[Fusionforge-commits] r8223 - trunk/gforge/common/search

Roland Mas lolando at libremir.placard.fr.eu.org
Thu Oct 1 15:01:32 CEST 2009


Author: lolando
Date: 2009-10-01 15:01:32 +0200 (Thu, 01 Oct 2009)
New Revision: 8223

Modified:
   trunk/gforge/common/search/ProjectSearchQuery.class.php
Log:
Limit project search to public and accessable projects (patch #44 from Severin Leonhardt)

Modified: trunk/gforge/common/search/ProjectSearchQuery.class.php
===================================================================
--- trunk/gforge/common/search/ProjectSearchQuery.class.php	2009-10-01 12:49:54 UTC (rev 8222)
+++ trunk/gforge/common/search/ProjectSearchQuery.class.php	2009-10-01 13:01:32 UTC (rev 8223)
@@ -44,7 +44,7 @@
 	 * @return string sql query to execute
 	 */
 	function getQuery() {
-		global $sys_use_fti;
+		global $sys_use_fti, $LUSER;
 		if ($sys_use_fti) {
 			if(count($this->words)) {
 				$tsquery0 = "headline(group_name, q) as group_name, " .
@@ -77,17 +77,21 @@
 			}
 			$sql = "SELECT DISTINCT ON ($distinctOn) type_id, g.group_id, " .$tsquery0.
 					" FROM groups AS g ".$tsquery.
-					" WHERE g.status in ('A', 'H') AND ($tsmatch $phraseCond) $tsjoin $orderBy";
+					" WHERE g.status in ('A', 'H') AND (g.is_public='1' ";
+			if (isset($LUSER))
+				$sql .= 'OR g.group_id in (SELECT ug.group_id FROM user_group ug WHERE ug.user_id = \''. $LUSER->getID() .'\' AND ug.group_id = g.group_id) ';
+			$sql .= ") AND ($tsmatch $phraseCond) $tsjoin $orderBy";
 		} else {
-			$groupNameCond = $this->getIlikeCondition('group_name', $this->words);
-			$groupDescriptionCond = $this->getIlikeCondition('short_description', $this->words);
-			$groupUnixNameCond = $this->getIlikeCondition('unix_group_name', $this->words);
+			$groupNameCond = $this->getIlikeCondition('g.group_name', $this->words);
+			$groupDescriptionCond = $this->getIlikeCondition('g.short_description', $this->words);
+			$groupUnixNameCond = $this->getIlikeCondition('g.unix_group_name', $this->words);
 			
-			$sql = 'SELECT group_name, unix_group_name, type_id, group_id, short_description '
-				.'FROM groups '
-				.'WHERE status IN (\'A\', \'H\') '
-				.'AND is_public=\'1\' '
-				.'AND (('.$groupNameCond.') OR ('.$groupDescriptionCond.') OR ('.$groupUnixNameCond.'))';
+			$sql = 'SELECT g.group_name AS group_name, g.unix_group_name AS unix_group_name, g.type_id AS type_id, g.group_id AS group_id, g.short_description AS short_description '
+				.'FROM groups g '
+				.'WHERE g.status IN (\'A\', \'H\') AND (g.is_public=\'1\' ';
+			if (isset($LUSER))
+				$sql .='OR g.group_id in (SELECT ug.group_id FROM user_group ug WHERE ug.user_id = \''. $LUSER->getID() .'\' AND ug.group_id = g.group_id) ';
+			$sql .=') AND (('.$groupNameCond.') OR ('.$groupDescriptionCond.') OR ('.$groupUnixNameCond.'))';
 		}
 		return $sql;
 	}




More information about the Fusionforge-commits mailing list