Device group based access (#10568)

* Device group based access

* Use Permissions class to resolve permissions

Also give port access based on device access

* Convert more pages to use Permissions class

* shorten config setting name
use Eloquent relationships in several places
alphabetize config_definitions.json

* Change Models and Permissions

* Clean up ajax_search LIMIT sql

* Convert more pages to use Permissions class

Co-authored-by: Tony Murray <murraytony@gmail.com>

includes/html/table/sensors-common.php

@@ -23,16 +23,13 @@ $class      = mres($vars['class']);
 
 $sql = " FROM `$table` AS S, `devices` AS D";
 
-if (!Auth::user()->hasGlobalRead()) {
-    $sql .= ', devices_perms as P';
-}
-
 $sql .= " WHERE S.sensor_class=? AND S.device_id = D.device_id ";
 $param[] = mres($vars['class']);
 
 if (!Auth::user()->hasGlobalRead()) {
-    $sql .= " AND D.device_id = P.device_id AND P.user_id = ?";
-    $param[] = Auth::id();
+    $device_ids = Permissions::devicesForUser()->toArray() ?: [0];
+    $sql .= " AND `D`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
+    $param = array_merge($param, $device_ids);
 }
 
 if (isset($searchPhrase) && !empty($searchPhrase)) {