示例#1
0
 /**
  * Updates ACL
  *
  * @param \Sonata\AdminBundle\Util\AdminObjectAclData $data
  */
 public function updateAcl(AdminObjectAclData $data)
 {
     foreach ($data->getAclUsers() as $aclUser) {
         $securityIdentity = UserSecurityIdentity::fromAccount($aclUser);
         $maskBuilder = new $this->maskBuilderClass();
         foreach ($data->getUserPermissions() as $permission) {
             if ($data->getForm()->get($aclUser->getId() . $permission)->getData()) {
                 $maskBuilder->add($permission);
             }
         }
         $masks = $data->getMasks();
         $acl = $data->getAcl();
         // Restore OWNER and MASTER permissions
         /*if (!$data->isOwner()) {
               foreach ($data->getOwnerPermissions() as $permission) {
                   if ($acl->isGranted(array($masks[$permission]), array($securityIdentity))) {
                       $maskBuilder->add($permission);
                   }
               }
           }*/
         $mask = $maskBuilder->get();
         $index = null;
         $ace = null;
         foreach ($acl->getObjectAces() as $currentIndex => $currentAce) {
             if ($currentAce->getSecurityIdentity()->equals($securityIdentity)) {
                 $index = $currentIndex;
                 $ace = $currentAce;
                 break;
             }
         }
         if ($ace) {
             $acl->updateObjectAce($index, $mask);
         } else {
             $acl->insertObjectAce($securityIdentity, $mask);
         }
     }
     $data->getSecurityHandler()->updateAcl($acl);
 }
示例#2
0
 /**
  * Builds the form.
  *
  * @param \Sonata\AdminBundle\Util\AdminObjectAclData  $data
  * @param \Symfony\Component\Form\FormBuilderInterface $formBuilder
  * @param \Traversable                                 $aclValues
  *
  * @return \Symfony\Component\Form\Form
  */
 protected function buildForm(AdminObjectAclData $data, FormBuilderInterface $formBuilder, \Traversable $aclValues)
 {
     // Retrieve object identity
     $objectIdentity = ObjectIdentity::fromDomainObject($data->getObject());
     $acl = $data->getSecurityHandler()->getObjectAcl($objectIdentity);
     if (!$acl) {
         $acl = $data->getSecurityHandler()->createAcl($objectIdentity);
     }
     $data->setAcl($acl);
     $masks = $data->getMasks();
     $securityInformation = $data->getSecurityInformation();
     foreach ($aclValues as $key => $aclValue) {
         $securityIdentity = $this->getSecurityIdentity($aclValue);
         $permissions = array();
         foreach ($data->getUserPermissions() as $permission) {
             try {
                 $checked = $acl->isGranted(array($masks[$permission]), array($securityIdentity));
             } catch (NoAceFoundException $e) {
                 $checked = false;
             }
             $attr = array();
             if (self::ACL_ROLES_FORM_NAME === $formBuilder->getName() && isset($securityInformation[$aclValue]) && array_search($permission, $securityInformation[$aclValue]) !== false) {
                 $attr['disabled'] = 'disabled';
             }
             $permissions[$permission] = array('required' => false, 'data' => $checked, 'disabled' => array_key_exists('disabled', $attr), 'attr' => $attr);
         }
         $formBuilder->add($key, new AclMatrixType(), array('permissions' => $permissions, 'acl_value' => $aclValue));
     }
     return $formBuilder->getForm();
 }