/**
* @param string $function
* @param array $arguments
*
* @return mixed
*/
private function collectManagement($function, $arguments)
{
$this->stopwatch->start('acl.managements');
$result = call_user_func_array([$this->aclManager, $function], $arguments);
$periods = $this->stopwatch->stop('acl.managements')->getPeriods();
$oidType = 'Class' === substr($function, -5) ? AclIdentifierInterface::OID_TYPE_CLASS : AclIdentifierInterface::OID_TYPE_OBJECT;
if ('delete' === substr($function, 0, 6)) {
$permissions = null;
$oid = $this->aclIdentifier->getObjectIdentity($oidType, $arguments[0]);
$sid = null;
$field = null;
} else {
$permissions = $arguments[0];
$oid = $this->aclIdentifier->getObjectIdentity($oidType, $arguments[1]);
$sid = false !== strpos($function, 'Role') ? $this->aclIdentifier->getRoleSecurityIdentity($arguments[2]) : $this->aclIdentifier->getUserSecurityIdentity(isset($arguments[2]) ? $arguments[2] : null);
$field = isset($arguments[3]) ? $arguments[3] : null;
}
$this->managements[] = ['method' => $function, 'permissions' => (array) $permissions, 'oid' => $oid, 'sid' => $sid, 'field' => $field, 'time' => end($periods)->getDuration()];
return $result;
}
/**
* @param string $function
* @param array $arguments
*
* @return mixed
*/
private function collectCheck($function, array $arguments)
{
$this->stopwatch->start('acl.checks');
$result = call_user_func_array([$this->aclChecker, $function], $arguments);
$periods = $this->stopwatch->stop('acl.checks')->getPeriods();
$oidType = 'Class' === substr($function, -5) ? AclIdentifierInterface::OID_TYPE_CLASS : AclIdentifierInterface::OID_TYPE_OBJECT;
if ('is' === substr($function, 0, 2)) {
$attributes = $arguments[0];
$field = isset($arguments[2]) ? $arguments[2] : null;
$oid = $this->getObjectToSecure->invoke($this->aclChecker, $oidType, $arguments[1], $field);
$sid = $this->aclIdentifier->getUserSecurityIdentity();
} else {
$sid = 'role' === substr($function, 0, 4) ? $this->aclIdentifier->getRoleSecurityIdentity($arguments[0]) : $this->aclIdentifier->getUserSecurityIdentity($arguments[0]);
$attributes = $arguments[1];
$field = isset($arguments[3]) ? $arguments[3] : null;
$oid = $this->getObjectToSecure->invoke($this->aclChecker, $oidType, $arguments[2], $field);
}
$isFieldVote = $oid instanceof FieldVote;
$this->checks[] = ['method' => $function, 'result' => $result, 'attributes' => (array) $attributes, 'oid' => $isFieldVote ? $oid->getDomainObject() : $oid, 'sid' => $sid, 'field' => $isFieldVote ? $oid->getField() : null, 'time' => end($periods)->getDuration()];
return $result;
}
/**
* {@inheritdoc}
*/
public function revokeRoleOnObject($permissions, $object, $role, $field = null)
{
$this->revoke($this->aclIdentifier->getObjectIdentity(AclIdentifierInterface::OID_TYPE_OBJECT, $object), $this->aclIdentifier->getRoleSecurityIdentity($role), $permissions, AclIdentifierInterface::OID_TYPE_OBJECT, $field);
}
