diff --git a/src/Bundle/ChillActivityBundle/Repository/PersonActivityDocumentACLAwareRepository.php b/src/Bundle/ChillActivityBundle/Repository/PersonActivityDocumentACLAwareRepository.php index 862deb1ab..84bb08fb4 100644 --- a/src/Bundle/ChillActivityBundle/Repository/PersonActivityDocumentACLAwareRepository.php +++ b/src/Bundle/ChillActivityBundle/Repository/PersonActivityDocumentACLAwareRepository.php @@ -11,6 +11,8 @@ declare(strict_types=1); namespace Chill\ActivityBundle\Repository; +use Chill\ActivityBundle\Entity\Activity; +use Chill\ActivityBundle\Security\Authorization\ActivityVoter; use Chill\DocStoreBundle\Entity\PersonDocument; use Chill\DocStoreBundle\Entity\StoredObject; use Chill\DocStoreBundle\GenericDoc\FetchQuery; @@ -22,25 +24,22 @@ use Chill\MainBundle\Entity\Scope; use Chill\MainBundle\Security\Authorization\AuthorizationHelperForCurrentUserInterface; use Chill\MainBundle\Security\Resolver\CenterResolverManagerInterface; use Chill\PersonBundle\Entity\Person; +use Chill\PersonBundle\Security\Authorization\AccompanyingPeriodWorkVoter; use DateTimeImmutable; use Doctrine\DBAL\Types\Types; use Doctrine\ORM\EntityManagerInterface; use Doctrine\ORM\QueryBuilder; use Symfony\Component\HttpKernel\HttpCache\Store; +use Symfony\Component\Security\Core\Security; class PersonActivityDocumentACLAwareRepository implements PersonDocumentACLAwareRepositoryInterface { - private AuthorizationHelperForCurrentUserInterface $authorizationHelperForCurrentUser; - - private CenterResolverManagerInterface $centerResolverManager; - - private EntityManagerInterface $em; - - public function __construct(EntityManagerInterface $em, CenterResolverManagerInterface $centerResolverManager, AuthorizationHelperForCurrentUserInterface $authorizationHelperForCurrentUser) + public function __construct( + private EntityManagerInterface $em, + private CenterResolverManagerInterface $centerResolverManager, + private AuthorizationHelperForCurrentUserInterface $authorizationHelperForCurrentUser, + private Security $security) { - $this->em = $em; - $this->centerResolverManager = $centerResolverManager; - $this->authorizationHelperForCurrentUser = $authorizationHelperForCurrentUser; } public function buildQueryByPerson(Person $person): QueryBuilder @@ -65,10 +64,11 @@ class PersonActivityDocumentACLAwareRepository implements PersonDocumentACLAware public function buildBaseFetchQueryForPerson(Person $person, ?DateTimeImmutable $startDate = null, ?DateTimeImmutable $endDate = null, ?string $content = null): FetchQuery { $storedObjectMetadata = $this->em->getClassMetadata(StoredObject::class); + $activityMetadata = $this->em->getClassMetadata(Activity::class); $query = new FetchQuery( PersonDocumentGenericDocProvider::KEY, - sprintf('jsonb_build_object(\'id\', stored_obj.%s)', $storedObjectMetadata->getSingleIdentifierColumnName()), + sprintf('jsonb_build_object(\'id\', stored_obj.%s, \'activity_id\', activity.%s)', $storedObjectMetadata->getSingleIdentifierColumnName(), $activityMetadata->getSingleIdentifierColumnName()), sprintf('stored_obj.%s', $storedObjectMetadata->getColumnName('createdAt')), sprintf('%s AS stored_obj', $storedObjectMetadata->getSchemaName().'.'.$storedObjectMetadata->getTableName()) ); @@ -81,11 +81,39 @@ class PersonActivityDocumentACLAwareRepository implements PersonDocumentACLAware 'JOIN public.activity activity ON activity.id = activity_doc.activity_id' ); - $query->addWhereClause( + // add documents of activities from parcours context + $or = []; + $orParams = []; + $orTypes = []; + foreach ($person->getAccompanyingPeriodParticipations() as $participation) { + if (!$this->security->isGranted(ActivityVoter::SEE, $participation->getAccompanyingPeriod())) { + continue; + } + + $or[] = sprintf( + '(activity.%s = ? AND stored_obj.%s BETWEEN ?::date AND COALESCE(?::date, \'infinity\'::date))', + $activityMetadata->getSingleAssociationJoinColumnName('accompanyingPeriod'), + $storedObjectMetadata->getColumnName('createdAt') + ); + $orParams = [...$orParams, $participation->getAccompanyingPeriod()->getId(), + DateTimeImmutable::createFromInterface($participation->getStartDate()), + null === $participation->getEndDate() ? null : DateTimeImmutable::createFromInterface($participation->getEndDate())]; + $orTypes = [...$orTypes, Types::INTEGER, Types::DATE_IMMUTABLE, Types::DATE_IMMUTABLE]; + } + + if ([] === $or) { + $query->addWhereClause('TRUE = FALSE'); + + return $query; + } + + $query->addWhereClause(sprintf('(%s)', implode(' OR ', $or)), $orParams, $orTypes); + +/* $query->addWhereClause( 'activity.person_id = ?', [$person->getId()], [Types::INTEGER] - ); + );*/ if (null !