WSA-3

"Error occurs in >>ktws_eg_folder_listing.php<<" Fixed. Rewrote get_listing() to accomodate anonymous. Reviewed By: Kevin Fourie git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6822 c91229c3-7414-0410-bfa2-8a42b809f60b

WSA-3
"Error occurs in >>ktws_eg_folder_listing.php<<" Fixed. Rewrote get_listing() to accomodate anonymous. Reviewed By: Kevin Fourie git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6822 c91229c3-7414-0410-bfa2-8a42b809f60b
Conrad Vermeulen
1 parent 6060dbba
Showing 3 changed files with 142 additions and 103 deletions
ktapi/KTAPIConstants.inc.php
ktapi/KTAPIFolder.inc.php
ktapi/KTAPISession.inc.php
@@ -68,5 +68,6 @@ define(&#39;KTAPI_PERMISSION_RENAME_FOLDER&#39;,	&#39;ktcore.permissions.folder_rename&#39;);
 define('KTAPI_PERMISSION_CHANGE_OWNERSHIP',	'ktcore.permissions.security');
 define('KTAPI_PERMISSION_DOCUMENT_MOVE',	'ktcore.permissions.write');
 define('KTAPI_PERMISSION_WORKFLOW',			'ktcore.permissions.workflow');
+define('KTAPI_PERMISSION_VIEW_FOLDER',		'ktcore.permissions.folder_details');
  
 ?>
 \ No newline at end of file
@@ -232,127 +232,161 @@ class KTAPI_Folder extends KTAPI_FolderItem
 		return $this->_get_document_by_name($documentname,'getByFilenameAndFolder');
 	}	
  
-	function get_listing($depth=1, $what='DF')
+	function _resolve_user($userid)
 	{
+		$user=null;
+		 
+		if (!is_null($userid))
+		{
+			$user=User::get($userid);
+			if (is_null($user) || PEAR::isError($user))
+			{
+				$user=null;
+			}
+		}
+		return $user;
+	}
+	
+	
+	function get_listing($depth=1, $what='DF')
+	{		
 		if ($depth < 1) 
 		{
 			return array();
 		}
-		$permission = &KTPermission::getByName(KTAPI_PERMISSION_READ);
-		$permissionid= $permission->getId();
  
-		$user = $this->ktapi->get_user();
-		$descriptors=KTPermissionUtil::getPermissionDescriptorsForUser($user);
-		if (is_null($descriptors) || PEAR::isError($descriptors))
-		{
-			return new KTAPI_Error(KTAPI_ERROR_INTERNAL_ERROR . ': problem with descriptors for user', $descriptors);
-		}
-		if (count($descriptors == 0))
-		{
-			$descriptors=array(0);
-		}
+		$what = strtoupper($what);
+		$read_permission = &KTPermission::getByName(KTAPI_PERMISSION_READ);		
+		$folder_permission = &KTPermission::getByName(KTAPI_PERMISSION_VIEW_FOLDER);
+		 
  
-		$aPermissionDescriptors = implode(',',$descriptors);
+		$user = $this->ktapi->get_user();
+
+		$contents = array();
  
