public function Index($pa_options = null) { $po_search = isset($pa_options['search']) && $pa_options['search'] ? $pa_options['search'] : null; parent::Index($pa_options); AssetLoadManager::register('browsable'); // need this to support browse panel when filtering/refining search results // Get elements of result context $vn_page_num = $this->opo_result_context->getCurrentResultsPageNumber(); //$vs_search = $this->opo_result_context->getSearchExpression(); if (!($vn_items_per_page = $this->opo_result_context->getItemsPerPage())) { $vn_items_per_page = $this->opa_items_per_page[0]; } if (!($vs_view = $this->opo_result_context->getCurrentView())) { $va_tmp = array_keys($this->opa_views); $vs_view = array_shift($va_tmp); } if (!($vs_sort = $this->opo_result_context->getCurrentSort())) { $va_tmp = array_keys($this->opa_sorts); $vs_sort = array_shift($va_tmp); } $vs_sort_direction = $this->opo_result_context->getCurrentSortDirection(); $vb_sort_has_changed = $this->opo_result_context->sortHasChanged(); if (!$this->opn_type_restriction_id) { $this->opn_type_restriction_id = ''; } $this->view->setVar('type_id', $this->opn_type_restriction_id); MetaTagManager::setWindowTitle(_t('%1 advanced search', $this->searchName('plural'))); $t_form = new ca_search_forms(); if (!((($vn_form_id = isset($pa_options['form_id']) ? $pa_options['form_id'] : null) || ($vn_form_id = $this->opo_result_context->getParameter('form_id'))) && $t_form->load($vn_form_id) && $t_form->get('table_num') == $this->opo_datamodel->getTableNum($this->ops_tablename))) { if (sizeof($va_forms = $t_form->getForms(array('table' => $this->ops_tablename, 'user_id' => $this->request->getUserID(), 'access' => __CA_SEARCH_FORM_READ_ACCESS__)))) { $va_tmp = array_keys($va_forms); $vn_form_id = array_shift($va_tmp); if (!$t_form->load($vn_form_id)) { $vn_form_id = null; } } } $vs_append_to_search = ''; if ($pa_options['appendToSearch']) { $vs_append_to_search = " AND (" . $pa_options['appendToSearch'] . ")"; } // // Execute the search // if (isset($pa_options['saved_search']) && $pa_options['saved_search']) { // Is this a saved search? If so, reused the canned params $va_form_data = $pa_options['saved_search']; foreach ($pa_options['saved_search'] as $vs_fld => $vs_val) { $vs_proc_fld = str_replace(".", "_", $vs_fld); $va_proc_form_data[$vs_proc_fld] = $vs_val; } $vs_search = $t_form->getLuceneQueryStringForHTMLFormInput($va_proc_form_data); $vb_is_new_search = true; } else { if (!($vs_search = $t_form->getLuceneQueryStringForHTMLFormInput($_REQUEST))) { // try to get search off of request $vs_search = $this->opo_result_context->getSearchExpression(); // get the search out of the result context $va_form_data = $this->opo_result_context->getParameter('form_data'); $vb_is_new_search = !$this->opo_result_context->cacheIsValid(); } else { $va_form_data = $t_form->extractFormValuesFromArray($_REQUEST); // ah ok, its an incoming request, so get the form values out for interpretation/processing/whatever $vb_is_new_search = true; } } if ($this->request->getParameter('reset', pString) == 'clear') { $vs_search = ''; $vb_is_new_search = true; } $va_access_values = caGetUserAccessValues($this->request); if ($vs_search && $vs_search != "") { /* any request? */ $va_search_opts = array('sort' => $vs_sort, 'sort_direction' => $vs_sort_direction, 'appendToSearch' => $vs_append_to_search, 'getCountsByField' => 'type_id', 'checkAccess' => $va_access_values, 'no_cache' => $vb_is_new_search); if ($vb_is_new_search || isset($pa_options['saved_search']) || is_subclass_of($po_search, "BrowseEngine") && !$po_search->numCriteria()) { $vs_browse_classname = get_class($po_search); $this->opo_browse = $po_search = new $vs_browse_classname(); $po_search->addCriteria('_search', $vs_search); } if ($this->opn_type_restriction_id) { $po_search->setTypeRestrictions(array($this->opn_type_restriction_id)); } $vb_criteria_have_changed = false; if (is_subclass_of($po_search, "BrowseEngine")) { $vb_criteria_have_changed = $po_search->criteriaHaveChanged(); $po_search->execute($va_search_opts); $this->opo_result_context->setParameter('browse_id', $po_search->getBrowseID()); $vo_result = $po_search->getResults($va_search_opts); } else { $vo_result = $po_search->search($vs_search, $va_search_opts); } $this->opo_result_context->validateCache(); // Only prefetch what we need $vo_result->setOption('prefetch', $vn_items_per_page); $this->opo_result_context->setParameter('form_data', $va_form_data); $this->opo_result_context->setSearchExpression($vs_search); if ($vb_is_new_search || $vb_criteria_have_changed || $vb_sort_has_changed) { $this->opo_result_context->setResultList($vo_result->getPrimaryKeyValues()); if ($this->opo_result_context->searchExpressionHasChanged()) { $vn_page_num = 1; } } $vo_result->seek(($vn_page_num - 1) * $vn_items_per_page); $this->view->setVar('num_hits', $vo_result->numHits()); $this->view->setVar('num_pages', $vn_num_pages = ceil($vo_result->numHits() / $vn_items_per_page)); if ($vn_page_num > $vn_num_pages) { $vn_page_num = 1; } $this->view->setVar('page', $vn_page_num); $this->view->setVar('search', $vs_search); $this->view->setVar('result', $vo_result); } // // Set