/**
* Checks if the entity can have comments
*
* @param object|null $entity
*
* @return bool
*/
public function isApplicable($entity)
{
if (!is_object($entity) || !$this->doctrineHelper->isManageableEntity($entity) || !$this->securityFacade->isGranted('oro_comment_view')) {
return false;
}
return $this->commentAssociationHelper->isCommentAssociationEnabled(ClassUtils::getClass($entity));
}
/**
* Check ACL based on acl_resource_id, route or uri.
*
* @param array $options
*/
protected function processAcl(array &$options = array())
{
$needCheck = (!isset($options['check_access']) || $options['check_access'] === true) && $this->securityFacade->hasLoggedUser();
$isAllowed = self::DEFAULT_ACL_POLICY;
if (array_key_exists(self::ACL_RESOURCE_ID_KEY, $options)) {
if (array_key_exists($options[self::ACL_RESOURCE_ID_KEY], $this->aclCache)) {
$isAllowed = $this->aclCache[$options[self::ACL_RESOURCE_ID_KEY]];
} else {
if ($needCheck) {
$isAllowed = $this->securityFacade->isGranted($options[self::ACL_RESOURCE_ID_KEY]);
}
$this->aclCache[$options[self::ACL_RESOURCE_ID_KEY]] = $isAllowed;
}
} else {
$routeInfo = $this->getRouteInfo($options);
if ($routeInfo) {
if (array_key_exists($routeInfo['key'], $this->aclCache)) {
$isAllowed = $this->aclCache[$routeInfo['key']];
} else {
if ($needCheck) {
$isAllowed = $this->securityFacade->isClassMethodGranted($routeInfo['controller'], $routeInfo['action']);
}
$this->aclCache[$routeInfo['key']] = $isAllowed;
}
}
}
$options['extras']['isAllowed'] = $isAllowed;
}
/**
* @param ConfigureMenuEvent $event
*/
public function onNavigationConfigure(ConfigureMenuEvent $event)
{
$menu = $event->getMenu();
$children = array();
$entitiesMenuItem = $menu->getChild('system_tab')->getChild('entities_list');
if ($entitiesMenuItem) {
/** @var ConfigProvider $entityConfigProvider */
$entityConfigProvider = $this->configManager->getProvider('entity');
/** @var ConfigProvider $entityExtendProvider */
$entityExtendProvider = $this->configManager->getProvider('extend');
$extendConfigs = $entityExtendProvider->getConfigs();
foreach ($extendConfigs as $extendConfig) {
if ($this->checkAvailability($extendConfig)) {
$config = $entityConfigProvider->getConfig($extendConfig->getId()->getClassname());
if (!class_exists($config->getId()->getClassName()) || !$this->securityFacade->hasLoggedUser() || !$this->securityFacade->isGranted('VIEW', 'entity:' . $config->getId()->getClassName())) {
continue;
}
$children[$config->get('label')] = array('label' => $this->translator->trans($config->get('label')), 'options' => array('route' => 'oro_entity_index', 'routeParameters' => array('entityName' => str_replace('\\', '_', $config->getId()->getClassName())), 'extras' => array('safe_label' => true, 'routes' => array('oro_entity_*'))));
}
}
sort($children);
foreach ($children as $child) {
$entitiesMenuItem->addChild($child['label'], $child['options']);
}
}
}
/**
* Get last operations data
*
* @param array $types
*
* @return array
*/
public function getLastOperationsData(array $types)
{
$types = array_filter($types, function ($type) {
return $this->securityFacade->isGranted(sprintf('pim_importexport_%s_execution_show', $type));
});
return $this->repository->getLastOperationsData($types);
}
/**
* {@inheritdoc}
*/
public function beforeProcess($entity)
{
//check owner (Contact) entity with 'edit' permission
if (!$this->securityFacade->isGranted('EDIT', $entity->getOwner())) {
throw new AccessDeniedException();
}
}
/**
* Process form
*
* @param mixed $entity
*
