public static function getUserTeamOwnershipSql($userId, $farmId = null)
{
$farm = new Farm();
$farmTeam = new FarmTeam();
$accountTeamUser = new Account\TeamUser();
$accountTeamEnv = new Account\TeamEnvs();
$sql = "EXISTS(" . "SELECT 1 FROM {$farmTeam->table()}" . "JOIN {$accountTeamUser->table()} ON {$accountTeamUser->columnTeamId} = {$farmTeam->columnTeamId} " . "JOIN {$accountTeamEnv->table()} ON {$accountTeamEnv->columnTeamId} = {$farmTeam->columnTeamId} " . ($farmId ? "JOIN {$farm->table('f')} ON {$farmTeam->columnFarmId} = {$farm->columnId('f')}" : "") . "WHERE {$accountTeamEnv->columnEnvId()} = {$farm->columnEnvId('f')} " . "AND " . ($farmId ? "{$farm->columnId('f')} = " . $farm->db()->qstr($farmId) : "{$farm->columnId('f')} = {$farmTeam->columnFarmId}") . " " . "AND {$accountTeamUser->columnUserId} = " . $farm->db()->qstr($userId) . ")";
return $sql;
}
/** * Generate conditions for sql query to limit access by only allowable farms. * Table `farms` should have alias `f`. * * @param string $permissionId optional * @return string */ public function getFarmSqlQuery($permissionId = null) { if (!$this->isAllowed(Acl::RESOURCE_FARMS, $permissionId)) { $q = []; if ($this->isAllowed(Acl::RESOURCE_TEAM_FARMS, $permissionId)) { $q[] = Farm::getUserTeamOwnershipSql($this->user->id); } if ($this->isAllowed(Acl::RESOURCE_OWN_FARMS, $permissionId)) { $q[] = "f.created_by_id = '{$this->user->getId()}'"; } if (count($q)) { $sql = '(' . join(' OR ', $q) . ')'; } else { $sql = '0'; // no permissions } } else { $sql = '1'; // all farms in env } return $sql; }