/** * @inheritdoc */ public function visit(TreeNodeInterface $node, &$data) { $struct = $this->roleService->newRoleCreateStruct(''); $this->fillValueObject($struct, $data); if (isset($data['policies'])) { foreach ($data['policies'] as $policyStruct) { $struct->addPolicy($policyStruct); } } $this->roleService->createRole($struct); }
/** * Parse input structure. * * @param array $data * @param \eZ\Publish\Core\REST\Common\Input\ParsingDispatcher $parsingDispatcher * * @return \eZ\Publish\API\Repository\Values\User\RoleCreateStruct */ public function parse(array $data, ParsingDispatcher $parsingDispatcher) { // Since RoleInput is used both for creating and updating role and identifier is not // required when updating role, we need to rely on PAPI to throw the exception on missing // identifier when creating a role // @todo Bring in line with XSD which says that identifier is required always $roleIdentifier = null; if (array_key_exists('identifier', $data)) { $roleIdentifier = $data['identifier']; } $roleCreateStruct = $this->roleService->newRoleCreateStruct($roleIdentifier); return $roleCreateStruct; }
/** * Checks if the passed value is valid. * * @param mixed $value The value that should be validated * @param Constraint $constraint The constraint for the validation * * @api */ public function validate($value, Constraint $constraint) { if (!$value instanceof RoleData) { return; } try { $role = $this->roleService->loadRoleByIdentifier($value->identifier); // It is of course OK to edit a draft of an existing Role :-) if ($role->id === $value->roleDraft->id) { return; } $this->context->buildViolation($constraint->message)->atPath('identifier')->setParameter('%identifier%', $value->identifier)->addViolation(); } catch (NotFoundException $e) { // Do nothing } }
public function deletePolicyAction(Request $request, $roleId, $policyId) { $role = $this->roleService->loadRole($roleId); $deleteForm = $this->createForm(new PolicyDeleteType(), ['policyId' => $policyId, 'roleId' => $roleId]); $deleteForm->handleRequest($request); if ($deleteForm->isValid()) { try { $roleDraft = $this->roleService->loadRoleDraftByRoleId($roleId); } catch (NotFoundException $e) { // The draft doesn't exist, let's create one $roleDraft = $this->roleService->createRoleDraft($role); } $foundPolicy = false; /** @var PolicyDraft $policy */ foreach ($roleDraft->getPolicies() as $policy) { if ($policy->originalId == $policyId) { $foundPolicy = true; break; } } if (!$foundPolicy) { throw new BadRequestHttpException($this->translator->trans('role.error.policy_not_found', ['%policyId%' => $policyId, '%roleId%' => $roleId], 'role')); } $this->roleService->removePolicyByRoleDraft($roleDraft, $policy); $this->roleService->publishRoleDraft($roleDraft); $this->notify('role.policy.deleted', ['%roleIdentifier%' => $role->identifier, '%policyId%' => $policyId], 'role'); } elseif ($deleteForm->isSubmitted()) { $this->notifyError('role.policy.error.delete', ['%roleIdentifier%' => $role->identifier, '%policyId%' => $policyId], 'role'); } return $this->redirectToRouteAfterFormPost('admin_roleView', ['roleId' => $roleId]); }
/** * Parse input structure * * @param array $data * @param \eZ\Publish\Core\REST\Common\Input\ParsingDispatcher $parsingDispatcher * * @return \eZ\Publish\API\Repository\Values\User\PolicyUpdateStruct */ public function parse(array $data, ParsingDispatcher $parsingDispatcher) { $policyUpdate = $this->roleService->newPolicyUpdateStruct(); // @todo XSD says that limitations field is mandatory, but // it needs to be possible to remove limitations from policy if (array_key_exists('limitations', $data)) { if (!is_array($data['limitations'])) { throw new Exceptions\Parser("Invalid format for 'limitations' in PolicyUpdate."); } if (!isset($data['limitations']['limitation']) || !is_array($data['limitations']['limitation'])) { throw new Exceptions\Parser("Invalid format for 'limitations' in PolicyUpdate."); } foreach ($data['limitations']['limitation'] as $limitationData) { $policyUpdate->addLimitation($this->parserTools->parseLimitation($limitationData)); } } return $policyUpdate; }
