(Retrofit from trunk) Allowed organizations Part II.

r4428
Portal : Allowed Organizations part for action rules.
---------------------
r4422
Removed debug traces for AllowAllData
---------------------



SVN:2.3[4447]

datamodels/2.x/itop-portal-base/portal/src/forms/objectformmanager.class.inc.php

@@ -544,16 +544,12 @@ class ObjectFormManager extends FormManager
 								IssueLog::Info(__METHOD__ . ' at line ' . __LINE__ . ' : User #' . UserRights::GetUserId() . ' has no scope query for ' . $oScopeOriginal->GetClass() . ' class.');
 								$this->oApp->abort(404, Dict::S('UI:ObjectDoesNotExist'));
 							}
-							IssueLog::Info('Applying scope on field #' . $sAttCode);
-							IssueLog::Info('|-- AllowAllData on scope search ' . (($oScopeSearch->IsAllDataAllowed()) ? 'true' : 'false') . ' : ' . $oScopeSearch->ToOQL());
-							IssueLog::Info('|-- AllowAllData on scope original ' . (($oScopeOriginal->IsAllDataAllowed()) ? 'true' : 'false'));
 							$oScopeOriginal = $oScopeOriginal->Intersect($oScopeSearch);
 							// Note : This is to skip the silo restriction on the final query
 							if ($oScopeSearch->IsAllDataAllowed())
 							{
 								$oScopeOriginal->AllowAllData();
 							}
-							IssueLog::Info('|-- AllowAllData on result search ' . (($oScopeOriginal->IsAllDataAllowed()) ? 'true' : 'false'));
 							$oScopeOriginal->SetInternalParams(array('this' => $this->oObject));
 							$oField->SetSearch($oScopeOriginal);
 						}

datamodels/2.x/itop-portal-base/portal/src/helpers/contextmanipulatorhelper.class.inc.php

@@ -4,7 +4,7 @@
 //
 //   This file is part of iTop.
 //
-//   iTop is free software; you can redistribute it and/or modify	
+//   iTop is free software; you can redistribute it and/or modify
 //   it under the terms of the GNU Affero General Public License as published by
 //   the Free Software Foundation, either version 3 of the License, or
 //   (at your option) any later version.
@@ -23,6 +23,7 @@ use \Exception;
 use \Silex\Application;
 use \DOMNodeList;
 use \DOMFormatException;
+use \UserRights;
 use \DBObject;
 use \DBSearch;
 use \DBObjectSet;
@@ -42,6 +43,7 @@ class ContextManipulatorHelper
 	const ENUM_RULE_CALLBACK_OPEN_EDIT = 'edit';
 	const DEFAULT_RULE_CALLBACK_OPEN = self::ENUM_RULE_CALLBACK_OPEN_VIEW;
 
+	protected $oApp;
 	protected $aRules;
 
 	public function __construct()
@@ -59,7 +61,7 @@ class ContextManipulatorHelper
 	public function Init(DOMNodeList $oNodes)
 	{
 		$this->aRules = array();
-		
+
 		// Iterating over the scope nodes
 		foreach ($oNodes as $oRuleNode)
 		{
@@ -181,6 +183,11 @@ class ContextManipulatorHelper
 		}
 	}
 
+	public function SetApp($oApp)
+	{
+		$this->oApp = $oApp;
+	}
+
 	/**
 	 * Returns a hash array of rules
 	 *
@@ -222,7 +229,7 @@ class ContextManipulatorHelper
 	 *     ...
 	 *   )
 	 * )
-	 * 
+	 *
 	 * @param array $aData
 	 * @param DBObject $oObject
 	 */
@@ -290,6 +297,13 @@ class ContextManipulatorHelper
 						}
 					}
 
+					// Checking for silos
+					$oScopeSearch = $this->oApp['scope_validator']->GetScopeFilterForProfiles(UserRights::ListProfiles(), $sSearchClass, UR_ACTION_READ);
+					if ($oScopeSearch->IsAllDataAllowed())
+					{
+						$oSearch->AllowAllData();
+					}
+
 					// Retrieving source object(s) and applying rules
 					$oSet = new DBObjectSet($oSearch, array(), $aSearchParams);
 					while ($oSourceObject = $oSet->Fetch())

datamodels/2.x/itop-portal-base/portal/src/providers/contextmanipulatorserviceprovider.class.inc.php

@@ -38,6 +38,7 @@ class ContextManipulatorServiceProvider implements ServiceProviderInterface
 			$oApp->flush();
 
 			$oContextManipulatorHelper = new ContextManipulatorHelper();
+			$oContextManipulatorHelper->SetApp($oApp);
 
 			return $oContextManipulatorHelper;
 		});