diff --git a/src/app/document/controllers/DocumentController.php b/src/app/document/controllers/DocumentController.php
index 8a03d9b4497024e9b689594d650e796abc089b80..17f8c5f7887e9ae9ae101f75552f548d3e202637 100755
--- a/src/app/document/controllers/DocumentController.php
+++ b/src/app/document/controllers/DocumentController.php
@@ -1188,58 +1188,46 @@ class DocumentController
ValidatorModel::intVal($args, ['id', 'userId']);
ValidatorModel::boolType($args, ['readOnly']);
- $readOnly = $args['readOnly'] ?? false;
- $args['id'] = (int)$args['id'];
+ $args['readOnly'] = $args['readOnly'] ?? false;
+ $args['id'] = (int)$args['id'];
+ $args['userId'] = (int)$args['usreId'];
$document = DocumentModel::getById(['select' => ['typist'], 'id' => $args['id']]);
- if ($document['typist'] == $GLOBALS['id']) {
+ if (!empty($document['typist']) && $document['typist'] == $GLOBALS['id']) {
return true;
}
- if (!$readOnly) {
- $workflow = WorkflowModel::getCurrentStep(['select' => ['user_id'], 'documentId' => $args['id']]);
- if (empty($workflow) || empty($workflow['user_id'])) {
+ if (!$args['readOnly']) {
+ $currentStep = WorkflowModel::getCurrentStep(['select' => ['user_id'], 'documentId' => $args['id']]);
+ if (empty($currentStep) || empty($currentStep['user_id'])) {
return false;
}
- if ($workflow['user_id'] != $args['userId']) {
- $user = UserModel::getById(['id' => $workflow['user_id'], 'select' => ['substitute']]);
- if ($user['substitute'] != $args['userId']) {
- return false;
- }
- }
- } else {
- $circuitUsers = WorkflowModel::get([
- 'select' => ['user_id', '(process_date is not null) as processed'],
- 'where' => ['main_document_id = ?'],
- 'data' => [$args['id']],
- 'orderBy' => ['"order" asc']
- ]);
- $previousAndOneUsers = [];
- foreach ($circuitUsers as $user) {
- if ($user['processed']) {
- $previousAndOneUsers[] = $user['user_id'];
- continue;
- }
- $previousAndOneUsers[] = $user['user_id'];
- break;
- }
- $circuitUsers = $previousAndOneUsers;
- unset($previousAndOneUsers);
- if (!empty($circuitUsers)) {
- $circuitSubstitutes = array_column(UserModel::get([
- 'select' => ['substitute'],
- 'where' => ['substitute is not null', 'id in (?)'],
- 'data' => [$circuitUsers]
- ]), 'substitute');
- $circuitUsers = array_merge($circuitUsers, $circuitSubstitutes);
- }
- if (!in_array($args['userId'], $circuitUsers)) {
- return false;
+ if ($currentStep['user_id'] == $args['userId']) {
+ return true;
+ } else {
+ $user = UserModel::getById(['id' => $args['userId'], 'select' => ['substitute']]);
+ return $currentStep['user_id'] == $user['substitute'];
}
}
- return true;
+ $canReadOnly = WorkflowModel::get([
+ 'select' => [1],
+ 'where' => [
+ 'main_document_id = ?',
+ '(process_date IS NOT NULL AND user_id = ?)
+ OR (
+ user_id IN (
+ SELECT (SELECT ?::int) UNION (SELECT id FROM users WHERE substitute = ?)
+ )
+ AND "order" = (
+ SELECT min(ws2."order") FROM workflows ws2 WHERE ws2.process_date IS NULL AND ws2.main_document_id = main_document_id
+ )
+ )'
+ ],
+ 'data' => [$args['id'], $args['userId'], $args['userId'], $args['userId']]
+ ]);
+ return !empty($canReadOnly);
}
public static function getEncodedDocumentFromEncodedZip(array $args)
diff --git a/src/app/search/controllers/SearchController.php b/src/app/search/controllers/SearchController.php
index 4f9d4c1c9b4b24c7238feec65aa2768d83d4d2e1..3df92ff62f0085c53315bbe8a155a0f83f96b5f5 100755
--- a/src/app/search/controllers/SearchController.php
+++ b/src/app/search/controllers/SearchController.php
@@ -38,14 +38,21 @@ class SearchController
$data = [];
$hasFullRights = PrivilegeController::hasPrivilege(['userId' => $GLOBALS['id'], 'privilege' => 'manage_documents']);
if (!$hasFullRights) {
- $substitutedUsers = UserModel::get(['select' => ['id'], 'where' => ['substitute = ?'], 'data' => [$GLOBALS['id']]]);
- $users = [$GLOBALS['id']];
- foreach ($substitutedUsers as $value) {
- $users[] = $value['id'];
- }
-
- $where = ["(id IN (SELECT main_document_id FROM workflows WHERE user_id IN (?)) OR typist = ?)"];
- $data = [$users, $GLOBALS['id']];
+ $where = ['id IN (
+ SELECT DISTINCT ws1.main_document_id
+ FROM workflows ws1
+ WHERE typist = ?
+ OR (ws1.process_date IS NOT NULL AND ws1.user_id = ?)
+ OR (
+ ws1.user_id IN (
+ SELECT (SELECT ?::int) UNION (SELECT id FROM users WHERE substitute = ?)
+ )
+ AND ws1."order" = (
+ SELECT min(ws2."order") FROM workflows ws2 WHERE ws2.process_date IS NULL AND ws2.main_document_id = ws1.main_document_id
+ )
+ )
+ )'];
+ $data = [$GLOBALS['id'], $GLOBALS['id'], $GLOBALS['id'], $GLOBALS['id']];
}
$whereWorkflow = [];