Sets the permissions for the object with the given class and id for the given security identity.
| public setPermissions ( string $type, string $identifier, $permissions ) | ||
| $type | string | The type of the protected object |
| $identifier | string | The identifier of the protected object |
| $permissions | ||
public function postAction(Request $request)
{
try {
$identifier = $request->get('id');
$type = $request->get('type');
$permissions = $request->get('permissions');
$securityContext = $request->get('securityContext');
if (!$identifier) {
throw new MissingParameterException(static::class, 'id');
}
if (!$type) {
throw new MissingParameterException(static::class, 'class');
}
if (!is_array($permissions)) {
throw new RestException('The "permissions" must be passed as an array');
}
if ($securityContext) {
$this->securityChecker->checkPermission($securityContext, PermissionTypes::SECURITY);
}
// transfer all permission strings to booleans
foreach ($permissions as &$permission) {
array_walk($permission, function (&$permissionLine) {
$permissionLine = $permissionLine === 'true' || $permissionLine === true;
});
}
$this->accessControlManager->setPermissions($type, $identifier, $permissions);
return $this->viewHandler->handle(View::create(['id' => $identifier, 'type' => $type, 'permissions' => $permissions]));
} catch (RestException $exc) {
return $this->viewHandler->handle(View::create($exc->toArray(), 400));
}
}
/**
* @dataProvider provideWrongPermissionData
*/
public function testPostActionWithWrongData($id, $class, $permissions)
{
$request = new Request([], ['id' => $id, 'type' => $class, 'permissions' => $permissions]);
$this->accessControlManager->setPermissions(Argument::cetera())->shouldNotBeCalled();
$this->permissionController->postAction($request);
}
