/**
* @dataProvider aceTypesProvider
* @SuppressWarnings(PHPMD.ExcessiveMethodLength)
*/
public function testSetPermissionShouldCallInsertAce($type, $field)
{
$sid = $this->createMock('Symfony\\Component\\Security\\Acl\\Model\\SecurityIdentityInterface');
$replace = false;
$granting = true;
$mask = 123;
$strategy = 'any';
$aceSid1 = $this->createMock('Symfony\\Component\\Security\\Acl\\Model\\SecurityIdentityInterface');
$aceSid2 = $this->createMock('Symfony\\Component\\Security\\Acl\\Model\\SecurityIdentityInterface');
$aceGranting2 = $granting;
$aceMask2 = $mask;
$aceStrategy2 = 'all';
$ace1 = $this->getAce($aceSid1);
$ace2 = $this->getAce($aceSid2, $aceGranting2, $aceMask2, $aceStrategy2);
$sid->expects($this->at(0))->method('equals')->with($this->identicalTo($aceSid1))->will($this->returnValue(false));
$sid->expects($this->at(1))->method('equals')->with($this->identicalTo($aceSid2))->will($this->returnValue(true));
if ($field === null) {
$this->acl->expects($this->once())->method('get' . $type . 'Aces')->will($this->returnValue([$ace1, $ace2]));
} else {
$this->acl->expects($this->once())->method('get' . $type . 'FieldAces')->with($this->equalTo($field))->will($this->returnValue([$ace1, $ace2]));
}
if ($field === null) {
$this->acl->expects($this->once())->method('insert' . $type . 'Ace')->with($this->identicalTo($sid), $this->equalTo($mask), $this->equalTo(0), $this->equalTo($granting), $this->equalTo($strategy));
} else {
$this->acl->expects($this->once())->method('insert' . $type . 'FieldAce')->with($this->equalTo($field), $this->identicalTo($sid), $this->equalTo($mask), $this->equalTo(0), $this->equalTo($granting), $this->equalTo($strategy));
}
$this->acl->expects($this->never())->method('update' . $type . 'Ace');
$this->acl->expects($this->never())->method('update' . $type . 'FieldAce');
$this->assertTrue($this->manipulator->setPermission($this->acl, new NullAclExtension(), $replace, $type, $field, $sid, $granting, $mask, $strategy));
}
/**
* Updates or creates ACE with the given attributes
*
* @param SID $sid
* @param OID $oid
* @param bool $replace If true the mask and strategy of the existing ACE should be replaced with the given ones
* @param string $type The ACE type. Can be one of self::*_ACE constants
* @param string|null $field The name of a field.
* Set to null for class-based or object-based ACE
* Set to not null class-field-based or object-field-based ACE
* @param int $mask
* @param bool $granting
* @param string|null $strategy If null the strategy should not be changed for existing ACE
* or the appropriate strategy should be selected automatically for new ACE
* ALL strategy is used for $granting = true
* ANY strategy is used for $granting = false
* @throws InvalidAclMaskException
*/
protected function doSetPermission(SID $sid, OID $oid, $replace, $type, $field, $mask, $granting, $strategy = null)
{
$acl = $this->getAcl($oid, true);
$key = $this->getKey($oid);
if ($this->items[$key]->getState() !== BatchItem::STATE_DELETE) {
$extension = $this->extensionSelector->select($oid);
$extension->validateMask($mask, $oid);
if ($acl === null && $this->items[$key]->getState() === BatchItem::STATE_CREATE) {
$this->items[$key]->addAce($type, $field, $sid, $granting, $mask, $strategy);
} else {
$hasChanges = $this->aceProvider->setPermission($acl, $extension, $replace, $type, $field, $sid, $granting, $mask, $strategy);
if ($hasChanges) {
$this->items[$key]->setState(BatchItem::STATE_UPDATE);
}
}
}
}
