Found a sql having-style approach to permissions

As a way to check aggregate queries for required changes to need to
analyse across combined permission values.
This commit is contained in:
Dan Brown 2023-01-24 13:44:38 +00:00
parent 91e613fe60
commit 7d74575eb8
No known key found for this signature in database
GPG key ID: 46D9F943C24A2EF9

View file

@ -94,10 +94,14 @@ class PermissionApplicator
{
return $query->where(function (Builder $parentQuery) {
$parentQuery->whereHas('jointPermissions', function (Builder $permissionQuery) {
$permissionQuery->whereIn('role_id', $this->getCurrentUserRoleIds())
->where(function (Builder $query) {
$this->addJointHasPermissionCheck($query, $this->currentUser()->id);
});
$permissionQuery->select(['entity_id', 'entity_type'])
->selectRaw('max(owned_by) as owned_by')
->selectRaw('max(has_permission) as has_permission')
->selectRaw('max(has_permission_own) as has_permission_own')
->whereIn('role_id', $this->getCurrentUserRoleIds())
->groupBy(['entity_type', 'entity_id'])
->havingRaw('has_permission > 0')
->orHavingRaw('(has_permission_own > 0 and owned_by = ?)', [$this->currentUser()->id]);
});
});
}