== $startDate) { $query->addWhereClause( @@ -147,7 +175,7 @@ class PersonActivityDocumentACLAwareRepository implements PersonDocumentACLAware ...$reachableScopes, ...$this->authorizationHelperForCurrentUser ->getReachableScopes( - PersonDocumentVoter::SEE, + ActivityVoter::SEE, $center ) ]; @@ -165,14 +193,14 @@ class PersonActivityDocumentACLAwareRepository implements PersonDocumentACLAware private function addFetchQueryByPersonACL(FetchQuery $fetchQuery, Person $person): FetchQuery { - $personDocMetadata = $this->em->getClassMetadata(PersonDocument::class); + $activityMetadata = $this->em->getClassMetadata(Activity::class); $reachableScopes = []; foreach ($this->centerResolverManager->resolveCenters($person) as $center) { $reachableScopes = [ ...$reachableScopes, - ...$this->authorizationHelperForCurrentUser->getReachableScopes(PersonDocumentVoter::SEE, $center) + ...$this->authorizationHelperForCurrentUser->getReachableScopes(ActivityVoter::SEE, $center) ]; } @@ -184,8 +212,8 @@ class PersonActivityDocumentACLAwareRepository implements PersonDocumentACLAware $fetchQuery->addWhereClause( sprintf( - 'person_document.%s IN (%s)', - $personDocMetadata->getSingleAssociationJoinColumnName('scope'), + 'activity.%s IN (%s)', + $activityMetadata->getSingleAssociationJoinColumnName('scope'), implode(', ', array_fill(0, count($reachableScopes), '?')) ), array_map(static fn (Scope $s) => $s->getId(), $reachableScopes), diff --git a/src/Bundle/ChillActivityBundle/Service/GenericDoc/Providers/AccompanyingPeriodActivityGenericDocProvider.php b/src/Bundle/ChillActivityBundle/Service/GenericDoc/Providers/AccompanyingPeriodActivityGenericDocProvider.php index 8c787fd3a..284182cfb 100644 --- a/src/Bundle/ChillActivityBundle/Service/GenericDoc/Providers/AccompanyingPeriodActivityGenericDocProvider.php +++ b/src/Bundle/ChillActivityBundle/Service/GenericDoc/Providers/AccompanyingPeriodActivityGenericDocProvider.php @@ -11,6 +11,7 @@ declare(strict_types=1); namespace Chill\ActivityBundle\Service\GenericDoc\Providers; +use Chill\ActivityBundle\Entity\Activity; use Chill\ActivityBundle\Security\Authorization\ActivityVoter; use Chill\DocStoreBundle\Entity\StoredObject; use Chill\DocStoreBundle\GenericDoc\FetchQuery; @@ -36,10 +37,11 @@ final class AccompanyingPeriodActivityGenericDocProvider implements GenericDocFo public function buildFetchQueryForAccompanyingPeriod(AccompanyingPeriod $accompanyingPeriod, ?DateTimeImmutable $startDate = null, ?DateTimeImmutable $endDate = null, ?string $content = null, ?string $origin = null): FetchQueryInterface { $storedObjectMetadata = $this->em->getClassMetadata(StoredObject::class); + $activityMetadata = $this->em->getClassMetadata(Activity::class); $query = new FetchQuery( self::KEY, - "jsonb_build_object('id', doc_obj.id, 'activity_id', activity.id)", + sprintf("jsonb_build_object('id', doc_obj.%s, 'activity_id', activity.%s)", $storedObjectMetadata->getSingleIdentifierColumnName(), $activityMetadata->getSingleIdentifierColumnName()), 'doc_obj.'.$storedObjectMetadata->getColumnName('createdAt'), $storedObjectMetadata->getSchemaName().'.'.$storedObjectMetadata->getTableName().' AS doc_obj' ); diff --git a/src/Bundle/ChillActivityBundle/Service/GenericDoc/Renderers/AccompanyingPeriodActivityGenericDocRenderer.php b/src/Bundle/ChillActivityBundle/Service/GenericDoc/Renderers/AccompanyingPeriodActivityGenericDocRenderer.php index f3b70dac2..9f9a4bec8 100644 --- a/src/Bundle/ChillActivityBundle/Service/GenericDoc/Renderers/AccompanyingPeriodActivityGenericDocRenderer.php +++ b/src/Bundle/ChillActivityBundle/Service/GenericDoc/Renderers/AccompanyingPeriodActivityGenericDocRenderer.php @@ -13,6 +13,7 @@ namespace Chill\ActivityBundle\Service\GenericDoc\Renderers; use Chill\ActivityBundle\Repository\ActivityRepository; use Chill\ActivityBundle\Service\GenericDoc\Providers\AccompanyingPeriodActivityGenericDocProvider; +use Chill\ActivityBundle\Service\GenericDoc\Providers\PersonActivityGenericDocProvider; use Chill\DocStoreBundle\GenericDoc\GenericDocDTO; use Chill\DocStoreBundle\GenericDoc\Twig\GenericDocRendererInterface; use Chill\DocStoreBundle\Repository\StoredObjectRepository; @@ -31,7 +32,7 @@ final class AccompanyingPeriodActivityGenericDocRenderer implements GenericDocRe public function supports(GenericDocDTO $genericDocDTO, $options = []): bool { - return $genericDocDTO->key === AccompanyingPeriodActivityGenericDocProvider::KEY; + return $genericDocDTO->key === AccompanyingPeriodActivityGenericDocProvider::KEY || $genericDocDTO->key === PersonActivityGenericDocProvider::KEY; } public function getTemplate(GenericDocDTO $genericDocDTO, $options = []): string