/** * Deletes $location and all its descendants. * * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException If the current user is not allowed to delete this location or a descendant * * @param \eZ\Publish\API\Repository\Values\Content\Location $location */ public function deleteLocation(APILocation $location) { $location = $this->loadLocation($location->id); if (!$this->repository->canUser('content', 'manage_locations', $location->getContentInfo())) { throw new UnauthorizedException('content', 'manage_locations'); } if (!$this->repository->canUser('content', 'remove', $location->getContentInfo(), $location)) { throw new UnauthorizedException('content', 'remove'); } /** Check remove access to descendants * @var boolean|\eZ\Publish\API\Repository\Values\Content\Query\Criterion $contentReadCriterion */ $contentReadCriterion = $this->permissionsCriterionHandler->getPermissionsCriterion('content', 'remove'); if ($contentReadCriterion === false) { throw new UnauthorizedException('content', 'remove'); } else { if ($contentReadCriterion !== true) { // Query if there are any content in subtree current user don't have access to $query = new Query(array('limit' => 0, 'filter' => new CriterionLogicalAnd(array(new CriterionSubtree($location->pathString), new CriterionLogicalNot($contentReadCriterion))))); $result = $this->repository->getSearchService()->findContent($query, array(), false); if ($result->totalCount > 0) { throw new UnauthorizedException('content', 'remove'); } } } $this->repository->beginTransaction(); try { $this->persistenceHandler->locationHandler()->removeSubtree($location->id); $this->persistenceHandler->urlAliasHandler()->locationDeleted($location->id); $this->repository->commit(); } catch (Exception $e) { $this->repository->rollback(); throw $e; } }
/** * Test for the getPermissionsCriterion() method. * * @dataProvider providerForTestGetPermissionsCriterionBooleanPermissionSets */ public function testGetPermissionsCriterionBooleanPermissionSets($permissionSets) { $repositoryMock = $this->getRepositoryMock(); $repositoryMock->expects($this->once())->method("hasAccess")->with($this->equalTo("testModule"), $this->equalTo("testFunction"))->will($this->returnValue($permissionSets)); $handler = new PermissionsCriterionHandler($this->getRepositoryMock()); $permissionsCriterion = $handler->getPermissionsCriterion("testModule", "testFunction"); $this->assertEquals($permissionSets, $permissionsCriterion); }