diff --git a/ktapi/KTAPIConstants.inc.php b/ktapi/KTAPIConstants.inc.php index fe555c8..10f93eb 100644 --- a/ktapi/KTAPIConstants.inc.php +++ b/ktapi/KTAPIConstants.inc.php @@ -68,5 +68,6 @@ define('KTAPI_PERMISSION_RENAME_FOLDER', 'ktcore.permissions.folder_rename'); define('KTAPI_PERMISSION_CHANGE_OWNERSHIP', 'ktcore.permissions.security'); define('KTAPI_PERMISSION_DOCUMENT_MOVE', 'ktcore.permissions.write'); define('KTAPI_PERMISSION_WORKFLOW', 'ktcore.permissions.workflow'); +define('KTAPI_PERMISSION_VIEW_FOLDER', 'ktcore.permissions.folder_details'); ?> \ No newline at end of file diff --git a/ktapi/KTAPIDocument.inc.php b/ktapi/KTAPIDocument.inc.php index a0ba1cd..a5cae9f 100644 --- a/ktapi/KTAPIDocument.inc.php +++ b/ktapi/KTAPIDocument.inc.php @@ -237,7 +237,7 @@ class KTAPI_Document extends KTAPI_FolderItem if (PEAR::isError($user)) { return $user; - } + } if ($this->document->getIsCheckedOut()) { @@ -267,7 +267,7 @@ class KTAPI_Document extends KTAPI_FolderItem if (PEAR::isError($user)) { return $user; - } + } DBUtil::startTransaction(); @@ -346,25 +346,25 @@ class KTAPI_Document extends KTAPI_FolderItem } $name = $this->document->getName(); - $clash = KTDocumentUtil::nameExists($target_folder, $name); + $clash = KTDocumentUtil::nameExists($target_folder, $name); if ($clash && !is_null($newname)) { $name = $newname; $clash = KTDocumentUtil::nameExists($target_folder, $name); - } + } if ($clash) { return new PEAR_Error('A document with this title already exists in your chosen folder. Please choose a different folder, or specify a new title for the copied document.'); } $filename=$this->document->getFilename(); - $clash = KTDocumentUtil::fileExists($target_folder, $filename); + $clash = KTDocumentUtil::fileExists($target_folder, $filename); if ($clash && !is_null($newname)) { $filename = $newfilename; - $clash = KTDocumentUtil::fileExists($target_folder, $filename); - } + $clash = KTDocumentUtil::fileExists($target_folder, $filename); + } if ($clash) { return new PEAR_Error('A document with this filename already exists in your chosen folder. Please choose a different folder, or specify a new filename for the copied document.'); @@ -435,7 +435,7 @@ class KTAPI_Document extends KTAPI_FolderItem if (PEAR::isError($user)) { return $user; - } + } if ($this->document->getIsCheckedOut()) { @@ -457,25 +457,25 @@ class KTAPI_Document extends KTAPI_FolderItem } $name = $this->document->getName(); - $clash = KTDocumentUtil::nameExists($target_folder, $name); + $clash = KTDocumentUtil::nameExists($target_folder, $name); if ($clash && !is_null($newname)) { $name = $newname; $clash = KTDocumentUtil::nameExists($target_folder, $name); - } + } if ($clash) { return new PEAR_Error('A document with this title already exists in your chosen folder. Please choose a different folder, or specify a new title for the moved document.'); } $filename=$this->document->getFilename(); - $clash = KTDocumentUtil::fileExists($target_folder, $filename); + $clash = KTDocumentUtil::fileExists($target_folder, $filename); if ($clash && !is_null($newname)) { $filename = $newfilename; - $clash = KTDocumentUtil::fileExists($target_folder, $filename); - } + $clash = KTDocumentUtil::fileExists($target_folder, $filename); + } if ($clash) { return new PEAR_Error('A document with this filename already exists in your chosen folder. Please choose a different folder, or specify a new filename for the moved document.'); @@ -516,7 +516,7 @@ class KTAPI_Document extends KTAPI_FolderItem if (PEAR::isError($user)) { return $user; - } + } DBUtil::startTransaction(); $res = KTDocumentUtil::rename($this->document, $newname, $user); @@ -525,7 +525,7 @@ class KTAPI_Document extends KTAPI_FolderItem