/**
* {@inheritdoc}
*/
public function execute(LoggerInterface $logger)
{
if ($this->aclProvider) {
$logger->info($this->buildDescription());
$this->aclProvider->deleteAclClass($this->oid);
}
}
/**
* Deletes the given security identity.
*
* @param SID $sid
*/
public function deleteSid(SID $sid)
{
if ($this->isAclEnabled()) {
if ($sid instanceof RoleSecurityIdentity) {
/**
* Marking removed Role as Disabled instead of delete, because straight deleting role identity breaks
* ace indexes
* TODO: Create a job to remove marked role identities and rebuild ace indexes
*/
$disabledSid = new RoleSecurityIdentity($sid->getRole() . uniqid(self::ROLE_DISABLED_FLAG));
$this->aclProvider->updateSecurityIdentity($disabledSid, $sid->getRole());
} else {
$this->aclProvider->deleteSecurityIdentity($sid);
}
}
}
/**
* Gets an ACL for the given ObjectIdentity.
* If an ACL does not exist $createAclIfNotExist sets to true a new ACL will be created.
*
* @param OID $oid
* @param bool|null $ifNotExist Define what should be done if ACL does not exist. Defaults to null.
* If null this method returns null if ACL does not exist.
* If false this method throws AclNotFoundException if ACL does not exist.
* If true this method creates new ACL if ACL does not exist.
* @return ACL
* @throws AclNotFoundException
*/
protected function getAcl(OID $oid, $ifNotExist = null)
{
$key = $this->getKey($oid);
if (isset($this->items[$key])) {
$item = $this->items[$key];
// make sure that a new ACL has a correct state
if ($ifNotExist === true && $item->getAcl() === null && $item->getState() === BatchItem::STATE_NONE) {
$item->setState(BatchItem::STATE_CREATE);
}
return $item->getAcl();
}
$acl = null;
$state = BatchItem::STATE_NONE;
try {
// We need clear ACL cache before finding ACL because it is possible that
// non valid empty ACL is cached by MutableAclProvider::cacheEmptyAcl() method
$this->aclProvider->clearOidCache($oid);
$acl = $this->aclProvider->findAcl($oid);
} catch (AclNotFoundException $ex) {
if ($ifNotExist === true) {
$state = BatchItem::STATE_CREATE;
} elseif ($ifNotExist === false) {
throw $ex;
}
}
$this->items[$key] = new BatchItem($oid, $state, $acl);
return $acl;
}
/**
* @dataProvider updateSecurityIdentityNoChangesProvider
* @expectedException \InvalidArgumentException
*/
public function testUpdateSecurityIdentityShouldThrowInvalidArgumentException(SecurityIdentityInterface $sid, $oldName)
{
$this->provider->updateSecurityIdentity($sid, $oldName);
}