/** * @param object $object * @param int $depth * @param bool $ignoreAcl * @param Organization|null $organization * * @return Recipient[] */ public function getRecipients($object, $depth = 1, $ignoreAcl = false, Organization $organization = null) { $recipients = []; if ($this->isAccessDenyForOrganization($object, $ignoreAcl, $organization)) { return $recipients; } if (!$depth || ($ignoreAcl || !$this->securityFacade->isGranted('VIEW', $object))) { if (!$depth || $this->securityFacade->getLoggedUser() !== $object) { return $recipients; } } $className = ClassUtils::getClass($object); $metadata = $this->getMetadata($className); $attributes = $this->initAttributes($className, $metadata); foreach ($metadata->associationMappings as $name => $assoc) { if (in_array('Oro\\Bundle\\EmailBundle\\Entity\\EmailInterface', class_implements($assoc['targetEntity']), true)) { $attributes[] = new EmailAttribute($name, true); } else { if ($depth > 1) { $assocObject = $this->getPropertyAccessor()->getValue($object, $name); if (!$assocObject instanceof \Traversable && !is_array($assocObject)) { if ($assocObject) { $assocObject = [$assocObject]; } else { $assocObject = []; } } foreach ($assocObject as $obj) { $recipients = array_merge($recipients, $this->getRecipients($obj, $depth - 1, false, $organization)); } } } } return array_merge($recipients, $this->createRecipientsFromEmails($this->createEmailsFromAttributes($attributes, $object), $object, $metadata)); }
/** * {@inheritDoc} * @throws \Doctrine\DBAL\ConnectionException */ protected function onSuccess(AbstractRole $role, array $appendUsers, array $removeUsers) { // TODO: When task BB-1046 will be done, remove method removeOriginalRoleFromUsers. // In method addNewRoleToUsers before addRole add method removeRole($role). Also needs delete flush; /** @var AccountUserRole $role */ if ($role->getId()) { /** @var AccountUserRoleRepository $roleRepository */ $roleRepository = $this->doctrineHelper->getEntityRepository($role); $this->appendUsers = $roleRepository->getAssignedUsers($role); } $this->loggedAccountUser = $this->securityFacade->getLoggedUser(); /** @var EntityManager $manager */ $manager = $this->managerRegistry->getManagerForClass(ClassUtils::getClass($this->loggedAccountUser)); $connection = $manager->getConnection(); $connection->setTransactionIsolation(Connection::TRANSACTION_REPEATABLE_READ); $connection->beginTransaction(); try { $this->removeOriginalRoleFromUsers($role, $manager); AclRoleHandler::onSuccess($this->newRole, $appendUsers, $removeUsers); $this->addNewRoleToUsers($role, $manager, $appendUsers, $removeUsers); $manager->flush(); $connection->commit(); } catch (\Exception $e) { $connection->rollBack(); throw $e; } }
/** * Returns the context for the given email * * @param Email $email * * @return array */ public function getEmailContext(Email $email) { $criteria = Criteria::create(); $criteria->andWhere(Criteria::expr()->eq('id', $email->getId())); $qb = $this->activityManager->getActivityTargetsQueryBuilder($this->class, $criteria); if (null === $qb) { return []; } $result = $qb->getQuery()->getResult(); if (empty($result)) { return $result; } $currentUser = $this->securityFacade->getLoggedUser(); $currentUserClass = ClassUtils::getClass($currentUser); $currentUserId = $currentUser->getId(); $result = array_values(array_filter($result, function ($item) use($currentUserClass, $currentUserId) { return !($item['entity'] === $currentUserClass && $item['id'] == $currentUserId); })); foreach ($result as &$item) { $route = $this->configManager->getEntityMetadata($item['entity'])->getRoute(); $item['entityId'] = $email->getId(); $item['targetId'] = $item['id']; $item['targetClassName'] = $this->entityClassNameHelper->getUrlSafeClassName($item['entity']); $item['icon'] = $this->configManager->getProvider('entity')->getConfig($item['entity'])->get('icon'); $item['link'] = $route ? $this->router->generate($route, ['id' => $item['id']]) : null; unset($item['id'], $item['entity']); } return $result; }
