Ejemplo n.º 1
0
 /**
  * Determines if object is shared for specified security identities.
  *
  * @param object $object
  * @param SecurityIdentityInterface[] $sids
  *
  * @return bool
  */
 public function isObjectSharedWithSids($object, array $sids)
 {
     $objectIdentity = ObjectIdentity::fromDomainObject($object);
     try {
         $acl = $this->aclProvider->findAcl($objectIdentity);
     } catch (AclNotFoundException $e) {
         return false;
     }
     foreach ($acl->getObjectAces() as $ace) {
         /** @var Entry $ace */
         foreach ($sids as $sid) {
             if ($sid->equals($ace->getSecurityIdentity())) {
                 return true;
             }
         }
     }
     return false;
 }
Ejemplo n.º 2
0
 /**
  * {@inheritdoc}
  */
 public function updateUserSecurityIdentity($oldUsername, UserInterface $user = null)
 {
     // $this->aclProvider->updateUserSecurityIdentity() is only available in symfony/security-acl >= 2.5
     if (method_exists($this->aclProvider, 'updateUserSecurityIdentity')) {
         $this->aclProvider->updateUserSecurityIdentity($this->getUserSecurityIdentity($user), $oldUsername);
     } else {
         // only for symfony/security-acl < 2.5
         $usid = $this->getUserSecurityIdentity($user);
         if ($usid->getUsername() == $oldUsername) {
             throw new \InvalidArgumentException('There are no changes.');
         }
         $oldIdentifier = $usid->getClass() . '-' . $oldUsername;
         $newIdentifier = $usid->getClass() . '-' . $usid->getUsername();
         $query = sprintf('UPDATE %s SET identifier = %s WHERE identifier = %s AND username = %s', $this->aclTables['sid'], $this->connection->quote($newIdentifier), $this->connection->quote($oldIdentifier), $this->connection->getDatabasePlatform()->convertBooleans(true));
         $this->connection->executeQuery($query);
     }
 }
Ejemplo n.º 3
0
 /**
  * @param $entity
  * @param User $user
  * @return int
  */
 public function getPermission($entity, User $user)
 {
     $securityIdentity = UserSecurityIdentity::fromAccount($user);
     $objectIdentity = ObjectIdentity::fromDomainObject($entity);
     try {
         $acl = $this->aclProvider->findAcl($objectIdentity);
         $objectAce = $acl->getObjectAces();
         foreach ($objectAce as $key => $ace) {
             if ($ace->getSecurityIdentity() == $securityIdentity) {
                 return $ace->getMask();
             }
         }
         return self::MASK_UNDEFINED;
     } catch (\Exception $e) {
         return self::MASK_UNDEFINED;
     }
     return self::MASK_UNDEFINED;
 }
Ejemplo n.º 4
0
 /**
  * Returns objects extracted from objectIdentity
  *
  * @return array
  */
 protected function getObjects()
 {
     $objects = [];
     $objectIdentity = ObjectIdentity::fromDomainObject($this->object);
     try {
         $acl = $this->aclProvider->findAcl($objectIdentity);
     } catch (AclNotFoundException $e) {
         // no ACL found, do nothing
         $acl = null;
     }
     if (!$acl) {
         return $objects;
     }
     $buIds = [];
     $usernames = [];
     foreach ($acl->getObjectAces() as $ace) {
         /** @var $ace Entry */
         $securityIdentity = $ace->getSecurityIdentity();
         if ($securityIdentity instanceof UserSecurityIdentity) {
             $usernames[] = $securityIdentity->getUsername();
         } elseif ($securityIdentity instanceof BusinessUnitSecurityIdentity) {
             $buIds[] = $securityIdentity->getId();
         }
     }
     if ($buIds) {
         /** @var $repo BusinessUnitRepository */
         $repo = $this->objectManager->getRepository('OroOrganizationBundle:BusinessUnit');
         $businessUnits = $repo->getBusinessUnits($buIds);
         $objects = array_merge($objects, $businessUnits);
     }
     if ($usernames) {
         /** @var $repo UserRepository */
         $repo = $this->objectManager->getRepository('OroUserBundle:User');
         $users = $repo->findUsersByUsernames($usernames);
         $objects = array_merge($objects, $users);
     }
     return $objects;
 }
Ejemplo n.º 5
0
 /**
  * @param Share $model
  * @param object $entity
  */
 protected function onSuccess($model, $entity)
 {
     $objectIdentity = ObjectIdentity::fromDomainObject($entity);
     try {
         $acl = $this->aclProvider->findAcl($objectIdentity);
     } catch (AclNotFoundException $e) {
         $acl = $this->aclProvider->createAcl($objectIdentity);
     }
     $oldSids = $this->extractSids($acl);
     // saves original value of old sids to extract new added elements
     $oldSidsCopy = $oldSids;
     $newSids = $this->generateSids($model);
     // $oldSids - $newSids: to delete
     foreach (array_diff($oldSids, $newSids) as $sid) {
         $acl->deleteObjectAce(array_search($sid, $oldSids, true));
         // fills array again because index was recalculated
         $oldSids = $this->extractSids($acl);
     }
     // $newSids - $oldSids: to insert
     foreach (array_diff($newSids, $oldSidsCopy) as $sid) {
         $acl->insertObjectAce($sid, $this->getMaskBySid($sid));
     }
     $this->aclProvider->updateAcl($acl);
 }
 /**
  * Constructor.
  *
  * @param Connection                          $connection
  * @param PermissionGrantingStrategyInterface $permissionGrantingStrategy
  * @param array                               $options
  * @param AclCacheInterface                   $cache
  */
 public function __construct(Connection $connection, PermissionGrantingStrategyInterface $permissionGrantingStrategy, array $options, AclCacheInterface $cache = null)
 {
     $this->permissionStrategy = $permissionGrantingStrategy;
     parent::__construct($connection, $permissionGrantingStrategy, $options, $cache);
 }
Ejemplo n.º 7
0
 /**
  * {@inheritdoc}
  */
 public function findAcls(array $oids, array $sids = array())
 {
     $sids = $this->hydrateSecurityIdentities($sids);
     return parent::findAcls($oids, $sids);
 }