# to this row, or to the owner of this row (see join() below).
sql_conds += ["#{table_name}.owner_uuid in (?)",
"#{table_name}.uuid in (?)",
- "permissions.head_uuid IS NOT NULL"]
+ "uuid IN (SELECT head_uuid FROM links WHERE link_class='permission' AND tail_uuid IN (#{sanitized_uuid_list}))"]
sql_params += [uuid_list, user_uuids]
if self == Link and users_list.any?
# user (the identity with authorization to read)
#
# Link class is 'permission' ('write' and 'manage' implicitly include 'read')
-
- joins("LEFT JOIN links permissions ON permissions.head_uuid in (#{table_name}.owner_uuid, #{table_name}.uuid #{or_object_uuid}) AND permissions.tail_uuid in (#{sanitized_uuid_list}) AND permissions.link_class='permission'")
- .where(sql_conds.join(' OR '), *sql_params).uniq
-
+ where(sql_conds.join(' OR '), *sql_params)
else
# At least one user is admin, so don't bother to apply any restrictions.
self
end
-
end
def logged_attributes