diff --git a/modules/notes/notes.php b/modules/notes/notes.php
index 9e358220143c16d0128867fac44b97a89b0ea867..4724a28958dc640a7def74f20d7b5227a6713d25 100755
--- a/modules/notes/notes.php
+++ b/modules/notes/notes.php
@@ -48,7 +48,8 @@ if (isset($_REQUEST['origin']) && !empty($_REQUEST['origin'])) {
}
if (empty($origin) || $origin != 'folder') {
- $right = \Resource\controllers\ResController::hasRightByResId(['resId' => [$identifier], 'userId' => $_SESSION['user']['UserId']]);
+ $user = \User\models\UserModel::getByLogin(['login' => $_SESSION['user']['UserId'], 'select' => ['id']]);
+ $right = \Resource\controllers\ResController::hasRightByResId(['resId' => [$identifier], 'userId' => $user['id']]);
if (!$right) {
exit(_NO_RIGHT_TXT);
}
diff --git a/modules/sendmail/mail_form.php b/modules/sendmail/mail_form.php
index 697660bc30f3652720b4f6dee701e2d4c7cab9c9..cb13c03035552c09dcbffda93ffde804ccf4ca49 100755
--- a/modules/sendmail/mail_form.php
+++ b/modules/sendmail/mail_form.php
@@ -605,7 +605,8 @@ if ($mode == 'add') {
} elseif ($mode == 'up' || $mode == 'transfer') {
if (isset($_REQUEST['id']) && !empty($_REQUEST['id'])) {
$id = $_REQUEST['id'];
- $emailArray = \Email\controllers\EmailController::getById(['id' => $id]);
+ $user = \User\models\UserModel::getByLogin(['login' => $_SESSION['user']['UserId'], 'select' => ['id']]);
+ $emailArray = \Email\controllers\EmailController::getById(['id' => $id, 'userId' => $user['id']]);
//Check if mail exists
if (count($emailArray) > 0) {
@@ -1014,7 +1015,8 @@ if ($mode == 'add') {
if ($formContent == 'messageExchange') {
$emailArray = ReadMessageExchangeController::getMessageExchange(['id' => $id]);
} else {
- $emailArray = \Email\controllers\EmailController::getById(['id' => $id]);
+ $user = \User\models\UserModel::getByLogin(['login' => $_SESSION['user']['UserId'], 'select' => ['id']]);
+ $emailArray = \Email\controllers\EmailController::getById(['id' => $id, 'userId' => $user['id']]);
}
//Check if mail exists
diff --git a/modules/visa/visa_workflow.php b/modules/visa/visa_workflow.php
index 1d9b1e40785edb80066d4c1a97a07f1ecdb5707b..13003cc724365210a9faa077384e53f90c596963 100755
--- a/modules/visa/visa_workflow.php
+++ b/modules/visa/visa_workflow.php
@@ -17,7 +17,7 @@ $confirm = true;
$warnMsg = '';
$error_visa_workflow_signature_book = false;
-$isMailingAttach = \Attachment\controllers\AttachmentController::isMailingAttach(["resIdMaster" => $_SESSION['doc_id'], "userId" => $_SESSION['user']['UserId']]);
+$isMailingAttach = \Attachment\controllers\AttachmentController::isMailingAttach(["resIdMaster" => $_SESSION['doc_id'], "login" => $_SESSION['user']['UserId']]);
if ($visa->isAllAttachementSigned($_SESSION['doc_id']) == 'noAttachment') {
$error_visa_workflow_signature_book = true;
diff --git a/src/app/acknowledgementReceipt/controllers/AcknowledgementReceiptController.php b/src/app/acknowledgementReceipt/controllers/AcknowledgementReceiptController.php
index cbe6db7821ed74dc362bb9afcfcdb3ea43276835..d9432edaf67ebaaa1ed601756070b7fb947ba66f 100644
--- a/src/app/acknowledgementReceipt/controllers/AcknowledgementReceiptController.php
+++ b/src/app/acknowledgementReceipt/controllers/AcknowledgementReceiptController.php
@@ -50,7 +50,7 @@ class AcknowledgementReceiptController
$resourcesInBasket[] = $acknowledgement['res_id'];
}
- if (!ResController::hasRightByResId(['resId' => $resourcesInBasket, 'userId' => $GLOBALS['userId']])) {
+ if (!ResController::hasRightByResId(['resId' => $resourcesInBasket, 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Documents out of perimeter']);
}
@@ -95,7 +95,7 @@ class AcknowledgementReceiptController
public function getAcknowledgementReceipt(Request $request, Response $response, array $aArgs)
{
- if (!Validator::intVal()->validate($aArgs['resId']) || !ResController::hasRightByResId(['resId' => [$aArgs['resId']], 'userId' => $GLOBALS['userId']])) {
+ if (!Validator::intVal()->validate($aArgs['resId']) || !ResController::hasRightByResId(['resId' => [$aArgs['resId']], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
diff --git a/src/app/action/controllers/PreProcessActionController.php b/src/app/action/controllers/PreProcessActionController.php
