Include files from glpi-project#20247

tsmr · tsmr · commit e6b7f01e533a · 2025-07-11T09:55:38.000+02:00
diff --git a/ajax/visibility.php b/ajax/visibility.php
@@ -45,7 +45,6 @@
 
 if (
     isset($_POST['type']) && !empty($_POST['type'])
-    && isset($_POST['right'])
 ) {
     $display = false;
     $rand    = mt_rand();
@@ -62,9 +61,16 @@
     switch ($_POST['type']) {
         case 'User':
             $params = [
-                'right' => isset($_POST['allusers']) ? 'all' : $_POST['right'],
+                'right' => 'all',
                 'name' => $prefix . 'users_id' . $suffix,
             ];
+            if (isset($_POST['right']) && !isset($_POST['allusers'])) {
+                $params['right'] = $_POST['right'];
+            }
+            if (isset($_POST['entity']) && $_POST['entity'] >= 0) {
+                $params['entity'] = $_POST['entity'];
+                $params['entity_sons'] = $_POST['is_recursive'] ?? false;
+            }
             User::dropdown($params);
             $display = true;
             break;
@@ -82,7 +88,6 @@
                     'prefix'   => $_POST['prefix'],
                 ],
             ];
-
             Group::dropdown($params);
             echo "<span id='subvisibility$rand'></span>";
             $display = true;
@@ -101,27 +106,26 @@
             break;
 
         case 'Profile':
-            $checkright   = (READ | CREATE | UPDATE | PURGE);
-            $righttocheck = $_POST['right'];
-            if ($_POST['right'] == 'faq') {
-                $righttocheck = 'knowbase';
-                $checkright   = KnowbaseItem::READFAQ;
+            $righttocheck = $_POST['right'] ?? null;
+            if ($righttocheck) {
+                $checkright   = (READ | CREATE | UPDATE | PURGE);
+                if ($_POST['right'] == 'faq') {
+                    $righttocheck = 'knowbase';
+                    $checkright   = KnowbaseItem::READFAQ;
+                }
+                $params['condition'] = [
+                    'glpi_profilerights.name' => $righttocheck,
+                    'glpi_profilerights.rights' => ['&', $checkright],
+                ];
             }
-            $params             = [
-                'rand'      => $rand,
-                'name'      => $prefix . 'profiles_id' . $suffix,
-                'condition' => [
-                    'glpi_profilerights.name'     => $righttocheck,
-                    'glpi_profilerights.rights'   => ['&', $checkright],
-                ],
-            ];
-            $params['toupdate'] = ['value_fieldname'
-                                                  => 'value',
-                'to_update'  => "subvisibility$rand",
-                'url'        => $CFG_GLPI["root_doc"] . "/ajax/subvisibility.php",
-                'moreparams' => ['items_id' => '__VALUE__',
-                    'type'     => $_POST['type'],
-                    'prefix'   => $_POST['prefix'],
+            $params['toupdate'] = [
+                'value_fieldname' => 'value',
+                'to_update' => "subvisibility$rand",
+                'url' => $CFG_GLPI["root_doc"] . "/ajax/subvisibility.php",
+                'moreparams' => [
+                    'items_id' => '__VALUE__',
+                    'type' => $_POST['type'],
+                    'prefix' => $_POST['prefix'],
                 ],
             ];
 
diff --git a/src/CommonDBVisible.php b/src/CommonDBVisible.php
@@ -34,12 +34,19 @@
  */
 
 use Glpi\Application\View\TemplateRenderer;
+use Glpi\Event;
 
 /**
  * Common DataBase visibility for items
  */
-abstract class CommonDBVisible extends CommonDBTM
+trait CommonDBVisible
 {
+    /**
+     * Types of target available for the itemtype
+     * @var string[]
+     */
+    public static $types = ['Entity', 'Group', 'Profile', 'User'];
+
     /**
      * Entities on which item is visible.
      * Keys are ID, values are DB fields values.
@@ -68,46 +75,56 @@ abstract class CommonDBVisible extends CommonDBTM
      */
     protected $users = [];
 
-    public function __get(string $property)
-    {
-        // TODO Deprecate access to variables in GLPI 11.0.
-        $value = null;
-        switch ($property) {
-            case 'entities':
-            case 'groups':
-            case 'profiles':
-            case 'users':
-                $value = $this->$property;
-                break;
-            default:
-                $trace = debug_backtrace();
-                trigger_error(
-                    sprintf('Undefined property: %s::%s in %s on line %d', __CLASS__, $property, $trace[0]['file'], $trace[0]['line']),
-                    E_USER_WARNING
-                );
-                break;
-        }
-        return $value;
-    }
+    /**
+     * Class defining relation to $users
+     * @var string
+     */
+    protected $userClass;
+
+    /**
+     * Class defining relation to $profiles
+     * @var string
+     */
+    protected $profileClass;
 
