[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-cvs] [18479] fixes : acl for search and home
From: |
Pascal Vilarem |
Subject: |
[Phpgroupware-cvs] [18479] fixes : acl for search and home |
Date: |
Fri, 08 Feb 2008 17:28:37 +0000 |
Revision: 18479
http://svn.sv.gnu.org/viewvc/?view=rev&root=phpgroupware&revision=18479
Author: maat
Date: 2008-02-08 17:28:37 +0000 (Fri, 08 Feb 2008)
Log Message:
-----------
fixes : acl for search and home
Modified Paths:
--------------
trunk/ged/inc/class.ged_dm.inc.php
Modified: trunk/ged/inc/class.ged_dm.inc.php
===================================================================
--- trunk/ged/inc/class.ged_dm.inc.php 2008-02-06 03:32:38 UTC (rev 18478)
+++ trunk/ged/inc/class.ged_dm.inc.php 2008-02-08 17:28:37 UTC (rev 18479)
@@ -70,7 +70,7 @@
$this->db=$GLOBALS['phpgw']->db;
$this->owner=intval($GLOBALS['phpgw_info']['user']['account_id']);
-
+
if ( $this->admin == false )
{
//$acl_to_get =
$GLOBALS['phpgw']->session->appsession('ged_acl','ged');
@@ -99,43 +99,21 @@
// TODO : statuses restrictions
// (willneed a
find_versions(element_id, $statuses))
- $the_id=$this->db->f('element_id');
- if ( isset($this->acl[$the_id]))
+ $the_id=$this->db->f('element_id');
+
$this->acl[$the_id]['read']=$this->db->f('aclread');
+
$this->acl[$the_id]['write']=$this->db->f('aclwrite');
+
$this->acl[$the_id]['delete']=$this->db->f('acldelete');
+
$this->acl[$the_id]['changeacl']=$this->db->f('aclchangeacl');
+
+
$the_statuses=$this->db->f('aclstatuses');
+ if ( ! empty ( $the_statuses ) )
{
-
$this->acl[$the_id]['read']=max($this->acl[$the_id]['read'],
$this->db->f('aclread'));
-
$this->acl[$the_id]['write']=max($this->acl[$the_id]['write'],
$this->db->f('aclwrite'));
-
$this->acl[$the_id]['delete']=max($this->acl[$the_id]['delete'],
$this->db->f('acldelete'));
-
$this->acl[$the_id]['changeacl']=max($this->acl[$the_id]['changeacl'],
$this->db->f('aclchangeacl'));
-
-
$the_temp_statuses=$this->db->f('aclstatuses');
- if ( ! empty (
$the_temp_statuses ) && ! empty ( $this->acl[$the_id]['statuses'] ))
- {
-
$this->acl[$the_id]['statuses']=array_merge($this->acl[$the_id]['statuses'],
unserialize($the_statuses));
- }
- else
- {
-
$this->acl[$the_id]['statuses']=array();
- }
+
$this->acl[$the_id]['statuses']=unserialize($the_statuses);
}
else
{
-
$this->acl[$the_id]['read']=$this->db->f('aclread');
-
$this->acl[$the_id]['write']=$this->db->f('aclwrite');
-
$this->acl[$the_id]['delete']=$this->db->f('acldelete');
-
$this->acl[$the_id]['changeacl']=$this->db->f('aclchangeacl');
-
-
$the_statuses=$this->db->f('aclstatuses');
- if ( ! empty ( $the_statuses ) )
- {
-
$this->acl[$the_id]['statuses']=unserialize($the_statuses);
- }
- else
- {
-
$this->acl[$the_id]['statuses']=array();
- }
- }
- //DEBUG
- //_debug_array($this->acl[$the_id]);
+
$this->acl[$the_id]['statuses']=array();
+ }
}
$this->db->unlock();
@@ -1583,10 +1561,17 @@
function can_read($element_id)
{
$result=false;
+
+ // DEBUG
+ //print ( "element_id =".$element_id);
+ //_debug_array($this->acl[$element_id]);
if ( (isset($this->acl[$element_id]) &&
$this->acl[$element_id]['read'] == 1) || $this->admin == true )
{
$result=true;
+
+ // DEBUG
+ //print ( "Can read !");
}
return ($result );
@@ -2616,6 +2601,9 @@
$this->db->query($sql);
+ // DEBUG
+ //print ( $sql );
+
$i=0;
while ($this->db->next_record())
{
@@ -2625,22 +2613,24 @@
if ( $this->can_read($element_id) )
{
+ $go=false;
+
+ if ( $this->can_write($element_id) )
+ {
+ $go=true;
+ }
if ( !
