/**
* @dataProvider aclDataProvider
* @param array $protectedMap
* @param array $grantedMap
* @param array $expectedAllowedEntities
*/
public function testApplyAcl($protectedMap, $grantedMap, $expectedAllowedEntities)
{
$entities = array(array('entityName' => '\\stdClass'), array('entityName' => '\\DateTime'));
$tableAlias = 'alias';
$qb = $this->getMockBuilder('Doctrine\\ORM\\QueryBuilder')->disableOriginalConstructor()->getMock();
$query = $this->getMockBuilder('Doctrine\\ORM\\AbstractQuery')->disableOriginalConstructor()->setMethods(array('getArrayResult'))->getMockForAbstractClass();
$query->expects($this->once())->method('getArrayResult')->will($this->returnValue($entities));
$searchQb = $this->getMockBuilder('Doctrine\\ORM\\QueryBuilder')->disableOriginalConstructor()->getMock();
$searchQb->expects($this->once())->method('getQuery')->will($this->returnValue($query));
$searchQb->expects($this->any())->method($this->anything())->will($this->returnSelf());
$em = $this->getMockBuilder('Doctrine\\ORM\\EntityManager')->disableOriginalConstructor()->getMock();
$em->expects($this->once())->method('createQueryBuilder')->will($this->returnValue($searchQb));
$qb->expects($this->once())->method('getEntityManager')->will($this->returnValue($em));
if ($expectedAllowedEntities) {
if (count($expectedAllowedEntities) != count($entities)) {
$qb->expects($this->once())->method('andWhere')->with($tableAlias . '.entityName IN(:allowedEntities)')->will($this->returnSelf());
$qb->expects($this->once())->method('setParameter')->with('allowedEntities', $expectedAllowedEntities)->will($this->returnSelf());
}
} else {
$qb->expects($this->once())->method('andWhere')->with('1 = 0')->will($this->returnSelf());
}
$searchSecurityProvider = $this->getMockBuilder('Oro\\Bundle\\SearchBundle\\Security\\SecurityProvider')->disableOriginalConstructor()->getMock();
$searchSecurityProvider->expects($this->exactly(count($entities)))->method('isProtectedEntity')->will($this->returnValueMap($protectedMap));
if ($grantedMap) {
$searchSecurityProvider->expects($this->exactly(count($grantedMap)))->method('isGranted')->will($this->returnValueMap($grantedMap));
} else {
$searchSecurityProvider->expects($this->never())->method('isGranted');
}
$provider = new SecurityProvider($searchSecurityProvider);
$provider->applyAcl($qb, $tableAlias);
}
/**
* {@inheritdoc}
*/
public function getResults($tagId)
{
$queryBuilder = $this->em->createQueryBuilder()->select('t.entityName', 't.recordId')->from('Oro\\Bundle\\TagBundle\\Entity\\Tagging', 't')->where('t.tag = :tag')->setParameter('tag', $tagId)->addGroupBy('t.entityName')->addGroupBy('t.recordId');
$this->securityProvider->applyAcl($queryBuilder, 't');
$originResults = $queryBuilder->getQuery()->getResult();
$results = [];
/** @var Tagging $item */
foreach ($originResults as $item) {
$entityName = $item['entityName'];
$results[] = new Item($this->em, $entityName, $item['recordId'], null, null, $this->mapper->getEntityConfig($entityName));
}
return new Result(new Query(), $results, count($results));
}
/**
* Adjust query for tag-results-grid (tag search result grid)
* after datasource has been built
*
* @param BuildAfter $event
*/
public function onBuildAfter(BuildAfter $event)
{
$datagrid = $event->getDatagrid();
$datasource = $datagrid->getDatasource();
if ($datasource instanceof OrmDatasource) {
$parameters = $datagrid->getParameters();
$queryBuilder = $datasource->getQueryBuilder();
$this->securityProvider->applyAcl($queryBuilder, 'tt');
$queryBuilder->setParameter('tag', $parameters->get('tag_id', 0));
$searchEntity = $parameters->get('from', '*');
if ($searchEntity != '*' && !empty($searchEntity)) {
$queryBuilder->andWhere('tt.alias = :alias')->setParameter('alias', $searchEntity);
}
}
}
/**
* Adjust query for tag-results-grid (tag search result grid)
* after datasource has been built
*
* @param BuildAfter $event
*/
public function onBuildAfter(BuildAfter $event)
{
$datagrid = $event->getDatagrid();
$datasource = $datagrid->getDatasource();
if ($datasource instanceof OrmDatasource) {
$parameters = $datagrid->getParameters();
$queryBuilder = $datasource->getQueryBuilder();
$this->securityProvider->applyAcl($queryBuilder, 'tt');
$queryBuilder->setParameter('tag', $parameters->get('tag_id', 0));
$from = $parameters->get('from', '');
if (strlen($from) > 0) {
try {
$entityClass = $this->entityAliasResolver->getClassByAlias($from);
$queryBuilder->andWhere('tt.entityName = :entityClass')->setParameter('entityClass', $entityClass);
} catch (EntityAliasNotFoundException $e) {
$queryBuilder->andWhere('1 = 0');
}
}
}
}
/**
* @param Tag $tag
*
* @return array [[cnt, entityClass]]
*/
protected function getGroupedTagEntities(Tag $tag)
{
$queryBuilder = $this->em->createQueryBuilder()->select('COUNT(t.id) AS cnt, t.entityName AS entityClass')->from('Oro\\Bundle\\TagBundle\\Entity\\Tagging', 't')->where('t.tag = :tag')->setParameter('tag', $tag)->addGroupBy('t.entityName');
$this->securityProvider->applyAcl($queryBuilder, 't');
return $queryBuilder->getQuery()->getResult();
}
protected function assertAclCall($qb)
{
$this->securityProvider->expects($this->once())->method('applyAcl')->with($qb, 'tt');
}
