/** * @param Permission $role */ public function addPermission(Permission $role) { $role->addGroup($this); if (!$this->permissions->contains($role)) { $this->permissions->add($role); } }
/** * @return array */ public function getConfig() { return array('entity' => Permission::clazz(), 'security' => array('role' => ModeraBackendSecurityBundle::ROLE_ACCESS_BACKEND_TOOLS_SECURITY_SECTION, 'actions' => array('create' => ModeraBackendSecurityBundle::ROLE_MANAGE_PERMISSIONS, 'remove' => ModeraBackendSecurityBundle::ROLE_MANAGE_PERMISSIONS, 'update' => ModeraBackendSecurityBundle::ROLE_MANAGE_PERMISSIONS)), 'hydration' => array('groups' => array('list' => function (Permission $permission) { $groups = array(); foreach ($permission->getGroups() as $group) { $groups[] = $group->getId(); } return array('id' => $permission->getId(), 'name' => $permission->getName(), 'category' => $permission->getCategory()->getName(), 'groups' => $groups); }), 'profiles' => array('list'))); }
public function testGetByRole() { $user1 = new User(); $user2 = new User(); $user3 = new User(); $user1->setUsername('user1'); $user1->setPassword('pwd1'); $user1->setEmail('*****@*****.**'); $user2->setUsername('user2'); $user2->setPassword('pwd2'); $user2->setEmail('*****@*****.**'); $user3->setUsername('user3'); $user3->setPassword('pwd3'); $user3->setEmail('*****@*****.**'); $permission1 = new Permission(); $permission2 = new Permission(); $permission1->setRoleName('ROLE_USER'); $permission1->addUser($user1); $permission2->setRoleName('ROLE_ADMIN'); $permission2->addUser($user2); $group1 = new Group(); $group2 = new Group(); $group1->setName('User'); $group1->addPermission($permission1); $group1->addUser($user3); $group2->setName('Admin'); $group2->addPermission($permission2); $group2->addUser($user3); self::$em->persist($user1); self::$em->persist($user2); self::$em->persist($user3); self::$em->persist($permission1); self::$em->persist($permission2); self::$em->persist($group1); self::$em->persist($group2); self::$em->flush(); $rootUserHandler = \Phake::mock('Modera\\SecurityBundle\\RootUserHandling\\RootUserHandlerInterface'); $service = new UserService(self::$em, $rootUserHandler); $this->assertEquals(array($user1, $user3), $service->getUsersByRole('ROLE_USER')); $this->assertEquals(array($user2, $user3), $service->getUsersByRole('ROLE_ADMIN')); $this->assertEquals(array($user1->getId(), $user3->getId()), $service->getIdsByRole('ROLE_USER')); $this->assertEquals(array($user2->getId(), $user3->getId()), $service->getIdsByRole('ROLE_ADMIN')); }
/** * @return array */ public function installPermissions() { $permissionInstalled = 0; $permissions = $this->permissionsProvider->getItems(); foreach ($permissions as $permission) { /* @var \Modera\SecurityBundle\Model\PermissionInterface $permission */ $entityPermission = $this->em->getRepository(Permission::clazz())->findOneBy(array('roleName' => $permission->getRole())); if (!$entityPermission) { $entityPermission = new Permission(); $entityPermission->setRoleName($permission->getRole()); $this->em->persist($entityPermission); ++$permissionInstalled; } $entityPermission->setDescription($permission->getDescription()); $entityPermission->setName($permission->getName()); $category = $this->em->getRepository(PermissionCategory::clazz())->findOneBy(array('technicalName' => $permission->getCategory())); if ($category) { $entityPermission->setCategory($category); } } $this->em->flush(); return array('installed' => $permissionInstalled, 'removed' => 0); }
public function testGetRolesWithAsterisk() { $em = \Phake::mock('Doctrine\\ORM\\EntityManager'); $container = \Phake::mock('Symfony\\Component\\DependencyInjection\\ContainerInterface'); $bundleConfig = array('root_user' => array('roles' => '*')); $databaseRoles = array(array('roleName' => 'FOO_ROLE'), array('roleName' => 'BAR_ROLE')); \Phake::when($container)->get('doctrine.orm.entity_manager')->thenReturn($em); \Phake::when($container)->getParameter(ModeraSecurityExtension::CONFIG_KEY)->thenReturn($bundleConfig); $query = \Phake::mock('Doctrine\\ORM\\AbstractQuery'); \Phake::when($em)->createQuery(sprintf('SELECT e.roleName FROM %s e', Permission::clazz()))->thenReturn($query); \Phake::when($query)->getResult(Query::HYDRATE_SCALAR)->thenReturn($databaseRoles); $handler = new SemanticConfigRootUserHandler($container); $this->assertSame(array('FOO_ROLE', 'BAR_ROLE'), $handler->getRoles()); }