index 7ff4bd6fa09f7d4ce70c7ea16670638ae8ad23fc..dc959ea37e9c301ae09f42e68a45ff64b2eb9c91 100755
--- a/src/app/action/controllers/PreProcessActionController.php
+++ b/src/app/action/controllers/PreProcessActionController.php
@@ -215,7 +215,7 @@ class PreProcessActionController
continue;
}
- if (!ResController::hasRightByResId(['resId' => [$resId], 'userId' => $GLOBALS['userId']])) {
+ if (!ResController::hasRightByResId(['resId' => [$resId], 'userId' => $GLOBALS['id']])) {
$noSendAR['number'] += 1;
$noSendAR['list'][] = ['resId' => $resId, 'alt_identifier' => $ext['alt_identifier'], 'info' => _DOCUMENT_OUT_PERIMETER ];
continue;
@@ -376,7 +376,7 @@ class PreProcessActionController
$data = $request->getParsedBody();
$data['resources'] = array_slice($data['resources'], 0, 500);
- if (!ResController::hasRightByResId(['resId' => $data['resources'], 'userId' => $GLOBALS['userId']])) {
+ if (!ResController::hasRightByResId(['resId' => $data['resources'], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
@@ -565,7 +565,7 @@ class PreProcessActionController
$data = $request->getParsedBody();
$data['resources'] = array_slice($data['resources'], 0, 500);
- if (!ResController::hasRightByResId(['resId' => $data['resources'], 'userId' => $GLOBALS['userId']])) {
+ if (!ResController::hasRightByResId(['resId' => $data['resources'], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
@@ -660,7 +660,7 @@ class PreProcessActionController
}
$data['resources'] = array_slice($data['resources'], 0, 500);
- if (!ResController::hasRightByResId(['resId' => $data['resources'], 'userId' => $GLOBALS['userId']])) {
+ if (!ResController::hasRightByResId(['resId' => $data['resources'], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
@@ -815,7 +815,7 @@ class PreProcessActionController
public function isDestinationChanging(Request $request, Response $response, array $args)
{
- if (!ResController::hasRightByResId(['resId' => [$args['resId']], 'userId' => $GLOBALS['userId']])) {
+ if (!ResController::hasRightByResId(['resId' => [$args['resId']], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
diff --git a/src/app/attachment/controllers/AttachmentController.php b/src/app/attachment/controllers/AttachmentController.php
index 1bb65179cc158c9a0e397d143fc68eb8037e3376..7fabe2478f9b217633cb82cb90537cbc3e59104d 100755
--- a/src/app/attachment/controllers/AttachmentController.php
+++ b/src/app/attachment/controllers/AttachmentController.php
@@ -59,7 +59,7 @@ class AttachmentController
foreach ($mandatoryColumns as $columnKey => $column) {
if ($column == $value['column'] && !empty($value['value'])) {
if ($column == 'res_id_master') {
- if (!ResController::hasRightByResId(['resId' => [$value['value']], 'userId' => $GLOBALS['userId']])) {
+ if (!ResController::hasRightByResId(['resId' => [$value['value']], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'ResId master out of perimeter']);
}
$resId = $value['value'];
@@ -128,7 +128,7 @@ class AttachmentController
public function getByResId(Request $request, Response $response, array $aArgs)
{
- if (!Validator::intVal()->validate($aArgs['resId']) || !ResController::hasRightByResId(['resId' => [$aArgs['resId']], 'userId' => $GLOBALS['userId']])) {
+ if (!Validator::intVal()->validate($aArgs['resId']) || !ResController::hasRightByResId(['resId' => [$aArgs['resId']], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
@@ -188,7 +188,7 @@ class AttachmentController
return $response->withStatus(400)->withJson(['errors' => 'Attachment not found']);
}
- if (!ResController::hasRightByResId(['resId' => [$attachment['res_id_master']], 'userId' => $GLOBALS['userId']])) {
+ if (!ResController::hasRightByResId(['resId' => [$attachment['res_id_master']], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
@@ -208,7 +208,7 @@ class AttachmentController
return $response->withStatus(400)->withJson(['errors' => 'Attachment not found']);
}
- if (!ResController::hasRightByResId(['resId' => [$attachment['res_id_master']], 'userId' => $GLOBALS['userId']])) {
+ if (!ResController::hasRightByResId(['resId' => [$attachment['res_id_master']], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
