Converts a permissions array to a bit field.
| public convertPermissionsToNumber ( array $permissionsData ) : integer | ||
| $permissionsData | array | |
| return | integer | |
public function testSetPermissionsWithExistingAccessControl()
{
$role = new Role();
$this->roleRepository->findRoleById(1)->willReturn($role);
$this->maskConverter->convertPermissionsToNumber(['view' => true, 'edit' => false])->willReturn(64);
$accessControl = $this->prophesize(AccessControl::class);
$accessControl->setPermissions(64)->shouldBeCalled();
$this->accessControlRepository->findByTypeAndIdAndRole('AcmeBundle\\Example', 1, 1)->willReturn($accessControl);
$this->objectManager->persist(Argument::any())->shouldNotBeCalled();
$this->objectManager->flush()->shouldBeCalled();
$this->doctrineAccessControlProvider->setPermissions('AcmeBundle\\Example', 1, [1 => ['view' => true, 'edit' => false]]);
}
/**
* Sets the permissions for the object with the given class and id for the given security identity.
*
* @param string $type The name of the class to protect
* @param string $identifier
* @param $permissions
*/
public function setPermissions($type, $identifier, $permissions)
{
foreach ($permissions as $roleId => $rolePermissions) {
$accessControl = $this->accessControlRepository->findByTypeAndIdAndRole($type, $identifier, $roleId);
if ($accessControl) {
$accessControl->setPermissions($this->maskConverter->convertPermissionsToNumber($rolePermissions));
} else {
$role = $this->roleRepository->findRoleById($roleId);
$accessControl = new AccessControl();
$accessControl->setPermissions($this->maskConverter->convertPermissionsToNumber($rolePermissions));
$accessControl->setRole($role);
$accessControl->setEntityId($identifier);
$accessControl->setEntityClass($type);
$this->objectManager->persist($accessControl);
}
}
$this->objectManager->flush();
}
/**
* Sets the permission for a single security identity.
*
* @param string $type The type of the object to protect
* @param string $identifier The identifier of the object to protect
* @param string $securityIdentity The security identity for which the permissions are set
* @param array $permissions The permissions to set
*/
private function setPermission($type, $identifier, $securityIdentity, $permissions)
{
$oid = new ObjectIdentity($identifier, $type);
$sid = new RoleSecurityIdentity($securityIdentity);
try {
$acl = $this->aclProvider->findAcl($oid);
} catch (AclNotFoundException $exc) {
$acl = $this->aclProvider->createAcl($oid);
}
$updated = false;
foreach ($acl->getObjectAces() as $id => $ace) {
/** @var EntryInterface $ace */
if ($ace->getSecurityIdentity()->equals($sid)) {
$acl->updateObjectAce($id, $this->maskConverter->convertPermissionsToNumber($permissions));
$updated = true;
}
}
if (!$updated) {
$acl->insertObjectAce($sid, $this->maskConverter->convertPermissionsToNumber($permissions), 0, true, 'any');
}
$this->aclProvider->updateAcl($acl);
}