Adds the given object to a whitelist of objects which may be persisted when persistAll() is called with the
$onlyWhitelistedObjects flag. This is the case if "safe" HTTP request methods are used.
public whitelistObject ( object $object ) : void | ||
$object | object | The object |
return | void |
/** * @param object $object * @throws IllegalObjectTypeException */ public function add($object) { $this->persistenceManager->whitelistObject($object); if ($this->removedResources->contains($object)) { $this->removedResources->detach($object); } if (!$this->addedResources->contains($object)) { $this->addedResources->attach($object); parent::add($object); } }
/** * Checks the given token for validity and sets the token authentication status * accordingly (success, wrong credentials or no credentials given). * * @param TokenInterface $authenticationToken The token to be authenticated * @return void * @throws UnsupportedAuthenticationTokenException */ public function authenticate(TokenInterface $authenticationToken) { if (!$authenticationToken instanceof UsernamePassword) { throw new UnsupportedAuthenticationTokenException('This provider cannot authenticate the given token.', 1217339840); } /** @var $account Account */ $account = null; $credentials = $authenticationToken->getCredentials(); if ($authenticationToken->getAuthenticationStatus() !== TokenInterface::AUTHENTICATION_SUCCESSFUL) { $authenticationToken->setAuthenticationStatus(TokenInterface::NO_CREDENTIALS_GIVEN); } if (!is_array($credentials) || !isset($credentials['username']) || !isset($credentials['password'])) { return; } $providerName = $this->name; $accountRepository = $this->accountRepository; $this->securityContext->withoutAuthorizationChecks(function () use($credentials, $providerName, $accountRepository, &$account) { $account = $accountRepository->findActiveByAccountIdentifierAndAuthenticationProviderName($credentials['username'], $providerName); }); $authenticationToken->setAuthenticationStatus(TokenInterface::WRONG_CREDENTIALS); if ($account === null) { $this->hashService->validatePassword($credentials['password'], 'bcrypt=>$2a$14$DummySaltToPreventTim,.ingAttacksOnThisProvider'); return; } if ($this->hashService->validatePassword($credentials['password'], $account->getCredentialsSource())) { $account->authenticationAttempted(TokenInterface::AUTHENTICATION_SUCCESSFUL); $authenticationToken->setAuthenticationStatus(TokenInterface::AUTHENTICATION_SUCCESSFUL); $authenticationToken->setAccount($account); } else { $account->authenticationAttempted(TokenInterface::WRONG_CREDENTIALS); } $this->accountRepository->update($account); $this->persistenceManager->whitelistObject($account); }
/** * Refreshes this asset after the Resource or any other parameters affecting thumbnails have been modified * * @return void */ public function refresh() { $assetClassType = str_replace('Neos\\Media\\Domain\\Model\\', '', get_class($this)); $this->systemLogger->log(sprintf('%s: refresh() called, clearing all thumbnails. Filename: %s. PersistentResource SHA1: %s', $assetClassType, $this->getResource()->getFilename(), $this->getResource()->getSha1()), LOG_DEBUG); // whitelist objects so they can be deleted (even during safe requests) $this->persistenceManager->whitelistObject($this); foreach ($this->thumbnails as $thumbnail) { $this->persistenceManager->whitelistObject($thumbnail); } $this->thumbnails->clear(); }
/** * If the specified workspace or its root node does not exist yet, the workspace and root node will be created. * * This method is basically a safeguard for legacy and potentially broken websites where users might not have * their own workspace yet. In a normal setup, the Domain User Service is responsible for creating and deleting * user workspaces. * * @param string $workspaceName Name of the workspace * @return void */ protected function createWorkspaceAndRootNodeIfNecessary($workspaceName) { $workspace = $this->workspaceRepository->findOneByName($workspaceName); if ($workspace === null) { $liveWorkspace = $this->workspaceRepository->findOneByName('live'); $owner = $this->userService->getBackendUser(); $workspace = new Workspace($workspaceName, $liveWorkspace, $owner); $this->workspaceRepository->add($workspace); $this->persistenceManager->whitelistObject($workspace); } $contentContext = $this->createContext($workspaceName); $rootNode = $contentContext->getRootNode(); $this->persistenceManager->whitelistObject($rootNode); $this->persistenceManager->whitelistObject($rootNode->getNodeData()); $this->persistenceManager->persistAll(true); }
/** * * * @return void */ public function updateEventsAfterPublish() { if (!$this->eventEmittingService->isEnabled()) { return; } /** @var $entityManager EntityManager */ $entityManager = $this->entityManager; foreach ($this->scheduledNodeEventUpdates as $documentPublish) { /* @var $nodeEvent NodeEvent */ $nodeEvent = $this->eventEmittingService->emit(self::DOCUMENT_PUBLISHED, array(), NodeEvent::class); $nodeEvent->setNode($documentPublish['documentNode']); $nodeEvent->setWorkspaceName($documentPublish['targetWorkspace']); $this->persistenceManager->whitelistObject($nodeEvent); $this->persistenceManager->persistAll(true); $parentEventIdentifier = $this->persistenceManager->getIdentifierByObject($nodeEvent); $qb = $entityManager->createQueryBuilder(); $qb->update(NodeEvent::class, 'e')->set('e.parentEvent', ':parentEventIdentifier')->setParameter('parentEventIdentifier', $parentEventIdentifier)->where('e.parentEvent IS NULL')->andWhere('e.workspaceName = :workspaceName')->setParameter('workspaceName', $documentPublish['workspaceName'])->andWhere('e.documentNodeIdentifier = :documentNodeIdentifier')->setParameter('documentNodeIdentifier', $documentPublish['documentNode']->getIdentifier())->andWhere('e.eventType != :publishedEventType')->setParameter('publishedEventType', self::DOCUMENT_PUBLISHED)->getQuery()->execute(); } $this->scheduledNodeEventUpdates = array(); }