-		$sql = '';
-		if (strpos($what,'D') !== false)
-		{	
-		$sql .= "SELECT 
-					d.id, 
-					'D' as item_type,
-					dmv.name as title,
-					ifnull(uc.name, 'n/a') AS creator, 
-					ifnull(cou.name, 'n/a') AS checkedoutby, 
-					ifnull(mu.name, 'n/a') AS modifiedby, 
-					dcv.filename, 
-					dcv.size, 
-					dcv.major_version, 
-					dcv.minor_version, 
-					dcv.storage_path,
-					ifnull(mt.mimetypes, 'unknown') as mime_type,
-					ifnull(mt.icon_path, 'unknown') as mime_icon_path,
-					ifnull(mt.friendly_name, 'unknown') as mime_display					
-				FROM 
-					documents d
-					INNER JOIN permission_lookups AS PL ON d.permission_lookup_id = PL.id
-            		INNER JOIN permission_lookup_assignments AS PLA ON PL.id = PLA.permission_lookup_id AND PLA.permission_id = $permissionid
-					INNER JOIN document_metadata_version AS dmv ON d.metadata_version_id=dmv.id 
-					INNER JOIN document_content_version AS dcv ON dmv.content_version_id=dcv.id
-					LEFT OUTER JOIN mime_types mt ON dcv.mime_id = mt.id
-					LEFT OUTER JOIN users AS uc ON d.creator_id=uc.id
-					LEFT OUTER JOIN users AS cou ON d.checked_out_user_id=cou.id
-					LEFT OUTER JOIN users AS mu ON d.modified_user_id=mu.id					
-				WHERE 
-					d.folder_id=$this->folderid
-					AND d.status_id = 1
-					AND PLA.permission_descriptor_id IN ($aPermissionDescriptors)";
-		}
-			
 		if (strpos($what,'F') !== false)
 		{
-			if (strpos($what,'D') !== false)
+			$folder_children = Folder::getList(array('parent_id = ?', $this->folderid));
+
+
+			foreach ($folder_children as $folder)
 			{
-				$sql .= ' UNION ';
+				if(KTPermissionUtil::userHasPermissionOnItem($user, $folder_permission, $folder))
+				{
+					$creator=$this->_resolve_user($folder->getCreatorID());
+
+					if ($depth-1 > 0)
+					{
+						$sub_folder = &$this->ktapi->get_folder_by_id($folder->getId());
+						$items = $folder->get_listing($depth-1);
+					}
+					else
+					{
+						$items=array();
+					}
+
+
+					$contents[] = array(
+						'id' => (int) $folder->getId(),
+						'item_type'=>'F',
+						'title'=>$folder->getName(),
+						'creator'=>is_null($creator)?'n/a':$creator->getName(),
+						'checkedoutby'=>'n/a',
+						'modifiedby'=>'n/a',
+						'filename'=>$folder->getName(),
+						'size'=>'n/a',
+						'major_version'=>'n/a',
+						'minor_version'=>'n/a',
+						'storage_path'=>'n/a',
+						'mime_type'=>'folder',
+						'mime_icon_path'=>'folder',
+						'mime_display'=>'Folder',
+						'items'=>$items,
+						'workflow'=>'n/a',
+						'workflow_state'=>'n/a'
+
+					);
+				}
 			}
-			
-			$sql .= "
-				SELECT 
-					f.id, 
-					'F' as item_type,
-					f.name as title,
-					ifnull(uc.name, 'n/a') AS creator, 
-					'n/a' checkedoutby, 
-					'n/a' AS modifiedby, 
-					f.name as filename, 
-					'n/a' as size, 
-					'n/a' as major_version, 
-					'n/a' as minor_version, 
-					'n/a' as storage_path,
-					'folder' as mime_type,
-					'folder' as mime_icon_path,
-					'Folder' as mime_display					
-				FROM 
-					folders f
-					INNER JOIN permission_lookups AS PL ON f.permission_lookup_id = PL.id
-            		INNER JOIN permission_lookup_assignments AS PLA ON PL.id = PLA.permission_lookup_id AND PLA.permission_id = $permissionid
-					LEFT OUTER JOIN users AS uc ON f.creator_id=uc.id					
-					
-				WHERE 
-					f.parent_id=$this->folderid
-					 
-					AND PLA.permission_descriptor_id IN ($aPermissionDescriptors)	
-			ORDER BY item_type DESC, title, filename								
-		";
-		}
-		
-		$contents = DBUtil::getResultArray($sql);
