/** * {@inheritdoc} */ protected function executeAction($context) { $aclClass = $this->manager->getRepository('OroSecurityBundle:AclClass')->findOneBy(['classType' => $context->data->getClassName()]); $removeScopes = array_diff($context->old['security']['share_scopes'], $context->new['security']['share_scopes']); if (!$aclClass || empty($removeScopes)) { return; } $qb = $this->qbManager->getRemoveAceQueryBuilder($aclClass, $removeScopes); $qb->getQuery()->execute(); $this->aclCache->clearCache(); }
/** * @param AbstractRole $role */ protected function processPrivileges(AbstractRole $role) { $decodedPrivileges = json_decode($this->form->get('privileges')->getData(), true); $formPrivileges = []; foreach ($this->privilegeConfig as $fieldName => $config) { $privilegesArray = $decodedPrivileges[$fieldName]; $privileges = []; foreach ($privilegesArray as $privilege) { $aclPrivilege = new AclPrivilege(); foreach ($privilege['permissions'] as $name => $permission) { $aclPrivilege->addPermission(new AclPermission($permission['name'], $permission['accessLevel'])); } $aclPrivilegeIdentity = new AclPrivilegeIdentity($privilege['identity']['id'], $privilege['identity']['name']); $aclPrivilege->setIdentity($aclPrivilegeIdentity); $privileges[] = $aclPrivilege; } if ($config['fix_values']) { $this->fxPrivilegeValue($privileges, $config['default_value']); } $formPrivileges = array_merge($formPrivileges, $privileges); } array_walk($formPrivileges, function (AclPrivilege $privilege) { $privilege->setGroup($this->getAclGroup()); }); $this->privilegeRepository->savePrivileges($this->aclManager->getSid($role), new ArrayCollection($formPrivileges)); $this->aclCache->clearCache(); }
/** * Removes ACEs if share scope was removed from entity config * * @param PostFlushConfigEvent $event */ public function postFlushConfig(PostFlushConfigEvent $event) { $configManager = $event->getConfigManager(); foreach ($event->getModels() as $model) { /** @var EntityConfigModel $model */ if ($model instanceof EntityConfigModel) { $aclClass = $this->registry->getRepository('OroSecurityBundle:AclClass')->findOneBy(['classType' => $model->getClassName()]); if (!$aclClass) { continue; } $changeSet = $configManager->getConfigChangeSet($configManager->getProvider('security')->getConfig($model->getClassName())); $removeScopes = []; if ($changeSet) { $removeScopes = array_diff($changeSet['share_scopes'][0], $changeSet['share_scopes'][1]); } if (empty($removeScopes)) { continue; } $qb = $this->qbManager->getRemoveAceQueryBuilder($aclClass, $removeScopes); $qb->getQuery()->execute(); $this->aclCache->clearCache(); } } }