/** * Checks if the entity can have comments * * @param object|null $entity * * @return bool */ public function isApplicable($entity) { if (!is_object($entity) || !$this->doctrineHelper->isManageableEntity($entity) || !$this->securityFacade->isGranted('oro_comment_view')) { return false; } return $this->commentAssociationHelper->isCommentAssociationEnabled(ClassUtils::getClass($entity)); }
/** * Check ACL based on acl_resource_id, route or uri. * * @param array $options */ protected function processAcl(array &$options = array()) { $needCheck = (!isset($options['check_access']) || $options['check_access'] === true) && $this->securityFacade->hasLoggedUser(); $isAllowed = self::DEFAULT_ACL_POLICY; if (array_key_exists(self::ACL_RESOURCE_ID_KEY, $options)) { if (array_key_exists($options[self::ACL_RESOURCE_ID_KEY], $this->aclCache)) { $isAllowed = $this->aclCache[$options[self::ACL_RESOURCE_ID_KEY]]; } else { if ($needCheck) { $isAllowed = $this->securityFacade->isGranted($options[self::ACL_RESOURCE_ID_KEY]); } $this->aclCache[$options[self::ACL_RESOURCE_ID_KEY]] = $isAllowed; } } else { $routeInfo = $this->getRouteInfo($options); if ($routeInfo) { if (array_key_exists($routeInfo['key'], $this->aclCache)) { $isAllowed = $this->aclCache[$routeInfo['key']]; } else { if ($needCheck) { $isAllowed = $this->securityFacade->isClassMethodGranted($routeInfo['controller'], $routeInfo['action']); } $this->aclCache[$routeInfo['key']] = $isAllowed; } } } $options['extras']['isAllowed'] = $isAllowed; }
/** * @param ConfigureMenuEvent $event */ public function onNavigationConfigure(ConfigureMenuEvent $event) { $menu = $event->getMenu(); $children = array(); $entitiesMenuItem = $menu->getChild('system_tab')->getChild('entities_list'); if ($entitiesMenuItem) { /** @var ConfigProvider $entityConfigProvider */ $entityConfigProvider = $this->configManager->getProvider('entity'); /** @var ConfigProvider $entityExtendProvider */ $entityExtendProvider = $this->configManager->getProvider('extend'); $extendConfigs = $entityExtendProvider->getConfigs(); foreach ($extendConfigs as $extendConfig) { if ($this->checkAvailability($extendConfig)) { $config = $entityConfigProvider->getConfig($extendConfig->getId()->getClassname()); if (!class_exists($config->getId()->getClassName()) || !$this->securityFacade->hasLoggedUser() || !$this->securityFacade->isGranted('VIEW', 'entity:' . $config->getId()->getClassName())) { continue; } $children[$config->get('label')] = array('label' => $this->translator->trans($config->get('label')), 'options' => array('route' => 'oro_entity_index', 'routeParameters' => array('entityName' => str_replace('\\', '_', $config->getId()->getClassName())), 'extras' => array('safe_label' => true, 'routes' => array('oro_entity_*')))); } } sort($children); foreach ($children as $child) { $entitiesMenuItem->addChild($child['label'], $child['options']); } } }
/** * Get last operations data * * @param array $types * * @return array */ public function getLastOperationsData(array $types) { $types = array_filter($types, function ($type) { return $this->securityFacade->isGranted(sprintf('pim_importexport_%s_execution_show', $type)); }); return $this->repository->getLastOperationsData($types); }
/** * {@inheritdoc} */ public function beforeProcess($entity) { //check owner (Contact) entity with 'edit' permission if (!$this->securityFacade->isGranted('EDIT', $entity->getOwner())) { throw new AccessDeniedException(); } }
/** * Process form * * @param mixed $entity * * @return mixed|null The instance of saved entity on successful processing; otherwise, null */ public function process($entity) { if ($this->securityFacade->isGranted('EDIT', $entity)) { return parent::process($entity); } return null; }
/** * {@inheritdoc} */ public function checkPermissions($entity, ObjectManager $em) { $loggedUserId = $this->securityFacade->getLoggedUserId(); if ($loggedUserId && $loggedUserId == $entity->getId()) { throw new ForbiddenException('self delete'); } }
