- joins("LEFT JOIN links permissions ON permissions.head_uuid=#{table_name}.owner AND permissions.tail_uuid=#{model_class.sanitize current_user.uuid} AND permissions.link_class='permission'").
- where("?=? OR #{table_name}.owner=? OR #{table_name}.uuid=? OR permissions.head_uuid IS NOT NULL",
+ joins("LEFT JOIN links permissions ON permissions.head_uuid=#{table_name}.owner AND permissions.tail_uuid in (#{sanitized_uuid_list}) AND permissions.link_class='permission'").
+ where("?=? OR #{table_name}.owner in (?) OR #{table_name}.uuid=? OR permissions.head_uuid IS NOT NULL",
true, current_user.is_admin,
true, current_user.is_admin,
- current_user.uuid, current_user.uuid)
+ uuid_list,
+ current_user.uuid)
+ @where = params[:where] || {}
+ @where = Oj.load(@where) if @where.is_a?(String)
if params[:where]
if params[:where]
- where = params[:where]
- where = Oj.load(where) if where.is_a?(String)
conditions = ['1=1']
conditions = ['1=1']
- where.each do |attr,value|
+ @where.each do |attr,value|
if (!value.nil? and
attr.to_s.match(/^[a-z][_a-z0-9]+$/) and
model_class.columns.collect(&:name).index(attr))
if value.is_a? Array
conditions[0] << " and #{table_name}.#{attr} in (?)"
conditions << value
if (!value.nil? and
attr.to_s.match(/^[a-z][_a-z0-9]+$/) and
model_class.columns.collect(&:name).index(attr))
if value.is_a? Array
conditions[0] << " and #{table_name}.#{attr} in (?)"
conditions << value
- else
+ elsif value.is_a? String or value.is_a? Fixnum or value == true or value == false
conditions[0] << " and #{table_name}.#{attr}=?"
conditions << value
conditions[0] << " and #{table_name}.#{attr}=?"
conditions << value
+ elsif value.is_a? Hash
+ # Not quite the same thing as "equal?" but better than nothing?
+ value.each do |k,v|
+ if v.is_a? String
+ conditions[0] << " and #{table_name}.#{attr} like ?"
+ conditions << "%:#{k}: #{v}%"
+ end
+ end
end
elsif (!value.nil? and attr == 'any' and
value.is_a?(Array) and value[0] == 'contains' and
end
elsif (!value.nil? and attr == 'any' and
value.is_a?(Array) and value[0] == 'contains' and
@@ -92,7+106,10 @@ class ApplicationController < ActionController::Base