@@ -219,7 +219,7 @@ class AttachmentController
public function getThumbnailContent(Request $request, Response $response, array $aArgs)
{
- if (!Validator::intVal()->validate($aArgs['resId']) || !Validator::intVal()->validate($aArgs['resIdMaster']) || !ResController::hasRightByResId(['resId' => [$aArgs['resIdMaster']], 'userId' => $GLOBALS['userId']])) {
+ if (!Validator::intVal()->validate($aArgs['resId']) || !Validator::intVal()->validate($aArgs['resIdMaster']) || !ResController::hasRightByResId(['resId' => [$aArgs['resIdMaster']], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
@@ -288,7 +288,7 @@ class AttachmentController
public function getFileContent(Request $request, Response $response, array $aArgs)
{
- if (!Validator::intVal()->validate($aArgs['resIdMaster']) || !ResController::hasRightByResId(['resId' => [$aArgs['resIdMaster']], 'userId' => $GLOBALS['userId']])) {
+ if (!Validator::intVal()->validate($aArgs['resIdMaster']) || !ResController::hasRightByResId(['resId' => [$aArgs['resIdMaster']], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
@@ -426,7 +426,7 @@ class AttachmentController
public function getOriginalFileContent(Request $request, Response $response, array $args)
{
- if (!Validator::intVal()->validate($args['resId']) || !ResController::hasRightByResId(['resId' => [$args['resId']], 'userId' => $GLOBALS['userId']])) {
+ if (!Validator::intVal()->validate($args['resId']) || !ResController::hasRightByResId(['resId' => [$args['resId']], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
@@ -688,7 +688,9 @@ class AttachmentController
public static function isMailingAttach(array $aArgs)
{
- if (!Validator::intVal()->validate($aArgs['resIdMaster']) || !ResController::hasRightByResId(['resId' => [$aArgs['resIdMaster']], 'userId' => $aArgs['userId']])) {
+ $user = UserModel::getByLogin(['login' => $aArgs['login'], 'select' => ['id']]);
+
+ if (!Validator::intVal()->validate($aArgs['resIdMaster']) || !ResController::hasRightByResId(['resId' => [$aArgs['resIdMaster']], 'userId' => $user['id']])) {
return ['errors' => 'Document out of perimeter'];
}
diff --git a/src/app/attachment/controllers/ReconciliationController.php b/src/app/attachment/controllers/ReconciliationController.php
index 31314bb9a3eca651e977c2db661e7930ef626926..90d871c3bdf64220e0f83a871e949cda5ccb2eed 100755
--- a/src/app/attachment/controllers/ReconciliationController.php
+++ b/src/app/attachment/controllers/ReconciliationController.php
@@ -53,7 +53,7 @@ class ReconciliationController
'orderBy' => ['res_id DESC']
])[0];
- if (!Validator::intVal()->validate($info['res_id_master']) || !ResController::hasRightByResId(['resId' => [$info['res_id_master']], 'userId' => $GLOBALS['userId']])) {
+ if (!Validator::intVal()->validate($info['res_id_master']) || !ResController::hasRightByResId(['resId' => [$info['res_id_master']], 'userId' => $GLOBALS['id']])) {
return ['errors' => 'Document out of perimeter'];
}
@@ -181,7 +181,7 @@ class ReconciliationController
'orderBy' => ['res_id DESC']
])[0];
- if (!Validator::intVal()->validate($attachment['res_id_master']) || !ResController::hasRightByResId(['resId' => [$attachment['res_id_master']], 'userId' => $GLOBALS['userId']])) {
+ if (!Validator::intVal()->validate($attachment['res_id_master']) || !ResController::hasRightByResId(['resId' => [$attachment['res_id_master']], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
diff --git a/src/app/email/controllers/EmailController.php b/src/app/email/controllers/EmailController.php
index 567d55a21f8d4247dac6c7b937cfdc9c68461f5b..bd08bd4464df8096010e73c11de1e0b69307a4ca 100644
--- a/src/app/email/controllers/EmailController.php
+++ b/src/app/email/controllers/EmailController.php
@@ -67,9 +67,7 @@ class EmailController
ValidatorModel::intVal($args, ['userId']);
ValidatorModel::arrayType($args, ['data', 'options']);
- $user = UserModel::getById(['id' => $args['userId'], 'select' => ['user_id']]);
-
- $check = EmailController::controlCreateEmail(['login' => $user['user_id'], 'data' => $args['data']]);
+ $check = EmailController::controlCreateEmail(['userId' => $args['userId'], 'data' => $args['data']]);