-		if (is_null($contents) || PEAR::isError($contents))
-		{
-			return new KTAPI_Error(KTAPI_ERROR_INTERNAL_ERROR , $contents);
 		}
-		
-		$num_items = count($contents);
-		for($i=0;$i<$num_items;$i++)		
+		if (strpos($what,'D') !== false)
 		{
-			$contents[$i]['id'] = (int) $contents[$i]['id'];
-			if ($contents[$i]['item_type'] == 'D')
-			{
-				$contents[$i]['items'] = array();
-			}
-			else 
+			$document_children = Document::getList(array('folder_id = ? AND status_id = 1',  $this->folderid));
+
+			// I hate that KT doesn't cache things nicely...
+			$mime_cache=array();
+
+			foreach ($document_children as $document)
 			{
-				if ($depth-1 > 0)
+				if (KTPermissionUtil::userHasPermissionOnItem($user, $read_permission, $document))
 				{
-					$folder = &$this->ktapi->get_folder_by_id($item['id']);
-					$contents[$i]['items'] = $folder->get_listing($depth-1);					
-				}
-				else 
-				{
-					$contents[$i]['items'] = array();
+					$creator=$this->_resolve_user($document->getCreatorID());
+					$checkedoutby=$this->_resolve_user($document->getCheckedOutUserID());
+					$modifiedby=$this->_resolve_user($document->getCreatorID());
+
+					$mimetypeid=$document->getMimeTypeID();
+					if (!array_key_exists($mimetypeid, $mime_cache))
+					{
+
+						$type=KTMime::getMimeTypeName($mimetypeid);
+						$icon=KTMime::getIconPath($mimetypeid);
+						$display=KTMime::getFriendlyNameForString($type);
+						$mime_cache[$mimetypeid] = array(
+							'type'=>$type,
+							'icon'=>$icon,
+							'display'=>$display
+
+						);
+					}
+					$mimeinfo=$mime_cache[$mimetypeid];
+
+					$workflow = KTWorkflowUtil::getWorkflowForDocument($document);
+					
+					if (!is_null($workflow) && !PEAR::isError($workflow))
+					{
+						$workflow=$workflow->getHumanName();
+
+						$state=KTWorkflowUtil::getWorkflowStateForDocument($document);
+						if (!is_null($state) && !PEAR::isError($state))
+						{
+							$state=$state->getHumanName();
+						}
+						else
+						{
+							$state='n/a';
+						}
+					}
+					else 
+					{
+						$workflow='n/a';
+						$state='n/a';
+					}
+					
+					 
+					$contents[] = array(
+						'id' => (int) $document->getId(),
+						'item_type'=>'D',
+						'title'=>$document->getName(),
+						'creator'=>is_null($creator)?'n/a':$creator->getName(),
+						'checkedoutby'=>is_null($checkedoutby)?'n/a':$checkedoutby->getName(),
+						'modifiedby'=>is_null($modifiedby)?'n/a':$modifiedby->getName(),
+						'filename'=>$document->getName(),
+						'size'=>$document->getFileSize(),
+						'major_version'=>$document->getMajorVersionNumber(),
+						'minor_version'=>$document->getMinorVersionNumber(),
+						'storage_path'=>$document->getStoragePath(),
+						'mime_type'=>$mime_cache[$mimetypeid]['type'],
+						'mime_icon_path'=>$mime_cache[$mimetypeid]['icon'],
+						'mime_display'=>$mime_cache[$mimetypeid]['display'],
+						'items'=>array(),
+						'workflow'=>$workflow,
+						'workflow_state'=>$state
+					);
 				}
 			}
+
 		}
-		
+			
 		return $contents;		
 	}
  
@@ -266,7 +266,11 @@ class KTAPI_UserSession extends KTAPI_Session
         $sql = "UPDATE active_sessions SET last_used='$now' WHERE id=$sessionid";
         DBUtil::runQuery($sql);
  
-		$session = &new KTAPI_UserSession($ktapi, $user, $session, $sessionid, $ip);		
+        
+        if ($user->isAnonymous())
+			$session = &new KTAPI_AnonymousSession($ktapi, $user, $session, $sessionid, $ip);		
+        else
+			$session = &new KTAPI_UserSession($ktapi, $user, $session, $sessionid, $ip);		
 		return $session;
 	}