/**
* Constructs an underlying ObjectIdentity for given ObjectIdentity
* Underlying is class level ObjectIdentity for given object level ObjectIdentity.
*
* @param ObjectIdentityInterface $oid
* @return ObjectIdentity
* @throws InvalidAclException
*/
public function underlying(ObjectIdentityInterface $oid)
{
if ($oid->getIdentifier() === self::ROOT_IDENTITY_TYPE || $oid->getIdentifier() === ($extensionKey = $this->extensionSelector->select($oid)->getExtensionKey())) {
throw new InvalidAclException(sprintf('Cannot get underlying ACL for %s', $oid));
}
return new ObjectIdentity($extensionKey, $oid->getType());
}
/**
* Return an AclClass for the given ACL ObjectIdentity.
*
* If none can be found, a new one will be saved.
*
* @param \Symfony\Component\Security\Acl\Model\ObjectIdentityInterface $objectIdentity
* @param \PropelPDO $con
*
* @return \Propel\PropelBundle\Model\Acl\AclClass
*/
public static function fromAclObjectIdentity(ObjectIdentityInterface $objectIdentity, \PropelPDO $con = null)
{
$obj = AclClassQuery::create()->filterByType($objectIdentity->getType())->findOneOrCreate($con);
if ($obj->isNew()) {
$obj->save($con);
}
return $obj;
}
/**
* Return Entry objects filtered by an ACL related ObjectIdentity.
*
* @see find()
*
* @param \Symfony\Component\Security\Acl\Model\ObjectIdentityInterface $objectIdentity An ACL related ObjectIdentity.
* @param array $securityIdentities A list of SecurityIdentity to filter by.
* @param \PropelPDO $con
*
* @return \PropelObjectCollection
*/
public function findByAclIdentity(ObjectIdentityInterface $objectIdentity, array $securityIdentities = array(), \PropelPDO $con = null)
{
$securityIds = array();
foreach ($securityIdentities as $eachIdentity) {
if (!$eachIdentity instanceof SecurityIdentityInterface) {
if (is_object($eachIdentity)) {
$errorMessage = sprintf('The list of security identities contains at least one invalid entry of class "%s". Please provide objects of classes implementing "Symfony\\Component\\Security\\Acl\\Model\\SecurityIdentityInterface" only.', get_class($eachIdentity));
} else {
$errorMessage = sprintf('The list of security identities contains at least one invalid entry "%s". Please provide objects of classes implementing "Symfony\\Component\\Security\\Acl\\Model\\SecurityIdentityInterface" only.', $eachIdentity);
}
throw new \InvalidArgumentException($errorMessage);
}
if ($securityIdentity = SecurityIdentity::fromAclIdentity($eachIdentity)) {
$securityIds[$securityIdentity->getId()] = $securityIdentity->getId();
}
}
$this->useAclClassQuery(null, \Criteria::INNER_JOIN)->filterByType((string) $objectIdentity->getType())->endUse()->leftJoinObjectIdentity()->add(ObjectIdentityPeer::OBJECT_IDENTIFIER, (string) $objectIdentity->getIdentifier(), \Criteria::EQUAL)->addOr(EntryPeer::OBJECT_IDENTITY_ID, null, \Criteria::ISNULL);
if (!empty($securityIdentities)) {
$this->filterBySecurityIdentityId($securityIds);
}
return $this->find($con);
}
/**
* Returns the key for the object identity
*
* @param \Symfony\Component\Security\Acl\Model\ObjectIdentityInterface $oid
*
* @return string
*/
private function createKeyFromIdentity(ObjectIdentityInterface $oid)
{
return $oid->getType() . '_' . $oid->getIdentifier();
}
/**
* Constructs the SQL for retrieving the primary key of the given object
* identity.
*
* @param ObjectIdentityInterface $oid
* @return string
*/
protected function getSelectObjectIdentityIdSql(ObjectIdentityInterface $oid)
{
$query = <<<QUERY
SELECT o.id
FROM %s o
INNER JOIN %s c ON c.id = o.class_id
WHERE o.object_identifier = %s AND c.class_type = %s
LIMIT 1
QUERY;
return sprintf($query, $this->options['oid_table_name'], $this->options['class_table_name'], $this->connection->quote($oid->getIdentifier()), $this->connection->quote($oid->getType()));
}
/**
* Returns the key for the object identity
*
* @param ObjectIdentityInterface $oid
* @return string
*/
private function getDataKeyByIdentity(ObjectIdentityInterface $oid)
{
return $this->prefix . md5($oid->getType()) . sha1($oid->getType()) . '_' . md5($oid->getIdentifier()) . sha1($oid->getIdentifier());
}
/**
* Creates the ACL for the passed object identity
*
* @param ObjectIdentityInterface $oid
*/
private function createObjectIdentity(ObjectIdentityInterface $oid)
{
$classId = $this->createOrRetrieveClassId($oid->getType());
$this->connection->executeQuery($this->getInsertObjectIdentitySql($oid->getIdentifier(), $classId, true));
}
/**
* Returns the primary key of the passed object identity.
*
* @param ObjectIdentityInterface $oid
* @return integer
*/
protected function retrieveObjectIdentityPrimaryKey(ObjectIdentityInterface $oid)
{
$query = array("identifier" => $oid->getIdentifier(), "type" => $oid->getType());
$fields = array("_id" => true);
$id = $this->connection->selectCollection($this->options['oid_collection'])->findOne($query, $fields);
return $id ? array_pop($id) : null;
}
/**
* {@inheritDoc}
*/
public function equals(ObjectIdentityInterface $identity)
{
// comparing the identifier with === might lead to problems, so we
// waive this restriction
return $this->identifier == $identity->getIdentifier()
&& $this->type === $identity->getType();
}
/**
* Creates the ACL for the passed object identity
*
* @param ObjectIdentityInterface $oid
* @param boolean $entriesInheriting
* @param ObjectIdentityInterface $parent
* @return void
*/
protected function createObjectIdentity(ObjectIdentityInterface $oid, $entriesInheriting = false, ObjectIdentityInterface $parent = null)
{
$data['identifier'] = $oid->getIdentifier();
$data['type'] = $oid->getType();
$data['entriesInheriting'] = $entriesInheriting;
if ($parent) {
$ancestors = array();
$parentDocument = $this->getObjectIdentity($parent);
if (isset($parent['ancestors'])) {
$ancestors = $parentDocument['ancestors'];
}
$ancestors[] = $parentDocument['_id'];
$data['parent'] = $parentDocument;
$data['ancestors'] = $ancestors;
}
// TODO: safe options
$this->connection->selectCollection($this->options['oid_collection'])->insert($data);
}