/**
* Creates a new Role.
*
* @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to create a role
* @throws \eZ\Publish\API\Repository\Exceptions\InvalidArgumentException if the name of the role already exists or if limitation of the
* same type is repeated in the policy create struct or if
* limitation is not allowed on module/function
* @throws \eZ\Publish\API\Repository\Exceptions\LimitationValidationException if a policy limitation in the $roleCreateStruct is not valid
*
* @param \eZ\Publish\API\Repository\Values\User\RoleCreateStruct $roleCreateStruct
*
* @return \eZ\Publish\API\Repository\Values\User\Role
*/
public function createRole(APIRoleCreateStruct $roleCreateStruct)
{
if (!is_string($roleCreateStruct->identifier) || empty($roleCreateStruct->identifier)) {
throw new InvalidArgumentValue('identifier', $roleCreateStruct->identifier, 'RoleCreateStruct');
}
if ($this->repository->hasAccess('role', 'create') !== true) {
throw new UnauthorizedException('role', 'create');
}
try {
$existingRole = $this->loadRoleByIdentifier($roleCreateStruct->identifier);
if ($existingRole !== null) {
throw new InvalidArgumentException('roleCreateStruct', 'role with specified identifier already exists');
}
} catch (APINotFoundException $e) {
// Do nothing
}
$limitationValidationErrors = $this->validateRoleCreateStruct($roleCreateStruct);
if (!empty($limitationValidationErrors)) {
throw new LimitationValidationException($limitationValidationErrors);
}
$spiRole = $this->roleDomainMapper->buildPersistenceRoleObject($roleCreateStruct);
$this->repository->beginTransaction();
try {
$createdRole = $this->userHandler->createRole($spiRole);
$this->repository->commit();
} catch (Exception $e) {
$this->repository->rollback();
throw $e;
}
return $this->roleDomainMapper->buildDomainRoleObject($createdRole);
}
