public function getCanBeReadByUser() { if (!$this->live) { return false; } if (Permission::userHasDocumentReadPermission($this->Document)) { return true; } if (Permission::adminIsInAdminMode()) { return true; } return false; }
function do_performquicktransition() { $oForm = $this->form_quicktransition(); $res = $oForm->validate(); if (!empty($res['errors'])) { return $oForm->handleError(); } $this->startTransaction(); $data = $res['results']; $oTransition = KTWorkflowTransition::get($_REQUEST['fTransitionId']); $res = KTWorkflowUtil::performTransitionOnDocument($oTransition, $this->oDocument, $this->oUser, $data['reason']); if (!Permission::userHasDocumentReadPermission($this->oDocument)) { $this->commitTransaction(); $_SESSION['KTInfoMessage'][] = _kt('Transition performed') . '. ' . _kt('You no longer have permission to view this document'); controllerRedirect('browse', sprintf('fFolderId=%d', $this->oDocument->getFolderId())); } else { $this->commitTransaction(); $_SESSION['KTInfoMessage'][] = _kt('Transition performed'); controllerRedirect('viewDocument', sprintf('fDocumentId=%d', $this->oDocument->getId())); } }
function do_viewComparison() { $document_data = array(); $document_id = KTUtil::arrayGet($_REQUEST, 'fDocumentId'); if ($document_id === null) { $this->oPage->addError(sprintf(_kt("No document was requested. Please <a href=\"%s\">browse</a> for one."), KTBrowseUtil::getBrowseBaseUrl())); return $this->do_error(); } $document_data['document_id'] = $document_id; $base_version = KTUtil::arrayGet($_REQUEST, 'fBaseVersion'); // try get the document. $oDocument =& Document::get($document_id, $base_version); if (PEAR::isError($oDocument)) { $this->oPage->addError(sprintf(_kt("The base document you attempted to retrieve is invalid. Please <a href=\"%s\">browse</a> for one."), KTBrowseUtil::getBrowseBaseUrl())); return $this->do_error(); } if (!Permission::userHasDocumentReadPermission($oDocument)) { // FIXME inconsistent. $this->oPage->addError(_kt('You are not allowed to view this document')); return $this->permissionDenied(); } $this->oDocument =& $oDocument; $this->oPage->setSecondaryTitle($oDocument->getName()); $aOptions = array('documentaction' => 'viewDocument', 'folderaction' => 'browse'); $this->aBreadcrumbs = kt_array_merge($this->aBreadcrumbs, KTBrowseUtil::breadcrumbsForDocument($oDocument, $aOptions)); $this->oPage->setBreadcrumbDetails(_kt('compare versions')); $comparison_version = KTUtil::arrayGet($_REQUEST, 'fComparisonVersion'); if ($comparison_version === null) { $this->oPage->addError(sprintf(_kt("No comparison version was requested. Please <a href=\"%s\">select a version</a>."), KTUtil::addQueryStringSelf('action=history&fDocumentId=' . $document_id))); return $this->do_error(); } $oComparison =& Document::get($oDocument->getId(), $comparison_version); if (PEAR::isError($oComparison)) { $this->errorRedirectToMain(_kt('Invalid document to compare against.')); } $comparison_data = array(); $comparison_data['document_id'] = $oComparison->getId(); $document_data['document'] = $oDocument; $comparison_data['document'] = $oComparison; $document_data['document_type'] =& DocumentType::get($oDocument->getDocumentTypeID()); $comparison_data['document_type'] =& DocumentType::get($oComparison->getDocumentTypeID()); // follow twice: once for normal, once for comparison. $is_valid_doctype = true; if (PEAR::isError($document_data['document_type'])) { $this->oPage->addError(_kt('The document you requested has an invalid <strong>document type</strong>. Unfortunately, this means that we cannot effectively display it.')); $is_valid_doctype = false; } // we want to grab all the md for this doc, since its faster that way. $mdlist =& DocumentFieldLink::getList(array('metadata_version_id = ?', array($base_version))); $field_values = array(); foreach ($mdlist as $oFieldLink) { $field_values[$oFieldLink->getDocumentFieldID()] = $oFieldLink->getValue(); } $document_data['field_values'] = $field_values; $mdlist =& DocumentFieldLink::getList(array('metadata_version_id = ?', array($comparison_version))); $field_values = array(); foreach ($mdlist as $oFieldLink) { $field_values[$oFieldLink->getDocumentFieldID()] = $oFieldLink->getValue(); } $comparison_data['field_values'] = $field_values; // Fieldset generation. // // we need to create a set of FieldsetDisplay objects // that adapt the Fieldsets associated with this lot // to the view (i.e. ZX3). Unfortunately, we