Commit 1666fa53 authored by Arnaud Pauget's avatar Arnaud Pauget
Browse files

fix() : package previous modifications to prevent merge conflicts

parent c932a7ba
# CHANGELOG
## Version 2.6.1
- `Changed` Modification de la fonction vérifiant les droits pour gain de performance
- `Changed` Ajout du compte de service "ADMIN-G" dans le groupe administrateur dans le fichier de configuration
- `Changed` Ajout du privilège 'generate token' à "ADMIN-G"
- `Fixed` Correction du retour d'erreur lors de la génération du replyMessage
......
<?php
/*
* Copyright (C) 2015 Maarch
*
* This file is part of bundle recordsManagement.
*
* Bundle recordsManagement is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Bundle recordsManagement is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with bundle recordsManagement. If not, see <http://www.gnu.org/licenses/>.
*/
namespace ext\digitalSafe\bundle\recordsManagement\Controller;
/**
* Class for Records Management archives
*/
class archive extends \bundle\recordsManagement\Controller\archive
{
/**
* Check if the current user have the rights on an archive
*
* @param recordsManagement/archive $archive The archive object
* @throws
* @return boolean THe result of the operation
*/
public function checkRights($archive, $isCommunication = false)
{
$currentUserService = \laabs::getToken("ORGANIZATION");
$currentDate = \laabs::newDate();
if (!$currentUserService) {
return false;
}
$userPositionController = \laabs::newController('organization/userPosition');
//$userServices = array_values($userPositionController->readDescandantService($currentUserService->orgId));
// $org = $this->organizationController->getOrgByRegNumber($archive->originatorOrgRegNumber);
// var_dump($org);exit();
$positionAncestors = $this->organizationController->readParentOrg($this->organizationController->getOrgByRegNumber($archive->originatorOrgRegNumber)->orgId);
$userServices[] = $currentUserService->registrationNumber;
// OWNER access
if (!is_null($currentUserService->orgRoleCodes)
&& \laabs\in_array('owner', $currentUserService->orgRoleCodes)) {
return true;
}
// ARCHIVER access
if (!is_null($currentUserService->orgRoleCodes)
&& \laabs\in_array('archiver', $currentUserService->orgRoleCodes)
&& $archive->archiverOrgRegNumber === $currentUserService->registrationNumber) {
return true;
}
// ORIGINATOR ACCESS
//if (\laabs\in_array($archive->originatorOrgRegNumber, $userServices)) {
foreach ($positionAncestors as $orgUnit) {
if ($orgUnit->registrationNumber == $currentUserService->registrationNumber) {
return true;
}
}
// COMMUNICATION ACCESS
if (!is_null($archive->accessRuleComDate)
&& ($isCommunication)
&& ($archive->accessRuleComDate <= $currentDate)) {
return true;
}
// USER ACCESS
if (!empty($archive->userOrgRegNumbers)) {
foreach ($archive->userOrgRegNumbers as $userOrgRegNumber) {
if (\laabs\in_array($userOrgRegNumber, $userServices)) {
return true;
}
}
}
throw \laabs::newException('recordsManagement/accessDeniedException', "Permission denied");
}
}
......@@ -33,6 +33,8 @@
SetEnv LAABS_DEPENDENCIES repository;xml;html;localisation;datasource;sdo;json;fileSystem;notification;PDF;csrf;csv;timestamp
SetEnv LAABS_PRESENTATION maarchRM
SetEnv SERVICE_CLIENT_TOKEN service
SetEnv LAABS_SESSION_START Off
#SetEnv LAABS_SECURE_COOKIE On
SetEnv LAABS_CONFIGURATION "../src/ext/digitalSafe/data/conf/configuration.ini"
SetEnv LAABS_LOG "../data/maarchRM/log.txt"
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment