diff --git a/cp/app/Controllers/DapiController.php b/cp/app/Controllers/DapiController.php index 31b215c..7f7ebb0 100644 --- a/cp/app/Controllers/DapiController.php +++ b/cp/app/Controllers/DapiController.php @@ -109,6 +109,14 @@ class DapiController extends Controller } } } + + // Check admin status and apply registrar filter if needed + $registrarCondition = ''; + if ($_SESSION['auth_roles'] !== 0) { // not admin + $registrarId = $_SESSION['auth_registrar_id']; + $registrarCondition = "d.clid = :registrarId"; + $bindParams["registrarId"] = $registrarId; + } // Base SQL $sqlBase = " @@ -117,9 +125,27 @@ class DapiController extends Controller LEFT JOIN domain_status ds ON d.id = ds.domain_id "; - $sqlWhere = ''; + // Combine registrar condition and search filters if (!empty($whereClauses)) { - $sqlWhere = "WHERE " . implode(" OR ", $whereClauses); + // We have search conditions + $filtersCombined = "(" . implode(" OR ", $whereClauses) . ")"; + if ($registrarCondition) { + // If registrarCondition exists and we have filters + // we do registrarCondition AND (filters OR...) + $sqlWhere = "WHERE $registrarCondition AND $filtersCombined"; + } else { + // No registrar restriction, just the filters + $sqlWhere = "WHERE $filtersCombined"; + } + } else { + // No search filters + if ($registrarCondition) { + // Only registrar condition + $sqlWhere = "WHERE $registrarCondition"; + } else { + // No filters, no registrar condition + $sqlWhere = ''; + } } // Count total results @@ -289,6 +315,14 @@ class DapiController extends Controller } } } + + // Check admin status and apply registrar filter if needed + $registrarCondition = ''; + if ($_SESSION['auth_roles'] !== 0) { // not admin + $registrarId = $_SESSION['auth_registrar_id']; + $registrarCondition = "d.clid = :registrarId"; + $bindParams["registrarId"] = $registrarId; + } // Base SQL $sqlBase = " @@ -297,9 +331,27 @@ class DapiController extends Controller LEFT JOIN application_status ds ON d.id = ds.domain_id "; - $sqlWhere = ''; + // Combine registrar condition and search filters if (!empty($whereClauses)) { - $sqlWhere = "WHERE " . implode(" OR ", $whereClauses); + // We have search conditions + $filtersCombined = "(" . implode(" OR ", $whereClauses) . ")"; + if ($registrarCondition) { + // If registrarCondition exists and we have filters + // we do registrarCondition AND (filters OR...) + $sqlWhere = "WHERE $registrarCondition AND $filtersCombined"; + } else { + // No registrar restriction, just the filters + $sqlWhere = "WHERE $filtersCombined"; + } + } else { + // No search filters + if ($registrarCondition) { + // Only registrar condition + $sqlWhere = "WHERE $registrarCondition"; + } else { + // No filters, no registrar condition + $sqlWhere = ''; + } } // Count total results @@ -453,6 +505,14 @@ class DapiController extends Controller } } } + + // Check admin status and apply registrar filter if needed + $registrarCondition = ''; + if ($_SESSION['auth_roles'] !== 0) { // not admin + $registrarId = $_SESSION['auth_registrar_id']; + $registrarCondition = "ph.registrar_id = :registrarId"; + $bindParams["registrarId"] = $registrarId; + } // Base SQL $sqlBase = " @@ -460,11 +520,27 @@ class DapiController extends Controller LEFT JOIN registrar r ON ph.registrar_id = r.id "; - // If you want all filters combined with OR, keep " OR ". - // If you want AND logic for multiple filters, change to "AND". - $sqlWhere = ''; + // Combine registrar condition and search filters if (!empty($whereClauses)) { - $sqlWhere = "WHERE " . implode(" OR ", $whereClauses); + // We have search conditions + $filtersCombined = "(" . implode(" OR ", $whereClauses) . ")"; + if ($registrarCondition) { + // If registrarCondition exists and we have filters + // we do registrarCondition AND (filters OR...) + $sqlWhere = "WHERE $registrarCondition AND $filtersCombined"; + } else { + // No registrar restriction, just the filters + $sqlWhere = "WHERE $filtersCombined"; + } + } else { + // No search filters + if ($registrarCondition) { + // Only registrar condition + $sqlWhere = "WHERE $registrarCondition"; + } else { + // No filters, no registrar condition + $sqlWhere = ''; + } } // Count total results @@ -596,16 +672,41 @@ class DapiController extends Controller } } + // Check admin status and apply registrar filter if needed + $registrarCondition = ''; + if ($_SESSION['auth_roles'] !== 0) { // not admin + $registrarId = $_SESSION['auth_registrar_id']; + $registrarCondition = "st.registrar_id = :registrarId"; + $bindParams["registrarId"] = $registrarId; + } + // Base SQL $sqlBase = " FROM statement st LEFT JOIN registrar r ON st.registrar_id = r.id "; - // Combine filters with OR (common approach) - $sqlWhere = ''; + // Combine registrar condition and search filters if (!empty($whereClauses)) { - $sqlWhere = "WHERE " . implode(" OR ", $whereClauses); + // We have search conditions + $filtersCombined = "(" . implode(" OR ", $whereClauses) . ")"; + if ($registrarCondition) { + // If registrarCondition exists and we have filters + // we do registrarCondition AND (filters OR...) + $sqlWhere = "WHERE $registrarCondition AND $filtersCombined"; + } else { + // No registrar restriction, just the filters + $sqlWhere = "WHERE $filtersCombined"; + } + } else { + // No search filters + if ($registrarCondition) { + // Only registrar condition + $sqlWhere = "WHERE $registrarCondition"; + } else { + // No filters, no registrar condition + $sqlWhere = ''; + } } // Count total results @@ -651,5 +752,4 @@ class DapiController extends Controller return $response; } - } \ No newline at end of file diff --git a/cp/resources/views/partials/js-log.twig b/cp/resources/views/partials/js-log.twig index 495b6b9..a673665 100644 --- a/cp/resources/views/partials/js-log.twig +++ b/cp/resources/views/partials/js-log.twig @@ -25,9 +25,9 @@ placeholder: "{{ __('No Data') }}", columns:[ {formatter:"responsiveCollapse", width:30, minWidth:30, hozAlign:"center", resizable:false, headerSort:false, responsive:0}, - {title:"{{ __('Registrar') }}", field:"registrar_id.name", resizable:false, headerSort:true, responsive:0}, - {title:"{{ __('Date') }}", field:"date", resizable:false, headerSort:true, responsive:0}, - {title:"{{ __('Log') }}", field:"log", resizable:false, headerSort:true, responsive:2}, + {title:"{{ __('Registrar') }}", field:"registrar_id.name", minWidth:200, resizable:false, headerSort:true, responsive:0}, + {title:"{{ __('Date') }}", field:"date", resizable:false, minWidth:300, headerSort:true, responsive:0}, + {title:"{{ __('Log') }}", field:"log", resizable:false, minWidth:600, headerSort:true, responsive:2}, ] }); var searchInput = document.getElementById("search-input");