From a34747f89360e05064ede8acbcaa9bbfea780d52 Mon Sep 17 00:00:00 2001 From: Guillaume Lajarige Date: Fri, 23 Sep 2016 13:58:08 +0000 Subject: [PATCH] Portal : Missing AllDataAllowed SVN:trunk[4412] --- .../managebrickcontroller.class.inc.php | 19 ++++++++++++++++++- .../objectcontroller.class.inc.php | 18 +++++++++++++++++- 2 files changed, 35 insertions(+), 2 deletions(-) diff --git a/datamodels/2.x/itop-portal-base/portal/src/controllers/managebrickcontroller.class.inc.php b/datamodels/2.x/itop-portal-base/portal/src/controllers/managebrickcontroller.class.inc.php index 6813a139a..e9e79c3e5 100644 --- a/datamodels/2.x/itop-portal-base/portal/src/controllers/managebrickcontroller.class.inc.php +++ b/datamodels/2.x/itop-portal-base/portal/src/controllers/managebrickcontroller.class.inc.php @@ -207,6 +207,11 @@ class ManageBrickController extends BrickController if ($oDistinctScopeQuery != null) { $oDistinctQuery = $oDistinctQuery->Intersect($oDistinctScopeQuery); + // - Allowing all data if necessary + if ($oDistinctScopeQuery->IsAllDataAllowed()) + { + $oDistinctQuery->AllowAllData(); + } } // Adding grouping conditions $oFieldExp = new FieldExpression($sGroupingAreaAttCode, $sParentAlias); @@ -261,7 +266,19 @@ class ManageBrickController extends BrickController // Note : Will need to moved the scope restriction on queries elsewhere when we consider grouping on something else than finalclass // Note : We now get view scope instead of edit scope as we allowed users to view/edit objects in the brick regarding their rights $oScopeQuery = $oApp['scope_validator']->GetScopeFilterForProfiles(UserRights::ListProfiles(), $aGroupingAreasValue['value'], UR_ACTION_READ); - $oAreaQuery = ($oScopeQuery !== null) ? $oAreaQuery->Intersect($oScopeQuery) : null; + if ($oScopeQuery !== null) + { + $oAreaQuery = $oAreaQuery->Intersect($oScopeQuery); + // - Allowing all data if necessary + if ($oScopeQuery->IsAllDataAllowed()) + { + $oAreaQuery->AllowAllData(); + } + } + else + { + $oAreaQuery = null; + } $aQueries[$sKey] = $oAreaQuery; } diff --git a/datamodels/2.x/itop-portal-base/portal/src/controllers/objectcontroller.class.inc.php b/datamodels/2.x/itop-portal-base/portal/src/controllers/objectcontroller.class.inc.php index 6f21f2691..9b122281e 100644 --- a/datamodels/2.x/itop-portal-base/portal/src/controllers/objectcontroller.class.inc.php +++ b/datamodels/2.x/itop-portal-base/portal/src/controllers/objectcontroller.class.inc.php @@ -739,7 +739,13 @@ class ObjectController extends AbstractController // It is the responsability of the template designer to write the right query so the user see only what he should. if ($oTargetAttDef->GetEditClass() !== 'CustomFields') { - $oSearch = $oSearch->Intersect($oApp['scope_validator']->GetScopeFilterForProfiles(UserRights::ListProfiles(), $sTargetObjectClass, UR_ACTION_READ)); + $oScopeSearch = $oApp['scope_validator']->GetScopeFilterForProfiles(UserRights::ListProfiles(), $sTargetObjectClass, UR_ACTION_READ); + $oSearch = $oSearch->Intersect($oScopeSearch); + // - Allowing all data if necessary + if ($oScopeSearch->IsAllDataAllowed()) + { + $oSearch->AllowAllData(); + } } // Retrieving results @@ -991,6 +997,11 @@ class ObjectController extends AbstractController if (($oScopeSearch !== null) && ($oTargetAttDef->GetEditClass() !== 'CustomFields')) { $oSearch = $oSearch->Intersect($oScopeSearch); + // - Allowing all data if necessary + if ($oScopeSearch->IsAllDataAllowed()) + { + $oSearch->AllowAllData(); + } } // Retrieving results @@ -1216,6 +1227,11 @@ class ObjectController extends AbstractController // } // - Intersecting with scope constraints $oSearch = $oSearch->Intersect($oScopeSearch); + // - Allowing all data if necessary + if ($oScopeSearch->IsAllDataAllowed()) + { + $oSearch->AllowAllData(); + } // Retrieving results // - Preparing object set