From f5604bfb573b9842905d051ceffb6ee6f8d89109 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Jan=20B=C3=BCren?= Date: Tue, 22 Mar 2022 11:51:02 +0100 Subject: [PATCH] =?utf8?q?Wiedervorlage=20f=C3=BCr=20Beleg,=20nur=20sichtb?= =?utf8?q?ar=20f=C3=BCr=20eigenen=20Benutzer?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Die Rechte sind hier entweder zu strikt oder werden erst gar nicht überprüft. Ferner sieht die ursprüngliche SQL-Abfrage leicht buggy aus. Dieser Commit enthebelt behandelt Wiedervorlagen für Belege so als ob diese sichtbar für alle Benutzer sind. Ferner wird die SQL-Abfrage konkret auf die trans_id des Belegs angewendet --- SL/FU.pm | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/SL/FU.pm b/SL/FU.pm index b1eaf005a..822e31fe3 100644 --- a/SL/FU.pm +++ b/SL/FU.pm @@ -195,8 +195,10 @@ sub follow_ups { my @values_user = (); if ($params{trans_id}) { - $where .= qq| AND EXISTS (SELECT * FROM follow_up_links ful - WHERE (ful.follow_up_id = fu.id) AND (ful.trans_id = ?))|; + $where .= qq| AND fu.id IN (select follow_up_id from follow_up_links where trans_id = ?)|; + # $where .= qq| AND (ful.follow_up_id = fu.id) AND (ful.trans_id = ?))|; + # $where .= qq| AND EXISTS (SELECT * FROM follow_up_links ful + # WHERE (ful.follow_up_id = fu.id) AND (ful.trans_id = ?))|; push @values, conv_i($params{trans_id}); } @@ -251,7 +253,7 @@ sub follow_ups { push @values, conv_i($params{created_for}); } - if ($params{all_users}) { + if ($params{all_users} || $params{trans_id}) { # trans_id only for documents? $where_user = qq|OR (fu.created_by IN (SELECT DISTINCT what FROM follow_up_access WHERE who = ?))|; push @values_user, $employee_id; } -- 2.20.1