/**
* @expectedException \Oro\Bundle\EntityBundle\Exception\InvalidEntityException
*/
public function testGetOwnerNoGetOwnerAndNoOwnerField()
{
$metadataProvider = new OwnershipMetadataProviderStub($this);
$accessor = new EntityOwnerAccessor(new EntityClassAccessor(), $metadataProvider);
$obj = new \stdClass();
$metadataProvider->setMetadata(get_class($obj), new OwnershipMetadata('ORGANIZATION', 'owner', 'owner_id'));
$accessor->getOwner($obj);
}
public function testGetOrganization()
{
$metadataProvider = new OwnershipMetadataProviderStub($this);
$accessor = new EntityOwnerAccessor($metadataProvider);
$org = new \stdClass();
$obj = new TestEntity(1, null, $org);
$metadataProvider->setMetadata(get_class($obj), new OwnershipMetadata(null, null, null, 'organization'));
$this->assertSame($org, $accessor->getOrganization($obj));
}
/**
* Process form after data is set and remove/disable owner field depending on permissions
*
* @param FormEvent $event
*/
public function preSetData(FormEvent $event)
{
$form = $event->getForm();
if ($form->getParent()) {
return;
}
$entity = $event->getData();
if (is_object($entity) && $entity->getId()) {
$permission = 'ASSIGN';
$this->checkIsGranted($permission, $entity);
$owner = $this->entityOwnerAccessor->getOwner($entity);
$dataClassName = ClassUtils::getClass($entity);
$metadata = $this->getMetadata($dataClassName);
if ($metadata) {
if ($form->has($this->fieldName)) {
$form->remove($this->fieldName);
}
if ($this->isAssignGranted) {
if ($metadata->isBasicLevelOwned()) {
$this->addUserOwnerField($form, $dataClassName, $permission, $owner, $entity->getId());
} elseif ($metadata->isLocalLevelOwned()) {
$this->addBusinessUnitOwnerField($form, $this->getCurrentUser(), $dataClassName);
}
}
}
}
}
/**
* Gets owner of the given domain object
*
* @param object $domainObject
* @return object
* @throws InvalidDomainObjectException
*/
protected function getOwner($domainObject)
{
try {
return $this->entityOwnerAccessor->getOwner($domainObject);
} catch (InvalidEntityException $ex) {
throw new InvalidDomainObjectException($ex->getMessage(), 0, $ex);
}
}
/**
* Check organization. If user try to access entity what was created in organization this user do not have access -
* deny access. We should check organization for all the entities what have ownership
* (USER, BUSINESS_UNIT, ORGANIZATION ownership types)
*
* @param mixed $object
* @param OrganizationContextTokenInterface $securityToken
* @return bool
*/
protected function isAccessDeniedByOrganizationContext($object, OrganizationContextTokenInterface $securityToken)
{
try {
// try to get entity organization value
$objectOrganization = $this->entityOwnerAccessor->getOrganization($object);
// check entity organization with current organization
if ($objectOrganization && $objectOrganization->getId() !== $securityToken->getOrganizationContext()->getId()) {
return true;
}
} catch (InvalidEntityException $e) {
// in case if entity has no organization field (none ownership type)
}
return false;
}
/**
* Check organization. If user try to access entity what was created in organization this user do not have access -
* deny access. We should check organization for all the entities what have ownership
* (USER, BUSINESS_UNIT, ORGANIZATION ownership types)
*
* @param int $result
* @return int
*/
protected function checkOrganizationContext($result)
{
$object = $this->object;
$token = $this->securityToken;
if ($token instanceof OrganizationContextTokenInterface && $result === self::ACCESS_GRANTED && $this->extension instanceof EntityAclExtension && is_object($object) && !$object instanceof ObjectIdentity) {
try {
// try to get entity organization value
$objectOrganization = $this->entityOwnerAccessor->getOrganization($object);
// check entity organization with current organization
if ($objectOrganization && $objectOrganization->getId() !== $token->getOrganizationContext()->getId()) {
$result = self::ACCESS_DENIED;
}
} catch (InvalidEntityException $e) {
// in case if entity has no organization field (none ownership type)
return $result;
}
}
return $result;
}
/**
* @param object $entity
*
* @return null|object
*/
public function getEntityOwner($entity)
{
return $this->ownerAccessor->getOwner($entity);
}