DBUtil::rollback(); return new KTAPI_Error(KTAPI_ERROR_INTERNAL_ERROR,$res ); } - DBUtil::commit(); + DBUtil::commit(); } /** @@ -540,7 +540,7 @@ class KTAPI_Document extends KTAPI_FolderItem if (PEAR::isError($user)) { return $user; - } + } $doctypeid = KTAPI::get_documenttypeid($documenttype); @@ -571,7 +571,7 @@ class KTAPI_Document extends KTAPI_FolderItem if (PEAR::isError($user)) { return $user; - } + } if ($this->document->getName() != $newname) { @@ -753,7 +753,7 @@ class KTAPI_Document extends KTAPI_FolderItem { if ($fieldset->getIsConditional()) { /* this is not implemented...*/ continue; } - $fields = $fieldset->getFields(); + $fields = $fieldset->getFields(); $result = array('fieldset' => $fieldset->getName(), 'description' => $fieldset->getDescription()); @@ -761,7 +761,7 @@ class KTAPI_Document extends KTAPI_FolderItem foreach ($fields as $field) { - $value = 'n/a'; + $value = 'n/a'; $fieldvalue = DocumentFieldLink::getByDocumentAndField($this->document, $field); if (!is_null($fieldvalue) && (!PEAR::isError($fieldvalue))) @@ -777,12 +777,12 @@ class KTAPI_Document extends KTAPI_FolderItem { $controltype = 'tree'; } - } + } switch ($controltype) { case 'lookup': - $selection = KTAPI::get_metadata_lookup($field->getId()); + $selection = KTAPI::get_metadata_lookup($field->getId()); break; case 'tree': $selection = KTAPI::get_metadata_tree($field->getId()); @@ -807,7 +807,7 @@ class KTAPI_Document extends KTAPI_FolderItem $results [] = $result; } - return $results; + return $results; } /** @@ -817,28 +817,60 @@ class KTAPI_Document extends KTAPI_FolderItem */ function update_metadata($metadata) { + global $default; $packed = array(); foreach($metadata as $fieldset_metadata) { - $fieldsetname=$fieldset_metadata['fieldset']; + if (is_array($fieldset_metadata)) + { + $fieldsetname=$fieldset_metadata['fieldset']; + $fields=$fieldset_metadata['fields']; + } + elseif (is_a($fieldset_metadata, 'stdClass')) + { + $fieldsetname=$fieldset_metadata->fieldset; + $fields=$fieldset_metadata->fields; + } + else + { + $default->log->debug("unexpected fieldset type"); + continue; + } + $fieldset = KTFieldset::getByName($fieldsetname); if (is_null($fieldset) || PEAR::isError($fieldset)) { + $default->log->debug("could not resolve fieldset: $fieldsetname"); // exit graciously continue; } - foreach($fieldset_metadata['fields'] as $fieldinfo) + foreach($fields as $fieldinfo) { - $fieldname = $fieldinfo['name']; + if (is_array($fieldinfo)) + { + $fieldname = $fieldinfo['name']; + $value = $fieldinfo['value']; + } + elseif (is_a($fieldinfo, 'stdClass')) + { + $fieldname = $fieldinfo->name; + $value = $fieldinfo->value; + } + else + { + $default->log->debug("unexpected fieldinfo type"); + continue; + } + $field = DocumentField::getByFieldsetAndName($fieldset, $fieldname); if (is_null($field) || PEAR::isError($fieldset)) { + $default->log->debug("could not resolve field: $fieldname"); // exit graciously continue; - } - $value = $fieldinfo['value']; + } $packed[] = array($field, $value); } @@ -890,7 +922,7 @@ class KTAPI_Document extends KTAPI_FolderItem } foreach($transitions as $transition) { - $result[] = $transition->getName(); + $result[] = $transition->getName(); } return $result; @@ -1042,7 +1074,7 @@ class KTAPI_Document extends KTAPI_FolderItem function download($version=null) { $storage =& KTStorageManagerUtil::getSingleton(); - $options = array(); + $options = array(); $oDocumentTransaction = & new DocumentTransaction($this->document, 'Document downloaded', 'ktcore.transactions.download', $aOptions); @@ -1091,7 +1123,7 @@ class KTAPI_Document extends KTAPI_FolderItem $user = User::get($userid); $version['user'] = $user->getName(); - $version['metadata_version'] = $document->getMetadataVersion(); + $version['metadata_version'] = $document->getMetadataVersion(); $version['content_version'] = $document->getVersion(); $versions[] = $version; @@ -1143,7 +1175,7 @@ class KTAPI_Document extends KTAPI_FolderItem { $this->document->setFolderId(1); $folder = Folder::get(1); - } + } else { $this->document->setFolderId($this->document->getRestoreFolderId()); diff --git a/ktapi/KTAPIFolder.inc.php b/ktapi/KTAPIFolder.inc.php index 86c9777..ca30164 100644 --- a/ktapi/KTAPIFolder.inc.php +++ b/ktapi/KTAPIFolder.inc.php @@ -232,127 +232,161 @@ class KTAPI_Folder extends KTAPI_FolderItem return $this->_get_document_by_name($documentname,'getByFilenameAndFolder'); } - function get_listing($depth=1, $what='DF') + function _resolve_user($userid) { + $user=null; + + if (!is_null($userid)) + { + $user=User::get($userid); + if (is_null($user) || PEAR::isError($user)) + { + $user=null; + } + } + return $user; + } + + + function get_listing($depth=1, $what='DF') + { if ($depth < 1) { return array(); } - $permission = &KTPermission::getByName(KTAPI_PERMISSION_READ); - $permissionid= $permission->getId(); - $user = $this->ktapi->get_user(); - $descriptors=KTPermissionUtil::getPermissionDescriptorsForUser($user); - if (is_null($descriptors) || PEAR::isError($descriptors)) - { - return new KTAPI_Error(KTAPI_ERROR_INTERNAL_ERROR . ': problem with descriptors for user', $descriptors); - } - if (count($descriptors == 0)) - { - $descriptors=array(0); - } + $what = strtoupper($what); + $read_permission = &KTPermission::getByName(KTAPI_PERMISSION_READ); + $folder_permission = &KTPermission::getByName(KTAPI_PERMISSION_VIEW_FOLDER); + - $aPermissionDescriptors = implode(',',$descriptors); + $user = $this->ktapi->get_user(); + + $contents = array(); - $sql = ''; - if (strpos($what,'D') !== false) - { - $sql .= "SELECT - d.id, - 'D' as item_type, - dmv.name as title, - ifnull(uc.name, 'n/a') AS creator, - ifnull(cou.name, 'n/a') AS checkedoutby, - ifnull(mu.name, 'n/a') AS modifiedby, - dcv.filename, - dcv.size, - dcv.major_version, - dcv.minor_version, - dcv.storage_path, - ifnull(mt.mimetypes, 'unknown') as mime_type, - ifnull(mt.icon_path, 'unknown') as mime_icon_path, - ifnull(mt.friendly_name, 'unknown') as mime_display - FROM - documents d - INNER JOIN permission_lookups AS PL ON d.permission_lookup_id = PL.id - INNER JOIN permission_lookup_assignments AS PLA ON PL.id = PLA.permission_lookup_id AND PLA.permission_id = $permissionid - INNER JOIN document_metadata_version AS dmv ON d.metadata_version_id=dmv.id - INNER JOIN document_content_version AS dcv ON dmv.content_version_id=dcv.id - LEFT OUTER JOIN mime_types mt ON dcv.mime_id = mt.id - LEFT OUTER JOIN users AS uc ON d.creator_id=uc.id - LEFT OUTER JOIN users AS cou ON d.checked_out_user_id=cou.id - LEFT OUTER JOIN users AS mu ON d.modified_user_id=mu.id - WHERE - d.folder_id=$this->folderid - AND d.status_id = 1 - AND PLA.permission_descriptor_id IN ($aPermissionDescriptors)"; - } - if (strpos($what,'F') !== false) { - if (strpos($what,'D') !== false) + $folder_children = Folder::getList(array('parent_id = ?', $this->folderid)); + + + foreach ($folder_children as $folder) { - $sql .= ' UNION '; + if(KTPermissionUtil::userHasPermissionOnItem($user, $folder_permission, $folder)) + { + $creator=$this->_resolve_user($folder->getCreatorID()); + + if ($depth-1 > 0) + { + $sub_folder = &$this->ktapi->get_folder_by_id($folder->getId()); + $items = $folder->get_listing($depth-1); + } + else + { + $items=array(); + } + + + $contents[] = array( + 'id' => (int) $folder->getId(), + 'item_type'=>'F', + 'title'=>$folder->getName(), + 'creator'=>is_null($creator)?'n/a':$creator->getName(), + 'checkedoutby'=>'n/a', + 'modifiedby'=>'n/a', + 'filename'=>$folder->getName(), + 'size'=>'n/a', + 'major_version'=>'n/a', + 'minor_version'=>'n/a', + 'storage_path'=>'n/a', + 'mime_type'=>'folder', + 'mime_icon_path'=>'folder', + 'mime_display'=>'Folder', + 'items'=>$items, + 'workflow'=>'n/a', + 'workflow_state'=>'n/a' + + ); + } } - - $sql .