/**
  * Returns the vote for the given parameters.
  *
  * This method must return one of the following constants:
  * ACCESS_GRANTED, ACCESS_DENIED, or ACCESS_ABSTAIN.
  *
  * @param TokenInterface $token A TokenInterface instance
  * @param string $object The object to secure
  * @param array $attributes An array of attributes associated with the method being invoked
  *
  * @return int     either ACCESS_GRANTED, ACCESS_ABSTAIN, or ACCESS_DENIED
  */
 public function vote(TokenInterface $token, $object, array $attributes)
 {
     // check if class of this object is supported by this voter
     if (!$this->supportsClass($object)) {
         return VoterInterface::ACCESS_ABSTAIN;
     }
     if (1 !== count($attributes)) {
         throw new \InvalidArgumentException('Only one attribute is allowed for CREATE_ENTITY');
     }
     // set the attribute to check against
     $attribute = $attributes[0];
     // check if the given attribute is covered by this voter
     if (!$this->supportsAttribute($attribute)) {
         return VoterInterface::ACCESS_ABSTAIN;
     }
     // get current logged in user
     $user = $token->getUser();
     // make sure there is a user object(i.e. that the user is logged in)
     if (!$user instanceof UserInterface) {
         return VoterInterface::ACCESS_DENIED;
     }
     // check first for role permission if fails check user permission
     $roles = $user->getRoles();
     if ($this->rulesManager->checkEntityRolePermission($object, $roles, $attribute)) {
         return VoterInterface::ACCESS_GRANTED;
     }
     if ($this->rulesManager->checkEntityUserPermission($object, $user->getUsername(), $attribute)) {
         return VoterInterface::ACCESS_GRANTED;
     }
     return VoterInterface::ACCESS_ABSTAIN;
 }
Example #2
0
 /**
  * @param LifecycleEventArgs $args
  */
 public function postPersist(LifecycleEventArgs $args)
 {
     $object = $args->getEntity();
     if ($object instanceof AclAwareInterface) {
         $rules = $this->aclRulesManager->getEntityRule(ClassUtils::getRealClass($object));
         $this->aclManager->setAcl($object, $rules);
     }
 }
 /**
  * @param LifecycleEventArgs $args
  */
 public function postPersist(LifecycleEventArgs $args)
 {
     $entity = $args->getEntity();
     $className = ClassUtils::getRealClass($entity);
     $classRules = $this->aclRulesManager->getEntityRule($className);
     if ($classRules !== false) {
         $this->aclRulesManager->clearCreateEntityPermissions($classRules);
         $this->aclManager->setAcl($entity, $classRules);
     }
 }