Docker/documize
Docker/documize
1
0
Fork 0
mirror of https://github.com/documize/community.git synced 2025-07-18 20:59:43 +02:00
Code Releases Activity

Make API work with new schema

Browse source
This commit is contained in:
Harvey Kandola 2018-09-19 16:03:29 +01:00
parent 28342fcf5e
commit 4f0cc2f616
48 changed files with 1218 additions and 1097 deletions
Download patch file Download diff file Expand all files Collapse all files

40
core/database/check.go
View file

@ -73,36 +73,20 @@ func Check(runtime *env.Runtime) bool {
return false
}
{ // if there are no rows in the database, enter set-up mode
var flds []string
if err := runtime.Db.Select(&flds, runtime.StoreProvider.QueryTableList()); err != nil {
msg := fmt.Sprintf("Database: unable to get database table list ")
runtime.Log.Error(msg, err)
web.SiteInfo.Issue = msg + err.Error()
runtime.Flags.SiteMode = env.SiteModeBadDB
return false
}
if strings.TrimSpace(flds[0]) == "0" {
runtime.Log.Info("Database: starting setup mode for empty database")
runtime.Flags.SiteMode = env.SiteModeSetup
return false
}
// if there are no rows in the database, enter set-up mode
var flds []string
if err := runtime.Db.Select(&flds, runtime.StoreProvider.QueryTableList()); err != nil {
msg := fmt.Sprintf("Database: unable to get database table list ")
runtime.Log.Error(msg, err)
web.SiteInfo.Issue = msg + err.Error()
runtime.Flags.SiteMode = env.SiteModeBadDB
return false
}
// Ensure no missing tables.
var tables = []string{"account", "attachment", "document",
"label", "organization", "page", "revision", "search", "user"}
for _, table := range tables {
var result []string
if err := runtime.Db.Select(&result, fmt.Sprintf("SELECT COUNT(*) FROM %s ;", table)); err != nil {
msg := fmt.Sprintf("Database: missing table %s", table)
runtime.Log.Error(msg, err)
web.SiteInfo.Issue = msg
runtime.Flags.SiteMode = env.SiteModeBadDB
return false
}
if strings.TrimSpace(flds[0]) == "0" {
runtime.Log.Info("Database: starting setup mode for empty database")
runtime.Flags.SiteMode = env.SiteModeSetup
return false
}
// We have good database, so proceed with app boot process.

128
core/database/installer.go
View file

@ -16,7 +16,7 @@ import (
"regexp"
"strconv"
"strings"
"time"
// "time"
"github.com/documize/community/core/env"
"github.com/jmoiron/sqlx"
@ -24,7 +24,7 @@ import (
// InstallUpgrade creates new database or upgrades existing database.
func InstallUpgrade(runtime *env.Runtime, existingDB bool) (err error) {
amLeader := false
// amLeader := false
// Get all SQL scripts.
scripts, err := LoadScripts()
@ -40,7 +40,7 @@ func InstallUpgrade(runtime *env.Runtime, existingDB bool) (err error) {
return
}
runtime.Log.Info(fmt.Sprintf("Database: loaded %d SQL scripts for provider %s", len(dbTypeScripts), runtime.StoreProvider.Type()))
runtime.Log.Info(fmt.Sprintf("Database: loaded %d SQL scripts for provider %s", len(dbTypeScripts), runtime.StoreProvider.Type()))
// Get current database version.
currentVersion := 0
@ -62,51 +62,77 @@ func InstallUpgrade(runtime *env.Runtime, existingDB bool) (err error) {
}
}
if existingDB {
var err error
amLeader, err = Lock(runtime, len(toProcess))
if err != nil {
runtime.Log.Error("Database: failed to lock existing database for processing", err)
}
} else {
// New installation hopes that you are only spinning up one instance of Documize.
// Assumption: nobody will perform the intial setup in a clustered environment.
amLeader = true
// For MySQL type there was major new schema introduced in v24.
// We check for this release and bypass usual locking code
// because tables have changed.
legacyMigration := runtime.StoreProvider.Type() == env.StoreTypeMySQL &&
currentVersion > 0 && currentVersion < 25 && len(toProcess) >= 26 && toProcess[len(toProcess)-1].Version == 25
if legacyMigration {
// Bypass all DB locking/checking processes as these look for new schema
// which we are about to install.
toProcess = toProcess[len(toProcess)-1:]
}
tx, err := runtime.Db.Beginx()
if err != nil {
return Unlock(runtime, tx, err, amLeader)
return err
}
// If currently running process is database leader then we perform upgrade.
if amLeader {
runtime.Log.Info(fmt.Sprintf("Database: %d SQL scripts to process", len(toProcess)))
err = runScripts(runtime, tx, toProcess)
if err != nil {
runtime.Log.Error("Database: error processing SQL script", err)
}
return Unlock(runtime, tx, err, amLeader)
}
// If currently running process is a slave instance then we wait for migration to complete.
targetVersion := toProcess[len(toProcess)-1].Version
for targetVersion != currentVersion {
time.Sleep(time.Second)
runtime.Log.Info("Database: slave instance polling for upgrade process completion")
err = runScripts(runtime, tx, toProcess)
if err != nil {
runtime.Log.Error("Database: error processing SQL scripts", err)
tx.Rollback()
// Get database version and check again.
currentVersion, err = CurrentVersion(runtime)
if err != nil {
return Unlock(runtime, tx, err, amLeader)
}
}
return Unlock(runtime, tx, nil, amLeader)
tx.Commit()
return nil
// New style schema
// if existingDB {
// amLeader, err = Lock(runtime, len(toProcess))
// if err != nil {
// runtime.Log.Error("Database: failed to lock existing database for processing", err)
// }
// } else {
// // New installation hopes that you are only spinning up one instance of Documize.
// // Assumption: nobody will perform the intial setup in a clustered environment.
// amLeader = true
// }
// tx, err := runtime.Db.Beginx()
// if err != nil {
// return Unlock(runtime, tx, err, amLeader)
// }
// // If currently running process is database leader then we perform upgrade.
// if amLeader {
// runtime.Log.Info(fmt.Sprintf("Database: %d SQL scripts to process", len(toProcess)))
// err = runScripts(runtime, tx, toProcess)
// if err != nil {
// runtime.Log.Error("Database: error processing SQL script", err)
// }
// return Unlock(runtime, tx, err, amLeader)
// }
// // If currently running process is a slave instance then we wait for migration to complete.
// targetVersion := toProcess[len(toProcess)-1].Version
// for targetVersion != currentVersion {
// time.Sleep(time.Second)
// runtime.Log.Info("Database: slave instance polling for upgrade process completion")
// tx.Rollback()
// // Get database version and check again.
// currentVersion, err = CurrentVersion(runtime)
// if err != nil {
// return Unlock(runtime, tx, err, amLeader)
// }
// }
// return Unlock(runtime, tx, nil, amLeader)
}
// Run SQL scripts to instal or upgrade this database.
@ -117,12 +143,23 @@ func runScripts(runtime *env.Runtime, tx *sqlx.Tx, scripts []Script) (err error)
err = executeSQL(tx, runtime.StoreProvider.Type(), runtime.StoreProvider.TypeVariant(), script.Script)
if err != nil {
runtime.Log.Error(fmt.Sprintf("error executing script version %d", script.Version), err)
return err
}
// Record the fact we have processed this database script version.
_, err = tx.Exec(runtime.StoreProvider.QueryRecordVersionUpgrade(script.Version))
if err != nil {
// For MySQL we try the legacy DB checks.
if runtime.StoreProvider.Type() == env.StoreTypeMySQL {
runtime.Log.Error(fmt.Sprintf("Database: attempting legacy fallback for script version %d", script.Version), err)
_, err = tx.Exec(runtime.StoreProvider.QueryRecordVersionUpgradeLegacy(script.Version))
if err != nil {
return err
}
}
return err
}
}
@ -143,6 +180,7 @@ func executeSQL(tx *sqlx.Tx, st env.StoreType, variant string, SQLfile []byte) e
_, err := tx.Exec(stmt)
if err != nil {
fmt.Println("sql statement error:", stmt)
return err
}
}
@ -175,12 +213,16 @@ func getStatements(bytes []byte) (stmts []string) {
// CurrentVersion returns number that represents the current database version number.
// For example 23 represents the 23rd iteration of the database.
func CurrentVersion(runtime *env.Runtime) (version int, err error) {
row := runtime.Db.QueryRow(runtime.StoreProvider.QueryGetDatabaseVersion())
currentVersion := "0"
var currentVersion string
row := runtime.Db.QueryRow(runtime.StoreProvider.QueryGetDatabaseVersion())
err = row.Scan(&currentVersion)
if err != nil {
currentVersion = "0"
// For MySQL we try the legacy DB checks.
if runtime.StoreProvider.Type() == env.StoreTypeMySQL {
row := runtime.Db.QueryRow(runtime.StoreProvider.QueryGetDatabaseVersionLegacy())
err = row.Scan(&currentVersion)
}
}
return extractVersionNumber(currentVersion), nil

57
core/database/scripts/mysql/db_00025.sql
View file

@ -29,10 +29,11 @@ RENAME TABLE
`userevent` TO dmz_audit_log,
`useraction` TO dmz_action;
-- field renaming
ALTER TABLE `dmz_org`
ALTER TABLE dmz_org
CHANGE `refid` `c_refid` CHAR(16) NOT NULL,
CHANGE `company` `c_refid` VARCHAR(500) NOT NULL,
CHANGE `company` `c_company` VARCHAR(500) NOT NULL,
CHANGE `title` `c_title` VARCHAR(500) NOT NULL,
CHANGE `message` `c_message` VARCHAR(500) NOT NULL,
CHANGE `domain` `c_domain` VARCHAR(200) NOT NULL DEFAULT '',
@ -48,7 +49,7 @@ ALTER TABLE `dmz_org`
CHANGE `created` `c_created` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
CHANGE `revised` `c_revised` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE `dmz_space`
ALTER TABLE dmz_space
CHANGE `refid` `c_refid` CHAR(16) NOT NULL,
CHANGE `orgid` `c_orgid` CHAR(16) NOT NULL,
CHANGE `userid` `c_userid` CHAR(16) NOT NULL DEFAULT '',
@ -59,7 +60,7 @@ ALTER TABLE `dmz_space`
CHANGE `created` `c_created` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
CHANGE `revised` `c_revised` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE `dmz_category`
ALTER TABLE dmz_category
CHANGE `refid` `c_refid` CHAR(16) NOT NULL,
CHANGE `orgid` `c_orgid` CHAR(16) NOT NULL,
CHANGE `labelid` `c_spaceid` CHAR(16) NOT NULL,
@ -67,7 +68,7 @@ ALTER TABLE `dmz_category`
CHANGE `created` `c_created` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
CHANGE `revised` `c_revised` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE `dmz_category_member`
ALTER TABLE dmz_category_member
CHANGE `refid` `c_refid` CHAR(16) NOT NULL,
CHANGE `orgid` `c_orgid` CHAR(16) NOT NULL,
CHANGE `labelid` `c_spaceid` CHAR(16) NOT NULL,
@ -76,7 +77,7 @@ ALTER TABLE `dmz_category_member`
CHANGE `created` `c_created` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
CHANGE `revised` `c_revised` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE `dmz_group`
ALTER TABLE dmz_group
CHANGE `refid` `c_refid` CHAR(16) NOT NULL,
CHANGE `orgid` `c_orgid` CHAR(16) NOT NULL,
CHANGE `role` `c_name` VARCHAR(50) NOT NULL DEFAULT '',
@ -84,12 +85,13 @@ ALTER TABLE `dmz_group`
CHANGE `created` `c_created` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
CHANGE `revised` `c_revised` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE `dmz_group_member`
ALTER TABLE dmz_group_member
CHANGE `orgid` `c_orgid` CHAR(16) NOT NULL,
CHANGE `roleid` `c_groupid` CHAR(16) NOT NULL,
CHANGE `userid` `c_userid` CHAR(16) NOT NULL;
ALTER TABLE `dmz_permission`
ALTER TABLE dmz_permission
CHANGE `orgid` `c_orgid` CHAR(16) NOT NULL,
CHANGE `who` `c_who` VARCHAR(30) NOT NULL,
CHANGE `whoid` `c_whoid` CHAR(16) NOT NULL DEFAULT '',
@ -99,7 +101,8 @@ ALTER TABLE `dmz_permission`
CHANGE `refid` `c_refid` CHAR(16) NOT NULL,
CHANGE `created` `c_created` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE `dmz_doc`
ALTER TABLE dmz_doc
CHANGE `refid` `c_refid` CHAR(16) NOT NULL,
CHANGE `orgid` `c_orgid` CHAR(16) NOT NULL,
CHANGE `labelid` `c_spaceid` CHAR(16) NOT NULL,
@ -121,7 +124,7 @@ ALTER TABLE `dmz_doc`
CHANGE `created` `c_created` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
CHANGE `revised` `c_revised` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE `dmz_doc_share`
ALTER TABLE dmz_doc_share
CHANGE `orgid` `c_orgid` CHAR(16) NOT NULL,
CHANGE `documentid` `c_docid` CHAR(16) NOT NULL,
CHANGE `userid` `c_userid` CHAR(16) DEFAULT '',
@ -133,7 +136,7 @@ ALTER TABLE `dmz_doc_share`
CHANGE `active` `c_active` BOOL NOT NULL DEFAULT 1,
CHANGE `created` `c_created` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE `dmz_doc_vote`
ALTER TABLE dmz_doc_vote
CHANGE `refid` `c_refid` CHAR(16) NOT NULL,
CHANGE `orgid` `c_orgid` CHAR(16) NOT NULL,
CHANGE `documentid` `c_docid` CHAR(16) NOT NULL,
@ -142,7 +145,7 @@ ALTER TABLE `dmz_doc_vote`
CHANGE `created` `c_created` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
CHANGE `revised` `c_revised` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE `dmz_doc_comment`
ALTER TABLE dmz_doc_comment
CHANGE `refid` `c_refid` CHAR(16) NOT NULL,
CHANGE `orgid` `c_orgid` CHAR(16) NOT NULL,
CHANGE `documentid` `c_docid` CHAR(16) NOT NULL,
@ -151,7 +154,7 @@ ALTER TABLE `dmz_doc_comment`
CHANGE `feedback` `c_feedback` LONGTEXT,
CHANGE `created` `c_created` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE `dmz_doc_attachment`
ALTER TABLE dmz_doc_attachment
CHANGE `refid` `c_refid` CHAR(16) NOT NULL,
CHANGE `orgid` `c_orgid` CHAR(16) NOT NULL,
CHANGE `documentid` `c_docid` CHAR(16) NOT NULL,
@ -163,7 +166,7 @@ ALTER TABLE `dmz_doc_attachment`
CHANGE `created` `c_created` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
CHANGE `revised` `c_revised` TIMESTAMP DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE `dmz_doc_link`
ALTER TABLE dmz_doc_link
CHANGE `refid` `c_refid` CHAR(16) NOT NULL,
CHANGE `orgid` `c_orgid` CHAR(16) NOT NULL,
CHANGE `folderid` `c_spaceid` CHAR(16) NOT NULL,
@ -178,7 +181,7 @@ ALTER TABLE `dmz_doc_link`
CHANGE `created` `c_created` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
CHANGE `revised` `c_revised` TIMESTAMP DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE `dmz_section`
ALTER TABLE dmz_section
CHANGE `refid` `c_refid` CHAR(16) NOT NULL,
CHANGE `orgid` `c_orgid` CHAR(16) NOT NULL,
CHANGE `documentid` `c_docid` CHAR(16) NOT NULL,
@ -196,7 +199,7 @@ ALTER TABLE `dmz_section`
CHANGE `created` `c_created` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
CHANGE `revised` `c_revised` TIMESTAMP DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE `dmz_section_meta`
ALTER TABLE dmz_section_meta
CHANGE `orgid` `c_orgid` CHAR(16) NOT NULL,
CHANGE `documentid` `c_docid` CHAR(16) NOT NULL,
CHANGE `userid` `c_userid` CHAR(16) NOT NULL DEFAULT '',
@ -207,7 +210,7 @@ ALTER TABLE `dmz_section_meta`
CHANGE `created` `c_created` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
CHANGE `revised` `c_revised` TIMESTAMP DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE `dmz_section_template`
ALTER TABLE dmz_section_template
CHANGE `refid` `c_refid` CHAR(16) NOT NULL,
CHANGE `orgid` `c_orgid` CHAR(16) NOT NULL,
CHANGE `labelid` `c_spaceid` CHAR(16) DEFAULT '',
@ -224,7 +227,7 @@ ALTER TABLE `dmz_section_template`
CHANGE `created` `c_created` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
CHANGE `revised` `c_revised` TIMESTAMP DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE `dmz_section_revision`
ALTER TABLE dmz_section_revision
CHANGE `refid` `c_refid` CHAR(16) NOT NULL,
CHANGE `orgid` `c_orgid` CHAR(16) NOT NULL,
CHANGE `documentid` `c_docid` CHAR(16) NOT NULL,
@ -240,7 +243,7 @@ ALTER TABLE `dmz_section_revision`
CHANGE `created` `c_created` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
CHANGE `revised` `c_revised` TIMESTAMP DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE `dmz_user`
ALTER TABLE dmz_user
CHANGE `refid` `c_refid` CHAR(16) NOT NULL,
CHANGE `firstname` `c_firstname` VARCHAR(500) NOT NULL DEFAULT '',
CHANGE `lastname` `c_lastname` VARCHAR(500) NOT NULL DEFAULT '',
@ -255,7 +258,7 @@ ALTER TABLE `dmz_user`
CHANGE `created` `c_created` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
CHANGE `revised` `c_revised` TIMESTAMP DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE `dmz_user_account`
ALTER TABLE dmz_user_account
CHANGE `refid` `c_refid` CHAR(16) NOT NULL,
CHANGE `orgid` `c_orgid` CHAR(16) NOT NULL,
CHANGE `userid` `c_userid` CHAR(16) NOT NULL,
@ -267,7 +270,7 @@ ALTER TABLE `dmz_user_account`
CHANGE `created` `c_created` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
CHANGE `revised` `c_revised` TIMESTAMP DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE `dmz_user_activity`
ALTER TABLE dmz_user_activity
CHANGE `orgid` `c_orgid` CHAR(16) NOT NULL,
CHANGE `userid` `c_userid` CHAR(16) NOT NULL,
CHANGE `labelid` `c_spaceid` CHAR(16) NOT NULL,
@ -278,17 +281,17 @@ ALTER TABLE `dmz_user_activity`
CHANGE `metadata` `c_metadata` VARCHAR(1000) NOT NULL DEFAULT '',
CHANGE `created` `c_created` TIMESTAMP DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE `dmz_user_config`
ALTER TABLE dmz_user_config
CHANGE `orgid` `c_orgid` CHAR(16) NOT NULL,
CHANGE `userid` `c_userid` CHAR(16) NOT NULL,
CHANGE `key` `c_key` CHAR(200) NOT NULL,
CHANGE `config` `c_config` JSON;
ALTER TABLE `dmz_config`
ALTER TABLE dmz_config
CHANGE `key` `c_key` CHAR(200) NOT NULL,
CHANGE `config` `c_config` JSON;
ALTER TABLE `dmz_pin`
ALTER TABLE dmz_pin
CHANGE `refid` `c_refid` CHAR(16) NOT NULL,
CHANGE `orgid` `c_orgid` CHAR(16) NOT NULL,
CHANGE `userid` `c_userid` CHAR(16) DEFAULT '',
@ -299,7 +302,7 @@ ALTER TABLE `dmz_pin`
CHANGE `created` `c_created` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
CHANGE `revised` `c_revised` TIMESTAMP DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE `dmz_search`
ALTER TABLE dmz_search
CHANGE `orgid` `c_orgid` CHAR(16) NOT NULL,
CHANGE `documentid` `c_docid` CHAR(16) NOT NULL,
CHANGE `itemid` `c_itemid` CHAR(16) NOT NULL DEFAULT '',
@ -307,14 +310,14 @@ ALTER TABLE `dmz_search`
CHANGE `content` `c_content` LONGTEXT,
CHANGE `created` `c_created` TIMESTAMP DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE `dmz_audit_log`
ALTER TABLE dmz_audit_log
CHANGE `orgid` `c_orgid` CHAR(16) NOT NULL,
CHANGE `userid` `c_userid` CHAR(16) NOT NULL,
CHANGE `eventtype` `c_eventtype` VARCHAR(100) NOT NULL DEFAULT '',
CHANGE `ip` `c_ip` VARCHAR(39) NOT NULL DEFAULT '',
CHANGE `created` `c_created` TIMESTAMP DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE `dmz_action`
ALTER TABLE dmz_action
CHANGE `refid` `c_refid` CHAR(16) NOT NULL,
CHANGE `orgid` `c_orgid` CHAR(16) NOT NULL,
CHANGE `documentid` `c_docid` CHAR(16) NOT NULL,

