refactor list by course: use acl aware repository

2025-08-21 07:03:49 +00:00 · 2021-10-28 14:41:19 +02:00
parent 4da32dc5ca
commit 4017f8db48
6 changed files with 304 additions and 254 deletions
--- a/src/Bundle/ChillTaskBundle/Repository/SingleTaskAclAwareRepository.php
+++ b/src/Bundle/ChillTaskBundle/Repository/SingleTaskAclAwareRepository.php
@@ -2,20 +2,32 @@

 namespace Chill\TaskBundle\Repository;

+use Chill\MainBundle\Security\Authorization\AuthorizationHelperInterface;
+use Chill\MainBundle\Security\Resolver\CenterResolverDispatcher;
+use Chill\PersonBundle\Entity\AccompanyingPeriod;
 use Chill\TaskBundle\Entity\SingleTask;
+use Chill\TaskBundle\Security\Authorization\TaskVoter;
 use Doctrine\ORM\EntityManagerInterface;
 use Doctrine\ORM\QueryBuilder;
 use Symfony\Component\Security\Core\Security;

 final class SingleTaskAclAwareRepository implements SingleTaskAclAwareRepositoryInterface
 {
+    private AuthorizationHelperInterface $authorizationHelper;
    private EntityManagerInterface $em;
    private Security $security;
+    private CenterResolverDispatcher $centerResolverDispatcher;

-    public function __construct(EntityManagerInterface $em, Security $security)
-    {
+    public function __construct(
+        CenterResolverDispatcher $centerResolverDispatcher,
+        EntityManagerInterface $em,
+        Security $security,
+        AuthorizationHelperInterface $authorizationHelper
+    ) {
+        $this->centerResolverDispatcher = $centerResolverDispatcher;
        $this->em = $em;
        $this->security = $security;
+        $this->authorizationHelper = $authorizationHelper;
    }

    public function findByCurrentUsersTasks(
@@ -26,12 +38,83 @@ final class SingleTaskAclAwareRepository implements SingleTaskAclAwareRepository
        ?array $orderBy = []
    ): array {
        $qb = $this->buildQueryMyTasks($pattern, $flags);
+
+        return $this->getResult($qb, $start, $limit, $orderBy);
+    }
+
+    public function countByCurrentUsersTasks(
+        ?string $pattern = null,
+        ?array $flags = []
+    ): int {
+        return $this->buildQueryMyTasks($pattern, $flags)
+            ->select('COUNT(t)')
+            ->getQuery()->getSingleScalarResult();
+    }
+
+    public function findByCourse(
+        AccompanyingPeriod $course,
+        ?string $pattern = null,
+        ?array $flags = [],
+        ?int $start = 0,
+        ?int $limit = 50,
+        ?array $orderBy = []
+    ): array {
+        $qb = $this->buildQueryByCourse($course, $pattern, $flags);
+        $qb = $this->addACL($qb, $course);
+
+        return $this->getResult($qb, $start, $limit, $orderBy);
+    }
+
+    public function countByCourse(
+        AccompanyingPeriod $course,
+        ?string $pattern = null,
+        ?array $flags = []
+    ): int {
+        $qb = $this->buildQueryByCourse($course, $pattern, $flags);
+
+        return $this
+            ->addACL($qb, $course)
+            ->select('COUNT(t)')
+            ->getQuery()->getSingleScalarResult();
+    }
+
+    public function buildQueryByCourse(
+        AccompanyingPeriod $course,
+        ?string $pattern = null,
+        ?array $flags = []
+    ) : QueryBuilder {
+        $qb = $this->buildBaseQuery($pattern, $flags);
+
+        return $qb
+            ->andWhere($qb->expr()->eq('t.course', ':course'))
+            ->setParameter('course', $course)
+            ;
+    }
+
+    public function buildQueryMyTasks(
+        ?string $pattern = null,
+        ?array $flags = []
+    ): QueryBuilder {
+        $qb = $this->buildBaseQuery($pattern, $flags);
+
+        return $qb
+            ->andWhere($qb->expr()->eq('t.assignee', ':user'))
+            ->setParameter('user', $this->security->getUser())
+            ;
+    }
+
+    public function getResult(
+        QueryBuilder $qb,
+        ?int $start = 0,
+        ?int $limit = 50,
+        ?array $orderBy = []
+    ): array {
        $qb->select('t');

        $qb
            ->setFirstResult($start)
            ->setMaxResults($limit)
-            ;
+        ;

        foreach ($orderBy as $field => $direction) {
            $qb->addOrderBy('t.'.$field, $direction);
@@ -40,25 +123,24 @@ final class SingleTaskAclAwareRepository implements SingleTaskAclAwareRepository
        return $qb->getQuery()->getResult();
    }

-    public function countByCurrentUsersTasks(
-        ?string $pattern = null,
-        ?array $flags = []
-    ): int {
-        $qb = $this->buildQueryMyTasks($pattern, $flags);
-        $qb->select('COUNT(t)');
+    public function addACL(
+        QueryBuilder $qb,
+        $entity
+    ): QueryBuilder {
+       $scopes = $this->authorizationHelper->getReachableScopes($this->security->getUser(),
+            TaskVoter::SHOW, $this->centerResolverDispatcher->resolveCenter($entity));

-        return $qb->getQuery()->getSingleScalarResult();
+       return $qb->andWhere($qb->expr()->in('t.circle', ':scopes'))
+           ->setParameter('scopes', $scopes);
    }

-    public function buildQueryMyTasks(
+    public function buildBaseQuery (
        ?string $pattern = null,
        ?array $flags = []
    ): QueryBuilder {
       $qb = $this->em->createQueryBuilder();
       $qb
           ->from(SingleTask::class, 't')
-           ->where($qb->expr()->eq('t.assignee', ':user'))
-           ->setParameter('user', $this->security->getUser())
           ;

       if (!empty($pattern)) {