/**
* @param string
* @param int
* @return object|NULL
* @throws BadRequestException
*/
private function findById($entityName, $id)
{
$entity = $this->em->find($entityName, $id);
if ($entity === NULL) {
throw new BadRequestException('Entity "' . $entityName . '" with id = "' . $id . '" was not found.');
}
return $entity;
}
public function update($entityClass, array $items)
{
$position = 1;
foreach ($items as $id) {
$entity = $this->em->find($entityClass, $id);
$entity->setPosition($position * 10);
$this->em->persist($entity);
$position++;
}
$this->em->flush();
}
public function renderDefault($id)
{
if (!is_null($id)) {
$search = $this->em->find(Search::getClassName(), $id);
if (!$search) {
$this->flashMessage('Data not found for this id', 'error');
$this->redirect('Homepage:');
}
} else {
$this->flashMessage('Data not found for this id', 'error');
}
$this->template->search = $search;
}
/**
* @param array $values
* @return Role
* @throws RoleAlreadyExistsException
* @throws RoleMissingException
*/
public function createRole(array $values)
{
$parentRole = null;
if ($values['parent'] !== null) {
$parentRole = $this->em->find(Role::class, $values['parent']);
if ($parentRole === null) {
throw new RoleMissingException();
}
}
$role = new Role($values['name'], $parentRole);
$role = $this->em->safePersist($role);
if ($role === false) {
throw new RoleAlreadyExistsException();
}
$this->onSuccessRoleCreation($role);
return $role;
}
/**
* @param array $values
* @param Page|null $page
* @return Page
* @throws PagePublicationTimeException
* @throws PagePublicationTimeMissingException
* @throws UrlAlreadyExistsException
* @throws LocaleNotFoundException
* @throws PageTitleAlreadyExistsException
* @throws PageIntroHtmlLengthException
* @throws \Exception
*/
public function save(array $values, Page $page = null)
{
foreach ($values as $k => $v) {
$values[$k] = $v === '' ? null : $v;
}
if ($values['publishedAt'] === null and $values['saveAsDraft'] === false) {
throw new PagePublicationTimeMissingException();
}
$values['author'] = $this->em->find(User::class, $values['author']->getId());
try {
if ($page !== null and $page->getId() !== null) {
$wasDraft = $page->isDraft();
$hadOpenedComments = $page->getAllowedComments();
$this->updatePage($page, $values);
$this->onSuccessPageEditing($page);
} else {
$wasDraft = true;
$hadOpenedComments = true;
$page = $this->createNewPage($values, $page);
$this->onSuccessPageCreation($page);
}
if ($wasDraft !== $page->isDraft() and $wasDraft === true) {
$this->onPageRelease($page);
}
if ($hadOpenedComments !== $page->getAllowedComments()) {
if ($hadOpenedComments === true) {
$this->onPageCommentsClosure($page);
} else {
$this->onPageCommentsOpening($page);
}
}
} catch (UrlAlreadyExistsException $u) {
$this->closeEntityManager();
throw $u;
} catch (PageTitleAlreadyExistsException $p) {
$this->closeEntityManager();
throw $p;
} catch (\Exception $e) {
$this->closeEntityManager();
throw $e;
}
return $page;
}
/**
* @param $roleId
* @param ValidationObject $validationObject
* @return Role
*/
private function getRole($roleId, ValidationObject $validationObject)
{
/** @var Role $role */
$role = $this->em->find(Role::class, $roleId);
if ($role === null) {
//throw new RoleMissingException;
$validationObject->addError('users.user.form.messages.missingRole', FlashMessage::WARNING);
}
return $role;
}
/**
* @param Role $role
* @param array $permissionDefinitions
* @throws DBALException
* @throws \Exception
*/
public function save(Role $role, array $permissionDefinitions)
{
$resources = $this->em->createQuery('SELECT r FROM ' . Resource::class . ' r INDEX BY r.id')->execute();
$privileges = $this->em->createQuery('SELECT p FROM ' . Privilege::class . ' p INDEX BY p.id')->execute();
try {
$this->em->beginTransaction();
$this->em->createQuery('DELETE ' . Permission::class . ' p
WHERE p.role = :role')->execute(['role' => $role->getId()]);
$parentRole = null;
if ($role->hasParent()) {
/** @var Role $parentRole */
$parentRole = $this->em->find(Role::class, $role->getParentId());
}
foreach ($permissionDefinitions as $definition => $isAllowed) {
$isAllowed = (bool) $isAllowed;
$x = explode('-', $definition);
// eg. 1-3
/** @var \Users\Authorization\Resource $resource */
$resource = $resources[$x[0]];
/** @var Privilege $privilege */
$privilege = $privileges[$x[1]];
// check Users\Authorization\Authorizator ACL assembling
// Role without parent
// privilege: allowed -> must be in database
// privilege: denied -> does NOT have to be in database
// Role with parent (all depths)
/*
------------------------------------------------------------
parent | descendant | should be persisted?
------------------------------------------------------------
allowed allowed NO
allowed denied YES
denied denied NO
denied allowed YES
------------------------------------------------------------
We save records where permission and denial differ
*/
if ($parentRole !== null) {
// has parent
if ($this->authorizator->isAllowed($parentRole, $resource->getName(), $privilege->getName()) === $isAllowed) {
continue;
}
} else {
// doesn't have parent
if ($isAllowed === false) {
continue;
}
}
$permission = new Permission($role, $resource, $privilege, $isAllowed);
$this->em->persist($permission);
}
$this->em->flush();
$this->em->commit();
$this->cache->remove('acl');
$this->onSuccessRolePermissionsEditing($role);
} catch (\Exception $e) {
$this->em->rollback();
$this->em->close();
// todo log error
throw new $e();
}
}
/**
* Find entity by ID.
* @param string $entityName
* @param int $id
* @return object
*/
protected function findById($entityName, $id)
{
return $this->entityManager->find($entityName, $id);
}
