/**
* Deletes the given security identity.
*
* @param SID $sid
*/
public function deleteSid(SID $sid)
{
if ($this->isAclEnabled()) {
if ($sid instanceof RoleSecurityIdentity) {
/**
* Marking removed Role as Disabled instead of delete, because straight deleting role identity breaks
* ace indexes
* TODO: Create a job to remove marked role identities and rebuild ace indexes
*/
$disabledSid = new RoleSecurityIdentity($sid->getRole() . uniqid(self::ROLE_DISABLED_FLAG));
$this->aclProvider->updateSecurityIdentity($disabledSid, $sid->getRole());
} else {
$this->aclProvider->deleteSecurityIdentity($sid);
}
}
}
/**
* @dataProvider deleteSecurityIdentityProvider
*/
public function testDeleteSecurityIdentity(SecurityIdentityInterface $sid, $sql)
{
$this->connection->expects($this->once())->method('executeQuery')->with($this->equalTo($sql));
$this->provider->deleteSecurityIdentity($sid);
}