/**
  * Loads an ACE collection from the ACL and updates the permissions (creating if no appropriate ACE exists)
  *
  * @todo refactor this code to transactionalize ACL updating
  * @param MutableAclInterface $acl
  * @param PermissionContextInterface $context
  * @return void
  */
 protected function doApplyPermission(MutableAclInterface $acl, PermissionContextInterface $context, $replace_existing = false)
 {
     $type = $context->getPermissionType();
     $field = $context->getField();
     if (is_null($field)) {
         $aceCollection = $this->getAceCollection($acl, $type);
     } else {
         $aceCollection = $this->getFieldAceCollection($acl, $type, $field);
     }
     $size = count($aceCollection) - 1;
     reset($aceCollection);
     for ($i = $size; $i >= 0; $i--) {
         if ($replace_existing) {
             // Replace all existing permissions with the new one
             if ($context->hasDifferentPermission($aceCollection[$i])) {
                 // The ACE was found but with a different permission. Update it.
                 if (is_null($field)) {
                     $acl->{"update{$type}Ace"}($i, $context->getMask());
                 } else {
                     $acl->{"update{$type}FieldAce"}($id, $field, $context - getMask());
                 }
                 //No need to proceed further because the acl is updated
                 return;
             } else {
                 if ($context->equals($aceCollection[$i])) {
                     // The exact same ACE was found. Nothing to do.
                     return;
                 }
             }
         } else {
             if ($context->equals($aceCollection[$i])) {
                 // The exact same ACE was found. Nothing to do.
                 return;
             }
         }
     }
     //If we come this far means we have to insert ace
     if (is_null($field)) {
         $acl->{"insert{$type}Ace"}($context->getSecurityIdentity(), $context->getMask(), 0, $context->isGranting());
     } else {
         $acl->{"insert{$type}FieldAce"}($field, $context->getSecurityIdentity(), $context->getMask(), 0, $context->isGranting());
     }
 }
예제 #2
0
 /**
  * @param int                           $size
  * @param bool                           $replaceExisting
  * @param array                           $aceCollection
  * @param PermissionContextInterface $context
  * @param string                           $acl
  * @param string                           $field
  * @param string                           $type
  */
 protected function doUpdatePermission($size, $replaceExisting, $aceCollection, PermissionContextInterface $context, $acl, $field, $type)
 {
     for ($i = $size; $i >= 0; $i--) {
         if (true === $replaceExisting) {
             // Replace all existing permissions with the new one
             if ($context->hasDifferentPermission($aceCollection[$i])) {
                 // The ACE was found but with a different permission. Update it.
                 if (is_null($field)) {
                     $acl->{"update{$type}Ace"}($i, $context->getMask());
                 } else {
                     $acl->{"update{$type}FieldAce"}($i, $field, $context->getMask());
                 }
                 //No need to proceed further because the acl is updated
                 return;
             } else {
                 if ($context->equals($aceCollection[$i])) {
                     // The exact same ACE was found. Nothing to do.
                     return;
                 }
             }
         } else {
             if ($context->equals($aceCollection[$i])) {
                 // The exact same ACE was found. Nothing to do.
                 return;
             }
         }
     }
     //If we come this far means we have to insert ace
     if (is_null($field)) {
         $acl->{"insert{$type}Ace"}($context->getSecurityIdentity(), $context->getMask(), 0, $context->isGranting());
     } else {
         $acl->{"insert{$type}FieldAce"}($field, $context->getSecurityIdentity(), $context->getMask(), 0, $context->isGranting());
     }
 }