/** * @param object $object * @param int $depth * @param bool $ignoreAcl * @param Organization|null $organization * * @return Recipient[] */ public function getRecipients($object, $depth = 1, $ignoreAcl = false, Organization $organization = null) { $recipients = []; if ($this->isAccessDenyForOrganization($object, $ignoreAcl, $organization)) { return $recipients; } if (!$depth || ($ignoreAcl || !$this->securityFacade->isGranted('VIEW', $object))) { if (!$depth || $this->securityFacade->getLoggedUser() !== $object) { return $recipients; } } $className = ClassUtils::getClass($object); $metadata = $this->getMetadata($className); $attributes = $this->initAttributes($className, $metadata); foreach ($metadata->associationMappings as $name => $assoc) { if (in_array('Oro\\Bundle\\EmailBundle\\Entity\\EmailInterface', class_implements($assoc['targetEntity']), true)) { $attributes[] = new EmailAttribute($name, true); } else { if ($depth > 1) { $assocObject = $this->getPropertyAccessor()->getValue($object, $name); if (!$assocObject instanceof \Traversable && !is_array($assocObject)) { if ($assocObject) { $assocObject = [$assocObject]; } else { $assocObject = []; } } foreach ($assocObject as $obj) { $recipients = array_merge($recipients, $this->getRecipients($obj, $depth - 1, false, $organization)); } } } } return array_merge($recipients, $this->createRecipientsFromEmails($this->createEmailsFromAttributes($attributes, $object), $object, $metadata)); }
/** * @param ConfigureMenuEvent $event */ public function onNavigationConfigure(ConfigureMenuEvent $event) { /** @var ItemInterface $reportsMenuItem */ $reportsMenuItem = $event->getMenu()->getChild('reports_tab'); if ($reportsMenuItem && $this->securityFacade->hasLoggedUser()) { $qb = $this->em->getRepository('OroReportBundle:Report')->createQueryBuilder('report')->orderBy('report.name', 'ASC'); $reports = $this->aclHelper->apply($qb)->execute(); if (!empty($reports)) { $this->addDivider($reportsMenuItem); $reportMenuData = []; foreach ($reports as $report) { $config = $this->entityConfigProvider->getConfig($report->getEntity()); if ($this->checkAvailability($config)) { $entityLabel = $config->get('plural_label'); if (!isset($reportMenuData[$entityLabel])) { $reportMenuData[$entityLabel] = []; } $reportMenuData[$entityLabel][$report->getId()] = $report->getName(); } } ksort($reportMenuData); $this->buildReportMenu($reportsMenuItem, $reportMenuData); } } }
/** * Options: * - grid_name - name of grid that will be used for entity selection * - grid_parameters - parameters need to be passed to grid request * - grid_render_parameters - render parameters need to be set for grid rendering * - existing_entity_grid_id - grid row field name used as entity identifier * - create_enabled - enables new entity creation * - create_acl - ACL resource used to determine that create is allowed, by default CREATE for entity used * - create_form_route - route name for creation form * - create_form_route_parameters - route parameters for create_form_route_parameters * * {@inheritDoc} */ public function setDefaultOptions(OptionsResolverInterface $resolver) { $resolver->setDefaults(['existing_entity_grid_id' => 'id', 'create_enabled' => true, 'create_acl' => null, 'create_form_route' => null, 'create_form_route_parameters' => [], 'grid_name' => null, 'grid_parameters' => [], 'grid_render_parameters' => []]); $resolver->setNormalizers(['create_enabled' => function (Options $options, $createEnabled) { $createRouteName = $options->get('create_form_route'); $createEnabled = $createEnabled && !empty($createRouteName); if ($createEnabled) { $aclName = $options->get('create_acl'); if (empty($aclName)) { $aclObjectName = 'Entity:' . $options->get('entity_class'); $createEnabled = $this->securityFacade->isGranted('CREATE', $aclObjectName); } else { $createEnabled = $this->securityFacade->isGranted($aclName); } } return $createEnabled; }, 'grid_name' => function (Options $options, $gridName) { if (!empty($gridName)) { return $gridName; } $formConfig = $this->configManager->getProvider('form')->getConfig($options->get('entity_class')); if ($formConfig->has('grid_name')) { return $formConfig->get('grid_name'); } throw new InvalidConfigurationException('The option "grid_name" must be set.'); }]); }
