public function testIsAclEnabled() { $factory = $this->getMockBuilder('Oro\\Bundle\\SecurityBundle\\Acl\\Domain\\ObjectIdentityFactory')->disableOriginalConstructor()->getMock(); $extensionSelector = $this->getMockBuilder('Oro\\Bundle\\SecurityBundle\\Acl\\Extension\\AclExtensionSelector')->disableOriginalConstructor()->getMock(); $manager = new AclManager($factory, $extensionSelector); $this->assertFalse($manager->isAclEnabled()); $aclProvider = $this->getMockBuilder('Oro\\Bundle\\SecurityBundle\\Acl\\Dbal\\MutableAclProvider')->disableOriginalConstructor()->getMock(); $manager = new AclManager($factory, $extensionSelector, $aclProvider); $this->assertTrue($manager->isAclEnabled()); }
/** * @param ObjectManager $manager * @param AclManager $aclManager */ protected function setBuyerShoppingListPermissions(ObjectManager $manager, AclManager $aclManager) { $chainMetadataProvider = $this->container->get('oro_security.owner.metadata_provider.chain'); $allowedAcls = ['VIEW_BASIC', 'CREATE_BASIC', 'EDIT_BASIC', 'DELETE_BASIC']; $role = $this->getBuyerRole($manager); if ($aclManager->isAclEnabled()) { $sid = $aclManager->getSid($role); $className = $this->container->getParameter('orob2b_shopping_list.entity.shopping_list.class'); foreach ($aclManager->getAllExtensions() as $extension) { if ($extension instanceof EntityAclExtension) { $chainMetadataProvider->startProviderEmulation(FrontendOwnershipMetadataProvider::ALIAS); $oid = $aclManager->getOid('entity:' . $className); $builder = $aclManager->getMaskBuilder($oid); $mask = $builder->reset()->get(); foreach ($allowedAcls as $acl) { $mask = $builder->add($acl)->get(); } $aclManager->setPermission($sid, $oid, $mask); $chainMetadataProvider->stopProviderEmulation(); } } } }
/** * @param AclManager $aclManager * @param AccountUserRole $role * @param string $className * @param array $allowedAcls */ protected function setRolePermissions(AclManager $aclManager, AccountUserRole $role, $className, array $allowedAcls) { /* @var $chainMetadataProvider ChainMetadataProvider */ $chainMetadataProvider = $this->container->get('oro_security.owner.metadata_provider.chain'); if ($aclManager->isAclEnabled()) { $sid = $aclManager->getSid($role); foreach ($aclManager->getAllExtensions() as $extension) { if ($extension instanceof EntityAclExtension) { $chainMetadataProvider->startProviderEmulation(FrontendOwnershipMetadataProvider::ALIAS); $oid = $aclManager->getOid('entity:' . $className); $builder = $aclManager->getMaskBuilder($oid); $mask = $builder->reset()->get(); foreach ($allowedAcls as $acl) { $mask = $builder->add($acl)->get(); } $aclManager->setPermission($sid, $oid, $mask); $chainMetadataProvider->stopProviderEmulation(); } } } }
/** * @param ObjectManager $manager * @param AclManager $aclManager * @return AccountUserRole */ protected function createBuyerRole(ObjectManager $manager, AclManager $aclManager) { $role = $this->createEntity(self::BUYER, $this->defaultRoles[self::BUYER]); $this->setWebsiteDefaultRoles($manager, $role); if ($aclManager->isAclEnabled()) { $sid = $aclManager->getSid($role); foreach ($aclManager->getAllExtensions() as $extension) { $this->setPermissionGroup($aclManager, $extension, $sid, 'GROUP_NONE'); } } return $role; }