/** * Validates Policies and Limitations in Role create struct. * * @uses validatePolicy() * * @param \eZ\Publish\API\Repository\Values\User\RoleCreateStruct $roleCreateStruct * * @return \eZ\Publish\Core\FieldType\ValidationError[][][] */ protected function validateRoleCreateStruct(APIRoleCreateStruct $roleCreateStruct) { $allErrors = array(); foreach ($roleCreateStruct->getPolicies() as $key => $policyCreateStruct) { $errors = $this->validatePolicy($policyCreateStruct->module, $policyCreateStruct->function, $policyCreateStruct->getLimitations()); if (!empty($errors)) { $allErrors[$key] = $errors; } } return $allErrors; }
/** * Instantiates a role create class. * * @param string $name */ public function __construct($name) { parent::__construct(array('identifier' => $name)); }
/** * Add policy to a new role. * * @param \eZ\Publish\API\Repository\Values\User\RoleCreateStruct $roleCreateStruct * @param string $module * @param string $function * @param \eZ\Publish\API\Repository\Values\User\Limitation[] $limitations */ protected function addPolicyToNewRole(RoleCreateStruct $roleCreateStruct, $module, $function, array $limitations) { $roleService = $this->getRepository()->getRoleService(); $policyCreateStruct = $roleService->newPolicyCreateStruct($module, $function); foreach ($limitations as $limitation) { $policyCreateStruct->addLimitation($limitation); } $roleCreateStruct->addPolicy($policyCreateStruct); }
/** * Creates SPI Role create struct from provided API role create struct. * * @param \eZ\Publish\API\Repository\Values\User\RoleCreateStruct $roleCreateStruct * * @return \eZ\Publish\SPI\Persistence\User\RoleCreateStruct */ public function buildPersistenceRoleCreateStruct(APIRoleCreateStruct $roleCreateStruct) { $policiesToCreate = array(); foreach ($roleCreateStruct->getPolicies() as $policyCreateStruct) { $policiesToCreate[] = $this->buildPersistencePolicyObject($policyCreateStruct->module, $policyCreateStruct->function, $policyCreateStruct->getLimitations()); } return new SPIRoleCreateStruct(array('identifier' => $roleCreateStruct->identifier, 'policies' => $policiesToCreate)); }
/** * Creates a new Role * * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to create a role * @throws \eZ\Publish\API\Repository\Exceptions\InvalidArgumentException if the name of the role already exists * * @param \eZ\Publish\API\Repository\Values\User\RoleCreateStruct $roleCreateStruct * * @return \eZ\Publish\API\Repository\Values\User\Role */ public function createRole(RoleCreateStruct $roleCreateStruct) { if (false === $this->repository->hasAccess('role', '*')) { throw new UnauthorizedExceptionStub('What error code should be used?'); } if (isset($this->nameToRoleId[$roleCreateStruct->identifier])) { throw new InvalidArgumentExceptionStub('What error code should be used?'); } $role = new RoleStub(array('id' => ++$this->nextRoleId, 'identifier' => $roleCreateStruct->identifier)); $this->roles[$role->id] = $role; $this->nameToRoleId[$role->identifier] = $role->id; foreach ($roleCreateStruct->getPolicies() as $policy) { $role = $this->addPolicy($role, $policy); } return $role; }