/**
  * @depends testCreateAcl
  */
 public function testUpdatePersistsAuditing()
 {
     $acl = $this->getAclProvider()->createAcl($this->getAclObjectIdentity(1));
     $acl->insertObjectAce($this->getRoleSecurityIdentity(), 64);
     $this->getAclProvider()->updateAcl($acl);
     $entries = EntryQuery::create()->find($this->con);
     $this->assertCount(1, $entries);
     // default values
     $this->assertFalse($entries[0]->getAuditSuccess());
     $this->assertTrue($entries[0]->getAuditFailure());
     $acl->updateObjectAuditing(0, true, true);
     $this->getAclProvider()->updateAcl($acl);
     $entries = EntryQuery::create()->find($this->con);
     $this->assertCount(1, $entries);
     $this->assertTrue($entries[0]->getAuditSuccess());
     $this->assertTrue($entries[0]->getAuditFailure());
     $acl->updateObjectAuditing(0, false, true);
     $this->getAclProvider()->updateAcl($acl);
     $entries = EntryQuery::create()->find($this->con);
     $this->assertCount(1, $entries);
     $this->assertFalse($entries[0]->getAuditSuccess());
     $this->assertTrue($entries[0]->getAuditFailure());
     $acl->updateObjectAuditing(0, true, false);
     $this->getAclProvider()->updateAcl($acl);
     $entries = EntryQuery::create()->find($this->con);
     $this->assertCount(1, $entries);
     $this->assertTrue($entries[0]->getAuditSuccess());
     $this->assertFalse($entries[0]->getAuditFailure());
     $acl->updateObjectAuditing(0, false, false);
     $this->getAclProvider()->updateAcl($acl);
     $entries = EntryQuery::create()->find($this->con);
     $this->assertCount(1, $entries);
     $this->assertFalse($entries[0]->getAuditSuccess());
     $this->assertFalse($entries[0]->getAuditFailure());
 }
Пример #2
0
 public function testFindByAclIdentityOnlyClassEntries()
 {
     $this->assertEquals(1, EntryQuery::create()->count($this->con));
     EntryQuery::create()->findOne($this->con)->setObjectIdentity(null)->save($this->con);
     $entries = EntryQuery::create()->findByAclIdentity($this->getAclObjectIdentity(1), array(), $this->con);
     $this->assertCount(1, $entries);
 }
 /**
  * @depends testDeleteAcl
  */
 public function testDeleteAclRemovesClassEntriesIfLastObject()
 {
     $acl = $this->getAclProvider()->createAcl($this->getAclObjectIdentity(1));
     $acl->insertClassAce($this->getRoleSecurityIdentity(), 128);
     $this->getAclProvider()->updateAcl($acl);
     $this->getAclProvider()->deleteAcl($this->getAclObjectIdentity(1));
     $this->assertEquals(0, EntryQuery::create()->count($this->con));
 }
 /**
  * Retrieve the persisted model for the given ACE.
  *
  * If none is given, null is returned.
  *
  * @param \Symfony\Component\Security\Acl\Model\EntryInterface $ace
  *
  * @return \Propel\PropelBundle\Model\Acl\Entry|null
  */
 protected function getPersistedAce(EntryInterface $ace, ObjectIdentity $objectIdentity, $object = false)
 {
     if (null !== $ace->getId() and null !== ($entry = EntryQuery::create()->findPk($ace->getId(), $this->connection))) {
         $entry->reload(true, $this->connection);
         return $entry;
     }
     /*
      * The id is not set, but there may be an ACE in the database.
      *
      * This happens if the ACL has created new ACEs, but was not reloaded.
      * We try to retrieve one by the unique key.
