From 744c0084dfe7487ace729d781c0a6a33ca0bad30 Mon Sep 17 00:00:00 2001
From: Damien <damien.burel@maarch.org>
Date: Mon, 29 Jul 2019 18:04:33 +0200
Subject: [PATCH] FEAT #11296 TIME 0:10 Refactoring test_right_doc

---
 core/class/class_security.php | 61 ++---------------------------------
 1 file changed, 3 insertions(+), 58 deletions(-)

diff --git a/core/class/class_security.php b/core/class/class_security.php
index 0d66a0cad4a..a5516cedd91 100755
--- a/core/class/class_security.php
+++ b/core/class/class_security.php
@@ -752,63 +752,8 @@ class security extends Database
      */
     public function test_right_doc($coll_id, $s_id)
     {
-        if (empty($coll_id) || empty($s_id)) {
-            return false;
-        }
-        $view = $this->retrieve_view_from_coll_id($coll_id);
-        if (empty($view)) {
-            $view = $this->retrieve_table_from_coll($coll_id);
-        }
-        $entitiesTab = $this->getEntitiesForCurrentUser();
-        $where_clause = $this->get_where_clause_from_coll_id($coll_id);
-        $query = 'select res_id from '.$view.' where res_id = ?';
-        if (!empty($entitiesTab)) {
-            if (!empty($where_clause)) {
-                $query .= ' and ('.$where_clause.' or folder_destination in (?)) ';
-            }
-            $stmt = $this->query($query, array($s_id, $entitiesTab));
-        } else {
-            if (!empty($where_clause)) {
-                $query .= ' and ('.$where_clause.') ';
-            }
-            $stmt = $this->query($query, array($s_id));
-        }
-        if ($stmt->rowCount() < 1) {
-            //NOT IN THE DOC PERIMETER SO TEST IT IN THE BASKETS
-            $basketQuery = '';
-            for (
-                $ind_bask = 0;
-                $ind_bask < count($_SESSION['user']['baskets']);
-                ++$ind_bask
-            ) {
-                if (
-                    $_SESSION['user']['baskets'][$ind_bask]['coll_id'] == $coll_id
-                ) {
-                    if (
-                        isset($_SESSION['user']['baskets'][$ind_bask]['clause'])
-                        && trim($_SESSION['user']['baskets'][$ind_bask]['clause']) != ''
-                    ) {
-                        $basketQuery .= ' or ('
-                            .$_SESSION['user']['baskets'][$ind_bask]['clause']
-                            .')';
-                    }
-                }
-            }
-            if ($basketQuery != '') {
-                $basketQuery = preg_replace('/^ or/', '', $basketQuery);
-                $query = 'select res_id from '
-                    .$view.' where ('.$basketQuery.') and res_id = ?';
-                $stmt = $this->query($query, array($s_id));
-                if ($stmt->rowCount() < 1) {
-                    return false;
-                } else {
-                    return true;
-                }
-            } else {
-                return false;
-            }
-        } else {
-            return true;
-        }
+        $user = \User\models\UserModel::getByLogin(['login' => $_SESSION['user']['UserId'], 'select' => ['id']]);
+
+        return \Resource\controllers\ResController::hasRightByResId(['resId' => [$s_id], 'userId' => $user['id']]);
     }
 }
-- 
GitLab