From 30237561c896463ced81371f1f2dc36a7b4823cf Mon Sep 17 00:00:00 2001
From: Damien Burel <damien.burel@maarch.org>
Date: Fri, 24 Mar 2017 14:20:50 +0100
Subject: [PATCH] [FEAT] [PARA V2] Fix notes count method (check entities
 perimeter)

---
 core/Controllers/ResController.php          |  4 +-
 modules/notes/Models/NotesModelAbstract.php | 42 ++++++++++++++++++---
 modules/visa/Controllers/VisaController.php |  2 +-
 rest/index.php                              |  2 +-
 4 files changed, 41 insertions(+), 9 deletions(-)

diff --git a/core/Controllers/ResController.php b/core/Controllers/ResController.php
index 74a84042b51..295ff8e9cb8 100644
--- a/core/Controllers/ResController.php
+++ b/core/Controllers/ResController.php
@@ -83,9 +83,9 @@ class ResController
         return $response->withJson(ResModel::isLockForCurrentUser(['resId' => $aArgs['resId']]));
     }
 
-    public function getNotesCountById(RequestInterface $request, ResponseInterface $response, $aArgs)
+    public function getNotesCountForCurrentUserById(RequestInterface $request, ResponseInterface $response, $aArgs)
     {
-        return $response->withJson(\NotesModel::countByResId(['resId' => $aArgs['resId']]));
+        return $response->withJson(\NotesModel::countForCurrentUserByResId(['resId' => $aArgs['resId']]));
     }
 
     /**
diff --git a/modules/notes/Models/NotesModelAbstract.php b/modules/notes/Models/NotesModelAbstract.php
index f5d04108871..cebf4d9ecf5 100644
--- a/modules/notes/Models/NotesModelAbstract.php
+++ b/modules/notes/Models/NotesModelAbstract.php
@@ -68,18 +68,50 @@ class NotesModelAbstract extends Apps_Table_Service
         return $aReturn;
     }
 
-    public static function countByResId(array $aArgs = [])
+    public static function countForCurrentUserByResId(array $aArgs = [])
     {
         static::checkRequired($aArgs, ['resId']);
 
-        $aReturn = static::select([
-            'select' => 'COUNT(*)',
-            'table' => ['notes'],
+        $nb = 0;
+        $countedNotes = [];
+        $entities = [];
+
+        $aEntities = static::select([
+            'select' => 'entity_id',
+            'table' => ['users_entities'],
+            'where' => ['user_id = ?'],
+            'data' => [$_SESSION['user']['UserId']]
+        ]);
+
+        foreach ($aEntities as $value) {
+            $entities[] = $value['entity_id'];
+        }
+
+        $aNotes = static::select([
+            'select' => ['notes.id','user_id', 'item_id'],
+            'table' => ['notes', 'note_entities'],
+            'left_join' => ['notes.id = note_entities.note_id'],
             'where' => ['identifier = ?'],
             'data' => [$aArgs['resId']]
         ]);
 
-        return $aReturn[0]['count'];
+        foreach ($aNotes as $value) {
+            if (empty($value['item_id']) && !in_array($value['id'], $countedNotes)) {
+                ++$nb;
+                $countedNotes[] = $value['id'];
+            } elseif (!empty($value['item_id'])) {
+                if ($value['user_id'] == $_SESSION['user']['UserId'] && !in_array($value['id'], $countedNotes)) {
+                    ++$nb;
+                    $countedNotes[] = $value['id'];
+                } elseif (in_array($value['item_id'], $entities) && !in_array($value['id'], $countedNotes)) {
+                    ++$nb;
+                    $countedNotes[] = $value['id'];
+                }
+            }
+        }
+
+
+        return $nb;
     }
 
 }
diff --git a/modules/visa/Controllers/VisaController.php b/modules/visa/Controllers/VisaController.php
index 26ef9eb50f4..51cdf88147a 100644
--- a/modules/visa/Controllers/VisaController.php
+++ b/modules/visa/Controllers/VisaController.php
@@ -121,7 +121,7 @@ class VisaController
         //		$datas['histories'] 	= $history;
         $datas['resList']       = $resList;
         $datas['resListIndex']  = $resListIndex;
-        $datas['nbNotes']       = \NotesModel::countByResId(['resId' => $resId]);
+        $datas['nbNotes']       = \NotesModel::countForCurrentUserByResId(['resId' => $resId]);
         $datas['signature']     = \UsersModel::getSignatureForCurrentUser()['pathToSignatureOnTmp'];
         $datas['consigne']      = \UsersModel::getCurrentConsigneById(['resId' => $resId]);
         $datas['hasWorkflow']   = \VisaModel::hasVisaWorkflowByResId(['resId' => $resId]);
diff --git a/rest/index.php b/rest/index.php
index 0fb0b129b81..04ebc8ce476 100644
--- a/rest/index.php
+++ b/rest/index.php
@@ -125,7 +125,7 @@ $app->put('/{collId}/{resId}/unsign', \Visa\Controllers\VisaController::class .
 //resource
 $app->post('/res', \Core\Controllers\ResController::class . ':create');
 $app->get('/res/{resId}/lock', \Core\Controllers\ResController::class . ':isLock');
-$app->get('/res/{resId}/notes/count', \Core\Controllers\ResController::class . ':getNotesCountById');
+$app->get('/res/{resId}/notes/count', \Core\Controllers\ResController::class . ':getNotesCountForCurrentUserById');
 
 //extresource
 $app->post('/resExt', \Core\Controllers\ResExtController::class . ':create');
-- 
GitLab