/** * Sets default data for create integrations form * * @param FormEvent $event */ public function postSet(FormEvent $event) { $data = $event->getData(); if ($data && !$data->getId() && !$data->getDefaultUserOwner() || null === $data) { $event->getForm()->get('defaultUserOwner')->setData($this->securityFacade->getLoggedUser()); } }
/** * Validate configs nad fill default values * * @param DatagridConfiguration $config */ public function processConfigs(DatagridConfiguration $config) { $configItems = $config->offsetGetOr(Configuration::BASE_CONFIG_KEY, []); $configuration = new Configuration(Configuration::BASE_CONFIG_KEY); $normalizedConfigItems = $this->validateConfiguration($configuration, [Configuration::BASE_CONFIG_KEY => $configItems]); $isGranted = $this->securityFacade->isGranted('EDIT', 'entity:' . $configItems['entity_name']); //according to ACL disable inline editing for the whole grid if (!$isGranted) { $normalizedConfigItems[Configuration::CONFIG_KEY_ENABLE] = false; } // replace config values by normalized, extra keys passed directly $resultConfigItems = array_replace_recursive($configItems, $normalizedConfigItems); if (is_null($resultConfigItems['save_api_accessor']['default_route_parameters']['className'])) { $resultConfigItems['save_api_accessor']['default_route_parameters']['className'] = $this->entityClassNameHelper->getUrlSafeClassName($configItems['entity_name']); } $config->offsetSet(Configuration::BASE_CONFIG_KEY, $resultConfigItems); //add inline editing where it is possible, do not use ACL, because additional parameters for columns needed $columns = $config->offsetGetOr(FormatterConfiguration::COLUMNS_KEY, []); $blackList = $configuration->getBlackList(); foreach ($columns as $columnName => &$column) { if (!in_array($columnName, $blackList)) { $newColumn = $this->guesser->getColumnOptions($columnName, $configItems['entity_name'], $column); //frontend type key must not be replaced with default value $typeKey = PropertyInterface::FRONTEND_TYPE_KEY; if (!empty($newColumn[$typeKey])) { $column[$typeKey] = $newColumn[$typeKey]; } $column = array_replace_recursive($newColumn, $column); } } $config->offsetSet(FormatterConfiguration::COLUMNS_KEY, $columns); }
/** * @SuppressWarnings(PHPMD.ExcessiveMethodLength) */ protected function setUp() { $this->em = $this->getMockBuilder('Doctrine\\ORM\\EntityManager')->disableOriginalConstructor()->getMock(); $this->doctrineHelper = $this->getMockBuilder('Oro\\Bundle\\EntityBundle\\ORM\\DoctrineHelper')->disableOriginalConstructor()->getMock(); $this->mailer = $this->getMockBuilder('Oro\\Bundle\\EmailBundle\\Mailer\\DirectMailer')->disableOriginalConstructor()->getMock(); $this->mailerTransport = $this->getMockBuilder('\\Swift_Transport_EsmtpTransport')->disableOriginalConstructor()->getMock(); $this->mailer->expects($this->any())->method('getTransport')->will($this->returnValue($this->mailerTransport)); $this->emailEntityBuilder = $this->getMockBuilder('Oro\\Bundle\\EmailBundle\\Builder\\EmailEntityBuilder')->disableOriginalConstructor()->getMock(); $this->emailOwnerProvider = $this->getMockBuilder('Oro\\Bundle\\EmailBundle\\Entity\\Provider\\EmailOwnerProvider')->disableOriginalConstructor()->getMock(); $this->dispatcher = $this->getMockBuilder('Symfony\\Component\\EventDispatcher\\EventDispatcherInterface')->disableOriginalConstructor()->getMock(); $this->emailActivityManager = $this->getMockBuilder('Oro\\Bundle\\EmailBundle\\Entity\\Manager\\EmailActivityManager')->disableOriginalConstructor()->getMock(); $this->securityFacade = $this->getMockBuilder('Oro\\Bundle\\SecurityBundle\\SecurityFacade')->setMethods(['getLoggedUser', 'getOrganization'])->disableOriginalConstructor()->getMock(); $this->emailOriginHelper = $this->getMockBuilder('Oro\\Bundle\\EmailBundle\\Tools\\EmailOriginHelper')->setMethods(['setEmailModel', 