From 9fc73501fd024aa447757a810af4b3dd63457089 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20P=C3=A9ters?= <fpeters@entrouvert.com>
Date: Sun, 21 Oct 2018 15:54:35 +0200
Subject: [PATCH] backoffice: consider visibility in total formdata counts
 (#27483)

---
 wcs/backoffice/management.py |  2 +-
 wcs/sql.py                   | 12 ++++++++----
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/wcs/backoffice/management.py b/wcs/backoffice/management.py
index 4b1ae29ba..c5a445638 100644
--- a/wcs/backoffice/management.py
+++ b/wcs/backoffice/management.py
@@ -474,7 +474,7 @@ class ManagementDirectory(Directory):
         if using_postgresql:
             from wcs import sql
             actionable_counts = sql.get_actionable_counts(user_roles)
-            total_counts = sql.get_total_counts()
+            total_counts = sql.get_total_counts(user_roles)
 
         def append_form_entry(formdef):
             if using_postgresql:
diff --git a/wcs/sql.py b/wcs/sql.py
index 63bd01224..79d80b254 100644
--- a/wcs/sql.py
+++ b/wcs/sql.py
@@ -2030,13 +2030,17 @@ def get_actionable_counts(user_roles):
     return counts
 
 @guard_postgres
-def get_total_counts():
+def get_total_counts(user_roles):
     conn, cur = get_connection_and_cursor()
+    criterias = [
+        Intersects('concerned_roles_array', user_roles),
+    ]
+    where_clauses, parameters, func_clause = parse_clause(criterias)
     statement = '''SELECT formdef_id, COUNT(*)
                      FROM wcs_all_forms
-                    WHERE status != 'draft'
-                 GROUP BY formdef_id'''
-    cur.execute(statement)
+                    WHERE %s
+                 GROUP BY formdef_id''' % ' AND '.join(where_clauses)
+    cur.execute(statement, parameters)
     counts = {str(x): y for x, y in cur.fetchall()}
     conn.commit()
     cur.close()
-- 
2.19.1