Elgg  Version 5.1
AccessWhereClause.php
Go to the documentation of this file.
1 <?php
2 
3 namespace Elgg\Database\Clauses;
4 
5 use Elgg\Database\QueryBuilder;
6 
10 class AccessWhereClause extends WhereClause {
11 
15  public $access_column = 'access_id';
16 
20  public $owner_guid_column = 'owner_guid';
21 
25  public $guid_column = 'guid';
26 
30  public $enabled_column = 'enabled';
31 
35  public $ignore_access;
36 
40  public $use_enabled_clause;
41 
45  public $viewer_guid;
46 
50  public function prepare(QueryBuilder $qb, $table_alias = null) {
51  $alias = function ($column) use ($table_alias) {
52  return $table_alias ? "{$table_alias}.{$column}" : $column;
53  };
54 
55  if (!isset($this->viewer_guid)) {
56  $this->viewer_guid = _elgg_services()->session_manager->getLoggedInUserGuid();
57  }
58 
59  if (!isset($this->ignore_access)) {
60  $this->ignore_access = _elgg_services()->userCapabilities->canBypassPermissionsCheck($this->viewer_guid);
61  }
62 
63  if (!isset($this->use_enabled_clause)) {
64  $this->use_enabled_clause = !_elgg_services()->session_manager->getDisabledEntityVisibility();
65  }
66 
67  $ors = [];
68  $ands = [];
69 
70  $ands[] = parent::prepare($qb, $table_alias);
71 
72  if (!$this->ignore_access) {
73  if ($this->viewer_guid) {
74  // include user's content
75  $ors['owner_access'] = $qb->compare($alias($this->owner_guid_column), '=', $this->viewer_guid, ELGG_VALUE_INTEGER);
76  }
77 
78  // include standard accesses (public, logged in, access collections)
79  $access_list = _elgg_services()->accessCollections->getAccessArray($this->viewer_guid);
80  $ors['acl_access'] = $qb->compare($alias($this->access_column), '=', $access_list, ELGG_VALUE_INTEGER);
81  }
82 
83  if ($this->use_enabled_clause) {
84  $ands[] = $qb->compare($alias($this->enabled_column), '=', 'yes', ELGG_VALUE_STRING);
85  }
86 
87  $params = [
88  'table_alias' => $table_alias,
89  'user_guid' => $this->viewer_guid,
90  'ignore_access' => $this->ignore_access,
91  'use_enabled_clause' => $this->use_enabled_clause,
92  'access_column' => $this->access_column,
93  'owner_guid_column' => $this->owner_guid_column,
94  'guid_column' => $this->guid_column,
95  'enabled_column' => $this->enabled_column,
96  'query_builder' => $qb,
97  ];
98 
99  $clauses = _elgg_services()->events->triggerResults('get_sql', 'access', $params, [
100  'ors' => $ors,
101  'ands' => $ands,
102  ]);
103 
104  $ors = array_filter($clauses['ors']);
105  $ands = array_filter($clauses['ands']);
106 
107  if (!empty($ors)) {
108  $ands[] = $qb->merge($ors, 'OR');
109  }
110 
111  return $qb->merge($ands);
112  }
113 }
$params
$params
Saves global plugin settings.
Definition: save.php:13
ELGG_VALUE_INTEGER
const ELGG_VALUE_INTEGER
Value types.
Definition: constants.php:111
$column
$column
Definition: add.php:10
Elgg\Database\QueryBuilder
Database abstraction query builder.
Definition: QueryBuilder.php:18
Elgg\Database\Clauses\AccessWhereClause\prepare
prepare(QueryBuilder $qb, $table_alias=null)
{}
Definition: AccessWhereClause.php:50
Elgg\Database\QueryBuilder\compare
compare($x, $comparison, $y=null, $type=null, $case_sensitive=null)
Build value comparison clause.
Definition: QueryBuilder.php:337
Elgg\Database\Clauses\WhereClause
Builds a clause from closure or composite expression.
Definition: WhereClause.php:12
Elgg\Database\QueryBuilder\merge
merge($parts=null, $boolean= 'AND')
Merges multiple composite expressions with a boolean.
Definition: QueryBuilder.php:285
ELGG_VALUE_STRING
const ELGG_VALUE_STRING
Definition: constants.php:112
_elgg_services
_elgg_services()
Get the global service provider.
Definition: elgglib.php:346
$qb
$qb
Definition: queue.php:11
Elgg\Database\Clauses\AccessWhereClause
Builds queries to restrict access.
Definition: AccessWhereClause.php:10
Generated on Fri Dec 8 2023 00:00:18 for Elgg by   doxygen 1.8.11