if (!empty($check['errors'])) {
return ['errors' => $check['errors'], 'code' => $check['code']];
}
@@ -121,13 +119,13 @@ class EmailController
public static function getById(array $args)
{
- ValidatorModel::notEmpty($args, ['id']);
- ValidatorModel::intVal($args, ['id']);
+ ValidatorModel::notEmpty($args, ['id', 'userId']);
+ ValidatorModel::intVal($args, ['id', 'userId']);
- $emailArray = EmailModel::getById(['id' => $args['id']]);
- $document = (array)json_decode($emailArray['document']);
+ $emailArray = EmailModel::getById(['id' => $args['id']]);
+ $document = (array)json_decode($emailArray['document']);
- if (!ResController::hasRightByResId(['resId' => [$document['id']], 'userId' => $GLOBALS['userId']])) {
+ if (!ResController::hasRightByResId(['resId' => [$document['id']], 'userId' => $args['userId']])) {
return ['errors' => 'Document out of perimeter', 'code' => 403];
}
@@ -182,9 +180,7 @@ class EmailController
ValidatorModel::intVal($args, ['userId', 'emailId']);
ValidatorModel::arrayType($args, ['data', 'options']);
- $user = UserModel::getById(['id' => $args['userId'], 'select' => ['user_id']]);
-
- $check = EmailController::controlCreateEmail(['login' => $user['user_id'], 'data' => $args['data']]);
+ $check = EmailController::controlCreateEmail(['userId' => $args['userId'], 'data' => $args['data']]);
if (!empty($check['errors'])) {
return ['errors' => $check['errors'], 'code' => $check['code']];
}
@@ -413,8 +409,8 @@ class EmailController
private static function controlCreateEmail(array $args)
{
- ValidatorModel::notEmpty($args, ['login']);
- ValidatorModel::stringType($args, ['login']);
+ ValidatorModel::notEmpty($args, ['userId']);
+ ValidatorModel::intVal($args, ['userId']);
ValidatorModel::arrayType($args, ['data']);
if (!Validator::arrayType()->notEmpty()->validate($args['data']['sender']) || !Validator::stringType()->notEmpty()->validate($args['data']['sender']['email'])) {
@@ -427,6 +423,8 @@ class EmailController
return ['errors' => 'Data status is not a string or empty', 'code' => 400];
}
+ $user = UserModel::getById(['id' => $args['userId'], 'select' => ['user_id']]);
+
if (!empty($args['data']['document'] && !empty($args['data']['document']['id']))) {
$check = Validator::intVal()->notEmpty()->validate($args['data']['document']['id']);
$check = $check && Validator::boolType()->validate($args['data']['document']['isLinked']);
@@ -434,7 +432,7 @@ class EmailController
if (!$check) {
return ['errors' => 'Data document errors', 'code' => 400];
}
- if (!ResController::hasRightByResId(['resId' => [$args['data']['document']['id']], 'userId' => $args['login']])) {
+ if (!ResController::hasRightByResId(['resId' => [$args['data']['document']['id']], 'userId' => $args['userId']])) {
return ['errors' => 'Document out of perimeter', 'code' => 403];
}
if (!empty($args['data']['document']['attachments'])) {
@@ -467,7 +465,7 @@ class EmailController
return ['errors' => 'Note out of perimeter', 'code' => 403];
}
- $rawUserEntities = EntityModel::getByLogin(['login' => $args['login'], 'select' => ['entity_id']]);
+ $rawUserEntities = EntityModel::getByLogin(['login' => $user['user_id'], 'select' => ['entity_id']]);
$userEntities = [];
foreach ($rawUserEntities as $rawUserEntity) {
$userEntities[] = $rawUserEntity['entity_id'];
diff --git a/src/app/entity/controllers/ListInstanceController.php b/src/app/entity/controllers/ListInstanceController.php
index 323b6130ec1b5c5261e183976f1756e6e0d8b3a4..e1a19ecce5ad4162e759f8aedade08bf1ec0c062 100755
--- a/src/app/entity/controllers/ListInstanceController.php
+++ b/src/app/entity/controllers/ListInstanceController.php
@@ -39,7 +39,7 @@ class ListInstanceController
public function getByResId(Request $request, Response $response, array $args)
{
- if (!Validator::intVal()->validate($args['resId']) || !ResController::hasRightByResId(['resId' => [$args['resId']], 'userId' => $GLOBALS['userId']])) {
+ if (!Validator::intVal()->validate($args['resId']) || !ResController::hasRightByResId(['resId' => [$args['resId']], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
@@ -59,7 +59,7 @@ class ListInstanceController
