From 92b47c3da3d7513b86455b85a978b520ee6ce340 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E2=80=9CVeLiTi=E2=80=9D?= <“info@veliti.nl”>
Date: Thu, 20 Feb 2025 13:59:28 +0100
Subject: [PATCH] CMXX - Updated salesid for admin

---
 api/v1/get/contracts.php    | 3 ++-
 api/v1/get/history.php      | 3 ++-
 api/v1/post/application.php | 3 ++-
 api/v2/get/application.php  | 3 ++-
 api/v2/get/contracts.php    | 3 ++-
 api/v2/get/history.php      | 3 ++-
 assets/functions.php        | 6 ++++--
 7 files changed, 16 insertions(+), 8 deletions(-)

diff --git a/api/v1/get/contracts.php b/api/v1/get/contracts.php
index 9c20144..4591407 100644
--- a/api/v1/get/contracts.php
+++ b/api/v1/get/contracts.php
@@ -22,7 +22,8 @@ switch ($permission) {
         $whereclause = '';
         break;
     case '3':
-        $whereclause = 'WHERE u.view IN (4,5)';
+        $condition = '__salesid___'.$partner->salesid.'___soldto___%';
+        $whereclause = 'WHERE c.accounthierarchy like :condition AND u.view IN (4,5)';
         break;
     case '2':
         $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
diff --git a/api/v1/get/history.php b/api/v1/get/history.php
index b0c3239..2b58ac4 100644
--- a/api/v1/get/history.php
+++ b/api/v1/get/history.php
@@ -19,7 +19,8 @@ switch ($permission) {
         $whereclause = '';
         break;
     case '3':
-        $whereclause = '';
+        $condition = '__salesid___'.$partner->salesid.'___soldto___%';
+        $whereclause = 'WHERE e.accounthierarchy like :condition ';
         break;
     case '2':
         $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
diff --git a/api/v1/post/application.php b/api/v1/post/application.php
index f39019d..dd567bf 100644
--- a/api/v1/post/application.php
+++ b/api/v1/post/application.php
@@ -33,7 +33,8 @@ switch ($permission) {
         $whereclause .= '';
         break;
     case '3':
-        $whereclause .= '';
+        $condition = '__salesid___'.$partner->salesid.'___soldto___%';
+        $whereclause = ' e.accounthierarchy  like "'.$condition.'" AND ';
         break;
     case '2':
         $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
diff --git a/api/v2/get/application.php b/api/v2/get/application.php
index 669cca2..bd4cdfe 100644
--- a/api/v2/get/application.php
+++ b/api/v2/get/application.php
@@ -36,7 +36,8 @@ switch ($permission) {
         $whereclause = '';
         break;
     case '3':
-        $whereclause = '';
+        $condition = '__salesid___'.$partner->salesid.'___soldto___%';
+        $whereclause = 'WHERE e.accounthierarchy like "'.$condition.'"';
         break;
     case '2':
         $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
diff --git a/api/v2/get/contracts.php b/api/v2/get/contracts.php
index 56334de..2362582 100644
--- a/api/v2/get/contracts.php
+++ b/api/v2/get/contracts.php
@@ -22,7 +22,8 @@ switch ($permission) {
         $whereclause = '';
         break;
     case '3':
-        $whereclause = 'WHERE u.view IN (4,5)';
+        $condition = '__salesid___'.$partner->salesid.'___soldto___%';
+        $whereclause = 'WHERE accounthierarchy like :condition AND u.view IN (4,5)';
         break;
     case '2':
         $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
diff --git a/api/v2/get/history.php b/api/v2/get/history.php
index 205fb7b..a921e9c 100644
--- a/api/v2/get/history.php
+++ b/api/v2/get/history.php
@@ -19,7 +19,8 @@ switch ($permission) {
         $whereclause = '';
         break;
     case '3':
-        $whereclause = '';
+        $condition = '__salesid___'.$partner->salesid.'___soldto___%';
+        $whereclause = 'WHERE e.accounthierarchy like :condition';
         break;
     case '2':
         $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
diff --git a/assets/functions.php b/assets/functions.php
index 099dff3..7ea1098 100644
--- a/assets/functions.php
+++ b/assets/functions.php
@@ -668,7 +668,8 @@ function getWhereclause($table_name,$permission,$partner){
           $whereclause = '';
           break;
       case '3':
-          $whereclause = '';
+          $condition = '__salesid___'.$partner->salesid.'___soldto___%';
+          $whereclause = 'WHERE '.$table.' like :condition ';
           break;
       case '2':
           $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
@@ -715,7 +716,8 @@ function getWhereclauselvl2($table_name,$permission,$partner){
         $whereclause = '';
         break;
     case '3':
-        $whereclause = '';
+        $condition = '__salesid___'.$partner->salesid.'___soldto___%';
+        $whereclause = 'WHERE '.$table.' like :condition ';
         break;  
     default:
         $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;