From 111baeb231b3025a07d7eeadcf83c6d616cc1d24 Mon Sep 17 00:00:00 2001
From: FusionPBX <markjcrane@gmail.com>
Date: Wed, 30 Oct 2019 02:26:28 -0600
Subject: [PATCH] Update call_block.php

---
 app/call_block/call_block.php | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/app/call_block/call_block.php b/app/call_block/call_block.php
index b29dbae3a4..d2b409b5a7 100644
--- a/app/call_block/call_block.php
+++ b/app/call_block/call_block.php
@@ -101,6 +101,17 @@
 //prepare to page the results
 	$sql = "select count(*) from view_call_block ";
 	$sql .= "where domain_uuid = :domain_uuid ";
+	if (!permission_exists('call_block_all') && count($_SESSION['user']['extension']) > 0) {
+		$sql .= "and extension_uuid in (";
+		$x = 0;
+		foreach ($_SESSION['user']['extension'] as $field) {
+			if (is_uuid($field['extension_uuid'])) {
+				$sql .= ($x == 0) ? "'".$field['extension_uuid']."'" : ",'".$field['extension_uuid']."'";
+			}
+			$x++;
+		}
+		$sql .= ") ";
+	}
 	if (isset($sql_search)) {
 		$sql .= "and ".$sql_search;
 	}
@@ -120,6 +131,17 @@
 //get the list
 	$sql = "select * from view_call_block ";
 	$sql .= "where domain_uuid = :domain_uuid ";
+	if (!permission_exists('call_block_all') && count($_SESSION['user']['extension']) > 0) {
+		$sql .= "and extension_uuid in (";
+		$x = 0;
+		foreach ($_SESSION['user']['extension'] as $field) {
+			if (is_uuid($field['extension_uuid'])) {
+				$sql .= ($x == 0) ? "'".$field['extension_uuid']."'" : ",'".$field['extension_uuid']."'";
+			}
+			$x++;
+		}
+		$sql .= ") ";
+	}
 	if (isset($sql_search)) {
 		$sql .= "and ".$sql_search;
 	}