/** * @param string $className * @param int $id * @param array $data * * @return array * * @throws \Exception */ public function patch($className, $id, $data) { $entity = $this->getEntity($className, $id); if (!$this->securityService->isGranted('EDIT', $entity)) { throw new AccessDeniedException(); } return $this->entityDataManager->update($entity, $data); }
/** * @expectedException Oro\Bundle\EntityBundle\Exception\FieldUpdateAccessException */ public function testBlockedFieldNameUpdate() { $entityManager = $this->getMockBuilder('\\Doctrine\\Common\\Persistence\\ObjectManager')->disableOriginalConstructor()->getMock(); $metadata = $this->getMetadata(['hasField' => true, 'hasAssociation' => false, 'getFieldMapping' => ['type' => 'boolean']]); $entityManager->expects($this->any())->method('getClassMetadata')->willReturn($metadata); $this->registry->expects($this->any())->method('getManager')->willReturn($entityManager); $metaDataOwnerShip = $this->getMetaDataOwnerShip(['hasOwner' => true, 'isGlobalLevelOwned' => false, 'getOwnerFieldName' => 'owner']); $this->ownershipMetadataProvider->expects($this->any())->method('getMetaData')->willReturn($metaDataOwnerShip); $this->validator->expects($this->once())->method('validate')->will($this->throwException(new FieldUpdateAccessException())); $this->manager->update($this->getEntity(), ['id' => 10, 'updatedAt' => 10, 'createdAt' => 10]); }
/** * @param string $className * @param int $id * @param array $data * * @return array * * @throws AccessDeniedException */ public function patch($className, $id, $data) { $entity = $this->entityRoutingHelper->getEntity($className, $id); if (!$this->securityService->isGranted('EDIT', $entity)) { throw new AccessDeniedException(); } try { return $this->entityDataManager->update($entity, $data); } catch (FieldUpdateAccessException $e) { throw new AccessDeniedException($e->getMessage(), $e); } }