/** * Sets default data for create integrations form * * @param FormEvent $event */ public function postSet(FormEvent $event) { $data = $event->getData(); if ($data && !$data->getId() && !$data->getDefaultUserOwner() || null === $data) { $event->getForm()->get('defaultUserOwner')->setData($this->securityFacade->getLoggedUser()); } }
/** * Process form * * @param CalendarEvent $entity * @throws \LogicException * * @return bool True on successful processing, false otherwise */ public function process(CalendarEvent $entity) { if (!$entity->getCalendar()) { if ($this->securityFacade->getLoggedUser() && $this->securityFacade->getOrganization()) { /** @var Calendar $defaultCalendar */ $defaultCalendar = $this->manager->getRepository('OroCalendarBundle:Calendar')->findDefaultCalendar($this->securityFacade->getLoggedUser()->getId(), $this->securityFacade->getOrganization()->getId()); $entity->setCalendar($defaultCalendar); } else { throw new \LogicException('Current user did not define'); } } $this->form->setData($entity); if (in_array($this->request->getMethod(), array('POST', 'PUT'))) { $this->form->submit($this->request); if ($this->form->isValid()) { $targetEntityClass = $this->entityRoutingHelper->getEntityClassName($this->request); if ($targetEntityClass) { $targetEntityId = $this->entityRoutingHelper->getEntityId($this->request); $targetEntity = $this->entityRoutingHelper->getEntityReference($targetEntityClass, $targetEntityId); $action = $this->entityRoutingHelper->getAction($this->request); if ($action === 'activity') { $this->activityManager->addActivityTarget($entity, $targetEntity); } if ($action === 'assign' && $targetEntity instanceof User && $targetEntityId !== $this->securityFacade->getLoggedUserId()) { /** @var Calendar $defaultCalendar */ $defaultCalendar = $this->manager->getRepository('OroCalendarBundle:Calendar')->findDefaultCalendar($targetEntity->getId(), $targetEntity->getOrganization()->getId()); $entity->setCalendar($defaultCalendar); } } $this->onSuccess($entity); return true; } } return false; }
/** * @param OrmResultBefore $event */ public function onResultBefore(OrmResultBefore $event) { // listener logic is applied only to frontend part of application if ($this->securityFacade->getLoggedUser() instanceof User) { return; } $config = $event->getDatagrid()->getConfig(); $query = $event->getQuery(); /** @var Subselect|SelectStatement $select */ $select = $query->getAST(); $fromClause = $select instanceof SelectStatement ? $select->fromClause : $select->subselectFromClause; $skipAclCheck = true; /** @var IdentificationVariableDeclaration $identificationVariableDeclaration */ foreach ($fromClause->identificationVariableDeclarations as $identificationVariableDeclaration) { $entityName = $identificationVariableDeclaration->rangeVariableDeclaration->abstractSchemaName; $metadata = $this->metadataProvider->getMetadata($entityName); if ($metadata->hasOwner()) { $skipAclCheck = false; break; } } if ($skipAclCheck) { $config->offsetSetByPath(Builder::DATASOURCE_SKIP_ACL_CHECK, true); } }
/** * @return User */ protected function getCurrentUser() { $user = $this->securityFacade->getLoggedUser(); if ($user instanceof User) { return $user; } return null; }
/** * @return AccountUser|null */ public function getLoggedUser() { $user = $this->securityFacade->getLoggedUser(); if ($user instanceof AccountUser) { return $user; } return null; }
/** * @return array */ protected function createChoices() { $user = $this->securityFacade->getLoggedUser(); if (!$user instanceof User) { return []; } $emails = array_merge(array_values($this->relatedEmailsProvider->getEmails($user, 1, true)), $this->mailboxManager->findAvailableMailboxEmails($user, $this->securityFacade->getOrganization())); return array_combine($emails, $emails); }
