Commit d95f96141396f48e15676ef8a9e4b3a048d04dcc
1 parent
bd139581
Error correction resulting from unit testing
git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@288 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
15 additions
and
15 deletions
lib/security/permission.inc
| @@ -27,7 +27,7 @@ class Permission { | @@ -27,7 +27,7 @@ class Permission { | ||
| 27 | * @return true is the current user has document write permission, false otherwise and set $_SESSION["errorMessage"] | 27 | * @return true is the current user has document write permission, false otherwise and set $_SESSION["errorMessage"] |
| 28 | */ | 28 | */ |
| 29 | function userHasDocumentWritePermission($iDocumentID) { | 29 | function userHasDocumentWritePermission($iDocumentID) { |
| 30 | - if (Permission::userHasFolderWritePermission(DocumentLib::getDocumentFolderID) || | 30 | + if (Permission::userHasFolderWritePermission(DocumentLib::getDocumentFolderID($iDocumentID)) || |
| 31 | Permission::userHasWriteRoleForFolder($iDocumentID)) { | 31 | Permission::userHasWriteRoleForFolder($iDocumentID)) { |
| 32 | return true; | 32 | return true; |
| 33 | } | 33 | } |
| @@ -46,7 +46,7 @@ class Permission { | @@ -46,7 +46,7 @@ class Permission { | ||
| 46 | * @return true is the current user has document read permission, false otherwise and set $_SESSION["errorMessage"] | 46 | * @return true is the current user has document read permission, false otherwise and set $_SESSION["errorMessage"] |
| 47 | */ | 47 | */ |
| 48 | function userHasDocumentReadPermission($iDocumentID) { | 48 | function userHasDocumentReadPermission($iDocumentID) { |
| 49 | - if (Permission::userHasFolderReadPermission(DocumentLib::getDocumentFolderID) || | 49 | + if (Permission::userHasFolderReadPermission(DocumentLib::getDocumentFolderID($iDocumentID)) || |
| 50 | Permission::userHasReadRoleForFolder($iDocumentID)) { | 50 | Permission::userHasReadRoleForFolder($iDocumentID)) { |
| 51 | return true; | 51 | return true; |
| 52 | } | 52 | } |
| @@ -95,7 +95,7 @@ class Permission { | @@ -95,7 +95,7 @@ class Permission { | ||
| 95 | Permission::userHasGroupReadPermissionForFolder($iFolderID)) { | 95 | Permission::userHasGroupReadPermissionForFolder($iFolderID)) { |
| 96 | return true; | 96 | return true; |
| 97 | } | 97 | } |
| 98 | - $_SESSION["errorMessage"] = = $lang_err_user_folder_write . "id " . $iFolderID; | 98 | + $_SESSION["errorMessage"] = $lang_err_user_folder_write . "id " . $iFolderID; |
| 99 | return false; | 99 | return false; |
| 100 | } | 100 | } |
| 101 | 101 | ||
| @@ -109,7 +109,7 @@ class Permission { | @@ -109,7 +109,7 @@ class Permission { | ||
| 109 | function folderIsPublic($iFolderID) { | 109 | function folderIsPublic($iFolderID) { |
| 110 | global $default, $lang_err_folder_not_public; | 110 | global $default, $lang_err_folder_not_public; |
| 111 | $sql = new Owl_DB(); | 111 | $sql = new Owl_DB(); |
| 112 | - $sql->query("SELECT * FROM " . $default->owl_folders_table . " WHERE id = " . $iFolderID . " AND is_public = 1"; | 112 | + $sql->query("SELECT * FROM " . $default->owl_folders_table . " WHERE id = " . $iFolderID . " AND is_public = 1"); |
| 113 | if ($sql->next_record()) { | 113 | if ($sql->next_record()) { |
| 114 | return true; | 114 | return true; |
| 115 | } | 115 | } |
| @@ -154,7 +154,7 @@ class Permission { | @@ -154,7 +154,7 @@ class Permission { | ||
| 154 | function userHasGroupWritePermissionForFolder($iFolderID) { | 154 | function userHasGroupWritePermissionForFolder($iFolderID) { |
| 155 | global $default, $lang_err_user_folder_write; | 155 | global $default, $lang_err_user_folder_write; |
| 156 | $sql = new Owl_DB(); | 156 | $sql = new Owl_DB(); |
| 157 | - $sql->query("SELECT * FROM " . $default->owl_groups_folders_table . " WHERE folder_id = " . $iFolderID . " AND user_id = " . $_SESSION["user_id"] . " AND can_write = 1"; | 157 | + $sql->query("SELECT * FROM " . $default->owl_groups_folders_table . " WHERE folder_id = " . $iFolderID . " AND user_id = " . $_SESSION["user_id"] . " AND can_write = 1"); |
| 158 | if ($sql->next_record()) { | 158 | if ($sql->next_record()) { |
| 159 | return true; | 159 | return true; |
| 160 | } | 160 | } |
| @@ -172,7 +172,7 @@ class Permission { | @@ -172,7 +172,7 @@ class Permission { | ||
