Skip to content
Snippets Groups Projects
Commit b16e6f64 authored by Damien's avatar Damien
Browse files

FEAT #3188 fix entitiesTab for Superadmin

parent c5cd9a4b
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
core/trunk/core/class/class_security.php
+ 11
7
View file @ b16e6f64
...@@ -841,16 +841,20 @@ class security extends Database ...@@ -841,16 +841,20 @@ class security extends Database
if (empty($view)) { if (empty($view)) {
$view = $this->retrieve_table_from_coll($coll_id); $view = $this->retrieve_table_from_coll($coll_id);
} }
$entitiesTab = []; $entitiesTab = $this->getEntitiesForCurrentUser();
foreach ($_SESSION['user']['entities'] as $tmp) {
$entitiesTab[] = $tmp['ENTITY_ID'];
}
$where_clause = $this->get_where_clause_from_coll_id($coll_id); $where_clause = $this->get_where_clause_from_coll_id($coll_id);
$query = "select res_id from " . $view . " where res_id = ?"; $query = "select res_id from " . $view . " where res_id = ?";
if (!empty($where_clause)) { if (!empty($entitiesTab)) {
$query .= " and (" . $where_clause . "or folder_destination in (?)) "; if (!empty($where_clause)) {
$query .= " and (" . $where_clause . " or folder_destination in (?)) ";
}
$stmt = $this->query($query, array($s_id, $entitiesTab));
} else {
if (!empty($where_clause)) {
$query .= " and (" . $where_clause . ") ";
}
$stmt = $this->query($query, array($s_id));
} }
$stmt = $this->query($query, array($s_id, $entitiesTab));
if ($stmt->rowCount() < 1) { if ($stmt->rowCount() < 1) {
//NOT IN THE DOC PERIMETER SO TEST IT IN THE BASKETS //NOT IN THE DOC PERIMETER SO TEST IT IN THE BASKETS
$basketQuery = ''; $basketQuery = '';
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment