Commit e3b10fa4f79bc8a7284bdba4719d206d9f07e4fd
1 parent
d3a50456
Use new-style permission system to control what documents are shown and
not shown. git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@3815 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
16 additions
and
5 deletions
presentation/lookAndFeel/knowledgeTree/search/advancedSearchUtil.inc
| ... | ... | @@ -26,6 +26,8 @@ |
| 26 | 26 | * @package search |
| 27 | 27 | */ |
| 28 | 28 | |
| 29 | +require_once(KT_LIB_DIR . '/permissions/permissionutil.inc.php'); | |
| 30 | + | |
| 29 | 31 | function searchCriteria ($var) { |
| 30 | 32 | return preg_match('/^bmd(_?\d+)/', $var); |
| 31 | 33 | } |
| ... | ... | @@ -91,6 +93,14 @@ function getAdvancedSearchResults($aOrigReq, $iStartIndex) { |
| 91 | 93 | |
| 92 | 94 | $sToSearch = KTUtil::arrayGet($aOrigReq, 'fToSearch', 'Live'); |
| 93 | 95 | |
| 96 | + $oPermission =& KTPermission::getByName('ktcore.permissions.read'); | |
| 97 | + $sPermissionLookupsTable = KTUtil::getTableName('permission_lookups'); | |
| 98 | + $sPermissionLookupAssignmentsTable = KTUtil::getTableName('permission_lookup_assignments'); | |
| 99 | + $sPermissionDescriptorsTable = KTUtil::getTableName('permission_descriptors'); | |
| 100 | + $aGroups = GroupUtil::listGroupsForUserExpand($_SESSION['userID']); | |
| 101 | + $aPermissionDescriptors = KTPermissionDescriptor::getByGroups($aGroups, array('ids' => true)); | |
| 102 | + $sPermissionDescriptors = DBUtil::paramArray($aPermissionDescriptors); | |
| 103 | + | |
| 94 | 104 | $sQuery = DBUtil::compactQuery(" |
| 95 | 105 | SELECT |
| 96 | 106 | F.name AS folder_name, F.id AS folder_id, D.id AS document_id, |
| ... | ... | @@ -99,18 +109,19 @@ FROM |
| 99 | 109 | $default->documents_table AS D |
| 100 | 110 | INNER JOIN $default->folders_table AS F ON D.folder_id = F.id |
| 101 | 111 | $sJoinSQL |
| 102 | - INNER JOIN $default->search_permissions_table AS SDUL ON SDUL.document_id = D.id | |
| 103 | - INNER JOIN $default->status_table AS SL on D.status_id=SL.id | |
| 112 | + INNER JOIN $default->status_table AS SL ON D.status_id=SL.id | |
| 113 | + INNER JOIN $sPermissionLookupsTable AS PL ON D.permission_lookup_id = PL.id | |
| 114 | + INNER JOIN $sPermissionLookupAssignmentsTable AS PLA ON PL.id = PLA.permission_lookup_id AND PLA.permission_id = ? | |
| 104 | 115 | WHERE |
| 105 | - (F.is_public OR | |
| 106 | - SDUL.user_id = ?) | |
| 116 | + PLA.permission_descriptor_id IN ($sPermissionDescriptors) | |
| 107 | 117 | AND SL.name = ? |
| 108 | 118 | AND ($sSQLSearchString) |
| 109 | 119 | GROUP BY D.id |
| 110 | 120 | ORDER BY doc_count DESC"); |
| 111 | 121 | |
| 112 | 122 | $aParams = array(); |
| 113 | - $aParams[] = $_SESSION["userID"]; | |
| 123 | + $aParams[] = $oPermission->getId(); | |
| 124 | + $aParams = array_merge($aParams, $aPermissionDescriptors); | |
| 114 | 125 | $aParams[] = $sToSearch; |
| 115 | 126 | $aParams = array_merge($aParams, $aCritParams); |
| 116 | 127 | ... | ... |