/** * Remove a principal from a group. * * @param IPrincipal $principal * @param IGroup $group * @throws EyeUMException User not found or group not found. */ public function removeFromGroup(IPrincipal $principal, IGroup $group) { if (!$principal instanceof AbstractEyeosPrincipal) { throw new EyeInvalidArgumentException($principal); } if (!$group instanceof AbstractEyeosGroup) { throw new EyeInvalidArgumentException($group); } if ($principal instanceof IUser && $group->getId() == $principal->getPrimaryGroupId()) { $userExists = true; try { $this->getUserById($principal->getId()); } catch (EyeNoSuchUserException $e) { $userExists = false; } if ($userExists) { throw new EyeUnsupportedOperationException('Cannot unassign a user from its primary group, try updating instead.'); } } $assignation = new EyeosPrincipalGroupAssignation(); $assignation->setPrincipalId($principal->getId()); $assignation->setGroupId($group->getId()); $assignation = current($this->eyeosDAO->search($assignation)); SecurityManager::getInstance()->checkPermission($assignation, new SimplePermission($group->getName(), array('removeFromGroup'))); try { $this->eyeosDAO->delete($assignation); } catch (Exception $e) { throw new EyeUMException('Unable to remove principal "' . $principal->getName() . '" from group "' . $group->getName() . '".', 0, $e); } }