Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
| Total | |
47.83% |
11 / 23 |
|
75.00% |
3 / 4 |
CRAP | |
0.00% |
0 / 1 |
| RequiresPermissionFilter | |
47.83% |
11 / 23 |
|
75.00% |
3 / 4 |
11.11 | |
0.00% |
0 / 1 |
| __construct | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| getWhereCondition | |
25.00% |
4 / 16 |
|
0.00% |
0 / 1 |
6.80 | |||
| createJoinQuery | |
100.00% |
5 / 5 |
|
100.00% |
1 / 1 |
1 | |||
| getOrderByCode | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| 1 | <?php |
| 2 | namespace Apie\DoctrineEntityDatalayer\Query; |
| 3 | |
| 4 | use Apie\Core\Attributes\LoggedIn; |
| 5 | use Apie\Core\BoundedContext\BoundedContextId; |
| 6 | use Apie\Core\ContextConstants; |
| 7 | use Apie\Core\Datalayers\Search\QuerySearch; |
| 8 | use Apie\Core\Entities\EntityInterface; |
| 9 | use Apie\Core\IdentifierUtils; |
| 10 | use Apie\Core\Permissions\PermissionInterface; |
| 11 | use Apie\Core\Permissions\RequiresPermissionsInterface; |
| 12 | use Apie\DoctrineEntityDatalayer\Enums\SortingOrder; |
| 13 | use Doctrine\DBAL\Connection; |
| 14 | use ReflectionClass; |
| 15 | |
| 16 | final class RequiresPermissionFilter implements TextSearchFilterInterface, AddsJoinFilterInterface |
| 17 | { |
| 18 | /** |
| 19 | * @param ReflectionClass<EntityInterface&RequiresPermissionsInterface> $entityClass |
| 20 | */ |
| 21 | public function __construct( |
| 22 | private readonly ReflectionClass $entityClass, |
| 23 | private readonly BoundedContextId $boundedContextId |
| 24 | ) { |
| 25 | } |
| 26 | |
| 27 | public function getWhereCondition(QuerySearch $querySearch, Connection $connection): string |
| 28 | { |
| 29 | $context = $querySearch->getApieContext(); |
| 30 | if ($context->getContext(ContextConstants::DISABLE_CONTEXT_FILTER, false)) { |
| 31 | return '1'; |
| 32 | } |
| 33 | if ((new LoggedIn(PermissionInterface::class))->applies($context)) { |
| 34 | $user = $context->getContext(ContextConstants::AUTHENTICATED_USER); |
| 35 | assert($user instanceof PermissionInterface); |
| 36 | $permissions = $user->getPermissionIdentifiers()->toStringList()->toArray(); |
| 37 | // this is for entities with RequiresPermission returning an empty array. |
| 38 | // see AccessControlListAttributeConverter. |
| 39 | $permissions[] = ''; |
| 40 | |
| 41 | $query = array_map( |
| 42 | function (string $permission) use ($connection) { |
| 43 | return $connection->quote($permission); |
| 44 | }, |
| 45 | $permissions |
| 46 | ); |
| 47 | return sprintf('acl.permission IN (%s)', implode(',', $query)); |
| 48 | } |
| 49 | return 'acl.permission IN ("")'; |
| 50 | } |
| 51 | |
| 52 | public function createJoinQuery(QuerySearch $querySearch, Connection $connection): string |
| 53 | { |
| 54 | return sprintf( |
| 55 | 'JOIN apie_access_control_list acl ON (entity.id = acl.ref_apie_resource__%s_%s_id)', |
| 56 | $this->boundedContextId, |
| 57 | IdentifierUtils::classNameToUnderscore($this->entityClass), |
| 58 | ); |
| 59 | } |
| 60 | |
| 61 | public function getOrderByCode(SortingOrder $sortingOrder): string |
| 62 | { |
| 63 | return ''; |
| 64 | } |
| 65 | } |