public static function get_companys_access_restrictions() { if (self::$get_companys_access_restrictions_cache !== false) { return self::$get_companys_access_restrictions_cache; } $where = 'WHERE 1'; $sql = "SELECT c.company_id "; $from = " FROM `" . _DB_PREFIX . "company` c "; $company_access = self::get_company_data_access(); switch ($company_access) { case _COMPANY_ACCESS_ALL: break; case _COMPANY_ACCESS_ASSIGNED: // we only want companies that are directly linked with the currently logged in user contact (from the staff user account settings area) $sql .= ", cur.user_id AS user_assigned "; $from .= " LEFT JOIN `" . _DB_PREFIX . "company_user_rel` cur ON c.company_id = cur.company_id "; //$where .= " AND (cur.user_id = ".(int)module_security::get_loggedin_id().")"; break; case _COMPANY_ACCESS_CONTACT: // only parent company of current user account contact $sql .= ", u.user_id AS user_id1, uv.user_id AS user_id2 "; $from .= " LEFT JOIN `" . _DB_PREFIX . "company_customer` cc ON c.company_id = cc.company_id "; $from .= " LEFT JOIN `" . _DB_PREFIX . "user` u ON cc.customer_id = u.customer_id "; $from .= " LEFT JOIN `" . _DB_PREFIX . "company_vendor` cv ON c.company_id = cv.company_id "; $from .= " LEFT JOIN `" . _DB_PREFIX . "user` uv ON cv.vendor_id = uv.vendor_id "; //$where .= " AND (u.user_id = ".(int)module_security::get_loggedin_id()." OR uv.user_id = ".(int)module_security::get_loggedin_id().")"; break; } $sql .= $from; $sql .= $where; //$sql .= " GROUP BY c.company_id "; $res = qa($sql); self::$get_companys_access_restrictions_cache = array(); switch ($company_access) { case _COMPANY_ACCESS_ALL: break; case _COMPANY_ACCESS_ASSIGNED: // we only want companies that are directly linked with the currently logged in user contact (from the staff user account settings area) //$where .= " AND (cur.user_id = ".(int)module_security::get_loggedin_id().")"; foreach ($res as $r) { if ((int) $r['user_assigned'] > 0 && $r['user_assigned'] == module_security::get_loggedin_id()) { // this is an assigned user! add this company to the list. self::$get_companys_access_restrictions_cache[$r['company_id']] = $r['company_id']; } } break; case _COMPANY_ACCESS_CONTACT: foreach ($res as $r) { if ((int) $r['user_id1'] > 0 && $r['user_id1'] == module_security::get_loggedin_id()) { // this is an assigned user! add this company to the list. self::$get_companys_access_restrictions_cache[$r['company_id']] = $r['company_id']; } else { if ((int) $r['user_id2'] > 0 && $r['user_id2'] == module_security::get_loggedin_id()) { // this is an assigned user! add this company to the list. self::$get_companys_access_restrictions_cache[$r['company_id']] = $r['company_id']; } } } break; } if (!count(self::$get_companys_access_restrictions_cache) && count($res)) { // we dont have access to any copmpanies, use the special -1 case so SQl works correctly. self::$get_companys_access_restrictions_cache[-1] = -1; } return self::$get_companys_access_restrictions_cache; }