Page: Filtering page list by permissions of the curren user - refs BT#21600

2 years ago · 46839f80a6
parent daa4ed2f8b
commit 46839f80a6
3 changed files with 36 additions and 11 deletions
--- a/src/CoreBundle/Component/Utils/CreateDefaultPages.php
+++ b/src/CoreBundle/Component/Utils/CreateDefaultPages.php
@ -101,7 +101,7 @@ class CreateDefaultPages

        // Categories for extra content in admin blocks

-        foreach ($this->getCategoriesForAdminBlocks() as $nameBlock) {
+        foreach (self::getCategoriesForAdminBlocks() as $nameBlock) {
            $usersAdminBlock = (new PageCategory())
                ->setTitle($nameBlock)
                ->setType('grid')
@ -121,7 +121,7 @@ class CreateDefaultPages
        return true;
    }

-    public function getCategoriesForAdminBlocks()
+    public static function getCategoriesForAdminBlocks(): array
    {
        return [
            'block-admin-users',
--- a/src/CoreBundle/DataProvider/Extension/PageExtension.php
+++ b/src/CoreBundle/DataProvider/Extension/PageExtension.php
@ -9,6 +9,7 @@ namespace Chamilo\CoreBundle\DataProvider\Extension;
 use ApiPlatform\Doctrine\Orm\Extension\QueryCollectionExtensionInterface;
 use ApiPlatform\Doctrine\Orm\Util\QueryNameGeneratorInterface;
 use ApiPlatform\Metadata\Operation;
+use Chamilo\CoreBundle\Component\Utils\CreateDefaultPages;
 use Chamilo\CoreBundle\Entity\Page;
 use Chamilo\CoreBundle\ServiceHelper\AccessUrlHelper;
 use Doctrine\ORM\QueryBuilder;
@ -28,27 +29,51 @@ final class PageExtension implements QueryCollectionExtensionInterface // , Quer
        ?Operation $operation = null,
        array $context = []
    ): void {
-        $this->addWhere($queryBuilder, $resourceClass);
-    }
-
-    private function addWhere(QueryBuilder $qb, string $resourceClass): void
-    {
        if (Page::class !== $resourceClass) {
            return;
        }

-        $alias = $qb->getRootAliases()[0];
+        $alias = $queryBuilder->getRootAliases()[0];

        $url = $this->accessUrlHelper->getCurrent();

        // Url filter by default.
-        $qb
+        $queryBuilder
            ->andWhere("$alias.url = :url")
            ->setParameter('url', $url->getId())
+            ->innerJoin(
+                "$alias.category",
+                'category',
+            )
        ;

        if (!$this->security->isGranted('ROLE_ADMIN')) {
-            $qb->andWhere("$alias.enabled = 1");
+            $queryBuilder->andWhere("$alias.enabled = 1")
+                ->andWhere(
+                    $queryBuilder->expr()->notIn(
+                        'category.title',
+                        CreateDefaultPages::getCategoriesForAdminBlocks()
+                    )
+                )
+            ;
+        }
+
+        if (!$this->security->isGranted('IS_AUTHENTICATED')) {
+            $queryBuilder
+                ->andWhere(
+                    $queryBuilder->expr()->in('category.title', ':anon_categories')
+                )
+                ->setParameter(
+                    'anon_categories',
+                    [
+                        'faq',
+                        'demo',
+                        'home',
+                        'public',
+                        'footer_public',
+                    ]
+                )
+            ;
        }
    }
 }
--- a/tests/CoreBundle/Repository/PageRepositoryTest.php
+++ b/tests/CoreBundle/Repository/PageRepositoryTest.php
@ -318,7 +318,7 @@ class PageRepositoryTest extends AbstractApiTest
        $this->assertTrue($result);
        $this->assertSame(2, $pageRepo->count([]));
        $this->assertSame(
-            6 + \count($createDefaultPages->getCategoriesForAdminBlocks()),
+            6 + \count(CreateDefaultPages::getCategoriesForAdminBlocks()),
            $pageCategoryRepo->count([])
        );