$this->folderid - - AND PLA.permission_descriptor_id IN ($aPermissionDescriptors) - ORDER BY item_type DESC, title, filename - "; - } - - $contents = DBUtil::getResultArray($sql); - if (is_null($contents) || PEAR::isError($contents)) - { - return new KTAPI_Error(KTAPI_ERROR_INTERNAL_ERROR , $contents); } - - $num_items = count($contents); - for($i=0;$i<$num_items;$i++) + if (strpos($what,'D') !== false) { - $contents[$i]['id'] = (int) $contents[$i]['id']; - if ($contents[$i]['item_type'] == 'D') - { - $contents[$i]['items'] = array(); - } - else + $document_children = Document::getList(array('folder_id = ? AND status_id = 1', $this->folderid)); + + // I hate that KT doesn't cache things nicely... + $mime_cache=array(); + + foreach ($document_children as $document) { - if ($depth-1 > 0) + if (KTPermissionUtil::userHasPermissionOnItem($user, $read_permission, $document)) { - $folder = &$this->ktapi->get_folder_by_id($item['id']); - $contents[$i]['items'] = $folder->get_listing($depth-1); - } - else - { - $contents[$i]['items'] = array(); + $creator=$this->_resolve_user($document->getCreatorID()); + $checkedoutby=$this->_resolve_user($document->getCheckedOutUserID()); + $modifiedby=$this->_resolve_user($document->getCreatorID()); + + $mimetypeid=$document->getMimeTypeID(); + if (!array_key_exists($mimetypeid, $mime_cache)) + { + + $type=KTMime::getMimeTypeName($mimetypeid); + $icon=KTMime::getIconPath($mimetypeid); + $display=KTMime::getFriendlyNameForString($type); + $mime_cache[$mimetypeid] = array( + 'type'=>$type, + 'icon'=>$icon, + 'display'=>$display + + ); + } + $mimeinfo=$mime_cache[$mimetypeid]; + + $workflow = KTWorkflowUtil::getWorkflowForDocument($document); + + if (!is_null($workflow) && !PEAR::isError($workflow)) + { + $workflow=$workflow->getHumanName(); + + $state=KTWorkflowUtil::getWorkflowStateForDocument($document); + if (!is_null($state) && !PEAR::isError($state)) + { + $state=$state->getHumanName(); + } + else + { + $state='n/a'; + } + } + else + { + $workflow='n/a'; + $state='n/a'; + } + + + $contents[] = array( + 'id' => (int) $document->getId(), + 'item_type'=>'D', + 'title'=>$document->getName(), + 'creator'=>is_null($creator)?'n/a':$creator->getName(), + 'checkedoutby'=>is_null($checkedoutby)?'n/a':$checkedoutby->getName(), + 'modifiedby'=>is_null($modifiedby)?'n/a':$modifiedby->getName(), + 'filename'=>$document->getName(), + 'size'=>$document->getFileSize(), + 'major_version'=>$document->getMajorVersionNumber(), + 'minor_version'=>$document->getMinorVersionNumber(), + 'storage_path'=>$document->getStoragePath(), + 'mime_type'=>$mime_cache[$mimetypeid]['type'], + 'mime_icon_path'=>$mime_cache[$mimetypeid]['icon'], + 'mime_display'=>$mime_cache[$mimetypeid]['display'], + 'items'=>array(), + 'workflow'=>$workflow, + 'workflow_state'=>$state + ); } } + } - + return $contents; } diff --git a/ktapi/KTAPISession.inc.php b/ktapi/KTAPISession.inc.php index 1b18c3c..1d8549f 100644 --- a/ktapi/KTAPISession.inc.php +++ b/ktapi/KTAPISession.inc.php @@ -266,7 +266,11 @@ class KTAPI_UserSession extends KTAPI_Session $sql = "UPDATE active_sessions SET last_used='$now' WHERE id=$sessionid"; DBUtil::runQuery($sql); - $session = &new KTAPI_UserSession($ktapi, $user, $session, $sessionid, $ip); + + if ($user->isAnonymous()) + $session = &new KTAPI_AnonymousSession($ktapi, $user, $session, $sessionid, $ip); + else + $session = &new KTAPI_UserSession($ktapi, $user, $session, $sessionid, $ip); return $session; } -- libgit2 0.21.4