8
core/env/runtime.go vendored
View file

@ -107,9 +107,17 @@ type StoreProvider interface {
// that records the database version number.
QueryRecordVersionUpgrade(version int) string
// QueryRecordVersionUpgrade returns database specific insert statement
// that records the database version number.
// For use on databases before The Great Schema Migration (v25, MySQL).
QueryRecordVersionUpgradeLegacy(version int) string
// QueryGetDatabaseVersion returns the schema version number.
QueryGetDatabaseVersion() string
// QueryGetDatabaseVersionLegacy returns the schema version number before The Great Schema Migration (v25, MySQL).
QueryGetDatabaseVersionLegacy() string
// QueryTableList returns a list tables in Documize database.
QueryTableList() string

10
domain/activity/mysql/store.go
View file

@ -34,7 +34,7 @@ func (s Scope) RecordUserActivity(ctx domain.RequestContext, activity activity.U
activity.UserID = ctx.UserID
activity.Created = time.Now().UTC()
_, err = ctx.Transaction.Exec("INSERT INTO dmz_user_activity (c_orgid, c_userid, c_spaceid, c_docid, c_pageid, c_sourcetype, c_activitytype, c_metadata, c_created) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)",
_, err = ctx.Transaction.Exec("INSERT INTO dmz_user_activity (c_orgid, c_userid, c_spaceid, c_docid, c_sectionid, c_sourcetype, c_activitytype, c_metadata, c_created) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)",
activity.OrgID, activity.UserID, activity.SpaceID, activity.DocumentID, activity.SectionID, activity.SourceType, activity.ActivityType, activity.Metadata, activity.Created)
if err != nil {
@ -46,15 +46,15 @@ func (s Scope) RecordUserActivity(ctx domain.RequestContext, activity activity.U
// GetDocumentActivity returns the metadata for a specified document.
func (s Scope) GetDocumentActivity(ctx domain.RequestContext, id string) (a []activity.DocumentActivity, err error) {
qry := `SELECT a.id, DATE(a.c_created) as created, a.c_orgid as orgid,
qry := `SELECT a.id, DATE(a.c_created) AS created, a.c_orgid AS orgid,
IFNULL(a.c_userid, '') AS userid, a.c_spaceid AS spaceid,
a.docid AS documentid, a.sectionid AS sectionid, a.c_activitytype AS activitytype,
a.c_metadata AS metadata,
IFNULL(u.c_firstname, 'Anonymous') AS firstname, IFNULL(u.c_lastname, 'Viewer') AS lastname,
IFNULL(p.c_name, '') as sectionname
IFNULL(p.c_name, '') AS sectionname
FROM dmz_user_activity a
LEFT JOIN user u ON a.c_userid=u.c_refid
LEFT JOIN page p ON a.c_pageid=p.c_refid
LEFT JOIN dmz_user u ON a.c_userid=u.c_refid
LEFT JOIN dmz_section p ON a.c_sectionid=p.c_refid
WHERE a.c_orgid=? AND a.c_docid=?
AND a.c_userid != '0' AND a.c_userid != ''
ORDER BY a.c_created DESC`

4
domain/auth/endpoint.go
View file

@ -190,7 +190,7 @@ func (h *Handler) ValidateToken(w http.ResponseWriter, r *http.Request) {
rc.OrgName = org.Title
rc.Administrator = false
rc.Editor = false
rc.Global = false
rc.GlobalAdmin = false
rc.AppURL = r.Host
rc.Subdomain = organization.GetSubdomainFromHost(r)
rc.SSL = r.TLS != nil
@ -210,7 +210,7 @@ func (h *Handler) ValidateToken(w http.ResponseWriter, r *http.Request) {
rc.Administrator = u.Admin
rc.Editor = u.Editor
rc.Global = u.Global
rc.GlobalAdmin = u.GlobalAdmin
response.WriteJSON(w, u)
}

2
domain/auth/ldap/ldap.go
View file

@ -250,7 +250,7 @@ func convertUser(c lm.LDAPConfig, lu lm.LDAPUser) (du user.User) {
du.ViewUsers = false
du.Analytics = false
du.Admin = false
du.Global = false
du.GlobalAdmin = false
du.Editor = c.DefaultPermissionAddSpace
du.Email = lu.Email
du.Firstname = lu.Firstname

14
domain/block/endpoint.go
View file

@ -54,10 +54,11 @@ func (h *Handler) Add(w http.ResponseWriter, r *http.Request) {
err = json.Unmarshal(body, &b)
if err != nil {
response.WriteBadRequestError(w, method, err.Error())
h.Runtime.Log.Error(method, err)
return
}
if !permission.CanUploadDocument(ctx, *h.Store, b.LabelID) {
if !permission.CanUploadDocument(ctx, *h.Store, b.SpaceID) {
response.WriteForbiddenError(w)
return
}
@ -67,6 +68,7 @@ func (h *Handler) Add(w http.ResponseWriter, r *http.Request) {
ctx.Transaction, err = h.Runtime.Db.Beginx()
if err != nil {
response.WriteServerError(w, method, err)
h.Runtime.Log.Error(method, err)
return
}
@ -74,6 +76,7 @@ func (h *Handler) Add(w http.ResponseWriter, r *http.Request) {
if err != nil {
ctx.Transaction.Rollback()
response.WriteServerError(w, method, err)
h.Runtime.Log.Error(method, err)
return
}
@ -84,6 +87,7 @@ func (h *Handler) Add(w http.ResponseWriter, r *http.Request) {
b, err = h.Store.Block.Get(ctx, b.RefID)
if err != nil {
response.WriteServerError(w, method, err)
h.Runtime.Log.Error(method, err)
return
}
@ -104,6 +108,7 @@ func (h *Handler) Get(w http.ResponseWriter, r *http.Request) {
b, err := h.Store.Block.Get(ctx, blockID)
if err != nil {
response.WriteServerError(w, method, err)
h.Runtime.Log.Error(method, err)
return
}
@ -132,6 +137,7 @@ func (h *Handler) GetBySpace(w http.ResponseWriter, r *http.Request) {
if err != nil {
response.WriteServerError(w, method, err)
h.Runtime.Log.Error(method, err)
return
}
@ -165,7 +171,7 @@ func (h *Handler) Update(w http.ResponseWriter, r *http.Request) {
b.RefID = blockID
if !permission.CanUploadDocument(ctx, *h.Store, b.LabelID) {
if !permission.CanUploadDocument(ctx, *h.Store, b.SpaceID) {
response.WriteForbiddenError(w)
return
}
@ -173,6 +179,7 @@ func (h *Handler) Update(w http.ResponseWriter, r *http.Request) {
ctx.Transaction, err = h.Runtime.Db.Beginx()
if err != nil {
response.WriteServerError(w, method, err)
h.Runtime.Log.Error(method, err)
return
}
@ -180,6 +187,7 @@ func (h *Handler) Update(w http.ResponseWriter, r *http.Request) {
if err != nil {
ctx.Transaction.Rollback()
response.WriteServerError(w, method, err)
h.Runtime.Log.Error(method, err)
return
}
@ -212,6 +220,7 @@ func (h *Handler) Delete(w http.ResponseWriter, r *http.Request) {
if err != nil {
ctx.Transaction.Rollback()
response.WriteServerError(w, method, err)
h.Runtime.Log.Error(method, err)
return
}
@ -219,6 +228,7 @@ func (h *Handler) Delete(w http.ResponseWriter, r *http.Request) {
if err != nil {
ctx.Transaction.Rollback()
response.WriteServerError(w, method, err)
h.Runtime.Log.Error(method, err)
return
}

6
domain/block/mysql/store.go
View file

@ -35,7 +35,7 @@ func (s Scope) Add(ctx domain.RequestContext, b block.Block) (err error) {
b.Revised = time.Now().UTC()
_, err = ctx.Transaction.Exec("INSERT INTO dmz_section_template (c_refid, c_orgid, c_spaceid, c_userid, c_contenttype, c_type, c_name, c_body, c_desc, c_rawbody, c_config, c_external, used, created, revised) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)",
b.RefID, b.OrgID, b.SpaceID, b.UserID, b.ContentType, b.PageType, b.Name, b.Body, b.Excerpt, b.RawBody, b.Config, b.ExternalSource, b.Used, b.Created, b.Revised)
b.RefID, b.OrgID, b.SpaceID, b.UserID, b.ContentType, b.Type, b.Name, b.Body, b.Excerpt, b.RawBody, b.Config, b.ExternalSource, b.Used, b.Created, b.Revised)
if err != nil {
err = errors.Wrap(err, "execute insert block")
@ -53,7 +53,7 @@ func (s Scope) Get(ctx domain.RequestContext, id string) (b block.Block, err err
a.c_name AS name, a.c_body AS body, a.c_desc AS excerpt, a.c_rawbody AS rawbody,
a.c_config AS config, a.c_external AS externalsource, a.c_used AS used,
a.c_created AS created, a.c_revised AS revised,
b.c_firstname a firstname, b.c_lastname AS lastname
b.c_firstname AS firstname, b.c_lastname AS lastname
FROM dmz_section_template a LEFT JOIN dmz_user b ON a.c_userid = b.c_refid
WHERE a.c_orgid=? AND a.c_refid=?`,
ctx.OrgID, id)
@ -74,7 +74,7 @@ func (s Scope) GetBySpace(ctx domain.RequestContext, spaceID string) (b []block.
a.c_name AS name, a.c_body AS body, a.c_desc AS excerpt, a.c_rawbody AS rawbody,
a.c_config AS config, a.c_external AS externalsource, a.c_used AS used,
a.c_created AS created, a.c_revised AS revised,
b.c_firstname a firstname, b.c_lastname AS lastname
b.c_firstname AS firstname, b.c_lastname AS lastname
FROM dmz_section_template a LEFT JOIN dmz_user b ON a.c_userid = b.c_refid
WHERE a.c_orgid=? AND a.c_spaceid=?
ORDER BY a.c_name`,

14
domain/category/endpoint.go
View file

@ -74,9 +74,9 @@ func (h *Handler) Add(w http.ResponseWriter, r *http.Request) {
}
// Category max length 30.
cat.Category = strings.TrimSpace(cat.Category)
if len(cat.Category) > 30 {
cat.Category = cat.Category[:30]
cat.Name = strings.TrimSpace(cat.Name)
if len(cat.Name) > 30 {
cat.Name = cat.Name[:30]
}
err = h.Store.Category.Add(ctx, cat)
@ -200,7 +200,7 @@ func (h *Handler) Update(w http.ResponseWriter, r *http.Request) {
cat.OrgID = ctx.OrgID
cat.RefID = categoryID
ok := permission.HasPermission(ctx, *h.Store, cat.LabelID, pm.SpaceManage, pm.SpaceOwner)
ok := permission.HasPermission(ctx, *h.Store, cat.SpaceID, pm.SpaceManage, pm.SpaceOwner)
if !ok || !ctx.Authenticated {
response.WriteForbiddenError(w)
return
@ -252,7 +252,7 @@ func (h *Handler) Delete(w http.ResponseWriter, r *http.Request) {
return
}
ok := permission.HasPermission(ctx, *h.Store, cat.LabelID, pm.SpaceManage, pm.SpaceOwner)
ok := permission.HasPermission(ctx, *h.Store, cat.SpaceID, pm.SpaceManage, pm.SpaceOwner)
if !ok || !ctx.Authenticated {
response.WriteForbiddenError(w)
return
@ -358,7 +358,7 @@ func (h *Handler) SetDocumentCategoryMembership(w http.ResponseWriter, r *http.R
return
}
if !permission.HasPermission(ctx, *h.Store, cats[0].LabelID, pm.DocumentAdd, pm.DocumentEdit) {
if !permission.HasPermission(ctx, *h.Store, cats[0].SpaceID, pm.DocumentAdd, pm.DocumentEdit) {
response.WriteForbiddenError(w)
return
}
@ -413,7 +413,7 @@ func (h *Handler) GetDocumentCategoryMembership(w http.ResponseWriter, r *http.R
return
}
if !permission.HasPermission(ctx, *h.Store, doc.LabelID, pm.SpaceView, pm.DocumentAdd, pm.DocumentEdit) {
if !permission.HasPermission(ctx, *h.Store, doc.SpaceID, pm.SpaceView, pm.DocumentAdd, pm.DocumentEdit) {
response.WriteForbiddenError(w)
return
}

10
domain/category/mysql/store.go
View file

@ -225,7 +225,7 @@ func (s Scope) GetSpaceCategorySummary(ctx domain.RequestContext, spaceID string
c = []category.SummaryModel{}
err = s.Runtime.Db.Select(&c, `
SELECT 'documents' AS type, c_categoryid, COUNT(*) AS count
SELECT 'documents' AS type, c_categoryid AS categoryid, COUNT(*) AS count
FROM dmz_category_member
WHERE c_orgid=? AND c_spaceid=?
AND c_docid IN (
@ -241,13 +241,13 @@ func (s Scope) GetSpaceCategorySummary(ctx domain.RequestContext, spaceID string
GROUP BY c_groupid
) AS x INNER JOIN dmz_doc AS d ON d.c_groupid=x.c_groupid AND d.c_versionorder=x.latestversion
)
GROUP BY c_categoryid, c_type
GROUP BY c_categoryid, type
UNION ALL
SELECT 'users' AS type, c_refid AS categoryid, count(*) AS count
FROM dmz_permission
WHERE c_orgid=? AND c_location='category' AND c_refid IN
(SELECT c_refid FROM dmz_category WHERE c_orgid=? AND c_spaceid=?)
GROUP BY c_refid, c_type`,
GROUP BY c_refid, type`,
ctx.OrgID, spaceID,
ctx.OrgID, spaceID, ctx.OrgID, spaceID,
ctx.OrgID, ctx.OrgID, spaceID)
@ -286,7 +286,7 @@ func (s Scope) GetSpaceCategoryMembership(ctx domain.RequestContext, spaceID str
err = s.Runtime.Db.Select(&c, `
SELECT id, c_refid AS refid, c_orgid AS orgid, c_spaceid AS spaceid, c_categoryid AS categoryid, c_docid AS documentid, c_created AS created, c_revised AS revised
FROM dmz_category_member
WHERE c_orgid=? AND c_spaceid=? AND spaceid IN
WHERE c_orgid=? AND c_spaceid=? AND c_spaceid IN
(SELECT c_refid FROM dmz_permission WHERE c_orgid=? AND c_location='space' AND c_refid IN
(SELECT c_refid FROM dmz_permission WHERE c_orgid=? AND c_who='user' AND (c_whoid=? OR c_whoid='0') AND c_location='space' AND c_action='view'
UNION ALL
@ -311,7 +311,7 @@ func (s Scope) GetOrgCategoryMembership(ctx domain.RequestContext, userID string
err = s.Runtime.Db.Select(&c, `
SELECT id, c_refid AS refid, c_orgid AS orgid, c_spaceid AS spaceid, c_categoryid AS categoryid, c_docid AS documentid, c_created AS created, c_revised AS revised
FROM dmz_category_member
WHERE c_orgid=? AND c_spaceid IN
WHERE c_orgid=? AND c_spaceid IN
(SELECT c_refid FROM dmz_permission WHERE c_orgid=? AND c_location='space' AND c_refid IN
(SELECT c_refid from dmz_permission WHERE c_orgid=? AND c_who='user' AND (c_whoid=? OR c_whoid='0') AND c_location='space' AND c_action='view'
UNION ALL

2
domain/context.go
View file

@ -42,7 +42,7 @@ type RequestContext struct {
Analytics bool
Active bool
Editor bool
Global bool
GlobalAdmin bool
ViewUsers bool
}