public function getVisaCircuitByResId(Request $request, Response $response, array $aArgs)
{
- if (!Validator::intVal()->validate($aArgs['resId']) || !ResController::hasRightByResId(['resId' => [$aArgs['resId']], 'userId' => $GLOBALS['userId']])) {
+ if (!Validator::intVal()->validate($aArgs['resId']) || !ResController::hasRightByResId(['resId' => [$aArgs['resId']], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
$listInstances = ListInstanceModel::getVisaCircuitByResId(['select' => ['listinstance_id', 'sequence', 'item_id', 'item_type', 'firstname as item_firstname', 'lastname as item_lastname', 'entity_label as item_entity', 'viewed', 'process_date', 'process_comment', 'signatory', 'requested_signature'], 'id' => $aArgs['resId']]);
@@ -72,7 +72,7 @@ class ListInstanceController
public function getAvisCircuitByResId(Request $request, Response $response, array $aArgs)
{
- if (!Validator::intVal()->validate($aArgs['resId']) || !ResController::hasRightByResId(['resId' => [$aArgs['resId']], 'userId' => $GLOBALS['userId']])) {
+ if (!Validator::intVal()->validate($aArgs['resId']) || !ResController::hasRightByResId(['resId' => [$aArgs['resId']], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
$listInstances = ListInstanceModel::getAvisCircuitByResId(['select' => ['listinstance_id', 'sequence', 'item_id', 'item_type', 'firstname as item_firstname', 'lastname as item_lastname', 'entity_label as item_entity', 'viewed', 'process_date', 'process_comment'], 'id' => $aArgs['resId']]);
@@ -117,7 +117,7 @@ class ListInstanceController
return ['errors' => 'resId is empty', 'code' => 400];
}
- if (!Validator::intVal()->validate($ListInstanceByRes['resId']) || !ResController::hasRightByResId(['resId' => [$ListInstanceByRes['resId']], 'userId' => $GLOBALS['userId']])) {
+ if (!Validator::intVal()->validate($ListInstanceByRes['resId']) || !ResController::hasRightByResId(['resId' => [$ListInstanceByRes['resId']], 'userId' => $GLOBALS['id']])) {
DatabaseModel::rollbackTransaction();
return ['errors' => 'Document out of perimeter', 'code' => 403];
}
diff --git a/src/app/folder/controllers/FolderController.php b/src/app/folder/controllers/FolderController.php
index ac4ce6f4c2c7ee206b0cedf4c614ec635b630591..bb5d7ccefca5ac1f402cc4b31039cffe0aa922ac 100755
--- a/src/app/folder/controllers/FolderController.php
+++ b/src/app/folder/controllers/FolderController.php
@@ -262,7 +262,7 @@ class FolderController
//TODO Check sub folder rights
- FolderModel::delete(['id' => $aArgs['id']]);
+ FolderModel::delete(['where' => ['id = ?'], 'data' => [$aArgs['id']]]);
EntityFolderModel::deleteByFolderId(['folder_id' => $aArgs['id']]);
//TODO Delete sub folders
diff --git a/src/app/folder/models/FolderModelAbstract.php b/src/app/folder/models/FolderModelAbstract.php
index bcb591a9f97c8bbdd3663b84d972002394e4b417..066b746a933e6aebd720dccde10aa804718d8c30 100755
--- a/src/app/folder/models/FolderModelAbstract.php
+++ b/src/app/folder/models/FolderModelAbstract.php
@@ -45,6 +45,10 @@ class FolderModelAbstract
'data' => [$aArgs['id']]
]);
+ if (empty($folder[0])) {
+ return [];
+ }
+
return $folder[0];
}
@@ -60,12 +64,12 @@ class FolderModelAbstract
DatabaseModel::insert([
'table' => 'folders',
'columnsValues' => [
- 'id' => $nextSequenceId,
- 'label' => $aArgs['label'],
- 'public' => empty($aArgs['public']) ? 'false' : 'true',
- 'user_id' => $aArgs['user_id'],
- 'parent_id' => $aArgs['parent_id'],
- 'level' => $aArgs['level']
+ 'id' => $nextSequenceId,
+ 'label' => $aArgs['label'],
+ 'public' => empty($aArgs['public']) ? 'false' : 'true',
+ 'user_id' => $aArgs['user_id'],
+ 'parent_id' => $aArgs['parent_id'],
+ 'level' => $aArgs['level']
]
]);
@@ -87,17 +91,36 @@ class FolderModelAbstract
return true;
}
- public static function delete(array $aArgs)
+ public static function delete(array $args)
{
- ValidatorModel::notEmpty($aArgs, ['id']);
- ValidatorModel::intVal($aArgs, ['id']);
+ ValidatorModel::notEmpty($args, ['where', 'data']);
+ ValidatorModel::arrayType($args, ['where', 'data']);
DatabaseModel::delete([
'table' => 'folders',
- 'where' => ['id = ?'],
- 'data' => [$aArgs['id']]
+ 'where' => $args['where'],
+ 'data' => $args['data']
]);