= " - SELECT - f.id, - 'F' as item_type, - f.name as title, - ifnull(uc.name, 'n/a') AS creator, - 'n/a' checkedoutby, - 'n/a' AS modifiedby, - f.name as filename, - 'n/a' as size, - 'n/a' as major_version, - 'n/a' as minor_version, - 'n/a' as storage_path, - 'folder' as mime_type, - 'folder' as mime_icon_path, - 'Folder' as mime_display - FROM - folders f - INNER JOIN permission_lookups AS PL ON f.permission_lookup_id = PL.id - INNER JOIN permission_lookup_assignments AS PLA ON PL.id = PLA.permission_lookup_id AND PLA.permission_id = $permissionid - LEFT OUTER JOIN users AS uc ON f.creator_id=uc.id - - WHERE - f.parent_id=$this->folderid - - AND PLA.permission_descriptor_id IN ($aPermissionDescriptors) - ORDER BY item_type DESC, title, filename - "; - } - - $contents = DBUtil::getResultArray($sql); - if (is_null($contents) || PEAR::isError($contents)) - { - return new KTAPI_Error(KTAPI_ERROR_INTERNAL_ERROR , $contents); } - - $num_items = count($contents); - for($i=0;$i<$num_items;$i++) + if (strpos($what,'D') !== false) { - $contents[$i]['id'] = (int) $contents[$i]['id']; - if ($contents[$i]['item_type'] == 'D') - { - $contents[$i]['items'] = array(); - } - else + $document_children = Document::getList(array('folder_id = ? AND status_id = 1', $this->folderid)); + + // I hate that KT doesn't cache things nicely... + $mime_cache=array(); + + foreach ($document_children as $document) { - if ($depth-1 > 0) + if (KTPermissionUtil::userHasPermissionOnItem($user, $read_permission, $document)) { - $folder = &$this->ktapi->get_folder_by_id($item['id']); - $contents[$i]['items'] = $folder->get_listing($depth-1); - } - else - { - $contents[$i]['items'] = array(); + $creator=$this->_resolve_user($document->getCreatorID()); + $checkedoutby=$this->_resolve_user($document->getCheckedOutUserID()); + $modifiedby=$this->_resolve_user($document->getCreatorID()); + + $mimetypeid=$document->getMimeTypeID(); + if (!array_key_exists($mimetypeid, $mime_cache)) + { + + $type=KTMime::getMimeTypeName($mimetypeid); + $icon=KTMime::getIconPath($mimetypeid); + $display=KTMime::getFriendlyNameForString($type); + $mime_cache[$mimetypeid] = array( + 'type'=>$type, + 'icon'=>$icon, + 'display'=>$display + + ); + } + $mimeinfo=$mime_cache[$mimetypeid]; + + $workflow = KTWorkflowUtil::getWorkflowForDocument($document); + + if (!is_null($workflow) && !PEAR::isError($workflow)) + { + $workflow=$workflow->getHumanName(); + + $state=KTWorkflowUtil::getWorkflowStateForDocument($document); + if (!is_null($state) && !PEAR::isError($state)) + { + $state=$state->getHumanName(); + } + else + { + $state='n/a'; + } + } + else + { + $workflow='n/a'; + $state='n/a'; + } + + + $contents[] = array( + 'id' => (int) $document->getId(), + 'item_type'=>'D', + 'title'=>$document->getName(), + 'creator'=>is_null($creator)?'n/a':$creator->getName(), + 'checkedoutby'=>is_null($checkedoutby)?'n/a':$checkedoutby->getName(), + 'modifiedby'=>is_null($modifiedby)?'n/a':$modifiedby->getName(), + 'filename'=>$document->getName(), + 'size'=>$document->getFileSize(), + 'major_version'=>$document->getMajorVersionNumber(), + 'minor_version'=>$document->getMinorVersionNumber(), + 'storage_path'=>$document->getStoragePath(), + 'mime_type'=>$mime_cache[$mimetypeid]['type'], + 'mime_icon_path'=>$mime_cache[$mimetypeid]['icon'], + 'mime_display'=>$mime_cache[$mimetypeid]['display'], + 