isset($this->acl[$element_id]['statuses']) )
{
- $go="ok";
+ $go=true;
}
elseif(
empty($this->acl[$element_id]['statuses']) )
{
- $go="ok";
+ $go=true;
}
elseif(in_array(
$version_status,$this->acl[$element_id]['statuses']))
{
- $go="ok";
+ $go=true;
}
- else
- {
- $go=false;
- }
if ( $go==true )
{
@@ -2697,18 +2687,40 @@
{
$element_id=$this->db->f('element_id');
$version_id=$this->db->f('version_id');
+
+ if ( $this->can_read($element_id) )
+ {
+ $go=false;
+ if ( $this->can_write($element_id) )
+ {
+ $go=true;
+ }
+ elseif ( !
isset($this->acl[$element_id]['statuses']) )
+ {
+ $go=true;
+ }
+ elseif(
empty($this->acl[$element_id]['statuses']) )
+ {
+ $go=true;
+ }
+ elseif(in_array(
$version_status,$this->acl[$element_id]['statuses']))
+ {
+ $go=true;
+ }
+
+ if ( $go==true )
+ {
+ $docs[$i]['element_id']=$element_id;
+ $docs[$i]['name']=$this->db->f('name');
+
$docs[$i]['status']=$this->db->f('status');
+
$docs[$i]['reference']=$this->db->f('reference');
+
$docs[$i]['minor']=$this->db->f('minor');
+
$docs[$i]['major']=$this->db->f('major');
+
$docs[$i]['description']=$this->db->f('description');
+ $i ++;
+ }
+ }
- if ( $this->can_write($element_id) )
- {
- $docs[$i]['element_id']=$element_id;
- $docs[$i]['name']=$this->db->f('name');
- $docs[$i]['status']=$this->db->f('status');
-
$docs[$i]['reference']=$this->db->f('reference');
- $docs[$i]['minor']=$this->db->f('minor');
- $docs[$i]['major']=$this->db->f('major');
-
$docs[$i]['description']=$this->db->f('description');
- $i ++;
- }
}
$this->db->unlock();
@@ -2752,18 +2764,40 @@
{
$element_id=$this->db->f('element_id');
$version_id=$this->db->f('version_id');
+
+ if ( $this->can_read($element_id) )
+ {
+ $go=false;
+ if ( $this->can_write($element_id) )
+ {
+ $go=true;
+ }
+ elseif ( !
isset($this->acl[$element_id]['statuses']) )
+ {
+ $go=true;
+ }
+ elseif(
empty($this->acl[$element_id]['statuses']) )
+ {
+ $go=true;
+ }
+ elseif(in_array(
$version_status,$this->acl[$element_id]['statuses']))
+ {
+ $go=true;
+ }
+
+ if ( $go==true )
+ {
+ $docs[$i]['element_id']=$element_id;
+ $docs[$i]['name']=$this->db->f('name');
+
$docs[$i]['status']=$this->db->f('status');
+
$docs[$i]['reference']=$this->db->f('reference');
+
$docs[$i]['minor']=$this->db->f('minor');
+
$docs[$i]['major']=$this->db->f('major');
+
$docs[$i]['description']=$this->db->f('description');
+ $i ++;
+ }
+ }
- if ( $this->can_write($element_id) )
- {
- $docs[$i]['element_id']=$element_id;
- $docs[$i]['name']=$this->db->f('name');
- $docs[$i]['status']=$this->db->f('status');
-
$docs[$i]['reference']=$this->db->f('reference');
- $docs[$i]['minor']=$this->db->f('minor');
- $docs[$i]['major']=$this->db->f('major');
-
$docs[$i]['description']=$this->db->f('description');
- $i ++;
- }
}
$this->db->unlock();
@@ -2810,18 +2844,40 @@
{
$element_id=$this->db->f('element_id');
$version_id=$this->db->f('version_id');
+
+ if ( $this->can_read($element_id) )
+ {
+ $go=false;
+ if ( $this->can_write($element_id) )
+ {
+ $go=true;
+ }
+ elseif ( !
