Commit 9f00ab605285fdd45dba1d89c246423c63ec52a9
1 parent
5075b31b
Implement new permission system effect onto search results.
git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@3818 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
19 additions
and
16 deletions
presentation/lookAndFeel/knowledgeTree/search/booleanSearch.php
| @@ -57,19 +57,15 @@ class BooleanSearchDispatcher extends KTStandardDispatcher { | @@ -57,19 +57,15 @@ class BooleanSearchDispatcher extends KTStandardDispatcher { | ||
| 57 | $this->errorRedirectToMain('You need to specify which kind of search (ALL/ANY) you wish to perform.'); | 57 | $this->errorRedirectToMain('You need to specify which kind of search (ALL/ANY) you wish to perform.'); |
| 58 | } | 58 | } |
| 59 | 59 | ||
| 60 | - | ||
| 61 | // Step 1: extract the criteria selection, and create an array of criteria. | 60 | // Step 1: extract the criteria selection, and create an array of criteria. |
| 62 | $criteria_set = array(); | 61 | $criteria_set = array(); |
| 63 | foreach ($datavars as $order => $dataset) { | 62 | foreach ($datavars as $order => $dataset) { |
| 64 | - | ||
| 65 | - $oCriterion =& Criteria::getCriterionByNumber($dataset["type"]); | ||
| 66 | - if (PEAR::isError($oCriterion)) { | ||
| 67 | - $this->errorRedirectToMain('Invalid criteria specified.'); | ||
| 68 | - } | ||
| 69 | - | ||
| 70 | - $criteria_set[] = array($oCriterion, $dataset['data']); | 63 | + $oCriterion = Criteria::getCriterionByNumber($dataset["type"]); |
| 64 | + if (PEAR::isError($oCriterion)) { | ||
| 65 | + $this->errorRedirectToMain('Invalid criteria specified.'); | ||
| 66 | + } | ||
| 67 | + $criteria_set[] = array($oCriterion, $dataset["data"]); | ||
| 71 | } | 68 | } |
| 72 | - | ||
| 73 | $res = $this->handleCriteriaSet($criteria_set, $booleanJoinName); | 69 | $res = $this->handleCriteriaSet($criteria_set, $booleanJoinName); |
| 74 | 70 | ||
| 75 | return $res; | 71 | return $res; |
| @@ -112,6 +108,14 @@ class BooleanSearchDispatcher extends KTStandardDispatcher { | @@ -112,6 +108,14 @@ class BooleanSearchDispatcher extends KTStandardDispatcher { | ||
| 112 | $sJoinSQL = join(" ", $aJoinSQL); | 108 | $sJoinSQL = join(" ", $aJoinSQL); |
| 113 | 109 | ||
| 114 | $sToSearch = KTUtil::arrayGet($aOrigReq, 'fToSearch', 'Live'); // actually never present in this version. | 110 | $sToSearch = KTUtil::arrayGet($aOrigReq, 'fToSearch', 'Live'); // actually never present in this version. |
| 111 | + | ||
| 112 | + $oPermission =& KTPermission::getByName('ktcore.permissions.read'); | ||
| 113 | + $sPermissionLookupsTable = KTUtil::getTableName('permission_lookups'); | ||
| 114 | + $sPermissionLookupAssignmentsTable = KTUtil::getTableName('permission_lookup_assignments'); | ||
| 115 | + $sPermissionDescriptorsTable = KTUtil::getTableName('permission_descriptors'); | ||
| 116 | + $aGroups = GroupUtil::listGroupsForUserExpand($_SESSION['userID']); | ||
| 117 | + $aPermissionDescriptors = KTPermissionDescriptor::getByGroups($aGroups, array('ids' => true)); | ||
| 118 | + $sPermissionDescriptors = DBUtil::paramArray($aPermissionDescriptors); | ||
| 115 | 119 | ||
| 116 | $sQuery = DBUtil::compactQuery(" | 120 | $sQuery = DBUtil::compactQuery(" |
| 117 | SELECT | 121 | SELECT |
| @@ -121,24 +125,26 @@ class BooleanSearchDispatcher extends KTStandardDispatcher { | @@ -121,24 +125,26 @@ class BooleanSearchDispatcher extends KTStandardDispatcher { | ||
| 121 | $default->documents_table AS D | 125 | $default->documents_table AS D |