don't have // any of the plumbing to do it, so we handle this here. $fieldsets = array(); // we always have a generic. array_push($fieldsets, new GenericFieldsetDisplay()); // FIXME can we key this on fieldset namespace? or can we have duplicates? // now we get the other fieldsets, IF there is a valid doctype. if ($is_valid_doctype) { // these are the _actual_ fieldsets. $fieldsetDisplayReg =& KTFieldsetDisplayRegistry::getSingleton(); // and the generics $activesets = KTFieldset::getGenericFieldsets(); foreach ($activesets as $oFieldset) { $displayClass = $fieldsetDisplayReg->getHandler($oFieldset->getNamespace()); array_push($fieldsets, new $displayClass($oFieldset)); } $activesets = KTFieldset::getForDocumentType($oDocument->getDocumentTypeID()); foreach ($activesets as $oFieldset) { $displayClass = $fieldsetDisplayReg->getHandler($oFieldset->getNamespace()); array_push($fieldsets, new $displayClass($oFieldset)); } } // FIXME handle ad-hoc fieldsets. $this->addPortlets(); $oTemplate = $this->oValidator->validateTemplate('ktcore/document/compare'); $aTemplateData = array('context' => $this, 'document_id' => $document_id, 'document' => $oDocument, 'document_data' => $document_data, 'comparison_data' => $comparison_data, 'comparison_document' => $oComparison, 'fieldsets' => $fieldsets); //var_dump($aTemplateData['comparison_data']); return $oTemplate->render($aTemplateData); }
/** * Add a folder to the archive * * @param unknown_type $zip * @param unknown_type $folderId * @return unknown */ public function addFolder(&$zip, $folderId) { $oFolder = Folder::get($folderId); if (PEAR::isError($oFolder)) { $this->errors[] = _kt('Folder cannot be exported, an error occurred: ') . $oFolder->getMessage(); return $oFolder; } $sFolderDocs = $oFolder->getDocumentIDs($folderId); if (PEAR::isError($sFolderDocs)) { $default->log->error('Download Queue: get document ids for folder caused an error: ' . $sFolderDocs->getMessage()); $sFolderDocs = ''; } // Add folder to zip $zip->addFolderToZip($oFolder); $aDocuments = array(); if (!empty($sFolderDocs)) { $aDocuments = explode(',', $sFolderDocs); } // Get all the folders within the current folder $sWhereClause = "parent_folder_ids like '%,{$folderId}'\n OR parent_folder_ids like '%,{$folderId},%'\n OR parent_folder_ids like '{$folderId},%'\n OR parent_id = {$folderId}"; $aFolderList = $oFolder->getList($sWhereClause); $aLinkingFolders = $this->getLinkingEntities($aFolderList); $aFolderList = array_merge($aFolderList, $aLinkingFolders); $aFolderObjects = array(); $aFolderObjects[$folderId] = $oFolder; // Export the folder structure to ensure the export of empty directories if (!empty($aFolderList)) { foreach ($aFolderList as $k => $oFolderItem) { if ($oFolderItem->isSymbolicLink()) { $oFolderItem = $oFolderItem->getLinkedFolder(); } if (Permission::userHasFolderReadPermission($oFolderItem)) { // Get documents for each folder $sFolderItemId = $oFolderItem->getID(); $sFolderItemDocs = $oFolderItem->getDocumentIDs($sFolderItemId); if (!empty($sFolderItemDocs)) { $aFolderDocs = explode(',', $sFolderItemDocs); $aDocuments = array_merge($aDocuments, $aFolderDocs); } $zip->addFolderToZip($oFolderItem); $aFolderObjects[$oFolderItem->getId()] = $oFolderItem; } } } // Add all documents to the export if (!empty($aDocuments)) { foreach ($aDocuments as $sDocumentId) { $oDocument = Document::get($sDocumentId); if ($oDocument->isSymbolicLink()) { $oDocument->switchToLinkedCore(); } if (Permission::userHasDocumentReadPermission($oDocument)) { if (!KTWorkflowUtil::actionEnabledForDocument($oDocument, 'ktcore.actions.document.view')) { $this->errors[] = $oDocument->getName() . ': ' . _kt('Document cannot be exported as it is restricted by the workflow.'); continue; } $sDocFolderId = $oDocument->getFolderID(); $oFolder = isset($aFolderObjects[$sDocFolderId]) ? $aFolderObjects[$sDocFolderId] : Folder::get($sDocFolderId); if ($this->bNoisy) { $oDocumentTransaction = new DocumentTransaction($oDocument, "Document part of bulk export", 'ktstandard.transactions.bulk_export', array()); $oDocumentTransaction->create(); } // fire subscription alerts for the downloaded document if ($this->bNotifications) { $oSubscriptionEvent = new SubscriptionEvent(); $oSubscriptionEvent->DownloadDocument($oDocument, $oFolder); } $zip->addDocumentToZip($oDocument, $oFolder); } } } }
