/** * Adds a new UserRole to the given user. * * @param UserInterface $user * @param $userRoleData * * @throws \Sulu\Component\Rest\Exception\EntityNotFoundException * * @return bool */ private function addUserRole(UserInterface $user, $userRoleData) { $alreadyContains = false; $role = $this->roleRepository->findRoleById($userRoleData['role']['id']); if (!$role) { throw new EntityNotFoundException($this->roleRepository->getClassName(), $userRoleData['role']['id']); } if ($user->getUserRoles()) { foreach ($user->getUserRoles() as $containedRole) { if ($containedRole->getRole()->getId() === $role->getId()) { $alreadyContains = true; } } } if ($alreadyContains === false) { $userRole = new UserRole(); $userRole->setUser($user); $userRole->setRole($role); $userRole->setLocale(json_encode($userRoleData['locales'])); $this->em->persist($userRole); $user->addUserRole($userRole); } return true; }
/** * Returns the permissions for the given security context for the given user. * * @param string $locale * @param string $securityContext * @param UserInterface $user The user for which the security is checked * @param bool $checkPermissionType Flag to show if the permission type should also be checked. If set to false * it will only check if the user has access to the context in the given locale * * @return array */ private function getUserSecurityContextPermissions($locale, $securityContext, UserInterface $user, $checkPermissionType) { $userPermissions = []; foreach ($user->getUserRoles() as $userRole) { $userPermissions = $this->cumulatePermissions($userPermissions, $this->getUserRoleSecurityContextPermission($locale, $securityContext, $userRole, $checkPermissionType)); } return $userPermissions; }