/**
* Check is the curent user is allowed to see the file
*
* @param $options array of options (only 'tickets_id' used)
*
* @return boolean
**/
function canViewFile($options)
{
global $DB, $CFG_GLPI;
if (isset($_SESSION["glpiactiveprofile"]["interface"]) && $_SESSION["glpiactiveprofile"]["interface"] == "central") {
// My doc Check and Common doc right access
if ($this->can($this->fields["id"], READ) || $this->fields["users_id"] === Session::getLoginUserID()) {
return true;
}
// Reminder Case
$query = "SELECT *\n FROM `glpi_documents_items`\n LEFT JOIN `glpi_reminders`\n ON (`glpi_reminders`.`id` = `glpi_documents_items`.`items_id`\n AND `glpi_documents_items`.`itemtype` = 'Reminder')\n " . Reminder::addVisibilityJoins() . "\n WHERE `glpi_documents_items`.`documents_id` = '" . $this->fields["id"] . "'\n AND " . Reminder::addVisibilityRestrict();
$result = $DB->query($query);
if ($DB->numrows($result) > 0) {
return true;
}
// Knowbase Case
if (Session::haveRight("knowbase", READ)) {
$query = "SELECT *\n FROM `glpi_documents_items`\n LEFT JOIN `glpi_knowbaseitems`\n ON (`glpi_knowbaseitems`.`id` = `glpi_documents_items`.`items_id`\n AND `glpi_documents_items`.`itemtype` = 'KnowbaseItem')\n " . KnowbaseItem::addVisibilityJoins() . "\n WHERE `glpi_documents_items`.`documents_id` = '" . $this->fields["id"] . "'\n AND " . KnowbaseItem::addVisibilityRestrict();
$result = $DB->query($query);
if ($DB->numrows($result) > 0) {
return true;
}
}
if (Session::haveRight('knowbase', KnowbaseItem::READFAQ)) {
$query = "SELECT *\n FROM `glpi_documents_items`\n LEFT JOIN `glpi_knowbaseitems`\n ON (`glpi_knowbaseitems`.`id` = `glpi_documents_items`.`items_id`\n AND `glpi_documents_items`.`itemtype` = 'KnowbaseItem')\n " . KnowbaseItem::addVisibilityJoins() . "\n WHERE `glpi_documents_items`.`documents_id` = '" . $this->fields["id"] . "'\n AND `glpi_knowbaseitems`.`is_faq` = '1'\n AND " . KnowbaseItem::addVisibilityRestrict();
$result = $DB->query($query);
if ($DB->numrows($result) > 0) {
return true;
}
}
// Tracking Case
if (isset($options["tickets_id"])) {
$job = new Ticket();
if ($job->can($options["tickets_id"], READ)) {
$query = "SELECT *\n FROM `glpi_documents_items`\n WHERE `glpi_documents_items`.`items_id` = '" . $options["tickets_id"] . "'\n AND `glpi_documents_items`.`itemtype` = 'Ticket'\n AND `documents_id`='" . $this->fields["id"] . "'";
$result = $DB->query($query);
if ($DB->numrows($result) > 0) {
return true;
}
}
}
} else {
if (Session::getLoginUserID()) {
// ! central
// Check if it is my doc
if ($this->fields["users_id"] === Session::getLoginUserID()) {
return true;
}
// Reminder Case
$query = "SELECT *\n FROM `glpi_documents_items`\n LEFT JOIN `glpi_reminders`\n ON (`glpi_reminders`.`id` = `glpi_documents_items`.`items_id`\n AND `glpi_documents_items`.`itemtype` = 'Reminder')\n " . Reminder::addVisibilityJoins() . "\n WHERE `glpi_documents_items`.`documents_id` = '" . $this->fields["id"] . "'\n AND " . Reminder::addVisibilityRestrict();
$result = $DB->query($query);
if ($DB->numrows($result) > 0) {
return true;
}
if (Session::haveRight('knowbase', KnowbaseItem::READFAQ)) {
// Check if it is a FAQ document
$query = "SELECT *\n FROM `glpi_documents_items`\n LEFT JOIN `glpi_knowbaseitems`\n ON (`glpi_knowbaseitems`.`id` = `glpi_documents_items`.`items_id`)\n " . KnowbaseItem::addVisibilityJoins() . "\n WHERE `glpi_documents_items`.`itemtype` = 'KnowbaseItem'\n AND `glpi_documents_items`.`documents_id` = '" . $this->fields["id"] . "'\n AND `glpi_knowbaseitems`.`is_faq` = '1'\n AND " . KnowbaseItem::addVisibilityRestrict();
$result = $DB->query($query);
if ($DB->numrows($result) > 0) {
return true;
}
}
// Tracking Case
if (isset($options["tickets_id"])) {
$job = new Ticket();
if ($job->can($options["tickets_id"], READ)) {
$query = "SELECT *\n FROM `glpi_documents_items`\n WHERE `glpi_documents_items`.`items_id` = '" . $options["tickets_id"] . "'\n AND `glpi_documents_items`.`itemtype` = 'Ticket'\n AND `documents_id` = '" . $this->fields["id"] . "'";
$result = $DB->query($query);
if ($DB->numrows($result) > 0) {
return true;
}
}
}
}
}
// Public FAQ for not connected user
if ($CFG_GLPI["use_public_faq"]) {
$query = "SELECT *\n FROM `glpi_documents_items`\n LEFT JOIN `glpi_knowbaseitems`\n ON (`glpi_knowbaseitems`.`id` = `glpi_documents_items`.`items_id`)\n LEFT JOIN `glpi_entities_knowbaseitems`\n ON (`glpi_knowbaseitems`.`id` = `glpi_entities_knowbaseitems`.`knowbaseitems_id`)\n WHERE `glpi_documents_items`.`itemtype` = 'KnowbaseItem'\n AND `glpi_documents_items`.`documents_id` = '" . $this->fields["id"] . "'\n AND `glpi_knowbaseitems`.`is_faq` = '1'\n AND `glpi_entities_knowbaseitems`.`entities_id` = '0'\n AND `glpi_entities_knowbaseitems`.`is_recursive` = '1'";
$result = $DB->query($query);
if ($DB->numrows($result) > 0) {
return true;
}
}
return false;
}