public function getUserAccessibleGroups(User $user, $includeNode = true)
{
// On vérifie que l'utilisateur est soit un super admin,
// soit assigné à un groupe puisque s'il ne l'est pas,
// $accessibleGroups contient automatiquement tous les groupes
// (cf. méthode getChildren())
if ($user->getGroup() === null && !$user->isSuperAdmin()) {
throw new \RuntimeException(sprintf('User "%s" is not super admin and is not assigned to a group.', $user));
}
return $this->groupRepo->getChildren($user->getGroup(), false, null, "asc", $includeNode);
}
public function getAccessibleGroups()
{
$groups = [];
$user = $this->context->getToken()->getUser();
if ($this->isGranted(User::ROLE_SUPER_ADMIN)) {
$groups = $this->groupRepo->getChildren(null);
} elseif ($this->isGranted(User::ROLE_ADMIN)) {
$groups = $this->groupRepo->getChildren($user->getGroup(), false, null, "asc", true);
} elseif ($user->getGroup() !== null) {
$groups = [$user->getGroup()];
}
if (empty($groups) && !$this->isGranted(User::ROLE_ADMIN)) {
throw new \RuntimeException('Security error! This user should not have empty group access. This can lead to security breach.');
}
return $groups;
}