up view for display of results // $t_model = $this->opo_datamodel->getTableInstance($this->ops_tablename); $this->view->setVar('views', $this->opa_views); // pass view list to view for rendering $this->view->setVar('current_view', $vs_view); $this->view->setVar('sorts', $this->opa_sorts); // pass sort list to view for rendering $this->view->setVar('current_sort', $vs_sort); $this->view->setVar('current_sort_direction', $vs_sort_direction); $this->view->setVar('current_items_per_page', $vn_items_per_page); $this->view->setVar('items_per_page', $this->opa_items_per_page); $this->view->setVar('t_subject', $t_model); $this->view->setVar('mode_name', _t('search')); $this->view->setVar('mode', 'search'); $this->view->setVar('mode_type_singular', $this->searchName('singular')); $this->view->setVar('mode_type_plural', $this->searchName('plural')); $this->view->setVar('search_history', $this->opo_result_context->getSearchHistory()); $this->view->setVar('result_context', $this->opo_result_context); $this->view->setVar('browse', $po_search); switch ($pa_options['output_format']) { # ------------------------------------ case 'LABELS': $this->_genLabels($vo_result, $this->request->getParameter("label_form", pString), $vs_search, $vs_search); break; # ------------------------------------ # ------------------------------------ case 'PDF': $this->_genPDF($vo_result, $this->request->getParameter("label_form", pString), $vs_search); break; # ------------------------------------ # ------------------------------------ case 'EXPORT': $this->_genExport($vo_result, $this->request->getParameter("export_format", pString), $vs_search, $vs_search); break; # ------------------------------------ # ------------------------------------ case 'HTML': default: // generate type menu and type value list if (method_exists($t_model, "getTypeList")) { $this->view->setVar('type_list', $t_model->getTypeList()); } // Call advanced search form generator directly to set view vars in the current view // This lets our view in this action render Search/search_advanced_form_html.php directly // to avoid the annoying flicker that occurs if we load the initial search form via AJAX $this->getAdvancedSearchForm(false); $this->opo_result_context->setAsLastFind(); $this->opo_result_context->saveContext(); $this->view->setVar('t_form', $t_form); $this->view->setVar('form_id', $vn_form_id); $this->render('Search/' . $this->ops_tablename . '_search_advanced_html.php'); break; # ------------------------------------ } }
/** * Determines if user has access to a form at a specified access level. * * @param int $pn_user_id user_id of user to check form access for * @param int $pn_access type of access required. Use __CA_SEARCH_FORM_READ_ACCESS__ for read-only access or __CA_SEARCH_FORM_EDIT_ACCESS__ for editing (full) access * @param int $pn_form_id The id of the form to check. If omitted then currently loaded form will be checked. * @return bool True if user has access, false if not */ public function haveAccessToForm($pn_user_id, $pn_access, $pn_form_id = null) { if ($pn_form_id) { $vn_form_id = $pn_form_id; $t_form = new ca_search_forms($vn_form_id); $vn_form_user_id = $t_form->get('user_id'); } else { $vn_form_user_id = $this->get('user_id'); $t_form = $this; } if (!$vn_form_id && !($vn_form_id = $t_form->getPrimaryKey())) { return true; // new form } if (isset(ca_search_forms::$s_have_access_to_form_cache[$vn_form_id . '/' . $pn_user_id . '/' . $pn_access])) { return ca_search_forms::$s_have_access_to_form_cache[$vn_form_id . '/' . $pn_user_id . '/' . $pn_access]; } if ($vn_form_user_id == $pn_user_id) { // owners have all access return ca_search_forms::$s_have_access_to_form_cache[$vn_form_id . '/' . $pn_user_id . '/' . $pn_access] = true; } if ((bool) $t_form->get('is_system') && $pn_access == __CA_SEARCH_FORM_READ_ACCESS__) { // system forms are readable by all return ca_search_forms::$s_have_access_to_form_cache[$vn_form_id . '/' . $pn_user_id . '/' . $pn_access] = true; } $o_db = $this->getDb(); $qr_res = $o_db->query("\n\t\t\tSELECT fxg.form_id \n\t\t\tFROM ca_search_forms_x_user_groups fxg \n\t\t\tINNER JOIN ca_user_groups AS ug ON fxg.group_id = ug.group_id\n\t\t\tINNER JOIN ca_users_x_groups AS uxg ON uxg.group_id = ug.group_id\n\t\t\tWHERE \n\t\t\t\t(fxg.access >= ?) AND (uxg.user_id = ?) AND (fxg.form_id = ?)\n\t\t", (int) $pn_access, (int) $pn_user_id, (int) $vn_form_id); if ($qr_res->numRows() > 0) { return ca_search_forms::$s_have_access_to_form_cache[$vn_form_id . '/' . $pn_user_id . '/' . $pn_access] = true; } $qr_res = $o_db->query("\n\t\t\tSELECT fxu.form_id \n\t\t\tFROM ca_search_forms_x_users fxu \n\t\t\tINNER JOIN ca_users AS u ON fxu.user_id = u.user_id\n\t\t\tWHERE \n\t\t\t\t(fxu.access >= ?) AND (u.user_id = ?) AND (fxu.form_id = ?)\n\t\t", (int) $pn_access, (int) $pn_user_id, (int) $vn_form_id); if ($qr_res->numRows() > 0) { return ca_search_forms::$s_have_access_to_form_cache[$vn_form_id . '/' . $pn_user_id . '/' . $pn_access] = true; } return ca_search_forms::$s_have_access_to_form_cache[$vn_form_id . '/' . $pn_user_id . '/' . $pn_access] = false; }