From 2dbe5a86b26f118e8ce717fcaedfc3ae52b1b06c Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Thu, 1 Aug 2019 15:09:32 +0200
Subject: [roomplanner] Search only returns clients allowed in that room

Don't return clients that wouldn't be allowed to be assigned to that
location according to the rules in the Location class.
---
 modules-available/roomplanner/clientscript.js |  2 +-
 modules-available/roomplanner/page.inc.php    | 10 ++++++++--
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/modules-available/roomplanner/clientscript.js b/modules-available/roomplanner/clientscript.js
index 823c212a..48311a09 100644
--- a/modules-available/roomplanner/clientscript.js
+++ b/modules-available/roomplanner/clientscript.js
@@ -83,7 +83,7 @@ function loadMachines(query, callback) {
         }
     }
     $.ajax({
-        url: '?do=roomplanner&action=getmachines&query=' + encodeURIComponent(query),
+        url: '?do=roomplanner&action=getmachines&query=' + encodeURIComponent(query) + '&locationid=' + locationId,
         type: 'GET',
         dataType: 'json',
         error: function() {
diff --git a/modules-available/roomplanner/page.inc.php b/modules-available/roomplanner/page.inc.php
index d22c0054..52ad34f3 100644
--- a/modules-available/roomplanner/page.inc.php
+++ b/modules-available/roomplanner/page.inc.php
@@ -168,6 +168,7 @@ class Page_Roomplanner extends Page
 				die('{"machines":[]}');
 			}
 
+			$roomLocationId = Request::any('locationid', 0, 'int');
 			$query = Request::get('query', false, 'string');
 			$aquery = preg_replace('/[^\x01-\x7f]+/', '%', $query);
 			if (strlen(str_replace('%', '', $aquery)) < 2) {
@@ -179,21 +180,26 @@ class Page_Roomplanner extends Page
 				$condition .= ' OR locationid IS NULL';
 			}
 
-			$result = Database::simpleQuery("SELECT machineuuid, macaddr, clientip, hostname, fixedlocationid
+			$result = Database::simpleQuery("SELECT machineuuid, macaddr, clientip, hostname, fixedlocationid, subnetlocationid
 				FROM machine
 				WHERE ($condition) AND machineuuid LIKE :aquery
 				 OR macaddr  	 LIKE :aquery
 				 OR clientip    LIKE :aquery
 				 OR hostname	 LIKE :query
-				 LIMIT 100", ['query' => "%$query%", 'aquery' => "%$aquery%", 'locations' => $locations]);
+				 LIMIT 500", ['query' => "%$query%", 'aquery' => "%$aquery%", 'locations' => $locations]);
 
 			$returnObject = ['machines' => []];
 
 			while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
+				error_log("$roomLocationId, {$row['subnetlocationid']}");
+				if (!Location::isFixedLocationValid($roomLocationId, $row['subnetlocationid']))
+					continue;
 				if (empty($row['hostname'])) {
 					$row['hostname'] = $row['clientip'];
 				}
 				$returnObject['machines'][] = $row;
+				if (count($returnObject['machines']) > 100)
+					break;
 			}
 			echo json_encode($returnObject);
 		} elseif ($this->action === 'save') {
-- 
cgit v1.2.3-55-g7522