Converts a permissions array to a bit field.
public convertPermissionsToNumber ( array $permissionsData ) : integer | ||
$permissionsData | array | |
return | integer |
public function testSetPermissionsWithExistingAccessControl() { $role = new Role(); $this->roleRepository->findRoleById(1)->willReturn($role); $this->maskConverter->convertPermissionsToNumber(['view' => true, 'edit' => false])->willReturn(64); $accessControl = $this->prophesize(AccessControl::class); $accessControl->setPermissions(64)->shouldBeCalled(); $this->accessControlRepository->findByTypeAndIdAndRole('AcmeBundle\\Example', 1, 1)->willReturn($accessControl); $this->objectManager->persist(Argument::any())->shouldNotBeCalled(); $this->objectManager->flush()->shouldBeCalled(); $this->doctrineAccessControlProvider->setPermissions('AcmeBundle\\Example', 1, [1 => ['view' => true, 'edit' => false]]); }
/** * Sets the permissions for the object with the given class and id for the given security identity. * * @param string $type The name of the class to protect * @param string $identifier * @param $permissions */ public function setPermissions($type, $identifier, $permissions) { foreach ($permissions as $roleId => $rolePermissions) { $accessControl = $this->accessControlRepository->findByTypeAndIdAndRole($type, $identifier, $roleId); if ($accessControl) { $accessControl->setPermissions($this->maskConverter->convertPermissionsToNumber($rolePermissions)); } else { $role = $this->roleRepository->findRoleById($roleId); $accessControl = new AccessControl(); $accessControl->setPermissions($this->maskConverter->convertPermissionsToNumber($rolePermissions)); $accessControl->setRole($role); $accessControl->setEntityId($identifier); $accessControl->setEntityClass($type); $this->objectManager->persist($accessControl); } } $this->objectManager->flush(); }
/** * Sets the permission for a single security identity. * * @param string $type The type of the object to protect * @param string $identifier The identifier of the object to protect * @param string $securityIdentity The security identity for which the permissions are set * @param array $permissions The permissions to set */ private function setPermission($type, $identifier, $securityIdentity, $permissions) { $oid = new ObjectIdentity($identifier, $type); $sid = new RoleSecurityIdentity($securityIdentity); try { $acl = $this->aclProvider->findAcl($oid); } catch (AclNotFoundException $exc) { $acl = $this->aclProvider->createAcl($oid); } $updated = false; foreach ($acl->getObjectAces() as $id => $ace) { /** @var EntryInterface $ace */ if ($ace->getSecurityIdentity()->equals($sid)) { $acl->updateObjectAce($id, $this->maskConverter->convertPermissionsToNumber($permissions)); $updated = true; } } if (!$updated) { $acl->insertObjectAce($sid, $this->maskConverter->convertPermissionsToNumber($permissions), 0, true, 'any'); } $this->aclProvider->updateAcl($acl); }