fix timeline: filter tasks with circle restrictions

2025-06-12 13:24:25 +00:00 · 2018-09-03 11:29:06 +02:00 · 2018-09-03 11:29:06 +02:00 · 14ef130bc6
commit 14ef130bc6
parent 6c311bec11
2 changed files with 47 additions and 4 deletions
--- a/Resources/config/services/timeline.yml
+++ b/Resources/config/services/timeline.yml
@ -3,8 +3,11 @@ services:
        arguments:
            $em: '@Doctrine\ORM\EntityManagerInterface'
            $registry: '@Symfony\Component\Workflow\Registry'
+            $authorizationHelper: '@Chill\MainBundle\Security\Authorization\AuthorizationHelper'
+            $tokenStorage: '@Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'
        tags:
            - { name: 'chill.timeline', context: 'person' }
+            
    Chill\TaskBundle\Timeline\SingleTaskTaskLifeCycleEventTimelineProvider:
        arguments:
            $em: '@Doctrine\ORM\EntityManagerInterface'
--- a/Timeline/TaskLifeCycleEventTimelineProvider.php
+++ b/Timeline/TaskLifeCycleEventTimelineProvider.php
@ -23,6 +23,10 @@ use Chill\TaskBundle\Entity\Task\SingleTaskPlaceEvent;
 use Chill\TaskBundle\Entity\SingleTask;
 use Symfony\Component\Workflow\Registry;
 use Symfony\Component\Workflow\Workflow;
+use Chill\MainBundle\Security\Authorization\AuthorizationHelper;
+use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
+use Chill\ActivityBundle\Security\Authorization\ActivityVoter;
+use Symfony\Component\Security\Core\Role\Role;

 /**
 * 
@ -43,12 +47,30 @@ class TaskLifeCycleEventTimelineProvider implements TimelineProviderInterface
     */
    protected $registry;
    
+    /**
+     *
+     * @var AuthorizationHelper
+     */
+    protected $authorizationHelper;
+    
+    /**
+     *
+     * @var TokenStorageInterface
+     */
+    protected $tokenStorage;
+    
    const TYPE = 'chill_task.transition';
    
-    public function __construct(EntityManagerInterface $em, Registry $registry)
-    {
+    public function __construct(
+        EntityManagerInterface $em, 
+        Registry $registry,
+        AuthorizationHelper $authorizationHelper,
+        TokenStorageInterface $tokenStorage
+    ) {
        $this->em = $em;
        $this->registry = $registry;
+        $this->authorizationHelper = $authorizationHelper;
+        $this->tokenStorage = $tokenStorage;
    }

    public function fetchQuery($context, $args)
@ -62,6 +84,23 @@ class TaskLifeCycleEventTimelineProvider implements TimelineProviderInterface
            ->getClassMetadata(SingleTaskPlaceEvent::class);
        $singleTaskMetadata = $this->em
            ->getClassMetadata(SingleTask::class);
+        $user = $this->tokenStorage->getToken()->getUser();
+        $circles = $this->authorizationHelper->getReachableCircles(
+            $user, new Role(ActivityVoter::SEE_DETAILS), $args['person']->getCenter());
+        
+        
+        if (count($circles) > 0) {
+            $circlesId = \array_map(function($c) { return $c->getId(); }, $circles);
+            $circleRestriction = sprintf('%s.%s.%s IN (%s)', 
+                $singleTaskMetadata->getSchemaName(), // chill_task schema
+                $singleTaskMetadata->getTableName(), // single_task table name
+                $singleTaskMetadata->getAssociationMapping('circle')['joinColumns'][0]['name'],
+                \implode(', ', $circlesId)
+                );
+        } else {
+            $circleRestriction = 'FALSE = TRUE';
+        }
+        
        
        return [
            'id' => sprintf('%s.%s.%s', $metadata->getSchemaName(), $metadata->getTableName(), $metadata->getColumnName('id')),
@ -73,10 +112,11 @@ class TaskLifeCycleEventTimelineProvider implements TimelineProviderInterface
                $metadata->getAssociationMapping('task')['joinColumns'][0]['name'],
                sprintf('%s.%s.%s', $singleTaskMetadata->getSchemaName(), $singleTaskMetadata->getTableName(), $singleTaskMetadata->getColumnName('id'))
                ),
-            'WHERE' => sprintf('%s.%s = %d',
+            'WHERE' => sprintf('%s.%s = %d and %s',
                sprintf('%s.%s', $singleTaskMetadata->getSchemaName(), $singleTaskMetadata->getTableName()),
                $singleTaskMetadata->getAssociationMapping('person')['joinColumns'][0]['name'],
-                $args['person']->getId()
+                $args['person']->getId(),
+                $circleRestriction
                )
        ];
    }