include indivually permitted objects in #index responses

author Tom Clegg <tom@clinicalfuture.com>

Sun, 9 Jun 2013 18:41:58 +0000 (14:41 -0400)

committer Tom Clegg <tom@clinicalfuture.com>

Sun, 9 Jun 2013 18:41:58 +0000 (14:41 -0400)
author Tom Clegg <tom@clinicalfuture.com>
Sun, 9 Jun 2013 18:41:58 +0000 (14:41 -0400)
committer Tom Clegg <tom@clinicalfuture.com>
Sun, 9 Jun 2013 18:41:58 +0000 (14:41 -0400)
diff --git a/services/api/app/controllers/application_controller.rb b/services/api/app/controllers/application_controller.rb

index 8888366d0e0bec6ea4619f8a62a27bed2258e3be..3b86e45684c52194d5c7c7629a7c7a3be1f6fb36 100644 (file)
--- a/services/api/app/controllers/application_controller.rb
+++ b/services/api/app/controllers/application_controller.rb
@@ -100,7 +100,7 @@ class ApplicationController < ActionController::Base
      sanitized_uuid_list = uuid_list.
        collect { |uuid| model_class.sanitize(uuid) }.join(', ')
      @objects ||= model_class.
-      joins("LEFT JOIN links permissions ON permissions.head_uuid=#{table_name}.owner AND permissions.tail_uuid in (#{sanitized_uuid_list}) AND permissions.link_class='permission'").
+      joins("LEFT JOIN links permissions ON permissions.head_uuid in (#{table_name}.owner, #{table_name}.uuid) AND permissions.tail_uuid in (#{sanitized_uuid_list}) AND permissions.link_class='permission'").
        where("?=? OR #{table_name}.owner in (?) OR #{table_name}.uuid=? OR permissions.head_uuid IS NOT NULL",
              true, current_user.is_admin,
              uuid_list,
author	Tom Clegg <tom@clinicalfuture.com>
	Sun, 9 Jun 2013 18:41:58 +0000 (14:41 -0400)
committer	Tom Clegg <tom@clinicalfuture.com>
	Sun, 9 Jun 2013 18:41:58 +0000 (14:41 -0400)