return true;
}
+
+ public static function getWithEntitiesAndResources(array $args = [])
+ {
+ ValidatorModel::arrayType($args, ['select', 'where', 'data']);
+
+ $where = ['folders.id = entities_folders.folder_id', 'folders.id = resources_folders.folder_id'];
+ if (!empty($args['where'])) {
+ $where = array_merge($where, $args['where']);
+ }
+
+ $folders = DatabaseModel::select([
+ 'select' => empty($args['select']) ? ['*'] : $args['select'],
+ 'table' => ['folders, entities_folders, resources_folders'],
+ 'where' => $where,
+ 'data' => empty($args['data']) ? [] : $args['data']
+ ]);
+
+ return $folders;
+ }
}
diff --git a/src/app/note/controllers/NoteController.php b/src/app/note/controllers/NoteController.php
index 9a760e8a5e06e2801f225008f5b2bbd46f6fd4c0..ca3f7052a703cdd0aaf1f8da95b59163e8e7c379 100755
--- a/src/app/note/controllers/NoteController.php
+++ b/src/app/note/controllers/NoteController.php
@@ -38,7 +38,7 @@ class NoteController
return $response->withStatus(400)->withJson(['errors' => 'resId is empty or not an integer']);
}
- if (!ResController::hasRightByResId(['resId' => [$aArgs['resId']], 'userId' => $GLOBALS['userId']])) {
+ if (!ResController::hasRightByResId(['resId' => [$aArgs['resId']], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
@@ -65,7 +65,7 @@ class NoteController
return $response->withStatus(400)->withJson(['errors' => 'Data note_text is empty or not a string']);
}
- if (!ResController::hasRightByResId(['resId' => [$aArgs['resId']], 'userId' => $GLOBALS['userId']])) {
+ if (!ResController::hasRightByResId(['resId' => [$aArgs['resId']], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
@@ -140,7 +140,7 @@ class NoteController
$query = $request->getQueryParams();
if (!empty($query['resId']) && is_numeric($query['resId'])) {
- if (!ResController::hasRightByResId(['resId' => [$query['resId']], 'userId' => $GLOBALS['userId']])) {
+ if (!ResController::hasRightByResId(['resId' => [$query['resId']], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
diff --git a/src/app/resource/controllers/ResController.php b/src/app/resource/controllers/ResController.php
index 1571905e7a8841fd6bbacb8d280f803e446cc581..7339d35e9aa1c760304b3691f7d4bd20cb328a01 100755
--- a/src/app/resource/controllers/ResController.php
+++ b/src/app/resource/controllers/ResController.php
@@ -25,6 +25,7 @@ use Docserver\models\DocserverModel;
use Docserver\models\DocserverTypeModel;
use Docserver\models\ResDocserverModel;
use Entity\models\ListInstanceModel;
+use Folder\models\FolderModel;
use Group\controllers\GroupController;
use Group\models\ServiceModel;
use History\controllers\HistoryController;
@@ -219,7 +220,7 @@ class ResController
if (empty($document)) {
return $response->withStatus(400)->withJson(['errors' => _DOCUMENT_NOT_FOUND]);
}
- if (!ResController::hasRightByResId(['resId' => [$document['res_id']], 'userId' => $GLOBALS['userId']])) {
+ if (!ResController::hasRightByResId(['resId' => [$document['res_id']], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
@@ -240,7 +241,7 @@ class ResController
public function getFileContent(Request $request, Response $response, array $aArgs)
{
- if (!Validator::intVal()->validate($aArgs['resId']) || !ResController::hasRightByResId(['resId' => [$aArgs['resId']], 'userId' => $GLOBALS['userId']])) {
+ if (!Validator::intVal()->validate($aArgs['resId']) || !ResController::hasRightByResId(['resId' => [$aArgs['resId']], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
@@ -404,7 +405,7 @@ class ResController
public function getOriginalFileContent(Request $request, Response $response, array $aArgs)
{
- if (!Validator::intVal()->validate($aArgs['resId']) || !ResController::hasRightByResId(['resId' => [$aArgs['resId']], 'userId' => $GLOBALS['userId']])) {
+ if (!Validator::intVal()->validate($aArgs['resId']) || !ResController::hasRightByResId(['resId' => [$aArgs['resId']], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
@@ -483,7 +484,7 @@ class ResController
}
$pathToThumbnail = 'apps/maarch_entreprise/img/noThumbnail.png';
- if (ResController::hasRightByResId(['resId' => [$aArgs['resId']], 'userId' => $GLOBALS['userId']])) {