14
domain/conversion/conversion.go
View file

@ -171,7 +171,7 @@ func processDocument(ctx domain.RequestContext, r *env.Runtime, store *domain.St
document := convertFileResult(filename, fileResult)
document.Job = job
document.OrgID = ctx.OrgID
document.LabelID = sp.RefID
document.SpaceID = sp.RefID
document.UserID = ctx.UserID
documentID := uniqueid.Generate()
document.RefID = documentID
@ -193,16 +193,16 @@ func processDocument(ctx domain.RequestContext, r *env.Runtime, store *domain.St
p.OrgID = ctx.OrgID
p.DocumentID = documentID
p.Level = v.Level
p.Title = v.Title
p.Name = v.Title
p.Body = string(v.Body)
p.Sequence = float64(k+1) * 1024.0 // need to start above 0 to allow insertion before the first item
pageID := uniqueid.Generate()
p.RefID = pageID
p.ContentType = "wysiwyg"
p.PageType = "section"
p.Type = "section"
meta := page.Meta{}
meta.PageID = pageID
meta.SectionID = pageID
meta.RawBody = p.Body
meta.Config = "{}"
@ -245,7 +245,7 @@ func processDocument(ctx domain.RequestContext, r *env.Runtime, store *domain.St
}
store.Activity.RecordUserActivity(ctx, activity.UserActivity{
LabelID: newDocument.LabelID,
SpaceID: newDocument.SpaceID,
DocumentID: newDocument.RefID,
SourceType: activity.SourceTypeDocument,
ActivityType: activity.TypeCreated})
@ -278,13 +278,13 @@ func convertFileResult(filename string, fileResult *api.DocumentConversionRespon
document = doc.Document{}
document.RefID = ""
document.OrgID = ""
document.LabelID = ""
document.SpaceID = ""
document.Job = ""
document.Location = filename
if fileResult != nil {
if len(fileResult.Pages) > 0 {
document.Title = fileResult.Pages[0].Title
document.Name = fileResult.Pages[0].Title
document.Slug = stringutil.MakeSlug(fileResult.Pages[0].Title)
}
document.Excerpt = fileResult.Excerpt

2
domain/document/document.go
View file

@ -100,7 +100,7 @@ func CopyDocument(ctx domain.RequestContext, s domain.Store, documentID string)
pageID := uniqueid.Generate()
p.RefID = pageID
meta.PageID = pageID
meta.SectionID = pageID
meta.DocumentID = newDocumentID
m := page.NewPage{}

32
domain/document/endpoint.go
View file

@ -70,7 +70,7 @@ func (h *Handler) Get(w http.ResponseWriter, r *http.Request) {
return
}
if !permission.CanViewSpaceDocument(ctx, *h.Store, document.LabelID) {
if !permission.CanViewSpaceDocument(ctx, *h.Store, document.SpaceID) {
response.WriteForbiddenError(w)
return
}
@ -85,7 +85,7 @@ func (h *Handler) Get(w http.ResponseWriter, r *http.Request) {
}
err = h.Store.Activity.RecordUserActivity(ctx, activity.UserActivity{
LabelID: document.LabelID,
SpaceID: document.SpaceID,
DocumentID: document.RefID,
SourceType: activity.SourceTypeDocument,
ActivityType: activity.TypeRead})
@ -166,7 +166,7 @@ func (h *Handler) BySpace(w http.ResponseWriter, r *http.Request) {
}
// Sort by title.
sort.Sort(doc.ByTitle(documents))
sort.Sort(doc.ByName(documents))
// Remove documents that cannot be seen due to lack of
// category view/access permission.
@ -231,9 +231,9 @@ func (h *Handler) Update(w http.ResponseWriter, r *http.Request) {
return
}
if oldDoc.LabelID != d.LabelID {
if oldDoc.SpaceID != d.SpaceID {
h.Store.Category.RemoveDocumentCategories(ctx, d.RefID)
err = h.Store.Document.MoveActivity(ctx, documentID, oldDoc.LabelID, d.LabelID)
err = h.Store.Document.MoveActivity(ctx, documentID, oldDoc.SpaceID, d.SpaceID)
if err != nil {
ctx.Transaction.Rollback()
response.WriteServerError(w, method, err)
@ -268,7 +268,7 @@ func (h *Handler) Update(w http.ResponseWriter, r *http.Request) {
// Record document being marked as archived.
if d.Lifecycle == workflow.LifecycleArchived {
h.Store.Activity.RecordUserActivity(ctx, activity.UserActivity{
LabelID: d.LabelID,
SpaceID: d.SpaceID,
DocumentID: documentID,
SourceType: activity.SourceTypeDocument,
ActivityType: activity.TypeArchived})
@ -277,7 +277,7 @@ func (h *Handler) Update(w http.ResponseWriter, r *http.Request) {
// Record document being marked as draft.
if d.Lifecycle == workflow.LifecycleDraft {
h.Store.Activity.RecordUserActivity(ctx, activity.UserActivity{
LabelID: d.LabelID,
SpaceID: d.SpaceID,
DocumentID: documentID,
SourceType: activity.SourceTypeDocument,
ActivityType: activity.TypeDraft})
@ -286,7 +286,7 @@ func (h *Handler) Update(w http.ResponseWriter, r *http.Request) {
// Record document being marked as live.
if d.Lifecycle == workflow.LifecycleLive {
h.Store.Activity.RecordUserActivity(ctx, activity.UserActivity{
LabelID: d.LabelID,
SpaceID: d.SpaceID,
DocumentID: documentID,
SourceType: activity.SourceTypeDocument,
ActivityType: activity.TypePublished})
@ -340,7 +340,7 @@ func (h *Handler) Delete(w http.ResponseWriter, r *http.Request) {
// If approval workflow then only approvers can delete page
if doc.Protection == workflow.ProtectionReview {
approvers, err := permission.GetUsersWithDocumentPermission(ctx, *h.Store, doc.LabelID, doc.RefID, pm.DocumentApprove)
approvers, err := permission.GetUsersWithDocumentPermission(ctx, *h.Store, doc.SpaceID, doc.RefID, pm.DocumentApprove)
if err != nil {
response.WriteForbiddenError(w)
h.Runtime.Log.Error(method, err)
@ -389,7 +389,7 @@ func (h *Handler) Delete(w http.ResponseWriter, r *http.Request) {
// Draft actions are not logged
if doc.Lifecycle == workflow.LifecycleLive {
h.Store.Activity.RecordUserActivity(ctx, activity.UserActivity{
LabelID: doc.LabelID,
SpaceID: doc.SpaceID,
DocumentID: documentID,
SourceType: activity.SourceTypeDocument,
ActivityType: activity.TypeDeleted})
@ -458,7 +458,7 @@ func (h *Handler) SearchDocuments(w http.ResponseWriter, r *http.Request) {
}
err = h.Store.Activity.RecordUserActivity(ctx, activity.UserActivity{
LabelID: "",
SpaceID: "",
DocumentID: "",
Metadata: options.Keywords,
SourceType: activity.SourceTypeSearch,
@ -504,7 +504,7 @@ func (h *Handler) recordSearchActivity(ctx domain.RequestContext, q []search.Que
if _, isExisting := prev[q[i].DocumentID]; !isExisting {
err = h.Store.Activity.RecordUserActivity(ctx, activity.UserActivity{
LabelID: q[i].SpaceID,
SpaceID: q[i].SpaceID,
DocumentID: q[i].DocumentID,
Metadata: keywords,
SourceType: activity.SourceTypeSearch,
@ -545,7 +545,7 @@ func (h *Handler) FetchDocumentData(w http.ResponseWriter, r *http.Request) {
return
}
if !permission.CanViewSpaceDocument(ctx, *h.Store, document.LabelID) {
if !permission.CanViewSpaceDocument(ctx, *h.Store, document.SpaceID) {
response.WriteForbiddenError(w)
return
}
@ -557,9 +557,10 @@ func (h *Handler) FetchDocumentData(w http.ResponseWriter, r *http.Request) {
}
// permissions
perms, err := h.Store.Permission.GetUserSpacePermissions(ctx, document.LabelID)
perms, err := h.Store.Permission.GetUserSpacePermissions(ctx, document.SpaceID)
if err != nil && err != sql.ErrNoRows {
response.WriteServerError(w, method, err)
h.Runtime.Log.Error(method, err)
return
}
if len(perms) == 0 {
@ -570,6 +571,7 @@ func (h *Handler) FetchDocumentData(w http.ResponseWriter, r *http.Request) {
roles, err := h.Store.Permission.GetUserDocumentPermissions(ctx, document.RefID)
if err != nil && err != sql.ErrNoRows {
response.WriteServerError(w, method, err)
h.Runtime.Log.Error(method, err)
return
}
if len(roles) == 0 {
@ -629,7 +631,7 @@ func (h *Handler) FetchDocumentData(w http.ResponseWriter, r *http.Request) {
if document.Lifecycle == workflow.LifecycleLive {
err = h.Store.Activity.RecordUserActivity(ctx, activity.UserActivity{
LabelID: document.LabelID,
SpaceID: document.SpaceID,
DocumentID: document.RefID,
SourceType: activity.SourceTypeDocument,
ActivityType: activity.TypeRead})

10
domain/document/export.go
View file

@ -153,7 +153,7 @@ func exportSpace(ctx domain.RequestContext, s domain.Store, spaceID string) (toc
for _, d := range docs {
docHTML, e := processDocument(ctx, s, d.RefID)
if e == nil && len(docHTML) > 0 {
toc = append(toc, exportTOC{ID: d.RefID, Entry: d.Title})
toc = append(toc, exportTOC{ID: d.RefID, Entry: d.Name})
b.WriteString(docHTML)
} else {
return toc, b.String(), err
@ -221,7 +221,7 @@ func exportCategory(ctx domain.RequestContext, s domain.Store, spaceID string, c
for _, d := range exportDocs {
docHTML, e := processDocument(ctx, s, d.RefID)
if e == nil && len(docHTML) > 0 {
toc = append(toc, exportTOC{ID: d.RefID, Entry: d.Title})
toc = append(toc, exportTOC{ID: d.RefID, Entry: d.Name})
b.WriteString(docHTML)
} else {
return toc, b.String(), err
@ -274,7 +274,7 @@ func exportDocument(ctx domain.RequestContext, s domain.Store, spaceID string, d
if permission.CanViewDocument(ctx, s, d.RefID) {
docHTML, e := processDocument(ctx, s, d.RefID)
if e == nil && len(docHTML) > 0 {
toc = append(toc, exportTOC{ID: d.RefID, Entry: d.Title})
toc = append(toc, exportTOC{ID: d.RefID, Entry: d.Name})
b.WriteString(docHTML)
} else {
return toc, b.String(), err
@ -325,7 +325,7 @@ func processDocument(ctx domain.RequestContext, s domain.Store, documentID strin
// Put out document name.
b.WriteString(fmt.Sprintf("<div class='export-doc-header' id='%s'>", doc.RefID))
b.WriteString("<div class='export-doc-title'>")
b.WriteString(doc.Title)
b.WriteString(doc.Name)
b.WriteString("</div>")
b.WriteString("<div class='export-doc-excerpt'>")
b.WriteString(doc.Excerpt)
@ -338,7 +338,7 @@ func processDocument(ctx domain.RequestContext, s domain.Store, documentID strin
b.WriteString(`<div class="document-structure">`)
b.WriteString(`<div class="page-header">`)
b.WriteString(fmt.Sprintf("<span class='page-number'>%s</span>", page.Numbering))
b.WriteString(fmt.Sprintf("<span class='page-title'>%s</span>", page.Title))
b.WriteString(fmt.Sprintf("<span class='page-title'>%s</span>", page.Name))
b.WriteString("</div>")
b.WriteString("</div>")

23
domain/document/mysql/store.go
View file

@ -119,15 +119,16 @@ func (s Scope) GetBySpace(ctx domain.RequestContext, spaceID string) (documents
c_lifecycle AS lifecycle, c_versioned AS versioned, c_versionid AS versionid,
c_versionorder AS versionorder, c_groupid AS groupid, c_created AS created, c_revised AS revised
FROM dmz_doc
WHERE c_orgid=? AND c_template=0 AND c_spaceid IN (
WHERE c_orgid=? AND c_template=0 AND c_spaceid IN
(SELECT c_refid FROM dmz_space WHERE c_orgid=? AND c_refid IN
(SELECT c_refid FROM dmz_permission WHERE c_orgid=? AND c_location='space' AND c_refid=? AND c_refid IN
(SELECT c_refid from dmz_permission WHERE c_orgid=? AND c_who='user' AND (c_whoid=? OR c_whoid='0') AND c_location='space' AND c_action='view'
UNION ALL
SELECT p.c_refid from permission p LEFT JOIN dmz_group_member r ON p.c_whoid=r.c_groupid WHERE p.c_orgid=?
AND p.c_who='role' AND p.c_location='space' AND p.c_refid=? AND p.c_action='view' AND (r.c_userid=? OR r.c_userid='0'))
SELECT p.c_refid from dmz_permission p LEFT JOIN dmz_group_member r ON p.c_whoid=r.c_groupid WHERE p.c_orgid=?
AND p.c_who='role' AND p.c_location='space' AND p.c_refid=? AND p.c_action='view' AND (r.c_userid=? OR r.c_userid='0')
)
)
)
)
ORDER BY c_name, c_versionorder`,
ctx.OrgID, ctx.OrgID, ctx.OrgID, spaceID, ctx.OrgID, ctx.UserID, ctx.OrgID, spaceID, ctx.UserID)
@ -154,9 +155,9 @@ func (s Scope) TemplatesBySpace(ctx domain.RequestContext, spaceID string) (docu
AND c_spaceid IN
(SELECT c_refid FROM dmz_space WHERE c_orgid=? AND c_refid IN
(SELECT c_refid FROM dmz_permission WHERE c_orgid=? AND c_location='space' AND c_refid IN
(SELECT c_refid from dmz_permission WHERE c_orgid=? AND c_who='user' AND (c_whoid=? OR c_whoid='0') AND c_location='space' AND c_action='view'
(SELECT c_refid FROM dmz_permission WHERE c_orgid=? AND c_who='user' AND (c_whoid=? OR c_whoid='0') AND c_location='space' AND c_action='view'
UNION ALL
SELECT p.refid from permission p LEFT JOIN dmz_group_member r ON p.c_whoid=r.c_groupid WHERE p.c_orgid=? AND p.c_who='role' AND p.c_location='space' AND p.c_action='view' AND (r.c_userid=? OR r.c_userid='0'))
SELECT p.c_refid FROM dmz_permission p LEFT JOIN dmz_group_member r ON p.c_whoid=r.c_groupid WHERE p.c_orgid=? AND p.c_who='role' AND p.c_location='space' AND p.c_action='view' AND (r.c_userid=? OR r.c_userid='0'))
)
)
ORDER BY c_name`, ctx.OrgID, spaceID, ctx.OrgID, ctx.OrgID, ctx.OrgID, ctx.UserID, ctx.OrgID, ctx.UserID)
@ -311,23 +312,23 @@ func (s Scope) Delete(ctx domain.RequestContext, documentID string) (rows int64,
// Remove document pages, revisions, attachments, updates the search subsystem.
func (s Scope) DeleteBySpace(ctx domain.RequestContext, spaceID string) (rows int64, err error) {
b := mysql.BaseQuery{}
rows, err = b.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_section WHERE docid IN (SELECT c_refid FROM dmz_doc WHERE c_spaceid=\"%s\" AND c_orgid=\"%s\")", spaceID, ctx.OrgID))
rows, err = b.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_section WHERE _cdocid IN (SELECT c_refid FROM dmz_doc WHERE c_spaceid=\"%s\" AND c_orgid=\"%s\")", spaceID, ctx.OrgID))
if err != nil {
return
}
_, err = b.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_section_revision WHERE docid IN (SELECT c_refid FROM dmz_doc WHERE c_spaceid=\"%s\" AND c_orgid=\"%s\")", spaceID, ctx.OrgID))
_, err = b.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_section_revision WHERE c_docid IN (SELECT c_refid FROM dmz_doc WHERE c_spaceid=\"%s\" AND c_orgid=\"%s\")", spaceID, ctx.OrgID))
if err != nil {
return
}
_, err = b.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_doc_attachment WHERE docid IN (SELECT c_refid FROM dmz_doc WHERE c_spaceid=\"%s\" AND c_orgid=\"%s\")", spaceID, ctx.OrgID))
_, err = b.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_doc_attachment WHERE c_docid IN (SELECT c_refid FROM dmz_doc WHERE c_spaceid=\"%s\" AND c_orgid=\"%s\")", spaceID, ctx.OrgID))
if err != nil {
return
}
_, err = b.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_doc_vote WHERE docid IN (SELECT c_refid FROM dmz_doc WHERE c_spaceid=\"%s\" AND c_orgid=\"%s\")", spaceID, ctx.OrgID))
_, err = b.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM dmz_doc_vote WHERE c_docid IN (SELECT c_refid FROM dmz_doc WHERE c_spaceid=\"%s\" AND c_orgid=\"%s\")", spaceID, ctx.OrgID))
if err != nil {
return
}
@ -346,7 +347,7 @@ func (s Scope) GetVersions(ctx domain.RequestContext, groupID string) (v []doc.V
v = []doc.Version{}
err = s.Runtime.Db.Select(&v, `
SELECT versionid, refid as documentid
SELECT c_versionid AS versionid, c_refid as documentid
FROM dmz_doc
WHERE c_orgid=? AND c_groupid=?
ORDER BY c_versionorder`, ctx.OrgID, groupID)

2
domain/group/mysql/store.go
View file

@ -68,7 +68,7 @@ func (s Scope) GetAll(ctx domain.RequestContext) (groups []group.Group, err erro
FROM dmz_group a
LEFT JOIN dmz_group_member b ON a.c_refid=b.c_groupid
WHERE a.c_orgid=?
GROUP BY a.c_id, a.c_refid, a.c_orgid, a.c_name, a.c_desc, a.c_created, a.c_revised
GROUP BY a.id, a.c_refid, a.c_orgid, a.c_name, a.c_desc, a.c_created, a.c_revised
ORDER BY a.c_name`,
ctx.OrgID)

8
domain/link/endpoint.go
View file

@ -80,11 +80,11 @@ func (h *Handler) GetLinkCandidates(w http.ResponseWriter, r *http.Request) {
if p.RefID != pageID {
c := link.Candidate{
RefID: uniqueid.Generate(),
FolderID: folderID,
SpaceID: folderID,
DocumentID: documentID,
TargetID: p.RefID,
LinkType: p.PageType,
Title: p.Title,
LinkType: p.Type,
Title: p.Name,
}
pc = append(pc, c)
}
@ -108,7 +108,7 @@ func (h *Handler) GetLinkCandidates(w http.ResponseWriter, r *http.Request) {
for _, f := range files {
c := link.Candidate{
RefID: uniqueid.Generate(),
FolderID: folderID,
SpaceID: folderID,
DocumentID: documentID,
TargetID: f.RefID,
LinkType: "file",

