function do_trytype() { $oForm = $this->form_changetype(); $res = $oForm->validate(); $data = $res['results']; $errors = $res['errors']; if (!empty($errors)) { $oForm->handleError(); } $document_type = $data['type']; $doctypeid = $document_type->getId(); // Get the current document type, fieldsets and metadata $iOldDocTypeID = $this->oDocument->getDocumentTypeID(); $fieldsets = KTMetadataUtil::fieldsetsForDocument($this->oDocument, $iOldDocTypeID); $mdlist = DocumentFieldLink::getByDocument($this->oDocument); $field_values = array(); foreach ($mdlist as $oFieldLink) { $field_values[$oFieldLink->getDocumentFieldID()] = $oFieldLink->getValue(); } DBUtil::startTransaction(); // Update the document with the new document type id $this->oDocument->startNewMetadataVersion($this->oUser); $this->oDocument->setDocumentTypeId($doctypeid); $res = $this->oDocument->update(); if (PEAR::isError($res)) { DBUtil::rollback(); return $res; } // Ensure all values for fieldsets common to both document types are retained $fs_ids = array(); $doctype_fieldsets = KTFieldSet::getForDocumentType($doctypeid); foreach ($doctype_fieldsets as $fieldset) { $fs_ids[] = $fieldset->getId(); } $MDPack = array(); foreach ($fieldsets as $oFieldset) { if ($oFieldset->getIsGeneric() || in_array($oFieldset->getId(), $fs_ids)) { $fields = $oFieldset->getFields(); foreach ($fields as $oField) { $val = isset($field_values[$oField->getId()]) ? $field_values[$oField->getId()] : ''; if (!empty($val)) { $MDPack[] = array($oField, $val); } } } } $core_res = KTDocumentUtil::saveMetadata($this->oDocument, $MDPack, array('novalidate' => true)); if (PEAR::isError($core_res)) { DBUtil::rollback(); return $core_res; } DBUtil::commit(); $oKTTriggerRegistry = KTTriggerRegistry::getSingleton(); $aTriggers = $oKTTriggerRegistry->getTriggers('edit', 'postValidate'); foreach ($aTriggers as $aTrigger) { $sTrigger = $aTrigger[0]; $oTrigger = new $sTrigger(); $aInfo = array("document" => $this->oDocument, "aOptions" => $MDPack); $oTrigger->setInfo($aInfo); $ret = $oTrigger->postValidate(); } // Check if there are any dynamic conditions / permissions that need to be updated on the document // If there are dynamic conditions then update the permissions on the document // The dynamic condition test fails unless the changes exists in the DB therefore update permissions after committing the transaction. $iPermissionObjectId = $this->oDocument->getPermissionObjectID(); $dynamicCondition = KTPermissionDynamicCondition::getByPermissionObjectId($iPermissionObjectId); if (!PEAR::isError($dynamicCondition) && !empty($dynamicCondition)) { $res = KTPermissionUtil::updatePermissionLookup($this->oDocument); } $this->successRedirectToMain(sprintf(_kt("You have selected a new document type: %s. "), $data['type']->getName())); }
/** * Copy the object's parents permission object details, in * preparation for the object to have different permissions from its * parent. */ function copyPermissionObject(&$oDocumentOrFolder) { global $default; $oOrigPO = KTPermissionObject::get($oDocumentOrFolder->getPermissionObjectID()); $aOrigPAs =& KTPermissionAssignment::getByObjectMulti($oOrigPO); $oNewPO = KTPermissionObject::createFromArray(array()); foreach ($aOrigPAs as $oOrigPA) { $oNewPA = KTPermissionAssignment::createFromArray(array('permissionid' => $oOrigPA->getPermissionID(), 'permissionobjectid' => $oNewPO->getID(), 'permissiondescriptorid' => $oOrigPA->getPermissionDescriptorID())); } $oDocumentOrFolder->setPermissionObjectID($oNewPO->getID()); $oDocumentOrFolder->update(); // copy any dynamic conditions $aDPO = KTPermissionDynamicCondition::getByPermissionObject($oOrigPO); foreach ($aDPO as $oOrigDC) { $oNewDC = KTPermissionDynamicCondition::createFromArray(array('permissionobjectid' => $oNewPO->getId(), 'groupid' => $oOrigDC->getGroupId(), 'conditionid' => $oOrigDC->getConditionId())); $oNewDC->saveAssignment($oOrigDC->getAssignment()); } if (!is_a($oDocumentOrFolder, 'Folder')) { KTPermissionUtil::updatePermissionLookup($oDocumentOrFolder); return; } // For a folder - update permission object for all folders and // documents under this current folder if they're using the old // permission object id. If they are, then they're getting the // permission object via this folder. If they are not, then // they have their own permission object management, and thus // this folder has no effect on their permissions. $iFolderID = $oDocumentOrFolder->getID(); $sFolderIDs = Folder::generateFolderIDs($iFolderID); $sFolderIDs .= '%'; $sQuery = "UPDATE {$default->folders_table} SET\n permission_object_id = ? WHERE permission_object_id = ? AND\n parent_folder_ids LIKE ?"; $aParams = array($oNewPO->getID(), $oOrigPO->getID(), $sFolderIDs); DBUtil::runQuery(array($sQuery, $aParams)); Folder::clearAllCaches(); $sQuery = "UPDATE {$default->documents_table} SET\n permission_object_id = ? WHERE permission_object_id = ? AND\n (parent_folder_ids LIKE ? OR folder_id = ?)"; $aParams[] = $iFolderID; DBUtil::runQuery(array($sQuery, $aParams)); Document::clearAllCaches(); // All objects using this PO must be new and must need their // lookups updated... KTPermissionUtil::updatePermissionLookupForPO($oNewPO); }
function do_newDynamicPermission() { $aOptions = array('redirect_to' => array('main', 'fFolderId=' . $this->oFolder->getId())); if (!KTBrowseUtil::inAdminMode($this->oUser, $this->oFolder)) { $this->oValidator->userHasPermissionOnItem($this->oUser, $this->_sEditShowPermission, $this->oFolder, $aOptions); } $aOptions = array('redirect_to' => array('edit', 'fFolderId=' . $this->oFolder->getId())); $oGroup =& $this->oValidator->validateGroup($_REQUEST['fGroupId'], $aOptions); $oCondition =& $this->oValidator->validateCondition($_REQUEST['fConditionId'], $aOptions); $aPermissionIds = (array) $_REQUEST['fPermissionIds']; if (empty($aPermissionIds)) { $this->errorRedirectTo('edit', _kt('Please select one or more permissions.'), sprintf('fFolderId=%d', $this->oFolder->getId())); } $oPO = KTPermissionObject::get($this->oFolder->getPermissionObjectId()); $oTransaction = KTFolderTransaction::createFromArray(array('folderid' => $this->oFolder->getId(), 'comment' => _kt('Added dynamic permissions'), 'transactionNS' => 'ktcore.transactions.permissions_change', 'userid' => $_SESSION['userID'], 'ip' => Session::getClientIP())); $aOptions = array('defaultmessage' => _kt('Error updating permissions'), 'redirect_to' => array('edit', sprintf('fFolderId=%d', $this->oFolder->getId()))); $this->oValidator->notErrorFalse($oTransaction, $aOptions); $oDynamicCondition = KTPermissionDynamicCondition::createFromArray(array('groupid' => $oGroup->getId(), 'conditionid' => $oCondition->getId(), 'permissionobjectid' => $oPO->getId())); $this->oValidator->notError($oDynamicCondition, $aOptions); $res = $oDynamicCondition->saveAssignment($aPermissionIds); $this->oValidator->notError($res, $aOptions); KTPermissionUtil::updatePermissionLookupForPO($oPO); $this->successRedirectTo('edit', _kt('Dynamic permission added'), 'fFolderId=' . $this->oFolder->getId()); }
