sudo() public method

The closure sandbox will do a catch all on exceptions and rethrow after re-setting the sudo flag. Example use: $location = $repository->sudo( function ( Repository $repo ) use ( $locationId ) { return $repo->getLocationService()->loadLocation( $locationId ) } );
public sudo ( Closure $callback, eZ\Publish\API\Repository\Repository $outerRepository = null ) : mixed
$callback Closure
$outerRepository eZ\Publish\API\Repository\Repository
return mixed
 public function updateUserContext(UserContext $context)
 {
     $user = $this->repository->getCurrentUser();
     /** @var \eZ\Publish\API\Repository\Values\User\RoleAssignment[] $roleAssignments */
     $roleAssignments = $this->repository->sudo(function (Repository $repository) use($user) {
         return $repository->getRoleService()->getRoleAssignmentsForUser($user, true);
     });
     $roleIds = array();
     $limitationValues = array();
     /** @var UserRoleAssignment $roleAssignment */
     foreach ($roleAssignments as $roleAssignment) {
         $roleId = $roleAssignment->getRole()->id;
         $roleIds[] = $roleId;
         $limitation = $roleAssignment->getRoleLimitation();
         // If a limitation is present, store the limitation values by roleId
         if ($limitation !== null) {
             $limitationValuesKey = sprintf('%s-%s', $roleId, $limitation->getIdentifier());
             $limitationValues[$limitationValuesKey] = array();
             foreach ($limitation->limitationValues as $value) {
                 $limitationValues[$limitationValuesKey][] = $value;
             }
         }
     }
     $context->addParameter('roleIdList', $roleIds);
     $context->addParameter('roleLimitationList', $limitationValues);
 }
示例#2
0
 public function setIdentity(Identity $identity)
 {
     $user = $this->repository->getCurrentUser();
     $roleAssignments = $this->repository->sudo(function ($repository) use($user) {
         return $repository->getRoleService()->getRoleAssignmentsForUser($user, true);
     });
     $roleIds = array();
     $limitationValues = array();
     /** @var UserRoleAssignment $roleAssignment */
     foreach ($roleAssignments as $roleAssignment) {
         $roleIds[] = $roleAssignment->role->id;
         // If a limitation is present, store the limitation values by roleId
         if ($roleAssignment->limitation !== null) {
             $limitationValuesKey = "{$roleAssignment->role->id}-" . $roleAssignment->limitation->getIdentifier();
             $limitationValues[$limitationValuesKey] = array();
             foreach ($roleAssignment->limitation->limitationValues as $value) {
                 $limitationValues[$limitationValuesKey][] = $value;
             }
         }
     }
     $identity->setInformation('roleIdList', implode('|', $roleIds));
     // Flatten each limitation values to a string and then store it as Identity information
     $limitationValuesFlattened = array();
     foreach ($limitationValues as $roleId => $limitationArray) {
         $limitationValuesFlattened[] = "{$roleId}:" . implode('|', $limitationArray);
     }
     $identity->setInformation('roleLimitationList', implode(',', $limitationValuesFlattened));
 }
 public function loadLocation(ContentInfo $contentInfo)
 {
     if (is_null($contentInfo->mainLocationId)) {
         throw new NotFoundException('main location of content', $contentInfo->id);
     }
     try {
         return $this->repository->sudo(function (Repository $repository) use($contentInfo) {
             return $repository->getLocationService()->loadLocation($contentInfo->mainLocationId);
         });
     } catch (Exception $e) {
         throw new NotFoundException('main location of content', $contentInfo->id);
     }
 }
 public function userIsSubscriber(User $user)
 {
     $roleService = $this->repository->getRoleService();
     return $this->repository->sudo(function (Repository $repository) use($user, $roleService) {
         foreach ($repository->getUserService()->loadUserGroupsOfUser($user) as $group) {
             foreach ($roleService->getRoleAssignmentsForUserGroup($group) as $role) {
                 if ($this->isSubscriberRole($role->role)) {
                     return true;
                 }
             }
         }
         return false;
     });
 }
 /**
  * Loads a location by its locationId, regardless to user limitations since the router is invoked BEFORE security (no user authenticated yet).
  * Not to be used for link generation.
  *
  * @param int $locationId
  *
  * @return \eZ\Publish\Core\Repository\Values\Content\Location
  */
 public function loadLocation($locationId)
 {
     return $this->repository->sudo(function (Repository $repository) use($locationId) {
         /* @var $repository \eZ\Publish\Core\Repository\Repository */
         return $repository->getLocationService()->loadLocation($locationId);
     });
 }
 public function onContentCacheClear(ContentCacheClearEvent $event)
 {
     $contentInfo = $event->getContentInfo();
     $versionInfo = $this->contentService->loadVersionInfo($contentInfo);
     foreach ($this->contentService->loadRelations($versionInfo) as $relation) {
         foreach ($this->locationService->loadLocations($relation->getDestinationContentInfo()) as $relatedLocation) {
             $event->addLocationToClear($relatedLocation);
         }
     }
     // Using sudo since loading reverse relations is conditioned to content/reverserelatedlist permission and we don't need this check here.
     /** @var \eZ\Publish\API\Repository\Values\Content\Relation[] $reverseRelations */
     $reverseRelations = $this->repository->sudo(function () use($contentInfo) {
         return $this->contentService->loadReverseRelations($contentInfo);
     });
     foreach ($reverseRelations as $reverseRelation) {
         foreach ($this->locationService->loadLocations($reverseRelation->getSourceContentInfo()) as $relatedLocation) {
             $event->addLocationToClear($relatedLocation);
         }
     }
 }
示例#7
0
 /**
  * Checks embed permissions for the given Location $id and returns the Location.
  *
  * @throws \Symfony\Component\Security\Core\Exception\AccessDeniedException
  *
  * @param int|string $id
  *
  * @return \eZ\Publish\API\Repository\Values\Content\Location
  */
 protected function checkLocation($id)
 {
     /** @var \eZ\Publish\API\Repository\Values\Content\Location $location */
     $location = $this->repository->sudo(function (Repository $repository) use($id) {
         return $repository->getLocationService()->loadLocation($id);
     });
     // Check both 'content/read' and 'content/view_embed'.
     if (!$this->authorizationChecker->isGranted(new AuthorizationAttribute('content', 'read', array('valueObject' => $location->contentInfo, 'targets' => $location))) && !$this->authorizationChecker->isGranted(new AuthorizationAttribute('content', 'view_embed', array('valueObject' => $location->contentInfo, 'targets' => $location)))) {
         throw new AccessDeniedException();
     }
     return $location;
 }