Return visibility joins to add to SQL
static public addVisibilityJoins ( $forceall = false ) : string | ||
$forceall | force all joins (false by default) | |
Результат | string | joins to add |
/** * Check is the curent user is allowed to see the file * * @param $options array of options (only 'tickets_id' used) * * @return boolean **/ function canViewFile($options) { global $DB, $CFG_GLPI; if (isset($_SESSION["glpiactiveprofile"]["interface"]) && $_SESSION["glpiactiveprofile"]["interface"] == "central") { // My doc Check and Common doc right access if ($this->can($this->fields["id"], READ) || $this->fields["users_id"] === Session::getLoginUserID()) { return true; } // Reminder Case $query = "SELECT *\n FROM `glpi_documents_items`\n LEFT JOIN `glpi_reminders`\n ON (`glpi_reminders`.`id` = `glpi_documents_items`.`items_id`\n AND `glpi_documents_items`.`itemtype` = 'Reminder')\n " . Reminder::addVisibilityJoins() . "\n WHERE `glpi_documents_items`.`documents_id` = '" . $this->fields["id"] . "'\n AND " . Reminder::addVisibilityRestrict(); $result = $DB->query($query); if ($DB->numrows($result) > 0) { return true; } // Knowbase Case if (Session::haveRight("knowbase", READ)) { $query = "SELECT *\n FROM `glpi_documents_items`\n LEFT JOIN `glpi_knowbaseitems`\n ON (`glpi_knowbaseitems`.`id` = `glpi_documents_items`.`items_id`\n AND `glpi_documents_items`.`itemtype` = 'KnowbaseItem')\n " . KnowbaseItem::addVisibilityJoins() . "\n WHERE `glpi_documents_items`.`documents_id` = '" . $this->fields["id"] . "'\n AND " . KnowbaseItem::addVisibilityRestrict(); $result = $DB->query($query); if ($DB->numrows($result) > 0) { return true; } } if (Session::haveRight('knowbase', KnowbaseItem::READFAQ)) { $query = "SELECT *\n FROM `glpi_documents_items`\n LEFT JOIN `glpi_knowbaseitems`\n ON (`glpi_knowbaseitems`.`id` = `glpi_documents_items`.`items_id`\n AND `glpi_documents_items`.`itemtype` = 'KnowbaseItem')\n " . KnowbaseItem::addVisibilityJoins() . "\n WHERE `glpi_documents_items`.`documents_id` = '" . $this->fields["id"] . "'\n AND `glpi_knowbaseitems`.`is_faq` = '1'\n AND " . KnowbaseItem::addVisibilityRestrict(); $result = $DB->query($query); if ($DB->numrows($result) > 0) { return true; } } // Tracking Case if (isset($options["tickets_id"])) { $job = new Ticket(); if ($job->can($options["tickets_id"], READ)) { $query = "SELECT *\n FROM `glpi_documents_items`\n WHERE `glpi_documents_items`.`items_id` = '" . $options["tickets_id"] . "'\n AND `glpi_documents_items`.`itemtype` = 'Ticket'\n AND `documents_id`='" . $this->fields["id"] . "'"; $result = $DB->query($query); if ($DB->numrows($result) > 0) { return true; } } } } else { if (Session::getLoginUserID()) { // ! central // Check if it is my doc if ($this->fields["users_id"] === Session::getLoginUserID()) { return true; } // Reminder Case $query = "SELECT *\n FROM `glpi_documents_items`\n LEFT JOIN `glpi_reminders`\n ON (`glpi_reminders`.`id` = `glpi_documents_items`.`items_id`\n AND `glpi_documents_items`.`itemtype` = 'Reminder')\n " . Reminder::addVisibilityJoins() . "\n WHERE `glpi_documents_items`.`documents_id` = '" . $this->fields["id"] . "'\n AND " . Reminder::addVisibilityRestrict(); $result = $DB->query($query); if ($DB->numrows($result) > 0) { return true; } if (Session::haveRight('knowbase', KnowbaseItem::READFAQ)) { // Check if it is a FAQ document $query = "SELECT *\n FROM `glpi_documents_items`\n LEFT JOIN `glpi_knowbaseitems`\n ON (`glpi_knowbaseitems`.`id` = `glpi_documents_items`.`items_id`)\n " . KnowbaseItem::addVisibilityJoins() . "\n WHERE `glpi_documents_items`.`itemtype` = 'KnowbaseItem'\n AND `glpi_documents_items`.`documents_id` = '" . $this->fields["id"] . "'\n AND `glpi_knowbaseitems`.