@@ -127,8 +127,10 @@ public function canViewItem() {
127127
128128 $ groupUsernew Group_User ();
129129 $ groups$ groupUsergetUserGroups ($ currentUser
130- if (in_array ($ this fields ['users_id_validator ' ], $ groups
131- return true ;
130+ foreach ($ groupsas $ group
131+ if ($ this fields ['groups_id_validator ' ] == $ group'id ' ]) {
132+ return true ;
133+ }
132134 }
133135
134136 $ request
@@ -170,32 +172,36 @@ public function canViewItem() {
170172 $ ticket_user_tablegetTable ();
171173 $ item_ticket_tablegetTable ();
172174 $ request
173- 'SELECT ' => Ticket_User::getTableField (User::getForeignKeyField ()),
175+ 'SELECT ' => [
176+ Ticket_User::getTableField (User::getForeignKeyField ()),
177+ Ticket::getTableField ('id ' ),
178+ ],
174179 'FROM ' => $ ticket_user_table
175180 'INNER JOIN ' => [
176181 $ ticket_table
177182 'FKEY ' => [
178183 $ ticket_table'id ' ,
179184 $ ticket_user_table'tickets_id ' ,
185+ ['AND ' => [
186+ Ticket_User::getTableField (User::getForeignKeyField ()) => $ currentUser
187+ ]],
180188 ],
181189 ],
182190 $ item_ticket_table
183191 'FKEY ' => [
184192 $ item_ticket_table'tickets_id ' ,
185193 $ ticket_table'id ' ,
186194 ['AND ' => [
187- Item_Ticket::getTableField ('itemtype ' ) => self ::getType (),
195+ Item_Ticket::getTableField ('itemtype ' ) => self ::getType (),
196+ Item_Ticket::getTableField ('items_id ' ) => $ this getID (),
188197 ]],
189198 ],
190199 ],
191-
192200 ]
193201 ];
194202
195- foreach ($ DB request ($ requestas $ row
196- if ($ rowgetForeignKeyField ()] == $ currentUser
197- return true ;
198- }
203+ if ($ DB request ($ requestcount () > 0 ) {
204+ return true ;
199205 }
200206
201207 return false ;
0 commit comments