From 78e03f98787344099f262ee59c13ed9c58d1d8fb Mon Sep 17 00:00:00 2001
From: Andrew Engelbrecht <andrew@fsf.org>
Date: Tue, 19 Apr 2022 18:47:53 -0400
Subject: [PATCH] changes to board nomination participation rules

mostly changing a hard cutoff date for a comparison of a sum total of
contributions over a time period
---
 docs/fsf-drupal-auth.md           |  5 +--
 lib/Auth/Source/FSFDrupalAuth.php | 60 +++++++++++++++++--------------
 2 files changed, 37 insertions(+), 28 deletions(-)

diff --git a/docs/fsf-drupal-auth.md b/docs/fsf-drupal-auth.md
index dc897c2..e141186 100644
--- a/docs/fsf-drupal-auth.md
+++ b/docs/fsf-drupal-auth.md
@@ -10,7 +10,8 @@ SQL queries in `config/authsources.php` should be something like the following:
 
         // custom fsf authentication source wrapped by ratelimit auth source
         'fsfdrupalauth:FSFDrupalAuth',
-        'nomination_process_date' => '2022-01-01',
+        'nomination_process_contrib_start_date' => '2017-01-01',
+        'nomination_process_contrib_end_date' => '2022-01-01',
         'dsn' => 'mysql:host=example.com;port=3306;dbname=drupal',
         'username' => '$DB_USERNAME',
         'password' => '$DB_PASSWORD',
@@ -18,7 +19,7 @@ SQL queries in `config/authsources.php` should be something like the following:
         // don't filter with 'and c.is_test = 0' because these may be useful for FSF staff
         'query_membership' => "select c.status_id from drupal.users a inner join civicrm.civicrm_uf_match b on a.uid=b.uf_id inner join civicrm.civicrm_membership c on b.contact_id=c.contact_id inner join civicrm.civicrm_contact d on c.contact_id=d.id where a.status = 1 and d.is_deleted = 0 and c.status_id is not NULL and a.name = :username and (c.status_id = 1 or c.status_id = 2 or c.status_id = 3 or c.status_id = 4) order by c.status_id limit 10;",
         'query_staff' => "select a.name as is_fsf_staff from drupal.users a inner join civicrm.civicrm_uf_match b on a.uid=b.uf_id inner join civicrm.civicrm_contact c on b.contact_id=c.id inner join civicrm.civicrm_relationship d on c.id=d.contact_id_a where a.name=:username and a.status=1 and c.is_deleted=0 and d.relationship_type_id=4 and d.contact_id_b=FOOBAR and d.is_active=1 and (d.end_date>NOW() or d.end_date is NULL) limit 1;",
-        'query_nomination_process' => "select c.join_date from drupal.users a inner join civicrm.civicrm_uf_match b on a.uid=b.uf_id inner join civicrm.civicrm_membership c on b.contact_id=c.contact_id inner join civicrm.civicrm_contact d on c.contact_id=d.id where a.name = :username and c.status_id is not NULL and (c.status_id = 1 or c.status_id = 2 or c.status_id = 3 or c.status_id = 4) and c.join_date <= :nomination_process_date order by c.join_date limit 1;",
+        'query_nomination_process_donations' => "select sum(d.total_amount) from drupal.users a inner join civicrm.civicrm_uf_match b on a.uid=b.uf_id inner join civicrm.civicrm_contact c on b.contact_id=c.id inner join civicrm.civicrm_contribution d on c.id=d.contact_id where a.name = :username and d.is_test = '0' and (d.financial_type_id = '2' or :all_contribs) and d.receive_date > :start_date and d.receive_date < :end_date;",
 
     ],
 
diff --git a/lib/Auth/Source/FSFDrupalAuth.php b/lib/Auth/Source/FSFDrupalAuth.php
index 8a0c60e..5f6d8d3 100644
--- a/lib/Auth/Source/FSFDrupalAuth.php
+++ b/lib/Auth/Source/FSFDrupalAuth.php
@@ -44,13 +44,14 @@ class FSFDrupalAuth extends \SimpleSAML\Module\core\Auth\UserPassBase
     private $query_main;
     private $query_membership;
     private $query_staff;
-    private $query_nomination_process;
+    private $query_nomination_process_donations;
 