public function processRemoveDraft(FormActionEvent $event) { /** @var \EzSystems\RepositoryForms\Data\Role\PolicyCreateData|\EzSystems\RepositoryForms\Data\Role\PolicyUpdateData $data */ $data = $event->getData(); if (!$data->isNew()) { $this->roleService->removePolicyByRoleDraft($data->roleDraft, $data->policyDraft); } $this->roleService->deleteRoleDraft($data->roleDraft); }
public function processRemoveDraft(FormActionEvent $event) { /** @var RoleDraft $roleDraft */ $roleDraft = $event->getData()->roleDraft; // Redirect response will be different if we're dealing with an existing Role, // or a newly created one which has been discarded. try { // This will throw a NotFoundException if a published version doesn't exist for this Role. $this->roleService->loadRole($roleDraft->id); $response = new FormProcessingDoneResponse($this->router->generate('admin_roleView', ['roleId' => $roleDraft->id])); } catch (NotFoundException $e) { // RoleDraft was newly created, but then discarded. // Redirect to the role list view. $response = new FormProcessingDoneResponse($this->router->generate('admin_roleList')); } $event->setResponse($response); $this->notify('role.notification.draft_removed', [], 'role'); }
/** * Deletes a role. * * @param Request $request * @param int $roleId Role ID * * @return \Symfony\Component\HttpFoundation\Response */ public function deleteRoleAction(Request $request, $roleId) { $role = $this->roleService->loadRole($roleId); $deleteForm = $this->createForm(new RoleDeleteType(), ['roleId' => $roleId]); $deleteForm->handleRequest($request); if ($deleteForm->isValid()) { $this->roleService->deleteRole($role); $this->notify('role.deleted', ['%roleIdentifier%' => $role->identifier], 'role'); } elseif ($deleteForm->isSubmitted()) { $this->notifyError('role.error.delete', ['%roleIdentifier%' => $role->identifier], 'role'); } return $this->redirectToRouteAfterFormPost('admin_roleList'); }
/** * Deletes a role assignment. * * @param Request $request * @param int $roleAssignmentId Role assignment ID * * @return \Symfony\Component\HttpFoundation\Response */ public function deleteRoleAssignmentAction(Request $request, $roleAssignmentId) { $roleAssignment = $this->roleService->loadRoleAssignment($roleAssignmentId); $deleteForm = $this->createForm(new RoleAssignmentDeleteType(), ['assignmentId' => $roleAssignmentId]); $deleteForm->handleRequest($request); if ($deleteForm->isValid()) { $this->roleService->removeRoleAssignment($roleAssignment); $this->notify('role.assignment.deleted', [], 'role'); } elseif ($deleteForm->isSubmitted()) { $this->notifyError('role.assignment.error.delete', [], 'role'); } return $this->redirectToRouteAfterFormPost('admin_roleView', ['roleId' => $roleAssignment->role->id]); }
/** * Parse input structure * * @param array $data * @param \eZ\Publish\Core\REST\Common\Input\ParsingDispatcher $parsingDispatcher * * @return \eZ\Publish\API\Repository\Values\User\PolicyCreateStruct */ public function parse(array $data, ParsingDispatcher $parsingDispatcher) { if (!array_key_exists('module', $data)) { throw new Exceptions\Parser("Missing 'module' attribute for PolicyCreate."); } if (!array_key_exists('function', $data)) { throw new Exceptions\Parser("Missing 'function' attribute for PolicyCreate."); } $policyCreate = $this->roleService->newPolicyCreateStruct($data['module'], $data['function']); // @todo XSD says that limitations is mandatory, // but polices can be created without limitations if (array_key_exists('limitations', $data)) { if (!is_array($data['limitations'])) { throw new Exceptions\Parser("Invalid format for 'limitations' in PolicyCreate."); } if (!isset($data['limitations']['limitation']) || !is_array($data['limitations']['limitation'])) { throw new Exceptions\Parser("Invalid format for 'limitations' in PolicyCreate."); } foreach ($data['limitations']['limitation'] as $limitationData) { $policyCreate->addLimitation($this->parserTools->parseLimitation($limitationData)); } } return $policyCreate; }
