Welcome, Guest

[CLOSED] SQL error in generated models - prepareQuery func.

TOPIC:

SQL error in generated models - prepareQuery func. 23 Jul 2013 14:56 #10555

vlemos
Topic Author
Online
Elite Member
Posts: 295
Thank you received: 41

Hello Admin

The SQL generated by my list models contain:

		// ACCESS - View Level Access
		$whereAccess = '1';
		if (!$this->canAdmin())
		{	
		    $groups	= implode(',', JFactory::getUser()->getAuthorisedViewLevels());
			$whereAccess = 'a.access IN ('.$groups.')';
		}

		// ACCESS - Publish state
		$wherePublished = '(a.published = 1 OR a.published IS NULL)'; //Published or undefined state
		//Allow some users to access (core.edit.state)
		if ($acl->get('core.edit.state'))
			$wherePublished = '1'; //Do not filter

		// FILTER - Published state
		$published = $this->getState('filter.published');
		if (is_numeric($published))
		{
			//Limit to publish state when filter is applied
			$wherePublished = 'a.published = ' . (int)$published;
			//Does not apply the author condition when filter is defined
			$allowAuthor = '0';
		}

		$query->where("$whereAccess AND $wherePublished");

which generates:

	SELECT a.id,
		.
		.
		.

	WHERE  1 AND 1          ***********  issue  ************
		   AND ( a.published = 0
				  OR a.published = 1
				  OR a.published IS NULL )
	ORDER  BY a.ordering ASC

It looks as though it should produce:

		// ACCESS - View Level Access
		$whereAccess = 'a.access = 1';      ***********  change  ************
		if (!$this->canAdmin())
		{	
		    $groups	= implode(',', JFactory::getUser()->getAuthorisedViewLevels());
			$whereAccess = 'a.access IN ('.$groups.')';
		}

		// ACCESS - Publish state
		$wherePublished = '(a.published = 1 OR a.published IS NULL)'; //Published or undefined state
		//Allow some users to access (core.edit.state)
		if ($acl->get('core.edit.state'))
			$wherePublished = 'a.published = 1'; //Do not filter   ***********  change  ************

		// FILTER - Published state
		$published = $this->getState('filter.published');
		if (is_numeric($published))
		{
			//Limit to publish state when filter is applied
			$wherePublished = 'a.published = ' . (int)$published;
			//Does not apply the author condition when filter is defined
			$allowAuthor = '0';
		}

		$query->where("$whereAccess AND $wherePublished");

which would generate:

	SELECT a.id,
		.
		.
		.

	WHERE  a.access = 1 AND a.published =1   ***********  change  ************
	ORDER  BY a.ordering ASC

Please revisit this section of the generator.

Thanks
v

Please Log in or Create an account to join the conversation.

Last edit: by vlemos.

SQL error in generated models - prepareQuery func. 27 Jul 2013 23:18 #10613

BTB300
Offline
Moderator
Posts: 415
Thank you received: 132

looks fine and works for me OK Lets break this down

The new code generated in the where clauses allows specific access overrides such as core.edit.state and core.delete.own

// ACCESS - View Level Access
		$whereAccess = '1';
		if (!$this->canAdmin())
		{	
		    $groups	= implode(',', JFactory::getUser()->getAuthorisedViewLevels());
			$whereAccess = 'a.access IN ('.$groups.')';
		}

if admin no need to check
if not admin check view level access

admin can see all same as

SELECT  a.* FROM atable WHERE 1

NOT admin only see allowed items

SELECT  a.* FROM atable WHERE a.access IN ('.$groups.')

PUBLISHED
show where published =1 or null but allow core edit state

//Allow some users to access (core.edit.state)
		if ($acl->get('core.edit.state'))
		$wherePublished = '1'; //Do not filter

core edit state = need to see all records

//same as
SELECT  a.* FROM atable WHERE 1

Apply filters as needed...

// FILTER - Published state
		$published = $this->getState('filter.published');
		if (is_numeric($published))
		{
			//Limit to publish state when filter is applied
			$wherePublished = 'a.published = ' . (int)$published;
			//Does not apply the author condition when filter is defined
			$allowAuthor = '0';
		}

And finally

$query->where("$whereAccess AND $wherePublished");

// if admin show all
      SELECT  a.* FROM atable WHERE 1 AND 1

// if not Admin but can edit state
      SELECT  a.* FROM atable WHERE a.access IN ('.$groups.')  and 1 // because user can edit state

// if not admin and not core edit state apply normal access controls
// allow access based on view level and show published or null 
      SELECT  a.* FROM atable WHERE a.access IN ('.$groups.') AND (published =1 or published = null)

// if filters applied
// admin
      SELECT  a.* FROM atable WHERE 1 AND a.published = Filter State

// not admin but core.edit.state permission
      SELECT  a.* FROM atable WHERE a.access IN ('.$groups.') AND a.published = Filter State

// not admin and not core edit state
      SELECT  a.* FROM atable WHERE a.access IN ('.$groups.') AND  a.published = Filter State

Hope it helps understand it a little better

The following user(s) said Thank You: admin, vlemos

Please Log in or Create an account to join the conversation.

Last edit: by BTB300.

SQL error in generated models - prepareQuery func. 27 Jul 2013 23:57 #10614

admin Offline Administrator Chef Posts: 3711 Thank you received: 986	The new source is correct I think. I have worked on it for a long time, after the proposal of BTB300 At the end it has been all rewrited in the most compressed possible way. It is possible that it contain gremellin, but this one you show is not an issue. It works correctly. Coding is now a piece of cake The following user(s) said Thank You: vlemos
	Please Log in or Create an account to join the conversation.

SQL error in generated models - prepareQuery func. 29 Jul 2013 16:00 #10621

vlemos Topic Author Online Elite Member Posts: 295 Thank you received: 41	Thanks, I will review.
	Please Log in or Create an account to join the conversation.

Forum

Debug

Closed tickets.