/**
* Sets the permissions for the object with the given class and id for the given security identity.
*
* @param string $type The name of the class to protect
* @param string $identifier
* @param $permissions
*/
public function setPermissions($type, $identifier, $permissions)
{
foreach ($permissions as $roleId => $rolePermissions) {
$accessControl = $this->accessControlRepository->findByTypeAndIdAndRole($type, $identifier, $roleId);
if ($accessControl) {
$accessControl->setPermissions($this->maskConverter->convertPermissionsToNumber($rolePermissions));
} else {
$role = $this->roleRepository->findRoleById($roleId);
$accessControl = new AccessControl();
$accessControl->setPermissions($this->maskConverter->convertPermissionsToNumber($rolePermissions));
$accessControl->setRole($role);
$accessControl->setEntityId($identifier);
$accessControl->setEntityClass($type);
$this->objectManager->persist($accessControl);
}
}
$this->objectManager->flush();
}
public function testGetPermissions()
{
$roleIdReflection = new \ReflectionProperty(BaseRole::class, 'id');
$roleIdReflection->setAccessible(true);
$role1 = new Role();
$roleIdReflection->setValue($role1, 1);
$role2 = new Role();
$roleIdReflection->setValue($role2, 2);
$this->maskConverter->convertPermissionsToArray(64)->willReturn(['view' => true, 'edit' => false]);
$this->maskConverter->convertPermissionsToArray(96)->willReturn(['view' => true, 'edit' => true]);
$accessControl1 = new AccessControl();
$accessControl1->setPermissions(64);
$accessControl1->setRole($role1);
$accessControl2 = new AccessControl();
$accessControl2->setPermissions(96);
$accessControl2->setRole($role2);
$accessControls = [$accessControl1, $accessControl2];
$this->accessControlRepository->findByTypeAndId('AcmeBundle\\Example', 1)->willReturn($accessControls);
$this->assertEquals($this->doctrineAccessControlProvider->getPermissions('AcmeBundle\\Example', 1), [1 => ['view' => true, 'edit' => false], 2 => ['view' => true, 'edit' => true]]);
}