/** * @return array */ protected function createChoices() { $user = $this->securityFacade->getLoggedUser(); if (!$user instanceof User) { return []; } $emails = array_values($this->relatedEmailsProvider->getEmails($user, 1, true)); return array_combine($emails, $emails); }
/** * @return string * @throws \RuntimeException */ public function getPrefix() { $user = $this->securityFacade->getLoggedUser(); if ($user instanceof User) { return self::BACKEND_PREFIX; } elseif ($user instanceof AccountUser) { return self::FRONTEND_PREFIX; } throw new \RuntimeException('This method must be called only for logged User or AccountUser'); }
/** * Set email seen status for current user for single email or thread * * @param Email $entity * @param bool $isSeen * @param bool $checkThread - if false it will be applied for single email instead of thread */ public function setSeenStatus(Email $entity, $isSeen = true, $checkThread = false) { $user = $this->securityFacade->getLoggedUser(); $organization = $this->securityFacade->getOrganization(); $emailUsers = $this->getEmailUserRepository()->getAllEmailUsersByEmail($entity, $user, $organization, $checkThread); foreach ($emailUsers as $emailUser) { $this->setEmailUserSeen($emailUser, $isSeen); } $this->em->flush(); }
/** * @param ResultRecordInterface $record * @return array */ public function getInvitationPermissions(ResultRecordInterface $record) { /** @var User $user */ $user = $this->securityFacade->getLoggedUser(); $invitationStatus = $record->getValue('invitationStatus'); $parentId = $record->getValue('parentId'); $ownerId = $record->getValue('ownerId'); $childrenCount = $record->getValue('childrenCount'); $isEditable = !$invitationStatus || $invitationStatus && !$parentId; return array('accept' => $this->isAvailableResponseButton($user, $parentId, $ownerId, $childrenCount, $invitationStatus, CalendarEvent::ACCEPTED), 'decline' => $this->isAvailableResponseButton($user, $parentId, $ownerId, $childrenCount, $invitationStatus, CalendarEvent::DECLINED), 'tentatively' => $this->isAvailableResponseButton($user, $parentId, $ownerId, $childrenCount, $invitationStatus, CalendarEvent::TENTATIVELY_ACCEPTED), 'view' => true, 'update' => $isEditable); }
/** * @param FormEvent $event * @return bool */ public function onPreSetData(FormEvent $event) { /** @var $user AccountUser */ $user = $this->securityFacade->getLoggedUser(); if (!$user instanceof AccountUser) { return; } $account = $user->getAccount(); /** @var AccountUser $data */ $data = $event->getData(); $data->setAccount($account); }
/** * @param User $entity * * {@inheritdoc} */ public function hasAccessEditField($entity, $fieldName) { if (!$entity instanceof User) { $className = ClassUtils::getClass($entity); throw new IncorrectEntityException(sprintf('Entity %s, is not instance of User class', $className)); } $currentUser = $this->securityFacade->getLoggedUser(); if ($this->hasField($entity, $fieldName) && in_array($fieldName, $this->getCurrentUserFieldBlockList(), true) && $currentUser->getId() !== $entity->getId()) { return true; } return $this->hasField($entity, $fieldName) && !in_array($fieldName, $this->getCurrentUserFieldBlockList(), true); }
/** * Gets a list of user's calendars for which it is granted to add events * * @return array of [id, name] */ public function getUserCalendars() { /** @var CalendarRepository $repo */ $repo = $this->doctrineHelper->getEntityRepository('OroCalendarBundle:Calendar'); $calendars = $repo->getUserCalendarsQueryBuilder($this->securityFacade->getOrganizationId(), $this->securityFacade->getLoggedUserId())->select('c.id, c.name')->getQuery()->getArrayResult(); foreach ($calendars as &$calendar) { if (empty($calendar['name'])) { $calendar['name'] = $this->entityNameResolver->getName($this->securityFacade->getLoggedUser()); } } return $calendars; }