* @return mixed|null The instance of saved entity on successful processing; otherwise, null
*/
public function process($entity)
{
if ($this->securityFacade->isGranted('EDIT', $entity)) {
return parent::process($entity);
}
return null;
}
/**
* {@inheritdoc}
*/
public function checkPermissions($entity, ObjectManager $em)
{
$loggedUserId = $this->securityFacade->getLoggedUserId();
if ($loggedUserId && $loggedUserId == $entity->getId()) {
throw new ForbiddenException('self delete');
}
}
/**
* @param object $object
* @param int $depth
* @param bool $ignoreAcl
* @param Organization|null $organization
*
* @return Recipient[]
*/
public function getRecipients($object, $depth = 1, $ignoreAcl = false, Organization $organization = null)
{
$recipients = [];
if ($this->isAccessDenyForOrganization($object, $ignoreAcl, $organization)) {
return $recipients;
}
if (!$depth || ($ignoreAcl || !$this->securityFacade->isGranted('VIEW', $object))) {
if (!$depth || $this->securityFacade->getLoggedUser() !== $object) {
return $recipients;
}
}
$className = ClassUtils::getClass($object);
$metadata = $this->getMetadata($className);
$attributes = $this->initAttributes($className, $metadata);
foreach ($metadata->associationMappings as $name => $assoc) {
if (in_array('Oro\\Bundle\\EmailBundle\\Entity\\EmailInterface', class_implements($assoc['targetEntity']), true)) {
$attributes[] = new EmailAttribute($name, true);
} else {
if ($depth > 1) {
$assocObject = $this->getPropertyAccessor()->getValue($object, $name);
if (!$assocObject instanceof \Traversable && !is_array($assocObject)) {
if ($assocObject) {
$assocObject = [$assocObject];
} else {
$assocObject = [];
}
}
foreach ($assocObject as $obj) {
$recipients = array_merge($recipients, $this->getRecipients($obj, $depth - 1, false, $organization));
}
}
}
}
return array_merge($recipients, $this->createRecipientsFromEmails($this->createEmailsFromAttributes($attributes, $object), $object, $metadata));
}
/**
* @param ConfigureMenuEvent $event
*/
public function onNavigationConfigure(ConfigureMenuEvent $event)
{
/** @var ItemInterface $reportsMenuItem */
$reportsMenuItem = $event->getMenu()->getChild('reports_tab');
if ($reportsMenuItem && $this->securityFacade->hasLoggedUser()) {
$qb = $this->em->getRepository('OroReportBundle:Report')->createQueryBuilder('report')->orderBy('report.name', 'ASC');
$reports = $this->aclHelper->apply($qb)->execute();
if (!empty($reports)) {
$this->addDivider($reportsMenuItem);
$reportMenuData = [];
foreach ($reports as $report) {
$config = $this->entityConfigProvider->getConfig($report->getEntity());
if ($this->checkAvailability($config)) {
$entityLabel = $config->get('plural_label');
if (!isset($reportMenuData[$entityLabel])) {
$reportMenuData[$entityLabel] = [];
}
$reportMenuData[$entityLabel][$report->getId()] = $report->getName();
}
}
ksort($reportMenuData);
$this->buildReportMenu($reportsMenuItem, $reportMenuData);
}
}
}
/**
* Options:
* - grid_name - name of grid that will be used for entity selection
* - grid_parameters - parameters need to be passed to grid request
* - grid_render_parameters - render parameters need to be set for grid rendering
* - existing_entity_grid_id - grid row field name used as entity identifier
* - create_enabled - enables new entity creation
* - create_acl - ACL resource used to determine that create is allowed, by default CREATE for entity used
* - create_form_route - route name for creation form
* - create_form_route_parameters - route parameters for create_form_route_parameters
*
* {@inheritDoc}