| 172 | function userHasGroupReadPermissionForFolder($iFolderID) { | 172 | function userHasGroupReadPermissionForFolder($iFolderID) { |
| 173 | global $default, $lang_err_user_folder_read; | 173 | global $default, $lang_err_user_folder_read; |
| 174 | $sql = new Owl_DB(); | 174 | $sql = new Owl_DB(); |
| 175 | - $sql->query("SELECT * FROM " . $default->owl_groups_folders_table = "groups_folders_link" . " WHERE folder_id = " . $iFolderID . " AND user_id = " . $_SESSION["user_id"] . " AND can_read = 1"; | 175 | + $sql->query("SELECT * FROM " . $default->owl_groups_folders_table = "groups_folders_link" . " WHERE folder_id = " . $iFolderID . " AND user_id = " . $_SESSION["user_id"] . " AND can_read = 1"); |
| 176 | if ($sql->next_record()) { | 176 | if ($sql->next_record()) { |
| 177 | return true; | 177 | return true; |
| 178 | } | 178 | } |
| @@ -190,7 +190,7 @@ class Permission { | @@ -190,7 +190,7 @@ class Permission { | ||
| 190 | function userIsInGroupID($iGroupID) { | 190 | function userIsInGroupID($iGroupID) { |
| 191 | global $default, $lang_err_user_group; | 191 | global $default, $lang_err_user_group; |
| 192 | $sql = new Owl_DB(); | 192 | $sql = new Owl_DB(); |
| 193 | - $sql->query("SELECT id FROM " . $default->owl_groups_users_table . " WHERE id = " $iGroupID . " AND user_id = " . $_SESSION["user_id"]); | 193 | + $sql->query("SELECT id FROM " . $default->owl_groups_users_table . " WHERE id = " . $iGroupID . " AND user_id = " . $_SESSION["user_id"]); |
| 194 | if ($sql->next_record()) { | 194 | if ($sql->next_record()) { |
| 195 | return true; | 195 | return true; |
| 196 | } | 196 | } |
| @@ -263,8 +263,8 @@ class Permission { | @@ -263,8 +263,8 @@ class Permission { | ||
| 263 | function roleIDExists($iRoleID) { | 263 | function roleIDExists($iRoleID) { |
| 264 | global $default, $lang_err_role_not_exist; | 264 | global $default, $lang_err_role_not_exist; |
| 265 | $sql = new Owl_DB(); | 265 | $sql = new Owl_DB(); |
| 266 | - $sql->query("SELECT id FROM " . $default->owl_roles_table . " WHERE id = " . $iRoleID; | ||
| 267 | - if (sql->next_record()) { | 266 | + $sql->query("SELECT id FROM " . $default->owl_roles_table . " WHERE id = " . $iRoleID); |
| 267 | + if ($sql->next_record()) { | ||
| 268 | return true; | 268 | return true; |
| 269 | } | 269 | } |
| 270 | $_SESSION["errorMessage"] = $lang_err_role_not_exist . $sRoleName; | 270 | $_SESSION["errorMessage"] = $lang_err_role_not_exist . $sRoleName; |
| @@ -281,8 +281,8 @@ class Permission { | @@ -281,8 +281,8 @@ class Permission { | ||
| 281 | function roleNameExists($sRoleName) { | 281 | function roleNameExists($sRoleName) { |
| 282 | global $default, $lang_err_role_not_exist; | 282 | global $default, $lang_err_role_not_exist; |
| 283 | $sql = new Owl_DB(); | 283 | $sql = new Owl_DB(); |
| 284 | - $sql->query("SELECT id FROM " . $default->owl_roles_table . " WHERE name = '" . $sRoleName . "'"; | ||
| 285 | - if (sql->next_record()) { | 284 | + $sql->query("SELECT id FROM " . $default->owl_roles_table . " WHERE name = '" . $sRoleName . "'"); |
| 285 | + if ($sql->next_record()) { | ||
| 286 | return true; | 286 | return true; |
| 287 | } | 287 | } |
| 288 | $_SESSION["errorMessage"] = $lang_err_role_not_exist . $sRoleName; | 288 | $_SESSION["errorMessage"] = $lang_err_role_not_exist . $sRoleName; |
| @@ -298,11 +298,11 @@ class Permission { | @@ -298,11 +298,11 @@ class Permission { | ||
| 298 | */ | 298 | */ |
| 299 | function getRoleID($sRoleName) { | 299 | function getRoleID($sRoleName) { |
| 300 | global $default, $lang_database_error; | 300 | global $default, $lang_database_error; |
| 301 | - if (roleExists($sRoleName) { | 301 | + if (roleExists($sRoleName)) { |
| 302 | $sql = new Owl_DB(); | 302 | $sql = new Owl_DB(); |
| 303 | - $sql->query("SELECT id FROM " . $default->owl_roles_table . " WHERE name = '" . $sRoleName . "'"; | ||
| 304 | - sql->next_record(); | ||
| 305 | - return sql->f("id"); | 303 | + $sql->query("SELECT id FROM " . $default->owl_roles_table . " WHERE name = '" . $sRoleName . "'"); |
| 304 | + $sql->next_record(); | ||
| 305 | + return $sql->f("id"); | ||
| 306 | } | 306 | } |
| 307 | $_SESSION["errorMessage"] = $lang_database_error; | 307 | $_SESSION["errorMessage"] = $lang_database_error; |
| 308 | return false; | 308 | return false; |