/** * @param ConfigureMenuEvent $event */ public function onNavigationConfigure(ConfigureMenuEvent $event) { $menu = $event->getMenu(); $children = array(); $entitiesMenuItem = $menu->getChild('system_tab')->getChild('entities_list'); if ($entitiesMenuItem) { /** @var ConfigProvider $entityConfigProvider */ $entityConfigProvider = $this->configManager->getProvider('entity'); /** @var ConfigProvider $entityExtendProvider */ $entityExtendProvider = $this->configManager->getProvider('extend'); $extendConfigs = $entityExtendProvider->getConfigs(); foreach ($extendConfigs as $extendConfig) { if ($this->checkAvailability($extendConfig)) { $config = $entityConfigProvider->getConfig($extendConfig->getId()->getClassname()); if (!class_exists($config->getId()->getClassName()) || !$this->securityFacade->hasLoggedUser() || !$this->securityFacade->isGranted('VIEW', 'entity:' . $config->getId()->getClassName())) { continue; } $children[$config->get('label')] = array('label' => $this->translator->trans($config->get('label')), 'options' => array('route' => 'oro_entity_index', 'routeParameters' => array('entityName' => str_replace('\\', '_', $config->getId()->getClassName())), 'extras' => array('safe_label' => true, 'routes' => array('oro_entity_*')))); } } sort($children); foreach ($children as $child) { $entitiesMenuItem->addChild($child['label'], $child['options']); } } }
/** * Check ACL based on acl_resource_id, route or uri. * * @param array $options */ protected function processAcl(array &$options = array()) { $needCheck = (!isset($options['check_access']) || $options['check_access'] === true) && $this->securityFacade->hasLoggedUser(); $isAllowed = self::DEFAULT_ACL_POLICY; if (array_key_exists(self::ACL_RESOURCE_ID_KEY, $options)) { if (array_key_exists($options[self::ACL_RESOURCE_ID_KEY], $this->aclCache)) { $isAllowed = $this->aclCache[$options[self::ACL_RESOURCE_ID_KEY]]; } else { if ($needCheck) { $isAllowed = $this->securityFacade->isGranted($options[self::ACL_RESOURCE_ID_KEY]); } $this->aclCache[$options[self::ACL_RESOURCE_ID_KEY]] = $isAllowed; } } else { $routeInfo = $this->getRouteInfo($options); if ($routeInfo) { if (array_key_exists($routeInfo['key'], $this->aclCache)) { $isAllowed = $this->aclCache[$routeInfo['key']]; } else { if ($needCheck) { $isAllowed = $this->securityFacade->isClassMethodGranted($routeInfo['controller'], $routeInfo['action']); } $this->aclCache[$routeInfo['key']] = $isAllowed; } } } $options['extras']['isAllowed'] = $isAllowed; }
/** * {@inheritdoc} */ public function isAllowed() { if (!$this->acl) { return true; } return $this->securityFacade->hasLoggedUser() && $this->securityFacade->isGranted($this->acl); }
/** * @param ConfigureMenuEvent $event */ public function onNavigationConfigure(ConfigureMenuEvent $event) { /** @var ItemInterface $reportsMenuItem */ $reportsMenuItem = $event->getMenu()->getChild('reports_tab'); if ($reportsMenuItem && $this->securityFacade->hasLoggedUser()) { $qb = $this->em->getRepository('OroReportBundle:Report')->createQueryBuilder('report')->orderBy('report.name', 'ASC'); $reports = $this->aclHelper->apply($qb)->execute(); if (!empty($reports)) { $this->addDivider($reportsMenuItem); $reportMenuData = []; foreach ($reports as $report) { $config = $this->entityConfigProvider->getConfig($report->getEntity()); if ($this->checkAvailability($config)) { $entityLabel = $config->get('plural_label'); if (!isset($reportMenuData[$entityLabel])) { $reportMenuData[$entityLabel] = []; } $reportMenuData[$entityLabel][$report->getId()] = $report->getName(); } } ksort($reportMenuData); $this->buildReportMenu($reportsMenuItem, $reportMenuData); } } }
