From cd00c05ea280f48e98d684e1805b32f561774c45 Mon Sep 17 00:00:00 2001 From: Arthur Schiwon Date: Tue, 23 Jul 2024 00:09:33 +0200 Subject: [PATCH] fix: have visibility checks already in SQL instead of later filtering Signed-off-by: Arthur Schiwon --- lib/Db/ContextMapper.php | 24 +++++++++++++------ .../BeforeTemplateRenderedListener.php | 24 ------------------- 2 files changed, 17 insertions(+), 31 deletions(-) diff --git a/lib/Db/ContextMapper.php b/lib/Db/ContextMapper.php index 544bcbdbe..8669b85d1 100644 --- a/lib/Db/ContextMapper.php +++ b/lib/Db/ContextMapper.php @@ -168,17 +168,27 @@ public function findAll(?string $userId = null): array { return $resultEntities; } - public function findForNavBar(string $userId): array { $qb = $this->getFindContextBaseQuery($userId); - $qb->andWhere($qb->expr()->andX( + $qb->andWhere($qb->expr()->orX( // default - $qb->expr()->gt('n.display_mode', $qb->createNamedParameter(Application::NAV_ENTRY_MODE_HIDDEN, IQueryBuilder::PARAM_INT)), - // user override - $qb->expr()->orX( - $qb->expr()->gt('n2.display_mode', $qb->createNamedParameter(Application::NAV_ENTRY_MODE_HIDDEN, IQueryBuilder::PARAM_INT)), + $qb->expr()->andX( + // requires lack of user overwrite, indicated by n2.display_mode $qb->expr()->isNull('n2.display_mode'), - ) + // requires a display mode also depending on the roleā€¦ + $qb->expr()->orX( + // not an owner: requires RECIPIENT or ALL + $qb->expr()->andX( + // groups are not considered, yet + $qb->expr()->neq('c.owner_id', $qb->createNamedParameter($userId)), + $qb->expr()->gt('n.display_mode', $qb->createNamedParameter(Application::NAV_ENTRY_MODE_HIDDEN, IQueryBuilder::PARAM_INT)), + ), + // an owner (no explicit check necessary): requires ALL + $qb->expr()->eq('n.display_mode', $qb->createNamedParameter(Application::NAV_ENTRY_MODE_ALL, IQueryBuilder::PARAM_INT)), + ), + ), + // user override + $qb->expr()->gt('n2.display_mode', $qb->createNamedParameter(Application::NAV_ENTRY_MODE_HIDDEN, IQueryBuilder::PARAM_INT)), )); $result = $qb->executeQuery(); diff --git a/lib/Listener/BeforeTemplateRenderedListener.php b/lib/Listener/BeforeTemplateRenderedListener.php index 876a39558..b26bc6592 100644 --- a/lib/Listener/BeforeTemplateRenderedListener.php +++ b/lib/Listener/BeforeTemplateRenderedListener.php @@ -43,30 +43,6 @@ public function handle(Event $event): void { $contexts = $this->contextService->findForNavigation($user->getUID()); foreach ($contexts as $context) { - if ($context->getOwnerType() === Application::OWNER_TYPE_USER - && $context->getOwnerId() === $user->getUID()) { - - // filter out entries for owners unless it is set to be visible - $skipEntry = true; - foreach ($context->getSharing() as $shareInfo) { - // TODO: integrate into DB query in Mapper - if (isset($shareInfo['display_mode']) && $shareInfo['display_mode'] === Application::NAV_ENTRY_MODE_ALL) { - // a custom override makes it visible - $skipEntry = false; - break; - } - - if (!isset($shareInfo['display_mode']) && $shareInfo['display_mode_default'] === Application::NAV_ENTRY_MODE_ALL) { - // no custom override, and visible also for owner by default - $skipEntry = false; - break; - } - } - if ($skipEntry) { - continue; - } - } - $this->navigationManager->add(function () use ($context) { $iconRelPath = 'material/' . $context->getIcon() . '.svg'; if (file_exists(__DIR__ . '/../../img/' . $iconRelPath)) {