From ca91218951bf4ac30d123d62685819c6cf4c2fed Mon Sep 17 00:00:00 2001
From: "florian.azizian" <florian.azizian@maarch.org>
Date: Thu, 13 Feb 2020 23:02:12 +0100
Subject: [PATCH] FIX #12072 TIME 0:10 select only my draft

---
 src/app/email/controllers/EmailController.php  | 12 ++++++------
 src/app/resource/controllers/ResController.php |  2 +-
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/app/email/controllers/EmailController.php b/src/app/email/controllers/EmailController.php
index c55b7ee219a..130ef803387 100644
--- a/src/app/email/controllers/EmailController.php
+++ b/src/app/email/controllers/EmailController.php
@@ -301,7 +301,7 @@ class EmailController
             return $response->withStatus(400)->withJson(['errors' => 'Query limit is not an int value']);
         }
 
-        $where = ['document->>\'id\' = ?'];
+        $where = ["document->>'id' = ?", "(status != 'DRAFT' or (status = 'DRAFT' and user_id = ?))"];
 
         if (!empty($queryParams['type'])) {
             if (!Validator::stringType()->validate($queryParams['type'])) {
@@ -321,16 +321,16 @@ class EmailController
         $emails = EmailModel::get([
             'select' => ['*'],
             'where'  => $where,
-            'data'   => [$args['resId']],
+            'data'   => [$args['resId'], $GLOBALS['id']],
             'limit'  => (int)$queryParams['limit']
         ]);
 
         foreach ($emails as $key => $email) {
-            $emails[$key]['sender'] = json_decode($emails[$key]['sender']);
+            $emails[$key]['sender']     = json_decode($emails[$key]['sender']);
             $emails[$key]['recipients'] = json_decode($emails[$key]['recipients']);
-            $emails[$key]['cc'] = json_decode($emails[$key]['cc']);
-            $emails[$key]['cci'] = json_decode($emails[$key]['cci']);
-            $emails[$key]['document'] = json_decode($emails[$key]['document']);
+            $emails[$key]['cc']         = json_decode($emails[$key]['cc']);
+            $emails[$key]['cci']        = json_decode($emails[$key]['cci']);
+            $emails[$key]['document']   = json_decode($emails[$key]['document']);
         }
 
         return $response->withJson(['emails' => $emails]);
diff --git a/src/app/resource/controllers/ResController.php b/src/app/resource/controllers/ResController.php
index b266267794f..b88d73418c4 100755
--- a/src/app/resource/controllers/ResController.php
+++ b/src/app/resource/controllers/ResController.php
@@ -682,7 +682,7 @@ class ResController extends ResourceControlController
 
         $formattedData['notes'] = NoteModel::countByResId(['resId' => $args['resId'], 'userId' => $GLOBALS['id'], 'login' => $GLOBALS['userId']]);
 
-        $emails = EmailModel::get(['select' => ['count(1)'], 'where' => ["document->>'id' = ?"], 'data' => [$args['resId']]]);
+        $emails = EmailModel::get(['select' => ['count(1)'], 'where' => ["document->>'id' = ?", "(status != 'DRAFT' or (status = 'DRAFT' and user_id = ?))"], 'data' => [$args['resId'], $GLOBALS['id']]]);
         $acknowledgementReceipts = AcknowledgementReceiptModel::get([
             'select' => ['count(1)'],
             'where'  => ['res_id = ?'],
-- 
GitLab