/**
* Generic Function to add default where to a request
*
* @param $itemtype device type
*
* @return select string
**/
static function addDefaultWhere($itemtype)
{
global $CFG_GLPI;
switch ($itemtype) {
case 'Reminder':
return Reminder::addVisibilityRestrict();
case 'RSSFeed':
return RSSFeed::addVisibilityRestrict();
case 'Notification':
if (!Config::canView()) {
return " `glpi_notifications`.`itemtype` NOT IN ('Crontask', 'DBConnection') ";
}
break;
// No link
// No link
case 'User':
// View all entities
if (Session::isViewAllEntities()) {
return "";
}
return getEntitiesRestrictRequest("", "glpi_profiles_users");
case 'ProjectTask':
$condition = '';
$teamtable = 'glpi_projecttaskteams';
$condition .= "((`{$teamtable}`.`itemtype` = 'User'\n AND `{$teamtable}`.`items_id` = '" . Session::getLoginUserID() . "')";
if (count($_SESSION['glpigroups'])) {
$condition .= " OR (`{$teamtable}`.`itemtype` = 'Group'\n AND `{$teamtable}`.`items_id`\n IN (" . implode(",", $_SESSION['glpigroups']) . "))";
}
$condition .= ") ";
return $condition;
case 'Project':
$condition = '';
if (!Session::haveRight("project", Project::READALL)) {
$teamtable = 'glpi_projectteams';
$condition .= "(`glpi_projects`.users_id = '" . Session::getLoginUserID() . "'\n OR (`{$teamtable}`.`itemtype` = 'User'\n AND `{$teamtable}`.`items_id` = '" . Session::getLoginUserID() . "')";
if (count($_SESSION['glpigroups'])) {
$condition .= " OR (`glpi_projects`.`groups_id`\n IN (" . implode(",", $_SESSION['glpigroups']) . "))";
$condition .= " OR (`{$teamtable}`.`itemtype` = 'Group'\n AND `{$teamtable}`.`items_id`\n IN (" . implode(",", $_SESSION['glpigroups']) . "))";
}
$condition .= ") ";
}
return $condition;
case 'Ticket':
// Same structure in addDefaultJoin
$condition = '';
if (!Session::haveRight("ticket", Ticket::READALL)) {
$searchopt =& self::getOptions($itemtype);
$requester_table = '`glpi_tickets_users_' . self::computeComplexJoinID($searchopt[4]['joinparams']['beforejoin']['joinparams']) . '`';
$requestergroup_table = '`glpi_groups_tickets_' . self::computeComplexJoinID($searchopt[71]['joinparams']['beforejoin']['joinparams']) . '`';
$assign_table = '`glpi_tickets_users_' . self::computeComplexJoinID($searchopt[5]['joinparams']['beforejoin']['joinparams']) . '`';
$assigngroup_table = '`glpi_groups_tickets_' . self::computeComplexJoinID($searchopt[8]['joinparams']['beforejoin']['joinparams']) . '`';
$observer_table = '`glpi_tickets_users_' . self::computeComplexJoinID($searchopt[66]['joinparams']['beforejoin']['joinparams']) . '`';
$observergroup_table = '`glpi_groups_tickets_' . self::computeComplexJoinID($searchopt[65]['joinparams']['beforejoin']['joinparams']) . '`';
$condition = "(";
if (Session::haveRight("ticket", Ticket::READMY)) {
$condition .= " {$requester_table}.users_id = '" . Session::getLoginUserID() . "'\n OR {$observer_table}.users_id = '" . Session::getLoginUserID() . "'\n OR `glpi_tickets`.`users_id_recipient` = '" . Session::getLoginUserID() . "'";
} else {
$condition .= "0=1";
}
if (Session::haveRight("ticket", Ticket::READGROUP)) {
if (count($_SESSION['glpigroups'])) {
$condition .= " OR {$requestergroup_table}.`groups_id`\n IN (" . implode(",", $_SESSION['glpigroups']) . ")";
$condition .= " OR {$observergroup_table}.`groups_id`\n IN (" . implode(",", $_SESSION['glpigroups']) . ")";
}
}
if (Session::haveRight("ticket", Ticket::OWN)) {
// Can own ticket : show assign to me
$condition .= " OR {$assign_table}.users_id = '" . Session::getLoginUserID() . "' ";
}
if (Session::haveRight("ticket", Ticket::READASSIGN)) {
// assign to me
$condition .= " OR {$assign_table}.`users_id` = '" . Session::getLoginUserID() . "'";
if (count($_SESSION['glpigroups'])) {
$condition .= " OR {$assigngroup_table}.`groups_id`\n IN (" . implode(",", $_SESSION['glpigroups']) . ")";
}
if (Session::haveRight('ticket', Ticket::ASSIGN)) {
$condition .= " OR `glpi_tickets`.`status`='" . CommonITILObject::INCOMING . "'";
}
}
if (Session::haveRightsOr('ticketvalidation', array(TicketValidation::VALIDATEINCIDENT, TicketValidation::VALIDATEREQUEST))) {
$condition .= " OR `glpi_ticketvalidations`.`users_id_validate`\n = '" . Session::getLoginUserID() . "'";
}
$condition .= ") ";
}
return $condition;
case 'Change':
case 'Problem':
if ($itemtype == 'Change') {
$right = 'change';
$table = 'changes';
$groupetable = "`glpi_changes_groups_";
} else {
if ($itemtype == 'Problem') {
$right = 'problem';
$table = 'problems';
$groupetable = "`glpi_groups_problems";
}
}
// Same structure in addDefaultJoin
$condition = '';
if (!Session::haveRight("{$right}", $itemtype::READALL)) {
$searchopt =& self::getOptions($itemtype);
if (Session::haveRight("{$right}", $itemtype::READMY)) {
$requester_table = '`glpi_' . $table . '_users_' . self::computeComplexJoinID($searchopt[4]['joinparams']['beforejoin']['joinparams']) . '`';
