auditors can view audit records

webui/model/audit/audit.php

@@ -40,6 +40,19 @@ class ModelAuditAudit extends Model {
          $where .= " AND meta_id IN (" . $this->append_search_criteria($data['ref'], $arr) . ")";
       }
 
+      if(Registry::get('admin_user') == 0) {
+         while(list($k, $v) = each($_SESSION['auditdomains'])) {
+            if($q) { $q .= ","; }
+            $q .= "?";
+            array_push($arr, $v);
+         }
+
+         $where .= " AND domain IN ($q) ";
+
+         reset($_SESSION['auditdomains']);
+      }
+
+
       if(isset($data['date1'])) { $date1 = $data['date1']; }
       if(isset($data['date2'])) { $date2 = $data['date2']; }
 

webui/model/domain/domain.php

@@ -39,6 +39,25 @@ class ModelDomainDomain extends Model {
    }
 
 
+   public function get_your_all_domains_by_email($email = '') {
+      $data = array();
+
+      if($email == '') { return $data; }
+
+      $a = explode("@", $email);
+
+      $query = $this->db->query("SELECT domain FROM " . TABLE_DOMAIN . " WHERE mapped IN (SELECT mapped FROM " . TABLE_DOMAIN . " WHERE domain=?)", array($a[1]));
+
+      if(isset($query->rows)) {
+         foreach ($query->rows as $q) {
+            array_push($data, $q['domain']);
+         }
+      }
+
+      return $data;
+   }
+
+
    public function deleteDomain($domain = '') {
       if($domain == "") { return 0; }
 

webui/model/user/auth.php

@@ -232,7 +232,7 @@ class ModelUserAuth extends Model {
       $_SESSION['domain'] = $a[1];
       $_SESSION['realname'] = $name;
 
-      $_SESSION['auditdomains'] = array();
+      $_SESSION['auditdomains'] = $this->model_domain_domain->get_your_all_domains_by_email($email);
       $_SESSION['emails'] = $emails;
       $_SESSION['folders'] = array();
       $_SESSION['extra_folders'] = array();