/**
* Apply authz rules for who may manage.
*
* @param AIR2_Query $q
* @param User $u
* @param string $alias (optional)
*/
public static function query_may_manage(AIR2_Query $q, User $u, $alias = null)
{
if ($u->is_system()) {
return;
}
$a = $alias ? "{$alias}." : "";
$user_id = $u->user_id;
$prjq = $q->createSubquery();
$prjq->select('prj.prj_id');
$prjq->from('Project prj');
Project::query_may_manage($prjq, $u);
$q->addWhere("{$a}prjan_prj_id IN (" . $prjq->getDql() . ")");
$q->addWhere("{$a}prjan_cre_user = ?", $u->user_id);
}
