mirror of
https://github.com/Combodo/iTop.git
synced 2026-05-17 06:18:44 +02:00
Portal : new helper method to add scope to a DbSearch (moved from existing one in ManageBrick)
SVN:trunk[5822]
This commit is contained in:
Pierre Goiffon
@@ -156,7 +156,9 @@ class ManageBrickController extends BrickController
|
||||
{
|
||||
$oQuery = DBSearch::FromOQL($oBrick->GetOql());
|
||||
$sClass = $oQuery->GetClass();
|
||||
$this->AddScopeToQuery($oQuery, $oApp, $oBrick, $sClass);
|
||||
/** @var \Combodo\iTop\Portal\Helper\ScopeValidatorHelper $oScopeHelper */
|
||||
$oScopeHelper = $oApp['scope_validator'];
|
||||
$oScopeHelper->AddScopeToQuery($oQuery, $sClass);
|
||||
$aData = array();
|
||||
$this->ManageSearchValue($oRequest, $aData, $oQuery, $sClass);
|
||||
|
||||
@@ -304,7 +306,11 @@ class ManageBrickController extends BrickController
|
||||
{
|
||||
$oConditionQuery = $oQuery->Intersect(DBSearch::FromOQL($aGroup['condition']));
|
||||
// - Restricting query to scope
|
||||
if ($this->AddScopeToQuery($oConditionQuery, $oApp, $oBrick, $oConditionQuery->GetClass()))
|
||||
|
||||
/** @var \Combodo\iTop\Portal\Helper\ScopeValidatorHelper $oScopeHelper */
|
||||
$oScopeHelper = $oApp['scope_validator'];
|
||||
$bHasScope = $oScopeHelper->AddScopeToQuery($oConditionQuery, $oConditionQuery->GetClass());
|
||||
if ($bHasScope)
|
||||
{
|
||||
// - Building ObjectSet
|
||||
$oConditionSet = new DBObjectSet($oConditionQuery);
|
||||
@@ -421,7 +427,10 @@ class ManageBrickController extends BrickController
|
||||
// Restricting query to allowed scope on each classes
|
||||
// Note: Will need to moved the scope restriction on queries elsewhere when we consider grouping on something else than finalclass
|
||||
// Note: We now get view scope instead of edit scope as we allowed users to view/edit objects in the brick regarding their rights
|
||||
if (!$this->AddScopeToQuery($oAreaQuery, $oApp, $oBrick, $aGroupingAreasValue['value']))
|
||||
/** @var \Combodo\iTop\Portal\Helper\ScopeValidatorHelper $oScopeHelper */
|
||||
$oScopeHelper = $oApp['scope_validator'];
|
||||
$bHasScope = $oScopeHelper->AddScopeToQuery($oAreaQuery, $aGroupingAreasValue['value']);
|
||||
if (!$bHasScope)
|
||||
{
|
||||
// if no scope apply does not allow any data
|
||||
$oAreaQuery = null;
|
||||
@@ -796,7 +805,9 @@ class ManageBrickController extends BrickController
|
||||
$aGroupingTabsValues = array();
|
||||
$aDistinctResults = array();
|
||||
$oDistinctQuery = DBSearch::FromOQL($oBrick->GetOql());
|
||||
$bHasScope = $this->AddScopeToQuery($oDistinctQuery, $oApp, $oBrick, $oDistinctQuery->GetClass());
|
||||
/** @var \Combodo\iTop\Portal\Helper\ScopeValidatorHelper $oScopeHelper */
|
||||
$oScopeHelper = $oApp['scope_validator'];
|
||||
$bHasScope = $oScopeHelper->AddScopeToQuery($oDistinctQuery, $oDistinctQuery->GetClass());
|
||||
if ($bHasScope)
|
||||
{
|
||||
// - Adding field condition
|
||||
@@ -903,35 +914,10 @@ class ManageBrickController extends BrickController
|
||||
protected function GetScopedQuery(Application $oApp, ManageBrick $oBrick, $sClass)
|
||||
{
|
||||
$oQuery = DBSearch::FromOQL($oBrick->GetOql());
|
||||
$this->AddScopeToQuery($oQuery, $oApp, $oBrick, $sClass);
|
||||
/** @var \Combodo\iTop\Portal\Helper\ScopeValidatorHelper $oScopeHelper */
|
||||
$oScopeHelper = $oApp['scope_validator'];
|
||||
$oScopeHelper->AddScopeToQuery($oQuery, $sClass);
|
||||
|
||||
return $oQuery;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param DBSearch $oQuery
|
||||
* @param Application $oApp
|
||||
* @param ManageBrick $oBrick
|
||||
* @param string $sClass
|
||||
*
|
||||
* @return bool true if scope exists, false if scope is null
|
||||
*/
|
||||
protected function AddScopeToQuery(DBSearch &$oQuery, Application $oApp, ManageBrick $oBrick, $sClass)
|
||||
{
|
