/** * Applies ACL conditions to the search query * * @param Query $query * @param string $permission * * @return Query */ public function apply(Query $query, $permission = 'VIEW') { $queryFromEntities = $query->getFrom(); // in query, from record !== '*' if ($queryFromEntities[0] === '*') { $queryFromEntities = $this->mappingProvider->getEntitiesListAliases(); } $allowedAliases = []; $ownerExpressions = []; $expr = $query->getCriteria()->expr(); if (!empty($queryFromEntities)) { foreach ($queryFromEntities as $entityAlias) { $className = $this->mappingProvider->getEntityClass($entityAlias); if ($className) { $ownerField = sprintf('%s_owner', $entityAlias); $condition = $this->ownershipDataBuilder->getAclConditionData($className, $permission); if (count($condition) === 0 || !($condition[0] === null && $condition[3] === null)) { $allowedAliases[] = $entityAlias; // in case if we should not limit data for entity if (count($condition) === 0 || $condition[1] === null) { $ownerExpressions[] = $expr->gte('integer.' . $ownerField, SearchListener::EMPTY_OWNER_ID); continue; } $owners = [SearchListener::EMPTY_OWNER_ID]; if (!empty($condition[1])) { $owners = $condition[1]; if (is_array($owners) && count($owners) === 1) { $owners = $owners[0]; } } if (is_array($owners)) { $ownerExpressions[] = $expr->in('integer.' . $ownerField, $owners); } else { $ownerExpressions[] = $expr->eq('integer.' . $ownerField, $owners); } } } } } if (!empty($ownerExpressions)) { $query->getCriteria()->andWhere(new CompositeExpression(CompositeExpression::TYPE_OR, $ownerExpressions)); } $query->from($allowedAliases); $this->addOrganizationLimits($query, $expr); return $query; }
/** * Get search query 'from' aliases * * @param Query $query * * @return array Return search aliases from Query. In case if from part = *, return all search aliases */ protected function getSearchAliases(Query $query) { $queryAliases = $query->getFrom(); if ($queryAliases[0] === '*') { $queryAliases = $this->mappingProvider->getEntitiesListAliases(); } return $queryAliases; }
public function testGetEntitiesListAliases() { $this->assertEquals(['Oro\\TestBundle\\Entity\\TestEntity' => 'test_entity'], $this->provider->getEntitiesListAliases()); }