public function testGet_granted_base()
{
$base_ids = [];
$n = 0;
foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
foreach ($databox->get_collections() as $collection) {
$base_ids[] = $collection->get_base_id();
$n++;
}
}
if ($n === 0) {
$this->fail('Not enough collection to test');
}
self::$object->give_access_to_base($base_ids);
$bases = array_keys(self::$object->get_granted_base());
$this->assertEquals(count($bases), count($base_ids));
$this->assertEquals($n, count($base_ids));
foreach ($bases as $base_id) {
try {
$collection = collection::get_from_base_id(self::$DI['app'], $base_id);
$this->assertTrue($collection instanceof collection);
$this->assertEquals($base_id, $collection->get_base_id());
unset($collection);
} catch (Exception $e) {
$this->fail('get granted base should returned OK collection');
}
}
}
/**
* Returns all the feeds a user can access.
*
* @return \Doctrine\Common\Collections\Collection
*/
public function getAllForUser(\ACL $userACL)
{
$base_ids = array_keys($userACL->get_granted_base());
$qb = $this->createQueryBuilder('f');
$qb->where($qb->expr()->isNull('f.baseId'))->orWhere('f.public = true');
if (count($base_ids) > 0) {
$qb->orWhere($qb->expr()->in('f.baseId', $base_ids));
}
$qb->orderBy('f.updatedOn', 'DESC');
return $qb->getQuery()->getResult();
}
/**
* Returns all the feeds from a given array containing their id.
*
* @param \ACL $userACL
* @param array $feedIds Ids to restrict feeds, all accessible otherwise
*
* @return Feed[]
*/
public function filterUserAccessibleByIds(\ACL $userACL, array $feedIds = [])
{
$qb = $this->createQueryBuilder('f');
// is public feed?
$orx = $qb->expr()->orX($qb->expr()->isNull('f.baseId'), $qb->expr()->eq('f.public', $qb->expr()->literal(true)));
// is granted base?
$grantedBases = array_keys($userACL->get_granted_base());
if ($grantedBases) {
$orx->add($qb->expr()->in('f.baseId', $grantedBases));
}
if ($feedIds) {
$qb->where($qb->expr()->in('f.id', $feedIds), $orx);
}
$qb->orderBy('f.updatedOn', 'DESC');
return $qb->getQuery()->getResult();
}
/**
* Returns all the feeds a user can access.
*
* @return \Doctrine\Common\Collections\Collection
*/
public function getAllForUser(\ACL $userACL, array $restrictions = [])
{
$base_ids = array_keys($userACL->get_granted_base());
$qb = $this->createQueryBuilder('f');
$qb->where($qb->expr()->isNull('f.baseId'))->orWhere($qb->expr()->eq('f.public', $qb->expr()->literal(true)));
if (count($restrictions) > 0 && count($base_ids) > 0) {
$base_ids = array_intersect($base_ids, $restrictions);
}
if (empty($base_ids) && count($restrictions) > 0) {
$base_ids = $restrictions;
}
if (count($base_ids) > 0) {
$qb->orWhere($qb->expr()->in('f.baseId', $base_ids));
}
$qb->orderBy('f.updatedOn', 'DESC');
return $qb->getQuery()->getResult();
}
/**
* Restrict users on collection with provided rights
*
* @param ACL $ACL
* @param array $rights
*
* @return $this
*/
public function on_bases_where_i_am(ACL $ACL, array $rights)
{
$this->bases_restrictions = true;
$collections = array_keys($ACL->get_granted_base($rights));
if (count($this->base_ids) > 0) {
$this->base_ids = array_intersect($this->base_ids, $collections);
} else {
$this->base_ids = $collections;
}
$this->total = $this->page = $this->total_page = null;
return $this;
}
/**
* Get current user's granted collections where he can upload
*
* @param \ACL $acl The user's ACL.
*
* @return array
*/
private function getGrantedCollections(\ACL $acl)
{
$collections = [];
foreach ($acl->get_granted_base(['canaddrecord']) as $collection) {
$databox = $collection->get_databox();
if (!isset($collections[$databox->get_sbas_id()])) {
$collections[$databox->get_sbas_id()] = ['databox' => $databox, 'databox_collections' => []];
}
$collections[$databox->get_sbas_id()]['databox_collections'][] = $collection;
}
return $collections;
}
