Пример #1
0
 /**
  * Load roles
  *
  * @param \Doctrine\Common\Persistence\ObjectManager $manager
  */
 public function load(ObjectManager $manager)
 {
     /** @var AclManager $manager */
     $aclManager = $this->container->get('oro_security.acl.manager');
     $fileName = __DIR__ . '/CrmRoles/roles.yml';
     $fileName = str_replace('/', DIRECTORY_SEPARATOR, $fileName);
     $rolesData = Yaml::parse($fileName);
     foreach ($rolesData as $roleName => $roleConfigData) {
         if (isset($roleConfigData['bap_role'])) {
             $role = $manager->getRepository('OroUserBundle:Role')->findOneBy(['role' => $roleConfigData['bap_role']]);
         } else {
             $role = new Role($roleName);
         }
         $role->setLabel($roleConfigData['label']);
         $manager->persist($role);
         if ($aclManager->isAclEnabled()) {
             $sid = $aclManager->getSid($role);
             foreach ($roleConfigData['permissions'] as $permission => $acls) {
                 $oid = $aclManager->getOid(str_replace('|', ':', $permission));
                 $builder = $aclManager->getMaskBuilder($oid);
                 $mask = $builder->reset()->get();
                 if (!empty($acls)) {
                     foreach ($acls as $acl) {
                         $mask = $builder->add($acl)->get();
                     }
                 }
                 $aclManager->setPermission($sid, $oid, $mask);
             }
         }
     }
     $aclManager->flush();
     $manager->flush();
 }
Пример #2
0
 /**
  * Load roles
  *
  * @param \Doctrine\Common\Persistence\ObjectManager $manager
  */
 public function load(ObjectManager $manager)
 {
     $role = new Role(self::$roleData['name']);
     $role->setLabel(self::$roleData['label']);
     $manager->persist($role);
     /** @var AclManager $aclManager */
     $aclManager = $this->container->get('oro_security.acl.manager');
     if ($aclManager->isAclEnabled()) {
         $sid = $aclManager->getSid($role);
         foreach (LoadUserData::$roleData['permissions'] as $permission => $acls) {
             $oid = $aclManager->getOid(str_replace('|', ':', $permission));
             $builder = $aclManager->getMaskBuilder($oid);
             $mask = $builder->reset()->get();
             if (!empty($acls)) {
                 foreach ($acls as $acl) {
                     $mask = $builder->add($acl)->get();
                 }
             }
             $aclManager->setPermission($sid, $oid, $mask);
         }
     }
     /** @var UserManager $userManager */
     $userManager = $this->container->get('oro_user.manager');
     $user = $userManager->createUser();
     /** @var OrganizationManager $organizationManager */
     $organizationManager = $this->container->get('oro_organization.organization_manager');
     $organization = $organizationManager->getOrganizationRepo()->getOrganizationById(self::USER_ORGANIZATION);
     $user->setUsername(self::USER_NAME)->setPlainPassword(self::USER_PASSWORD)->setFirstName('User')->setLastName('Test')->addRole($role)->setEmail('*****@*****.**')->setOrganization($organization)->addOrganization($organization)->setSalt('');
     $userManager->updateUser($user);
     $aclManager->flush();
     $manager->flush();
 }
Пример #3
0
 /**
  * Test prePersist role that to generate new value of "role" field
  */
 public function testPrePersistValid()
 {
     $role = new Role();
     $this->assertEmpty($role->getId());
     $this->assertEmpty($role->getRole());
     $this->listener->prePersist($this->getPrePersistEvent($role));
     $this->assertNotEmpty($role->getRole());
 }
Пример #4
0
 /**
  * Build the role entity from data
  *
  * @param array $data
  *
  * @return Role
  */
 protected function buildRole(array $data)
 {
     $role = $data['role'];
     $label = $data['label'];
     $role = new Role($role);
     $role->setLabel($label);
     return $role;
 }
Пример #5
0
 public function testLabel()
 {
     $role = new Role();
     $label = 'Test role';
     $this->assertEmpty($role->getLabel());
     $role->setLabel($label);
     $this->assertEquals($label, $role->getLabel());
     $this->assertEquals($label, (string) $role);
 }
Пример #6
0
 public function testGetRoleLabelsAsString()
 {
     $roleFoo = new Role('ROLE_FOO');
     $roleFoo->setLabel('Role foo');
     $this->group->addRole($roleFoo);
     $roleBar = new Role('ROLE_BAR');
     $roleBar->setLabel('Role bar');
     $this->group->addRole($roleBar);
     $this->assertEquals('Role foo, Role bar', $this->group->getRoleLabelsAsString());
 }
 /**
  * Build the role entity from data
  *
  * @param array $data
  *
  * @return Role
  */
 protected function buildRole(array $data)
 {
     $role = $data['role'];
