Commit edd2817e30bd6e55b5a2e3d434de5ce4604cea18
1 parent
64ec17ba
Added checks for nulls when retrieived folders and documents from the database. …
… If a folder/document cannot be retrieved, an entry is placed in the log file git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@1134 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
19 additions
and
1 deletions
lib/security/permission.inc
| @@ -27,7 +27,12 @@ class Permission { | @@ -27,7 +27,12 @@ class Permission { | ||
| 27 | * @return boolean true if the current user has document write permission, false otherwise and set $_SESSION["errorMessage"] | 27 | * @return boolean true if the current user has document write permission, false otherwise and set $_SESSION["errorMessage"] |
| 28 | */ | 28 | */ |
| 29 | function userHasDocumentWritePermission($iDocumentID) { | 29 | function userHasDocumentWritePermission($iDocumentID) { |
| 30 | + global $default; | ||
| 30 | $oDocument = & Document::get($iDocumentID); | 31 | $oDocument = & Document::get($iDocumentID); |
| 32 | + if ($oDocument == null) { | ||
| 33 | + $default->log->info("Failed to retrieve document with ID $iDocumentID from database"); | ||
| 34 | + return false; | ||
| 35 | + } | ||
| 31 | if (Permission::userHasFolderWritePermission($oDocument->getFolderID()) || | 36 | if (Permission::userHasFolderWritePermission($oDocument->getFolderID()) || |
| 32 | Permission::userHasWriteRoleForDocument($iDocumentID)) { | 37 | Permission::userHasWriteRoleForDocument($iDocumentID)) { |
| 33 | return true; | 38 | return true; |
| @@ -48,7 +53,12 @@ class Permission { | @@ -48,7 +53,12 @@ class Permission { | ||
| 48 | * @return boolean true if the current user has document read permission, false otherwise and set $_SESSION["errorMessage"] | 53 | * @return boolean true if the current user has document read permission, false otherwise and set $_SESSION["errorMessage"] |
| 49 | */ | 54 | */ |
| 50 | function userHasDocumentReadPermission($iDocumentID) { | 55 | function userHasDocumentReadPermission($iDocumentID) { |
| 56 | + global $default; | ||
| 51 | $oDocument = & Document::get($iDocumentID); | 57 | $oDocument = & Document::get($iDocumentID); |
| 58 | + if ($oDocument == null) { | ||
| 59 | + $default->log->info("Failed to retrieve document with ID $iDocumentID from database"); | ||
| 60 | + return false; | ||
| 61 | + } | ||
| 52 | if (Permission::userHasDocumentWritePermission($iDocumentID) || | 62 | if (Permission::userHasDocumentWritePermission($iDocumentID) || |
| 53 | Permission::userHasReadRoleForDocument($iDocumentID) || | 63 | Permission::userHasReadRoleForDocument($iDocumentID) || |
| 54 | Permission::userHasFolderReadPermission($oDocument->getFolderID())) { | 64 | Permission::userHasFolderReadPermission($oDocument->getFolderID())) { |
| @@ -132,6 +142,10 @@ class Permission { | @@ -132,6 +142,10 @@ class Permission { | ||
| 132 | function userHasGroupWritePermissionForFolder($iFolderID) { | 142 | function userHasGroupWritePermissionForFolder($iFolderID) { |
| 133 | global $default, $lang_err_user_folder_write; | 143 | global $default, $lang_err_user_folder_write; |
| 134 | $oFolder = Folder::get($iFolderID); | 144 | $oFolder = Folder::get($iFolderID); |
| 145 | + if ($oFolder == null) { | ||
| 146 | + $default->log->info("Failed to retrieve folder with ID $iFolderID from database"); | ||
| 147 | + return false; | ||
| 148 | + } | ||
| 135 | $sql = $default->db; | 149 | $sql = $default->db; |
| 136 | $sql->query("SELECT GFL.folder_id " . | 150 | $sql->query("SELECT GFL.folder_id " . |
| 137 | "FROM groups_folders_link AS GFL INNER JOIN users_groups_link AS UGL ON GFL.group_id = UGL.group_id " . | 151 | "FROM groups_folders_link AS GFL INNER JOIN users_groups_link AS UGL ON GFL.group_id = UGL.group_id " . |
| @@ -179,6 +193,10 @@ class Permission { | @@ -179,6 +193,10 @@ class Permission { | ||
| 179 | global $default, $lang_err_user_folder_read; | 193 | global $default, $lang_err_user_folder_read; |
| 180 | $sql = $default->db; | 194 | $sql = $default->db; |
| 181 | $oFolder = Folder::get($iFolderID); | 195 | $oFolder = Folder::get($iFolderID); |
| 196 | + if ($oFolder == null) { | ||
| 197 | + $default->log->info("Failed to retrieve folder with ID $iFolderID from database"); | ||
| 198 | + return false; | ||
| 199 | + } | ||
| 182 | //$sql->query("SELECT * FROM " . $default->owl_groups_folders_table = "groups_folders_link" . " WHERE folder_id = " . $iFolderID . " AND user_id = " . $_SESSION["userID"] . " AND can_read = 1"); | 200 | //$sql->query("SELECT * FROM " . $default->owl_groups_folders_table = "groups_folders_link" . " WHERE folder_id = " . $iFolderID . " AND user_id = " . $_SESSION["userID"] . " AND can_read = 1"); |
| 183 | $sql->query("SELECT GFL.folder_id " . | 201 | $sql->query("SELECT GFL.folder_id " . |
| 184 | "FROM groups_folders_link AS GFL INNER JOIN users_groups_link AS UGL ON GFL.group_id = UGL.group_id " . | 202 | "FROM groups_folders_link AS GFL INNER JOIN users_groups_link AS UGL ON GFL.group_id = UGL.group_id " . |
| @@ -217,7 +235,7 @@ class Permission { | @@ -217,7 +235,7 @@ class Permission { | ||
| 217 | * | 235 | * |
| 218 | * @return boolean true if the user is in the group, false otherwise and sets $_SESSION["errorMessage"] | 236 | * @return boolean true if the user is in the group, false otherwise and sets $_SESSION["errorMessage"] |
| 219 | */ | 237 | */ |
| 220 | - function userIsInGroupName($sGroupName) { | 238 | + function userIsInGroupName($sGroupName) { |
| 221 | global $default, $lang_err_user_group; | 239 | global $default, $lang_err_user_group; |
| 222 | $sql = $default->db; | 240 | $sql = $default->db; |
| 223 | $sql->query("SELECT GULT.id FROM " . $default->owl_users_groups_table . " AS GULT INNER JOIN " . $default->owl_groups_table . " AS G ON GULT.group_id = G.ID WHERE G.name = '" . $sGroupName . "' AND user_id = " . $_SESSION["userID"]); | 241 | $sql->query("SELECT GULT.id FROM " . $default->owl_users_groups_table . " AS GULT INNER JOIN " . $default->owl_groups_table . " AS G ON GULT.group_id = G.ID WHERE G.name = '" . $sGroupName . "' AND user_id = " . $_SESSION["userID"]); |