'items'=>array(), + 'workflow'=>$workflow, + 'workflow_state'=>$state + ); } } + } - + return $contents; } diff --git a/ktapi/KTAPISession.inc.php b/ktapi/KTAPISession.inc.php index 1b18c3c..1d8549f 100644 --- a/ktapi/KTAPISession.inc.php +++ b/ktapi/KTAPISession.inc.php @@ -266,7 +266,11 @@ class KTAPI_UserSession extends KTAPI_Session $sql = "UPDATE active_sessions SET last_used='$now' WHERE id=$sessionid"; DBUtil::runQuery($sql); - $session = &new KTAPI_UserSession($ktapi, $user, $session, $sessionid, $ip); + + if ($user->isAnonymous()) + $session = &new KTAPI_AnonymousSession($ktapi, $user, $session, $sessionid, $ip); + else + $session = &new KTAPI_UserSession($ktapi, $user, $session, $sessionid, $ip); return $session; } diff --git a/ktwebservice/webservice.php b/ktwebservice/webservice.php index 1a0b437..32637c8 100644 --- a/ktwebservice/webservice.php +++ b/ktwebservice/webservice.php @@ -126,6 +126,8 @@ class KTWebService 'mime_type' => 'string', 'mime_icon_path' => 'string', 'mime_display' => 'string', + 'workflow'=>'string', + 'workflow_state'=>'string', 'items' =>"{urn:$this->namespace}kt_folder_items" ); @@ -303,6 +305,13 @@ class KTWebService array('in' => array('username' => 'string', 'password' => 'string', 'ip' => 'string'), 'out' => array('return' => "{urn:$this->namespace}kt_response" ), ); + + // anonymous_login + $this->__dispatch_map['anonymous_login'] = + array('in' => array('ip' => 'string'), + 'out' => array('return' => "{urn:$this->namespace}kt_response" ), + ); + // logout $this->__dispatch_map['logout'] = @@ -586,7 +595,36 @@ class KTWebService } return $kt; } - + + /** + * Creates a new anonymous session. + * + * @param string $ip + * @return kt_response + */ + function anonymous_login($ip=null) + { + $response = array( + 'status_code'=>KTWS_ERR_AUTHENTICATION_ERROR, + 'message'=>'', + ); + + $kt = &new KTAPI(); + + $session = $kt->start_anonymous_session($ip); + + if (PEAR::isError($session)) + { + $response['message'] = $session->getMessage(); + return new SOAP_Value('return',"{urn:$this->namespace}kt_response", $response); + } + + $response['status_code'] = KTWS_SUCCESS; + $response['message'] = $session->get_session(); + + return new SOAP_Value('return',"{urn:$this->namespace}kt_response", $response); + } + /** * Creates a new session for the user. * @@ -672,7 +710,7 @@ class KTWebService 'status_code'=>KTWS_ERR_INVALID_FOLDER, 'message'=>$folder->getMessage() ); - return new SOAP_Value('return',"{urn:$this->namespace}kt_folder_detail", $kt); + return new SOAP_Value('return',"{urn:$this->namespace}kt_folder_detail", $response); } $detail = $folder->get_detail(); @@ -810,7 +848,7 @@ class KTWebService } $listing = $folder->get_listing($depth, $what); - + $contents = array( 'status_code'=>KTWS_SUCCESS, 'message'=>'', diff --git a/plugins/ktstandard/ldap/ldapbaseauthenticationprovider.inc.php b/plugins/ktstandard/ldap/ldapbaseauthenticationprovider.inc.php index 42009f7..e8767c7 100644 --- a/plugins/ktstandard/ldap/ldapbaseauthenticationprovider.inc.php +++ b/plugins/ktstandard/ldap/ldapbaseauthenticationprovider.inc.php @@ -264,7 +264,7 @@ class KTLDAPBaseAuthenticationProvider extends KTAuthenticationProvider { $name = KTUtil::arrayGet($_REQUEST, 'name'); if (empty($name)) { $this->errorRedirectToMain(_kt('You must specify a name for the user.')); } $username = KTUtil::arrayGet($_REQUEST, 'ldap_username'); - if (empty($name)) { $this->errorRedirectToMain(_kt('You must specify a new username.')); } + if (empty($username)) { $this->errorRedirectToMain(_kt('You must specify a new username.')); } // FIXME check for non-clashing usernames. $email_address = KTUtil::arrayGet($_REQUEST, 'email_address');