예제 #1
0
 /**
  * Adds a new policy to the role
  *
  * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to add  a policy
  * @throws \eZ\Publish\API\Repository\Exceptions\InvalidArgumentException if limitation of the same type is repeated in policy create
  *                                                                        struct or if limitation is not allowed on module/function
  * @throws \eZ\Publish\API\Repository\Exceptions\LimitationValidationException if a limitation in the $policyCreateStruct is not valid
  *
  * @param \eZ\Publish\API\Repository\Values\User\Role $role
  * @param \eZ\Publish\API\Repository\Values\User\PolicyCreateStruct $policyCreateStruct
  *
  * @return \eZ\Publish\API\Repository\Values\User\Role
  */
 public function addPolicy(APIRole $role, APIPolicyCreateStruct $policyCreateStruct)
 {
     if (!is_string($policyCreateStruct->module) || empty($policyCreateStruct->module)) {
         throw new InvalidArgumentValue("module", $policyCreateStruct->module, "PolicyCreateStruct");
     }
     if (!is_string($policyCreateStruct->function) || empty($policyCreateStruct->function)) {
         throw new InvalidArgumentValue("function", $policyCreateStruct->function, "PolicyCreateStruct");
     }
     if ($policyCreateStruct->module === '*' && $policyCreateStruct->function !== '*') {
         throw new InvalidArgumentValue("module", $policyCreateStruct->module, "PolicyCreateStruct");
     }
     if ($this->repository->hasAccess('role', 'update') !== true) {
         throw new UnauthorizedException('role', 'update');
     }
     $loadedRole = $this->loadRole($role->id);
     $limitations = $policyCreateStruct->getLimitations();
     $limitationValidationErrors = $this->validatePolicy($policyCreateStruct->module, $policyCreateStruct->function, $limitations);
     if (!empty($limitationValidationErrors)) {
         throw new LimitationValidationException($limitationValidationErrors);
     }
     $spiPolicy = $this->buildPersistencePolicyObject($policyCreateStruct->module, $policyCreateStruct->function, $limitations);
     $this->repository->beginTransaction();
     try {
         $this->userHandler->addPolicy($loadedRole->id, $spiPolicy);
         $this->repository->commit();
     } catch (Exception $e) {
         $this->repository->rollback();
         throw $e;
     }
     return $this->loadRole($loadedRole->id);
 }