/**
* Load roles
*
* @param \Doctrine\Common\Persistence\ObjectManager $manager
*/
public function load(ObjectManager $manager)
{
/** @var AclManager $manager */
$aclManager = $this->container->get('oro_security.acl.manager');
$fileName = __DIR__ . '/CrmRoles/roles.yml';
$fileName = str_replace('/', DIRECTORY_SEPARATOR, $fileName);
$rolesData = Yaml::parse($fileName);
foreach ($rolesData as $roleName => $roleConfigData) {
if (isset($roleConfigData['bap_role'])) {
$role = $manager->getRepository('OroUserBundle:Role')->findOneBy(['role' => $roleConfigData['bap_role']]);
} else {
$role = new Role($roleName);
}
$role->setLabel($roleConfigData['label']);
$manager->persist($role);
if ($aclManager->isAclEnabled()) {
$sid = $aclManager->getSid($role);
foreach ($roleConfigData['permissions'] as $permission => $acls) {
$oid = $aclManager->getOid(str_replace('|', ':', $permission));
$builder = $aclManager->getMaskBuilder($oid);
$mask = $builder->reset()->get();
if (!empty($acls)) {
foreach ($acls as $acl) {
$mask = $builder->add($acl)->get();
}
}
$aclManager->setPermission($sid, $oid, $mask);
}
}
}
$aclManager->flush();
$manager->flush();
}
/**
* Load roles
*
* @param \Doctrine\Common\Persistence\ObjectManager $manager
*/
public function load(ObjectManager $manager)
{
$role = new Role(self::$roleData['name']);
$role->setLabel(self::$roleData['label']);
$manager->persist($role);
/** @var AclManager $aclManager */
$aclManager = $this->container->get('oro_security.acl.manager');
if ($aclManager->isAclEnabled()) {
$sid = $aclManager->getSid($role);
foreach (LoadUserData::$roleData['permissions'] as $permission => $acls) {
$oid = $aclManager->getOid(str_replace('|', ':', $permission));
$builder = $aclManager->getMaskBuilder($oid);
$mask = $builder->reset()->get();
if (!empty($acls)) {
foreach ($acls as $acl) {
$mask = $builder->add($acl)->get();
}
}
$aclManager->setPermission($sid, $oid, $mask);
}
}
/** @var UserManager $userManager */
$userManager = $this->container->get('oro_user.manager');
$user = $userManager->createUser();
/** @var OrganizationManager $organizationManager */
$organizationManager = $this->container->get('oro_organization.organization_manager');
$organization = $organizationManager->getOrganizationRepo()->getOrganizationById(self::USER_ORGANIZATION);
$user->setUsername(self::USER_NAME)->setPlainPassword(self::USER_PASSWORD)->setFirstName('User')->setLastName('Test')->addRole($role)->setEmail('*****@*****.**')->setOrganization($organization)->addOrganization($organization)->setSalt('');
$userManager->updateUser($user);
$aclManager->flush();
$manager->flush();
}
/**
* Test prePersist role that to generate new value of "role" field
*/
public function testPrePersistValid()
{
$role = new Role();
$this->assertEmpty($role->getId());
$this->assertEmpty($role->getRole());
$this->listener->prePersist($this->getPrePersistEvent($role));
$this->assertNotEmpty($role->getRole());
}
/**
* Build the role entity from data
*
* @param array $data
*
* @return Role
*/
protected function buildRole(array $data)
{
$role = $data['role'];
$label = $data['label'];
$role = new Role($role);
$role->setLabel($label);
return $role;
}
public function testLabel()
{
$role = new Role();
$label = 'Test role';
$this->assertEmpty($role->getLabel());
$role->setLabel($label);
$this->assertEquals($label, $role->getLabel());
$this->assertEquals($label, (string) $role);
}
public function testGetRoleLabelsAsString()
{
$roleFoo = new Role('ROLE_FOO');
$roleFoo->setLabel('Role foo');
$this->group->addRole($roleFoo);
$roleBar = new Role('ROLE_BAR');
$roleBar->setLabel('Role bar');
$this->group->addRole($roleBar);
$this->assertEquals('Role foo, Role bar', $this->group->getRoleLabelsAsString());
}
/**
* Build the role entity from data
*
* @param array $data
*
* @return Role
*/
protected function buildRole(array $data)
{
$role = $data['role'];
$label = $data['label'];
$role = new Role($role);
$role->setLabel($label);
