/
AccessWhereClause.php
114 lines (89 loc) · 2.48 KB
/
AccessWhereClause.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
<?php
namespace Elgg\Database\Clauses;
use Elgg\Database\QueryBuilder;
/**
* Builds queries to restrict access
*/
class AccessWhereClause extends WhereClause {
/**
* @var string
*/
public $access_column = 'access_id';
/**
* @var string
*/
public $owner_guid_column = 'owner_guid';
/**
* @var string
*/
public $guid_column = 'guid';
/**
* @var string
*/
public $enabled_column = 'enabled';
/**
* @var bool
*/
public $ignore_access;
/**
* @var bool
*/
public $use_enabled_clause;
/**
* @var int
*/
public $viewer_guid;
/**
* {@inheritdoc}
*/
public function prepare(QueryBuilder $qb, $table_alias = null) {
$alias = function ($column) use ($table_alias) {
return $table_alias ? "{$table_alias}.{$column}" : $column;
};
if (!isset($this->viewer_guid)) {
$this->viewer_guid = elgg_get_logged_in_user_guid();
}
if (!isset($this->ignore_access)) {
$this->ignore_access = _elgg_services()->userCapabilities->canBypassPermissionsCheck($this->viewer_guid);
}
if (!isset($this->use_enabled_clause)) {
$this->use_enabled_clause = !access_get_show_hidden_status();
}
$ors = [];
$ands = [];
$ands[] = parent::prepare($qb, $table_alias);
if (!$this->ignore_access) {
if ($this->viewer_guid) {
// include user's content
$ors['owner_access'] = $qb->compare($alias($this->owner_guid_column), '=', $this->viewer_guid, ELGG_VALUE_INTEGER);
}
// include standard accesses (public, logged in, access collections)
$access_list = _elgg_services()->accessCollections->getAccessArray($this->viewer_guid);
$ors['acl_access'] = $qb->compare($alias($this->access_column), '=', $access_list, ELGG_VALUE_INTEGER);
}
if ($this->use_enabled_clause) {
$ands[] = $qb->compare($alias($this->enabled_column), '=', 'yes', ELGG_VALUE_STRING);
}
$hook_params = [
'table_alias' => $alias,
'user_guid' => $this->viewer_guid,
'ignore_access' => $this->ignore_access,
'use_enabled_clause' => $this->use_enabled_clause,
'access_column' => $this->access_column,
'owner_guid_column' => $this->owner_guid_column,
'guid_column' => $this->guid_column,
'enabled_column' => $this->enabled_column,
'query_builder' => $qb,
];
$clauses = elgg_trigger_plugin_hook('get_sql', 'access', $hook_params, [
'ors' => $ors,
'ands' => $ands,
]);
$ors = array_filter($clauses['ors']);
$ands = array_filter($clauses['ands']);
if (!empty($ors)) {
$ands[] = $qb->merge($ors, 'OR');
}
return $qb->merge($ands);
}
}