/** * Ensure that only expected permissions are set. */ protected function _checkExistingPermissions($expectedDefaultPermissions) { $adapter = $this->_model->getResource()->getReadConnection(); $ruleSelect = $adapter->select()->from($this->_model->getResource()->getMainTable()); $rules = $ruleSelect->query()->fetchAll(); $this->assertEquals(1, count($rules)); $actualPermissions = []; foreach ($rules as $rule) { $actualPermissions[] = $rule['resource_id']; $this->assertEquals('allow', $rule['permission'], "Permission for '{$rule['resource_id']}' resource should be 'allow'"); } $this->assertEquals($expectedDefaultPermissions, $actualPermissions, 'Default permissions are invalid'); }
/** * Save ACL resources * * @param \Magento\User\Model\Rules $rule * @return void * @throws \Magento\Framework\Model\Exception */ public function saveRel(\Magento\User\Model\Rules $rule) { try { $adapter = $this->_getWriteAdapter(); $adapter->beginTransaction(); $roleId = $rule->getRoleId(); $condition = array('role_id = ?' => (int) $roleId); $adapter->delete($this->getMainTable(), $condition); $postedResources = $rule->getResources(); if ($postedResources) { $row = array('resource_id' => $this->_rootResource->getId(), 'privileges' => '', 'role_id' => $roleId, 'permission' => 'allow'); // If all was selected save it only and nothing else. if ($postedResources === array($this->_rootResource->getId())) { $insertData = $this->_prepareDataForTable(new \Magento\Framework\Object($row), $this->getMainTable()); $adapter->insert($this->getMainTable(), $insertData); } else { $acl = $this->_aclBuilder->getAcl(); /** @var $resource \Magento\Framework\Acl\Resource */ foreach ($acl->getResources() as $resourceId) { $row['permission'] = in_array($resourceId, $postedResources) ? 'allow' : 'deny'; $row['resource_id'] = $resourceId; $insertData = $this->_prepareDataForTable(new \Magento\Framework\Object($row), $this->getMainTable()); $adapter->insert($this->getMainTable(), $insertData); } } } $adapter->commit(); $this->_aclCache->clean(); } catch (\Magento\Framework\Model\Exception $e) { $adapter->rollBack(); throw $e; } catch (\Exception $e) { $adapter->rollBack(); $this->_logger->logException($e); } }