/** * Checks, if the given constraint holds for the passed result. * * @param array $constraintDefinition The constraint definition array * @param object $result The result object returned by the persistence manager * @return boolean TRUE if the query result is valid for the given constraint * @throws \TYPO3\FLOW3\Security\Exception\InvalidQueryRewritingConstraintException */ protected function checkSingleConstraintDefinitionOnResultObject(array $constraintDefinition, $result) { $referenceToThisFound = FALSE; if (!is_array($constraintDefinition['leftValue']) && strpos($constraintDefinition['leftValue'], 'this.') === 0) { $referenceToThisFound = TRUE; $propertyPath = substr($constraintDefinition['leftValue'], 5); $leftOperand = $this->getObjectValueByPath($result, $propertyPath); } else { $leftOperand = $this->getValueForOperand($constraintDefinition['leftValue']); } if (!is_array($constraintDefinition['rightValue']) && strpos($constraintDefinition['rightValue'], 'this.') === 0) { $referenceToThisFound = TRUE; $propertyPath = substr($constraintDefinition['rightValue'], 5); $rightOperand = $this->getObjectValueByPath($result, $propertyPath); } else { $rightOperand = $this->getValueForOperand($constraintDefinition['rightValue']); } if ($referenceToThisFound === FALSE) { throw new \TYPO3\FLOW3\Security\Exception\InvalidQueryRewritingConstraintException('An entity security constraint must have at least one operand that references to "this.". Got: "' . $constraintDefinition['leftValue'] . '" and "' . $constraintDefinition['rightValue'] . '"', 1277218400); } if (is_object($leftOperand) && ($this->reflectionService->isClassAnnotatedWith($this->reflectionService->getClassNameByObject($leftOperand), 'TYPO3\\FLOW3\\Annotations\\Entity') || $this->reflectionService->isClassAnnotatedWith($this->reflectionService->getClassNameByObject($leftOperand), 'Doctrine\\ORM\\Mapping\\Entity'))) { $leftOperand = $this->persistenceManager->getIdentifierByObject($leftOperand); } if (is_object($rightOperand) && ($this->reflectionService->isClassAnnotatedWith($this->reflectionService->getClassNameByObject($rightOperand), 'TYPO3\\FLOW3\\Annotations\\Entity') || $this->reflectionService->isClassAnnotatedWith($this->reflectionService->getClassNameByObject($rightOperand), 'Doctrine\\ORM\\Mapping\\Entity'))) { $rightOperand = $this->persistenceManager->getIdentifierByObject($rightOperand); } switch ($constraintDefinition['operator']) { case '!=': return $leftOperand !== $rightOperand; break; case '==': return $leftOperand === $rightOperand; break; case '<': return $leftOperand < $rightOperand; break; case '>': return $leftOperand > $rightOperand; break; case '<=': return $leftOperand <= $rightOperand; break; case '>=': return $leftOperand >= $rightOperand; break; case 'in': return in_array($leftOperand, $rightOperand); break; case 'contains': return in_array($rightOperand, $leftOperand); break; case 'matches': return count(array_intersect($leftOperand, $rightOperand)) !== 0; break; } throw new \TYPO3\FLOW3\Security\Exception\InvalidQueryRewritingConstraintException('The configured operator of the entity constraint is not valid. Got: ' . $constraintDefinition['operator'], 1277222521); }
/** * An onFlush event listener used to validate entities upon persistence. * * @param \Doctrine\ORM\Event\OnFlushEventArgs $eventArgs * @return void */ public function onFlush(\Doctrine\ORM\Event\OnFlushEventArgs $eventArgs) { $unitOfWork = $this->entityManager->getUnitOfWork(); $entityInsertions = $unitOfWork->getScheduledEntityInsertions(); $validatedInstancesContainer = new \SplObjectStorage(); $knownValueObjects = array(); foreach ($entityInsertions as $entity) { if ($this->reflectionService->getClassSchema($entity)->getModelType() === \TYPO3\FLOW3\Reflection\ClassSchema::MODELTYPE_VALUEOBJECT) { $identifier = $this->getIdentifierByObject($entity); $className = $this->reflectionService->getClassNameByObject($entity); if (isset($knownValueObjects[$className][$identifier]) || $unitOfWork->getEntityPersister($className)->exists($entity)) { unset($entityInsertions[spl_object_hash($entity)]); continue; } $knownValueObjects[$className][$identifier] = TRUE; } $this->validateObject($entity, $validatedInstancesContainer); } \TYPO3\FLOW3\Reflection\ObjectAccess::setProperty($unitOfWork, 'entityInsertions', $entityInsertions, TRUE); foreach ($unitOfWork->getScheduledEntityUpdates() as $entity) { $this->validateObject($entity, $validatedInstancesContainer); } }