public function getUserAccessibleGroups(User $user, $includeNode = true) { // On vérifie que l'utilisateur est soit un super admin, // soit assigné à un groupe puisque s'il ne l'est pas, // $accessibleGroups contient automatiquement tous les groupes // (cf. méthode getChildren()) if ($user->getGroup() === null && !$user->isSuperAdmin()) { throw new \RuntimeException(sprintf('User "%s" is not super admin and is not assigned to a group.', $user)); } return $this->groupRepo->getChildren($user->getGroup(), false, null, "asc", $includeNode); }
public function getAccessibleGroups() { $groups = []; $user = $this->context->getToken()->getUser(); if ($this->isGranted(User::ROLE_SUPER_ADMIN)) { $groups = $this->groupRepo->getChildren(null); } elseif ($this->isGranted(User::ROLE_ADMIN)) { $groups = $this->groupRepo->getChildren($user->getGroup(), false, null, "asc", true); } elseif ($user->getGroup() !== null) { $groups = [$user->getGroup()]; } if (empty($groups) && !$this->isGranted(User::ROLE_ADMIN)) { throw new \RuntimeException('Security error! This user should not have empty group access. This can lead to security breach.'); } return $groups; }