function &_in_add($oFolder, $sFilename, $oUser, $aOptions) { $aOrigOptions = $aOptions; $sFilename = KTDocumentUtil::getUniqueFilename($oFolder, $sFilename); $sName = KTUtil::arrayGet($aOptions, 'description', $sFilename); $sName = KTDocumentUtil::getUniqueDocumentName($oFolder, $sName); $aOptions['description'] = $sName; $oUploadChannel =& KTUploadChannel::getSingleton(); $oUploadChannel->sendMessage(new KTUploadNewFile($sFilename)); DBUtil::startTransaction(); $oDocument =& KTDocumentUtil::_add($oFolder, $sFilename, $oUser, $aOptions); $oUploadChannel->sendMessage(new KTUploadGenericMessage(_kt('Document created'))); if (PEAR::isError($oDocument)) { return $oDocument; } $oUploadChannel->sendMessage(new KTUploadGenericMessage(_kt('Scanning file'))); $oKTTriggerRegistry = KTTriggerRegistry::getSingleton(); $aTriggers = $oKTTriggerRegistry->getTriggers('content', 'scan'); $iTrigger = 0; foreach ($aTriggers as $aTrigger) { $sTrigger = $aTrigger[0]; $oTrigger = new $sTrigger(); $oTrigger->setDocument($oDocument); // $oUploadChannel->sendMessage(new KTUploadGenericMessage(sprintf(_kt(" (trigger %s)"), $sTrigger))); $ret = $oTrigger->scan(); if (PEAR::isError($ret)) { $oDocument->delete(); return $ret; } } // refresh the document object DBUtil::commit(); $oDocument->clearAllCaches(); // NEW SEARCH Indexer::index($oDocument); $oUploadChannel->sendMessage(new KTUploadGenericMessage(_kt('Creating transaction'))); $aOptions = array('user' => $oUser); //create the document transaction record $oDocumentTransaction = new DocumentTransaction($oDocument, _kt('Document created'), 'ktcore.transactions.create', $aOptions); $res = $oDocumentTransaction->create(); if (PEAR::isError($res)) { $oDocument->delete(); return $res; } $oUploadChannel->sendMessage(new KTUploadGenericMessage(_kt('Sending subscriptions'))); // fire subscription alerts for the checked in document $oSubscriptionEvent = new SubscriptionEvent(); $oFolder = Folder::get($oDocument->getFolderID()); $oSubscriptionEvent->AddDocument($oDocument, $oFolder); $oKTTriggerRegistry = KTTriggerRegistry::getSingleton(); $aTriggers = $oKTTriggerRegistry->getTriggers('add', 'postValidate'); foreach ($aTriggers as $aTrigger) { $sTrigger = $aTrigger[0]; $oTrigger = new $sTrigger(); $aInfo = array('document' => $oDocument, 'aOptions' => $aOrigOptions); $oTrigger->setInfo($aInfo); $ret = $oTrigger->postValidate(); } // update document object with additional fields / data from the triggers $oDocument = Document::get($oDocument->iId); $oUploadChannel->sendMessage(new KTUploadGenericMessage(_kt('Checking permissions...'))); // Check if there are any dynamic conditions / permissions that need to be updated on the document // If there are dynamic conditions then update the permissions on the document // The dynamic condition test fails unless the document exists in the DB therefore update permissions after committing the transaction. include_once KT_LIB_DIR . '/permissions/permissiondynamiccondition.inc.php'; $iPermissionObjectId = $oFolder->getPermissionObjectID(); $dynamicCondition = KTPermissionDynamicCondition::getByPermissionObjectId($iPermissionObjectId); if (!PEAR::isError($dynamicCondition) && !empty($dynamicCondition)) { $res = KTPermissionUtil::updatePermissionLookup($oDocument); } $oUploadChannel->sendMessage(new KTUploadGenericMessage(_kt('All done...'))); return $oDocument; }
function do_resolved_users() { $this->oPage->setBreadcrumbDetails(_kt("Permissions")); $oTemplate = $this->oValidator->validateTemplate("ktcore/document/resolved_permissions_user"); $oPL = KTPermissionLookup::get($this->oDocument->getPermissionLookupID()); $aPermissions = KTPermission::getList(); $aMapPermissionGroup = array(); $aMapPermissionRole = array(); $aMapPermissionUser = array(); $aUsers = User::getList(); foreach ($aPermissions as $oPermission) { $oPLA = KTPermissionLookupAssignment::getByPermissionAndLookup($oPermission, $oPL); if (PEAR::isError($oPLA)) { continue; } $oDescriptor = KTPermissionDescriptor::get($oPLA->getPermissionDescriptorID()); $iPermissionID = $oPermission->getID(); $aMapPermissionGroup[$iPermissionID] = array(); foreach ($aUsers as $oUser) { if (KTPermissionUtil::userHasPermissionOnItem($oUser, $oPermission, $this->oDocument)) { $aMapPermissionUser[$iPermissionID][$oUser->getId()] = true; $aActiveUsers[$oUser->getId()] = true; } } } // now we constitute the actual sets. $users = array(); $groups = array(); $roles = array(); // should _always_ be empty, barring a bug in permissions::updatePermissionLookup // this should be quite limited - direct role -> user assignment is typically rare. foreach ($aActiveUsers as $id => $marker) { $oUser = User::get($id); $users[$oUser->getName()] = $oUser; } asort($users); // ascending, per convention. $bEdit = false; $sInherited = ''; $aDynamicControls = array(); $aWorkflowControls = array(); // handle conditions $iPermissionObjectId = $this->oDocument->getPermissionObjectID(); if (!empty($iPermissionObjectId)) { $oPO = KTPermissionObject::get($iPermissionObjectId); $aDynamicConditions = KTPermissionDynamicCondition::getByPermissionObject($oPO); if (!PEAR::isError($aDynamicConditions)) { foreach ($aDynamicConditions as $oDynamicCondition) { $iConditionId = $oDynamicCondition->getConditionId(); if (KTSearchUtil::testConditionOnDocument($iConditionId, $this->oDocument)) { $aPermissionIds = $oDynamicCondition->getAssignment(); foreach ($aPermissionIds as $iPermissionId) { $aDynamicControls[$iPermissionId] = true; } } } } } // indicate that workflow controls a given permission $oState = KTWorkflowUtil::getWorkflowStateForDocument($this->oDocument); if (!(PEAR::isError($oState) || is_null($oState) || $oState == false)) { $aWorkflowStatePermissionAssignments = KTWorkflowStatePermissionAssignment::getByState($oState); foreach ($aWorkflowStatePermissionAssignments as $oAssignment) { $aWorkflowControls[$oAssignment->getPermissionId()] = true; unset($aDynamicControls[$oAssignment->getPermissionId()]); } } $aTemplateData = array("context" => $this, "permissions" => $aPermissions, "groups" => $groups, "users" => $users, "roles" => $roles, "oDocument" => $this->oDocument, "aMapPermissionGroup" => $aMapPermissionGroup, "aMapPermissionRole" => $aMapPermissionRole, "aMapPermissionUser" => $aMapPermissionUser, "edit" => $bEdit, "inherited" => $sInherited, 'workflow_controls' => $aWorkflowControls, 'conditions_control' => $aDynamicControls); return $oTemplate->render($aTemplateData); }
function do_updateSearch() { $id = KTUtil::arrayGet($_REQUEST, 'fSavedSearchId'); $sName = KTUtil::arrayGet($_REQUEST, 'name'); $oSearch = KTSavedSearch::get($id); if (PEAR::isError($oSearch) || $oSearch == false) { $this->errorRedirectToMain('No such dynamic condition'); } $datavars = KTUtil::arrayGet($_REQUEST, 'boolean_search'); if (!is_array($datavars)) { $datavars = unserialize($datavars); } if (empty($datavars)) { $this->errorRedirectToMain(_kt('You need to have at least 1 condition.')); } //$sName = "Neil's saved search"; if (!empty($sName)) { $oSearch->setName($sName); } $oSearch->setSearch($datavars); $res = $oSearch->update(); $this->oValidator->notError($res, array('redirect_to' => 'main', 'message' => _kt('Search not saved'))); // Update permission object if exists $sWhere = 'condition_id = ?'; $aParams = array($id); $aPermissionObjects = KTPermissionDynamicCondition::getPermissionObjectIdList($sWhere, $aParams); if (!PEAR::isError($aPermissionObjects) && !empty($aPermissionObjects)) { // update permission objects foreach ($aPermissionObjects as $iPermObjectId) { $oPO = KTPermissionObject::get($iPermObjectId['permission_object_id']); KTPermissionUtil::updatePermissionLookupForPO($oPO); } } $this->successRedirectToMain(_kt('Dynamic condition saved')); }