$owner = isset($data['owner']) ? $data['owner'] : 'Main';
$owner = $this->getOwner($owner);
$role->setOwner($owner);
return $role;
}
/**
* Load roles full_access_role
*
* @param \Doctrine\Common\Persistence\ObjectManager $manager
*/
public function load(ObjectManager $manager)
{
$role_template_access = new Role('ROLE_LOGIN_ACCESS');
$role_template_access->setLabel('Log-in access role');
$this->addReference('login_access_role', $role_template_access);
$manager->persist($role_template_access);
$full_access_role = new Role('ROLE_FULL_ACCESS');
$full_access_role->setLabel('Full access role');
$this->addReference('full_access_role', $full_access_role);
$manager->persist($full_access_role);
$manager->flush();
}
/**
* Load the ACL per role
*
* @param Role $role
*/
protected function loadAcls(Role $role)
{
if (User::ROLE_ANONYMOUS === $role->getRole()) {
return;
}
$sid = $this->aclManager->getSid($role);
foreach ($this->aclManager->getAllExtensions() as $extension) {
$rootOid = $this->aclManager->getRootOid($extension->getExtensionKey());
foreach ($extension->getAllMaskBuilders() as $maskBuilder) {
$fullAccessMask = $maskBuilder->hasConst('GROUP_SYSTEM') ? $maskBuilder->getConst('GROUP_SYSTEM') : $maskBuilder->getConst('GROUP_ALL');
$this->aclManager->setPermission($sid, $rootOid, $fullAccessMask, true);
}
}
}
/**
* {@inheritdoc}
*/
public function load(ObjectManager $manager)
{
$roleTest1 = new Role();
$roleTest1->setLabel('Role 1');
$roleTest1->setRole('ROLE_TEST_1');
$manager->persist($roleTest1);
$this->setReference('ROLE_TEST_1', $roleTest1);
$roleTest2 = new Role();
$roleTest2->setLabel('Role 2');
$roleTest2->setRole('ROLE_TEST_2');
$manager->persist($roleTest2);
$this->setReference('ROLE_TEST_2', $roleTest2);
$manager->flush();
}
/**
* Load roles
*
* @param \Doctrine\Common\Persistence\ObjectManager $manager
*/
public function load(ObjectManager $manager)
{
$roleAnonymous = new Role(self::ROLE_ANONYMOUS);
$roleAnonymous->setLabel('Anonymous');
$roleUser = new Role(self::ROLE_USER);
$roleUser->setLabel('User');
$roleSAdmin = new Role(self::ROLE_ADMINISTRATOR);
$roleSAdmin->setLabel('Administrator');
$roleManager = new Role(self::ROLE_MANAGER);
$roleManager->setLabel('Manager');
$manager->persist($roleAnonymous);
$manager->persist($roleUser);
$manager->persist($roleSAdmin);
$manager->persist($roleManager);
$manager->flush();
}
/**
* Never use this to check if this user has access to anything!
* Use the SecurityContext, or an implementation of AccessDecisionManager
* instead, e.g.
*
* $securityContext->isGranted('ROLE_USER');
*
* @param Role|string $role
*
* @return boolean
* @throws \InvalidArgumentException
*/
public function hasRole($role)
{
if ($role instanceof Role) {
$roleName = $role->getRole();
} elseif (is_string($role)) {
$roleName = $role;
} else {
throw new \InvalidArgumentException('$role must be an instance of Oro\\Bundle\\UserBundle\\Entity\\Role or a string');
}
return (bool) $this->getRole($roleName);
}
/**
* @param Role $role
*
* @Given /^I should be on the ("([^"]*)" role) page$/
*/
public function iShouldBeOnTheRolePage(Role $role)
{
$expectedAddress = $this->getPage('Role edit')->getUrl(['id' => $role->getId()]);
$this->assertAddress($expectedAddress);
}
/**
* Save role
*
* @param Role $role
* @return bool
*/
public function process(Role $role)
{
if (in_array($this->request->getMethod(), array('POST', 'PUT'))) {
$this->form->submit($this->request);
if ($this->form->isValid()) {
$appendUsers = $this->form->get('appendUsers')->getData();
$removeUsers = $this->form->get('removeUsers')->getData();
$role->setRole(strtoupper(trim(preg_replace('/[^\\w\\-]/i', '_', $role->getLabel()))));
$this->onSuccess($role, $appendUsers, $removeUsers);
$this->processPrivileges($role);
return true;
}
} else {
$this->setRolePrivileges($role);
}
return false;
}
/**
* {@inheritDoc}
*/
public function __toString()
{
$this->__initializer__ && $this->__initializer__->__invoke($this, '__toString', array());
return parent::__toString();
}
