From 666fc944fff746704cb2947be9b6a7dd4d4a5e0e Mon Sep 17 00:00:00 2001
From: Uwe Steinmann <steinm@debian.org>
Date: Wed, 9 Dec 2015 18:01:27 +0100
Subject: [PATCH] getReadAccess() returns right list of users

doesn't return users anymore which have no read access
because the group has no read access
---
 SeedDMS_Core/Core/inc.ClassDocument.php | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/SeedDMS_Core/Core/inc.ClassDocument.php b/SeedDMS_Core/Core/inc.ClassDocument.php
index 2f7191408..8b89fb87c 100644
--- a/SeedDMS_Core/Core/inc.ClassDocument.php
+++ b/SeedDMS_Core/Core/inc.ClassDocument.php
@@ -1955,7 +1955,7 @@ class SeedDMS_Core_Document extends SeedDMS_Core_Object { /* {{{ */
 					(strlen($userIDs) == 0 ? "" : " OR (`tblUsers`.`id` IN (". $userIDs ."))").
 					") ORDER BY `login`";
 			}
-			/* If default access is equal or greate then read, $userIDs and
+			/* If default access is equal or greater then M_READ, $userIDs and
 			 * $groupIDs contains a list of user without read access
 			 */
 			else {
@@ -1965,16 +1965,22 @@ class SeedDMS_Core_Document extends SeedDMS_Core_Object { /* {{{ */
 						"WHERE `tblGroupMembers`.`groupID` NOT IN (". $groupIDs .")".
 						"AND `tblUsers`.`role` != ".SeedDMS_Core_User::role_guest." ".
 						(strlen($userIDs) == 0 ? "" : " AND (`tblUsers`.`id` NOT IN (". $userIDs ."))")." UNION ";
+				} else {
+					$queryStr .=
+						"SELECT `tblUsers`.* FROM `tblUsers` ".
+						"WHERE `tblUsers`.`role` != ".SeedDMS_Core_User::role_guest." ".
+						(strlen($userIDs) == 0 ? "" : " AND (`tblUsers`.`id` NOT IN (". $userIDs ."))")." UNION ";
 				}
 				$queryStr .=
 					"SELECT `tblUsers`.* FROM `tblUsers` ".
 					"WHERE (`tblUsers`.`id` = ". $this->_ownerID . ") ".
 					"OR (`tblUsers`.`role` = ".SeedDMS_Core_User::role_admin.") ".
-					"UNION ".
-					"SELECT `tblUsers`.* FROM `tblUsers` ".
-					"WHERE `tblUsers`.`role` != ".SeedDMS_Core_User::role_guest." ".
-					(strlen($userIDs) == 0 ? "" : " AND (`tblUsers`.`id` NOT IN (". $userIDs ."))").
+//					"UNION ".
+//					"SELECT `tblUsers`.* FROM `tblUsers` ".
+//					"WHERE `tblUsers`.`role` != ".SeedDMS_Core_User::role_guest." ".
+//					(strlen($userIDs) == 0 ? "" : " AND (`tblUsers`.`id` NOT IN (". $userIDs ."))").
 					" ORDER BY `login`";
+				echo $queryStr;
 			}
 			$resArr = $db->getResultArray($queryStr);
 			if (!is_bool($resArr)) {