/**
* Transform a given model entry into an ACL related Entry (ACE).
*
* @param \Propel\PropelBundle\Model\Acl\Entry $modelEntry
* @param \Symfony\Component\Security\Acl\Model\AclInterface $acl
*
* @return \Symfony\Component\Security\Acl\Model\EntryInterface
*/
public static function toAclEntry(Entry $modelEntry, AclInterface $acl)
{
if (null === $modelEntry->getFieldName()) {
return new AclEntry($modelEntry, $acl);
}
return new AclFieldEntry($modelEntry, $acl);
}
/**
* Update auditing on a single ACE.
*
* @throws \InvalidArgumentException
*
* @param array $list
* @param int $index
* @param bool $auditSuccess
* @param bool $auditFailure
*
* @return \Propel\PropelBundle\Security\Acl\Domain\AuditableAcl $this
*/
protected function updateAuditing(array &$list, $index, $auditSuccess, $auditFailure)
{
if (!is_bool($auditSuccess) or !is_bool($auditFailure)) {
throw new \InvalidArgumentException('The given auditing flags are invalid. Please provide boolean only.');
}
$this->validateIndex($list, $index);
$entry = ModelEntry::fromAclEntry($list[$index])->setAuditSuccess($auditSuccess)->setAuditFailure($auditFailure);
$list[$index] = ModelEntry::toAclEntry($entry, $this);
return $this;
}
/**
* Constructor.
*
* @param \Propel\PropelBundle\Model\Acl\Entry $entry
* @param \Symfony\Component\Security\Acl\Model\AclInterface $acl
*/
public function __construct(ModelEntry $entry, AclInterface $acl)
{
$this->acl = $acl;
$this->securityIdentity = SecurityIdentity::toAclIdentity($entry->getSecurityIdentity());
/*
* A new ACE (from a MutableAcl) does not have an ID,
* but will be persisted by the MutableAclProvider afterwards, if issued.
*/
if ($entry->getId()) {
$this->id = $entry->getId();
}
$this->mask = $entry->getMask();
$this->isGranting = $entry->getGranting();
$this->strategy = $entry->getGrantingStrategy();
$this->auditFailure = $entry->getAuditFailure();
$this->auditSuccess = $entry->getAuditSuccess();
}
protected function createModelEntry()
{
$entry = new ModelEntry();
$entry->setId(42)->setAclClass($this->getAclClass())->setSecurityIdentity(SecurityIdentity::fromAclIdentity($this->getRoleSecurityIdentity()))->setAuditFailure(true)->setAuditSuccess(false)->setGrantingStrategy('all')->setGranting(true)->setMask(64);
return $entry;
}
protected function createEntry()
{
$entry = new Entry();
$entry->setAuditSuccess(false)->setAuditFailure(false)->setMask(64)->setGranting(true)->setGrantingStrategy('all')->setAceOrder(0);
return $entry;
}
/**
* Persist the given ACEs.
*
* @param array $accessControlEntries
* @param \Propel\PropelBundle\Model\Acl\ObjectIdentity $objectIdentity
* @param bool $object
*
* @return array The IDs of the persisted ACEs.
*/
protected function persistAcl(array $accessControlEntries, ObjectIdentity $objectIdentity, $object = false)
{
$entries = array();
/* @var $eachAce \Symfony\Component\Security\Acl\Model\EntryInterface */
foreach ($accessControlEntries as $order => $eachAce) {
// If the given ACE has never been persisted, create a new one.
if (null === ($entry = $this->getPersistedAce($eachAce, $objectIdentity, $object))) {
$entry = ModelEntry::fromAclEntry($eachAce);
}
if (in_array($entry->getId(), $entries)) {
$entry = ModelEntry::fromAclEntry($eachAce);
}
// Apply possible changes from local ACE.
$entry->setAceOrder($order)->setAclClass($objectIdentity->getAclClass())->setMask($eachAce->getMask());
if ($eachAce instanceof AuditableEntryInterface) {
if (is_bool($eachAce->isAuditSuccess())) {
$entry->setAuditSuccess($eachAce->isAuditSuccess());
}
if (is_bool($eachAce->isAuditFailure())) {
$entry->setAuditFailure($eachAce->isAuditFailure());
}
}
if (true === $object) {
$entry->setObjectIdentity($objectIdentity);
}
$entry->save($this->connection);
$entries[] = $entry->getId();
}
return $entries;
}
/**
* Constructor.
*
* @param \Propel\PropelBundle\Model\Acl\Entry $entry
* @param \Symfony\Component\Security\Acl\Model\AclInterface $acl
*/
public function __construct(ModelEntry $entry, AclInterface $acl)
{
$this->field = $entry->getFieldName();
parent::__construct($entry, $acl);
}
/**
* Create a new ACL Entry.
*
* @param int $mask
* @param int $index
* @param \Symfony\Component\Security\Acl\Model\SecurityIdentityInterface $securityIdentity
* @param string $strategy
* @param bool $granting
* @param string $field
*
* @return \Propel\PropelBundle\Security\Acl\Domain\Entry|\Propel\PropelBundle\Security\Acl\Domain\FieldEntry
*/
protected function createAce($mask, $index, SecurityIdentityInterface $securityIdentity, $strategy = null, $granting = true, $field = null)
{
if (!is_int($mask)) {
throw new \InvalidArgumentException('The given mask is not valid. Please provide an integer.');
}
// Compatibility with default implementation
if (null === $strategy) {
if (true === $granting) {
$strategy = PermissionGrantingStrategy::ALL;
} else {
$strategy = PermissionGrantingStrategy::ANY;
}
}
$model = new ModelEntry();
$model->setAceOrder($index)->setMask($mask)->setGrantingStrategy($strategy)->setGranting($granting)->setSecurityIdentity(SecurityIdentity::fromAclIdentity($securityIdentity));
if (null !== $field) {
$model->setFieldName($field);
return new FieldEntry($model, $this);
}
return new Entry($model, $this);
}
