/** * Creates a new Role. * * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to create a role * @throws \eZ\Publish\API\Repository\Exceptions\InvalidArgumentException if the name of the role already exists or if limitation of the * same type is repeated in the policy create struct or if * limitation is not allowed on module/function * @throws \eZ\Publish\API\Repository\Exceptions\LimitationValidationException if a policy limitation in the $roleCreateStruct is not valid * * @param \eZ\Publish\API\Repository\Values\User\RoleCreateStruct $roleCreateStruct * * @return \eZ\Publish\API\Repository\Values\User\Role */ public function createRole(APIRoleCreateStruct $roleCreateStruct) { if (!is_string($roleCreateStruct->identifier) || empty($roleCreateStruct->identifier)) { throw new InvalidArgumentValue('identifier', $roleCreateStruct->identifier, 'RoleCreateStruct'); } if ($this->repository->hasAccess('role', 'create') !== true) { throw new UnauthorizedException('role', 'create'); } try { $existingRole = $this->loadRoleByIdentifier($roleCreateStruct->identifier); if ($existingRole !== null) { throw new InvalidArgumentException('roleCreateStruct', 'role with specified identifier already exists'); } } catch (APINotFoundException $e) { // Do nothing } $limitationValidationErrors = $this->validateRoleCreateStruct($roleCreateStruct); if (!empty($limitationValidationErrors)) { throw new LimitationValidationException($limitationValidationErrors); } $spiRole = $this->roleDomainMapper->buildPersistenceRoleObject($roleCreateStruct); $this->repository->beginTransaction(); try { $createdRole = $this->userHandler->createRole($spiRole); $this->repository->commit(); } catch (Exception $e) { $this->repository->rollback(); throw $e; } return $this->roleDomainMapper->buildDomainRoleObject($createdRole); }