`is_faq` = '1'\n AND " . KnowbaseItem::addVisibilityRestrict(); $result = $DB->query($query); if ($DB->numrows($result) > 0) { return true; } } // Tracking Case if (isset($options["tickets_id"])) { $job = new Ticket(); if ($job->can($options["tickets_id"], READ)) { $query = "SELECT *\n FROM `glpi_documents_items`\n WHERE `glpi_documents_items`.`items_id` = '" . $options["tickets_id"] . "'\n AND `glpi_documents_items`.`itemtype` = 'Ticket'\n AND `documents_id` = '" . $this->fields["id"] . "'"; $result = $DB->query($query); if ($DB->numrows($result) > 0) { return true; } } } } } // Public FAQ for not connected user if ($CFG_GLPI["use_public_faq"]) { $query = "SELECT *\n FROM `glpi_documents_items`\n LEFT JOIN `glpi_knowbaseitems`\n ON (`glpi_knowbaseitems`.`id` = `glpi_documents_items`.`items_id`)\n LEFT JOIN `glpi_entities_knowbaseitems`\n ON (`glpi_knowbaseitems`.`id` = `glpi_entities_knowbaseitems`.`knowbaseitems_id`)\n WHERE `glpi_documents_items`.`itemtype` = 'KnowbaseItem'\n AND `glpi_documents_items`.`documents_id` = '" . $this->fields["id"] . "'\n AND `glpi_knowbaseitems`.`is_faq` = '1'\n AND `glpi_entities_knowbaseitems`.`entities_id` = '0'\n AND `glpi_entities_knowbaseitems`.`is_recursive` = '1'"; $result = $DB->query($query); if ($DB->numrows($result) > 0) { return true; } } return false; }
/** * Generic Function to add Default left join to a request * * @param $itemtype reference ID * @param $ref_table reference table * @param &$already_link_tables array of tables already joined * * @return Left join string **/ static function addDefaultJoin($itemtype, $ref_table, array &$already_link_tables) { switch ($itemtype) { // No link case 'User': return self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_profiles_users", "profiles_users_id", 0, 0, array('jointype' => 'child')); case 'Reminder': return Reminder::addVisibilityJoins(); case 'RSSFeed': return RSSFeed::addVisibilityJoins(); case 'ProjectTask': // Same structure in addDefaultWhere $out = ''; $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_projecttaskteams", "projecttaskteams_id", 0, 0, array('jointype' => 'child')); return $out; case 'Project': // Same structure in addDefaultWhere $out = ''; if (!Session::haveRight("project", Project::READALL)) { $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_projectteams", "projectteams_id", 0, 0, array('jointype' => 'child')); } return $out; case 'Ticket': // Same structure in addDefaultWhere $out = ''; if (!Session::haveRight("ticket", Ticket::READALL)) { $searchopt =& self::getOptions($itemtype); // show mine : requester $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_tickets_users", "tickets_users_id", 0, 0, $searchopt[4]['joinparams']['beforejoin']['joinparams']); if (Session::haveRight("ticket", Ticket::READGROUP)) { if (count($_SESSION['glpigroups'])) { $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_groups_tickets", "groups_tickets_id", 0, 0, $searchopt[71]['joinparams']['beforejoin']['joinparams']); } } // show mine : observer $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_tickets_users", "tickets_users_id", 0, 0, $searchopt[66]['joinparams']['beforejoin']['joinparams']); if (count($_SESSION['glpigroups'])) { $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_groups_tickets", "groups_tickets_id", 0, 0, $searchopt[65]['joinparams']['beforejoin']['joinparams']); } if (Session::haveRight("ticket", Ticket::OWN)) { // Can own ticket : show assign to me $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_tickets_users", "tickets_users_id", 0, 0, $searchopt[5]['joinparams']['beforejoin']['joinparams']); } if (Session::haveRightsOr("ticket", array(Ticket::READMY, Ticket::READASSIGN))) { // show mine + assign to me $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_tickets_users", "tickets_users_id", 0, 0, $searchopt[5]['joinparams']['beforejoin']['joinparams']); if (count($_SESSION['glpigroups'])) { $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_groups_tickets", "groups_tickets_id", 0, 0, $searchopt[8]['joinparams']['beforejoin']['joinparams']); } } if (Session::haveRightsOr('ticketvalidation', array(TicketValidation::VALIDATEINCIDENT, TicketValidation::VALIDATEREQUEST))) { $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_ticketvalidations", "ticketvalidations_id", 0, 0, $searchopt[58]['joinparams']['beforejoin']['joinparams']); } } return $out; case 'Change': case 'Problem': if ($itemtype == 'Change') { $right = 'change'; $table = 'changes'; $groupetable = "glpi_changes_groups"; $linkfield = "changes_groups_id"; } else { if ($itemtype == 'Problem') { $right = 'problem'; $table = 'problems'; $groupetable = "glpi_groups_problems"; $linkfield = "groups_problems_id"; } } // Same structure in addDefaultWhere $out = ''; if (!Session::haveRight("{$right}", $itemtype::READALL)) { $searchopt =& self::getOptions($itemtype); if (Session::haveRight("{$right}", $itemtype::READMY)) { // show mine : requester $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_" . $table . "_users", $table . "_users_id", 0, 0, $searchopt[4]['joinparams']['beforejoin']['joinparams']); if (count($_SESSION['glpigroups'])) { $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, $groupetable, $linkfield, 0, 0, $searchopt[71]['joinparams']['beforejoin']['joinparams']); } // show mine : observer $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_" . $table . "_users", $table . "_users_id", 0, 0, $searchopt[66]['joinparams']['beforejoin']['joinparams']); if (count($_SESSION['glpigroups'])) { $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, $groupetable, $linkfield, 0, 0, $searchopt[65]['joinparams']['beforejoin']['joinparams']); } // show mine : assign $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_" . $table . "_users", $table . "_users_id", 0, 0, $searchopt[5]['joinparams']['beforejoin']['joinparams']); if (count($_SESSION['glpigroups'])) { $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, $groupetable, $linkfield, 0, 0, $searchopt[8]['joinparams']['beforejoin']['joinparams']); } } } return $out; default: // Plugin can override core definition for its type if ($plug = isPluginItemType($itemtype)) { $function = 'plugin_' . $plug['plugin'] . '_addDefaultJoin'; if (function_exists($function)) { $out = $function($itemtype, $ref_table, $already_link_tables); if (!empty($out)) { return $out; } } } return ""; } }
/** * Generic Function to add Default left join to a request * * @param $itemtype reference ID * @param $ref_table reference table * @param &$already_link_tables array of tables already joined * * @return Left join string **/ static function addDefaultJoin($itemtype, $ref_table, array &$already_link_tables) { switch ($itemtype) { // No link case 'User': return self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_profiles_users", "profiles_users_id", 0, 0, array('jointype' => 'child')); case 'RSSFeed': return RSSFeed::addVisibilityJoins(); case 'Reminder': return Reminder::addVisibilityJoins(); /* $out = self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_reminders_users", "reminders_users_id", 0, 0, array('jointype' => 'child')); $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_groups_reminders", "groups_reminders_id", 0, 0, array('jointype' => 'child')); $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_entities_reminders", "entities_reminders_id", 0, 0, array('jointype' => 'child')); $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_profiles_reminders", "profiles_reminders_id", 0, 0, array('jointype' => 'child')); return $out; */ /* $out = self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_reminders_users", "reminders_users_id", 0, 0, array('jointype' => 