Beispiel #1
0
 /**
  * Makes necessary modifications for existing ACE
  *
  * @param SID $sid
  * @param OID $oid
  * @param int $existingMask
  * @param int[] $masks [input/output]
  * @param int[] $rootMasks
  * @param AclExtensionInterface $extension
  * @return bool|int The mask if it was processed, otherwise, false
  */
 protected function updateExistingPermissions(SID $sid, OID $oid, $existingMask, $masks, $rootMasks, AclExtensionInterface $extension)
 {
     $mask = $this->findSimilarMask($masks, $existingMask, $extension);
     $rootMask = $this->findSimilarMask($rootMasks, $existingMask, $extension);
     if ($mask === false && $rootMask === false) {
         // keep existing ACE as is, because both $mask and $rootMask were not found
     } elseif ($rootMask === false) {
         // if $rootMask was not found, just update existing ACE using $mask
         $this->manager->setPermission($sid, $oid, $mask);
     } elseif ($mask === false) {
         // if $mask was not found, use $rootMask to check
         // whether existing ACE need to be removed or keep as is
         if ($existingMask === $extension->adaptRootMask($rootMask, $oid)) {
             // remove existing ACE because it provides the same permissions as the root ACE
             $this->manager->deletePermission($sid, $oid, $existingMask);
         }
     } else {
         // both $mask and $rootMask were found
         if ($mask === $extension->adaptRootMask($rootMask, $oid)) {
             // remove existing ACE, if $mask provides the same permissions as $rootMask
             $this->manager->deletePermission($sid, $oid, $existingMask);
         } else {
             // update existing ACE using $mask, if permissions provide by $mask and $rootMask are different
             $this->manager->setPermission($sid, $oid, $mask);
         }
     }
     return $mask;
 }
Beispiel #2
0
 public function testDeletePermissionForEntityClassNoAcl()
 {
     $sid = $this->getMock('Symfony\\Component\\Security\\Acl\\Model\\SecurityIdentityInterface');
     $oid = new ObjectIdentity('entity', 'Acme\\Test');
     $granting = true;
     $mask = 123;
     $strategy = 'any';
     $this->setItem($oid, BatchItem::STATE_CREATE);
     $this->aclProvider->expects($this->never())->method('findAcl');
     $this->aceProvider->expects($this->never())->method('deletePermission');
     $this->manager->deletePermission($sid, $oid, $mask, $granting, $strategy);
 }