+ if (ResController::hasRightByResId(['resId' => [$aArgs['resId']], 'userId' => $GLOBALS['id']])) {
$tnlAdr = AdrModel::getTypedDocumentAdrByResId([
'select' => ['docserver_id', 'path', 'filename'],
'resId' => $aArgs['resId'],
@@ -570,7 +571,7 @@ class ResController
if (empty($document)) {
return $response->withStatus(400)->withJson(['errors' => _DOCUMENT_NOT_FOUND]);
}
- if (!ResController::hasRightByResId(['resId' => [$document['res_id']], 'userId' => $GLOBALS['userId']])) {
+ if (!ResController::hasRightByResId(['resId' => [$document['res_id']], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
$externalId = json_decode($document['external_id'], true);
@@ -666,23 +667,25 @@ class ResController
return ['encodedDocument' => $encodedDocument, 'fileName' => $fileName];
}
- public static function hasRightByResId(array $aArgs)
+ public static function hasRightByResId(array $args)
{
- ValidatorModel::notEmpty($aArgs, ['resId', 'userId']);
- ValidatorModel::stringType($aArgs, ['userId']);
- ValidatorModel::arrayType($aArgs, ['resId']);
+ ValidatorModel::notEmpty($args, ['resId', 'userId']);
+ ValidatorModel::intVal($args, ['userId']);
+ ValidatorModel::arrayType($args, ['resId']);
- $aArgs['resId'] = array_unique($aArgs['resId']);
- $nbResId = count($aArgs['resId']);
+ $resources = array_unique($args['resId']);
+ $resourcesNumber = count($resources);
- if ($aArgs['userId'] == 'superadmin') {
+ $user = UserModel::getById(['id' => $args['userId'], 'select' => ['user_id']]);
+
+ if ($user['user_id'] == 'superadmin') {
return true;
}
- $groups = UserModel::getGroupsByLogin(['login' => $aArgs['userId']]);
+ $groups = UserModel::getGroupsByLogin(['login' => $user['user_id']]);
$groupsClause = '';
foreach ($groups as $key => $group) {
if (!empty($group['where_clause'])) {
- $groupClause = PreparedClauseController::getPreparedClause(['clause' => $group['where_clause'], 'login' => $aArgs['userId']]);
+ $groupClause = PreparedClauseController::getPreparedClause(['clause' => $group['where_clause'], 'login' => $user['user_id']]);
if ($key > 0) {
$groupsClause .= ' or ';
}
@@ -691,25 +694,24 @@ class ResController
}
if (!empty($groupsClause)) {
- $res = ResModel::getOnView(['select' => [1], 'where' => ['res_id in (?)', "({$groupsClause})"], 'data' => [$aArgs['resId']]]);
- if (!empty($res) && count($res) == $nbResId) {
+ $res = ResModel::getOnView(['select' => [1], 'where' => ['res_id in (?)', "({$groupsClause})"], 'data' => [$resources]]);
+ if (!empty($res) && count($res) == $resourcesNumber) {
return true;
}
}
- $baskets = BasketModel::getBasketsByLogin(['login' => $aArgs['userId']]);
+ $baskets = BasketModel::getBasketsByLogin(['login' => $user['user_id']]);
$basketsClause = '';
foreach ($baskets as $basket) {
if (!empty($basket['basket_clause'])) {
- $basketClause = PreparedClauseController::getPreparedClause(['clause' => $basket['basket_clause'], 'login' => $aArgs['userId']]);
+ $basketClause = PreparedClauseController::getPreparedClause(['clause' => $basket['basket_clause'], 'login' => $user['user_id']]);
if (!empty($basketsClause)) {
$basketsClause .= ' or ';
}
$basketsClause .= "({$basketClause})";
}
}
- $user = UserModel::getByLogin(['login' => $aArgs['userId'], 'select' => ['id']]);
- $assignedBaskets = RedirectBasketModel::getAssignedBasketsByUserId(['userId' => $user['id']]);
+ $assignedBaskets = RedirectBasketModel::getAssignedBasketsByUserId(['userId' => $args['userId']]);
foreach ($assignedBaskets as $basket) {
if (!empty($basket['basket_clause'])) {
$basketOwner = UserModel::getById(['id' => $basket['owner_user_id'], 'select' => ['user_id']]);
@@ -723,8 +725,8 @@ class ResController
if (!empty($basketsClause)) {
try {
- $res = ResModel::getOnView(['select' => [1], 'where' => ['res_id in (?)', "({$basketsClause})"], 'data' => [$aArgs['resId']]]);
- if (!empty($res) && count($res) == $nbResId) {
+ $res = ResModel::getOnView(['select' => [1], 'where' => ['res_id in (?)', "({$basketsClause})"], 'data' => [$resources]]);
+ if (!empty($res) && count($res) == $resourcesNumber) {
return true;
}
} catch (\Exception $e) {
@@ -732,6 +734,18 @@ class ResController
}
}
+ $entities = UserModel::getEntitiesById(['userId' => $user['user_id']]);