2
domain/link/link.go
View file

@ -60,7 +60,7 @@ func getLink(t html.Token) (ok bool, link link.Link) {
case "data-link-id":
link.RefID = strings.TrimSpace(a.Val)
case "data-link-space-id":
link.FolderID = strings.TrimSpace(a.Val)
link.SpaceID = strings.TrimSpace(a.Val)
case "data-link-target-document-id":
link.TargetDocumentID = strings.TrimSpace(a.Val)
case "data-link-target-id":

2
domain/link/mysql/store.go
View file

@ -37,7 +37,7 @@ func (s Scope) Add(ctx domain.RequestContext, l link.Link) (err error) {
l.Revised = time.Now().UTC()
_, err = ctx.Transaction.Exec("INSERT INTO dmz_doc_link (c_refid, c_orgid, c_spaceid, c_userid, c_sourcedocid, c_sourcesectionid, c_targetdocid, c_targetid, c_externalid, c_type, c_orphan, c_created, c_revised) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)",
l.RefID, l.OrgID, l.FolderID, l.UserID, l.SourceDocumentID, l.SourceSectionID, l.TargetDocumentID, l.TargetID, l.ExternalID, l.LinkType, l.Orphan, l.Created, l.Revised)
l.RefID, l.OrgID, l.SpaceID, l.UserID, l.SourceDocumentID, l.SourceSectionID, l.TargetDocumentID, l.TargetID, l.ExternalID, l.LinkType, l.Orphan, l.Created, l.Revised)
if err != nil {
err = errors.Wrap(err, "execute link insert")

6
domain/meta/endpoint.go
View file

@ -166,7 +166,7 @@ func (h *Handler) Sitemap(w http.ResponseWriter, r *http.Request) {
for _, document := range documents {
var item sitemapItem
item.URL = ctx.GetAppURL(fmt.Sprintf("s/%s/%s/d/%s/%s",
document.FolderID, stringutil.MakeSlug(document.Folder), document.DocumentID, stringutil.MakeSlug(document.Document)))
document.SpaceID, stringutil.MakeSlug(document.Folder), document.DocumentID, stringutil.MakeSlug(document.Document)))
item.Date = document.Revised.Format("2006-01-02T15:04:05.999999-07:00")
items = append(items, item)
}
@ -184,7 +184,7 @@ func (h *Handler) Sitemap(w http.ResponseWriter, r *http.Request) {
func (h *Handler) Reindex(w http.ResponseWriter, r *http.Request) {
ctx := domain.GetRequestContext(r)
if !ctx.Global {
if !ctx.GlobalAdmin {
response.WriteForbiddenError(w)
h.Runtime.Log.Info(fmt.Sprintf("%s attempted search reindex"))
return
@ -234,7 +234,7 @@ func (h *Handler) SearchStatus(w http.ResponseWriter, r *http.Request) {
method := "meta.SearchStatus"
ctx := domain.GetRequestContext(r)
if !ctx.Global {
if !ctx.GlobalAdmin {
response.WriteForbiddenError(w)
h.Runtime.Log.Info(fmt.Sprintf("%s attempted get of search status"))
return

4
domain/organization/endpoint.go
View file

@ -147,7 +147,7 @@ func (h *Handler) SaveInstanceSetting(w http.ResponseWriter, r *http.Request) {
func (h *Handler) GetGlobalSetting(w http.ResponseWriter, r *http.Request) {
ctx := domain.GetRequestContext(r)
if !ctx.Global {
if !ctx.GlobalAdmin {
response.WriteForbiddenError(w)
return
}
@ -163,7 +163,7 @@ func (h *Handler) SaveGlobalSetting(w http.ResponseWriter, r *http.Request) {
method := "org.SaveGlobalSetting"
ctx := domain.GetRequestContext(r)
if !ctx.Global {
if !ctx.GlobalAdmin {
response.WriteForbiddenError(w)
return
}

49
domain/organization/mysql/store.go
View file

@ -49,13 +49,14 @@ func (s Scope) AddOrganization(ctx domain.RequestContext, org org.Organization)
// GetOrganization returns the Organization reocrod from the organization database table with the given id.
func (s Scope) GetOrganization(ctx domain.RequestContext, id string) (org org.Organization, err error) {
stmt, err := s.Runtime.Db.Preparex(`SELECT id, c_refid as refid,
c_orgid as orgid, c_title as title, c_message as message, c_domain as domain,
c_service as conversionendpoint, c_email as email, c_serial as serial, c_active as active,
c_anonaccess as allowannonymousaccess, c_authprovider as authprovider,
coalesce(c_authconfig,JSON_UNQUOTE('{}')) as authconfig, c_maxtags as maxtags,
c_created as created, c_revised as revised
FROM dmz_org WHERE refid=?`)
stmt, err := s.Runtime.Db.Preparex(`SELECT id, c_refid AS refid,
c_title AS title, c_message AS message, c_domain AS domain,
c_service AS conversionendpoint, c_email AS email, c_serial AS serial, c_active AS active,
c_anonaccess AS allowanonymousaccess, c_authprovider AS authprovider,
coalesce(c_authconfig,JSON_UNQUOTE('{}')) AS authconfig, c_maxtags AS maxtags,
c_created AS created, c_revised AS revised
FROM dmz_org
WHERE c_refid=?`)
defer streamutil.Close(stmt)
if err != nil {
@ -64,7 +65,6 @@ func (s Scope) GetOrganization(ctx domain.RequestContext, id string) (org org.Or
}
err = stmt.Get(&org, id)
if err != nil {
err = errors.Wrap(err, fmt.Sprintf("unable to get org %s", id))
return
@ -86,26 +86,29 @@ func (s Scope) GetOrganizationByDomain(subdomain string) (o org.Organization, er
}
// match on given domain name
err = s.Runtime.Db.Get(&o, `SELECT id, c_refid as refid,
c_orgid as orgid, c_title as title, c_message as message, c_domain as domain,
c_service as conversionendpoint, c_email as email, c_serial as serial, c_active as active,
c_anonaccess as allowannonymousaccess, c_authprovider as authprovider,
coalesce(c_authconfig,JSON_UNQUOTE('{}')) as authconfig, c_maxtags as maxtags,
c_created as created, c_revised as revised
FROM dmz_org WHERE c_domain=? AND c_active=1`, subdomain)
err = s.Runtime.Db.Get(&o, `SELECT id, c_refid AS refid,
c_title AS title, c_message AS message, c_domain AS domain,
c_service AS conversionendpoint, c_email AS email, c_serial AS serial, c_active AS active,
c_anonaccess AS allowanonymousaccess, c_authprovider AS authprovider,
coalesce(c_authconfig,JSON_UNQUOTE('{}')) AS authconfig, c_maxtags AS maxtags,
c_created AS created, c_revised AS revised
FROM dmz_org
WHERE c_domain=? AND c_active=1`, subdomain)
if err == nil {
return
}
fmt.Println(err)
err = nil
// match on empty domain as last resort
err = s.Runtime.Db.Get(&o, `SELECT id, c_refid as refid,
c_orgid as orgid, c_title as title, c_message as message, c_domain as domain,
c_service as conversionendpoint, c_email as email, c_serial as serial, c_active as active,
c_anonaccess as allowannonymousaccess, c_authprovider as authprovider,
coalesce(c_authconfig,JSON_UNQUOTE('{}')) as authconfig, c_maxtags as maxtags,
c_created as created, c_revised as revised
FROM dmz_org WHERE c_domain='' AND c_active=1`)
// match on empty domain AS last resort
err = s.Runtime.Db.Get(&o, `SELECT id, c_refid AS refid,
c_title AS title, c_message AS message, c_domain AS domain,
c_service AS conversionendpoint, c_email AS email, c_serial AS serial, c_active AS active,
c_anonaccess AS allowanonymousaccess, c_authprovider AS authprovider,
coalesce(c_authconfig,JSON_UNQUOTE('{}')) AS authconfig, c_maxtags AS maxtags,
c_created AS created, c_revised AS revised
FROM dmz_org
WHERE c_domain='' AND c_active=1`)
if err != nil && err != sql.ErrNoRows {
err = errors.Wrap(err, "unable to execute select for empty subdomain")
}

72
domain/page/endpoint.go
View file

@ -125,7 +125,7 @@ func (h *Handler) Add(w http.ResponseWriter, r *http.Request) {
pageID := uniqueid.Generate()
model.Page.RefID = pageID
model.Meta.PageID = pageID
model.Meta.SectionID = pageID
model.Meta.OrgID = ctx.OrgID // required for Render call below
model.Meta.UserID = ctx.UserID // required for Render call below
model.Page.SetDefaults()
@ -160,16 +160,16 @@ func (h *Handler) Add(w http.ResponseWriter, r *http.Request) {
return
}
if len(model.Page.BlockID) > 0 {
h.Store.Block.IncrementUsage(ctx, model.Page.BlockID)
if len(model.Page.TemplateID) > 0 {
h.Store.Block.IncrementUsage(ctx, model.Page.TemplateID)
}
// Draft actions are not logged
if doc.Lifecycle == workflow.LifecycleLive {
h.Store.Activity.RecordUserActivity(ctx, activity.UserActivity{
LabelID: doc.LabelID,
SpaceID: doc.SpaceID,
DocumentID: model.Page.DocumentID,
PageID: model.Page.RefID,
SectionID: model.Page.RefID,
SourceType: activity.SourceTypePage,
ActivityType: activity.TypeCreated})
}
@ -438,9 +438,9 @@ func (h *Handler) Update(w http.ResponseWriter, r *http.Request) {
// Draft edits are not logged
if doc.Lifecycle == workflow.LifecycleLive {
h.Store.Activity.RecordUserActivity(ctx, activity.UserActivity{
LabelID: doc.LabelID,
SpaceID: doc.SpaceID,
DocumentID: model.Page.DocumentID,
PageID: model.Page.RefID,
SectionID: model.Page.RefID,
SourceType: activity.SourceTypePage,
ActivityType: activity.TypeEdited})
}
@ -462,7 +462,7 @@ func (h *Handler) Update(w http.ResponseWriter, r *http.Request) {
link.OrgID = ctx.OrgID
link.UserID = ctx.UserID
link.SourceDocumentID = model.Page.DocumentID
link.SourcePageID = model.Page.RefID
link.SourceSectionID = model.Page.RefID
if link.LinkType == "document" || link.LinkType == "network" {
link.TargetID = ""
@ -562,8 +562,8 @@ func (h *Handler) Delete(w http.ResponseWriter, r *http.Request) {
return
}
if len(p.BlockID) > 0 {
h.Store.Block.DecrementUsage(ctx, p.BlockID)
if len(p.TemplateID) > 0 {
h.Store.Block.DecrementUsage(ctx, p.TemplateID)
}
_, err = h.Store.Page.Delete(ctx, documentID, pageID)
@ -577,9 +577,9 @@ func (h *Handler) Delete(w http.ResponseWriter, r *http.Request) {
// Draft actions are not logged
if doc.Lifecycle == workflow.LifecycleLive {
h.Store.Activity.RecordUserActivity(ctx, activity.UserActivity{
LabelID: doc.LabelID,
SpaceID: doc.SpaceID,
DocumentID: documentID,
PageID: pageID,
SectionID: pageID,
SourceType: activity.SourceTypePage,
ActivityType: activity.TypeDeleted})
}
@ -647,7 +647,7 @@ func (h *Handler) DeletePages(w http.ResponseWriter, r *http.Request) {
}
for _, page := range *model {
pageData, err := h.Store.Page.Get(ctx, page.PageID)
pageData, err := h.Store.Page.Get(ctx, page.SectionID)
if err != nil {
ctx.Transaction.Rollback()
response.WriteServerError(w, method, err)
@ -670,11 +670,11 @@ func (h *Handler) DeletePages(w http.ResponseWriter, r *http.Request) {
return
}
}
if len(pageData.BlockID) > 0 {
h.Store.Block.DecrementUsage(ctx, pageData.BlockID)
if len(pageData.TemplateID) > 0 {
h.Store.Block.DecrementUsage(ctx, pageData.TemplateID)
}
_, err = h.Store.Page.Delete(ctx, documentID, page.PageID)
_, err = h.Store.Page.Delete(ctx, documentID, page.SectionID)
if err != nil {
ctx.Transaction.Rollback()
response.WriteServerError(w, method, err)
@ -682,20 +682,20 @@ func (h *Handler) DeletePages(w http.ResponseWriter, r *http.Request) {
return
}
go h.Indexer.DeleteContent(ctx, page.PageID)
go h.Indexer.DeleteContent(ctx, page.SectionID)
h.Store.Link.DeleteSourcePageLinks(ctx, page.PageID)
h.Store.Link.DeleteSourcePageLinks(ctx, page.SectionID)
h.Store.Link.MarkOrphanPageLink(ctx, page.PageID)
h.Store.Link.MarkOrphanPageLink(ctx, page.SectionID)
h.Store.Page.DeletePageRevisions(ctx, page.PageID)
h.Store.Page.DeletePageRevisions(ctx, page.SectionID)
// Draft actions are not logged
if doc.Lifecycle == workflow.LifecycleLive {
h.Store.Activity.RecordUserActivity(ctx, activity.UserActivity{
LabelID: doc.LabelID,
SpaceID: doc.SpaceID,
DocumentID: documentID,
PageID: page.PageID,
SectionID: page.SectionID,
SourceType: activity.SourceTypePage,
ActivityType: activity.TypeDeleted})
}
@ -769,7 +769,7 @@ func (h *Handler) ChangePageSequence(w http.ResponseWriter, r *http.Request) {
}
for _, p := range *model {
err = h.Store.Page.UpdateSequence(ctx, documentID, p.PageID, p.Sequence)
err = h.Store.Page.UpdateSequence(ctx, documentID, p.SectionID, p.Sequence)
if err != nil {
ctx.Transaction.Rollback()
response.WriteServerError(w, method, err)
@ -838,7 +838,7 @@ func (h *Handler) ChangePageLevel(w http.ResponseWriter, r *http.Request) {
}
for _, p := range *model {
err = h.Store.Page.UpdateLevel(ctx, documentID, p.PageID, p.Level)
err = h.Store.Page.UpdateLevel(ctx, documentID, p.SectionID, p.Level)
if err != nil {
ctx.Transaction.Rollback()
response.WriteServerError(w, method, err)
@ -932,7 +932,7 @@ func (h *Handler) Copy(w http.ResponseWriter, r *http.Request) {
p.DocumentID = targetID
p.UserID = ctx.UserID
pageMeta.DocumentID = targetID
pageMeta.PageID = newPageID
pageMeta.SectionID = newPageID
pageMeta.UserID = ctx.UserID
model := new(page.NewPage)
@ -954,16 +954,16 @@ func (h *Handler) Copy(w http.ResponseWriter, r *http.Request) {
return
}
if len(model.Page.BlockID) > 0 {
h.Store.Block.IncrementUsage(ctx, model.Page.BlockID)
if len(model.Page.TemplateID) > 0 {
h.Store.Block.IncrementUsage(ctx, model.Page.TemplateID)
}
// Log t actions are not logged
if doc.Lifecycle == workflow.LifecycleLive {
h.Store.Activity.RecordUserActivity(ctx, activity.UserActivity{
LabelID: doc.LabelID,
SpaceID: doc.SpaceID,
DocumentID: targetID,
PageID: newPageID,
SectionID: newPageID,
SourceType: activity.SourceTypePage,
ActivityType: activity.TypeCreated})
}
@ -1215,9 +1215,9 @@ func (h *Handler) Rollback(w http.ResponseWriter, r *http.Request) {
// Draft actions are not logged
if doc.Lifecycle == workflow.LifecycleLive {
h.Store.Activity.RecordUserActivity(ctx, activity.UserActivity{
LabelID: doc.LabelID,
SpaceID: doc.SpaceID,
DocumentID: p.DocumentID,
PageID: p.RefID,
SectionID: p.RefID,
SourceType: activity.SourceTypePage,
ActivityType: activity.TypeReverted})
}
@ -1290,7 +1290,7 @@ func (h *Handler) FetchPages(w http.ResponseWriter, r *http.Request) {
}
// permissions
perms, err := h.Store.Permission.GetUserSpacePermissions(ctx, doc.LabelID)
perms, err := h.Store.Permission.GetUserSpacePermissions(ctx, doc.SpaceID)
if err != nil && err != sql.ErrNoRows {
response.WriteServerError(w, method, err)
return
@ -1344,7 +1344,7 @@ func (h *Handler) FetchPages(w http.ResponseWriter, r *http.Request) {
d.Page = p
for _, m := range meta {
if p.RefID == m.PageID {
if p.RefID == m.SectionID {
d.Meta = m
break
}
@ -1359,7 +1359,7 @@ func (h *Handler) FetchPages(w http.ResponseWriter, r *http.Request) {
ud.Page = up
for _, m := range meta {
if up.RefID == m.PageID {
if up.RefID == m.SectionID {
ud.Meta = m
break
}
@ -1413,7 +1413,7 @@ func (h *Handler) FetchPages(w http.ResponseWriter, r *http.Request) {
h.Runtime.Log.Error(method, err)
} else {
err = h.Store.Activity.RecordUserActivity(ctx, activity.UserActivity{
LabelID: doc.LabelID,
SpaceID: doc.SpaceID,
DocumentID: doc.RefID,
Metadata: source, // deliberate
SourceType: activity.SourceTypeSearch, // deliberate
@ -1450,7 +1450,7 @@ func (h *Handler) workflowPermitsChange(doc dm.Document, ctx domain.RequestConte
// If approval workflow then only approvers can delete page
if doc.Protection == workflow.ProtectionReview {
approvers, err := permission.GetUsersWithDocumentPermission(ctx, *h.Store, doc.LabelID, doc.RefID, pm.DocumentApprove)
approvers, err := permission.GetUsersWithDocumentPermission(ctx, *h.Store, doc.SpaceID, doc.RefID, pm.DocumentApprove)
if err != nil {
h.Runtime.Log.Error("workflowAllowsChange", err)
return false, err

