Fix - getEntitiesRestrictCriteria() returns invalid SQL criterion when no session is active

[RomainLvr]

Checklist before requesting a review

Please delete options that are not relevant.

• I have read the CONTRIBUTING document.
• I have performed a self-review of my code.
• I have added tests that prove my fix is effective or that my feature works.
• This change requires a documentation update.

Description

• It fixes !43370 & Fix - Avoid SQL warning when no user session is active during plugin init pluginsGLPI/fields#1179
• Here is a brief description of what this PR does

When getEntitiesRestrictCriteria() is called with no active session, no CLI context, and no cron context, the function falls through all conditions without an else branch. This leaves $value as an empty string '', producing the invalid SQL criterion entities_id = '' on an integer column and triggering MySQL warning 1292 (Truncated incorrect DECIMAL value).

This fix adds a missing else branch that returns [new QueryExpression('false')] when no valid context is available, denying all access instead of generating invalid SQL. If there is no session, no results should be returned.

Fixes all callers of getEntitiesRestrictCriteria() that are affected by this edge case (e.g. pluginsGLPI/fields#1179).

[Rom1-B]

Please add tests

[RomainLvr]

The initial problem is that isCommandLine() relies on the PHP_SAPI constant, which is always set to ‘cli’ in PHPUnit. The solution we found: extract the call to isCommandLine() || Session::isCron() into a protected method called isPrivilegedContext(), which we override in a test using an anonymous class.