/** * @param bool $addValue FALSE for variable definitions; TRUE for variable values * * @return array */ protected function getVariables($addValue) { $result = []; $organization = $this->securityFacade->getOrganization(); $user = $this->securityFacade->getLoggedUser(); $this->addOrganizationName($result, $organization, $addValue); $this->addUserName($result, $user, $addValue); $this->addUserFirstName($result, $user, $addValue); $this->addUserLastName($result, $user, $addValue); $this->addUserFullName($result, $user, $addValue); return $result; }
/** * @param ResultRecordInterface $record * * @return array */ public function getUserPermissions(ResultRecordInterface $record) { $disabled = $enabled = $record->getValue('enabled'); $user = $this->securityFacade->getLoggedUser(); $delete = true; if ($user instanceof AccountUser) { $isCurrentUser = $user->getId() == $record->getValue('id'); $disabled = $isCurrentUser ? false : $enabled; $delete = !$isCurrentUser; } return ['enable' => !$enabled, 'disable' => $disabled, 'view' => true, 'update' => true, 'delete' => $delete]; }
/** * @param BuildBefore $event */ public function onBuildBefore(BuildBefore $event) { $config = $event->getConfig(); $user = $this->securityFacade->getLoggedUser(); if ($user instanceof AccountUser && $user->getAccount() && $this->securityFacade->isGranted('orob2b_account_frontend_account_user_role_view')) { $andWhere = 'role.account IN (' . $user->getAccount()->getId() . ')'; $this->addConfigElement($config, '[source][query][where][and]', $andWhere); $orWhere = 'role.account IS NULL'; $this->addConfigElement($config, '[source][query][where][or]', $orWhere); } else { $this->addConfigElement($config, '[source][query][where][and]', '1=0'); } }
/** * @param FilterControllerEvent $event */ public function onKernelController(FilterControllerEvent $event) { $env = $this->container->getParameter("kernel.environment"); $user = $this->securityFacade->getLoggedUser(); if ('test' == $env && $user instanceof ApiUser) { $em = $this->container->get('doctrine.orm.entity_manager'); $eventManager = $em->getEventManager(); foreach ($eventManager->getListeners()['onFlush'] as $hash => $listener) { if ($listener instanceof EntityListener) { $eventManager->removeEventListener('onFlush', $listener); } } } }
/** * {@inheritdoc} */ public function configureOptions(OptionsResolver $resolver) { $loggedUser = $this->securityFacade->getLoggedUser(); if (!$loggedUser instanceof AccountUser) { return; } $resolver->setNormalizer('loader', function () use($loggedUser) { /** @var $repo AccountUserRoleRepository */ $repo = $this->registry->getManagerForClass($this->roleClass)->getRepository($this->roleClass); /** @var $qb QueryBuilder */ $qb = $repo->getAvailableRolesByAccountUserQueryBuilder($loggedUser); return new ORMQueryBuilderLoader($qb); }); }
/** * Apply custom ACL checks * * @param QueryBuilder $qb */ public function applyAcl(QueryBuilder $qb) { $user = $this->securityFacade->getLoggedUser(); $organization = $this->securityFacade->getOrganization(); $mailboxIds = $this->doctrine->getRepository('OroEmailBundle:Mailbox')->findAvailableMailboxIds($user, $organization); $uoCheck = $qb->expr()->andX($qb->expr()->eq('eu.owner', ':owner'), $qb->expr()->eq('eu.organization ', ':organization')); if (!empty($mailboxIds)) { $qb->andWhere($qb->expr()->orX($uoCheck, $qb->expr()->in('eu.mailboxOwner', ':mailboxIds'))); $qb->setParameter('mailboxIds', $mailboxIds); } else { $qb->andWhere($uoCheck); } $qb->setParameter('owner', $user->getId()); $qb->setParameter('organization', $organization->getId()); }
/** * @param string $permission * @return string */ protected function getPermission($permission) { if (!$this->securityFacade->getLoggedUser() instanceof AccountUser) { $permission .= OrderAddressProvider::ADMIN_ACL_POSTFIX; } return $permission; }
