Elgg  Version 3.0
AccessWhereClause.php
Go to the documentation of this file.
1 <?php
2 
4 
6 
11 
15  public $access_column = 'access_id';
19  public $owner_guid_column = 'owner_guid';
20 
24  public $guid_column = 'guid';
25 
29  public $enabled_column = 'enabled';
30 
35 
40 
44  public $viewer_guid;
45 
49  public function prepare(QueryBuilder $qb, $table_alias = null) {
50 
51  $alias = function ($column) use ($table_alias) {
52  return $table_alias ? "{$table_alias}.{$column}" : $column;
53  };
54 
55  if (!isset($this->viewer_guid)) {
56  $this->viewer_guid = _elgg_services()->session->getLoggedInUserGuid();
57  }
58 
59  if (!isset($this->ignore_access)) {
60  $this->ignore_access = _elgg_services()->userCapabilities->canBypassPermissionsCheck($this->viewer_guid);
61  }
62 
63  if (!isset($this->use_enabled_clause)) {
64  $this->use_enabled_clause = !_elgg_services()->session->getDisabledEntityVisibility();
65  }
66 
67  $ors = [];
68  $ands = [];
69 
70  $ands[] = parent::prepare($qb, $table_alias);
71 
72  if (!$this->ignore_access) {
73  if ($this->viewer_guid) {
74  // include user's content
75  $ors['owner_access'] = $qb->compare($alias($this->owner_guid_column), '=', $this->viewer_guid, ELGG_VALUE_INTEGER);
76  }
77 
78  // include standard accesses (public, logged in, access collections)
79  $access_list = _elgg_services()->accessCollections->getAccessArray($this->viewer_guid);
80  $ors['acl_access'] = $qb->compare($alias($this->access_column), '=', $access_list, ELGG_VALUE_INTEGER);
81  }
82 
83  if ($this->use_enabled_clause) {
84  $ands[] = $qb->compare($alias($this->enabled_column), '=', 'yes', ELGG_VALUE_STRING);
85  }
86 
87  $hook_params = [
88  'table_alias' => $table_alias,
89  'user_guid' => $this->viewer_guid,
90  'ignore_access' => $this->ignore_access,
91  'use_enabled_clause' => $this->use_enabled_clause,
92  'access_column' => $this->access_column,
93  'owner_guid_column' => $this->owner_guid_column,
94  'guid_column' => $this->guid_column,
95  'enabled_column' => $this->enabled_column,
96  'query_builder' => $qb,
97  ];
98 
99  $clauses = _elgg_services()->hooks->trigger('get_sql', 'access', $hook_params, [
100  'ors' => $ors,
101  'ands' => $ands,
102  ]);
103 
104  $ors = array_filter($clauses['ors']);
105  $ands = array_filter($clauses['ands']);
106 
107  if (!empty($ors)) {
108  $ands[] = $qb->merge($ors, 'OR');
109  }
110 
111  return $qb->merge($ands);
112  }
113 
114 }
const ELGG_VALUE_INTEGER
Value types.
Definition: constants.php:138
$column
Definition: add.php:10
Database abstraction query builder.
prepare(QueryBuilder $qb, $table_alias=null)
{Build an expression and/or apply it to an instance of query builder.Query builder Table aliasComposi...
compare($x, $comparison, $y=null, $type=null, $case_sensitive=null)
Build value comparison clause.
Builds a clause from closure or composite expression.
Definition: WhereClause.php:12
merge($parts=null, $boolean= 'AND')
Merges multiple composite expressions with a boolean.
const ELGG_VALUE_STRING
Definition: constants.php:139
_elgg_services()
Get the global service provider.
Definition: elgglib.php:1292
Builds queries to restrict access.