コード例 #1
0
ファイル: AclRoleHandler.php プロジェクト: Maksold/platform
 /**
  * @param AbstractRole $role
  */
 protected function processPrivileges(AbstractRole $role)
 {
     $decodedPrivileges = json_decode($this->form->get('privileges')->getData(), true);
     $formPrivileges = [];
     foreach ($this->privilegeConfig as $fieldName => $config) {
         $privilegesArray = $decodedPrivileges[$fieldName];
         $privileges = [];
         foreach ($privilegesArray as $privilege) {
             $aclPrivilege = new AclPrivilege();
             foreach ($privilege['permissions'] as $name => $permission) {
                 $aclPrivilege->addPermission(new AclPermission($permission['name'], $permission['accessLevel']));
             }
             $aclPrivilegeIdentity = new AclPrivilegeIdentity($privilege['identity']['id'], $privilege['identity']['name']);
             $aclPrivilege->setIdentity($aclPrivilegeIdentity);
             $privileges[] = $aclPrivilege;
         }
         if ($config['fix_values']) {
             $this->fxPrivilegeValue($privileges, $config['default_value']);
         }
         $formPrivileges = array_merge($formPrivileges, $privileges);
     }
     array_walk($formPrivileges, function (AclPrivilege $privilege) {
         $privilege->setGroup($this->getAclGroup());
     });
     $this->privilegeRepository->savePrivileges($this->aclManager->getSid($role), new ArrayCollection($formPrivileges));
     $this->aclCache->clearCache();
 }
コード例 #2
0
ファイル: AclRoleHandler.php プロジェクト: xamin123/platform
 /**
  * @param Role $role
  */
 protected function processPrivileges(Role $role)
 {
     $formPrivileges = array();
     foreach ($this->privilegeConfig as $fieldName => $config) {
         $privileges = $this->form->get($fieldName)->getData();
         if ($config['fix_values']) {
             $this->fxPrivilegeValue($privileges, $config['default_value']);
         }
         $formPrivileges = array_merge($formPrivileges, $privileges);
     }
     $this->privilegeRepository->savePrivileges($this->aclManager->getSid($role), new ArrayCollection($formPrivileges));
 }
コード例 #3
0
 public function testProcessPrivileges()
 {
     $request = new Request();
     $request->setMethod('POST');
     $role = new AccountUserRole('TEST');
     $roleSecurityIdentity = new RoleSecurityIdentity($role);
     $appendForm = $this->getMock('Symfony\\Component\\Form\\FormInterface');
     $appendForm->expects($this->once())->method('getData')->willReturn([]);
     $removeForm = $this->getMock('Symfony\\Component\\Form\\FormInterface');
     $removeForm->expects($this->once())->method('getData')->willReturn([]);
     $firstEntityPrivilege = $this->createPrivilege('entity', 'entity:FirstClass', 'VIEW');
     $secondEntityPrivilege = $this->createPrivilege('entity', 'entity:SecondClass', 'VIEW');
     $entityForm = $this->getMock('Symfony\\Component\\Form\\FormInterface');
     $entityForm->expects($this->once())->method('getData')->willReturn([$firstEntityPrivilege, $secondEntityPrivilege]);
     $actionPrivilege = $this->createPrivilege('action', 'action', 'random_action');
     $actionForm = $this->getMock('Symfony\\Component\\Form\\FormInterface');
     $actionForm->expects($this->once())->method('getData')->willReturn([$actionPrivilege]);
     $form = $this->getMock('Symfony\\Component\\Form\\FormInterface');
     $form->expects($this->once())->method('submit')->with($request);
     $form->expects($this->once())->method('isValid')->willReturn(true);
     $form->expects($this->any())->method('get')->willReturnMap([['appendUsers', $appendForm], ['removeUsers', $removeForm], ['entity', $entityForm], ['action', $actionForm]]);