isset($this->acl[$element_id]['statuses']) )
+ {
+ $go=true;
+ }
+ elseif(
empty($this->acl[$element_id]['statuses']) )
+ {
+ $go=true;
+ }
+ elseif(in_array(
$version_status,$this->acl[$element_id]['statuses']))
+ {
+ $go=true;
+ }
+
+ if ( $go==true )
+ {
+ $docs[$i]['element_id']=$element_id;
+ $docs[$i]['name']=$this->db->f('name');
+
$docs[$i]['status']=$this->db->f('status');
+
$docs[$i]['reference']=$this->db->f('reference');
+
$docs[$i]['minor']=$this->db->f('minor');
+
$docs[$i]['major']=$this->db->f('major');
+
$docs[$i]['description']=$this->db->f('description');
+ $i ++;
+ }
+ }
- if ( $this->can_write($element_id) )
- {
- $docs[$i]['element_id']=$element_id;
- $docs[$i]['name']=$this->db->f('name');
- $docs[$i]['status']=$this->db->f('status');
-
$docs[$i]['reference']=$this->db->f('reference');
- $docs[$i]['minor']=$this->db->f('minor');
- $docs[$i]['major']=$this->db->f('major');
-
$docs[$i]['description']=$this->db->f('description');
- $i ++;
- }
}
$this->db->unlock();
@@ -2894,12 +2950,12 @@
$sql="SELECT ged_elements.*, ged_current_version.*,
ged_elements.description as descriptione, ged_current_version.description as
descriptionv ";
$sql.="FROM ( ged_elements ";
$sql.="INNER JOIN ged_versions as ged_current_version ";
- $sql.="ON
ged_elements.element_id=ged_current_version.element_id ";
- $sql.="AND ( ged_current_version.status='current' OR
ged_current_version.status='working' OR
ged_current_version.status='pending_for_technical_review' ";
- $sql.="OR
ged_current_version.status='pending_for_quality_review' OR
ged_current_version.status='ready_for_delivery' OR
ged_current_version.status='pending_for_acceptation' )) ";
+ $sql.="ON
ged_elements.element_id=ged_current_version.element_id ) ";
$sql.="WHERE ged_elements.name like '%".$query."%' OR
ged_elements.description like '%".$query."%' OR ged_elements.reference like
'%".$query."%' ";
$sql.="OR ged_current_version.description like '%".$query."%'
";
+ // DEBUG
+ //print ( $sql);
$this->db->query($sql);
$i=0;
@@ -2909,7 +2965,7 @@
$version_id=$this->db->f('version_id');
$version_status=$this->db->f('status');
- if ( $this->can_write($element_id) || ( $version_status
== "pending_for_acceptation" || $version_status == "current" ) &&
$this->can_read($element_id) )
+ if ( $this->can_write($element_id) ||
$this->can_read($element_id) && ( (!
isset($this->acl[$element_id]['statuses'])) || empty(
$this->acl[$element_id]['statuses'] ) || (
is_array($this->acl[$element_id]['statuses'] ) && in_array($version_status,
$this->acl[$element_id]['statuses'])) ))
{
$docs[$i]['element_id']=$element_id;
$docs[$i]['version_id']=$this->db->f('version_id');
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Phpgroupware-cvs] [18479] fixes : acl for search and home,
Pascal Vilarem <=