+ $entities = array_column($entities, 'id');
+
+ $foldersWithResources = FolderModel::getWithEntitiesAndResources([
+ 'select' => ['DISTINCT(resources_folders.res_id)'],
+ 'where' => ['resources_folders.res_id in (?)', '(entities_folders.entity_id in (?) OR folders.user_id = ?)'],
+ 'data' => [$resources, $entities, $args['userId']]
+ ]);
+ if (!empty($foldersWithResources) && count($foldersWithResources) == $resourcesNumber) {
+ return true;
+ }
+
return false;
}
@@ -838,7 +852,7 @@ class ResController
public function isAllowedForCurrentUser(Request $request, Response $response, array $aArgs)
{
- if (!Validator::intVal()->validate($aArgs['resId']) || !ResController::hasRightByResId(['resId' => [$aArgs['resId']], 'userId' => $GLOBALS['userId']])) {
+ if (!Validator::intVal()->validate($aArgs['resId']) || !ResController::hasRightByResId(['resId' => [$aArgs['resId']], 'userId' => $GLOBALS['id']])) {
return $response->withJson(['isAllowed' => false]);
}
diff --git a/src/app/signatureBook/controllers/SignatureBookController.php b/src/app/signatureBook/controllers/SignatureBookController.php
index 0f129763b1ea8fce7d7612f7ca29a2c3d112594f..b6db0b5b874a0b5045795746743ce692dde9cdbd 100755
--- a/src/app/signatureBook/controllers/SignatureBookController.php
+++ b/src/app/signatureBook/controllers/SignatureBookController.php
@@ -43,7 +43,7 @@ class SignatureBookController
{
$resId = $aArgs['resId'];
- if (!ResController::hasRightByResId(['resId' => [$resId], 'userId' => $GLOBALS['userId']])) {
+ if (!ResController::hasRightByResId(['resId' => [$resId], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
@@ -142,7 +142,7 @@ class SignatureBookController
public function getIncomingMailAndAttachmentsById(Request $request, Response $response, array $aArgs)
{
- if (!ResController::hasRightByResId(['resId' => [$aArgs['resId']], 'userId' => $GLOBALS['userId']])) {
+ if (!ResController::hasRightByResId(['resId' => [$aArgs['resId']], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
@@ -151,7 +151,7 @@ class SignatureBookController
public function getAttachmentsById(Request $request, Response $response, array $aArgs)
{
- if (!ResController::hasRightByResId(['resId' => [$aArgs['resId']], 'userId' => $GLOBALS['userId']])) {
+ if (!ResController::hasRightByResId(['resId' => [$aArgs['resId']], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
}
diff --git a/src/app/user/controllers/UserController.php b/src/app/user/controllers/UserController.php
index e9efce8233dd02413c835c66eb48e1c253d81ed2..6539f48b433e2b5f011f5dd44c3173936b1d8004 100755
--- a/src/app/user/controllers/UserController.php
+++ b/src/app/user/controllers/UserController.php
@@ -276,7 +276,7 @@ class UserController
$listInstanceResIds = [];
$listInstances = ListInstanceModel::getWhenOpenMailsByLogin(['select' => ['listinstance.res_id', 'res_letterbox.destination'], 'login' => $user['user_id'], 'itemMode' => 'dest']);
foreach ($listInstances as $listInstance) {
- if (!ResController::hasRightByResId(['resId' => [$listInstance['res_id']], 'userId' => $GLOBALS['userId']])) {
+ if (!ResController::hasRightByResId(['resId' => [$listInstance['res_id']], 'userId' => $GLOBALS['id']])) {
$isListInstanceDeletable = false;
}
$listInstanceResIds[] = $listInstance['res_id'];
diff --git a/src/app/user/models/UserModelAbstract.php b/src/app/user/models/UserModelAbstract.php
index 419457c8e03c9cbceb2217397f961e107fe49bbd..c538706c2fea84da858fd5d9d508e98667145474 100755
--- a/src/app/user/models/UserModelAbstract.php
+++ b/src/app/user/models/UserModelAbstract.php
@@ -437,7 +437,7 @@ abstract class UserModelAbstract
ValidatorModel::stringType($aArgs, ['userId']);
$aEntities = DatabaseModel::select([
- 'select' => ['users_entities.entity_id', 'entities.entity_label', 'users_entities.user_role', 'users_entities.primary_entity'],
+ 'select' => ['entities.id', 'users_entities.entity_id', 'entities.entity_label', 'users_entities.user_role', 'users_entities.primary_entity'],
'table' => ['users_entities, entities'],
'where' => ['users_entities.entity_id = entities.entity_id', 'users_entities.user_id = ?'],
'data' => [$aArgs['userId']],