*/
public function setDefaultOptions(OptionsResolverInterface $resolver)
{
$resolver->setDefaults(['existing_entity_grid_id' => 'id', 'create_enabled' => true, 'create_acl' => null, 'create_form_route' => null, 'create_form_route_parameters' => [], 'grid_name' => null, 'grid_parameters' => [], 'grid_render_parameters' => []]);
$resolver->setNormalizers(['create_enabled' => function (Options $options, $createEnabled) {
$createRouteName = $options->get('create_form_route');
$createEnabled = $createEnabled && !empty($createRouteName);
if ($createEnabled) {
$aclName = $options->get('create_acl');
if (empty($aclName)) {
$aclObjectName = 'Entity:' . $options->get('entity_class');
$createEnabled = $this->securityFacade->isGranted('CREATE', $aclObjectName);
} else {
$createEnabled = $this->securityFacade->isGranted($aclName);
}
}
return $createEnabled;
}, 'grid_name' => function (Options $options, $gridName) {
if (!empty($gridName)) {
return $gridName;
}
$formConfig = $this->configManager->getProvider('form')->getConfig($options->get('entity_class'));
if ($formConfig->has('grid_name')) {
return $formConfig->get('grid_name');
}
throw new InvalidConfigurationException('The option "grid_name" must be set.');
}]);
}
/**
* Sets default data for create integrations form
*
* @param FormEvent $event
*/
public function postSet(FormEvent $event)
{
$data = $event->getData();
if ($data && !$data->getId() && !$data->getDefaultUserOwner() || null === $data) {
$event->getForm()->get('defaultUserOwner')->setData($this->securityFacade->getLoggedUser());
}
}
/**
* Validate configs nad fill default values
*
* @param DatagridConfiguration $config
*/
public function processConfigs(DatagridConfiguration $config)
{
$configItems = $config->offsetGetOr(Configuration::BASE_CONFIG_KEY, []);
$configuration = new Configuration(Configuration::BASE_CONFIG_KEY);
$normalizedConfigItems = $this->validateConfiguration($configuration, [Configuration::BASE_CONFIG_KEY => $configItems]);
$isGranted = $this->securityFacade->isGranted('EDIT', 'entity:' . $configItems['entity_name']);
//according to ACL disable inline editing for the whole grid
if (!$isGranted) {
$normalizedConfigItems[Configuration::CONFIG_KEY_ENABLE] = false;
}
// replace config values by normalized, extra keys passed directly
$resultConfigItems = array_replace_recursive($configItems, $normalizedConfigItems);
if (is_null($resultConfigItems['save_api_accessor']['default_route_parameters']['className'])) {
$resultConfigItems['save_api_accessor']['default_route_parameters']['className'] = $this->entityClassNameHelper->getUrlSafeClassName($configItems['entity_name']);
}
$config->offsetSet(Configuration::BASE_CONFIG_KEY, $resultConfigItems);
//add inline editing where it is possible, do not use ACL, because additional parameters for columns needed
$columns = $config->offsetGetOr(FormatterConfiguration::COLUMNS_KEY, []);
$blackList = $configuration->getBlackList();
foreach ($columns as $columnName => &$column) {
if (!in_array($columnName, $blackList)) {
$newColumn = $this->guesser->getColumnOptions($columnName, $configItems['entity_name'], $column);
//frontend type key must not be replaced with default value
$typeKey = PropertyInterface::FRONTEND_TYPE_KEY;
if (!empty($newColumn[$typeKey])) {
$column[$typeKey] = $newColumn[$typeKey];
}
$column = array_replace_recursive($newColumn, $column);
}
}
$config->offsetSet(FormatterConfiguration::COLUMNS_KEY, $columns);
}
/**
* @SuppressWarnings(PHPMD.ExcessiveMethodLength)
*/
protected function setUp()
