Commit c3747ad6f64eac110c5fd037499aa08ff446f4da
1 parent
3fa43015
Take dynamic permissions into account when creating lookup permissions.
git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@3974 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
24 additions
and
2 deletions
lib/permissions/permissionutil.inc.php
| @@ -8,6 +8,7 @@ require_once(KT_LIB_DIR . "/permissions/permissiondescriptor.inc.php"); | @@ -8,6 +8,7 @@ require_once(KT_LIB_DIR . "/permissions/permissiondescriptor.inc.php"); | ||
| 8 | require_once(KT_LIB_DIR . "/permissions/permissionlookup.inc.php"); | 8 | require_once(KT_LIB_DIR . "/permissions/permissionlookup.inc.php"); |
| 9 | require_once(KT_LIB_DIR . "/permissions/permissionlookupassignment.inc.php"); | 9 | require_once(KT_LIB_DIR . "/permissions/permissionlookupassignment.inc.php"); |
| 10 | require_once(KT_LIB_DIR . "/permissions/permissionobject.inc.php"); | 10 | require_once(KT_LIB_DIR . "/permissions/permissionobject.inc.php"); |
| 11 | +require_once(KT_LIB_DIR . "/permissions/permissiondynamiccondition.inc.php"); | ||
| 11 | require_once(KT_LIB_DIR . "/groups/GroupUtil.php"); | 12 | require_once(KT_LIB_DIR . "/groups/GroupUtil.php"); |
| 12 | 13 | ||
| 13 | class KTPermissionUtil { | 14 | class KTPermissionUtil { |
| @@ -176,7 +177,7 @@ class KTPermissionUtil { | @@ -176,7 +177,7 @@ class KTPermissionUtil { | ||
| 176 | function updatePermissionLookup(&$oFolderOrDocument) { | 177 | function updatePermissionLookup(&$oFolderOrDocument) { |
| 177 | $oPO = KTPermissionObject::get($oFolderOrDocument->getPermissionObjectID()); | 178 | $oPO = KTPermissionObject::get($oFolderOrDocument->getPermissionObjectID()); |
| 178 | $aPAs = KTPermissionAssignment::getByObjectMulti($oPO); | 179 | $aPAs = KTPermissionAssignment::getByObjectMulti($oPO); |
| 179 | - $aMapPermDesc = array(); | 180 | + $aMapPermAllowed = array(); |
| 180 | foreach ($aPAs as $oPA) { | 181 | foreach ($aPAs as $oPA) { |
| 181 | $oPD = KTPermissionDescriptor::get($oPA->getPermissionDescriptorID()); | 182 | $oPD = KTPermissionDescriptor::get($oPA->getPermissionDescriptorID()); |
| 182 | $aGroupIDs = $oPD->getGroups(); | 183 | $aGroupIDs = $oPD->getGroups(); |
| @@ -185,8 +186,29 @@ class KTPermissionUtil { | @@ -185,8 +186,29 @@ class KTPermissionUtil { | ||
| 185 | "group" => $aGroupIDs, | 186 | "group" => $aGroupIDs, |
| 186 | "user" => $aUserIDs, | 187 | "user" => $aUserIDs, |
| 187 | ); | 188 | ); |
| 189 | + $aMapPermAllowed[$oPA->getPermissionID()] = $aAllowed; | ||
| 190 | + } | ||
| 191 | + | ||
| 192 | + if (!is_a($oFolderOrDocument, 'Folder')) { | ||
| 193 | + $aDynamicConditions = KTPermissionDynamicCondition::getByPermissionObject($oPO); | ||
| 194 | + foreach ($aDynamicConditions as $oDynamicCondition) { | ||
| 195 | + $iConditionId = $oDynamicCondition->getConditionId(); | ||
| 196 | + if (KTSearchUtil::testConditionOnDocument($iConditionId, $oFolderOrDocument)) { | ||
| 197 | + $iGroupId = $oDynamicCondition->getGroupId(); | ||
| 198 | + $aPermissionIds = $oDynamicCondition->getAssignment(); | ||
| 199 | + foreach ($aPermissionIds as $iPermissionId) { | ||
| 200 | + $aCurrentAllowed = KTUtil::arrayGet($aMapPermAllowed, $iPermissionId, array()); | ||
| 201 | + $aCurrentAllowed["group"][] = $iGroupId; | ||
| 202 | + $aMapPermAllowed[$iPermissionId] = $aCurrentAllowed; | ||
| 203 | + } | ||
| 204 | + } | ||
| 205 | + } | ||
| 206 | + } | ||
| 207 | + | ||
| 208 | + $aMapPermDesc = array(); | ||
| 209 | + foreach ($aMapPermAllowed as $iPermissionId => $aAllowed) { | ||
| 188 | $oLookupPD = KTPermissionUtil::getOrCreateDescriptor($aAllowed); | 210 | $oLookupPD = KTPermissionUtil::getOrCreateDescriptor($aAllowed); |
| 189 | - $aMapPermDesc[$oPA->getPermissionID()] = $oLookupPD->getID(); | 211 | + $aMapPermDesc[$iPermissionId] = $oLookupPD->getID(); |
| 190 | } | 212 | } |
| 191 | 213 | ||
| 192 | $oPL = KTPermissionLookupAssignment::findOrCreateLookupByPermissionDescriptorMap($aMapPermDesc); | 214 | $oPL = KTPermissionLookupAssignment::findOrCreateLookupByPermissionDescriptorMap($aMapPermDesc); |