function validateDocumentPermissions($iUserId, $iDocumentId) { // check if user id is in session. If not, set it if (!isset($_SESSION["userID"])) { $_SESSION['userID'] = $iUserId; } // get document object $oDocument =& Document::get($iDocumentId); if (PEAR::isError($oDocument)) { return false; } // check permissions for document if (Permission::userHasDocumentReadPermission($oDocument)) { return true; } else { return false; } }
function perform_action($oEntity) { if (is_a($oEntity, 'Document')) { $oDocument = $oEntity; if ($oDocument->isSymbolicLink()) { $oDocument->switchToLinkedCore(); } if ($this->bNoisy) { $oDocumentTransaction = new DocumentTransaction($oDocument, "Document part of bulk export", 'ktstandard.transactions.bulk_export', array()); $oDocumentTransaction->create(); } // fire subscription alerts for the downloaded document - if global config is set if ($this->bNotifications) { $oSubscriptionEvent = new SubscriptionEvent(); $oFolder = Folder::get($oDocument->getFolderID()); $oSubscriptionEvent->DownloadDocument($oDocument, $oFolder); } $this->oZip->addDocumentToZip($oDocument); } else { if (is_a($oEntity, 'Folder')) { $aDocuments = array(); $oFolder = $oEntity; if ($oFolder->isSymbolicLink()) { $oFolder = $oFolder->getLinkedFolder(); } $sFolderId = $oFolder->getId(); $sFolderDocs = $oFolder->getDocumentIDs($sFolderId); // Add folder to zip $this->oZip->addFolderToZip($oFolder); if (!empty($sFolderDocs)) { $aDocuments = explode(',', $sFolderDocs); } // Get all the folders within the current folder $sWhereClause = "parent_folder_ids = '{$sFolderId}' OR\n parent_folder_ids LIKE '{$sFolderId},%' OR\n parent_folder_ids LIKE '%,{$sFolderId},%' OR\n parent_folder_ids LIKE '%,{$sFolderId}'"; $aFolderList = $this->oFolder->getList($sWhereClause); $aLinkingFolders = $this->getLinkingEntities($aFolderList); $aFolderList = array_merge($aFolderList, $aLinkingFolders); $aFolderObjects = array(); $aFolderObjects[$sFolderId] = $oFolder; // Export the folder structure to ensure the export of empty directories if (!empty($aFolderList)) { foreach ($aFolderList as $k => $oFolderItem) { if ($oFolderItem->isSymbolicLink()) { $oFolderItem = $oFolderItem->getLinkedFolder(); } if (Permission::userHasFolderReadPermission($oFolderItem)) { // Get documents for each folder $sFolderItemId = $oFolderItem->getID(); $sFolderItemDocs = $oFolderItem->getDocumentIDs($sFolderItemId); if (!empty($sFolderItemDocs)) { $aFolderDocs = explode(',', $sFolderItemDocs); $aDocuments = array_merge($aDocuments, $aFolderDocs); } $this->oZip->addFolderToZip($oFolderItem); $aFolderObjects[$oFolderItem->getId()] = $oFolderItem; } } } // Add all documents to the export if (!empty($aDocuments)) { foreach ($aDocuments as $sDocumentId) { $oDocument = Document::get($sDocumentId); if ($oDocument->isSymbolicLink()) { $oDocument->switchToLinkedCore(); } if (Permission::userHasDocumentReadPermission($oDocument)) { if (!KTWorkflowUtil::actionEnabledForDocument($oDocument, 'ktcore.actions.document.view')) { $this->addErrorMessage($oDocument->getName() . ': ' . _kt('Document cannot be exported as it is restricted by the workflow.')); continue; } $sDocFolderId = $oDocument->getFolderID(); $oFolder = isset($aFolderObjects[$sDocFolderId]) ? $aFolderObjects[$sDocFolderId] : Folder::get($sDocFolderId); if ($this->bNoisy) { $oDocumentTransaction = new DocumentTransaction($oDocument, "Document part of bulk export", 'ktstandard.transactions.bulk_export', array()); $oDocumentTransaction->create(); } // fire subscription alerts for the downloaded document if ($this->bNotifications) { $oSubscriptionEvent = new SubscriptionEvent(); $oSubscriptionEvent->DownloadDocument($oDocument, $oFolder); } $this->oZip->addDocumentToZip($oDocument, $oFolder); } } } } } return true; }
exit; } // Get the document $documentId = $_GET['documentId']; $oDocument = Document::get($documentId); if (PEAR::isError($oDocument)) { exit; } // Check the document is available and the user has permission to view it if ($oDocument->getStatusID() == ARCHIVED) { exit; } else { if ($oDocument->getStatusID() == DELETED) { exit; } else { if (!Permission::userHasDocumentReadPermission($oDocument)) { exit; } } } // Get and render the thumbnail // Check for the thumbnail $varDir = $default->varDirectory; $thumbnailCheck = $varDir . '/thumbnails/' . $documentId . '.jpg'; if (!file_exists($thumbnailCheck)) { exit; } // Use correct slashes for windows if (strpos(PHP_OS, 'WIN') !== false) { $thumbnailCheck = str_replace('/', '\\', $thumbnailCheck); }