32
domain/page/mysql/store.go
View file

@ -58,10 +58,10 @@ func (s Scope) Add(ctx domain.RequestContext, model page.NewPage) (err error) {
}
_, err = ctx.Transaction.Exec("INSERT INTO dmz_section (c_refid, c_orgid, c_docid, c_userid, c_contenttype, c_type, c_level, c_name, c_body, c_revisions, c_sequence, c_templateid, c_status, c_relativeid, c_created, c_revised) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)",
model.Page.RefID, model.Page.OrgID, model.Page.DocumentID, model.Page.UserID, model.Page.ContentType, model.Page.PageType, model.Page.Level, model.Page.Title, model.Page.Body, model.Page.Revisions, model.Page.Sequence, model.Page.BlockID, model.Page.Status, model.Page.RelativeID, model.Page.Created, model.Page.Revised)
model.Page.RefID, model.Page.OrgID, model.Page.DocumentID, model.Page.UserID, model.Page.ContentType, model.Page.Type, model.Page.Level, model.Page.Name, model.Page.Body, model.Page.Revisions, model.Page.Sequence, model.Page.TemplateID, model.Page.Status, model.Page.RelativeID, model.Page.Created, model.Page.Revised)
_, err = ctx.Transaction.Exec("INSERT INTO dmz_section_meta (c_sectionid, c_orgid, c_userid, c_docid, c_rawbody, c_config, c_external, c_created, c_revised) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)",
model.Meta.PageID, model.Meta.OrgID, model.Meta.UserID, model.Meta.DocumentID, model.Meta.RawBody, model.Meta.Config, model.Meta.ExternalSource, model.Meta.Created, model.Meta.Revised)
model.Meta.SectionID, model.Meta.OrgID, model.Meta.UserID, model.Meta.DocumentID, model.Meta.RawBody, model.Meta.Config, model.Meta.ExternalSource, model.Meta.Created, model.Meta.Revised)
if err != nil {
err = errors.Wrap(err, "execute page meta insert")
@ -73,7 +73,9 @@ func (s Scope) Add(ctx domain.RequestContext, model page.NewPage) (err error) {
// Get returns the pageID page record from the page table.
func (s Scope) Get(ctx domain.RequestContext, pageID string) (p page.Page, err error) {
err = s.Runtime.Db.Get(&p, `
SELECT c_id, c_refid, c_orgid, c_docid, c_userid, c_contenttype, c_type, c_level, c_sequence, c_name, c_body, c_revisions, c_templateid, c_status, c_relativeid, c_created, c_revised
SELECT id, c_refid AS refid, c_orgid AS orgid, c_docid AS documentid, c_userid AS userid, c_contenttype AS contenttype, c_type AS type,
c_level AS level, c_sequence AS sequence, c_name AS name, c_body AS body, c_revisions AS revisions, c_templateid AS templateid,
c_status AS status, c_relativeid AS relativeid, c_created AS created, c_revised AS revised
FROM dmz_section
WHERE c_orgid=? AND c_refid=?`,
ctx.OrgID, pageID)
@ -88,7 +90,9 @@ func (s Scope) Get(ctx domain.RequestContext, pageID string) (p page.Page, err e
// GetPages returns a slice containing all published page records for a given documentID, in presentation sequence.
func (s Scope) GetPages(ctx domain.RequestContext, documentID string) (p []page.Page, err error) {
err = s.Runtime.Db.Select(&p, `
SELECT c_id, c_refid, c_orgid, c_docid, c_userid, c_contenttype, c_type, c_level, c_sequence, c_name, c_body, c_revisions, c_templateid, c_status, c_relativeid, c_created, c_revised
SELECT id, c_refid AS refid, c_orgid AS orgid, c_docid AS documentid, c_userid AS userid, c_contenttype AS contenttype, c_type AS type,
c_level AS level, c_sequence AS sequence, c_name AS name, c_body AS body, c_revisions AS revisions, c_templateid AS templateid,
c_status AS status, c_relativeid AS relativeid, c_created AS created, c_revised AS revised
FROM dmz_section
WHERE c_orgid=? AND c_docid=? AND (c_status=0 OR ((c_status=4 OR c_status=2) AND c_relativeid=''))
ORDER BY c_sequence`,
@ -104,7 +108,9 @@ func (s Scope) GetPages(ctx domain.RequestContext, documentID string) (p []page.
// GetUnpublishedPages returns a slice containing all published page records for a given documentID, in presentation sequence.
func (s Scope) GetUnpublishedPages(ctx domain.RequestContext, documentID string) (p []page.Page, err error) {
err = s.Runtime.Db.Select(&p, `
SELECT c_id, c_refid, c_orgid, c_docid, c_userid, c_contenttype, c_type, c_level, c_sequence, c_name, c_body, c_revisions, c_templateid, c_status, c_relativeid, c_created, c_revised
SELECT id, c_refid AS refid, c_orgid AS orgid, c_docid AS documentid, c_userid AS userid, c_contenttype AS contenttype, c_type AS type,
c_level AS level, c_sequence AS sequence, c_name AS name, c_body AS body, c_revisions AS revisions, c_templateid AS templateid,
c_status AS status, c_relativeid AS relativeid, c_created AS created, c_revised AS revised
FROM dmz_section
WHERE c_orgid=? AND c_docid=? AND c_status!=0 AND c_relativeid!=''
ORDER BY c_sequence`,
@ -121,7 +127,9 @@ func (s Scope) GetUnpublishedPages(ctx domain.RequestContext, documentID string)
// but without the body field (which holds the HTML content).
func (s Scope) GetPagesWithoutContent(ctx domain.RequestContext, documentID string) (pages []page.Page, err error) {
err = s.Runtime.Db.Select(&pages, `
SELECT c_id, c_refid, c_orgid, c_docid, c_userid, c_contenttype, c_type, c_level, c_sequence, c_name, c_body, c_revisions, c_templateid, c_status, c_relativeid, c_created, c_revised
SELECT id, c_refid AS refid, c_orgid AS orgid, c_docid AS documentid, c_userid AS userid, c_contenttype AS contenttype, c_type AS type,
c_level AS level, c_sequence AS sequence, c_name AS name, c_revisions AS revisions, c_templateid AS templateid,
c_status AS status, c_relativeid AS relativeid, c_created AS created, c_revised AS revised
FROM dmz_section
WHERE c_orgid=? AND c_docid=? AND c_status=0
ORDER BY c_sequence`,
@ -145,9 +153,9 @@ func (s Scope) Update(ctx domain.RequestContext, page page.Page, refID, userID s
INSERT INTO dmz_section_revision
(c_refid, c_orgid, c_docid, c_ownerid, c_sectionid, c_userid, c_contenttype, c_type,
c_name, c_body, c_rawbody, c_config, c_created, c_revised)
SELECT ? as refid, a.c_orgid, a.c_docid, a.c_userid as ownerid, a.c_refid as sectionid,
? as userid, a.c_contenttype, a.c_type, a.c_name, a.c_body,
b.c_rawbody, b.c_config, ? as c_created, ? as c_revised
SELECT ? AS refid, a.c_orgid, a.c_docid, a.c_userid AS ownerid, a.c_refid AS sectionid,
? AS userid, a.c_contenttype, a.c_type, a.c_name, a.c_body,
b.c_rawbody, b.c_config, ? AS c_created, ? As c_revised
FROM dmz_section a, dmz_section_meta b
WHERE a.c_refid=? AND a.c_refid=b.c_sectionid`,
refID, userID, time.Now().UTC(), time.Now().UTC(), page.RefID)
@ -160,10 +168,10 @@ func (s Scope) Update(ctx domain.RequestContext, page page.Page, refID, userID s
// Update page
_, err = ctx.Transaction.NamedExec(`UPDATE dmz_section SET
docid=:documentid, level=:level, c_name=:name, body=:body,
c_docid=:documentid, c_level=:level, c_name=:name, c_body=:body,
c_revisions=:revisions, c_sequence=:sequence, c_status=:status,
c_relativeid=:relativeid, c_revised=:revised
WHERE orgid=:orgid AND refid=:refid`,
WHERE c_orgid=:orgid AND c_refid=:refid`,
&page)
if err != nil {
@ -347,7 +355,7 @@ func (s Scope) GetPageRevision(ctx domain.RequestContext, revisionID string) (re
// GetPageRevisions returns a slice of page revision records for a given pageID, in the order they were created.
// Then audits that the get-page-revisions action has occurred.
func (s Scope) GetPageRevisions(ctx domain.RequestContext, pageID string) (revisions []page.Revision, err error) {
err = s.Runtime.Db.Select(&revisions, `SELECT a.c_id, a.c_refid AS refid,
err = s.Runtime.Db.Select(&revisions, `SELECT a.id, a.c_refid AS refid,
a.c_orgid AS orgid, a.c_docid AS documentid, a.c_ownerid AS ownerid, a.c_sectionid AS sectionid, a.c_userid AS userid,
a.c_contenttype AS contenttype, a.c_type AS type, a.c_name AS name,
a.c_created AS created, a.c_revised AS revised,

10
domain/permission/endpoint.go
View file

@ -333,6 +333,7 @@ func (h *Handler) GetUserSpacePermissions(w http.ResponseWriter, r *http.Request
perms, err := h.Store.Permission.GetUserSpacePermissions(ctx, spaceID)
if err != nil {
response.WriteServerError(w, method, err)
h.Runtime.Log.Error(method, err)
return
}
@ -354,6 +355,7 @@ func (h *Handler) GetCategoryViewers(w http.ResponseWriter, r *http.Request) {
u, err := h.Store.Permission.GetCategoryUsers(ctx, categoryID)
if err != nil && err != sql.ErrNoRows {
response.WriteServerError(w, method, err)
h.Runtime.Log.Error(method, err)
return
}
@ -574,7 +576,7 @@ func (h *Handler) SetDocumentPermissions(w http.ResponseWriter, r *http.Request)
return
}
sp, err := h.Store.Space.Get(ctx, doc.LabelID)
sp, err := h.Store.Space.Get(ctx, doc.SpaceID)
if err != nil {
response.WriteNotFoundError(w, method, "space not found")
return
@ -639,7 +641,7 @@ func (h *Handler) SetDocumentPermissions(w http.ResponseWriter, r *http.Request)
return
}
url := ctx.GetAppURL(fmt.Sprintf("s/%s/%s/d/%s/%s", sp.RefID, stringutil.MakeSlug(sp.Name), doc.RefID, stringutil.MakeSlug(doc.Title)))
url := ctx.GetAppURL(fmt.Sprintf("s/%s/%s/d/%s/%s", sp.RefID, stringutil.MakeSlug(sp.Name), doc.RefID, stringutil.MakeSlug(doc.Name)))
// Permissions can be assigned to both groups and individual users.
// Pre-fetch users with group membership to help us work out
@ -701,8 +703,8 @@ func (h *Handler) SetDocumentPermissions(w http.ResponseWriter, r *http.Request)
}
mailer := mail.Mailer{Runtime: h.Runtime, Store: h.Store, Context: ctx}
go mailer.DocumentApprover(existingUser.Email, inviter.Fullname(), inviter.Email, url, doc.Title)
h.Runtime.Log.Info(fmt.Sprintf("%s has made %s document approver for: %s", inviter.Email, existingUser.Email, doc.Title))
go mailer.DocumentApprover(existingUser.Email, inviter.Fullname(), inviter.Email, url, doc.Name)
h.Runtime.Log.Info(fmt.Sprintf("%s has made %s document approver for: %s", inviter.Email, existingUser.Email, doc.Name))
}
}
}

19
domain/permission/mysql/store.go
View file

@ -65,14 +65,15 @@ func (s Scope) GetUserSpacePermissions(ctx domain.RequestContext, spaceID string
r = []permission.Permission{}
err = s.Runtime.Db.Select(&r, `
SELECT c_id, orgid, who, whoid, action, scope, location, refid
SELECT id, c_orgid AS orgid, c_who AS who, c_whoid AS whoid, c_action AS action,
c_scope AS scope, c_location AS location, c_refid AS refid
FROM dmz_permission
WHERE orgid=? AND location='space' AND refid=? AND who='user' AND (whoid=? OR whoid='0')
WHERE c_orgid=? AND c_location='space' AND c_refid=? AND c_who='user' AND (c_whoid=? OR c_whoid='0')
UNION ALL
SELECT p.id, p.orgid, p.who, p.whoid, p.action, p.scope, p.location, p.refid
SELECT p.id, p.c_orgid AS orgid, p.c_who AS who, p.c_whoid AS whoid, p.c_action AS action, p.c_scope AS scope, p.c_location AS location, p.c_refid AS refid
FROM dmz_permission p
LEFT JOIN rolemember r ON p.whoid=r.roleid
WHERE p.orgid=? AND p.location='space' AND refid=? AND p.who='role' AND (r.userid=? OR r.userid='0')`,
LEFT JOIN dmz_group_member r ON p.c_whoid=r.c_groupid
WHERE p.c_orgid=? AND p.c_location='space' AND c_refid=? AND p.c_who='role' AND (r.c_userid=? OR r.c_userid='0')`,
ctx.OrgID, spaceID, ctx.UserID, ctx.OrgID, spaceID, ctx.UserID)
if err == sql.ErrNoRows {
@ -96,7 +97,7 @@ func (s Scope) GetSpacePermissionsForUser(ctx domain.RequestContext, spaceID, us
UNION ALL
SELECT p.id, p.c_orgid AS orgid, p.c_who AS who, p.c_whoid AS whoid, p.c_action AS action, p.c_scope AS scope, p.c_location AS location, p.c_refid AS refid
FROM dmz_permission p
LEFT JOIN dmz_group_member r ON p.c_whoid=r.c_roleid
LEFT JOIN dmz_group_member r ON p.c_whoid=r.c_groupid
WHERE p.c_orgid=? AND p.c_location='space' AND c_refid=? AND p.c_who='role' AND (r.c_userid=? OR r.c_userid='0')`,
ctx.OrgID, spaceID, userID, ctx.OrgID, spaceID, userID)
@ -143,7 +144,7 @@ func (s Scope) GetCategoryPermissions(ctx domain.RequestContext, catID string) (
SELECT id, p.c_orgid AS orgid, p.c_who AS who, p.c_whoid AS whoid, p.c_action AS action, p.c_scope AS scope, p.c_location AS location, p.c_refid AS refid
FROM dmz_permission p
LEFT JOIN dmz_group_member r ON p.c_whoid=r.c_groupid
WHERE p.orgid=? AND p.location='category' AND p.who='role' AND (p.refid=? OR p.refid='0')`,
WHERE p.c_orgid=? AND p.c_location='category' AND p.c_who='role' AND (p.c_refid=? OR p.c_refid='0')`,
ctx.OrgID, catID, ctx.OrgID, catID)
if err == sql.ErrNoRows {
@ -195,7 +196,7 @@ func (s Scope) GetUserCategoryPermissions(ctx domain.RequestContext, userID stri
FROM dmz_permission
WHERE c_orgid=? AND c_location='category' AND c_who='user' AND (c_whoid=? OR c_whoid='0')
UNION ALL
SELECT id, p.c_orgid AS orgid, p.c_who AS who, p.c_whoid AS whoid, p.c_action AS action, p.c_scope AS scope, p.c_location AS location, p.c_refid AS refid
SELECT p.id, p.c_orgid AS orgid, p.c_who AS who, p.c_whoid AS whoid, p.c_action AS action, p.c_scope AS scope, p.c_location AS location, p.c_refid AS refid
FROM dmz_permission p
LEFT JOIN dmz_group_member r ON p.c_whoid=r.c_groupid
WHERE p.c_orgid=? AND p.c_location='category' AND p.c_who='role' AND (r.c_userid=? OR r.c_userid='0')`,
@ -219,7 +220,7 @@ func (s Scope) GetUserDocumentPermissions(ctx domain.RequestContext, documentID
FROM dmz_permission
WHERE c_orgid=? AND c_location='document' AND c_refid=? AND c_who='user' AND (c_whoid=? OR c_whoid='0')
UNION ALL
SELECT id, p.c_orgid AS orgid, p.c_who AS who, p.c_whoid AS whoid, p.c_action AS action, p.c_scope AS scope, p.c_location AS location, p.c_refid AS refid
SELECT p.id, p.c_orgid AS orgid, p.c_who AS who, p.c_whoid AS whoid, p.c_action AS action, p.c_scope AS scope, p.c_location AS location, p.c_refid AS refid
FROM dmz_permission p
LEFT JOIN dmz_group_member r ON p.c_whoid=r.c_groupid
WHERE p.c_orgid=? AND p.c_location='document' AND p.c_refid=? AND p.c_who='role' AND (r.c_userid=? OR r.c_userid='0')`,

12
domain/permission/permission.go
View file

@ -50,7 +50,7 @@ func CanViewDocument(ctx domain.RequestContext, s domain.Store, documentID strin
return false
}
roles, err := s.Permission.GetUserSpacePermissions(ctx, document.LabelID)
roles, err := s.Permission.GetUserSpacePermissions(ctx, document.SpaceID)
if err == sql.ErrNoRows {
err = nil
}
@ -59,7 +59,7 @@ func CanViewDocument(ctx domain.RequestContext, s domain.Store, documentID strin
}
for _, role := range roles {
if role.RefID == document.LabelID && role.Location == pm.LocationSpace && role.Scope == pm.ScopeRow &&
if role.RefID == document.SpaceID && role.Location == pm.LocationSpace && role.Scope == pm.ScopeRow &&
pm.ContainsPermission(role.Action, pm.SpaceView, pm.SpaceManage, pm.SpaceOwner) {
return true
}
@ -79,7 +79,7 @@ func CanChangeDocument(ctx domain.RequestContext, s domain.Store, documentID str
return false
}
roles, err := s.Permission.GetUserSpacePermissions(ctx, document.LabelID)
roles, err := s.Permission.GetUserSpacePermissions(ctx, document.SpaceID)
if err == sql.ErrNoRows {
err = nil
@ -89,7 +89,7 @@ func CanChangeDocument(ctx domain.RequestContext, s domain.Store, documentID str
}
for _, role := range roles {
if role.RefID == document.LabelID && role.Location == pm.LocationSpace && role.Scope == pm.ScopeRow && role.Action == pm.DocumentEdit {
if role.RefID == document.SpaceID && role.Location == pm.LocationSpace && role.Scope == pm.ScopeRow && role.Action == pm.DocumentEdit {
return true
}
}
@ -108,7 +108,7 @@ func CanDeleteDocument(ctx domain.RequestContext, s domain.Store, documentID str
return false
}
roles, err := s.Permission.GetUserSpacePermissions(ctx, document.LabelID)
roles, err := s.Permission.GetUserSpacePermissions(ctx, document.SpaceID)
if err == sql.ErrNoRows {
err = nil
@ -118,7 +118,7 @@ func CanDeleteDocument(ctx domain.RequestContext, s domain.Store, documentID str
}
for _, role := range roles {
if role.RefID == document.LabelID && role.Location == "space" && role.Scope == "object" && role.Action == pm.DocumentDelete {
if role.RefID == document.SpaceID && role.Location == "space" && role.Scope == "object" && role.Action == pm.DocumentDelete {
return true
}
}