||||
$oScopeQuery = $oApp['scope_validator']->GetScopeFilterForProfiles(UserRights::ListProfiles(), $sClass,
|
||||
UR_ACTION_READ);
|
||||
if ($oScopeQuery !== null)
|
||||
{
|
||||
$oQuery = $oQuery->Intersect($oScopeQuery);
|
||||
// - Allowing all data if necessary
|
||||
if ($oScopeQuery->IsAllDataAllowed())
|
||||
{
|
||||
$oQuery->AllowAllData();
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -19,15 +19,23 @@
|
||||
|
||||
namespace Combodo\iTop\Portal\Helper;
|
||||
|
||||
use Exception;
|
||||
use DOMNodeList;
|
||||
use DOMFormatException;
|
||||
use utils;
|
||||
use ProfilesConfig;
|
||||
use MetaModel;
|
||||
use DBSearch;
|
||||
use DBUnionSearch;
|
||||
use DOMFormatException;
|
||||
use DOMNodeList;
|
||||
use Exception;
|
||||
use MetaModel;
|
||||
use ProfilesConfig;
|
||||
use UserRights;
|
||||
use utils;
|
||||
|
||||
/**
|
||||
* Class ScopeValidatorHelper
|
||||
*
|
||||
* Inside the portal this service is injected, get the instance using $oApp['scope_validator']
|
||||
*
|
||||
* @package Combodo\iTop\Portal\Helper
|
||||
*/
|
||||
class ScopeValidatorHelper
|
||||
{
|
||||
const ENUM_MODE_READ = 'r';
|
||||
@@ -113,6 +121,7 @@ class ScopeValidatorHelper
|
||||
|
||||
$this->sInstancePrefix = $sInstancePrefix;
|
||||
$this->sGeneratedClass = $this->sInstancePrefix . static::DEFAULT_GENERATED_CLASS;
|
||||
|
||||
return $this;
|
||||
}
|
||||
|
||||
@@ -150,7 +159,7 @@ class ScopeValidatorHelper
|
||||
{
|
||||
throw new DOMFormatException('Class tag must have an id attribute.', null, null, $oClassNode);
|
||||
}
|
||||
|
||||
|
||||
// Iterating over scope nodes of the class
|
||||
$oScopesNode = $oClassNode->GetOptionalElement('scopes');
|
||||
if ($oScopesNode !== null)
|
||||
@@ -213,7 +222,7 @@ class ScopeValidatorHelper
|
||||
{
|
||||
// Scope profile id
|
||||
$iProfileId = $this->GetProfileIdFromProfileName($sProfileName);
|
||||
|
||||
|
||||
// Now that we have the queries infos, we are going to build the queries for that profile / class
|
||||
$sMatrixPrefix = $iProfileId . '_' . $sClass . '_';
|
||||
// - View query
|
||||
@@ -284,7 +293,7 @@ class ScopeValidatorHelper
|
||||
$aProfileClasses[] = $sClass;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// Filling the array with missing classes from MetaModel, so we can have an inheritance principle on the scope
|
||||
// For each class explicitly given in the scopes, we check if its child classes were also in the scope :
|
||||
// If not, we add them with the same OQL
|
||||
@@ -493,7 +502,7 @@ class ScopeValidatorHelper
|
||||
{
|
||||
$iAction = UR_ACTION_READ;
|
||||
}
|
||||
|
||||
|
||||
// Iterating on profiles to retrieving the different OQLs parts
|
||||
foreach ($aProfiles as $sProfile)
|
||||
{
|
||||
@@ -539,10 +548,34 @@ class ScopeValidatorHelper
|
||||
{
|
||||
$oSearch->AllowAllData();
|
||||
}
|
||||
|
||||
|
||||
return $oSearch;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param DBSearch $oQuery
|
||||
* @param string $sClass
|
||||
*
|
||||
* @return bool true if scope exists, false if scope is null
|
||||
*/
|
||||
public function AddScopeToQuery(DBSearch &$oQuery, $sClass)
|
||||
{
|
||||
$oScopeQuery = $this->GetScopeFilterForProfiles(UserRights::ListProfiles(), $sClass, UR_ACTION_READ);
|
||||
if ($oScopeQuery !== null)
|
||||
{
|
||||
$oQuery = $oQuery->Intersect($oScopeQuery);
|
||||
// - Allowing all data if necessary
|
||||
if ($oScopeQuery->IsAllDataAllowed())
|
||||
{
|
||||
$oQuery->AllowAllData();
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns true if at least one of the $aProfiles has the ignore_silos flag set to true for the $sClass.
|
||||
*
|
||||
@@ -665,6 +698,7 @@ class $sClassName
|
||||
}
|
||||
|
||||
EOF;
|
||||
|
||||
return $sPHP;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user