diff --git a/inc/abstractcontainerinstance.class.php b/inc/abstractcontainerinstance.class.php index ea2d889b..710c4a7f 100644 --- a/inc/abstractcontainerinstance.class.php +++ b/inc/abstractcontainerinstance.class.php @@ -28,7 +28,7 @@ * ------------------------------------------------------------------------- */ -abstract class PluginFieldsAbstractContainerInstance extends CommonDBChild +abstract class PluginFieldsAbstractContainerInstance extends CommonDBTM { public static $undisclosedFields = []; @@ -36,7 +36,6 @@ abstract class PluginFieldsAbstractContainerInstance extends CommonDBChild public static $itemtype = 'itemtype'; public static $items_id = 'items_id'; - /** * Checks if the HTTP request targets an object with an ID. * @@ -64,6 +63,35 @@ public static function canView() return parent::canView(); } + public function canViewItem() + { + //check if current user have access to the main item entity + $item = new $this->fields['itemtype'](); + $item->getFromDB($this->fields['items_id']); + if (!Session::haveAccessToEntity($item->getEntityID(), $item->isRecursive())) { + return false; + } + $right = PluginFieldsProfile::getRightOnContainer($_SESSION['glpiactiveprofile']['id'], $this->fields['plugin_fields_containers_id']); + if ($right < READ) { + return false; + } + return true; + } + + public function canUpdateItem() + { + //check if current user have access to the main item entity + $item = new $this->fields['itemtype'](); + $item->getFromDB($this->fields['items_id']); + if (!Session::haveAccessToEntity($item->getEntityID(), $item->isRecursive())) { + return false; + } + $right = PluginFieldsProfile::getRightOnContainer($_SESSION['glpiactiveprofile']['id'], $this->fields['plugin_fields_containers_id']); + if ($right > READ) { + return true; + } + return false; + } public function canPurgeItem() { return false;