{
$this->em = $this->getMockBuilder('Doctrine\\ORM\\EntityManager')->disableOriginalConstructor()->getMock();
$this->doctrineHelper = $this->getMockBuilder('Oro\\Bundle\\EntityBundle\\ORM\\DoctrineHelper')->disableOriginalConstructor()->getMock();
$this->mailer = $this->getMockBuilder('Oro\\Bundle\\EmailBundle\\Mailer\\DirectMailer')->disableOriginalConstructor()->getMock();
$this->mailerTransport = $this->getMockBuilder('\\Swift_Transport_EsmtpTransport')->disableOriginalConstructor()->getMock();
$this->mailer->expects($this->any())->method('getTransport')->will($this->returnValue($this->mailerTransport));
$this->emailEntityBuilder = $this->getMockBuilder('Oro\\Bundle\\EmailBundle\\Builder\\EmailEntityBuilder')->disableOriginalConstructor()->getMock();
$this->emailOwnerProvider = $this->getMockBuilder('Oro\\Bundle\\EmailBundle\\Entity\\Provider\\EmailOwnerProvider')->disableOriginalConstructor()->getMock();
$this->dispatcher = $this->getMockBuilder('Symfony\\Component\\EventDispatcher\\EventDispatcherInterface')->disableOriginalConstructor()->getMock();
$this->emailActivityManager = $this->getMockBuilder('Oro\\Bundle\\EmailBundle\\Entity\\Manager\\EmailActivityManager')->disableOriginalConstructor()->getMock();
$this->securityFacade = $this->getMockBuilder('Oro\\Bundle\\SecurityBundle\\SecurityFacade')->setMethods(['getLoggedUser', 'getOrganization'])->disableOriginalConstructor()->getMock();
$this->emailOriginHelper = $this->getMockBuilder('Oro\\Bundle\\EmailBundle\\Tools\\EmailOriginHelper')->setMethods(['setEmailModel', 'findEmailOrigin'])->disableOriginalConstructor()->getMock();
$this->userEmailOrigin = $this->getMockBuilder('Oro\\Bundle\\ImapBundle\\Entity\\UserEmailOrigin')->disableOriginalConstructor()->getMock();
$this->userEmailOrigin->expects($this->any())->method('getSmtpHost')->will($this->returnValue('abc'));
$this->userEmailOrigin->expects($this->any())->method('getSmtpPort')->will($this->returnValue(25));
$this->securityFacadeLink = $this->getMockBuilder('Oro\\Bundle\\EntityConfigBundle\\DependencyInjection\\Utils\\ServiceLink')->setMethods(['getService'])->disableOriginalConstructor()->getMock();
$this->securityFacadeLink->expects($this->any())->method('getService')->will($this->returnValue($this->securityFacade));
$this->securityFacade->expects($this->any())->method('getOrganization')->will($this->returnValue($this->getTestOrganization()));
$this->doctrineHelper->expects($this->any())->method('getEntityManager')->with('OroEmailBundle:Email')->will($this->returnValue($this->em));
$folder = $this->getMockBuilder('Oro\\Bundle\\EmailBundle\\Entity\\EmailFolder')->disableOriginalConstructor()->getMock();
$this->userEmailOrigin->expects($this->any())->method('getFolder')->with(FolderType::SENT)->will($this->returnValue($folder));
$emailOriginRepo = $this->getMockBuilder('Doctrine\\ORM\\EntityRepository')->disableOriginalConstructor()->getMock();
$emailOriginRepo->expects($this->any())->method('findOneBy')->with(['internalName' => InternalEmailOrigin::BAP])->will($this->returnValue($this->userEmailOrigin));
$this->em->expects($this->any())->method('getRepository')->with('OroEmailBundle:InternalEmailOrigin')->will($this->returnValue($emailOriginRepo));
$this->emailProcessor = new Processor($this->doctrineHelper, $this->mailer, new EmailAddressHelper(), $this->emailEntityBuilder, $this->emailOwnerProvider, $this->emailActivityManager, $this->securityFacadeLink, $this->dispatcher, new Mcrypt(), $this->emailOriginHelper);
}
/**
