Skip to content

Commit ccf873b

Browse files
blizzzenjeck
blizzz
authored and
enjeck
committed
fix: have visibility checks already in SQL instead of later filtering
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
1 parent 07a3e1d commit ccf873b

File tree

2 files changed

+17
-31
lines changed

2 files changed

+17
-31
lines changed

lib/Db/ContextMapper.php

Lines changed: 17 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -168,17 +168,27 @@ public function findAll(?string $userId = null): array {
168168

169169
return $resultEntities;
170170
}
171-
172171
public function findForNavBar(string $userId): array {
173172
$qb = $this->getFindContextBaseQuery($userId);
174-
$qb->andWhere($qb->expr()->andX(
173+
$qb->andWhere($qb->expr()->orX(
175174
// default
176-
$qb->expr()->gt('n.display_mode', $qb->createNamedParameter(Application::NAV_ENTRY_MODE_HIDDEN, IQueryBuilder::PARAM_INT)),
177-
// user override
178-
$qb->expr()->orX(
179-
$qb->expr()->gt('n2.display_mode', $qb->createNamedParameter(Application::NAV_ENTRY_MODE_HIDDEN, IQueryBuilder::PARAM_INT)),
175+
$qb->expr()->andX(
176+
// requires lack of user overwrite, indicated by n2.display_mode
180177
$qb->expr()->isNull('n2.display_mode'),
181-
)
178+
// requires a display mode also depending on the role…
179+
$qb->expr()->orX(
180+
// not an owner: requires RECIPIENT or ALL
181+
$qb->expr()->andX(
182+
// groups are not considered, yet
183+
$qb->expr()->neq('c.owner_id', $qb->createNamedParameter($userId)),
184+
$qb->expr()->gt('n.display_mode', $qb->createNamedParameter(Application::NAV_ENTRY_MODE_HIDDEN, IQueryBuilder::PARAM_INT)),
185+
),
186+
// an owner (no explicit check necessary): requires ALL
187+
$qb->expr()->eq('n.display_mode', $qb->createNamedParameter(Application::NAV_ENTRY_MODE_ALL, IQueryBuilder::PARAM_INT)),
188+
),
189+
),
190+
// user override
191+
$qb->expr()->gt('n2.display_mode', $qb->createNamedParameter(Application::NAV_ENTRY_MODE_HIDDEN, IQueryBuilder::PARAM_INT)),
182192
));
183193

184194
$result = $qb->executeQuery();

lib/Listener/BeforeTemplateRenderedListener.php

Lines changed: 0 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -43,30 +43,6 @@ public function handle(Event $event): void {
4343

4444
$contexts = $this->contextService->findForNavigation($user->getUID());
4545
foreach ($contexts as $context) {
46-
if ($context->getOwnerType() === Application::OWNER_TYPE_USER
47-
&& $context->getOwnerId() === $user->getUID()) {
48-
49-
// filter out entries for owners unless it is set to be visible
50-
$skipEntry = true;
51-
foreach ($context->getSharing() as $shareInfo) {
52-
// TODO: integrate into DB query in Mapper
53-
if (isset($shareInfo['display_mode']) && $shareInfo['display_mode'] === Application::NAV_ENTRY_MODE_ALL) {
54-
// a custom override makes it visible
55-
$skipEntry = false;
56-
break;
57-
}
58-
59-
if (!isset($shareInfo['display_mode']) && $shareInfo['display_mode_default'] === Application::NAV_ENTRY_MODE_ALL) {
60-
// no custom override, and visible also for owner by default
61-
$skipEntry = false;
62-
break;
63-
}
64-
}
65-
if ($skipEntry) {
66-
continue;
67-
}
68-
}
69-
7046
$this->navigationManager->add(function () use ($context) {
7147
$iconRelPath = 'material/' . $context->getIcon() . '.svg';
7248
if (file_exists(__DIR__ . '/../../img/' . $iconRelPath)) {

0 commit comments

Comments
 (0)