Commits

Anonymous committed d37a0cd

[331] hide icon if no action index access

Comments (0)

Files changed (1)

application/modules/modules/models/Controllers.php

 	 * @param string $module
 	 * @param array $roles
 	 * @return multitype:|Ambigous <multitype:, multitype:unknown >
+	 *
+	 * Modified for ticket 331 to not show icons if the user doesn't have access to the index action.
+	 * we tried a join and also a subselect for this and found the subselect is actually faster....
+	 * leaving join commented in case we have to revisit this
 	 */
 	public function fetchControllersForModule($module,$roles)
 	{
 				->from( array('P' => 'permission'), array('PermissionId'=>'P.id') )
 				->join( array('M'=>'modules'), 'M.id = P.moduleId', array('moduleId'=>'M.id','moduleName'=>'LOWER(M.name)') )
 				->join( array('C'=>'controllers'), 'C.id = P.controllerId', array('controllerId'=>'C.id','controllerName'=>'LOWER(C.name)','display'=>'C.display','icon'=>'C.icon') )
-				->join( array('RP'=>'rolePermission'),'RP.permissionId=P.id',array())				
+				->join( array('RP'=>'rolePermission'),'RP.permissionId=P.id',array())
+				//->join( array('A'=>'actions'),"P.actionId=A.id AND A.name='Index'",array())
 				->where($db->quoteInto('M.name=?',$module,'string'))
 				->where($db->quoteInto('RP.roleId = ?',$roles,'int'))
 				->where( 'C.display=1' )
-				->where( "P.actionId IN(SELECT id FROM actions WHERE name='Index')")
-				->group('controllerId');			 
+				->where( "P.actionId = (SELECT id FROM actions WHERE name='Index')")
+				->group('controllerId');				
 			$resultset = $db->query($select);
 			$log = new ZFObserver_Forensic();
 			$log->setStatus(ZFObserver_ILogeable::DEBUG);