chill-bundles/src/Bundle/ChillDocStoreBundle/Repository/PersonDocumentACLAwareRepository.php
2023-09-07 12:16:47 +02:00

257 lines
9.6 KiB
PHP

<?php
declare(strict_types=1);
/*
* Chill is a software for social workers
*
* For the full copyright and license information, please view
* the LICENSE file that was distributed with this source code.
*/
namespace Chill\DocStoreBundle\Repository;
use Chill\DocStoreBundle\Entity\PersonDocument;
use Chill\DocStoreBundle\GenericDoc\FetchQuery;
use Chill\DocStoreBundle\GenericDoc\FetchQueryInterface;
use Chill\DocStoreBundle\GenericDoc\Providers\PersonDocumentGenericDocProvider;
use Chill\DocStoreBundle\Security\Authorization\PersonDocumentVoter;
use Chill\MainBundle\Entity\Scope;
use Chill\MainBundle\Security\Authorization\AuthorizationHelperForCurrentUserInterface;
use Chill\MainBundle\Security\Authorization\AuthorizationHelperInterface;
use Chill\MainBundle\Security\Resolver\CenterResolverDispatcher;
use Chill\MainBundle\Security\Resolver\CenterResolverDispatcherInterface;
use Chill\MainBundle\Security\Resolver\CenterResolverManagerInterface;
use Chill\PersonBundle\Entity\AccompanyingPeriod;
use Chill\PersonBundle\Entity\AccompanyingPeriodParticipation;
use Chill\PersonBundle\Entity\Person;
use DateTimeImmutable;
use Doctrine\DBAL\Types\Types;
use Doctrine\ORM\EntityManagerInterface;
use Doctrine\ORM\QueryBuilder;
use Symfony\Component\Security\Core\Security;
final readonly class PersonDocumentACLAwareRepository implements PersonDocumentACLAwareRepositoryInterface
{
public function __construct(
private EntityManagerInterface $em,
private CenterResolverManagerInterface $centerResolverManager,
private AuthorizationHelperForCurrentUserInterface $authorizationHelperForCurrentUser,
private Security $security,
) {
}
public function buildQueryByPerson(Person $person): QueryBuilder
{
$qb = $this->em->getRepository(PersonDocument::class)->createQueryBuilder('d');
$qb
->where($qb->expr()->eq('d.person', ':person'))
->setParameter('person', $person);
return $qb;
}
public function buildFetchQueryForPerson(Person $person, ?DateTimeImmutable $startDate = null, ?DateTimeImmutable $endDate = null, ?string $content = null): FetchQueryInterface
{
$query = $this->buildBaseFetchQueryForPerson($person, $startDate, $endDate, $content);
return $this->addFetchQueryByPersonACL($query, $person);
}
public function buildFetchQueryForAccompanyingPeriod(AccompanyingPeriod $period, ?\DateTimeImmutable $startDate = null, ?\DateTimeImmutable $endDate = null, ?string $content = null): FetchQueryInterface
{
$personDocMetadata = $this->em->getClassMetadata(PersonDocument::class);
$participationMetadata = $this->em->getClassMetadata(AccompanyingPeriodParticipation::class);
$query = new FetchQuery(
PersonDocumentGenericDocProvider::KEY,
sprintf('jsonb_build_object(\'id\', person_document.%s)', $personDocMetadata->getSingleIdentifierColumnName()),
sprintf('person_document.%s', $personDocMetadata->getColumnName('date')),
sprintf('%s AS person_document', $personDocMetadata->getSchemaName().'.'.$personDocMetadata->getTableName())
);
$query->addJoinClause(
sprintf(
'JOIN %s AS participation ON participation.%s = person_document.%s '.
'AND person_document.%s BETWEEN participation.%s AND COALESCE(participation.%s, \'infinity\'::date)',
$participationMetadata->getTableName(),
$participationMetadata->getSingleAssociationJoinColumnName('person'),
$personDocMetadata->getSingleAssociationJoinColumnName('person'),
$personDocMetadata->getColumnName('date'),
$participationMetadata->getColumnName('startDate'),
$participationMetadata->getColumnName('endDate')
)
);
$query->addWhereClause(
sprintf('participation.%s = ?', $participationMetadata->getSingleAssociationJoinColumnName('accompanyingPeriod')),
[$period->getId()],
[Types::INTEGER]
);
// can we see the document for this person ?
$orPersonId = [];
foreach ($period->getParticipations() as $participation) {
if (!$this->security->isGranted(PersonDocumentVoter::SEE, $participation->getPerson())) {
continue;
}
$orPersonId[] = $participation->getPerson()->getId();
}
if ([] === $orPersonId) {
$query->addWhereClause('FALSE = TRUE');
return $query;
}
$query->addWhereClause(
sprintf(
'participation.%s IN (%s)',
$participationMetadata->getSingleAssociationJoinColumnName('person'),
implode(', ', array_fill(0, count($orPersonId), '?'))
