chill-bundles/Repository/SingleTaskRepository.php

<?php

namespace Chill\TaskBundle\Repository;

use Chill\MainBundle\Entity\User;
use Doctrine\ORM\QueryBuilder;
use Chill\MainBundle\Security\Authorization\AuthorizationHelper;
use Symfony\Component\Security\Core\Role\Role;
use Chill\TaskBundle\Security\Authorization\TaskVoter;

/**
 * SingleTaskRepository
 */
class SingleTaskRepository extends \Doctrine\ORM\EntityRepository
{
    /**
     *
     * @var AuthorizationHelper
     */
    protected $authorizationHelper;
    
    public function setAuthorizationHelper(AuthorizationHelper $authorizationHelper)
    {
        $this->authorizationHelper = $authorizationHelper;
    }
    
    public function findByParameters($params, User $currentUser)
    {
        $qb = $this->createQueryBuilder('st');
        
        $this->buildQuery($qb, $params, $currentUser);
        
        return $qb
            ->getQuery()
            ->getResult()
            ;
    }
    
    protected function buildQuery(QueryBuilder $qb, $params, User $currentUser)
    {
        $this->buildACLQuery($qb, $currentUser);
        
        if (\array_key_exists('person', $params)) {
            $qb->andWhere($qb->expr()->eq('st.person', ':person'));
            $qb->setParameter('person', $params['person']);
        }
    }
    
    protected function buildACLQuery(QueryBuilder $qb, User $currentUser)
    {
        if (NULL === $this->authorizationHelper) {
            throw new \LogicException("Injecting the authorization helper is "
                . "required to run this query. Please use dependency injection "
                . "to initialize this repository or use the method "
                . "`setAuthorizationHelper`");
        }
        
        $role = new Role(TaskVoter::SHOW);
        $qb->join('st.person', 'p');
        
        $centers = $this->authorizationHelper
            ->getReachableCenters($currentUser, $role)
            ;
        
        $i = 0;
        $where = $qb->expr()->orX();
        
        foreach($centers as $center) {
            $circles = $this->authorizationHelper
                ->getReachableCircles($currentUser, $role, $center);
            
            $centerWhere = $qb->expr()->andX();
            
            $centerWhere->add($qb->expr()->eq('p.center', ':center_'.$i));
            $qb->setParameter('center_'.$i, $center);
            $centerWhere->add($qb->expr()->in('st.circle', ':circles_'.$i));
            $qb->setParameter('circles_'.$i, $circles);
            $where->add($centerWhere);
            $i ++;
        }
        
        $qb->where($where);
    }
}