/** * Get an array of Role names granted to the user that permit the requested * action on the given OwnedEntity. If the user has no roles that * permit the requested action, then return an empty array. * <p> * Supported actions: EDIT_OBJECT, NGI_ADD_SITE, GRANT_ROLE, REJECT_ROLE, REVOKE_ROLE * * @param string $action * @param \OwnedEntity $entity * @param \User $callingUser * @return array of RoleName values * @throws LogicException If unsupported enitity type or action is passed */ public function authorizeAction($action, \OwnedEntity $entity, \User $callingUser) { $siteService = new \org\gocdb\services\Site(); $siteService->setEntityManager($this->em); $ngiService = new \org\gocdb\services\NGI(); $ngiService->setEntityManager($this->em); $sgService = new \org\gocdb\services\ServiceGroup(); $sgService->setEntityManager($this->em); $projectService = new \org\gocdb\services\Project(); $projectService->setEntityManager($this->em); if ($entity instanceof \NGI) { $grantingRoles = $ngiService->authorizeAction($action, $entity, $callingUser); } else { if ($entity instanceof \Site) { $grantingRoles = $siteService->authorizeAction($action, $entity, $callingUser); } else { if ($entity instanceof \Project) { $grantingRoles = $projectService->authorizeAction($action, $entity, $callingUser); } else { if ($entity instanceof \ServiceGroup) { $grantingRoles = $sgService->authorizeAction($action, $entity, $callingUser); } else { throw new \LogicException('Unsuppored OwnedEntity type'); } } } } return $grantingRoles; }