/** * Get an array of Role names granted to the user that permit the requested * action on the given OwnedEntity. If the user has no roles that * permit the requested action, then return an empty array. * <p> * Supported actions: EDIT_OBJECT, NGI_ADD_SITE, GRANT_ROLE, REJECT_ROLE, REVOKE_ROLE * * @param string $action * @param \OwnedEntity $entity * @param \User $callingUser * @return array of RoleName values * @throws LogicException If unsupported enitity type or action is passed */ public function authorizeAction($action, \OwnedEntity $entity, \User $callingUser) { $siteService = new \org\gocdb\services\Site(); $siteService->setEntityManager($this->em); $ngiService = new \org\gocdb\services\NGI(); $ngiService->setEntityManager($this->em); $sgService = new \org\gocdb\services\ServiceGroup(); $sgService->setEntityManager($this->em); $projectService = new \org\gocdb\services\Project(); $projectService->setEntityManager($this->em); if ($entity instanceof \NGI) { $grantingRoles = $ngiService->authorizeAction($action, $entity, $callingUser); } else { if ($entity instanceof \Site) { $grantingRoles = $siteService->authorizeAction($action, $entity, $callingUser); } else { if ($entity instanceof \Project) { $grantingRoles = $projectService->authorizeAction($action, $entity, $callingUser); } else { if ($entity instanceof \ServiceGroup) { $grantingRoles = $sgService->authorizeAction($action, $entity, $callingUser); } else { throw new \LogicException('Unsuppored OwnedEntity type'); } } } } return $grantingRoles; }
/** * An example test showing the creation of a service group and properties * and that all data is removed on deletion of a service group or property */ public function testServiceGroupPropertyDeletions() { print __METHOD__ . "\n"; //Create a service $service = TestUtil::createSampleService("TestService"); //Create a NGI $ngi = TestUtil::createSampleNGI("TestNGI"); //Create a site $site = TestUtil::createSampleSite("TestSite"); //Create a service group $sg = TestUtil::createSampleServiceGroup("TestServiceGroup"); //Join service to site, and site to NGI. $ngi->addSiteDoJoin($site); $site->addServiceDoJoin($service); //Finally add service to service group $sg->addService($service); //Create service group properties $prop1 = TestUtil::createSampleServiceGroupProperty("VO", "Atlas"); $prop2 = TestUtil::createSampleServiceGroupProperty("VO", "CMS"); $prop3 = TestUtil::createSampleServiceGroupProperty("VO", "Alice"); $sg->addServiceGroupPropertyDoJoin($prop1); $sg->addServiceGroupPropertyDoJoin($prop2); $sg->addServiceGroupPropertyDoJoin($prop3); //Persist the service, ngi, site, service group & property in the entity manager $this->em->persist($service); $this->em->persist($ngi); $this->em->persist($site); $this->em->persist($sg); $this->em->persist($prop1); $this->em->persist($prop2); $this->em->persist($prop3); //Commit the entites to the database $this->em->flush(); //Check that the service group has 3 properties associated with it $properties = $sg->getServiceGroupProperties(); $this->assertTrue(count($properties) == 3); //Create an admin user that can delete a property $adminUser = TestUtil::createSampleUser('my', 'admin', '/my/admin'); $adminUser->setAdmin(TRUE); $this->em->persist($adminUser); //Delete the property from the service group $serviceService = new org\gocdb\services\ServiceGroup(); $serviceService->setEntityManager($this->em); $serviceService->deleteServiceGroupProperty($sg, $adminUser, $prop1); //Check that the sg now only has 2 properties $properties = $sg->getServiceGroupProperties(); $this->assertTrue(count($properties) == 2); $this->em->flush(); //Print names of properties //foreach($properties as $prop){ // print($prop->getKeyName()."-"); // print($prop->getKeyValue()."\n"); //} //Check this via the database $con = $this->getConnection(); //Get servicegroup id to use in sql statements $sgId = $sg->getId(); $result = $con->createQueryTable('results', "SELECT * FROM servicegroup_properties WHERE PARENTSERVICEGROUP_ID = '{$sgId}'"); //Assert that only 2 service group properties exist in the database for this service $this->assertEquals(2, $result->getRowCount()); //Now delete the service group and check that it cascades the delete to remove the services associated properties $serviceService->deleteServiceGroup($sg, $adminUser, true); $this->em->flush(); //Check service group is gone $result = $con->createQueryTable('results', "SELECT * FROM ServiceGroups WHERE ID = '{$sgId}'"); $this->assertEquals(0, $result->getRowCount()); //Check properties are gone $result = $con->createQueryTable('results', "SELECT * FROM servicegroup_properties WHERE PARENTSERVICEGROUP_ID = '{$sgId}'"); $this->assertEquals(0, $result->getRowCount()); }