     $this->formFactory->expects($this->once())->method('create')->willReturn($form);
     $objectManager = $this->getMock('Doctrine\\Common\\Persistence\\ObjectManager');
     $this->managerRegistry->expects($this->any())->method('getManagerForClass')->with(get_class($role))->willReturn($objectManager);
     $expectedFirstEntityPrivilege = $this->createPrivilege('entity', 'entity:FirstClass', 'VIEW');
     $expectedFirstEntityPrivilege->setGroup(AccountUser::SECURITY_GROUP);
     $expectedSecondEntityPrivilege = $this->createPrivilege('entity', 'entity:SecondClass', 'VIEW');
     $expectedSecondEntityPrivilege->setGroup(AccountUser::SECURITY_GROUP);
     $expectedActionPrivilege = $this->createPrivilege('action', 'action', 'random_action');
     $expectedActionPrivilege->setGroup(AccountUser::SECURITY_GROUP);
     $this->privilegeRepository->expects($this->once())->method('savePrivileges')->with($roleSecurityIdentity, new ArrayCollection([$expectedFirstEntityPrivilege, $expectedSecondEntityPrivilege, $expectedActionPrivilege]));
     $this->aclManager->expects($this->any())->method('getSid')->with($role)->willReturn($roleSecurityIdentity);
     $this->chainMetadataProvider->expects($this->once())->method('startProviderEmulation')->with(FrontendOwnershipMetadataProvider::ALIAS);
     $this->chainMetadataProvider->expects($this->once())->method('stopProviderEmulation');
     $handler = new AccountUserRoleHandler($this->formFactory, $this->privilegeConfig);
     $handler->setManagerRegistry($this->managerRegistry);
     $handler->setAclPrivilegeRepository($this->privilegeRepository);
     $handler->setAclManager($this->aclManager);
     $handler->setChainMetadataProvider($this->chainMetadataProvider);
     $handler->setRequest($request);
     $handler->createForm($role);
     $handler->process($role);
 }
コード例 #4
0
 public function testSavePrivilegesForExistingRole()
 {
     $extensionKey = 'test';
     $rootOid = new ObjectIdentity($extensionKey, ObjectIdentityFactory::ROOT_IDENTITY_TYPE);
     $class3Ace = $this->getAce(self::getMask(array('VIEW_BASIC', 'CREATE_BASIC')));
     $privileges = new ArrayCollection();
     $privileges[] = self::getPrivilege('test:(root)', array('VIEW' => AccessLevel::SYSTEM_LEVEL, 'CREATE' => AccessLevel::BASIC_LEVEL, 'EDIT' => AccessLevel::NONE_LEVEL));
     $privileges[] = self::getPrivilege('test:Acme\\Class1', array('VIEW' => AccessLevel::SYSTEM_LEVEL, 'CREATE' => AccessLevel::BASIC_LEVEL, 'EDIT' => AccessLevel::NONE_LEVEL));
     $privileges[] = self::getPrivilege('test:Acme\\Class2', array('VIEW' => AccessLevel::SYSTEM_LEVEL, 'CREATE' => AccessLevel::SYSTEM_LEVEL, 'EDIT' => AccessLevel::NONE_LEVEL));
     $privileges[] = self::getPrivilege('test:Acme\\Class3', array('VIEW' => AccessLevel::SYSTEM_LEVEL, 'CREATE' => AccessLevel::BASIC_LEVEL, 'EDIT' => AccessLevel::NONE_LEVEL));
     $sid = $this->getMock('Symfony\\Component\\Security\\Acl\\Model\\SecurityIdentityInterface');
     $this->initSavePrivileges($extensionKey, $rootOid);
     $this->setExpectationsForGetAces(array('test:Acme\\Class3' => array($class3Ace)));
     $this->setExpectationsForSetPermission($sid, array('test:(root)' => array('VIEW_SYSTEM', 'CREATE_BASIC'), 'test:Acme\\Class2' => array('VIEW_SYSTEM', 'CREATE_SYSTEM')));
     $this->setExpectationsForDeletePermission($sid, array('test:Acme\\Class3' => array('VIEW_BASIC', 'CREATE_BASIC')));
     $this->repository->savePrivileges($sid, $privileges);
     $this->validateExpectationsForGetAces();
     $this->validateExpectationsForSetPermission();
     $this->validateExpectationsForDeletePermission();
 }