@@ -671,6 +671,62 @@ public function get_calendar_appointments()
671671 $ unavailability ['provider ' ] = $ this ->providers_model ->find ($ unavailability ['id_users_provider ' ]);
672672 }
673673
674+ unset($ appointment );
675+
676+ $ user_id = session ('user_id ' );
677+
678+ $ role_slug = session ('role_slug ' );
679+
680+ // If the current user is a provider he must only see his own appointments.
681+ if ($ role_slug === DB_SLUG_PROVIDER )
682+ {
683+ foreach ($ response ['appointments ' ] as $ index => $ appointment )
684+ {
685+ if ((int )$ appointment ['id_users_provider ' ] !== (int )$ user_id )
686+ {
687+ unset($ response ['appointments ' ][$ index ]);
688+ }
689+ }
690+
691+ $ response ['appointments ' ] = array_values ($ response ['appointments ' ]);
692+
693+ foreach ($ response ['unavailabilities ' ] as $ index => $ unavailability )
694+ {
695+ if ((int )$ unavailability ['id_users_provider ' ] !== (int )$ user_id )
696+ {
697+ unset($ response ['unavailabilities ' ][$ index ]);
698+ }
699+ }
700+
701+ $ response ['unavailabilities ' ] = array_values ($ response ['unavailabilities ' ]);
702+ }
703+
704+ // If the current user is a secretary he must only see the appointments of his providers.
705+ if ($ role_slug === DB_SLUG_SECRETARY )
706+ {
707+ $ providers = $ this ->secretaries_model ->find ($ user_id )['providers ' ];
708+
709+ foreach ($ response ['appointments ' ] as $ index => $ appointment )
710+ {
711+ if ( ! in_array ((int )$ appointment ['id_users_provider ' ], $ providers ))
712+ {
713+ unset($ response ['appointments ' ][$ index ]);
714+ }
715+ }
716+
717+ $ response ['appointments ' ] = array_values ($ response ['appointments ' ]);
718+
719+ foreach ($ response ['unavailabilities ' ] as $ index => $ unavailability )
720+ {
721+ if ( ! in_array ((int )$ unavailability ['id_users_provider ' ], $ providers ))
722+ {
723+ unset($ response ['unavailabilities ' ][$ index ]);
724+ }
725+ }
726+
727+ $ response ['unavailabilities ' ] = array_values ($ response ['unavailabilities ' ]);
728+ }
729+
674730 json_response ($ response );
675731 }
676732 catch (Throwable $ e )
0 commit comments