public function setRole(Model\CMS\Entity\Role $role)
{
if (!$role->canBeDeleted()) {
throw new Model\CMS\ProtectedRoleException('This role cannot be removed.');
}
$this->role = $role;
return $this;
}
public function deny(Entity\Role $role, Entity\Permission $permission)
{
if ($role->hasReadOnlyPermissions()) {
throw new Zax\Security\ForbiddenRequestException('This role has read-only permissions.');
}
$acl = $this->getBy(['role.id' => $role->id, 'permission.id' => $permission->id]);
if ($acl === NULL) {
$acl = $this->create();
$acl->role = $role;
$acl->permission = $permission;
}
$acl->allow = FALSE;
$this->persist($acl);
return $acl;
}
public function __construct(Kdyby\Doctrine\EntityManager $entityManager)
{
parent::__construct($entityManager);
$this->entityClassName = Entity\Role::getClassName();
}