-    public function __set(string $property, $value)
+    /**
+     * Class defining relation to $groups
+     * @var string
+     */
+    protected $groupClass;
+
+    /**
+     * Class defining relation to entities
+     * @var string
+     */
+    protected $entityClass;
+
+    /**
+     * Service for visibility target log
+     * @var string
+     */
+    protected $service;
+
+    public function __construct()
     {
-        // TODO Deprecate access to variables in GLPI 11.0.
-        switch ($property) {
-            case 'entities':
-            case 'groups':
-            case 'profiles':
-            case 'users':
-                $this->$property = $value;
-                break;
-            default:
-                $trace = debug_backtrace();
-                trigger_error(
-                    sprintf('Undefined property: %s::%s in %s on line %d', __CLASS__, $property, $trace[0]['file'], $trace[0]['line']),
-                    E_USER_WARNING
-                );
-                break;
+        // define default values
+        if (!$this->userClass) {
+            $this->userClass = $this->getType() . '_UserTarget';
+        }
+        if (!$this->groupClass) {
+            $this->groupClass = 'Group_' . $this->getType();
+        }
+        if (!$this->entityClass) {
+            $this->entityClass = 'Entity_' . $this->getType();
         }
+        if (!$this->profileClass) {
+            $this->profileClass = 'Profile_' . $this->getType();
+        }
+        if (!$this->service) {
+            $this->service =  'tools';
+        }
+
+        parent::__construct();
     }
 
     /**
@@ -204,6 +221,16 @@ public function countVisibilities()
               + count($this->profiles));
     }
 
+
+    /**
+     * Get right which will be used to determine which users can be targeted
+     * @return string
+     */
+    public function getVisibilityRight()
+    {
+        return strtolower($this::getType()) . '_public';
+    }
+
     /**
      * Show visibility configuration
      *
@@ -220,9 +247,10 @@ public function showVisibility()
 
         if ($canedit) {
             TemplateRenderer::getInstance()->display('components/add_visibility_target.html.twig', [
-                'type' => static::class,
-                'rand' => $rand,
-                'id'   => $ID,
+                'type'  => static::class,
+                'types' => static::$types,
+                'rand'  => $rand,
+                'id'    => $ID,
                 'add_target_msg' => __('Add a target'),
                 'visiblity_dropdown_params' => $this->getShowVisibilityDropdownParams(),
             ]);
@@ -233,7 +261,7 @@ public function showVisibility()
         foreach ($this->users as $val) {
             foreach ($val as $data) {
                 $entries[] = [
-                    'itemtype' => static::class . '_User',
+                    'itemtype' => $this instanceof SavedSearch ? SavedSearch_UserTarget::class : static::class . '_User',
                     'id' => $data['id'],
                     'type' => User::getTypeName(1),
                     'recipient' => htmlescape(getUserName($data['users_id'])),
@@ -270,7 +298,7 @@ public function showVisibility()
                     }
                 }
                 $entries[] = [
-                    'itemtype' => static::class . '_Group',
+                    'itemtype' => 'Group_' . static::class,
                     'id' => $data['id'],
                     'type' => Group::getTypeName(1),
                     'recipient' => $recipient,
@@ -347,7 +375,8 @@ public function showVisibility()
             'container' => 'mass' . static::class . $rand,
             'specific_actions' => ['delete' => _x('button', 'Delete permanently')],
         ];
-        if ($this->fields['users_id'] !== Session::getLoginUserID()) {
+        if (isset($this->fields['users_id']) 
+            && $this->fields['users_id'] !== Session::getLoginUserID()) {
             $massiveactionparams['confirm'] = __('Caution! You are not the author of this item. Deleting targets can result in loss of access.');
         }
 
@@ -379,10 +408,10 @@ public function showVisibility()
      */
     protected function getShowVisibilityDropdownParams()
     {
-        $params = [
-            'type'          => '__VALUE__',
-            'right'         => strtolower($this::getType()) . '_public',
-        ];
+        $params = ['type' => '__VALUE__'];
+        if ($right = $this->getVisibilityRight()) {
+            $params['right'] = $right;
+        }
         if (isset($this->fields['entities_id'])) {
             $params['entity'] = $this->fields['entities_id'];
         }
@@ -391,4 +420,57 @@ protected function getShowVisibilityDropdownParams()
         }
         return $params;
     }
+
+    /**
+     * Add a visibility target to the item
+     * @param array $inputs key '_type' determine the type of target
+     * @return void
+     */
+    public function addVisibility(array $inputs)
+    {
+        $fkField = getForeignKeyFieldForItemType($this->getType());
+        $item = null;
+        switch ($inputs['_type']) {
+            case User::class:
+                $class = $this->getType() . '_UserTarget';
+                if (is_a($class, CommonDBRelation::class, true)) {
+                    $item = new $class();
+                }
+                break;
+            case Group::class:
+                $class = 'Group_' . $this->getType();
+                if (is_a($class, CommonDBRelation::class, true)) {
+                    $item = new $class();
+                }
+                break;
+            case Entity::class:
+                $class = 'Entity_' . $this->getType();
+                if (is_a($class, CommonDBRelation::class, true)) {
+                    $item = new $class();
+                }
+                break;
+            case Profile::class:
+                $class = 'Profile_' . $this->getType();
+                if (is_a($class, CommonDBRelation::class, true)) {
+                    $item = new $class();
+                }
+                break;
+        }
+        if (array_key_exists('entities_id', $inputs) && $inputs['entities_id'] == -1) {
+            // "No restriction" value selected
+            $inputs['entities_id'] = 'NULL';
+            $inputs['no_entity_restriction'] = 1;
+        }
+        if (!is_null($item)) {
+            $item->add($inputs);
+            Event::log(
+                $inputs[$fkField],
+                $this->getType(),
+                4,
+                $this->service,
+                //TRANS: %s is the user login
+                sprintf(__('%s adds a target'), $_SESSION["glpiname"])
+            );
+        }
+    }
 }