/** * Loads a list of user groups assigned to role * * @return \eZ\Publish\Core\REST\Server\Values\RestUserGroup[] */ public function loadUserGroupsAssignedToRole() { $role = $this->roleService->loadRole($this->requestParser->parseHref($this->request->query->get('roleId'), 'roleId')); $roleAssignments = $this->roleService->getRoleAssignments($role); $restUserGroups = array(); foreach ($roleAssignments as $roleAssignment) { if ($roleAssignment instanceof UserGroupRoleAssignment) { $userGroup = $roleAssignment->getUserGroup(); $userGroupContentInfo = $userGroup->getVersionInfo()->getContentInfo(); $userGroupLocation = $this->locationService->loadLocation($userGroupContentInfo->mainLocationId); $contentType = $this->contentTypeService->loadContentType($userGroupContentInfo->contentTypeId); $restUserGroups[] = new Values\RestUserGroup($userGroup, $contentType, $userGroupContentInfo, $userGroupLocation, $this->contentService->loadRelations($userGroup->getVersionInfo())); } } return $restUserGroups; }
/** * Lets you select a section which will be used as limitation when assigning the role. * * @param Request $request * @param int $roleId Role ID * * @return \Symfony\Component\HttpFoundation\Response */ public function assignRoleBySectionLimitationAction(Request $request, $roleId) { return $this->render('eZPlatformUIBundle:Role:assign_role_by_section.html.twig', ['role' => $this->roleService->loadRole($roleId), 'sections' => $this->sectionService->loadSections(), 'can_assign' => $this->isGranted(new Attribute('role', 'assign'))]); }
/** * Search all policies which are applied to a given user * * @return \eZ\Publish\Core\REST\Server\Values\PolicyList */ public function listPoliciesForUser() { return new Values\PolicyList($this->roleService->loadPoliciesByUserId($this->request->query->get('userId')), $this->request->getPathInfo()); }
public function processRemoveDraft(FormActionEvent $event) { /** @var RoleDraft $roleDraft */ $roleDraft = $event->getData()->roleDraft; $this->roleService->deleteRoleDraft($roleDraft); }
/** * Add new policies to the $role Role. * * @param \eZ\Publish\API\Repository\Values\User\Role $role * @param \eZ\Publish\API\Repository\RoleService $roleService * @param array $policy */ private function addPolicy(Role $role, RoleService $roleService, array $policy) { $policyCreateStruct = $roleService->newPolicyCreateStruct($policy['module'], $policy['function']); if (array_key_exists('limitations', $policy)) { foreach ($policy['limitations'] as $limitation) { $limitationObject = $this->createLimitation($roleService, $limitation); $policyCreateStruct->addLimitation($limitationObject); } } $roleService->addPolicy($role, $policyCreateStruct); }
/** * Returns the LimitationType's assigned to a given module/function. * * Typically used for: * - Internal validation limitation value use on Policies * - Role admin gui for editing policy limitations incl list limitation options via valueSchema() * * @param string $module Legacy name of "controller", it's a unique identifier like "content" * @param string $function Legacy name of a controller "action", it's a unique within the controller like "read" * * @return \eZ\Publish\SPI\Limitation\Type[] * * @throws \eZ\Publish\API\Repository\Exceptions\BadStateException If module/function to limitation type mapping * refers to a non existing identifier. */ public function getLimitationTypesByModuleFunction($module, $function) { return $this->service->getLimitationTypesByModuleFunction($module, $function); }
public function processRemoveDraft(FormActionEvent $event) { $this->roleService->deleteRoleDraft($this->getRoleDraft($event)); }