* @param OrmResultBefore $event
*/
public function onResultBefore(OrmResultBefore $event)
{
// listener logic is applied only to frontend part of application
if ($this->securityFacade->getLoggedUser() instanceof User) {
return;
}
$config = $event->getDatagrid()->getConfig();
$query = $event->getQuery();
/** @var Subselect|SelectStatement $select */
$select = $query->getAST();
$fromClause = $select instanceof SelectStatement ? $select->fromClause : $select->subselectFromClause;
$skipAclCheck = true;
/** @var IdentificationVariableDeclaration $identificationVariableDeclaration */
foreach ($fromClause->identificationVariableDeclarations as $identificationVariableDeclaration) {
$entityName = $identificationVariableDeclaration->rangeVariableDeclaration->abstractSchemaName;
$metadata = $this->metadataProvider->getMetadata($entityName);
if ($metadata->hasOwner()) {
$skipAclCheck = false;
break;
}
}
if ($skipAclCheck) {
$config->offsetSetByPath(Builder::DATASOURCE_SKIP_ACL_CHECK, true);
}
}
/**
* {@inheritdoc}
*/
public function isAllowed()
{
if (!$this->acl) {
return true;
}
return $this->securityFacade->hasLoggedUser() && $this->securityFacade->isGranted($this->acl);
}
/**
* @param EmailTemplate $template
*
* @return Closure
*/
protected function createExistingEntityQueryBuilder(EmailTemplate $template)
{
return function (EmailTemplateRepository $repository) use($template) {
$qb = $repository->createQueryBuilder('e');
return $qb->orderBy('e.name', 'ASC')->andWhere('e.entityName = :entityName OR e.entityName IS NULL')->andWhere("e.organization = :organization")->andWhere($qb->expr()->orX($qb->expr()->eq('e.visible', ':visible'), $qb->expr()->eq('e.id', ':id')))->setParameter('entityName', Email::ENTITY_CLASS)->setParameter('organization', $this->securityFacade->getOrganization())->setParameter('id', $template->getId())->setParameter('visible', true);
};
}
/**
* {@inheritDoc}
* @throws \Doctrine\DBAL\ConnectionException
*/
protected function onSuccess(AbstractRole $role, array $appendUsers, array $removeUsers)
{
// TODO: When task BB-1046 will be done, remove method removeOriginalRoleFromUsers.
// In method addNewRoleToUsers before addRole add method removeRole($role). Also needs delete flush;
/** @var AccountUserRole $role */
if ($role->getId()) {
/** @var AccountUserRoleRepository $roleRepository */
$roleRepository = $this->doctrineHelper->getEntityRepository($role);
$this->appendUsers = $roleRepository->getAssignedUsers($role);
}
$this->loggedAccountUser = $this->securityFacade->getLoggedUser();
/** @var EntityManager $manager */
$manager = $this->managerRegistry->getManagerForClass(ClassUtils::getClass($this->loggedAccountUser));
$connection = $manager->getConnection();
$connection->setTransactionIsolation(Connection::TRANSACTION_REPEATABLE_READ);
$connection->beginTransaction();
try {
$this->removeOriginalRoleFromUsers($role, $manager);
AclRoleHandler::onSuccess($this->newRole, $appendUsers, $removeUsers);
$this->addNewRoleToUsers($role, $manager, $appendUsers, $removeUsers);
$manager->flush();
$connection->commit();
} catch (\Exception $e) {
$connection->rollBack();
throw $e;
}
}
/**
* {@inheritdoc}
*/
public function addEntityFields(FormBuilderInterface $builder)
{
// user fields
$builder->addEventSubscriber(new UserSubscriber($builder->getFormFactory(), $this->security));
$this->setDefaultUserFields($builder);
if ($this->securityFacade->isGranted('oro_user_role_view')) {