| 122 | INNER JOIN $default->folders_table AS F ON D.folder_id = F.id | 126 | INNER JOIN $default->folders_table AS F ON D.folder_id = F.id |
| 123 | $sJoinSQL | 127 | $sJoinSQL |
| 124 | - INNER JOIN $default->search_permissions_table AS SDUL ON SDUL.document_id = D.id | ||
| 125 | INNER JOIN $default->status_table AS SL on D.status_id=SL.id | 128 | INNER JOIN $default->status_table AS SL on D.status_id=SL.id |
| 129 | + INNER JOIN $sPermissionLookupsTable AS PL ON D.permission_lookup_id = PL.id | ||
| 130 | + INNER JOIN $sPermissionLookupAssignmentsTable AS PLA ON PL.id = PLA.permission_lookup_id AND PLA.permission_id = ? | ||
| 126 | WHERE | 131 | WHERE |
| 127 | - (F.is_public OR | ||
| 128 | - SDUL.user_id = ?) | 132 | + PLA.permission_descriptor_id IN ($sPermissionDescriptors) |
| 129 | AND SL.name = ? | 133 | AND SL.name = ? |
| 130 | AND ($sSQLSearchString) | 134 | AND ($sSQLSearchString) |
| 131 | GROUP BY D.id | 135 | GROUP BY D.id |
| 132 | ORDER BY doc_count DESC"); | 136 | ORDER BY doc_count DESC"); |
| 133 | 137 | ||
| 134 | $aParams = array(); | 138 | $aParams = array(); |
| 135 | - $aParams[] = $_SESSION["userID"]; | 139 | + $aParams[] = $oPermission->getId(); |
| 140 | + $aParams = array_merge($aParams, $aPermissionDescriptors); | ||
| 136 | $aParams[] = $sToSearch; | 141 | $aParams[] = $sToSearch; |
| 137 | $aParams = array_merge($aParams, $aCritParams); | 142 | $aParams = array_merge($aParams, $aCritParams); |
| 138 | 143 | ||
| 139 | //'<pre>'.var_dump(DBUtil::getResultArray(array($sQuery, $aParams))); | 144 | //'<pre>'.var_dump(DBUtil::getResultArray(array($sQuery, $aParams))); |
| 140 | //exit(0); | 145 | //exit(0); |
| 141 | //return '<pre>'.print_r(DBUtil::getResultArray(array($sQuery, $aParams)), true).'</pre>'; | 146 | //return '<pre>'.print_r(DBUtil::getResultArray(array($sQuery, $aParams)), true).'</pre>'; |
| 147 | + $iStartIndex = 1; | ||
| 142 | 148 | ||
| 143 | $aColumns = array("folder_name", "file_name", "document_name", "doc_count", "view"); | 149 | $aColumns = array("folder_name", "file_name", "document_name", "doc_count", "view"); |
| 144 | $aColumnTypes = array(3,3,3,1,3); | 150 | $aColumnTypes = array(3,3,3,1,3); |
| @@ -150,12 +156,9 @@ class BooleanSearchDispatcher extends KTStandardDispatcher { | @@ -150,12 +156,9 @@ class BooleanSearchDispatcher extends KTStandardDispatcher { | ||
| 150 | $oPatternBrowse = & new PatternBrowseableSearchResults(array($sQuery, $aParams), 10, $aColumns, $aColumnTypes, $aColumnHeaders, $aLinkURLs, $aDBQueryStringColumns, $aQueryStringVariableNames); | 156 | $oPatternBrowse = & new PatternBrowseableSearchResults(array($sQuery, $aParams), 10, $aColumns, $aColumnTypes, $aColumnHeaders, $aLinkURLs, $aDBQueryStringColumns, $aQueryStringVariableNames); |
| 151 | $oPatternBrowse->setStartIndex($iStartIndex); | 157 | $oPatternBrowse->setStartIndex($iStartIndex); |
| 152 | $oPatternBrowse->setSearchText(""); | 158 | $oPatternBrowse->setSearchText(""); |
| 153 | - $oPatternBrowse->setRememberValues($aReq); | ||
| 154 | $sForSearch = "<input type=\"hidden\" name=\"fForSearch\" value=\"1\" />"; | 159 | $sForSearch = "<input type=\"hidden\" name=\"fForSearch\" value=\"1\" />"; |
| 155 | 160 | ||
| 156 | return renderHeading(_("Advanced Search")) . $oPatternBrowse->render() . $sForSearch . $sRefreshMessage; | 161 | return renderHeading(_("Advanced Search")) . $oPatternBrowse->render() . $sForSearch . $sRefreshMessage; |
| 157 | - | ||
| 158 | - //return '<pre>'.$sSQLSearchString.'</pre>'; | ||
| 159 | } | 162 | } |
| 160 | } | 163 | } |
| 161 | 164 |