static function getUnderActiveProfileRestrictRequest($separator = "AND")
{
// I don't understand usefull of this code (yllen)
/*
if (in_array('reservation', self::$helpdesk_rights)
&& !Session::haveRight('reservation', ReservationItem::RESERVEANITEM)) {
return false;
}
if (in_array('ticket', self::$helpdesk_rights)
&& !Session::haveRightsOr("ticket", array(CREATE, Ticket::READGROUP))) {
return false;
}
if (in_array('followup', self::$helpdesk_rights)
&& !Session::haveRightsOr('followup',
array(TicketFollowup::ADDMYTICKET, TicketFollowup::UPDATEMY,
TicketFollowup::SEEPUBLIC))) {
return false;
}
if (in_array('task', self::$helpdesk_rights)
&& !Session::haveRight('task', TicketTask::SEEPUBLIC)) {
return false;
}
if (in_array('ticketvalidation', self::$helpdesk_rights)
&& !Session::haveRightsOr('ticketvalidation',
array(TicketValidation::CREATEREQUEST,
TicketValidation::CREATEINCIDENT,
TicketValidation::VALIDATEREQUEST,
TicketValidation::VALIDATEINCIDENT))) {
return false;
}
*/
$query = $separator . " ";
// Not logged -> no profile to see
if (!isset($_SESSION['glpiactiveprofile'])) {
return $query . " 0 ";
}
// Profile right : may modify profile so can attach all profile
if (Profile::canCreate()) {
return $query . " 1 ";
}
if ($_SESSION['glpiactiveprofile']['interface'] == 'central') {
$query .= " (`glpi_profiles`.`interface` = 'helpdesk') ";
}
$query .= " OR (`glpi_profiles`.`interface` = '" . $_SESSION['glpiactiveprofile']['interface'] . "' ";
// First, get all possible rights
$right_subqueries = array();
foreach (ProfileRight::getAllPossibleRights() as $key => $default) {
$val = isset($_SESSION['glpiactiveprofile'][$key]) ? $_SESSION['glpiactiveprofile'][$key] : 0;
if (!is_array($val) && ($_SESSION['glpiactiveprofile']['interface'] == 'central' || in_array($key, self::$helpdesk_rights))) {
$right_subqueries[] = "(`glpi_profilerights`.`name` = '{$key}'\n AND (`glpi_profilerights`.`rights` | {$val}) = {$val})";
}
}
$query .= " AND " . count($right_subqueries) . " = (\n SELECT count(*)\n FROM `glpi_profilerights`\n WHERE `glpi_profilerights`.`profiles_id` = `glpi_profiles`.`id`\n AND (" . implode(' OR ', $right_subqueries) . ")))";
return $query;
}