$builder->add('roles', 'entity', ['property_path' => 'rolesCollection', 'label' => 'oro.user.roles.label', 'class' => 'OroUserBundle:Role', 'property' => 'label', 'query_builder' => function (EntityRepository $er) {
return $er->createQueryBuilder('r')->where('r.role <> :anon')->setParameter('anon', User::ROLE_ANONYMOUS)->orderBy('r.label');
}, 'multiple' => true, 'expanded' => true, 'required' => !$this->isMyProfilePage, 'read_only' => $this->isMyProfilePage, 'disabled' => $this->isMyProfilePage, 'translatable_options' => false]);
}
if ($this->securityFacade->isGranted('oro_user_group_view')) {
$builder->add('groups', 'entity', ['label' => 'oro.user.groups.label', 'class' => 'OroUserBundle:Group', 'property' => 'name', 'multiple' => true, 'expanded' => true, 'required' => false, 'read_only' => $this->isMyProfilePage, 'disabled' => $this->isMyProfilePage, 'translatable_options' => false]);
}
if ($this->securityFacade->isGranted('oro_organization_view') && $this->securityFacade->isGranted('oro_business_unit_view')) {
$builder->add('organizations', 'oro_organizations_select', ['required' => false, 'label' => 'oro.user.form.access_settings.label']);
}
$builder->add('plainPassword', 'repeated', ['label' => 'oro.user.password.label', 'type' => 'password', 'required' => true, 'first_options' => ['label' => 'oro.user.password.label'], 'second_options' => ['label' => 'oro.user.password_re.label']])->add('emails', 'collection', ['label' => 'oro.user.emails.label', 'type' => 'oro_user_email', 'allow_add' => true, 'allow_delete' => true, 'by_reference' => false, 'prototype' => true, 'prototype_name' => 'tag__name__']);
if ($this->userConfigManager->get('oro_imap.enable_google_imap')) {
$builder->add('imapAccountType', 'oro_imap_choice_account_type', ['label' => 'oro.user.imap_configuration.label']);
} else {
$builder->add('imapConfiguration', 'oro_imap_configuration', ['label' => 'oro.user.imap_configuration.label']);
}
$builder->add('change_password', ChangePasswordType::NAME)->add('avatar', 'oro_image', ['label' => 'oro.user.avatar.label', 'required' => false]);
$this->addInviteUserField($builder);
}
/**
* {@inheritdoc}
*/
public function getCalendarDefaultValues($organizationId, $userId, $calendarId, array $calendarIds)
{
$result = [];
if (!$this->calendarConfig->isPublicCalendarEnabled()) {
foreach ($calendarIds as $id) {
$result[$id] = null;
}
return $result;
}
/** @var SystemCalendarRepository $repo */
$repo = $this->doctrineHelper->getEntityRepository('OroCalendarBundle:SystemCalendar');
$qb = $repo->getPublicCalendarsQueryBuilder();
/** @var SystemCalendar[] $calendars */
$calendars = $qb->getQuery()->getResult();
$isEventManagementGranted = $this->securityFacade->isGranted('oro_public_calendar_event_management');
foreach ($calendars as $calendar) {
$resultItem = ['calendarName' => $calendar->getName(), 'backgroundColor' => $calendar->getBackgroundColor(), 'removable' => false, 'position' => -80];
if ($isEventManagementGranted) {
$resultItem['canAddEvent'] = true;
$resultItem['canEditEvent'] = true;
$resultItem['canDeleteEvent'] = true;
}
$result[$calendar->getId()] = $resultItem;
}
return $result;
}
/**
* {@inheritdoc}
*/
public function getCalendarEvents($organizationId, $userId, $calendarId, $start, $end, $connections, $extraFields = [])
{
if (!$this->calendarConfig->isSystemCalendarEnabled() || !$this->securityFacade->isGranted('oro_system_calendar_view')) {
return [];
}
//@TODO: temporary return all system calendars until BAP-6566 implemented
///** @var CalendarEventRepository $repo */
//$repo = $this->doctrineHelper->getEntityRepository('OroCalendarBundle:CalendarEvent');