'findEmailOrigin'])->disableOriginalConstructor()->getMock(); $this->userEmailOrigin = $this->getMockBuilder('Oro\\Bundle\\ImapBundle\\Entity\\UserEmailOrigin')->disableOriginalConstructor()->getMock(); $this->userEmailOrigin->expects($this->any())->method('getSmtpHost')->will($this->returnValue('abc')); $this->userEmailOrigin->expects($this->any())->method('getSmtpPort')->will($this->returnValue(25)); $this->securityFacadeLink = $this->getMockBuilder('Oro\\Bundle\\EntityConfigBundle\\DependencyInjection\\Utils\\ServiceLink')->setMethods(['getService'])->disableOriginalConstructor()->getMock(); $this->securityFacadeLink->expects($this->any())->method('getService')->will($this->returnValue($this->securityFacade)); $this->securityFacade->expects($this->any())->method('getOrganization')->will($this->returnValue($this->getTestOrganization())); $this->doctrineHelper->expects($this->any())->method('getEntityManager')->with('OroEmailBundle:Email')->will($this->returnValue($this->em)); $folder = $this->getMockBuilder('Oro\\Bundle\\EmailBundle\\Entity\\EmailFolder')->disableOriginalConstructor()->getMock(); $this->userEmailOrigin->expects($this->any())->method('getFolder')->with(FolderType::SENT)->will($this->returnValue($folder)); $emailOriginRepo = $this->getMockBuilder('Doctrine\\ORM\\EntityRepository')->disableOriginalConstructor()->getMock(); $emailOriginRepo->expects($this->any())->method('findOneBy')->with(['internalName' => InternalEmailOrigin::BAP])->will($this->returnValue($this->userEmailOrigin)); $this->em->expects($this->any())->method('getRepository')->with('OroEmailBundle:InternalEmailOrigin')->will($this->returnValue($emailOriginRepo)); $this->emailProcessor = new Processor($this->doctrineHelper, $this->mailer, new EmailAddressHelper(), $this->emailEntityBuilder, $this->emailOwnerProvider, $this->emailActivityManager, $this->securityFacadeLink, $this->dispatcher, new Mcrypt(), $this->emailOriginHelper); }
/** * @param OrmResultBefore $event */ public function onResultBefore(OrmResultBefore $event) { // listener logic is applied only to frontend part of application if ($this->securityFacade->getLoggedUser() instanceof User) { return; } $config = $event->getDatagrid()->getConfig(); $query = $event->getQuery(); /** @var Subselect|SelectStatement $select */ $select = $query->getAST(); $fromClause = $select instanceof SelectStatement ? $select->fromClause : $select->subselectFromClause; $skipAclCheck = true; /** @var IdentificationVariableDeclaration $identificationVariableDeclaration */ foreach ($fromClause->identificationVariableDeclarations as $identificationVariableDeclaration) { $entityName = $identificationVariableDeclaration->rangeVariableDeclaration->abstractSchemaName; $metadata = $this->metadataProvider->getMetadata($entityName); if ($metadata->hasOwner()) { $skipAclCheck = false; break; } } if ($skipAclCheck) { $config->offsetSetByPath(Builder::DATASOURCE_SKIP_ACL_CHECK, true); } }
/** * {@inheritdoc} */ public function isAllowed() { if (!$this->acl) { return true; } return $this->securityFacade->hasLoggedUser() && $this->securityFacade->isGranted($this->acl); }
/** * @param EmailTemplate $template * * @return Closure */ protected function createExistingEntityQueryBuilder(EmailTemplate $template) { return function (EmailTemplateRepository $repository) use($template) { $qb = $repository->createQueryBuilder('e'); return $qb->orderBy('e.name', 'ASC')->andWhere('e.entityName = :entityName OR e.entityName IS NULL')->andWhere("e.organization = :organization")->andWhere($qb->expr()->orX($qb->expr()->eq('e.visible', ':visible'), $qb->expr()->eq('e.id', ':id')))->setParameter('entityName', Email::ENTITY_CLASS)->setParameter('organization', $this->securityFacade->getOrganization())->setParameter('id', $template->getId())->setParameter('visible', true); }; }