6
domain/pin/endpoint.go
View file

@ -73,9 +73,9 @@ func (h *Handler) Add(w http.ResponseWriter, r *http.Request) {
pin.RefID = uniqueid.Generate()
pin.OrgID = ctx.OrgID
pin.UserID = ctx.UserID
pin.Pin = strings.TrimSpace(pin.Pin)
if len(pin.Pin) > 20 {
pin.Pin = pin.Pin[0:20]
pin.Name = strings.TrimSpace(pin.Name)
if len(pin.Name) > 20 {
pin.Name = pin.Name[0:20]
}
ctx.Transaction, err = h.Runtime.Db.Beginx()

4
domain/pin/mysql/store.go
View file

@ -55,7 +55,7 @@ func (s Scope) Add(ctx domain.RequestContext, pin pin.Pin) (err error) {
func (s Scope) GetPin(ctx domain.RequestContext, id string) (pin pin.Pin, err error) {
err = s.Runtime.Db.Get(&pin, `SELECT id, c_refid AS refid,
c_orgid AS orgid, c_userid AS userid, c_spaceid AS spaceid, c_docid AS documentid,
c_name AS pin, c_sequence AS sequence, c_created AS created, c_revised AS revised
c_name AS name, c_sequence AS sequence, c_created AS created, c_revised AS revised
FROM dmz_pin
WHERE c_orgid=? AND c_refid=?`,
ctx.OrgID, id)
@ -71,7 +71,7 @@ func (s Scope) GetPin(ctx domain.RequestContext, id string) (pin pin.Pin, err er
func (s Scope) GetUserPins(ctx domain.RequestContext, userID string) (pins []pin.Pin, err error) {
err = s.Runtime.Db.Select(&pins, `SELECT id, c_refid AS refid,
c_orgid AS orgid, c_userid AS userid, c_spaceid AS spaceid, c_docid AS documentid,
c_name AS pin, c_sequence AS sequence, c_created AS created, c_revised AS revised
c_name AS name, c_sequence AS sequence, c_created AS created, c_revised AS revised
FROM dmz_pin
WHERE c_orgid=? AND c_userid=?
ORDER BY c_sequence`,

85
domain/search/mysql/store.go
View file

@ -38,7 +38,7 @@ type Scope struct {
// searchable items. Any existing document entries are removed.
func (s Scope) IndexDocument(ctx domain.RequestContext, doc doc.Document, a []attachment.Attachment) (err error) {
// remove previous search entries
_, err = ctx.Transaction.Exec("DELETE FROM search WHERE orgid=? AND documentid=? AND (itemtype='doc' OR itemtype='file' OR itemtype='tag')",
_, err = ctx.Transaction.Exec("DELETE FROM dmz_search WHERE c_orgid=? AND c_docid=? AND (c_itemtype='doc' OR c_itemtype='file' OR c_itemtype='tag')",
ctx.OrgID, doc.RefID)
if err != nil {
@ -46,8 +46,8 @@ func (s Scope) IndexDocument(ctx domain.RequestContext, doc doc.Document, a []at
}
// insert doc title
_, err = ctx.Transaction.Exec("INSERT INTO search (orgid, documentid, itemid, itemtype, content) VALUES (?, ?, ?, ?, ?)",
ctx.OrgID, doc.RefID, "", "doc", doc.Title)
_, err = ctx.Transaction.Exec("INSERT INTO dmz_search (c_orgid, c_docid, c_itemid, c_itemtype, c_content) VALUES (?, ?, ?, ?, ?)",
ctx.OrgID, doc.RefID, "", "doc", doc.Name)
if err != nil {
err = errors.Wrap(err, "execute insert document title entry")
}
@ -59,7 +59,7 @@ func (s Scope) IndexDocument(ctx domain.RequestContext, doc doc.Document, a []at
continue
}
_, err = ctx.Transaction.Exec("INSERT INTO search (orgid, documentid, itemid, itemtype, content) VALUES (?, ?, ?, ?, ?)",
_, err = ctx.Transaction.Exec("INSERT INTO dmz_search (c_orgid, c_docid, c_itemid, c_itemtype, c_content) VALUES (?, ?, ?, ?, ?)",
ctx.OrgID, doc.RefID, "", "tag", t)
if err != nil {
@ -69,7 +69,7 @@ func (s Scope) IndexDocument(ctx domain.RequestContext, doc doc.Document, a []at
}
for _, file := range a {
_, err = ctx.Transaction.Exec("INSERT INTO search (orgid, documentid, itemid, itemtype, content) VALUES (?, ?, ?, ?, ?)",
_, err = ctx.Transaction.Exec("INSERT INTO dmz_search (c_orgid, c_docid, c_itemid, c_itemtype, c_content) VALUES (?, ?, ?, ?, ?)",
ctx.OrgID, doc.RefID, file.RefID, "file", file.Filename)
if err != nil {
@ -82,7 +82,7 @@ func (s Scope) IndexDocument(ctx domain.RequestContext, doc doc.Document, a []at
// DeleteDocument removes all search entries for document.
func (s Scope) DeleteDocument(ctx domain.RequestContext, ID string) (err error) {
_, err = ctx.Transaction.Exec("DELETE FROM search WHERE orgid=? AND documentid=?", ctx.OrgID, ID)
_, err = ctx.Transaction.Exec("DELETE FROM dmz_search WHERE c_orgid=? AND c_docid=?", ctx.OrgID, ID)
if err != nil {
err = errors.Wrap(err, "execute delete document entries")
@ -100,7 +100,7 @@ func (s Scope) IndexContent(ctx domain.RequestContext, p page.Page) (err error)
}
// remove previous search entries
_, err = ctx.Transaction.Exec("DELETE FROM search WHERE orgid=? AND documentid=? AND itemid=? AND itemtype='page'",
_, err = ctx.Transaction.Exec("DELETE FROM dmz_search WHERE c_orgid=? AND c_docid=? AND c_itemid=? AND c_itemtype='page'",
ctx.OrgID, p.DocumentID, p.RefID)
if err != nil {
@ -115,14 +115,14 @@ func (s Scope) IndexContent(ctx domain.RequestContext, p page.Page) (err error)
}
content = strings.TrimSpace(content)
_, err = ctx.Transaction.Exec("INSERT INTO search (orgid, documentid, itemid, itemtype, content) VALUES (?, ?, ?, ?, ?)",
_, err = ctx.Transaction.Exec("INSERT INTO dmz_search (c_orgid, c_docid, c_itemid, c_itemtype, c_content) VALUES (?, ?, ?, ?, ?)",
ctx.OrgID, p.DocumentID, p.RefID, "page", content)
if err != nil {
err = errors.Wrap(err, "execute insert document content entry")
}
_, err = ctx.Transaction.Exec("INSERT INTO search (orgid, documentid, itemid, itemtype, content) VALUES (?, ?, ?, ?, ?)",
ctx.OrgID, p.DocumentID, p.RefID, "page", p.Title)
_, err = ctx.Transaction.Exec("INSERT INTO dmz_search (c_orgid, c_docid, c_itemid, c_itemtype, c_content) VALUES (?, ?, ?, ?, ?)",
ctx.OrgID, p.DocumentID, p.RefID, "page", p.Name)
if err != nil {
err = errors.Wrap(err, "execute insert document page title entry")
}
@ -134,7 +134,7 @@ func (s Scope) IndexContent(ctx domain.RequestContext, p page.Page) (err error)
func (s Scope) DeleteContent(ctx domain.RequestContext, pageID string) (err error) {
// remove all search entries
var stmt1 *sqlx.Stmt
stmt1, err = ctx.Transaction.Preparex("DELETE FROM search WHERE orgid=? AND itemid=? AND itemtype=?")
stmt1, err = ctx.Transaction.Preparex("DELETE FROM dmz_search WHERE c_orgid=? AND c_itemid=? AND c_itemtype=?")
defer streamutil.Close(stmt1)
if err != nil {
err = errors.Wrap(err, "prepare delete document content entry")
@ -214,30 +214,30 @@ func (s Scope) Documents(ctx domain.RequestContext, q search.QueryOptions) (resu
func (s Scope) matchFullText(ctx domain.RequestContext, keywords, itemType string) (r []search.QueryResult, err error) {
sql1 := `
SELECT
s.id, s.orgid, s.documentid, s.itemid, s.itemtype,
d.labelid as spaceid, COALESCE(d.title,'Unknown') AS document, d.tags,
d.excerpt, d.template, d.versionid,
COALESCE(l.label,'Unknown') AS space
s.id, s.c_orgid AS orgid, s.c_docid AS documentid, s.c_itemid AS itemid, s.c_itemtype AS itemtype,
d.c_spaceid as spaceid, COALESCE(d.c_name,'Unknown') AS document, d.c_tags AS tags,
d.c_desc AS excerpt, d.c_template AS template, d.c_versionid AS versionid,
COALESCE(l.c_name,'Unknown') AS space
FROM
search s,
document d
dmz_search s,
dmz_doc d
LEFT JOIN
label l ON l.orgid=d.orgid AND l.refid = d.labelid
dmz_space l ON l.c_orgid=d.c_orgid AND l.c_refid = d.c_spaceid
WHERE
s.orgid = ?
AND s.itemtype = ?
AND s.documentid = d.refid
AND d.labelid IN
s.c_orgid = ?
AND s.c_itemtype = ?
AND s.c_docid = d.refid
AND d.c_spaceid IN
(
SELECT refid FROM label WHERE orgid=? AND refid IN
SELECT c_refid FROM dmz_space WHERE c_orgid=? AND c_refid IN
(
SELECT refid from permission WHERE orgid=? AND who='user' AND (whoid=? OR whoid='0') AND location='space'
SELECT c_refid from dmz_permission WHERE c_orgid=? AND c_who='user' AND (c_whoid=? OR c_whoid='0') AND c_location='space'
UNION ALL
SELECT p.refid from permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? AND p.who='role'
AND p.location='space' AND (r.userid=? OR r.userid='0')
SELECT p.c_refid from dmz_permission p LEFT JOIN dmz_group_member r ON p.c_whoid=r.c_groupid WHERE p.c_orgid=? AND p.c_who='role'
AND p.c_location='space' AND (r.c_userid=? OR r.c_userid='0')
)
)
AND MATCH(s.content) AGAINST(? IN BOOLEAN MODE)`
AND MATCH(s.c_content) AGAINST(? IN BOOLEAN MODE)`
err = s.Runtime.Db.Select(&r,
sql1,
@ -270,30 +270,29 @@ func (s Scope) matchLike(ctx domain.RequestContext, keywords, itemType string) (
sql1 := `
SELECT
s.id, s.orgid, s.documentid, s.itemid, s.itemtype,
d.labelid as spaceid, COALESCE(d.title,'Unknown') AS document, d.tags, d.excerpt,
COALESCE(l.label,'Unknown') AS space
s.id, s.c_orgid AS orgid, s.c_docid AS documentid, s.c_itemid AS itemid, s.c_itemtype AS itemtype,
d.c_spaceid as spaceid, COALESCE(d.c_name,'Unknown') AS document, d.c_tags AS tags, d.c_desc AS excerpt,
COALESCE(l.c_name,'Unknown') AS space
FROM
search s,
document d
dmz_search s,
dmz_doc d
LEFT JOIN
label l ON l.orgid=d.orgid AND l.refid = d.labelid
dmz_space l ON l.c_orgid=d.c_orgid AND l.c_refid = d.c_spaceid
WHERE
s.orgid = ?
AND s.itemtype = ?
AND s.documentid = d.refid
-- AND d.template = 0
AND d.labelid IN
s.c_orgid = ?
AND s.c_itemtype = ?
AND s.c_docid = d.c_refid
AND d.c_spaceid IN
(
SELECT refid FROM label WHERE orgid=? AND refid IN
SELECT c_refid FROM dmz_space WHERE c_orgid=? AND c_refid IN
(
SELECT refid from permission WHERE orgid=? AND who='user' AND (whoid=? OR whoid='0') AND location='space'
SELECT c_refid from dmz_permission WHERE c_orgid=? AND c_who='user' AND (c_whoid=? OR c_whoid='0') AND c_location='space'
UNION ALL
SELECT p.refid from permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? AND p.who='role'
AND p.location='space' AND (r.userid=? OR r.userid='0')
SELECT p.c_refid from dmz_permission p LEFT JOIN dmz_group_member r ON p.c_whoid=r.c_groupid WHERE p.c_orgid=? AND p.c_who='role'
AND p.c_location='space' AND (r.c_userid=? OR r.c_userid='0')
)
)
AND s.content LIKE ?`
AND s.c_content LIKE ?`
err = s.Runtime.Db.Select(&r,
sql1,

2
domain/section/endpoint.go
View file

@ -111,7 +111,7 @@ func (h *Handler) RefreshSections(w http.ResponseWriter, r *http.Request) {
for _, pm := range meta {
// Grab the page because we need content type and
page, err2 := h.Store.Page.Get(ctx, pm.PageID)
page, err2 := h.Store.Page.Get(ctx, pm.SectionID)
if err2 == sql.ErrNoRows {
continue
}

12
domain/setting/endpoint.go
View file

@ -38,7 +38,7 @@ func (h *Handler) SMTP(w http.ResponseWriter, r *http.Request) {
method := "setting.SMTP"
ctx := domain.GetRequestContext(r)
if !ctx.Global {
if !ctx.GlobalAdmin {
response.WriteForbiddenError(w)
return
}
@ -63,7 +63,7 @@ func (h *Handler) SetSMTP(w http.ResponseWriter, r *http.Request) {
method := "setting.SetSMTP"
ctx := domain.GetRequestContext(r)
if !ctx.Global {
if !ctx.GlobalAdmin {
response.WriteForbiddenError(w)
return
}
@ -130,7 +130,7 @@ func (h *Handler) SetSMTP(w http.ResponseWriter, r *http.Request) {
func (h *Handler) License(w http.ResponseWriter, r *http.Request) {
ctx := domain.GetRequestContext(r)
if !ctx.Global {
if !ctx.GlobalAdmin {
response.WriteForbiddenError(w)
return
}
@ -164,7 +164,7 @@ func (h *Handler) SetLicense(w http.ResponseWriter, r *http.Request) {
method := "setting.SetLicense"
ctx := domain.GetRequestContext(r)
if !ctx.Global {
if !ctx.GlobalAdmin {
response.WriteForbiddenError(w)
return
}
@ -222,7 +222,7 @@ func (h *Handler) AuthConfig(w http.ResponseWriter, r *http.Request) {
method := "global.auth"
ctx := domain.GetRequestContext(r)
if !ctx.Global {
if !ctx.GlobalAdmin {
response.WriteForbiddenError(w)
return
}
@ -242,7 +242,7 @@ func (h *Handler) SetAuthConfig(w http.ResponseWriter, r *http.Request) {
method := "global.auth.save"
ctx := domain.GetRequestContext(r)
if !ctx.Global {
if !ctx.GlobalAdmin {
response.WriteForbiddenError(w)
return
}

14
domain/setting/mysql/store.go
View file

@ -31,7 +31,7 @@ func (s Scope) Get(area, path string) (value string, err error) {
path = "." + path
}
sql := "SELECT JSON_EXTRACT(`config`,'$" + path + "') FROM `config` WHERE `key` = '" + area + "';"
sql := "SELECT JSON_EXTRACT(c_config,'$" + path + "') FROM dmz_config WHERE c_key = '" + area + "';"
var item = make([]uint8, 0)
@ -54,9 +54,9 @@ func (s Scope) Set(area, json string) (err error) {
return errors.New("no area")
}
sql := "INSERT INTO `config` (`key`,`config`) " +
sql := "INSERT INTO dmz_config (c_key,c_config) " +
"VALUES ('" + area + "','" + json +
"') ON DUPLICATE KEY UPDATE `config`='" + json + "';"
"') ON DUPLICATE KEY UPDATE c_config='" + json + "';"
_, err = s.Runtime.Db.Exec(sql)
@ -73,8 +73,8 @@ func (s Scope) GetUser(orgID, userID, key, path string) (value string, err error
path = "." + path
}
qry := "SELECT JSON_EXTRACT(`config`,'$" + path + "') FROM `userconfig` WHERE `key` = '" + key +
"' AND `orgid` = '" + orgID + "' AND `userid` = '" + userID + "';"
qry := "SELECT JSON_EXTRACT(c_config,'$" + path + "') FROM dmz_user_config WHERE c_key = '" + key +
"' AND c_orgid = '" + orgID + "' AND c_userid = '" + userID + "';"
err = s.Runtime.Db.Get(&item, qry)
if err != nil && err != sql.ErrNoRows {
@ -101,13 +101,13 @@ func (s Scope) SetUser(orgID, userID, key, json string) (err error) {
return err
}
_, err = tx.Exec("DELETE FROM userconfig WHERE orgid=? AND userid=? AND `key`=?", orgID, userID, key)
_, err = tx.Exec("DELETE FROM dmz_user_config WHERE c_orgid=? AND c_userid=? AND c_key=?", orgID, userID, key)
if err != nil {
fmt.Println(err)
fmt.Println("ccc")
}
_, err = tx.Exec("INSERT INTO userconfig (orgid, userid, `key`, `config`) VALUES (?, ?, ?, ?)", orgID, userID, key, json)
_, err = tx.Exec("INSERT INTO dmz_user_config (c_orgid, c_userid, c_key, c_config) VALUES (?, ?, ?, ?)", orgID, userID, key, json)
if err != nil {
fmt.Println(err)
fmt.Println("ddd")

