/** * @expectedException \Oro\Bundle\EntityBundle\Exception\InvalidEntityException */ public function testGetOwnerNoGetOwnerAndNoOwnerField() { $metadataProvider = new OwnershipMetadataProviderStub($this); $accessor = new EntityOwnerAccessor(new EntityClassAccessor(), $metadataProvider); $obj = new \stdClass(); $metadataProvider->setMetadata(get_class($obj), new OwnershipMetadata('ORGANIZATION', 'owner', 'owner_id')); $accessor->getOwner($obj); }
public function testGetOrganization() { $metadataProvider = new OwnershipMetadataProviderStub($this); $accessor = new EntityOwnerAccessor($metadataProvider); $org = new \stdClass(); $obj = new TestEntity(1, null, $org); $metadataProvider->setMetadata(get_class($obj), new OwnershipMetadata(null, null, null, 'organization')); $this->assertSame($org, $accessor->getOrganization($obj)); }
/** * Process form after data is set and remove/disable owner field depending on permissions * * @param FormEvent $event */ public function preSetData(FormEvent $event) { $form = $event->getForm(); if ($form->getParent()) { return; } $entity = $event->getData(); if (is_object($entity) && $entity->getId()) { $permission = 'ASSIGN'; $this->checkIsGranted($permission, $entity); $owner = $this->entityOwnerAccessor->getOwner($entity); $dataClassName = ClassUtils::getClass($entity); $metadata = $this->getMetadata($dataClassName); if ($metadata) { if ($form->has($this->fieldName)) { $form->remove($this->fieldName); } if ($this->isAssignGranted) { if ($metadata->isBasicLevelOwned()) { $this->addUserOwnerField($form, $dataClassName, $permission, $owner, $entity->getId()); } elseif ($metadata->isLocalLevelOwned()) { $this->addBusinessUnitOwnerField($form, $this->getCurrentUser(), $dataClassName); } } } } }
/** * Gets owner of the given domain object * * @param object $domainObject * @return object * @throws InvalidDomainObjectException */ protected function getOwner($domainObject) { try { return $this->entityOwnerAccessor->getOwner($domainObject); } catch (InvalidEntityException $ex) { throw new InvalidDomainObjectException($ex->getMessage(), 0, $ex); } }
/** * Check organization. If user try to access entity what was created in organization this user do not have access - * deny access. We should check organization for all the entities what have ownership * (USER, BUSINESS_UNIT, ORGANIZATION ownership types) * * @param mixed $object * @param OrganizationContextTokenInterface $securityToken * @return bool */ protected function isAccessDeniedByOrganizationContext($object, OrganizationContextTokenInterface $securityToken) { try { // try to get entity organization value $objectOrganization = $this->entityOwnerAccessor->getOrganization($object); // check entity organization with current organization if ($objectOrganization && $objectOrganization->getId() !== $securityToken->getOrganizationContext()->getId()) { return true; } } catch (InvalidEntityException $e) { // in case if entity has no organization field (none ownership type) } return false; }
/** * Check organization. If user try to access entity what was created in organization this user do not have access - * deny access. We should check organization for all the entities what have ownership * (USER, BUSINESS_UNIT, ORGANIZATION ownership types) * * @param int $result * @return int */ protected function checkOrganizationContext($result) { $object = $this->object; $token = $this->securityToken; if ($token instanceof OrganizationContextTokenInterface && $result === self::ACCESS_GRANTED && $this->extension instanceof EntityAclExtension && is_object($object) && !$object instanceof ObjectIdentity) { try { // try to get entity organization value $objectOrganization = $this->entityOwnerAccessor->getOrganization($object); // check entity organization with current organization if ($objectOrganization && $objectOrganization->getId() !== $token->getOrganizationContext()->getId()) { $result = self::ACCESS_DENIED; } } catch (InvalidEntityException $e) { // in case if entity has no organization field (none ownership type) return $result; } } return $result; }
/** * @param object $entity * * @return null|object */ public function getEntityOwner($entity) { return $this->ownerAccessor->getOwner($entity); }