diff options
author | Simon Rettberg | 2020-05-18 18:39:59 +0200 |
---|---|---|
committer | Simon Rettberg | 2020-05-18 18:39:59 +0200 |
commit | 55c1e9bdec8b0872354b221e39b9562fe847ea03 (patch) | |
tree | 4b6a98e1ef2745f543e34a61a6cab06a9984e21d /inc | |
parent | [remoteaccess] Fix DB query to add rooms to groups (diff) | |
download | slx-admin-55c1e9bdec8b0872354b221e39b9562fe847ea03.tar.gz slx-admin-55c1e9bdec8b0872354b221e39b9562fe847ea03.tar.xz slx-admin-55c1e9bdec8b0872354b221e39b9562fe847ea03.zip |
[inc/Permission] add mergeWithDisallowed
Diffstat (limited to 'inc')
-rw-r--r-- | inc/permission.inc.php | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/inc/permission.inc.php b/inc/permission.inc.php index 7dd011bb..cd9cc43c 100644 --- a/inc/permission.inc.php +++ b/inc/permission.inc.php @@ -54,5 +54,29 @@ class Permission return file_exists('modules/' . $moduleId . '/permissions/permissions.json'); } + /** + * Takes a list of locations, removes any locations from it where the user doesn't have permission, + * and then re-adds locations resulting from the given query. The given query should return only + * one column per row, which is a location id. + * @param $passedLocations + * @param $permission + * @param $query + * @param $params + * @return array + */ + public static function mergeWithDisallowed($passedLocations, $permission, $query, $params) + { + $allowed = User::getAllowedLocations($permission); + if (in_array(0, $allowed)) + return $passedLocations; + $passedLocations = array_intersect($passedLocations, $allowed); + $oldSet = Database::queryColumnArray($query, $params); + $oldSet = array_diff($oldSet, $allowed); + if (!empty($oldSet)) { + $passedLocations = array_unique(array_merge($passedLocations, $oldSet)); + } + return $passedLocations; + } + } |