/**
* Apply custom ACL checks
*
* @param QueryBuilder $qb
*/
public function applyAcl(QueryBuilder $qb)
{
$user = $this->securityFacade->getLoggedUser();
$organization = $this->getOrganization();
$mailboxIds = $this->mailboxManager->findAvailableMailboxIds($user, $organization);
$exprs = [$qb->expr()->eq('eu.owner', ':owner')];
if ($organization) {
$exprs[] = $qb->expr()->eq('eu.organization ', ':organization');
$qb->setParameter('organization', $organization->getId());
}
$uoCheck = call_user_func_array([$qb->expr(), 'andX'], $exprs);
if (!empty($mailboxIds)) {
$qb->andWhere($qb->expr()->orX($uoCheck, $qb->expr()->in('eu.mailboxOwner', ':mailboxIds')));
$qb->setParameter('mailboxIds', $mailboxIds);
} else {
$qb->andWhere($uoCheck);
}
$qb->setParameter('owner', $user->getId());
}