14
domain/space/endpoint.go
View file

@ -131,7 +131,7 @@ func (h *Handler) Add(w http.ResponseWriter, r *http.Request) {
}
err = h.Store.Activity.RecordUserActivity(ctx, activity.UserActivity{
LabelID: sp.RefID,
SpaceID: sp.RefID,
SourceType: activity.SourceTypeSpace,
ActivityType: activity.TypeCreated})
if err != nil {
@ -210,7 +210,7 @@ func (h *Handler) Add(w http.ResponseWriter, r *http.Request) {
documentID := uniqueid.Generate()
t.RefID = documentID
t.LabelID = sp.RefID
t.SpaceID = sp.RefID
// Reassign group ID
if len(t.GroupID) > 0 {
@ -244,7 +244,7 @@ func (h *Handler) Add(w http.ResponseWriter, r *http.Request) {
pageID := uniqueid.Generate()
p.RefID = pageID
meta.PageID = pageID
meta.SectionID = pageID
meta.DocumentID = documentID
model := page.NewPage{}
@ -287,7 +287,7 @@ func (h *Handler) Add(w http.ResponseWriter, r *http.Request) {
for _, b := range blocks {
b.RefID = uniqueid.Generate()
b.LabelID = sp.RefID
b.SpaceID = sp.RefID
b.UserID = ctx.UserID
err = h.Store.Block.Add(ctx, b)
@ -358,7 +358,7 @@ func (h *Handler) Get(w http.ResponseWriter, r *http.Request) {
}
err = h.Store.Activity.RecordUserActivity(ctx, activity.UserActivity{
LabelID: sp.RefID,
SpaceID: sp.RefID,
SourceType: activity.SourceTypeSpace,
ActivityType: activity.TypeRead})
@ -572,7 +572,7 @@ func (h *Handler) Remove(w http.ResponseWriter, r *http.Request) {
}
err = h.Store.Activity.RecordUserActivity(ctx, activity.UserActivity{
LabelID: id,
SpaceID: id,
SourceType: activity.SourceTypeSpace,
ActivityType: activity.TypeDeleted})
if err != nil {
@ -669,7 +669,7 @@ func (h *Handler) Delete(w http.ResponseWriter, r *http.Request) {
}
err = h.Store.Activity.RecordUserActivity(ctx, activity.UserActivity{
LabelID: id,
SpaceID: id,
SourceType: activity.SourceTypeSpace,
ActivityType: activity.TypeDeleted})
if err != nil {

34
domain/space/mysql/store.go
View file

@ -47,10 +47,10 @@ func (s Scope) Add(ctx domain.RequestContext, sp space.Space) (err error) {
// Get returns a space from the store.
func (s Scope) Get(ctx domain.RequestContext, id string) (sp space.Space, err error) {
err = s.Runtime.Db.Get(&sp, `SELECT id, c_refid as refid,
c_name as name, c_orgid as orgid, c_userid as userid,
c_type as type, c_lifecycle as lifecycle, c_likes as likes,
c_created as created, c_revised as revised
err = s.Runtime.Db.Get(&sp, `SELECT id, c_refid AS refid,
c_name AS name, c_orgid AS orgid, c_userid AS userid,
c_type AS type, c_lifecycle AS lifecycle, c_likes AS likes,
c_created AS created, c_revised AS revised
FROM dmz_space
WHERE c_orgid=? and c_refid=?`,
ctx.OrgID, id)
@ -64,10 +64,10 @@ func (s Scope) Get(ctx domain.RequestContext, id string) (sp space.Space, err er
// PublicSpaces returns spaces that anyone can see.
func (s Scope) PublicSpaces(ctx domain.RequestContext, orgID string) (sp []space.Space, err error) {
qry := `SELECT id, c_refid as refid
c_name as name, c_orgid as orgid, c_userid as userid,
c_type as type, c_lifecycle as lifecycle, c_likes as likes,
c_created as created, c_revised as revised
qry := `SELECT id, c_refid AS refid,
c_name AS name, c_orgid AS orgid, c_userid AS userid,
c_type AS type, c_lifecycle AS lifecycle, c_likes AS likes,
c_created AS created, c_revised AS revised
FROM dmz_space
WHERE c_orgid=? AND c_type=1`
@ -88,16 +88,16 @@ func (s Scope) PublicSpaces(ctx domain.RequestContext, orgID string) (sp []space
// Also handles which spaces can be seen by anonymous users.
func (s Scope) GetViewable(ctx domain.RequestContext) (sp []space.Space, err error) {
q := `
SELECT id, c_refid as refid
c_name as name, c_orgid as orgid, c_userid as userid,
c_type as type, c_lifecycle as lifecycle, c_likes as likes,
c_created as created, c_revised as revised
SELECT id, c_refid AS refid,
c_name AS name, c_orgid AS orgid, c_userid AS userid,
c_type AS type, c_lifecycle AS lifecycle, c_likes AS likes,
c_created AS created, c_revised AS revised
FROM dmz_space
WHERE c_orgid=? AND c_refid IN
(SELECT c_refid FROM dmz_permission WHERE c_orgid=? AND c_location='space' AND c_refid IN
(SELECT c_refid FROM dmz_permission WHERE c_orgid=? AND c_who='user' AND (c_whoid=? OR c_whoid='0') AND c_location='space' AND c_action='view'
UNION ALL
SELECT p.refid from dmz_permission p LEFT JOIN dmz_group_member r ON p.c_whoid=r.c_groupid WHERE p.c_orgid=? AND p.c_who='role'
SELECT p.c_refid from dmz_permission p LEFT JOIN dmz_group_member r ON p.c_whoid=r.c_groupid WHERE p.c_orgid=? AND p.c_who='role'
AND p.c_location='space' AND p.c_action='view' AND (r.c_userid=? OR r.c_userid='0')
)
)
@ -125,10 +125,10 @@ func (s Scope) GetViewable(ctx domain.RequestContext) (sp []space.Space, err err
// GetAll for admin users!
func (s Scope) GetAll(ctx domain.RequestContext) (sp []space.Space, err error) {
qry := `
SELECT id, c_refid as refid
c_name as name, c_orgid as orgid, c_userid as userid,
c_type as type, c_lifecycle as lifecycle, c_likes as likes,
c_created as created, c_revised as revised
SELECT id, c_refid AS refid,
c_name AS name, c_orgid AS orgid, c_userid AS userid,
c_type AS type, c_lifecycle AS lifecycle, c_likes AS likes,
c_created AS created, c_revised AS revised
FROM dmz_space
WHERE c_orgid=?
ORDER BY c_name`

2
domain/store/mysql/mysql.go
View file

@ -52,7 +52,7 @@ func (m *BaseQuery) DeleteConstrained(tx *sqlx.Tx, table string, orgID, id strin
// DeleteConstrainedWithID record constrained to Organization using non refid.
func (m *BaseQuery) DeleteConstrainedWithID(tx *sqlx.Tx, table string, orgID, id string) (rows int64, err error) {
result, err := tx.Exec("DELETE FROM "+table+" WHERE c_orgid=? AND c_id=?", orgID, id)
result, err := tx.Exec("DELETE FROM "+table+" WHERE c_orgid=? AND id=?", orgID, id)
if err != nil {
err = errors.Wrap(err, fmt.Sprintf("unable to delete row in table %s", table))

28
domain/template/endpoint.go
View file

@ -70,13 +70,13 @@ func (h *Handler) SavedList(w http.ResponseWriter, r *http.Request) {
for _, d := range documents {
var t = template.Template{}
t.ID = d.RefID
t.Title = d.Title
t.Title = d.Name
t.Description = d.Excerpt
t.Author = ""
t.Dated = d.Created
t.Type = template.TypePrivate
if d.LabelID == folderID {
if d.SpaceID == folderID {
templates = append(templates, t)
}
}
@ -123,7 +123,7 @@ func (h *Handler) SaveAs(w http.ResponseWriter, r *http.Request) {
return
}
if !permission.HasPermission(ctx, *h.Store, doc.LabelID, pm.DocumentTemplate) {
if !permission.HasPermission(ctx, *h.Store, doc.SpaceID, pm.DocumentTemplate) {
response.WriteForbiddenError(w)
return
}
@ -138,7 +138,7 @@ func (h *Handler) SaveAs(w http.ResponseWriter, r *http.Request) {
docID := uniqueid.Generate()
doc.Template = true
doc.Title = model.Name
doc.Name = model.Name
doc.Excerpt = model.Excerpt
doc.RefID = docID
doc.ID = 0
@ -170,7 +170,7 @@ func (h *Handler) SaveAs(w http.ResponseWriter, r *http.Request) {
pageID := uniqueid.Generate()
p.RefID = pageID
meta.PageID = pageID
meta.SectionID = pageID
meta.DocumentID = docID
m := page.NewPage{}
@ -235,7 +235,7 @@ func (h *Handler) SaveAs(w http.ResponseWriter, r *http.Request) {
cc.CategoryID = c.RefID
cc.RefID = uniqueid.Generate()
cc.DocumentID = docID
cc.LabelID = doc.LabelID
cc.SpaceID = doc.SpaceID
err = h.Store.Category.AssociateDocument(ctx, cc)
if err != nil && err != sql.ErrNoRows {
response.WriteServerError(w, method, err)
@ -289,12 +289,12 @@ func (h *Handler) Use(w http.ResponseWriter, r *http.Request) {
// Define an empty document just in case user wanted one.
var d = doc.Document{}
d.Title = docTitle
d.Name = docTitle
d.Location = fmt.Sprintf("template-%s", templateID)
d.Excerpt = "Add detailed description for document..."
d.Slug = stringutil.MakeSlug(d.Title)
d.Slug = stringutil.MakeSlug(d.Name)
d.Tags = ""
d.LabelID = folderID
d.SpaceID = folderID
documentID := uniqueid.Generate()
d.RefID = documentID
@ -338,9 +338,9 @@ func (h *Handler) Use(w http.ResponseWriter, r *http.Request) {
documentID = uniqueid.Generate()
d.RefID = documentID
d.Template = false
d.LabelID = folderID
d.SpaceID = folderID
d.UserID = ctx.UserID
d.Title = docTitle
d.Name = docTitle
if h.Runtime.Product.Edition == env.CommunityEdition {
d.Lifecycle = workflow.LifecycleLive
@ -369,7 +369,7 @@ func (h *Handler) Use(w http.ResponseWriter, r *http.Request) {
pageID := uniqueid.Generate()
p.RefID = pageID
meta.PageID = pageID
meta.SectionID = pageID
meta.DocumentID = documentID
model := page.NewPage{}
@ -418,7 +418,7 @@ func (h *Handler) Use(w http.ResponseWriter, r *http.Request) {
cc.CategoryID = c.RefID
cc.RefID = uniqueid.Generate()
cc.DocumentID = d.RefID
cc.LabelID = d.LabelID
cc.SpaceID = d.SpaceID
err = h.Store.Category.AssociateDocument(ctx, cc)
if err != nil && err != sql.ErrNoRows {
response.WriteServerError(w, method, err)
@ -437,7 +437,7 @@ func (h *Handler) Use(w http.ResponseWriter, r *http.Request) {
return
}
event.Handler().Publish(string(event.TypeAddDocument), nd.Title)
event.Handler().Publish(string(event.TypeAddDocument), nd.Name)
a, _ := h.Store.Attachment.GetAttachments(ctx, documentID)