$requestergroup_table = $groupetable . self::computeComplexJoinID($searchopt[71]['joinparams']['beforejoin']['joinparams']) . '`';
$observer_table = '`glpi_' . $table . '_users_' . self::computeComplexJoinID($searchopt[66]['joinparams']['beforejoin']['joinparams']) . '`';
$observergroup_table = $groupetable . self::computeComplexJoinID($searchopt[65]['joinparams']['beforejoin']['joinparams']) . '`';
$assign_table = '`glpi_' . $table . '_users_' . self::computeComplexJoinID($searchopt[5]['joinparams']['beforejoin']['joinparams']) . '`';
$assigngroup_table = $groupetable . self::computeComplexJoinID($searchopt[8]['joinparams']['beforejoin']['joinparams']) . '`';
}
$condition = "(";
if (Session::haveRight("{$right}", $itemtype::READMY)) {
$condition .= " {$requester_table}.users_id = '" . Session::getLoginUserID() . "'\n OR {$observer_table}.users_id = '" . Session::getLoginUserID() . "'\n OR `glpi_" . $table . "`.`users_id_recipient` = '" . Session::getLoginUserID() . "'";
} else {
$condition .= "0=1";
}
$condition .= ") ";
}
return $condition;
default:
// Plugin can override core definition for its type
if ($plug = isPluginItemType($itemtype)) {
$function = 'plugin_' . $plug['plugin'] . '_addDefaultWhere';
if (function_exists($function)) {
$out = $function($itemtype);
if (!empty($out)) {
return $out;
}
}
}
return "";
}
}
/**
* Generic Function to add default where to a request
*
* @param $itemtype device type
*
* @return select string
**/
static function addDefaultWhere($itemtype)
{
global $CFG_GLPI;
switch ($itemtype) {
case 'Reminder':
return Reminder::addVisibilityRestrict();
case 'RSSFeed':
return RSSFeed::addVisibilityRestrict();
case 'Notification':
if (!Session::haveRight('config', CREATE)) {
return " `glpi_notifications`.`itemtype` NOT IN ('Crontask', 'DBConnection') ";
}
break;
// No link
// No link
case 'User':
// View all entities
if (Session::isViewAllEntities()) {
return "";
}
return getEntitiesRestrictRequest("", "glpi_profiles_users");
case 'Ticket':
// Same structure in addDefaultJoin
$condition = '';
// if (!Session::haveRight("show_all_ticket","1")) {
if (!Session::haveRight("ticket", Ticket::READALL)) {
$searchopt =& self::getOptions($itemtype);
$requester_table = '`glpi_tickets_users_' . self::computeComplexJoinID($searchopt[4]['joinparams']['beforejoin']['joinparams']) . '`';
$requestergroup_table = '`glpi_groups_tickets_' . self::computeComplexJoinID($searchopt[71]['joinparams']['beforejoin']['joinparams']) . '`';
$assign_table = '`glpi_tickets_users_' . self::computeComplexJoinID($searchopt[5]['joinparams']['beforejoin']['joinparams']) . '`';
$assigngroup_table = '`glpi_groups_tickets_' . self::computeComplexJoinID($searchopt[8]['joinparams']['beforejoin']['joinparams']) . '`';
$observer_table = '`glpi_tickets_users_' . self::computeComplexJoinID($searchopt[66]['joinparams']['beforejoin']['joinparams']) . '`';
$observergroup_table = '`glpi_groups_tickets_' . self::computeComplexJoinID($searchopt[65]['joinparams']['beforejoin']['joinparams']) . '`';
$condition = "(";
$condition .= " {$requester_table}.users_id = '" . Session::getLoginUserID() . "'\n OR {$observer_table}.users_id = '" . Session::getLoginUserID() . "'\n OR `glpi_tickets`.`users_id_recipient` = '" . Session::getLoginUserID() . "' ";
if (Session::haveRight("show_group_ticket", 1)) {
if (count($_SESSION['glpigroups'])) {
$condition .= " OR {$requestergroup_table}.`groups_id`\n IN ('" . implode("','", $_SESSION['glpigroups']) . "')";
$condition .= " OR {$observergroup_table}.`groups_id`\n IN ('" . implode("','", $_SESSION['glpigroups']) . "')";
}
}
if (Session::haveRight("own_ticket", "1")) {
// Can own ticket : show assign to me
$condition .= " OR {$assign_table}.users_id = '" . Session::getLoginUserID() . "' ";
}
if (Session::haveRight("show_assign_ticket", "1")) {
// show mine + assign to me
$condition .= " OR {$assign_table}.`users_id` = '" . Session::getLoginUserID() . "'";
if (count($_SESSION['glpigroups'])) {
$condition .= " OR {$assigngroup_table}.`groups_id`\n IN ('" . implode("','", $_SESSION['glpigroups']) . "')";
}
if (Session::haveRight('assign_ticket', 1)) {
$condition .= " OR `glpi_tickets`.`status`='" . CommonITILObject::INCOMING . "'";
}
}
if (Session::haveRight('validate_incident', 1) || Session::haveRight('validate_request', 1)) {
$condition .= " OR `glpi_ticketvalidations`.`users_id_validate`\n = '" . Session::getLoginUserID() . "'";
}
$condition .= ") ";
}
return $condition;
default:
// Plugin can override core definition for its type
if ($plug = isPluginItemType($itemtype)) {
$function = 'plugin_' . $plug['plugin'] . '_addDefaultWhere';
if (function_exists($function)) {
$out = $function($itemtype);
if (!empty($out)) {
return $out;
}
}
}
return "";
}
}