public function testGetRawRoles() { $user = new User(); $this->assertEquals(0, count($user->getRawRoles())); // --- $groupPermission = \Phake::mock(Permission::clazz()); $userPermission = \Phake::mock(Permission::clazz()); $group = \Phake::mock(Group::clazz()); \Phake::when($group)->getPermissions()->thenReturn([$groupPermission]); $user->addPermission($userPermission); $user->setGroups([$group]); $userRoles = $user->getRawRoles(); $this->assertEquals(2, count($userRoles)); $this->assertSame($groupPermission, $userRoles[0]); $this->assertSame($userPermission, $userRoles[1]); }
/** * {@inheritdoc} */ public function getRoles() { $roles = $this->config['roles']; if (is_string($roles) && '*' == $roles) { $query = sprintf('SELECT e.roleName FROM %s e', Permission::clazz()); $query = $this->em->createQuery($query); $roleNames = array(); foreach ($query->getResult(Query::HYDRATE_SCALAR) as $roleName) { $roleNames[] = $roleName['roleName']; } return $roleNames; } elseif (is_array($roles)) { return $roles; } else { throw new \RuntimeException('Neither "*" nor array is used to define root user roles!'); } }
public function testInstallPermission() { $category = new PermissionCategoryEntity(); $category->setName('Foo category'); $category->setTechnicalName('foo_category'); self::$em->persist($category); self::$em->flush(); $permission = new Permission('foo name', 'FOO_ROLE', $category->getTechnicalName(), 'foo description'); $pp = $this->permissionsProvider; $pp->expects($this->atLeastOnce())->method('getItems')->will($this->returnValue(array($permission))); $result = $this->installer->installPermissions(); $this->assertValidResultStructure($result); $this->assertEquals(1, $result['installed']); $this->assertEquals(0, $result['removed']); /* @var PermissionEntity $installedPermission */ $installedPermission = $this->getLastRecordInDatabase(PermissionEntity::clazz()); $this->assertNotNull($installedPermission); $this->assertEquals($permission->getName(), $installedPermission->getName()); $this->assertEquals($permission->getDescription(), $installedPermission->getDescription()); $this->assertEquals($permission->getRole(), $installedPermission->getRole()); $this->assertNotNull($installedPermission->getCategory()); $this->assertEquals($category->getId(), $installedPermission->getCategory()->getId()); // --- $result = $this->installer->installPermissions(); $this->assertValidResultStructure($result); $this->assertEquals(0, $result['installed']); $this->assertEquals(0, $result['removed']); }
/** * @param $roleName * * @return array */ public function getIdsByRole($roleName) { $ids = array(); $qb = $this->em->createQueryBuilder(); $qb->select('p, u, g')->from(Permission::clazz(), 'p')->leftJoin('p.users', 'u')->leftJoin('p.groups', 'g')->where($qb->expr()->eq('p.roleName', ':roleName'))->setParameter('roleName', $roleName); $query = $qb->getQuery(); $permission = $query->getOneOrNullResult($query::HYDRATE_ARRAY); if ($permission) { foreach ($permission['users'] as $u) { $ids[] = $u['id']; } $groupIds = array(); foreach ($permission['groups'] as $g) { $groupIds[] = $g['id']; } if (count($groupIds)) { $qb = $this->em->createQueryBuilder(); $qb->select('g, u')->from(Group::clazz(), 'g')->leftJoin('g.users', 'u')->where($qb->expr()->in('g.id', $groupIds)); $groups = $qb->getQuery()->getArrayResult(); foreach ($groups as $g) { foreach ($g['users'] as $u) { $ids[] = $u['id']; } } } } return array_keys(array_flip($ids)); }
/** * @return array */ private static function getTablesClasses() { return array(Permission::clazz(), PermissionCategory::clazz(), User::clazz(), Group::clazz(), Activity::clazz()); }
/** * @param Permission $role */ public function addPermission(Permission $role) { $role->addUser($this); if (!$this->permissions->contains($role)) { $this->permissions[] = $role; } }