/** * {@inheritDoc} * @throws \Doctrine\DBAL\ConnectionException */ protected function onSuccess(AbstractRole $role, array $appendUsers, array $removeUsers) { // TODO: When task BB-1046 will be done, remove method removeOriginalRoleFromUsers. // In method addNewRoleToUsers before addRole add method removeRole($role). Also needs delete flush; /** @var AccountUserRole $role */ if ($role->getId()) { /** @var AccountUserRoleRepository $roleRepository */ $roleRepository = $this->doctrineHelper->getEntityRepository($role); $this->appendUsers = $roleRepository->getAssignedUsers($role); } $this->loggedAccountUser = $this->securityFacade->getLoggedUser(); /** @var EntityManager $manager */ $manager = $this->managerRegistry->getManagerForClass(ClassUtils::getClass($this->loggedAccountUser)); $connection = $manager->getConnection(); $connection->setTransactionIsolation(Connection::TRANSACTION_REPEATABLE_READ); $connection->beginTransaction(); try { $this->removeOriginalRoleFromUsers($role, $manager); AclRoleHandler::onSuccess($this->newRole, $appendUsers, $removeUsers); $this->addNewRoleToUsers($role, $manager, $appendUsers, $removeUsers); $manager->flush(); $connection->commit(); } catch (\Exception $e) { $connection->rollBack(); throw $e; } }
/** * {@inheritdoc} */ public function addEntityFields(FormBuilderInterface $builder) { // user fields $builder->addEventSubscriber(new UserSubscriber($builder->getFormFactory(), $this->security)); $this->setDefaultUserFields($builder); if ($this->securityFacade->isGranted('oro_user_role_view')) { $builder->add('roles', 'entity', ['property_path' => 'rolesCollection', 'label' => 'oro.user.roles.label', 'class' => 'OroUserBundle:Role', 'property' => 'label', 'query_builder' => function (EntityRepository $er) { return $er->createQueryBuilder('r')->where('r.role <> :anon')->setParameter('anon', User::ROLE_ANONYMOUS)->orderBy('r.label'); }, 'multiple' => true, 'expanded' => true, 'required' => !$this->isMyProfilePage, 'read_only' => $this->isMyProfilePage, 'disabled' => $this->isMyProfilePage, 'translatable_options' => false]); } if ($this->securityFacade->isGranted('oro_user_group_view')) { $builder->add('groups', 'entity', ['label' => 'oro.user.groups.label', 'class' => 'OroUserBundle:Group', 'property' => 'name', 'multiple' => true, 'expanded' => true, 'required' => false, 'read_only' => $this->isMyProfilePage, 'disabled' => $this->isMyProfilePage, 'translatable_options' => false]); } if ($this->securityFacade->isGranted('oro_organization_view') && $this->securityFacade->isGranted('oro_business_unit_view')) { $builder->add('organizations', 'oro_organizations_select', ['required' => false, 'label' => 'oro.user.form.access_settings.label']); } $builder->add('plainPassword', 'repeated', ['label' => 'oro.user.password.label', 'type' => 'password', 'required' => true, 'first_options' => ['label' => 'oro.user.password.label'], 'second_options' => ['label' => 'oro.user.password_re.label']])->add('emails', 'collection', ['label' => 'oro.user.emails.label', 'type' => 'oro_user_email', 'allow_add' => true, 'allow_delete' => true, 'by_reference' => false, 'prototype' => true, 'prototype_name' => 'tag__name__']); if ($this->userConfigManager->get('oro_imap.enable_google_imap')) { $builder->add('imapAccountType', 'oro_imap_choice_account_type', ['label' => 'oro.user.imap_configuration.label']); } else { $builder->add('imapConfiguration', 'oro_imap_configuration', ['label' => 'oro.user.imap_configuration.label']); } $builder->add('change_password', ChangePasswordType::NAME)->add('avatar', 'oro_image', ['label' => 'oro.user.avatar.label', 'required' => false]); $this->addInviteUserField($builder); }
