mirror of
https://github.com/alchemy-fr/Phraseanet.git
synced 2025-10-10 11:33:17 +00:00
65 lines
1.8 KiB
PHP
65 lines
1.8 KiB
PHP
<?php
|
|
|
|
class liste
|
|
{
|
|
|
|
public static function filter($lst)
|
|
{
|
|
$appbox = appbox::get_instance(\bootstrap::getCore());
|
|
$session = $appbox->get_session();
|
|
|
|
if ( ! is_array($lst))
|
|
explode(';', $lst);
|
|
|
|
$okbrec = array();
|
|
|
|
$user = User_Adapter::getInstance($session->get_usr_id(), $appbox);
|
|
|
|
foreach ($lst as $basrec) {
|
|
$basrec = explode("_", $basrec);
|
|
if ( ! $basrec || count($basrec) != 2) {
|
|
continue;
|
|
}
|
|
try {
|
|
$record = new record_adapter($basrec[0], $basrec[1]);
|
|
} catch (Exception $e) {
|
|
continue;
|
|
}
|
|
|
|
if ($user->ACL()->has_hd_grant($record)) {
|
|
$okbrec[] = implode('_', $basrec);
|
|
;
|
|
continue;
|
|
}
|
|
if ($user->ACL()->has_preview_grant($record)) {
|
|
$okbrec[] = implode('_', $basrec);
|
|
;
|
|
continue;
|
|
}
|
|
|
|
if ( ! $user->ACL()->has_access_to_base($record->get_base_id()))
|
|
continue;
|
|
|
|
try {
|
|
$connsbas = connection::getPDOConnection($basrec[0]);
|
|
|
|
$sql = 'SELECT record_id FROM record WHERE ((status ^ ' . $user->ACL()->get_mask_xor($record->get_base_id()) . ')
|
|
& ' . $user->ACL()->get_mask_and($record->get_base_id()) . ')=0' .
|
|
' AND record_id = :record_id';
|
|
|
|
$stmt = $connsbas->prepare($sql);
|
|
$stmt->execute(array(':record_id' => $basrec[1]));
|
|
|
|
if ($stmt->rowCount() > 0)
|
|
$okbrec[] = implode('_', $basrec);
|
|
|
|
$stmt->closeCursor();
|
|
} catch (Exception $e) {
|
|
|
|
}
|
|
}
|
|
|
|
return $okbrec;
|
|
}
|
|
}
|