     /**
-     * Date for determining whether someone can participate in board nomination
+     * Date for determining whether someone may participate in board nomination
      * process
      */
-    private $nomination_process_date;
+    private $nomination_process_contrib_start_date;
+    private $nomination_process_contrib_end_date;
 
     /**
      * Constructor for this authentication source.
@@ -67,7 +68,7 @@ class FSFDrupalAuth extends \SimpleSAML\Module\core\Auth\UserPassBase
         parent::__construct($info, $config);
 
         // Make sure that all required parameters are present.
-        foreach (['dsn', 'username', 'password', 'query_main', 'query_membership', 'query_staff', 'query_nomination_process', 'nomination_process_date'] as $param) {
+        foreach (['dsn', 'username', 'password', 'query_main', 'query_membership', 'query_staff', 'query_nomination_process_donations', 'nomination_process_contrib_start_date', 'nomination_process_contrib_end_date'] as $param) {
             if (!array_key_exists($param, $config)) {
                 throw new Exception('Missing required attribute \''.$param.
                     '\' for authentication source '.$this->authId);
@@ -87,8 +88,9 @@ class FSFDrupalAuth extends \SimpleSAML\Module\core\Auth\UserPassBase
         $this->query_main =       $config['query_main'];
         $this->query_membership = $config['query_membership'];
         $this->query_staff =      $config['query_staff'];
-        $this->query_nomination_process = $config['query_nomination_process'];
-        $this->nomination_process_date    = $config['nomination_process_date'];
+        $this->query_nomination_process_donations = $config['query_nomination_process_donations'];
+        $this->nomination_process_contrib_start_date    = $config['nomination_process_contrib_start_date'];
+        $this->nomination_process_contrib_end_date    = $config['nomination_process_contrib_end_date'];
         if (isset($config['options'])) {
             $this->options = $config['options'];
         }
@@ -274,28 +276,34 @@ class FSFDrupalAuth extends \SimpleSAML\Module\core\Auth\UserPassBase
         }
 
         //
-        // query on first membership join date
+        // query for access to board nomination process
         //
 
-        $membership_date_data = $this->query_db('query_nomination_process', ['username' => $username, 'nomination_process_date' => $nomination_process_date]);
-
-        if (count($membership_date_data) === 0) {
-            // No rows returned - no old membership start
-            Logger::debug('fsfdrupalauth:'.$this->authId.
-                ': No rows in result set. May only be a short term member.');
-        }
-
-        $attributes['nomination_process'] = ['false'];
-
-        foreach ($membership_date_data as $row) {
-            foreach ($row as $key => $value) {
-                if ($value === null) {
-                    continue;
-                } elseif ($attributes['is_member'][0] == 'true') {
-                    $attributes['nomination_process'] = ['true'];
-                }
-            }
-        }
+	$meets_a_criterion = function ($all_contribs, $amount) {
+
+		$ranged_membership_donation_total =
+			$this->query_db('query_nomination_process_donations',
+			['username' => $username,
+			'start_date' => $nomination_process_contrib_start_date,
+			'end_date' => $nomination_process_contrib_end_date,
+			'all_contribs' => $all_contribs]);
+
+		foreach ($ranged_membership_donation_total[0] as $key => $value) {
+		    if ($value < $amount) {
+			continue;
+		    } elseif ($attributes['is_member'][0] == 'true') {
+			return true;
+		    }
+		}
+
+		return false;
+	};
+
+	if ($meets_a_criterion(true, 5) || $meets_a_criterion(false, 5)) {
+		$attributes['nomination_process'] = ['true'];
+	} else {
+		$attributes['nomination_process'] = ['false'];
+	}
 
         //
         // query on staff
-- 
2.25.1