public function deletePolicyAction(Request $request, $roleId, $policyId)
{
$role = $this->roleService->loadRole($roleId);
$deleteForm = $this->createForm(new PolicyDeleteType(), ['policyId' => $policyId, 'roleId' => $roleId]);
$deleteForm->handleRequest($request);
if ($deleteForm->isValid()) {
try {
$roleDraft = $this->roleService->loadRoleDraftByRoleId($roleId);
} catch (NotFoundException $e) {
// The draft doesn't exist, let's create one
$roleDraft = $this->roleService->createRoleDraft($role);
}
$foundPolicy = false;
/** @var PolicyDraft $policy */
foreach ($roleDraft->getPolicies() as $policy) {
if ($policy->originalId == $policyId) {
$foundPolicy = true;
break;
}
}
if (!$foundPolicy) {
throw new BadRequestHttpException($this->translator->trans('role.error.policy_not_found', ['%policyId%' => $policyId, '%roleId%' => $roleId], 'role'));
}
$this->roleService->removePolicyByRoleDraft($roleDraft, $policy);
$this->roleService->publishRoleDraft($roleDraft);
$this->notify('role.policy.deleted', ['%roleIdentifier%' => $role->identifier, '%policyId%' => $policyId], 'role');
} elseif ($deleteForm->isSubmitted()) {
$this->notifyError('role.policy.error.delete', ['%roleIdentifier%' => $role->identifier, '%policyId%' => $policyId], 'role');
}
return $this->redirectToRouteAfterFormPost('admin_roleView', ['roleId' => $roleId]);
}
public function processRemoveDraft(FormActionEvent $event)
{
/** @var RoleDraft $roleDraft */
$roleDraft = $event->getData()->roleDraft;
// Redirect response will be different if we're dealing with an existing Role,
// or a newly created one which has been discarded.
try {
// This will throw a NotFoundException if a published version doesn't exist for this Role.
$this->roleService->loadRole($roleDraft->id);
$response = new FormProcessingDoneResponse($this->router->generate('admin_roleView', ['roleId' => $roleDraft->id]));
} catch (NotFoundException $e) {
// RoleDraft was newly created, but then discarded.
// Redirect to the role list view.
$response = new FormProcessingDoneResponse($this->router->generate('admin_roleList'));
}
$event->setResponse($response);
$this->notify('role.notification.draft_removed', [], 'role');
}
/**
* Un-assigns role from user group
*
* @param $groupPath
* @param $roleId
*
* @return \eZ\Publish\Core\REST\Server\Values\RoleAssignmentList
*/
public function unassignRoleFromUserGroup($groupPath, $roleId)
{
$groupLocationParts = explode('/', $groupPath);
$groupLocation = $this->locationService->loadLocation(array_pop($groupLocationParts));
$userGroup = $this->userService->loadUserGroup($groupLocation->contentId);
$role = $this->roleService->loadRole($roleId);
$this->roleService->unassignRoleFromUserGroup($role, $userGroup);
$roleAssignments = $this->roleService->getRoleAssignmentsForUserGroup($userGroup);
return new Values\RoleAssignmentList($roleAssignments, $groupPath, true);
}
/**
* Deletes a role.
*
* @param Request $request
* @param int $roleId Role ID
*
* @return \Symfony\Component\HttpFoundation\Response
*/
public function deleteRoleAction(Request $request, $roleId)
{
$role = $this->roleService->loadRole($roleId);
$deleteForm = $this->createForm(new RoleDeleteType(), ['roleId' => $roleId]);
$deleteForm->handleRequest($request);
if ($deleteForm->isValid()) {
$this->roleService->deleteRole($role);
$this->notify('role.deleted', ['%roleIdentifier%' => $role->identifier], 'role');
} elseif ($deleteForm->isSubmitted()) {
$this->notifyError('role.error.delete', ['%roleIdentifier%' => $role->identifier], 'role');
}
return $this->redirectToRouteAfterFormPost('admin_roleList');
}
/**
* Loads a list of user groups assigned to role
*
* @return \eZ\Publish\Core\REST\Server\Values\RestUserGroup[]
*/
public function loadUserGroupsAssignedToRole()
{
$role = $this->roleService->loadRole($this->requestParser->parseHref($this->request->query->get('roleId'), 'roleId'));
$roleAssignments = $this->roleService->getRoleAssignments($role);
$restUserGroups = array();
foreach ($roleAssignments as $roleAssignment) {
if ($roleAssignment instanceof UserGroupRoleAssignment) {
$userGroup = $roleAssignment->getUserGroup();
$userGroupContentInfo = $userGroup->getVersionInfo()->getContentInfo();
$userGroupLocation = $this->locationService->loadLocation($userGroupContentInfo->mainLocationId);
$contentType = $this->contentTypeService->loadContentType($userGroupContentInfo->contentTypeId);
$restUserGroups[] = new Values\RestUserGroup($userGroup, $contentType, $userGroupContentInfo, $userGroupLocation, $this->contentService->loadRelations($userGroup->getVersionInfo()));
}
}
return $restUserGroups;
}
/**
* Loads a role for the given id.
*
* @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to read this role
* @throws \eZ\Publish\API\Repository\Exceptions\NotFoundException if a role with the given name was not found
*
* @param mixed $id
*
* @return \eZ\Publish\API\Repository\Values\User\Role
*/
public function loadRole($id)
{
return $this->service->loadRole($id);
}
/**
* Lets you select a section which will be used as limitation when assigning the role.
*
* @param Request $request
* @param int $roleId Role ID
*
* @return \Symfony\Component\HttpFoundation\Response
*/
public function assignRoleBySectionLimitationAction(Request $request, $roleId)
{
return $this->render('eZPlatformUIBundle:Role:assign_role_by_section.html.twig', ['role' => $this->roleService->loadRole($roleId), 'sections' => $this->sectionService->loadSections(), 'can_assign' => $this->isGranted(new Attribute('role', 'assign'))]);
}
