From f15daa57358c977971e69d53375c14b3c13621d4 Mon Sep 17 00:00:00 2001 From: Ralf Becker Date: Mon, 7 Nov 2016 09:26:14 +0100 Subject: [PATCH] allow to use Api\Contacts::search() without Acl check --- api/src/Contacts/Sql.php | 6 ++++-- api/src/Contacts/Storage.php | 5 +++-- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/api/src/Contacts/Sql.php b/api/src/Contacts/Sql.php index 019ba50329..098072df47 100644 --- a/api/src/Contacts/Sql.php +++ b/api/src/Contacts/Sql.php @@ -262,9 +262,10 @@ class Sql extends Api\Storage * @param string $join ='' sql to do a join, added as is after the table-name, eg. ", table2 WHERE x=y" or * "LEFT JOIN table2 ON (x=y)", Note: there's no quoting done on $join! * @param boolean $need_full_no_count =false If true an unlimited query is run to determine the total number of rows, default false + * @param boolean $ignore_acl =false true: no acl check * @return boolean/array of matching rows (the row is an array of the cols) or False */ - function &search($criteria,$only_keys=True,$order_by='',$extra_cols='',$wildcard='',$empty=False,$op='AND',$start=false,$filter=null,$join='',$need_full_no_count=false) + function &search($criteria,$only_keys=True,$order_by='',$extra_cols='',$wildcard='',$empty=False,$op='AND',$start=false,$filter=null,$join='',$need_full_no_count=false, $ignore_acl=false) { if ((int) $this->debug >= 4) echo '

'.__METHOD__.'('.array2string($criteria).','.array2string($only_keys).",'$order_by','$extra_cols','$wildcard','$empty','$op',$start,".array2string($filter).",'$join')

\n"; //error_log(__METHOD__.'('.array2string($criteria,true).','.array2string($only_keys).",'$order_by', ".array2string($extra_cols).",'$wildcard','$empty','$op',$start,".array2string($filter).",'$join')"); @@ -290,7 +291,8 @@ class Sql extends Api\Storage } // add filter for read ACL in sql, if user is NOT the owner of the addressbook - if (isset($this->grants) && !(isset($filter['owner']) && $filter['owner'] == $GLOBALS['egw_info']['user']['account_id'])) + if (isset($this->grants) && !$ignore_acl && + !(isset($filter['owner']) && $filter['owner'] == $GLOBALS['egw_info']['user']['account_id'])) { // add read ACL for groupmembers (they have no if ($GLOBALS['egw_info']['user']['preferences']['common']['account_selection'] == 'groupmembers' && diff --git a/api/src/Contacts/Storage.php b/api/src/Contacts/Storage.php index 94b4bb877b..30a590cafd 100755 --- a/api/src/Contacts/Storage.php +++ b/api/src/Contacts/Storage.php @@ -600,9 +600,10 @@ class Storage * @param array $filter =null if set (!=null) col-data pairs, to be and-ed (!) into the query without wildcards * $filter['cols_to_search'] limit search columns to given columns, otherwise $this->columns_to_search is used * @param string $join ='' sql to do a join (only used by sql backend!), eg. " RIGHT JOIN egw_accounts USING(account_id)" + * @param boolean $ignore_acl =false true: no acl check * @return array of matching rows (the row is an array of the cols) or False */ - function &search($criteria,$only_keys=True,$order_by='',$extra_cols='',$wildcard='',$empty=False,$op='AND',$start=false,$filter=null,$join='') + function &search($criteria,$only_keys=True,$order_by='',$extra_cols='',$wildcard='',$empty=False,$op='AND',$start=false,$filter=null,$join='', $ignore_acl=false) { //error_log(__METHOD__.'('.array2string($criteria,true).','.array2string($only_keys).",'$order_by','$extra_cols','$wildcard','$empty','$op',".array2string($start).','.array2string($filter,true).",'$join')"); @@ -703,7 +704,7 @@ class Storage } // get the used backend for the search and call it's search method $rows = $backend->search($criteria, $only_keys, $order_by, $extra_cols, - $wildcard, $empty, $op, $start, $filter, $join); + $wildcard, $empty, $op, $start, $filter, $join, false, $ignore_acl); $this->total = $backend->total;