/** * @inheritdoc * * @param Group $subject */ protected function voteOnAttribute($attribute, $subject, TokenInterface $token) { /** @var User $user */ $user = $token->getUser(); if (!$user instanceof User) { return false; } // A user is allowed to edit his own membership of grouphub groups if ($subject->getType() === Group::TYPE_GROUPHUB) { return true; } return false; }
/** * @param Group $group * * @return string */ private function getGroupReference(Group $group) { $dn = null; switch ($group->getType()) { case Group::TYPE_FORMAL: $dn = $this->formalDn; break; case Group::TYPE_GROUPHUB: $dn = $this->adhocDn; break; default: throw new InvalidArgumentException('Invalid group'); } $group = $this->normalizer->normalizeGroup($group); $cn = $this->readLdap->escape($group['cn'], '', LDAP_ESCAPE_DN); return strtolower('cn=' . $cn . ',' . $dn); }
/** * @param Group $group * * @return array */ public function normalizeGroup(Group $group) { return ['reference' => $group->getReference(), 'name' => $group->getName(), 'description' => $group->getDescription(), 'type' => $group->getType(), 'owner' => $group->getOwnerId(), 'parent' => $group->getParentId()]; }