Portal : Missing AllDataAllowed

SVN:trunk[4412]
2026-02-13 07:24:13 +01:00 · 2016-09-23 13:58:08 +00:00
parent 4dd6c813b1
commit a34747f893
2 changed files with 35 additions and 2 deletions
--- a/datamodels/2.x/itop-portal-base/portal/src/controllers/managebrickcontroller.class.inc.php
+++ b/datamodels/2.x/itop-portal-base/portal/src/controllers/managebrickcontroller.class.inc.php
@@ -207,6 +207,11 @@ class ManageBrickController extends BrickController
 				if ($oDistinctScopeQuery != null)
 				{
 					$oDistinctQuery = $oDistinctQuery->Intersect($oDistinctScopeQuery);
+					// - Allowing all data if necessary
+					if ($oDistinctScopeQuery->IsAllDataAllowed())
+					{
+						$oDistinctQuery->AllowAllData();
+					}
 				}
 				// Adding grouping conditions
 				$oFieldExp = new FieldExpression($sGroupingAreaAttCode, $sParentAlias);
@@ -261,7 +266,19 @@ class ManageBrickController extends BrickController
 			// Note : Will need to moved the scope restriction on queries elsewhere when we consider grouping on something else than finalclass
 			// Note : We now get view scope instead of edit scope as we allowed users to view/edit objects in the brick regarding their rights
 			$oScopeQuery = $oApp['scope_validator']->GetScopeFilterForProfiles(UserRights::ListProfiles(), $aGroupingAreasValue['value'], UR_ACTION_READ);
-			$oAreaQuery = ($oScopeQuery !== null) ? $oAreaQuery->Intersect($oScopeQuery) : null;
+			if ($oScopeQuery !== null)
+			{
+				$oAreaQuery = $oAreaQuery->Intersect($oScopeQuery);
+				// - Allowing all data if necessary
+				if ($oScopeQuery->IsAllDataAllowed())
+				{
+					$oAreaQuery->AllowAllData();
+				}
+			}
+			else
+			{
+				$oAreaQuery = null;
+			}

 			$aQueries[$sKey] = $oAreaQuery;
 		}
--- a/datamodels/2.x/itop-portal-base/portal/src/controllers/objectcontroller.class.inc.php
+++ b/datamodels/2.x/itop-portal-base/portal/src/controllers/objectcontroller.class.inc.php
@@ -739,7 +739,13 @@ class ObjectController extends AbstractController
 		// It is the responsability of the template designer to write the right query so the user see only what he should.
 		if ($oTargetAttDef->GetEditClass() !== 'CustomFields')
 		{
-			$oSearch = $oSearch->Intersect($oApp['scope_validator']->GetScopeFilterForProfiles(UserRights::ListProfiles(), $sTargetObjectClass, UR_ACTION_READ));
+			$oScopeSearch = $oApp['scope_validator']->GetScopeFilterForProfiles(UserRights::ListProfiles(), $sTargetObjectClass, UR_ACTION_READ);
+			$oSearch = $oSearch->Intersect($oScopeSearch);
+			// - Allowing all data if necessary
+			if ($oScopeSearch->IsAllDataAllowed())
+			{
+				$oSearch->AllowAllData();
+			}
 		}

 		// Retrieving results
@@ -991,6 +997,11 @@ class ObjectController extends AbstractController
 		if (($oScopeSearch !== null) && ($oTargetAttDef->GetEditClass() !== 'CustomFields'))
 		{
 			$oSearch = $oSearch->Intersect($oScopeSearch);
+			// - Allowing all data if necessary
+			if ($oScopeSearch->IsAllDataAllowed())
+			{
+				$oSearch->AllowAllData();
+			}
 		}

 		// Retrieving results
@@ -1216,6 +1227,11 @@ class ObjectController extends AbstractController
 //		}
 		// - Intersecting with scope constraints
 		$oSearch = $oSearch->Intersect($oScopeSearch);
+		// - Allowing all data if necessary
+		if ($oScopeSearch->IsAllDataAllowed())
+		{
+			$oSearch->AllowAllData();
+		}

 		// Retrieving results
 		// - Preparing object set