/**
* Remove a principal from a group.
*
* @param IPrincipal $principal
* @param IGroup $group
* @throws EyeUMException User not found or group not found.
*/
public function removeFromGroup(IPrincipal $principal, IGroup $group)
{
if (!$principal instanceof AbstractEyeosPrincipal) {
throw new EyeInvalidArgumentException($principal);
}
if (!$group instanceof AbstractEyeosGroup) {
throw new EyeInvalidArgumentException($group);
}
if ($principal instanceof IUser && $group->getId() == $principal->getPrimaryGroupId()) {
$userExists = true;
try {
$this->getUserById($principal->getId());
} catch (EyeNoSuchUserException $e) {
$userExists = false;
}
if ($userExists) {
throw new EyeUnsupportedOperationException('Cannot unassign a user from its primary group, try updating instead.');
}
}
$assignation = new EyeosPrincipalGroupAssignation();
$assignation->setPrincipalId($principal->getId());
$assignation->setGroupId($group->getId());
$assignation = current($this->eyeosDAO->search($assignation));
SecurityManager::getInstance()->checkPermission($assignation, new SimplePermission($group->getName(), array('removeFromGroup')));
try {
$this->eyeosDAO->delete($assignation);
} catch (Exception $e) {
throw new EyeUMException('Unable to remove principal "' . $principal->getName() . '" from group "' . $group->getName() . '".', 0, $e);
}
}
