/**
* Determines if object is shared for specified security identities.
*
* @param object $object
* @param SecurityIdentityInterface[] $sids
*
* @return bool
*/
public function isObjectSharedWithSids($object, array $sids)
{
$objectIdentity = ObjectIdentity::fromDomainObject($object);
try {
$acl = $this->aclProvider->findAcl($objectIdentity);
} catch (AclNotFoundException $e) {
return false;
}
foreach ($acl->getObjectAces() as $ace) {
/** @var Entry $ace */
foreach ($sids as $sid) {
if ($sid->equals($ace->getSecurityIdentity())) {
return true;
}
}
}
return false;
}
/**
* @param $entity
* @param User $user
* @return int
*/
public function getPermission($entity, User $user)
{
$securityIdentity = UserSecurityIdentity::fromAccount($user);
$objectIdentity = ObjectIdentity::fromDomainObject($entity);
try {
$acl = $this->aclProvider->findAcl($objectIdentity);
$objectAce = $acl->getObjectAces();
foreach ($objectAce as $key => $ace) {
if ($ace->getSecurityIdentity() == $securityIdentity) {
return $ace->getMask();
}
}
return self::MASK_UNDEFINED;
} catch (\Exception $e) {
return self::MASK_UNDEFINED;
}
return self::MASK_UNDEFINED;
}
/**
* Returns objects extracted from objectIdentity
*
* @return array
*/
protected function getObjects()
{
$objects = [];
$objectIdentity = ObjectIdentity::fromDomainObject($this->object);
try {
$acl = $this->aclProvider->findAcl($objectIdentity);
} catch (AclNotFoundException $e) {
// no ACL found, do nothing
$acl = null;
}
if (!$acl) {
return $objects;
}
$buIds = [];
$usernames = [];
foreach ($acl->getObjectAces() as $ace) {
/** @var $ace Entry */
$securityIdentity = $ace->getSecurityIdentity();
if ($securityIdentity instanceof UserSecurityIdentity) {
$usernames[] = $securityIdentity->getUsername();
} elseif ($securityIdentity instanceof BusinessUnitSecurityIdentity) {
$buIds[] = $securityIdentity->getId();
}
}
if ($buIds) {
/** @var $repo BusinessUnitRepository */
$repo = $this->objectManager->getRepository('OroOrganizationBundle:BusinessUnit');
$businessUnits = $repo->getBusinessUnits($buIds);
$objects = array_merge($objects, $businessUnits);
}
if ($usernames) {
/** @var $repo UserRepository */
$repo = $this->objectManager->getRepository('OroUserBundle:User');
$users = $repo->findUsersByUsernames($usernames);
$objects = array_merge($objects, $users);
}
return $objects;
}
/**
* @param Share $model
* @param object $entity
*/
protected function onSuccess($model, $entity)
{
$objectIdentity = ObjectIdentity::fromDomainObject($entity);
try {
$acl = $this->aclProvider->findAcl($objectIdentity);
} catch (AclNotFoundException $e) {
$acl = $this->aclProvider->createAcl($objectIdentity);
}
$oldSids = $this->extractSids($acl);
// saves original value of old sids to extract new added elements
$oldSidsCopy = $oldSids;
$newSids = $this->generateSids($model);
// $oldSids - $newSids: to delete
foreach (array_diff($oldSids, $newSids) as $sid) {
$acl->deleteObjectAce(array_search($sid, $oldSids, true));
// fills array again because index was recalculated
$oldSids = $this->extractSids($acl);
}
// $newSids - $oldSids: to insert
foreach (array_diff($newSids, $oldSidsCopy) as $sid) {
$acl->insertObjectAce($sid, $this->getMaskBySid($sid));
}
$this->aclProvider->updateAcl($acl);
}