/**
* Joins the query to a permission junction table and limits the results accordingly.
*
* @param Gdn_SQLDriver $SQL The SQL driver to add the permission to.
* @param mixed $Permissions The permission name (or array of names) to use when limiting the query.
* @param string $ForeignAlias The alias of the table to join to (ie. Category).
* @param string $ForeignColumn The primary key column name of $JunctionTable (ie. CategoryID).
* @param string $JunctionTable
* @param string $JunctionColumn
*/
public function SQLPermission($SQL, $Permissions, $ForeignAlias, $ForeignColumn, $JunctionTable = '', $JunctionColumn = '')
{
$Session = Gdn::Session();
// Figure out the junction table if necessary.
if (!$JunctionTable && StringEndsWith($ForeignColumn, 'ID')) {
$JunctionTable = substr($ForeignColumn, 0, -2);
}
// Check to see if the permission is disabled.
if (C('Garden.Permission.Disabled.' . $JunctionTable)) {
if (!$Session->CheckPermission($Permissions)) {
$SQL->Where('1', '0', FALSE, FALSE);
}
} elseif ($Session->UserID <= 0 || is_object($Session->User) && $Session->User->Admin != '1') {
$SQL->Distinct()->Join('Permission _p', '_p.JunctionID = ' . $ForeignAlias . '.' . $ForeignColumn, 'inner')->Join('UserRole _ur', '_p.RoleID = _ur.RoleID', 'inner')->BeginWhereGroup()->Where('_ur.UserID', $Session->UserID);
if (!is_array($Permissions)) {
$Permissions = array($Permissions);
}
$SQL->BeginWhereGroup();
foreach ($Permissions as $Permission) {
$SQL->Where('_p.`' . $Permission . '`', 1);
}
$SQL->EndWhereGroup();
} else {
// Force this method to play nice in case it is used in an or clause
// (ie. it returns true in a sql sense by doing 1 = 1)
$SQL->Where('1', '1', FALSE, FALSE);
}
return $SQL;
}
/**
* Joins the query to a permission junction table and limits the results
* accordingly.
*
* @param Gdn_SQLDriver $SQL The SQL driver to add the permission to
* @param string $JunctionTable The table to join to (ie. Category)
* @param string $JunctionColumn The primary key column name of $JunctionTable (ie. CategoryID).
* @param mixed $Permission The permission name (or array of names) to use when limiting the query.
*/
public function SQLPermission($SQL, $JunctionTableAlias, $JunctionColumn, $Permissions)
{
$Session = Gdn::Session();
if ($Session->UserID <= 0 || is_object($Session->User) && $Session->User->Admin != '1') {
$SQL->Distinct()->Join('Permission _p', '_p.JunctionID = ' . $JunctionTableAlias . '.' . $JunctionColumn, 'inner')->Join('UserRole _ur', '_p.RoleID = _ur.RoleID', 'inner')->BeginWhereGroup()->Where('_ur.UserID', $Session->UserID);
if (!is_array($Permissions)) {
$Permissions = array($Permissions);
}
$SQL->BeginWhereGroup();
foreach ($Permissions as $Permission) {
$SQL->Where('_p.`' . $Permission . '`', 1);
}
$SQL->EndWhereGroup();
} else {
// Force this method to play nice in case it is used in an or clause
// (ie. it returns true in a sql sense by doing 1 = 1)
$SQL->Where('1', '1', FALSE, FALSE);
}
return $SQL;
}