'child')); $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_groups_reminders", "groups_reminders_id", 0, 0, array('jointype' => 'child')); $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_entities_reminders", "entities_reminders_id", 0, 0, array('jointype' => 'child')); $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_profiles_reminders", "profiles_reminders_id", 0, 0, array('jointype' => 'child')); return $out; */ case 'Ticket': // Same structure in addDefaultWhere $out = ''; //if (!Session::haveRight("show_all_ticket","1")) { if (!Session::haveRight("ticket", Ticket::READALL)) { $searchopt =& self::getOptions($itemtype); // $requester_table = '`glpi_tickets_users_'.self::computeComplexJoinID($searchopt[4]['joinparams']['beforejoin']['joinparams']).'`'; // $requestergroup_table = '`glpi_groups_tickets_'.self::computeComplexJoinID($searchopt[71]['joinparams']['beforejoin']['joinparams']).'`'; // $assign_table = '`glpi_tickets_users_'.self::computeComplexJoinID($searchopt[5]['joinparams']['beforejoin']['joinparams']).'`'; // $assigngroup_table = '`glpi_groups_tickets_'.self::computeComplexJoinID($searchopt[8]['joinparams']['beforejoin']['joinparams']).'`'; // $observer_table = '`glpi_tickets_users_'.self::computeComplexJoinID($searchopt[66]['joinparams']['beforejoin']['joinparams']).'`'; // $observergroup_table = '`glpi_groups_tickets_'.self::computeComplexJoinID($searchopt[65]['joinparams']['beforejoin']['joinparams']).'`'; // show mine : requester $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_tickets_users", "tickets_users_id", 0, 0, $searchopt[4]['joinparams']['beforejoin']['joinparams']); //if (Session::haveRight("show_group_ticket",1)) { if (Session::haveRight("ticket", Ticket::READGROUP)) { if (count($_SESSION['glpigroups'])) { $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_groups_tickets", "groups_tickets_id", 0, 0, $searchopt[71]['joinparams']['beforejoin']['joinparams']); } } // show mine : observer $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_tickets_users", "tickets_users_id", 0, 0, $searchopt[66]['joinparams']['beforejoin']['joinparams']); if (count($_SESSION['glpigroups'])) { $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_groups_tickets", "groups_tickets_id", 0, 0, $searchopt[65]['joinparams']['beforejoin']['joinparams']); } if (Session::haveRight("ticket", Ticket::OWN)) { // Can own ticket : show assign to me $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_tickets_users", "tickets_users_id", 0, 0, $searchopt[5]['joinparams']['beforejoin']['joinparams']); } //if (Session::haveRight("show_assign_ticket","1")) { // show mine + assign to me if (Session::haveRightsOr("ticket", array(Ticket::READMY, Ticket::READASSIGN))) { // show mine + assign to me $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_tickets_users", "tickets_users_id", 0, 0, $searchopt[5]['joinparams']['beforejoin']['joinparams']); if (count($_SESSION['glpigroups'])) { $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_groups_tickets", "groups_tickets_id", 0, 0, $searchopt[8]['joinparams']['beforejoin']['joinparams']); } } //if (Session::haveRight('validate_incident', 1) // || Session::haveRight('validate_request', 1)) { if (Session::haveRightsOr('ticketvalidation', array(TicketValidation::VALIDATEINCIDENT, TicketValidation::VALIDATEREQUEST))) { $out .= self::addLeftJoin($itemtype, $ref_table, $already_link_tables, "glpi_ticketvalidations", "ticketvalidations_id", 0, 0, $searchopt[58]['joinparams']['beforejoin']['joinparams']); } } return $out; default: // Plugin can override core definition for its type if ($plug = isPluginItemType($itemtype)) { $function = 'plugin_' . $plug['plugin'] . '_addDefaultJoin'; if (function_exists($function)) { $out = $function($itemtype, $ref_table, $already_link_tables); if (!empty($out)) { return $out; } } } return ""; } }