//$qb = $repo->getSystemEventListByTimeIntervalQueryBuilder(
// $calendarId,
// $start,
// $end,
// []
//);
$extraFields = $this->filterSupportedFields($extraFields, 'Oro\\Bundle\\CalendarBundle\\Entity\\CalendarEvent');
/** @var CalendarEventRepository $repo */
$repo = $this->doctrineHelper->getEntityRepository('OroCalendarBundle:CalendarEvent');
$qb = $repo->getSystemEventListByTimeIntervalQueryBuilder($start, $end, [], $extraFields)->andWhere('c.organization = :organizationId')->setParameter('organizationId', $organizationId);
$invisibleIds = [];
foreach ($connections as $id => $visible) {
if (!$visible) {
$invisibleIds[] = $id;
}
}
if ($invisibleIds) {
$qb->andWhere('c.id NOT IN (:invisibleIds)')->setParameter('invisibleIds', $invisibleIds);
}
return $this->calendarEventNormalizer->getCalendarEvents($calendarId, $qb->getQuery());
}
/**
* {@inheritdoc}
*/
public function reverseTransform($value)
{
if (!$value) {
return [];
}
/** @var CalendarRepository $calendarRepository */
$calendarRepository = $this->registry->getRepository('OroCalendarBundle:Calendar');
$organizationId = $this->securityFacade->getOrganizationId();
if (!$organizationId) {
throw new TransformationFailedException('Can\'t get current organization');
}
$events = new ArrayCollection();
/** @var User $user */
$userIds = [];
foreach ($value as $user) {
$userIds[] = $user->getId();
}
$calendars = $calendarRepository->findDefaultCalendars($userIds, $organizationId);
foreach ($calendars as $calendar) {
$event = new CalendarEvent();
$event->setCalendar($calendar);
$events->add($event);
}
return $events;
}
/**
* PRE_SET_DATA event handler
*
* @param FormEvent $event
*/
public function preSetData(FormEvent $event)
{
$form = $event->getForm();
if ($this->calendarConfig->isPublicCalendarEnabled() && $this->calendarConfig->isSystemCalendarEnabled()) {
$options = ['required' => false, 'label' => 'oro.calendar.systemcalendar.public.label', 'empty_value' => false, 'choices' => [false => 'oro.calendar.systemcalendar.scope.organization', true => 'oro.calendar.systemcalendar.scope.system']];
/** @var SystemCalendar|null $data */
$data = $event->getData();
if ($data) {
$isPublicGranted = $this->securityFacade->isGranted('oro_public_calendar_management');
$isSystemGranted = $this->securityFacade->isGranted($data->getId() ? 'oro_system_calendar_update' : 'oro_system_calendar_create');
if (!$isPublicGranted || !$isSystemGranted) {
$options['read_only'] = true;
if (!$data->getId() && !$isSystemGranted) {
$options['data'] = true;
}
unset($options['choices'][$isSystemGranted]);
}
}
$form->add('public', 'choice', $options);
} elseif ($this->calendarConfig->isPublicCalendarEnabled()) {
$form->add('public', 'hidden', ['data' => true]);
} elseif ($this->calendarConfig->isSystemCalendarEnabled()) {
$form->add('public', 'hidden', ['data' => false]);
}
}
/**
* Process form
*
* @param AccountUser $accountUser
* @return bool True on successful processing, false otherwise
*/
public function process(AccountUser $accountUser)
{
if (in_array($this->request->getMethod(), ['POST', 'PUT'], true)) {
$this->form->submit($this->request);
if ($this->form->isValid()) {
if (!$accountUser->getId()) {
if ($this->form->get('passwordGenerate')->getData()) {
$generatedPassword = $this->userManager->generatePassword(10);
$accountUser->setPlainPassword($generatedPassword);
}
if ($this->form->get('sendEmail')->getData()) {
$this->userManager->sendWelcomeEmail($accountUser);
}
}
$token = $this->securityFacade->getToken();
