public static function get_companys_access_restrictions()
{
if (self::$get_companys_access_restrictions_cache !== false) {
return self::$get_companys_access_restrictions_cache;
}
$where = 'WHERE 1';
$sql = "SELECT c.company_id ";
$from = " FROM `" . _DB_PREFIX . "company` c ";
$company_access = self::get_company_data_access();
switch ($company_access) {
case _COMPANY_ACCESS_ALL:
break;
case _COMPANY_ACCESS_ASSIGNED:
// we only want companies that are directly linked with the currently logged in user contact (from the staff user account settings area)
$sql .= ", cur.user_id AS user_assigned ";
$from .= " LEFT JOIN `" . _DB_PREFIX . "company_user_rel` cur ON c.company_id = cur.company_id ";
//$where .= " AND (cur.user_id = ".(int)module_security::get_loggedin_id().")";
break;
case _COMPANY_ACCESS_CONTACT:
// only parent company of current user account contact
$sql .= ", u.user_id AS user_id1, uv.user_id AS user_id2 ";
$from .= " LEFT JOIN `" . _DB_PREFIX . "company_customer` cc ON c.company_id = cc.company_id ";
$from .= " LEFT JOIN `" . _DB_PREFIX . "user` u ON cc.customer_id = u.customer_id ";
$from .= " LEFT JOIN `" . _DB_PREFIX . "company_vendor` cv ON c.company_id = cv.company_id ";
$from .= " LEFT JOIN `" . _DB_PREFIX . "user` uv ON cv.vendor_id = uv.vendor_id ";
//$where .= " AND (u.user_id = ".(int)module_security::get_loggedin_id()." OR uv.user_id = ".(int)module_security::get_loggedin_id().")";
break;
}
$sql .= $from;
$sql .= $where;
//$sql .= " GROUP BY c.company_id ";
$res = qa($sql);
self::$get_companys_access_restrictions_cache = array();
switch ($company_access) {
case _COMPANY_ACCESS_ALL:
break;
case _COMPANY_ACCESS_ASSIGNED:
// we only want companies that are directly linked with the currently logged in user contact (from the staff user account settings area)
//$where .= " AND (cur.user_id = ".(int)module_security::get_loggedin_id().")";
foreach ($res as $r) {
if ((int) $r['user_assigned'] > 0 && $r['user_assigned'] == module_security::get_loggedin_id()) {
// this is an assigned user! add this company to the list.
self::$get_companys_access_restrictions_cache[$r['company_id']] = $r['company_id'];
}
}
break;
case _COMPANY_ACCESS_CONTACT:
foreach ($res as $r) {
if ((int) $r['user_id1'] > 0 && $r['user_id1'] == module_security::get_loggedin_id()) {
// this is an assigned user! add this company to the list.
self::$get_companys_access_restrictions_cache[$r['company_id']] = $r['company_id'];
} else {
if ((int) $r['user_id2'] > 0 && $r['user_id2'] == module_security::get_loggedin_id()) {
// this is an assigned user! add this company to the list.
self::$get_companys_access_restrictions_cache[$r['company_id']] = $r['company_id'];
}
}
}
break;
}
if (!count(self::$get_companys_access_restrictions_cache) && count($res)) {
// we dont have access to any copmpanies, use the special -1 case so SQl works correctly.
self::$get_companys_access_restrictions_cache[-1] = -1;
}
return self::$get_companys_access_restrictions_cache;
}
