public function voteOnAttribute($attribute, $subject, TokenInterface $token) { if (TokenUtilities::isApiRequest($token)) { if ($subject instanceof Society || $object instanceof Venue) { if (!TokenUtilities::hasRole($token, 'ROLE_API_WRITE_ORG')) { return false; } } else { if (!TokenUtilities::hasRole($token, 'ROLE_API_WRITE')) { return false; } } } return $this->aclProvider->isOwner($token->getUser(), $subject); }
public function voteOnAttribute($attribute, $subject, TokenInterface $token) { if (TokenUtilities::isApiRequest($token) && !TokenUtilities::hasRole($token, 'ROLE_API_WRITE_ORG')) { return false; } if ($subject->getVenue()) { if ($this->aclProvider->isOwner($token->getUser(), $subject->getVenue())) { return true; } } if ($subject->getSociety()) { if ($this->aclProvider->isOwner($token->getUser(), $subject->getSociety())) { return true; } } return false; }
public function testGetEntityIdsByUser_ValidClass() { $user = new User(); $user->setEmail('*****@*****.**'); $ace1 = new AccessControlEntry(); $ace1->setType('show'); $ace1->setEntityId(32); $ace2 = new AccessControlEntry(); $ace2->setType('show'); $ace2->setEntityId(44); $aces = array($ace1, $ace2); $this->repository->expects($this->once())->method('findByUserAndType')->with($user, 'show')->will($this->returnValue($aces)); $retAces = $this->aclProvider->getEntityIdsByUser($user, '\\Acts\\CamdramBundle\\Entity\\Show'); $this->assertEquals(32, $retAces[0]); $this->assertEquals(44, $retAces[1]); }