/** * Adds a new policy to the role. * * @deprecated since 6.0, use {@see addPolicyByRoleDraft} * * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to add a policy * @throws \eZ\Publish\API\Repository\Exceptions\InvalidArgumentException if limitation of the same type is repeated in policy create * struct or if limitation is not allowed on module/function * @throws \eZ\Publish\API\Repository\Exceptions\LimitationValidationException if a limitation in the $policyCreateStruct is not valid * * @param \eZ\Publish\API\Repository\Values\User\Role $role * @param \eZ\Publish\API\Repository\Values\User\PolicyCreateStruct $policyCreateStruct * * @return \eZ\Publish\API\Repository\Values\User\Role */ public function addPolicy(APIRole $role, APIPolicyCreateStruct $policyCreateStruct) { $values = $this->requestParser->parse('role', $role->id); $inputMessage = $this->outputVisitor->visit($policyCreateStruct); $inputMessage->headers['Accept'] = $this->outputVisitor->getMediaType('Policy'); $result = $this->client->request('POST', $this->requestParser->generate('policies', array('role' => $values['role'])), $inputMessage); $createdPolicy = $this->inputDispatcher->parse($result); // @todo Workaround for missing roleId in Policy XSD definition $createdPolicyArray = array('id' => $createdPolicy->id, 'roleId' => $role->id, 'module' => $createdPolicy->module, 'function' => $createdPolicy->function); $createdPolicy = new Policy($createdPolicyArray); $existingPolicies = $role->getPolicies(); $existingPolicies[] = $createdPolicy; return new Role(array('id' => $role->id, 'identifier' => $role->identifier), $existingPolicies); }
/** * Instantiates a role stub instance. * * @param array $properties * @param \eZ\Publish\API\Repository\Values\User\Policy[] $policies */ public function __construct(array $properties = array(), array $policies = array()) { parent::__construct($properties); $this->policies = $policies; }
/** * Magic isset for routing isset calls to innerRole. * * @param string $property * * @return bool */ public function __isset($property) { return $this->innerRole->__isset($property); }
/** * Returns the list of policies of this role. * * @return \eZ\Publish\API\Repository\Values\User\PolicyDraft[] */ public function getPolicies() { return $this->innerRole->getPolicies(); }
/** * Test for the updatePolicy() method. * * @param \eZ\Publish\API\Repository\Values\User\Role $role * * @return void * @see \eZ\Publish\API\Repository\RoleService::updatePolicy() * @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testUpdatePolicyUpdatesLimitations */ public function testUpdatePolicyUpdatesRole($role) { $limitations = array(); foreach ($role->getPolicies() as $policy) { foreach ($policy->getLimitations() as $limitation) { $limitations[] = $limitation; } } $this->assertCount(1, $limitations); $this->assertInstanceOf("\\eZ\\Publish\\API\\Repository\\Values\\User\\Limitation", $limitations[0]); $expectedData = array('limitationValues' => array(29, 30)); $this->assertPropertiesCorrectUnsorted($expectedData, $limitations[0]); }
/** * removes a policy from the role * * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to remove a policy * * @param \eZ\Publish\API\Repository\Values\User\Role $role * @param \eZ\Publish\API\Repository\Values\User\Policy $policy the policy to remove from the role * * @return \eZ\Publish\API\Repository\Values\User\Role the updated role */ public function removePolicy(Role $role, Policy $policy) { if (false === $this->repository->hasAccess('role', '*')) { throw new UnauthorizedExceptionStub('What error code should be used?'); } $policies = array(); foreach ($role->getPolicies() as $rolePolicy) { if ($rolePolicy->id !== $policy->id) { $policies[] = $rolePolicy; } } unset($this->policies[$policy->id], $this->role2policy[$role->id][$policy->id]); $this->roles[$role->id] = new RoleStub(array('id' => $role->id, 'identifier' => $role->identifier), $policies); return $this->roles[$role->id]; }