     $label = $data['label'];
     $role = new Role($role);
     $role->setLabel($label);
     $owner = isset($data['owner']) ? $data['owner'] : 'Main';
     $owner = $this->getOwner($owner);
     $role->setOwner($owner);
     return $role;
 }
 /**
  * Load roles full_access_role
  *
  * @param \Doctrine\Common\Persistence\ObjectManager $manager
  */
 public function load(ObjectManager $manager)
 {
     $role_template_access = new Role('ROLE_LOGIN_ACCESS');
     $role_template_access->setLabel('Log-in access role');
     $this->addReference('login_access_role', $role_template_access);
     $manager->persist($role_template_access);
     $full_access_role = new Role('ROLE_FULL_ACCESS');
     $full_access_role->setLabel('Full access role');
     $this->addReference('full_access_role', $full_access_role);
     $manager->persist($full_access_role);
     $manager->flush();
 }
Пример #9
0
 /**
  * Load the ACL per role
  *
  * @param Role $role
  */
 protected function loadAcls(Role $role)
 {
     if (User::ROLE_ANONYMOUS === $role->getRole()) {
         return;
     }
     $sid = $this->aclManager->getSid($role);
     foreach ($this->aclManager->getAllExtensions() as $extension) {
         $rootOid = $this->aclManager->getRootOid($extension->getExtensionKey());
         foreach ($extension->getAllMaskBuilders() as $maskBuilder) {
             $fullAccessMask = $maskBuilder->hasConst('GROUP_SYSTEM') ? $maskBuilder->getConst('GROUP_SYSTEM') : $maskBuilder->getConst('GROUP_ALL');
             $this->aclManager->setPermission($sid, $rootOid, $fullAccessMask, true);
         }
     }
 }
Пример #10
0
 /**
  * {@inheritdoc}
  */
 public function load(ObjectManager $manager)
 {
     $roleTest1 = new Role();
     $roleTest1->setLabel('Role 1');
     $roleTest1->setRole('ROLE_TEST_1');
     $manager->persist($roleTest1);
     $this->setReference('ROLE_TEST_1', $roleTest1);
     $roleTest2 = new Role();
     $roleTest2->setLabel('Role 2');
     $roleTest2->setRole('ROLE_TEST_2');
     $manager->persist($roleTest2);
     $this->setReference('ROLE_TEST_2', $roleTest2);
     $manager->flush();
 }
Пример #11
0
 /**
  * Load roles
  *
  * @param \Doctrine\Common\Persistence\ObjectManager $manager
  */
 public function load(ObjectManager $manager)
 {
     $roleAnonymous = new Role(self::ROLE_ANONYMOUS);
     $roleAnonymous->setLabel('Anonymous');
     $roleUser = new Role(self::ROLE_USER);
     $roleUser->setLabel('User');
     $roleSAdmin = new Role(self::ROLE_ADMINISTRATOR);
     $roleSAdmin->setLabel('Administrator');
     $roleManager = new Role(self::ROLE_MANAGER);
     $roleManager->setLabel('Manager');
     $manager->persist($roleAnonymous);
     $manager->persist($roleUser);
     $manager->persist($roleSAdmin);
     $manager->persist($roleManager);
     $manager->flush();
 }
Пример #12
0
 /**
  * Never use this to check if this user has access to anything!
  * Use the SecurityContext, or an implementation of AccessDecisionManager
  * instead, e.g.
  *
  *         $securityContext->isGranted('ROLE_USER');
  *
  * @param  Role|string $role
  *
  * @return boolean
  * @throws \InvalidArgumentException
  */
 public function hasRole($role)
 {
     if ($role instanceof Role) {
         $roleName = $role->getRole();
     } elseif (is_string($role)) {
         $roleName = $role;
     } else {
         throw new \InvalidArgumentException('$role must be an instance of Oro\\Bundle\\UserBundle\\Entity\\Role or a string');
     }
     return (bool) $this->getRole($roleName);
 }
 /**
  * @param Role $role
  *
  * @Given /^I should be on the ("([^"]*)" role) page$/
  */
 public function iShouldBeOnTheRolePage(Role $role)
 {
     $expectedAddress = $this->getPage('Role edit')->getUrl(['id' => $role->getId()]);
     $this->assertAddress($expectedAddress);
 }
 /**
  * Save role
  *
  * @param Role $role
  * @return bool
  */
 public function process(Role $role)
 {
     if (in_array($this->request->getMethod(), array('POST', 'PUT'))) {
         $this->form->submit($this->request);
         if ($this->form->isValid()) {
             $appendUsers = $this->form->get('appendUsers')->getData();
             $removeUsers = $this->form->get('removeUsers')->getData();
             $role->setRole(strtoupper(trim(preg_replace('/[^\\w\\-]/i', '_', $role->getLabel()))));
             $this->onSuccess($role, $appendUsers, $removeUsers);
             $this->processPrivileges($role);
             return true;
         }
     } else {
         $this->setRolePrivileges($role);
     }
     return false;
 }
 /**
  * {@inheritDoc}
  */
 public function __toString()
 {
     $this->__initializer__ && $this->__initializer__->__invoke($this, '__toString', array());
     return parent::__toString();
 }