/** * {@inheritdoc} */ public function getCalendarDefaultValues($organizationId, $userId, $calendarId, array $calendarIds) { $result = []; if (!$this->calendarConfig->isPublicCalendarEnabled()) { foreach ($calendarIds as $id) { $result[$id] = null; } return $result; } /** @var SystemCalendarRepository $repo */ $repo = $this->doctrineHelper->getEntityRepository('OroCalendarBundle:SystemCalendar'); $qb = $repo->getPublicCalendarsQueryBuilder(); /** @var SystemCalendar[] $calendars */ $calendars = $qb->getQuery()->getResult(); $isEventManagementGranted = $this->securityFacade->isGranted('oro_public_calendar_event_management'); foreach ($calendars as $calendar) { $resultItem = ['calendarName' => $calendar->getName(), 'backgroundColor' => $calendar->getBackgroundColor(), 'removable' => false, 'position' => -80]; if ($isEventManagementGranted) { $resultItem['canAddEvent'] = true; $resultItem['canEditEvent'] = true; $resultItem['canDeleteEvent'] = true; } $result[$calendar->getId()] = $resultItem; } return $result; }
/** * {@inheritdoc} */ public function getCalendarEvents($organizationId, $userId, $calendarId, $start, $end, $connections, $extraFields = []) { if (!$this->calendarConfig->isSystemCalendarEnabled() || !$this->securityFacade->isGranted('oro_system_calendar_view')) { return []; } //@TODO: temporary return all system calendars until BAP-6566 implemented ///** @var CalendarEventRepository $repo */ //$repo = $this->doctrineHelper->getEntityRepository('OroCalendarBundle:CalendarEvent'); //$qb = $repo->getSystemEventListByTimeIntervalQueryBuilder( // $calendarId, // $start, // $end, // [] //); $extraFields = $this->filterSupportedFields($extraFields, 'Oro\\Bundle\\CalendarBundle\\Entity\\CalendarEvent'); /** @var CalendarEventRepository $repo */ $repo = $this->doctrineHelper->getEntityRepository('OroCalendarBundle:CalendarEvent'); $qb = $repo->getSystemEventListByTimeIntervalQueryBuilder($start, $end, [], $extraFields)->andWhere('c.organization = :organizationId')->setParameter('organizationId', $organizationId); $invisibleIds = []; foreach ($connections as $id => $visible) { if (!$visible) { $invisibleIds[] = $id; } } if ($invisibleIds) { $qb->andWhere('c.id NOT IN (:invisibleIds)')->setParameter('invisibleIds', $invisibleIds); } return $this->calendarEventNormalizer->getCalendarEvents($calendarId, $qb->getQuery()); }
/** * {@inheritdoc} */ public function reverseTransform($value) { if (!$value) { return []; } /** @var CalendarRepository $calendarRepository */ $calendarRepository = $this->registry->getRepository('OroCalendarBundle:Calendar'); $organizationId = $this->securityFacade->getOrganizationId(); if (!$organizationId) { throw new TransformationFailedException('Can\'t get current organization'); } $events = new ArrayCollection(); /** @var User $user */ $userIds = []; foreach ($value as $user) { $userIds[] = $user->getId(); } $calendars = $calendarRepository->findDefaultCalendars($userIds, $organizationId); foreach ($calendars as $calendar) { $event = new CalendarEvent(); $event->setCalendar($calendar); $events->add($event); } return $events; }
/** * PRE_SET_DATA event handler * * @param FormEvent $event */ public function preSetData(FormEvent $event) { $form = $event->getForm(); if ($this->calendarConfig->isPublicCalendarEnabled() && $this->calendarConfig->isSystemCalendarEnabled()) { $options = ['required' => false, 'label' => 'oro.calendar.systemcalendar.public.label', 'empty_value' => false, 'choices' => [false => 'oro.calendar.systemcalendar.scope.organization', true => 'oro.calendar.systemcalendar.scope.system']]; /** @var SystemCalendar|null $data */ $data = $event->getData(); if ($data) { $isPublicGranted = $this->securityFacade->isGranted('oro_public_calendar_management'); $isSystemGranted = $this->securityFacade->isGranted($data->getId() ? 'oro_system_calendar_update' : 'oro_system_calendar_create'); if (!$isPublicGranted || !$isSystemGranted) { $options['read_only'] = true; if (!$data->getId() && !$isSystemGranted) { $options['data'] = true; } unset($options['choices'][$isSystemGranted]); } } $form->add('public', 'choice', $options); } elseif ($this->calendarConfig->isPublicCalendarEnabled()) { $form->add('public', 'hidden', ['data' => true]); } elseif ($this->calendarConfig->isSystemCalendarEnabled()) { $form->add('public', 'hidden', ['data' => false]); } }