/** * @param FormBuilderInterface $builder */ protected function addOwnerOrganizationEventListener(FormBuilderInterface $builder) { $builder->addEventListener(FormEvents::POST_SUBMIT, function (FormEvent $event) { /** @var ImapEmailOrigin $data */ $data = $event->getData(); if ($data !== null) { if ($data->getOwner() === null) { $data->setOwner($this->securityFacade->getLoggedUser()); } if ($data->getOrganization() === null) { $organization = $this->securityFacade->getOrganization() ? $this->securityFacade->getOrganization() : $this->securityFacade->getLoggedUser()->getOrganization(); $data->setOrganization($organization); } $event->setData($data); } }); }
/** * @param string $type * @param string $key * @return string */ protected function getPermission($type, $key) { $postfix = ''; if (!$this->securityFacade->getLoggedUser() instanceof AccountUser) { $postfix = self::ADMIN_ACL_POSTFIX; } return $this->permissionsByType[$type][$key] . $postfix; }
/** * Return array of numbers unread emails per folder * * @return array */ public function getUnreadEmailsCount() { $currentOrganization = $this->securityFacade->getOrganization(); $currentUser = $this->securityFacade->getLoggedUser(); $result = $this->em->getRepository("OroEmailBundle:Email")->getCountNewEmailsPerFolders($currentUser, $currentOrganization); $total = $this->em->getRepository("OroEmailBundle:Email")->getCountNewEmails($currentUser, $currentOrganization); $result[] = array('num' => $total, 'id' => 0); return $result; }
/** * {@inheritdoc} */ public function getRecipients(EmailRecipientsProviderArgs $args) { if (null === ($user = $this->securityFacade->getLoggedUser())) { return []; } $userEmailAddresses = array_keys($this->relatedEmailsProvider->getEmails($user, 1, true)); $recipientsQb = $this->getEmailRecipientRepository()->getEmailsUsedInLast30DaysQb($userEmailAddresses, [], $args->getQuery())->setMaxResults($args->getLimit()); $emails = $this->emailsFromResult($this->aclHelper->apply($recipientsQb)->getResult()); $result = []; foreach ($emails as $email => $name) { $owner = $this->emailOwnerProvider->findEmailOwner($this->registry->getManager(), $email); if (!$this->emailRecipientsHelper->isObjectAllowed($args, $owner)) { continue; } $result[] = new Recipient($email, $name, $this->createRecipientEntity($owner)); } return $result; }
/** * Gets defined as default grid view for current logged user. * * @param string $gridName * * @return GridView|null */ protected function getDefaultView($gridName) { if ($this->defaultGridView === false) { $repository = $this->registry->getRepository('OroDataGridBundle:GridView'); $defaultGridView = $repository->findDefaultGridView($this->aclHelper, $this->securityFacade->getLoggedUser(), $gridName); $this->defaultGridView = $defaultGridView; } return $this->defaultGridView; }
/** * Returns array of mailbox choices. * * @return array */ public function getChoiceList() { /** @var Mailbox[] $systemMailboxes */ $systemMailboxes = $this->mailboxManager->findAvailableMailboxes($this->securityFacade->getLoggedUser(), $this->getOrganization()); $origins = $this->mailboxManager->findAvailableOrigins($this->securityFacade->getLoggedUser(), $this->getOrganization()); $choiceList = []; foreach ($origins as $origin) { $mailbox = $origin->getMailboxName(); if (count($origin->getFolders()) > 0) { $choiceList[$origin->getId()] = str_replace('@', '\\@', $mailbox); } } foreach ($systemMailboxes as $mailbox) { if ($mailbox->getOrigin() !== null) { $choiceList[$mailbox->getOrigin()->getId()] = $mailbox->getLabel(); } } return $choiceList; }
/** * @return null|User */ protected function getCurrentUser() { if (null === $this->currentUser) { $user = $this->securityFacade->getLoggedUser(); if ($user && !is_string($user)) { $this->currentUser = $user; } } return $this->currentUser; }