/** * @param ShoppingList|null $shoppingList * @return bool */ public function isAllowed(ShoppingList $shoppingList = null) { if (!$this->securityFacade->hasLoggedUser()) { return false; } $isAllowed = $this->securityFacade->isGranted('orob2b_shopping_list_line_item_frontend_add'); if (!$shoppingList) { return $isAllowed; } return $isAllowed && $this->securityFacade->isGranted('EDIT', $shoppingList); }
/** * @param ConfigureMenuEvent $event */ public function onNavigationConfigure(ConfigureMenuEvent $event) { $dashboardTab = $event->getMenu()->getChild('dashboard_tab'); if (!$dashboardTab || !$this->securityFacade->hasLoggedUser()) { return; } $dashboards = $this->manager->findAllowedDashboards(); if (count($dashboards) > 0) { foreach ($dashboards as $dashboard) { $dashboardId = $dashboard->getId(); $dashboardLabel = $dashboard->getLabel(); $dashboardLabel = strlen($dashboardLabel) > 50 ? substr($dashboardLabel, 0, 50) . '...' : $dashboardLabel; $options = array('label' => $dashboardLabel, 'route' => 'oro_dashboard_view', 'extras' => array('position' => 1), 'routeParameters' => array('id' => $dashboardId, 'change_dashboard' => true)); $dashboardTab->addChild($dashboardId . '_dashboard_menu_item', $options)->setAttribute('data-menu', $dashboardId); } $dashboardTab->addChild('divider-' . rand(1, 99999))->setLabel('')->setAttribute('class', 'divider menu-divider')->setExtra('position', 2); } }
/** * Return array of numbers unread emails per folder * * @return array */ public function getUnreadEmailsCount() { if (!$this->securityFacade->hasLoggedUser()) { return []; } $currentOrganization = $this->securityFacade->getOrganization(); $currentUser = $this->securityFacade->getLoggedUser(); $result = $this->em->getRepository("OroEmailBundle:Email")->getCountNewEmailsPerFolders($currentUser, $currentOrganization); $total = $this->em->getRepository("OroEmailBundle:Email")->getCountNewEmails($currentUser, $currentOrganization); $result[] = array('num' => $total, 'id' => 0); return $result; }
/** * Check ACL based on acl_resource_id, route or uri. * * @param array $options * * @return void */ protected function processAcl(array &$options = array()) { $isAllowed = self::DEFAULT_ACL_POLICY; $options['extras']['isAllowed'] = self::DEFAULT_ACL_POLICY; if (isset($options['check_access']) && $options['check_access'] === false) { return; } if ($this->hideAllForNotLoggedInUsers && !$this->securityFacade->hasLoggedUser()) { if (isset($options['extras']) && array_key_exists('showNonAuthorized', $options['extras']) && $options['extras']['showNonAuthorized']) { return; } $isAllowed = false; } elseif ($this->securityFacade->getToken() !== null) { // don't check access if it's CLI if (array_key_exists('extras', $options) && array_key_exists(self::ACL_POLICY_KEY, $options['extras'])) { $isAllowed = $options['extras'][self::ACL_POLICY_KEY]; } if (array_key_exists(self::ACL_RESOURCE_ID_KEY, $options)) { if (array_key_exists($options[self::ACL_RESOURCE_ID_KEY], $this->aclCache)) { $isAllowed = $this->aclCache[$options[self::ACL_RESOURCE_ID_KEY]]; } else { $isAllowed = $this->securityFacade->isGranted($options[self::ACL_RESOURCE_ID_KEY]); $this->aclCache[$options[self::ACL_RESOURCE_ID_KEY]] = $isAllowed; } } else { $routeInfo = $this->getRouteInfo($options); if ($routeInfo) { if (array_key_exists($routeInfo['key'], $this->aclCache)) { $isAllowed = $this->aclCache[$routeInfo['key']]; } else { $isAllowed = $this->securityFacade->isClassMethodGranted($routeInfo['controller'], $routeInfo['action']); $this->aclCache[$routeInfo['key']] = $isAllowed; } } } } $options['extras']['isAllowed'] = $isAllowed; }