/** * Resets rights for a user. * * @param User $user */ private function doResetAdminRights(User $user) { $acl = $this->ACLProvider->get($user); $databoxes = $this->appbox->get_databoxes(); $acl->give_access_to_sbas(array_map(function (\databox $databox) { return $databox->get_sbas_id(); }, $databoxes)); foreach ($databoxes as $databox) { $this->doResetAdminRightsOnDatabox($acl, $databox); } }
public function getAction(Request $request, $sbas_id, $record_id, $subdef) { $databox = $this->appbox->get_databox((int) $sbas_id); $record = new \record_adapter($this->app, $sbas_id, $record_id); $stamp = $watermark = false; if ($subdef != 'thumbnail') { $all_access = false; $subdefStruct = $databox->get_subdef_structure(); if ($subdefStruct->getSubdefGroup($record->get_type())) { foreach ($subdefStruct->getSubdefGroup($record->get_type()) as $subdefObj) { /** @var \databox_subdef $subdefObj */ if ($subdefObj->get_name() == $subdef) { if ($subdefObj->get_class() == 'thumbnail') { $all_access = true; } break; } } } if (!$record->has_subdef($subdef) || !$record->get_subdef($subdef)->is_physically_present()) { throw new NotFoundHttpException(); } if (!$this->acl->get($this->authentication->getUser())->has_access_to_subdef($record, $subdef)) { throw new AccessDeniedHttpException(sprintf('User has not access to subdef %s', $subdef)); } $stamp = false; $watermark = !$this->acl->get($this->authentication->getUser())->has_right_on_base($record->get_base_id(), 'nowatermark'); if ($watermark && !$all_access) { $subdef_class = null; try { $subdef_class = $databox->get_subdef_structure()->get_subdef($record->get_type(), $subdef)->get_class(); } catch (\Exception_Databox_SubdefNotFound $e) { } if ($subdef_class == \databox_subdef::CLASS_PREVIEW && $this->acl->get($this->authentication->getUser())->has_preview_grant($record)) { $watermark = false; } elseif ($subdef_class == \databox_subdef::CLASS_DOCUMENT && $this->acl->get($this->authentication->getUser())->has_hd_grant($record)) { $watermark = false; } } if ($watermark && !$all_access) { $repository = $this->app['repo.basket-elements']; $ValidationByRecord = $repository->findReceivedValidationElementsByRecord($record, $this->authentication->getUser()); $ReceptionByRecord = $repository->findReceivedElementsByRecord($record, $this->authentication->getUser()); if ($ValidationByRecord && count($ValidationByRecord) > 0) { $watermark = false; } elseif ($ReceptionByRecord && count($ReceptionByRecord) > 0) { $watermark = false; } } } return $this->deliverContent($request, $record, $subdef, $watermark, $stamp); }
private function doDeliverPermalink(Request $request, $sbas_id, $record_id, $token, $subdef) { $databox = $this->getDatabox($sbas_id); $record = $this->retrieveRecord($databox, $token, $record_id, $subdef); $watermark = $stamp = false; if ($this->authentication->isAuthenticated()) { $watermark = !$this->acl->get($this->authentication->getUser())->has_right_on_base($record->get_base_id(), 'nowatermark'); if ($watermark) { /** @var BasketElementRepository $repository */ $repository = $this->app['repo.basket-elements']; if (count($repository->findReceivedValidationElementsByRecord($record, $this->authentication->getUser())) > 0) { $watermark = false; } elseif (count($repository->findReceivedElementsByRecord($record, $this->authentication->getUser())) > 0) { $watermark = false; } } return $this->deliverContentWithCaptionLink($request, $record, $subdef, $watermark, $stamp, $token); } $collection = \collection::get_from_base_id($this->app, $record->get_base_id()); switch ($collection->get_pub_wm()) { default: case 'none': $watermark = false; break; case 'stamp': $stamp = true; break; case 'wm': $watermark = true; break; } return $this->deliverContentWithCaptionLink($request, $record, $subdef, $watermark, $stamp, $token); }
public function testItCanCreateAclForCurrentlyLoggedUser() { $user = new User(); $acl = $this->getMockBuilder(\ACL::class)->disableOriginalConstructor()->getMock(); $this->authenticator->expects($this->once())->method('getUser')->willReturn($user); $this->aclProvider->expects($this->once())->method('get')->with($user)->willReturn($acl); $this->assertSame($acl, $this->sut->getAclForUser()); }
/** * @param User $user * @param array $authorizedCollections */ private function createCollectionAccessDemands(User $user, $authorizedCollections) { $successfulRegistrations = []; $acl = $this->aclProvider->get($user); $autoReg = $acl->get_granted_base(); $registrationManipulator = $this->registrationManipulator; array_walk($authorizedCollections, function ($authorization, $baseId) use($registrationManipulator, $user, &$successfulRegistrations, $acl) { if (false === $authorization || $acl->has_access_to_base($baseId)) { return; } $collection = \collection::get_from_base_id($this->app, $baseId); $registrationManipulator->createRegistration($user, $collection); $successfulRegistrations[$baseId] = $collection; }); $this->eventDispatcher->dispatch(PhraseaEvents::REGISTRATION_AUTOREGISTER, new RegistrationEvent($user, $autoReg)); $this->eventDispatcher->dispatch(PhraseaEvents::REGISTRATION_CREATE, new RegistrationEvent($user, $successfulRegistrations)); }
public function tearDown() { ACLProvider::purge(); \collection::purge(); \databox::purge(); \caption_field::purge(); \caption_Field_Value::purge(); \databox_field::purge(); \databox_status::purge(); \thesaurus_xpath::purge(); /** * Kris Wallsmith pro-tip * @see http://kriswallsmith.net/post/18029585104/faster-phpunit */ $refl = new ReflectionObject($this); foreach ($refl->getProperties() as $prop) { if (!$prop->isStatic() && 0 !== strpos($prop->getDeclaringClass()->getName(), 'PHPUnit_') && 0 !== strpos($prop->getDeclaringClass()->getName(), 'Phraseanet')) { $prop->setAccessible(true); $prop->setValue($this, null); } } $refl = null; parent::tearDown(); //In case some executed script modify 'max_execution_time' ini var //Initialize set_time_limit(0) which is the default value for PHP CLI set_time_limit(0); }