/**
* Generate a SQL statement to set the perm limits
* @return string Returns the piece of the SQL statement.
* If an error occurs it returns an empty string.
*/
protected function _getSqlPerms()
{
static $sql_perms = '';
//perms are allready generated, return the string
if ($sql_perms != '') {
return $sql_perms;
}
//init perms with nothing
$sql_perms = ' ';
//Check if permcheck is enabled
if (!$this->colcfg['perm_check_active']) {
return $sql_perms;
}
//TODO make it for other clients/langs work
if (TRUE) {
$perm = $this->cfg->perm();
} else {
//TODO $client, $lang
$perm = new cms_perms($client, $lang, TRUE, $this->cfg->perm()->get_group());
}
//admin has all perms, no more actions are needed
if ($perm->is_admin()) {
return $sql_perms;
}
$fielditem = $this->colcfg['perm_dbfield_id'];
$fieldparent = $this->colcfg['perm_dbfield_parent'] != '' ? $this->colcfg['perm_dbfield_parent'] : NULL;
$tablename = $this->tables[0];
$clientlang = $this->_getSqlClientLang($this->colcfg['client'], $this->colcfg['lang'], array('client' => 'idclient', 'lang' => 'idlang'));
$timestamp = $this->_getSqlTimestamp('created', $this->colcfg['timestamp_from'], $this->colcfg['timestamp_to']);
$freefilter = $this->_getSqlFreefilter($this->colcfg['freefilter']);
$search = $this->_getSqlSearch($this->colcfg['searchterm'], $this->colcfg['fulltextsearchfileds']);
$item = sf_api($this->colcfg['model_path'], $this->colcfg['model']);
$idfield = $item->mapFieldToRow('id', $this->tables[0]);
$sql = $this->_getPermcheckSql($fielditem, $fieldparent, $tablename, $clientlang, $timestamp, $freefilter, $search);
if ($sql === FALSE) {
return $sql_perms;
}
$rs = $this->db->Execute($sql);
if ($rs === FALSE || $rs->EOF) {
return $sql_perms;
}
$positives = array();
$negatives = array();
//perms with dependancy
if ($this->colcfg['perm_dbfield_parent'] != NULL) {
while (!$rs->EOF) {
if ($perm->have_perm($this->colcfg['perm_nr'], $this->colcfg['perm_type'], $rs->fields['iditem'], $rs->fields['idparent'])) {
array_push($positives, $rs->fields['iditem']);
} else {
array_push($negatives, $rs->fields['iditem']);
}
$rs->MoveNext();
}
} else {
while (!$rs->EOF) {
if ($perm->have_perm($this->colcfg['perm_nr'], $this->colcfg['perm_type'], $rs->fields['iditem'])) {
array_push($positives, $rs->fields['iditem']);
} else {
array_push($negatives, $rs->fields['iditem']);
}
$rs->MoveNext();
}
}
$rs->Close();
$count_pos = count($positives);
$count_neg = count($negatives);
if ($count_pos == 0 && $count_neg == 0) {
return $sql_perms;
} else {
if ($count_pos < $count_neg && $count_pos > 0) {
$sql_perms = 'AND ' . $this->colcfg['perm_dbfield_id'] . ' IN (' . implode(',', $positives) . ') ';
} else {
if ($count_neg > 0) {
$sql_perms = 'AND ' . $this->colcfg['perm_dbfield_id'] . ' NOT IN (' . implode(',', $negatives) . ') ';
}
}
}
return $sql_perms;
}
