/**
* Sets the Access Control Level for the user for this project.
*
* @param UserProjects $userProject
*
* @throws AccessDeniedException
*/
protected function createACLSettings(UserProjects $userProject)
{
// creating the ACL
$user = $userProject->getUser();
$project = $userProject->getProject();
$aclProvider = $this->container->get('security.acl.provider');
$objectIdentity = ObjectIdentity::fromDomainObject($project);
// retrieving the security identity of the currently logged-in user
$securityIdentity = UserSecurityIdentity::fromAccount($user);
try {
$acl = $aclProvider->findAcl($objectIdentity);
//Delete any Exisitng acls for this users. Only the Username seems to work
$aces = $acl->getObjectAces();
foreach ($aces as $i => $ace) {
if ($ace->getSecurityIdentity()->equals($securityIdentity)) {
//if($ace->getSecurityIdentity()->getUsername() == $user->getUsername()){
// Got it! Let's remove it!
$acl->deleteObjectAce($i);
}
}
} catch (\Symfony\Component\Security\Acl\Exception\AclNotFoundException $e) {
$acl = $aclProvider->createAcl($objectIdentity);
}
// grant owner access
if ($userProject->getRoles() == 'Reporter') {
$acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_VIEW);
} elseif ($userProject->getRoles() == 'Developer') {
$acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_OPERATOR);
} elseif ($userProject->getRoles() == 'Master') {
$acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_MASTER);
} elseif ($userProject->getRoles() == 'Owner') {
$acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_OWNER);
} else {
throw new AccessDeniedException('User Role is not valid');
}
$aclProvider->updateAcl($acl);
}