/** * Process form * * @param AccountUser $accountUser * @return bool True on successful processing, false otherwise */ public function process(AccountUser $accountUser) { if (in_array($this->request->getMethod(), ['POST', 'PUT'], true)) { $this->form->submit($this->request); if ($this->form->isValid()) { if (!$accountUser->getId()) { if ($this->form->get('passwordGenerate')->getData()) { $generatedPassword = $this->userManager->generatePassword(10); $accountUser->setPlainPassword($generatedPassword); } if ($this->form->get('sendEmail')->getData()) { $this->userManager->sendWelcomeEmail($accountUser); } } $token = $this->securityFacade->getToken(); if ($token instanceof OrganizationContextTokenInterface) { $organization = $token->getOrganizationContext(); $accountUser->setOrganization($organization)->addOrganization($organization); } $this->userManager->updateUser($accountUser); return true; } } return false; }
/** * {@inheritdoc} */ protected function applyPermissions(&$item, $calendarId) { if (!$this->securityFacade->isGranted('oro_public_calendar_event_management')) { $item['editable'] = false; $item['removable'] = false; } }
/** * @param Router $router * @param EntityNameResolver $entityNameResolver * @param SecurityFacade $securityFacade */ public function __construct(Router $router, EntityNameResolver $entityNameResolver, SecurityFacade $securityFacade) { $this->entityNameResolver = $entityNameResolver; $this->router = $router; $this->securityFacade = $securityFacade; $this->canViewContact = $this->securityFacade->isGranted('orocrm_contact_view'); }
/** * {@inheritdoc} */ public function isVisible(array $config = [], array $context = []) { if (!isset($config['acl'])) { throw new \InvalidArgumentException('The "acl" should be provided in the configuration.'); } return $this->securityFacade->isGranted($config['acl']); }
/** * @return bool */ protected function isUnsubscribeGranted() { if ($this->unsubscribeGranted === null) { $this->unsubscribeGranted = $this->securityFacade->isGranted('orocrm_magento_newsletter_subscriber_unsubscribe_customer'); } return $this->unsubscribeGranted; }
/** * @param Router $router * @param NameFormatter $nameFormatter * @param SecurityFacade $securityFacade */ public function __construct(Router $router, NameFormatter $nameFormatter, SecurityFacade $securityFacade) { $this->nameFormatter = $nameFormatter; $this->router = $router; $this->securityFacade = $securityFacade; $this->canViewContact = $this->securityFacade->isGranted('orocrm_contact_view'); }
/** * Returns the context for the given email * * @param Email $email * * @return array */ public function getEmailContext(Email $email) { $criteria = Criteria::create(); $criteria->andWhere(Criteria::expr()->eq('id', $email->getId())); $qb = $this->activityManager->getActivityTargetsQueryBuilder($this->class, $criteria); if (null === $qb) { return []; } $result = $qb->getQuery()->getResult(); if (empty($result)) { return $result; } $currentUser = $this->securityFacade->getLoggedUser(); $currentUserClass = ClassUtils::getClass($currentUser); $currentUserId = $currentUser->getId(); $result = array_values(array_filter($result, function ($item) use($currentUserClass, $currentUserId) { return !($item['entity'] === $currentUserClass && $item['id'] == $currentUserId); })); foreach ($result as &$item) { $route = $this->configManager->getEntityMetadata($item['entity'])->getRoute(); $item['entityId'] = $email->getId(); $item['targetId'] = $item['id']; $item['targetClassName'] = $this->entityClassNameHelper->getUrlSafeClassName($item['entity']); $item['icon'] = $this->configManager->getProvider('entity')->getConfig($item['entity'])->get('icon'); $item['link'] = $route ? $this->router->generate($route, ['id' => $item['id']]) : null; unset($item['id'], $item['entity']); } return $result; }
/** * {@inheritdoc} */ public function serializeOne($id) { list($fileId, $ownerEntityClass, $ownerEntityId) = $this->attachmentManager->parseFileKey($id); if (!$this->securityFacade->isGranted('VIEW', new ObjectIdentity($ownerEntityId, $ownerEntityClass))) { throw new AccessDeniedException(); } return parent::serializeOne($fileId); }