View Form perm always on for Webmasters

jegelstaff · Feb 4, 2025 · e370f48 · e370f48
1 parent 0affa99
commit e370f48
Show file tree

Hide file tree

Showing 6 changed files with 497 additions and 478 deletions.
diff --git a/modules/formulize/admin/formindex.php b/modules/formulize/admin/formindex.php
@@ -640,6 +640,24 @@ function patch40() {
 						}
         }
 
+				// Webmasters group needs explicit view_form permission on every form always! Or else the owner groups column won't work, and that will mess up datasets because the found owner groups to the mainform records in the datasets won't be parallel to that actual dataset (it will be mising owner group info for the Webmasters group for any entries created by webmasters!)
+				$sql = "SELECT id_form FROM ".$xoopsDB->prefix('formulize_id')." AS f WHERE NOT EXISTS(SELECT 1 FROM ".$xoopsDB->prefix("group_permission")." AS p WHERE p.gperm_itemid = f.id_form AND p.gperm_name = 'view_form' AND p.gperm_groupid = 1)";
+				$viewFormAssigned = false;
+				if($res = $xoopsDB->query($sql)) {
+					$viewFormAssigned = true;
+					$formulizeModId = getFormulizeModId();
+					while($row = $xoopsDB->fetchRow($res)) {
+						$formId = intval($row[0]);
+						$sql = "INSERT INTO ".$xoopsDB->prefix("group_permission")." (`gperm_itemid`, `gperm_groupid`, `gperm_name`, `gperm_modid`) VALUES ($formId, 1, 'view_form', $formulizeModId)";
+						if($xoopsDB->queryF($sql) == false) {
+							$viewFormAssigned = false;
+						}
+					}
+				}
+				if(!$viewFormAssigned) {
+						print "Error: could assign 'View Form' permission for Webmasters to all forms.<br>".$xoopsDB->error()."<br>Assign this permission manually for Webmasters to all forms, or please contact <a href=mailto:[email protected]>[email protected]</a> for assistance.";
+				}
+
 				// add opening <?php tags to code snippets that don't have them... only if we haven't yet moved custom_code to a renamed code folder!
 				// 1. derived value formulas $ele_value[0]
 				// 2. Textbox $ele_value[2] if they contain $default

diff --git a/modules/formulize/admin/save/form_permissions_save.php b/modules/formulize/admin/save/form_permissions_save.php
@@ -106,9 +106,9 @@
     // collect the list of enabled permissions submitted through the form
     $enabled_permissions = array();
     foreach(formulizePermHandler::getPermissionList() as $permission_name) {
-        if ($_POST[$form_id."_".$group_id."_".$permission_name]) {
+        if ($_POST[$form_id."_".$group_id."_".$permission_name] OR ($permission_name == 'view_form' AND $group_id == 1)) { // always enable view_form for webmasters!
             $enabled_permissions[] = "($group_id, $form_id, $formulize_module_id, '$permission_name')";
-  }
+  			}
   }
 
     // enable only the selected permissions

diff --git a/modules/formulize/admin/save/form_settings_save.php b/modules/formulize/admin/save/form_settings_save.php
@@ -128,13 +128,14 @@
   if(!$form_handler->insert($formObject)) {
     print "Error: could not update form object with default screen ids: ".$xoopsDB->error();
   }
-  // add edit permissions for the selected groups
+  // add edit permissions for the selected groups, and view_form for Webmasters
   $gperm_handler = xoops_gethandler('groupperm');
   $selectedAdminGroupIdsForMenu = array();
   foreach($_POST['groups_can_edit'] as $thisGroupId) {
     $selectedAdminGroupIdsForMenu[] = intval($thisGroupId);
     $gperm_handler->addRight('edit_form', $fid, intval($thisGroupId), getFormulizeModId());
   }
+	$gperm_handler->addRight('view_form', $fid, XOOPS_GROUP_ADMIN, getFormulizeModId());
 
 } else if( $old_form_handle && $formObject->getVar( "form_handle" ) != $old_form_handle ) {
   //print "rename from $old_form_handle to " . $formObject->getVar( "form_handle" );

diff --git a/modules/formulize/include/extract.php b/modules/formulize/include/extract.php
@@ -1172,7 +1172,7 @@ function processGetDataResults($resultData) {
                     $curFormId = $curFormAlias == 'main' ? $fid : $linkformids[substr($curFormAlias, 1)]; // the table aliases are based on the keys of the linked forms in the linkformids array, so if we get the number out of the table alias, that key will give us the form id of the linked form as stored in the linkformids array
                     if(strstr($field, 'entry_id')) {
                         $entryIdIndex[$curFormAlias] = $value;
-												if($curFormAlias == 'main') {
+												if($curFormAlias == 'main' AND !in_array($value, $totalMainFormEntryIdIndex)) {
 													$totalMainFormEntryIdIndex[] = $value;
 												}
                     }

diff --git a/modules/formulize/include/functions.php b/modules/formulize/include/functions.php
@@ -505,7 +505,7 @@ function getFormulizeModId() {
         $res4 = $xoopsDB->query("SELECT mid FROM ".$xoopsDB->prefix("modules")." WHERE dirname='formulize'");
         if ($res4) {
             while ($row = $xoopsDB->fetchRow($res4))
-                $mid = $row[0];
+                $mid = intval($row[0]);
         }
     }
     return $mid;