diff --git a/application/controllers/admin/SurveyPermission.php b/application/controllers/admin/SurveyPermission.php
index a44a41cbbe4..8d94269aaac 100644
--- a/application/controllers/admin/SurveyPermission.php
+++ b/application/controllers/admin/SurveyPermission.php
@@ -39,7 +39,6 @@ public function index($iSurveyID)
$aViewUrls = array();
$imageurl = Yii::app()->getConfig('adminimageurl');
-
if (!Permission::model()->hasSurveyPermission($iSurveyID, 'surveysecurity', 'read')) {
$this->getController()->error('Access denied');
return;
@@ -51,12 +50,12 @@ public function index($iSurveyID)
$aBaseSurveyPermissions = Permission::model()->getSurveyBasePermissions();
$userList = getUserList('onlyuidarray'); // Limit the user list for the samegrouppolicy
+ $authorizedGroupsList = getUserGroupList(); // Limit the group list for the samegrouppolicy
App()->getClientScript()->registerPackage('jquery-tablesorter');
App()->getClientScript()->registerScriptFile(App()->getConfig('adminscripts') . 'surveypermissions.js');
// FIXME this HTML stuff MUST BE IN VIEWS!!
$surveysecurity = "
';
$result2 = Permission::model()->getUserDetails($iSurveyID);
@@ -74,11 +73,6 @@ public function index($iSurveyID)
$surveysecurity .= "\n";
// Foot first
-
- if (shouldFilterUserGroupList()) {
- $authorizedGroupsList = getUserGroupList();
- }
-
$surveysecurity .= "\n";
$row = 0;
foreach ($result2 as $PermissionRow) {
diff --git a/application/helpers/common_helper.php b/application/helpers/common_helper.php
index db9ce0c6e9f..030695e5da8 100644
--- a/application/helpers/common_helper.php
+++ b/application/helpers/common_helper.php
@@ -661,7 +661,7 @@ function getUserList($outputformat = 'fullinfoarray')
if (!empty(Yii::app()->session['loginID'])) {
$myuid = sanitize_int(Yii::app()->session['loginID']);
}
- $usercontrolSameGroupPolicy = Yii::app()->getConfig('usercontrolSameGroupPolicy');
+ $usercontrolSameGroupPolicy = App()->getConfig('usercontrolSameGroupPolicy');
if (
!Permission::model()->hasGlobalPermission('superadmin', 'read') && isset($usercontrolSameGroupPolicy) &&
$usercontrolSameGroupPolicy == true
@@ -4141,17 +4141,19 @@ function shouldFilterUserGroupList()
/**
* Get a list of all user groups
+* All user group or filtered according to usercontrolSameGroupPolicy
* @returns array
*/
function getUserGroupList()
{
$sQuery = "SELECT distinct a.ugid, a.name, a.owner_id FROM {{user_groups}} AS a LEFT JOIN {{user_in_groups}} AS b ON a.ugid = b.ugid WHERE 1=1 ";
if (shouldFilterUserGroupList()) {
- $sQuery .= "AND uid = " . Yii::app()->session['loginID'];
+ $userid = intval(App()->session['loginID']);
+ $sQuery .= "AND (b.uid = {$userid})";
}
$sQuery .= " ORDER BY name";
- $sresult = Yii::app()->db->createCommand($sQuery)->query(); //Checked
+ $sresult = App()->db->createCommand($sQuery)->query(); //Checked
if (!$sresult) {
return "Database Error";
}
@@ -4424,27 +4426,22 @@ function getSurveyUserGroupList($outputformat, $surveyid)
$surveyid = sanitize_int($surveyid);
$surveyidquery = "SELECT a.ugid, a.name, MAX(d.ugid) AS da
- FROM {{user_groups}} AS a
- LEFT JOIN (
- SELECT b.ugid
- FROM {{user_in_groups}} AS b
- LEFT JOIN (SELECT * FROM {{permissions}}
- WHERE entity_id = {$surveyid} and entity='survey') AS c ON b.uid = c.uid WHERE c.uid IS NULL
- ) AS d ON a.ugid = d.ugid GROUP BY a.ugid, a.name HAVING MAX(d.ugid) IS NOT NULL ORDER BY a.name";
+ FROM {{user_groups}} AS a
+ LEFT JOIN (
+ SELECT b.ugid
+ FROM {{user_in_groups}} AS b
+ LEFT JOIN (SELECT * FROM {{permissions}}
+ WHERE entity_id = {$surveyid} and entity='survey') AS c ON b.uid = c.uid WHERE c.uid IS NULL
+ ) AS d ON a.ugid = d.ugid GROUP BY a.ugid, a.name HAVING MAX(d.ugid) IS NOT NULL ORDER BY a.name";
$surveyidresult = Yii::app()->db->createCommand($surveyidquery)->query(); //Checked
$aResult = $surveyidresult->readAll();
- $authorizedGroupsList = [];
- if (shouldFilterUserGroupList()) {
- $authorizedGroupsList = getUserGroupList();
- }
-
+ $authorizedGroupsList = getUserGroupList();
$svexist = false;
$surveyselecter = "";
$simpleugidarray = [];
foreach ($aResult as $sv) {
if (
- Yii::app()->getConfig('usercontrolSameGroupPolicy') == false ||
in_array($sv['ugid'], $authorizedGroupsList)
) {
$surveyselecter .= "