if ($token instanceof OrganizationContextTokenInterface) {
$organization = $token->getOrganizationContext();
$accountUser->setOrganization($organization)->addOrganization($organization);
}
$this->userManager->updateUser($accountUser);
return true;
}
}
return false;
}
/**
* {@inheritdoc}
*/
protected function applyPermissions(&$item, $calendarId)
{
if (!$this->securityFacade->isGranted('oro_public_calendar_event_management')) {
$item['editable'] = false;
$item['removable'] = false;
}
}
/**
* @param Router $router
* @param EntityNameResolver $entityNameResolver
* @param SecurityFacade $securityFacade
*/
public function __construct(Router $router, EntityNameResolver $entityNameResolver, SecurityFacade $securityFacade)
{
$this->entityNameResolver = $entityNameResolver;
$this->router = $router;
$this->securityFacade = $securityFacade;
$this->canViewContact = $this->securityFacade->isGranted('orocrm_contact_view');
}
/**
* {@inheritdoc}
*/
public function isVisible(array $config = [], array $context = [])
{
if (!isset($config['acl'])) {
throw new \InvalidArgumentException('The "acl" should be provided in the configuration.');
}
return $this->securityFacade->isGranted($config['acl']);
}
/**
* @return bool
*/
protected function isUnsubscribeGranted()
{
if ($this->unsubscribeGranted === null) {
$this->unsubscribeGranted = $this->securityFacade->isGranted('orocrm_magento_newsletter_subscriber_unsubscribe_customer');
}
return $this->unsubscribeGranted;
}
/**
* @param Router $router
* @param NameFormatter $nameFormatter
* @param SecurityFacade $securityFacade
*/
public function __construct(Router $router, NameFormatter $nameFormatter, SecurityFacade $securityFacade)
{
$this->nameFormatter = $nameFormatter;
$this->router = $router;
$this->securityFacade = $securityFacade;
$this->canViewContact = $this->securityFacade->isGranted('orocrm_contact_view');
}
/**
* Returns the context for the given email
*
* @param Email $email
*
* @return array
*/
public function getEmailContext(Email $email)
{
$criteria = Criteria::create();
$criteria->andWhere(Criteria::expr()->eq('id', $email->getId()));
$qb = $this->activityManager->getActivityTargetsQueryBuilder($this->class, $criteria);
if (null === $qb) {
return [];
}
$result = $qb->getQuery()->getResult();
if (empty($result)) {
return $result;
}
$currentUser = $this->securityFacade->getLoggedUser();
$currentUserClass = ClassUtils::getClass($currentUser);
$currentUserId = $currentUser->getId();
$result = array_values(array_filter($result, function ($item) use($currentUserClass, $currentUserId) {
return !($item['entity'] === $currentUserClass && $item['id'] == $currentUserId);
}));
foreach ($result as &$item) {
$route = $this->configManager->getEntityMetadata($item['entity'])->getRoute();
$item['entityId'] = $email->getId();
$item['targetId'] = $item['id'];
$item['targetClassName'] = $this->entityClassNameHelper->getUrlSafeClassName($item['entity']);
$item['icon'] = $this->configManager->getProvider('entity')->getConfig($item['entity'])->get('icon');
$item['link'] = $route ? $this->router->generate($route, ['id' => $item['id']]) : null;
unset($item['id'], $item['entity']);
}
return $result;
}
/**
* {@inheritdoc}
*/
public function serializeOne($id)
{
list($fileId, $ownerEntityClass, $ownerEntityId) = $this->attachmentManager->parseFileKey($id);
if (!$this->securityFacade->isGranted('VIEW', new ObjectIdentity($ownerEntityId, $ownerEntityClass))) {
throw new AccessDeniedException();
}
return parent::serializeOne($fileId);
}
