Add Item_Model::viewable() which we can use to restrict any query to

just items viewable by the active user. Ie: ORM::factory("item") ->where("name", "foo") ->find_all() Would get all items with the name "foo". ORM::factory("item") ->viewable() ->where("name", "foo") ->find_all() Restricts it to just the set of items that the user is allowed to see.
author: Bharat Mediratta <bharat@menalto.com> 2008-12-17 22:39:33 +0000
committer: Bharat Mediratta <bharat@menalto.com> 2008-12-17 22:39:33 +0000
commit: b37047ff557c88becd662bd6622bf27f7a9a78f2 (patch)
tree: bf1fb40207030d4f92afa3b510c9504e4769bf52 /core/models
parent: fe396410894f9fcf430e31216312f70db800d96e (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/core/models/item.php b/core/models/item.php
index 64af79ce..e5eb4039 100644
--- a/core/models/item.php
+++ b/core/models/item.php
@@ -20,10 +20,26 @@
 class Item_Model extends ORM_MPTT {
   protected $children = 'items';
   private $relative_path = null;
+  private $view_restrictions = array();
 
   var $rules = array();
 
   /**
+   * Add a set of restrictions to any following queries to restrict access only to items
+   * viewable by the active user.
+   * @chainable
+   */
+  public function viewable() {
+    if (empty($this->view_restrictions)) {
+      foreach (user::group_ids() as $id) {
+        $this->view_restrictions["view_$id"] = access::ALLOW;
+      }
+    }
+    $this->where($this->view_restrictions);
+    return $this;
+  }
+
+  /**
    * Is this item an album?
    * @return true if it's an album
    */
author	Bharat Mediratta <bharat@menalto.com>	2008-12-17 22:39:33 +0000
committer	Bharat Mediratta <bharat@menalto.com>	2008-12-17 22:39:33 +0000
commit	b37047ff557c88becd662bd6622bf27f7a9a78f2 (patch)
tree	bf1fb40207030d4f92afa3b510c9504e4769bf52 /core/models
parent	fe396410894f9fcf430e31216312f70db800d96e (diff)