diff --git a/src/Glpi/Controller/ItemType/Form/SavedSearchFormController.php b/src/Glpi/Controller/ItemType/Form/SavedSearchFormController.php index 32e7416ee1c..022caf245d5 100644 --- a/src/Glpi/Controller/ItemType/Form/SavedSearchFormController.php +++ b/src/Glpi/Controller/ItemType/Form/SavedSearchFormController.php @@ -35,8 +35,10 @@ namespace Glpi\Controller\ItemType\Form; use Glpi\Controller\GenericFormController; +use Glpi\Http\Firewall; use Glpi\Http\RedirectResponse; use Glpi\Routing\Attribute\ItemtypeFormRoute; +use Glpi\Security\Attribute\SecurityStrategy; use Html; use SavedSearch; use Symfony\Component\HttpFoundation\Request; @@ -44,6 +46,7 @@ class SavedSearchFormController extends GenericFormController { + #[SecurityStrategy(Firewall::STRATEGY_AUTHENTICATED)] #[ItemtypeFormRoute(SavedSearch::class)] public function __invoke(Request $request): Response { diff --git a/src/SavedSearch.php b/src/SavedSearch.php index f073ccaa0f9..0790e94a739 100644 --- a/src/SavedSearch.php +++ b/src/SavedSearch.php @@ -268,6 +268,12 @@ public function canCreateItem(): bool return parent::canCreateItem(); } + public static function canView(): bool + { + // Always allow access, as user should always be able to see its private searches. + return true; + } + public function canViewItem(): bool { if ($this->fields['is_private'] == 1) { @@ -1227,6 +1233,17 @@ public static function getIcon() return "ti ti-bookmarks"; } + public static function getPostFormAction(string $form_action, bool $action_success): ?string + { + // For simplified interface users, always redirect back to the search page + if ($form_action === 'add' && $action_success && Session::getCurrentInterface() === 'helpdesk') { + return 'back'; + } + + // Use parent behavior for all other cases + return parent::getPostFormAction($form_action, $action_success); + } + public function getCloneRelations(): array { return [];