),
$orPersonId,
array_fill(0, count($orPersonId), Types::INTEGER)
);
return $this->addFilterClauses($query, $startDate, $endDate, $content);
}
public function buildBaseFetchQueryForPerson(Person $person, ?DateTimeImmutable $startDate = null, ?DateTimeImmutable $endDate = null, ?string $content = null): FetchQuery
{
$personDocMetadata = $this->em->getClassMetadata(PersonDocument::class);
$query = new FetchQuery(
PersonDocumentGenericDocProvider::KEY,
sprintf('jsonb_build_object(\'id\', person_document.%s)', $personDocMetadata->getSingleIdentifierColumnName()),
sprintf('person_document.%s', $personDocMetadata->getColumnName('date')),
sprintf('%s AS person_document', $personDocMetadata->getSchemaName().'.'.$personDocMetadata->getTableName())
);
$query->addWhereClause(
sprintf('person_document.%s = ?', $personDocMetadata->getSingleAssociationJoinColumnName('person')),
[$person->getId()],
[Types::INTEGER]
);
return $this->addFilterClauses($query, $startDate, $endDate, $content);
}
private function addFilterClauses(FetchQuery $query, ?DateTimeImmutable $startDate = null, ?DateTimeImmutable $endDate = null, ?string $content = null): FetchQuery
{
$personDocMetadata = $this->em->getClassMetadata(PersonDocument::class);
if (null !== $startDate) {
$query->addWhereClause(
sprintf('? <= %s', $personDocMetadata->getColumnName('date')),
[$startDate],
[Types::DATE_IMMUTABLE]
);
}
if (null !== $endDate) {
$query->addWhereClause(
sprintf('? >= %s', $personDocMetadata->getColumnName('date')),
[$endDate],
[Types::DATE_IMMUTABLE]
);
}
if (null !== $content and '' !== $content) {
$query->addWhereClause(
sprintf(
'(%s ilike ? OR %s ilike ?)',
$personDocMetadata->getColumnName('title'),
$personDocMetadata->getColumnName('description')
),
['%' . $content . '%', '%' . $content . '%'],
[Types::STRING, Types::STRING]
);
}
return $query;
}
public function countByPerson(Person $person): int
{
$qb = $this->buildQueryByPerson($person)->select('COUNT(d)');
$this->addACL($qb, $person);
return $qb->getQuery()->getSingleScalarResult();
}
public function findByPerson(Person $person, array $orderBy = [], int $limit = 20, int $offset = 0): array
{
$qb = $this->buildQueryByPerson($person)->select('d');
$this->addACL($qb, $person);
foreach ($orderBy as $field => $order) {
$qb->addOrderBy('d.' . $field, $order);
}
$qb->setFirstResult($offset)->setMaxResults($limit);
return $qb->getQuery()->getResult();
}
private function addACL(QueryBuilder $qb, Person $person): void
{
$reachableScopes = [];
foreach ($this->centerResolverManager->resolveCenters($person) as $center) {
$reachableScopes = [
...$reachableScopes,
...$this->authorizationHelperForCurrentUser
->getReachableScopes(
PersonDocumentVoter::SEE,
$center
)
];
}
if ([] === $reachableScopes) {
$qb->andWhere("'FALSE' = 'TRUE'");
return;
}
$qb->andWhere($qb->expr()->in('d.scope', ':scopes'))
->setParameter('scopes', $reachableScopes);
}
private function addFetchQueryByPersonACL(FetchQuery $fetchQuery, Person $person): FetchQuery
{
$personDocMetadata = $this->em->getClassMetadata(PersonDocument::class);
$reachableScopes = [];
foreach ($this->centerResolverManager->resolveCenters($person) as $center) {
$reachableScopes = [
...$reachableScopes,
...$this->authorizationHelperForCurrentUser->getReachableScopes(PersonDocumentVoter::SEE, $center)
];
}
if ([] === $reachableScopes) {
$fetchQuery->addWhereClause('FALSE = TRUE');
return $fetchQuery;
}
$fetchQuery->addWhereClause(
sprintf(
'person_document.%s IN (%s)',
$personDocMetadata->getSingleAssociationJoinColumnName('scope'),
implode(', ', array_fill(0, count($reachableScopes), '?'))
),
array_map(static fn (Scope $s) => $s->getId(), $reachableScopes),
array_fill(0, count($reachableScopes), Types::INTEGER)
);
return $fetchQuery;
}
}