      */
     $ukQuery = EntryQuery::create()->filterByAclClass($objectIdentity->getAclClass($this->connection))->filterBySecurityIdentity(SecurityIdentity::fromAclIdentity($ace->getSecurityIdentity(), $this->connection));
     if (true === $object) {
         $ukQuery->filterByObjectIdentity($objectIdentity);
     } else {
         $ukQuery->filterByObjectIdentityId(null, \Criteria::ISNULL);
     }
     if ($ace instanceof FieldEntryInterface) {
         $ukQuery->filterByFieldName($ace->getField());
     } else {
         $ukQuery->filterByFieldName(null, \Criteria::ISNULL);
     }
     return $ukQuery->findOne($this->connection);
 }
Пример #5
0
 /**
  * @depends testFindAclWithEntries
  */
 public function testFindAclReadsFromCache()
 {
     $this->cache = new AclCache();
     $obj = $this->createModelObjectIdentity(1);
     $entry = $this->createEntry();
     $entry->setSecurityIdentity(SecurityIdentity::fromAclIdentity($this->getRoleSecurityIdentity('ROLE_USER')))->setAclClass($obj->getAclClass())->setMask(64);
     $obj->addEntry($entry)->save($this->con);
     // Read and put into cache
     $acl = $this->getAclProvider()->findAcl($this->getAclObjectIdentity(1), array($this->getRoleSecurityIdentity('ROLE_USER')));
     $this->cache->content[1] = $acl;
     // Change database
     EntryQuery::create()->update(array(EntryPeer::translateFieldName(EntryPeer::MASK, \BasePeer::TYPE_COLNAME, \BasePeer::TYPE_PHPNAME) => 128), $this->con);
     $this->assertEquals(0, EntryQuery::create()->filterByMask(64)->count($this->con));
     // Verify cache has been read
     $cachedAcl = $this->getAclProvider()->findAcl($this->getAclObjectIdentity(1), array($this->getRoleSecurityIdentity('ROLE_USER')));
     $cachedObjectAces = $cachedAcl->getObjectAces();
     $this->assertSame($acl, $cachedAcl);
     $this->assertEquals(64, $cachedObjectAces[0]->getMask());
 }
Пример #6
0
 /**
  * Returns the ACL that belongs to the given object identity
  *
  * @throws \Symfony\Component\Security\Acl\Exception\AclNotFoundException
  *
  * @param \Symfony\Component\Security\Acl\Model\ObjectIdentityInterface $objectIdentity
  * @param array                                                         $securityIdentities
  *
  * @return \Symfony\Component\Security\Acl\Model\AclInterface
  */
 public function findAcl(ObjectIdentityInterface $objectIdentity, array $securityIdentities = array())
 {
     $modelObj = ObjectIdentityQuery::create()->findOneByAclObjectIdentity($objectIdentity, $this->connection);
     if (null !== $this->cache and null !== $modelObj) {
         $cachedAcl = $this->cache->getFromCacheById($modelObj->getId());
         if ($cachedAcl instanceof AclInterface) {
             return $cachedAcl;
         }
     }
     $collection = EntryQuery::create()->findByAclIdentity($objectIdentity, $securityIdentities, $this->connection);
     if (0 === count($collection)) {
         if (empty($securityIdentities)) {
             $errorMessage = 'There is no ACL available for this object identity. Please create one using the MutableAclProvider.';
         } else {
             $errorMessage = 'There is at least no ACL for this object identity and the given security identities. Try retrieving the ACL without security identity filter and add ACEs for the security identities.';
         }
         throw new AclNotFoundException($errorMessage);
     }
     $loadedSecurityIdentities = array();
     foreach ($collection as $eachEntry) {
         if (!isset($loadedSecurityIdentities[$eachEntry->getSecurityIdentity()->getId()])) {
             $loadedSecurityIdentities[$eachEntry->getSecurityIdentity()->getId()] = SecurityIdentity::toAclIdentity($eachEntry->getSecurityIdentity());
         }
     }
     $parentAcl = null;
     $entriesInherited = true;
     if (null !== $modelObj) {
         $entriesInherited = $modelObj->getEntriesInheriting();
         if (null !== $modelObj->getParentObjectIdentityId()) {
             $parentObj = $modelObj->getObjectIdentityRelatedByParentObjectIdentityId($this->connection);
             try {
                 $parentAcl = $this->findAcl(new ObjectIdentity($parentObj->getIdentifier(), $parentObj->getAclClass($this->connection)->getType()));
             } catch (AclNotFoundException $e) {
                 /*
                  *  This happens e.g. if the parent ACL is created, but does not contain any ACE by now.
                  *  The ACEs may be applied later on.
                  */
             }
         }
     }
     return $this->getAcl($collection, $objectIdentity, $loadedSecurityIdentities, $parentAcl, $entriesInherited);
 }