mirror of
https://gitlab.com/Chill-Projet/chill-bundles.git
synced 2025-06-12 21:34:25 +00:00
55 lines
1.5 KiB
PHP
55 lines
1.5 KiB
PHP
<?php
|
|
|
|
namespace Chill\MainBundle\Repository;
|
|
|
|
use Chill\MainBundle\Entity\Center;
|
|
use Chill\MainBundle\Entity\Scope;
|
|
use Chill\MainBundle\Entity\User;
|
|
use Chill\MainBundle\Security\Authorization\AuthorizationHelper;
|
|
|
|
class UserACLAwareRepository implements UserACLAwareRepositoryInterface
|
|
{
|
|
|
|
private AuthorizationHelper $authorizationHelper;
|
|
|
|
public function findUsersByReachedACL(string $role, $center, $scope = null, bool $onlyEnabled = true): array
|
|
{
|
|
$parents = $this->authorizationHelper->getParentRoles($role);
|
|
$parents[] = $role;
|
|
|
|
$qb = $this->em->createQueryBuilder();
|
|
|
|
$qb
|
|
->select('u')
|
|
->from(User::class, 'u')
|
|
->join('u.groupCenters', 'gc')
|
|
->join('gc.permissionsGroup', 'pg')
|
|
->join('pg.roleScopes', 'rs')
|
|
->where($qb->expr()->in('rs.role', $parents))
|
|
;
|
|
|
|
if ($onlyEnabled) {
|
|
$qb->andWhere($qb->expr()->eq('u.enabled', "'TRUE'"));
|
|
}
|
|
|
|
if (NULL !== $center) {
|
|
$centers = $center instanceof Center ? [$center] : $center;
|
|
$qb
|
|
->andWhere($qb->expr()->in('gc.center', ':centers'))
|
|
->setParameter('centers', $centers)
|
|
;
|
|
}
|
|
|
|
if (NULL !== $scope) {
|
|
$scopes = $scope instanceof Scope ? [$scope] : $scope;
|
|
$qb
|
|
->andWhere($qb->expr()->in('rs.scope', ':scopes'))
|
|
->setParameter('scopes', $scopes)
|
|
;
|
|
}
|
|
|
|
return $qb->getQuery()->getResult();
|
|
}
|
|
|
|
}
|