154
domain/user/mysql/store.go
View file

@ -35,7 +35,7 @@ func (s Scope) Add(ctx domain.RequestContext, u user.User) (err error) {
u.Created = time.Now().UTC()
u.Revised = time.Now().UTC()
_, err = ctx.Transaction.Exec("INSERT INTO user (refid, firstname, lastname, email, initials, password, salt, reset, lastversion, created, revised) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)",
_, err = ctx.Transaction.Exec("INSERT INTO dmz_user (c_refid, c_firstname, c_lastname, c_email, c_initials, c_password, c_salt, c_reset, c_lastversion, c_created, c_revised) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)",
u.RefID, u.Firstname, u.Lastname, strings.ToLower(u.Email), u.Initials, u.Password, u.Salt, "", u.LastVersion, u.Created, u.Revised)
if err != nil {
@ -47,7 +47,13 @@ func (s Scope) Add(ctx domain.RequestContext, u user.User) (err error) {
// Get returns the user record for the given id.
func (s Scope) Get(ctx domain.RequestContext, id string) (u user.User, err error) {
err = s.Runtime.Db.Get(&u, "SELECT id, refid, firstname, lastname, email, initials, global, password, salt, reset, lastversion, created, revised FROM user WHERE refid=?", id)
err = s.Runtime.Db.Get(&u, `
SELECT id, c_refid AS refid, c_firstname AS firstname, c_lastname AS lastname, c_email AS email,
c_initials AS initials, c_globaladmin AS globaladmin, c_password AS password, c_salt AS salt, c_reset AS reset,
c_lastversion AS lastversion, c_created AS created, c_revised AS revised
FROM dmz_user
WHERE c_refid=?`,
id)
if err != nil {
err = errors.Wrap(err, fmt.Sprintf("unable to execute select for user %s", id))
@ -60,7 +66,13 @@ func (s Scope) Get(ctx domain.RequestContext, id string) (u user.User, err error
func (s Scope) GetByDomain(ctx domain.RequestContext, domain, email string) (u user.User, err error) {
email = strings.TrimSpace(strings.ToLower(email))
err = s.Runtime.Db.Get(&u, "SELECT u.id, u.refid, u.firstname, u.lastname, u.email, u.initials, u.global, u.password, u.salt, u.reset, u.lastversion, u.created, u.revised FROM user u, account a, organization o WHERE TRIM(LOWER(u.email))=? AND u.refid=a.userid AND a.orgid=o.refid AND TRIM(LOWER(o.domain))=?",
err = s.Runtime.Db.Get(&u, `SELECT u.id, u.c_refid AS refid,
u.c_firstname AS firstname, u.c_lastname AS lastname, u.c_email AS email,
u.c_initials AS initials, u.c_globaladmin AS globaladmin,
u.c_password AS password, u.c_salt AS salt, u.c_reset AS reset, u.c_lastversion AS lastversion,
u.c_created, u.c_revised
FROM dmz_user u, dmz_account a, dmz_org o
WHERE TRIM(LOWER(u.c_email))=? AND u.c_refid=a.c_userid AND a.c_orgid=o.c_refid AND TRIM(LOWER(o.c_domain))=?`,
email, domain)
if err != nil && err != sql.ErrNoRows {
@ -74,7 +86,14 @@ func (s Scope) GetByDomain(ctx domain.RequestContext, domain, email string) (u u
func (s Scope) GetByEmail(ctx domain.RequestContext, email string) (u user.User, err error) {
email = strings.TrimSpace(strings.ToLower(email))
err = s.Runtime.Db.Get(&u, "SELECT id, refid, firstname, lastname, email, initials, global, password, salt, reset, lastversion, created, revised FROM user WHERE TRIM(LOWER(email))=?", email)
err = s.Runtime.Db.Get(&u, `SELECT u.id, u.c_refid AS refid,
u.c_firstname AS firstname, u.c_lastname AS lastname, u.c_email AS email,
u.c_initials AS initials, u.c_globaladmin AS globaladmin,
u.c_password AS password, u.c_salt AS salt, u.c_reset AS reset, u.c_lastversion AS lastversion,
u.c_created, u.c_revised
FROM dmz_user
WHERE TRIM(LOWER(c_email))=?`,
email)
if err != nil && err != sql.ErrNoRows {
err = errors.Wrap(err, fmt.Sprintf("execute select user by email %s", email))
@ -85,7 +104,14 @@ func (s Scope) GetByEmail(ctx domain.RequestContext, email string) (u user.User,
// GetByToken returns a user record given a reset token value.
func (s Scope) GetByToken(ctx domain.RequestContext, token string) (u user.User, err error) {
err = s.Runtime.Db.Get(&u, "SELECT id, refid, firstname, lastname, email, initials, global, password, salt, reset, lastversion, created, revised FROM user WHERE reset=?", token)
err = s.Runtime.Db.Get(&u, `SELECT u.id, u.c_refid AS refid,
u.c_firstname AS firstname, u.c_lastname AS lastname, u.c_email AS email,
u.c_initials AS initials, u.c_globaladmin AS globaladmin,
u.c_password AS password, u.c_salt AS salt, u.c_reset AS reset, u.c_lastversion AS lastversion,
u.c_created, u.c_revised
FROM dmz_user
WHERE c_reset=?`,
token)
if err != nil {
err = errors.Wrap(err, fmt.Sprintf("execute user select by token %s", token))
@ -98,7 +124,14 @@ func (s Scope) GetByToken(ctx domain.RequestContext, token string) (u user.User,
// This occurs when we you share a folder with a new user and they have to complete
// the onboarding process.
func (s Scope) GetBySerial(ctx domain.RequestContext, serial string) (u user.User, err error) {
err = s.Runtime.Db.Get(&u, "SELECT id, refid, firstname, lastname, email, initials, global, password, salt, reset, lastversion, created, revised FROM user WHERE salt=?", serial)
err = s.Runtime.Db.Get(&u, `SELECT u.id, u.c_refid AS refid,
u.c_firstname AS firstname, u.c_lastname AS lastname, u.c_email AS email,
u.c_initials AS initials, u.c_globaladmin AS globaladmin,
u.c_password AS password, u.c_salt AS salt, u.c_reset AS reset, u.c_lastversion AS lastversion,
u.c_created, u.c_revised
FROM dmz_user
WHERE c_salt=?`,
serial)
if err != nil {
err = errors.Wrap(err, fmt.Sprintf("execute user select by serial %s", serial))
@ -112,12 +145,15 @@ func (s Scope) GetBySerial(ctx domain.RequestContext, serial string) (u user.Use
func (s Scope) GetActiveUsersForOrganization(ctx domain.RequestContext) (u []user.User, err error) {
u = []user.User{}
err = s.Runtime.Db.Select(&u,
`SELECT u.id, u.refid, u.firstname, u.lastname, u.email, u.initials, u.password, u.salt, u.reset, u.lastversion, u.created, u.revised,
u.global, a.active, a.editor, a.admin, a.users AS viewusers, a.analytics
FROM user u, account a
WHERE u.refid=a.userid AND a.orgid=? AND a.active=1
ORDER BY u.firstname,u.lastname`,
err = s.Runtime.Db.Select(&u, `SELECT u.id, u.c_refid AS refid,
u.c_firstname AS firstname, u.c_lastname AS lastname, u.c_email AS email,
u.c_initials AS initials, u.c_globaladmin AS globaladmin,
u.c_password AS password, u.c_salt AS salt, u.c_reset AS reset, u.c_lastversion AS lastversion,
u.c_created, u.c_revised,
a.c_active AS active, a.c_editor AS editor, a.c_admin AS admin, a.c_users AS viewusers, a.c_analytics AS analytics
FROM dmz_user u, dmz_user_account a
WHERE u.c_refid=a.c_userid AND a.c_orgid=? AND a.c_active=1
ORDER BY u.c_firstname, u.c_lastname`,
ctx.OrgID)
if err == sql.ErrNoRows {
@ -131,22 +167,25 @@ func (s Scope) GetActiveUsersForOrganization(ctx domain.RequestContext) (u []use
}
// GetUsersForOrganization returns a slice containing all of the user records for the organizaiton
// identified in the Persister.
// identified in the context.
func (s Scope) GetUsersForOrganization(ctx domain.RequestContext, filter string, limit int) (u []user.User, err error) {
u = []user.User{}
filter = strings.TrimSpace(strings.ToLower(filter))
likeQuery := ""
if len(filter) > 0 {
likeQuery = " AND (LOWER(u.firstname) LIKE '%" + filter + "%' OR LOWER(u.lastname) LIKE '%" + filter + "%' OR LOWER(u.email) LIKE '%" + filter + "%') "
likeQuery = " AND (LOWER(u.c_firstname) LIKE '%" + filter + "%' OR LOWER(u.c_lastname) LIKE '%" + filter + "%' OR LOWER(u.c_email) LIKE '%" + filter + "%') "
}
err = s.Runtime.Db.Select(&u,
`SELECT u.id, u.refid, u.firstname, u.lastname, u.email, u.initials, u.password, u.salt, u.reset, u.lastversion, u.created, u.revised,
u.global, a.active, a.editor, a.admin, a.users AS viewusers, a.analytics
FROM user u, account a
WHERE u.refid=a.userid AND a.orgid=? `+likeQuery+
`ORDER BY u.firstname, u.lastname LIMIT `+strconv.Itoa(limit), ctx.OrgID)
err = s.Runtime.Db.Select(&u, `SELECT u.id, u.c_refid AS refid,
u.c_firstname AS firstname, u.c_lastname AS lastname, u.c_email AS email,
u.c_initials AS initials, u.c_globaladmin AS globaladmin,
u.c_password AS password, u.c_salt AS salt, u.c_reset AS reset, u.c_lastversion AS lastversion,
u.c_created, u.c_revised,
a.c_active AS active, a.c_editor AS editor, a.c_admin AS admin, a.c_users AS viewusers, a.c_analytics AS analytics
FROM dmz_user u, dmz_user_account a
WHERE u.c_refid=a.c_userid AND a.c_orgid=? `+likeQuery+
`ORDER BY u.c_firstname, u.c_lastname LIMIT `+strconv.Itoa(limit), ctx.OrgID)
if err == sql.ErrNoRows {
err = nil
@ -163,16 +202,20 @@ func (s Scope) GetUsersForOrganization(ctx domain.RequestContext, filter string,
func (s Scope) GetSpaceUsers(ctx domain.RequestContext, spaceID string) (u []user.User, err error) {
u = []user.User{}
err = s.Runtime.Db.Select(&u, `
SELECT u.id, u.refid, u.firstname, u.lastname, u.email, u.initials, u.password, u.salt, u.reset, u.created, u.lastversion, u.revised, u.global,
a.active, a.users AS viewusers, a.editor, a.admin, a.analytics
FROM user u, account a
WHERE a.orgid=? AND u.refid = a.userid AND a.active=1 AND u.refid IN (
SELECT whoid from permission WHERE orgid=? AND who='user' AND scope='object' AND location='space' AND refid=? UNION ALL
SELECT r.userid from rolemember r LEFT JOIN permission p ON p.whoid=r.roleid WHERE p.orgid=? AND p.who='role' AND p.scope='object' AND p.location='space' AND p.refid=?
err = s.Runtime.Db.Select(&u, `SELECT u.id, u.c_refid AS refid,
u.c_firstname AS firstname, u.c_lastname AS lastname, u.c_email AS email,
u.c_initials AS initials, u.c_globaladmin AS globaladmin,
u.c_password AS password, u.c_salt AS salt, u.c_reset AS reset, u.c_lastversion AS lastversion,
u.c_created, u.c_revised,
a.c_active AS active, a.c_editor AS editor, a.c_admin AS admin, a.c_users AS viewusers, a.c_analytics AS analytics
FROM dmz_user u, dmz_user_account a
WHERE a.c_orgid=? AND u.c_refid = a.c_userid AND a.c_active=1 AND u.c_refid IN (
SELECT c_whoid from dmz_permission WHERE c_orgid=? AND c_who='user' AND c_scope='object' AND c_location='space' AND c_refid=?
UNION ALL
SELECT r.c_userid from dmz_group_member r LEFT JOIN dmz_permission p ON p.c_whoid=r.c_groupid WHERE p.c_orgid=? AND p.c_who='role' AND p.c_scope='object' AND p.c_location='space' AND p.c_refid=?
)
ORDER BY u.firstname, u.lastname
`, ctx.OrgID, ctx.OrgID, spaceID, ctx.OrgID, spaceID)
ORDER BY u.c_firstname, c_u.lastname`,
ctx.OrgID, ctx.OrgID, spaceID, ctx.OrgID, spaceID)
if err == sql.ErrNoRows {
err = nil
@ -193,15 +236,20 @@ func (s Scope) GetUsersForSpaces(ctx domain.RequestContext, spaces []string) (u
}
query, args, err := sqlx.In(`
SELECT u.id, u.refid, u.firstname, u.lastname, u.email, u.initials, u.password, u.salt, u.reset, u.lastversion, u.created, u.revised, u.global,
a.active, a.users AS viewusers, a.editor, a.admin, a.analytics
FROM user u, account a
WHERE a.orgid=? AND u.refid = a.userid AND a.active=1 AND u.refid IN (
SELECT whoid from permission WHERE orgid=? AND who='user' AND scope='object' AND location='space' AND refid IN(?) UNION ALL
SELECT r.userid from rolemember r LEFT JOIN permission p ON p.whoid=r.roleid WHERE p.orgid=? AND p.who='role' AND p.scope='object' AND p.location='space' AND p.refid IN(?)
SELECT u.id, u.c_refid AS refid,
u.c_firstname AS firstname, u.c_lastname AS lastname, u.c_email AS email,
u.c_initials AS initials, u.c_globaladmin AS globaladmin,
u.c_password AS password, u.c_salt AS salt, u.c_reset AS reset, u.c_lastversion AS lastversion,
u.c_created, u.c_revised,
a.c_active AS active, a.c_editor AS editor, a.c_admin AS admin, a.c_users AS viewusers, a.c_analytics AS analytics
FROM dmz_user u, dmz_user_account a
WHERE a.c_orgid=? AND u.c_refid = a.c_userid AND a.c_active=1 AND u.c_refid IN (
SELECT c_whoid from dmz_permission WHERE c_orgid=? AND c_who='user' AND c_scope='object' AND c_location='space' AND c_refid IN(?)
UNION ALL
SELECT r.c_userid from dmz_group_member r LEFT JOIN dmz_permission p ON p.c_whoid=r.c_groupid WHERE p.c_orgid=? AND p.c_who='role' AND p.c_scope='object' AND p.c_location='space' AND p.c_refid IN(?)
)
ORDER BY u.firstname, u.lastname
`, ctx.OrgID, ctx.OrgID, spaces, ctx.OrgID, spaces)
ORDER BY u.c_firstname, u.c_lastname`,
ctx.OrgID, ctx.OrgID, spaces, ctx.OrgID, spaces)
query = s.Runtime.Db.Rebind(query)
err = s.Runtime.Db.Select(&u, query, args...)
@ -221,9 +269,7 @@ func (s Scope) UpdateUser(ctx domain.RequestContext, u user.User) (err error) {
u.Revised = time.Now().UTC()
u.Email = strings.ToLower(u.Email)
_, err = ctx.Transaction.NamedExec(
"UPDATE user SET firstname=:firstname, lastname=:lastname, email=:email, revised=:revised, initials=:initials, lastversion=:lastversion WHERE refid=:refid", &u)
_, err = ctx.Transaction.NamedExec("UPDATE dmz_user SET c_firstname=:firstname, c_lastname=:lastname, c_email=:email, c_revised=:revised, c_initials=:initials, c_lastversion=:lastversion WHERE c_refid=:refid", &u)
if err != nil {
err = errors.Wrap(err, fmt.Sprintf("execute user update %s", u.RefID))
}
@ -233,9 +279,7 @@ func (s Scope) UpdateUser(ctx domain.RequestContext, u user.User) (err error) {
// UpdateUserPassword updates a user record with new password and salt values.
func (s Scope) UpdateUserPassword(ctx domain.RequestContext, userID, salt, password string) (err error) {
_, err = ctx.Transaction.Exec("UPDATE user SET salt=?, password=?, reset='' WHERE refid=?",
salt, password, userID)
_, err = ctx.Transaction.Exec("UPDATE dmz_user SET c_salt=?, c_password=?, c_reset='' WHERE c_refid=?", salt, password, userID)
if err != nil {
err = errors.Wrap(err, "execute user update")
}
@ -245,8 +289,7 @@ func (s Scope) UpdateUserPassword(ctx domain.RequestContext, userID, salt, passw
// DeactiveUser deletes the account record for the given userID and persister.Context.OrgID.
func (s Scope) DeactiveUser(ctx domain.RequestContext, userID string) (err error) {
_, err = ctx.Transaction.Exec("DELETE FROM account WHERE userid=? and orgid=?", userID, ctx.OrgID)
_, err = ctx.Transaction.Exec("DELETE FROM dmz_user_account WHERE c_userid=? and c_orgid=?", userID, ctx.OrgID)
if err != nil {
err = errors.Wrap(err, "execute user deactivation")
}
@ -256,8 +299,7 @@ func (s Scope) DeactiveUser(ctx domain.RequestContext, userID string) (err error
// ForgotUserPassword sets the password to '' and the reset field to token, for a user identified by email.
func (s Scope) ForgotUserPassword(ctx domain.RequestContext, email, token string) (err error) {
_, err = ctx.Transaction.Exec("UPDATE user SET reset=?, password='' WHERE LOWER(email)=?", token, strings.ToLower(email))
_, err = ctx.Transaction.Exec("UPDATE dmz_user SET c_reset=?, c_password='' WHERE LOWER(c_email)=?", token, strings.ToLower(email))
if err != nil {
err = errors.Wrap(err, "execute password reset")
}
@ -267,10 +309,9 @@ func (s Scope) ForgotUserPassword(ctx domain.RequestContext, email, token string
// CountActiveUsers returns the number of active users in the system.
func (s Scope) CountActiveUsers() (c int) {
row := s.Runtime.Db.QueryRow("SELECT count(*) FROM user u WHERE u.refid IN (SELECT userid FROM account WHERE active=1)")
row := s.Runtime.Db.QueryRow("SELECT count(*) FROM dmz_user WHERE c_refid IN (SELECT c_userid FROM dmz_user_account WHERE active=1)")
err := row.Scan(&c)
if err == sql.ErrNoRows {
return 0
}
@ -290,15 +331,18 @@ func (s Scope) MatchUsers(ctx domain.RequestContext, text string, maxMatches int
text = strings.TrimSpace(strings.ToLower(text))
likeQuery := ""
if len(text) > 0 {
likeQuery = " AND (LOWER(firstname) LIKE '%" + text + "%' OR LOWER(lastname) LIKE '%" + text + "%' OR LOWER(email) LIKE '%" + text + "%') "
likeQuery = " AND (LOWER(c_firstname) LIKE '%" + text + "%' OR LOWER(c_lastname) LIKE '%" + text + "%' OR LOWER(c_email) LIKE '%" + text + "%') "
}
err = s.Runtime.Db.Select(&u,
`SELECT u.id, u.refid, u.firstname, u.lastname, u.email, u.initials, u.password, u.salt, u.reset, u.lastversion, u.created, u.revised,
u.global, a.active, a.editor, a.admin, a.users AS viewusers, a.analytics
FROM user u, account a
WHERE a.orgid=? AND u.refid=a.userid AND a.active=1 `+likeQuery+
`ORDER BY u.firstname,u.lastname LIMIT `+strconv.Itoa(maxMatches),
`SELECT u.id, u.c_refid AS refid,
u.c_firstname AS firstname, u.c_lastname AS lastname, u.c_email AS email,
u.c_initials AS initials, u.c_globaladmin AS globaladmin,
u.c_password AS password, u.c_salt AS salt, u.c_reset AS reset, u.c_lastversion AS lastversion,
u.c_created, u.c_revised,
a.c_active AS active, a.c_editor AS editor, a.c_admin AS admin, a.c_users AS viewusers, a.c_analytics AS analytics
FROM dmz_user u, dmz_user_account a
WHERE a.c_orgid=? AND u.c_refid=a.c_userid AND a.c_active=1 `+likeQuery+` ORDER BY u.c_firstname, u.c_lastname LIMIT `+strconv.Itoa(maxMatches),
ctx.OrgID)
if err == sql.ErrNoRows {

21
edition/storage/mysql.go
View file

@ -165,7 +165,7 @@ func (p MySQLProvider) QueryMeta() string {
// QueryStartLock locks database tables.
func (p MySQLProvider) QueryStartLock() string {
return "LOCK TABLE `config` WRITE;"
return "LOCK TABLE dmz_config WRITE;"
}
// QueryFinishLock unlocks database tables.
@ -176,18 +176,26 @@ func (p MySQLProvider) QueryFinishLock() string {
// QueryInsertProcessID returns database specific query that will
// insert ID of this running process.
func (p MySQLProvider) QueryInsertProcessID() string {
return "INSERT INTO `config` (`key`,`config`) " + fmt.Sprintf(`VALUES ('DBLOCK','{"pid": "%d"}');`, os.Getpid())
return "INSERT INTO dmz_config (c_key,c_config) " + fmt.Sprintf(`VALUES ('DBLOCK','{"pid": "%d"}');`, os.Getpid())
}
// QueryDeleteProcessID returns database specific query that will
// delete ID of this running process.
func (p MySQLProvider) QueryDeleteProcessID() string {
return "DELETE FROM `config` WHERE `key`='DBLOCK';"
return "DELETE FROM dmz_config WHERE c_key='DBLOCK';"
}
// QueryRecordVersionUpgrade returns database specific insert statement
// that records the database version number.
func (p MySQLProvider) QueryRecordVersionUpgrade(version int) string {
// Make record that holds new database version number.
json := fmt.Sprintf("{\"database\": \"%d\"}", version)
return "INSERT INTO dmz_config (c_key,c_config) " + "VALUES ('META','" + json + "') ON DUPLICATE KEY UPDATE c_config='" + json + "';"
}
// QueryRecordVersionUpgradeLegacy returns database specific insert statement
// that records the database version number.
func (p MySQLProvider) QueryRecordVersionUpgradeLegacy(version int) string {
// Make record that holds new database version number.
json := fmt.Sprintf("{\"database\": \"%d\"}", version)
return "INSERT INTO `config` (`key`,`config`) " + "VALUES ('META','" + json + "') ON DUPLICATE KEY UPDATE `config`='" + json + "';"
@ -195,6 +203,11 @@ func (p MySQLProvider) QueryRecordVersionUpgrade(version int) string {
// QueryGetDatabaseVersion returns the schema version number.
func (p MySQLProvider) QueryGetDatabaseVersion() string {
return "SELECT JSON_EXTRACT(c_config,'$.database') FROM dmz_config WHERE c_key = 'META';"
}
// QueryGetDatabaseVersionLegacy returns the schema version number before The Great Schema Migration (v25, MySQL).
func (p MySQLProvider) QueryGetDatabaseVersionLegacy() string {
return "SELECT JSON_EXTRACT(`config`,'$.database') FROM `config` WHERE `key` = 'META';"
}
@ -205,7 +218,7 @@ func (p MySQLProvider) QueryTableList() string {
}
// VerfiyVersion checks to see if actual database meets
// minimum version requirements.
// minimum version requirements.``
func (p MySQLProvider) VerfiyVersion(dbVersion string) (bool, string) {
// Minimum MySQL / MariaDB version.
minVer := []int{5, 7, 10}

1328
embed/bindata.go
View file

File diff suppressed because one or more lines are too long

2
model/block/block.go
View file

@ -20,7 +20,7 @@ type Block struct {
SpaceID string `json:"folderId"`
UserID string `json:"userId"`
ContentType string `json:"contentType"`
PageType string `json:"pageType"`
Type string `json:"pageType"`
Name string `json:"title"`
Body string `json:"body"`
Excerpt string `json:"excerpt"`

2
model/doc/doc.go
View file

@ -90,7 +90,7 @@ type UploadModel struct {
type SitemapDocument struct {
DocumentID string
Document string
FolderID string
SpaceID string
Folder string
Revised time.Time
}

2
model/link/link.go
View file

@ -17,7 +17,7 @@ import "github.com/documize/community/model"
type Link struct {
model.BaseEntity
OrgID string `json:"orgId"`
FolderID string `json:"folderId"`
SpaceID string `json:"folderId"`
UserID string `json:"userId"`
LinkType string `json:"linkType"`
SourceDocumentID string `json:"sourceDocumentId"`

2
model/page/numbering.go
View file

@ -71,7 +71,7 @@ func Numberize(pages []Page) {
// Troubleshooting help
if len(numbering) == 0 {
fmt.Println(fmt.Sprintf("No number allocated to page %s ('%s')",
pages[i].RefID, pages[i].Title))
pages[i].RefID, pages[i].Name))
}
// update state

2
model/user/user.go
View file

@ -31,7 +31,7 @@ type User struct {
Admin bool `json:"admin"`
ViewUsers bool `json:"viewUsers"`
Analytics bool `json:"analytics"`
Global bool `json:"global"`
GlobalAdmin bool `json:"global"`
Password string `json:"-"`
Salt string `json:"-"`
Reset string `json:"-"`

7
server/middleware.go
View file

@ -142,7 +142,7 @@ func (m *middleware) Authorize(w http.ResponseWriter, r *http.Request, next http
rc.Administrator = false
rc.Analytics = false
rc.Editor = false
rc.Global = false
rc.GlobalAdmin = false
rc.ViewUsers = false
rc.AppURL = r.Host
rc.Subdomain = organization.GetSubdomainFromHost(r)
@ -166,6 +166,7 @@ func (m *middleware) Authorize(w http.ResponseWriter, r *http.Request, next http
if rc.Authenticated {
u, err := user.GetSecuredUser(rc, *m.Store, org.RefID, rc.UserID)
if err != nil {
m.Runtime.Log.Error("unable to secure API", err)
response.WriteServerError(w, method, err)
return
}
@ -174,7 +175,7 @@ func (m *middleware) Authorize(w http.ResponseWriter, r *http.Request, next http
rc.Active = u.Active
rc.Analytics = u.Analytics
rc.Editor = u.Editor
rc.Global = u.Global
rc.GlobalAdmin = u.GlobalAdmin
rc.ViewUsers = u.ViewUsers
rc.Fullname = u.Fullname()
@ -245,7 +246,7 @@ func (m *middleware) preAuthorizeStaticAssets(rt *env.Runtime, r *http.Request)
ctx.Administrator = false
ctx.Editor = false
ctx.Analytics = false
ctx.Global = false
ctx.GlobalAdmin = false
ctx.AppURL = r.Host
ctx.SSL = r.TLS != nil