Completed
Pull Request — develop (#301)
by
unknown
06:43 queued 04:40
created

RaCandidateRepository::createSearchQuery()   B

Complexity

Conditions 6
Paths 32

Size

Total Lines 50

Duplication

Lines 0
Ratio 0 %

Importance

Changes 0
Metric Value
dl 0
loc 50
rs 8.4686
c 0
b 0
f 0
cc 6
nc 32
nop 1
1
<?php
2
3
/**
4
 * Copyright 2014 SURFnet bv
5
 *
6
 * Licensed under the Apache License, Version 2.0 (the "License");
7
 * you may not use this file except in compliance with the License.
8
 * You may obtain a copy of the License at
9
 *
10
 *     http://www.apache.org/licenses/LICENSE-2.0
11
 *
12
 * Unless required by applicable law or agreed to in writing, software
13
 * distributed under the License is distributed on an "AS IS" BASIS,
14
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
 * See the License for the specific language governing permissions and
16
 * limitations under the License.
17
 */
18
19
namespace Surfnet\StepupMiddleware\ApiBundle\Identity\Repository;
20
21
use Doctrine\Common\Collections\ArrayCollection;
22
use Doctrine\ORM\EntityManager;
23
use Doctrine\ORM\EntityRepository;
24
use Doctrine\ORM\Mapping;
25
use Doctrine\ORM\Query\Expr\Join;
26
use Surfnet\Stepup\Identity\Collection\InstitutionCollection;
27
use Surfnet\Stepup\Identity\Value\IdentityId;
28
use Surfnet\Stepup\Identity\Value\Institution;
29
use Surfnet\StepupMiddleware\ApiBundle\Authorization\Filter\InstitutionAuthorizationRepositoryFilter;
30
use Surfnet\StepupMiddleware\ApiBundle\Authorization\Value\InstitutionAuthorizationContextInterface;
31
use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\RaCandidate;
32
use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\VettedSecondFactor;
33
use Surfnet\StepupMiddleware\ApiBundle\Identity\Query\RaCandidateQuery;
34
35
/**
36
 * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
37
 * @SuppressWarnings(PHPMD.TooManyPublicMethods)
38
 */
39
class RaCandidateRepository extends EntityRepository
40
{
41
    /**
42
     * @var InstitutionAuthorizationRepositoryFilter
43
     */
44
    private $authorizationRepositoryFilter;
45
46
    public function __construct(
47
        EntityManager $em,
48
        Mapping\ClassMetadata $class,
49
        InstitutionAuthorizationRepositoryFilter $authorizationRepositoryFilter
50
    ) {
51
        parent::__construct($em, $class);
52
        $this->authorizationRepositoryFilter = $authorizationRepositoryFilter;
53
    }
54
55
    /**
56
     * @param RaCandidateQuery $query
57
     * @return \Doctrine\ORM\Query
58
     */
59
    public function createSearchQuery(RaCandidateQuery $query)
60
    {
61
        $queryBuilder = $this->createQueryBuilder('rac');
62
63
        // Modify query to filter on authorization:
64
        // For the RA candidates we want the identities that we could make RA. Because we then need to look at the
65
        // select_raa's we have to look at the institution of the candidate because that's the institution we could
66
        // select RA's from. Hence the 'rac.institution'.
67
        $this->authorizationRepositoryFilter->filter(
68
            $queryBuilder,
69
            $query->authorizationContext,
70
            'rac.institution',
71
            'iac'
72
        );
73
74
        if ($query->institution) {
75
            $queryBuilder
76
                ->andWhere('rac.institution = :institution')
77
                ->setParameter('institution', $query->institution);
78
        }
79
80
        if ($query->commonName) {
81
            $queryBuilder
82
                ->andWhere('rac.commonName LIKE :commonName')
83
                ->setParameter('commonName', sprintf('%%%s%%', $query->commonName));
84
        }
85
86
        if ($query->email) {
87
            $queryBuilder
88
                ->andWhere('rac.email LIKE :email')
89
                ->setParameter('email', sprintf('%%%s%%', $query->email));
90
        }
91
92
        if (!empty($query->secondFactorTypes)) {
93
            $queryBuilder
94
                ->innerJoin(VettedSecondFactor::class, 'vsf', Join::WITH, 'rac.identityId = vsf.identityId')
95
                ->andWhere('vsf.type IN (:secondFactorTypes)')
96
                ->setParameter('secondFactorTypes', $query->secondFactorTypes);
97
        }
98
99
        if (!empty($query->raInstitution)) {
100
            $queryBuilder
101
                ->andWhere('rac.raInstitution = :raInstitution')
102
                ->setParameter('raInstitution', $query->raInstitution);
103
        }
104
105
        $queryBuilder->groupBy('rac.identityId');
106
107
        return $queryBuilder->getQuery();
108
    }
109
110
    /**
111
     * @param RaCandidateQuery $query
112
     * @return \Doctrine\ORM\Query
113
     */
114
    public function createOptionsQuery(RaCandidateQuery $query)
115
    {
116
        $queryBuilder = $this->createQueryBuilder('rac')
117
            ->select('rac.institution');
118
119
        // Modify query to filter on authorization:
120
        // For the RA candidates we want the identities that we could make RA. Because we then need to look at the
121
        // select_raa's we have to look at the institution of the candidate because that's the institution we could
122
        // select RA's from. Hence the 'rac.institution'.
123
        $this->authorizationRepositoryFilter->filter(
124
            $queryBuilder,
125
            $query->authorizationContext,
126
            'rac.institution',
127
            'iac'
128
        );
129
130
        return $queryBuilder->getQuery();
131
    }
132
133
    /**
134
     * @param string $identityId
135
     * @param InstitutionAuthorizationContextInterface $authorizationContext
136
     * @return RaCandidate[]
137
     */
138
    public function findAllRaasByIdentityId($identityId, InstitutionAuthorizationContextInterface $authorizationContext)
139
    {
140
        $queryBuilder = $this->createQueryBuilder('rac')
141
            ->where('rac.identityId = :identityId')
142
            ->setParameter('identityId', $identityId)
143
            ->orderBy('rac.raInstitution');
144
145
        // Modify query to filter on authorization:
146
        // For the RA candidates we want the identities that we could make RA. Because we then need to look at the
147
        // select_raa's we have to look at the institution of the candidate because that's the institution we could
148
        // select RA's from. Hence the 'rac.institution'.
149
        $this->authorizationRepositoryFilter->filter(
150
            $queryBuilder,
151
            $authorizationContext,
152
            'rac.institution',
153
            'iac'
154
        );
155
156
        return $queryBuilder->getQuery()->getResult();
157
    }
158
}
159