From 14ef130bc6b31da8059807ddef037cfceda48ea6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Julien=20Fastr=C3=A9?= <julien.fastre@champs-libres.coop>
Date: Mon, 3 Sep 2018 11:29:06 +0200
Subject: [PATCH] fix timeline: filter tasks with circle restrictions

---
 Resources/config/services/timeline.yml        |  3 ++
 .../TaskLifeCycleEventTimelineProvider.php    | 48 +++++++++++++++++--
 2 files changed, 47 insertions(+), 4 deletions(-)

diff --git a/Resources/config/services/timeline.yml b/Resources/config/services/timeline.yml
index 4903dc2cb..b00dd4ca7 100644
--- a/Resources/config/services/timeline.yml
+++ b/Resources/config/services/timeline.yml
@@ -3,8 +3,11 @@ services:
         arguments:
             $em: '@Doctrine\ORM\EntityManagerInterface'
             $registry: '@Symfony\Component\Workflow\Registry'
+            $authorizationHelper: '@Chill\MainBundle\Security\Authorization\AuthorizationHelper'
+            $tokenStorage: '@Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'
         tags:
             - { name: 'chill.timeline', context: 'person' }
+            
     Chill\TaskBundle\Timeline\SingleTaskTaskLifeCycleEventTimelineProvider:
         arguments:
             $em: '@Doctrine\ORM\EntityManagerInterface'
diff --git a/Timeline/TaskLifeCycleEventTimelineProvider.php b/Timeline/TaskLifeCycleEventTimelineProvider.php
index 2e66b1c83..ce2f99669 100644
--- a/Timeline/TaskLifeCycleEventTimelineProvider.php
+++ b/Timeline/TaskLifeCycleEventTimelineProvider.php
@@ -23,6 +23,10 @@ use Chill\TaskBundle\Entity\Task\SingleTaskPlaceEvent;
 use Chill\TaskBundle\Entity\SingleTask;
 use Symfony\Component\Workflow\Registry;
 use Symfony\Component\Workflow\Workflow;
+use Chill\MainBundle\Security\Authorization\AuthorizationHelper;
+use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
+use Chill\ActivityBundle\Security\Authorization\ActivityVoter;
+use Symfony\Component\Security\Core\Role\Role;
 
 /**
  * 
@@ -43,12 +47,30 @@ class TaskLifeCycleEventTimelineProvider implements TimelineProviderInterface
      */
     protected $registry;
     
+    /**
+     *
+     * @var AuthorizationHelper
+     */
+    protected $authorizationHelper;
+    
+    /**
+     *
+     * @var TokenStorageInterface
+     */
+    protected $tokenStorage;
+    
     const TYPE = 'chill_task.transition';
     
-    public function __construct(EntityManagerInterface $em, Registry $registry)
-    {
+    public function __construct(
+        EntityManagerInterface $em, 
+        Registry $registry,
+        AuthorizationHelper $authorizationHelper,
+        TokenStorageInterface $tokenStorage
+    ) {
         $this->em = $em;
         $this->registry = $registry;
+        $this->authorizationHelper = $authorizationHelper;
+        $this->tokenStorage = $tokenStorage;
     }
 
     public function fetchQuery($context, $args)
@@ -62,6 +84,23 @@ class TaskLifeCycleEventTimelineProvider implements TimelineProviderInterface
             ->getClassMetadata(SingleTaskPlaceEvent::class);
         $singleTaskMetadata = $this->em
             ->getClassMetadata(SingleTask::class);
+        $user = $this->tokenStorage->getToken()->getUser();
+        $circles = $this->authorizationHelper->getReachableCircles(
+            $user, new Role(ActivityVoter::SEE_DETAILS), $args['person']->getCenter());
+        
+        
+        if (count($circles) > 0) {
+            $circlesId = \array_map(function($c) { return $c->getId(); }, $circles);
+            $circleRestriction = sprintf('%s.%s.%s IN (%s)', 
+                $singleTaskMetadata->getSchemaName(), // chill_task schema
+                $singleTaskMetadata->getTableName(), // single_task table name
+                $singleTaskMetadata->getAssociationMapping('circle')['joinColumns'][0]['name'],
+                \implode(', ', $circlesId)
+                );
+        } else {
+            $circleRestriction = 'FALSE = TRUE';
+        }
+        
         
         return [
             'id' => sprintf('%s.%s.%s', $metadata->getSchemaName(), $metadata->getTableName(), $metadata->getColumnName('id')),
@@ -73,10 +112,11 @@ class TaskLifeCycleEventTimelineProvider implements TimelineProviderInterface
                 $metadata->getAssociationMapping('task')['joinColumns'][0]['name'],
                 sprintf('%s.%s.%s', $singleTaskMetadata->getSchemaName(), $singleTaskMetadata->getTableName(), $singleTaskMetadata->getColumnName('id'))
                 ),
-            'WHERE' => sprintf('%s.%s = %d',
+            'WHERE' => sprintf('%s.%s = %d and %s',
                 sprintf('%s.%s', $singleTaskMetadata->getSchemaName(), $singleTaskMetadata->getTableName()),
                 $singleTaskMetadata->getAssociationMapping('person')['joinColumns'][0]['name'],
-                $args['person']->getId()
+                $args['person']->getId(),
+                $circleRestriction
                 )
         ];
     }