0012200: check application run right when adding advanced filter
authorsstamer <s.stamer@metaways.de>
Fri, 9 Sep 2016 08:37:30 +0000 (10:37 +0200)
committerPhilipp Schüle <p.schuele@metaways.de>
Mon, 12 Sep 2016 12:00:51 +0000 (14:00 +0200)
check for Access Denied in Advanced search

https://forge.tine20.org/view.php?id=12200

Change-Id: I53e501a2d4502041241b9765560eb77266cfa2be
Reviewed-on: http://gerrit.tine20.com/customers/3561
Reviewed-by: Philipp Schüle <p.schuele@metaways.de>
Tested-by: Philipp Schüle <p.schuele@metaways.de>
tine20/Tinebase/Model/Filter/Abstract.php

index 55cabdf..2e3bb87 100644 (file)
@@ -443,7 +443,12 @@ abstract class Tinebase_Model_Filter_Abstract
             $relatedFilter = new $filterModel(array(
                 array('field' => 'query',   'operator' => $operator, 'value' => $this->_value),
             ));
-            $relatedIds = Tinebase_Core::getApplicationInstance($relatedModel)->search($relatedFilter, NULL, FALSE, TRUE);
+            
+            try {
+                $relatedIds = Tinebase_Core::getApplicationInstance($relatedModel)->search($relatedFilter, NULL, FALSE, TRUE);
+            } catch (Tinebase_Exception_AccessDenied $tead) {
+                continue;
+            }
             Tinebase_Core::set('ADVANCED_SEARCHING', false);
 
             if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__
@@ -456,7 +461,7 @@ abstract class Tinebase_Model_Filter_Abstract
             ));
             $ownIds = array_merge($ownIds, Tinebase_Relations::getInstance()->search($relationFilter, NULL)->own_id);
         }
-
+        
         return new Tinebase_Model_Filter_Id('id', $not?'notin':'in', $ownIds);
     }
 }