Skip to content

Commit 8e06e0f

Browse files
bozanabozana
committed
#4340: limit available contexts by user
1 parent 5653cc9 commit 8e06e0f

File tree

1 file changed

+8
-5
lines changed

1 file changed

+8
-5
lines changed

classes/context/ContextDAO.inc.php

Lines changed: 8 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -109,6 +109,9 @@ function getAll($enabledOnly = false, $rangeInfo = null) {
109109

110110
/**
111111
* Retrieve available contexts.
112+
* If user-based contexts, retrieve all contexts assigned by user group
113+
* or all contexts for site admin
114+
* If not user-based, retrieve all enabled contexts.
112115
* @param $userId int Optional user ID to find available contexts for
113116
* @param $rangeInfo Object optional
114117
* @return DAOResultFactory containing matching Contexts
@@ -122,12 +125,12 @@ function getAvailable($userId = null, $rangeInfo = null) {
122125

123126
$result = $this->retrieveRange(
124127
'SELECT c.* FROM ' . $this->tableName . ' c
125-
WHERE c.enabled = 1 ' .
128+
WHERE ' .
126129
($userId?
127-
'OR c.' . $this->primaryKeyColumn . ' IN (SELECT DISTINCT ug.context_id FROM user_groups ug JOIN user_user_groups uug ON (ug.user_group_id = uug.user_group_id) WHERE uug.user_id = ?)
128-
OR ? IN (SELECT user_id FROM user_groups ug JOIN user_user_groups uug ON (ug.user_group_id = uug.user_group_id) WHERE ug.role_id = ?) '
129-
:'') .
130-
'ORDER BY seq',
130+
'c.' . $this->_getPrimaryKeyColumn() . ' IN (SELECT DISTINCT ug.context_id FROM user_groups ug JOIN user_user_groups uug ON (ug.user_group_id = uug.user_group_id) WHERE uug.user_id = ?)
131+
OR ? IN (SELECT user_id FROM user_groups ug JOIN user_user_groups uug ON (ug.user_group_id = uug.user_group_id) WHERE ug.role_id = ?)'
132+
:'c.enabled = 1') .
133+
' ORDER BY seq',
131134
$params,
132135
$rangeInfo
133136
);

0 commit comments

Comments
 (0)