/** * {@inheritdoc} */ public function equals(SecurityIdentityInterface $sid) { if (!$sid instanceof self) { return false; } return $this->id === $sid->getId() && $this->class === $sid->getClass(); }
/** * {@inheritDoc} */ public function equals(SecurityIdentityInterface $sid) { if (!$sid instanceof UserSecurityIdentity) { return false; } return $this->username === $sid->getUsername() && $this->class === $sid->getClass(); }
/** * Transform a given ACL security identity into a SecurityIdentity model. * * If there is no model entry given, a new one will be created and saved to the database. * * @throws \InvalidArgumentException * * @param \Symfony\Component\Security\Acl\Model\SecurityIdentityInterface $aclIdentity * @param \PropelPDO $con * * @return \Propel\PropelBundle\Model\Acl\SecurityIdentity */ public static function fromAclIdentity(SecurityIdentityInterface $aclIdentity, \PropelPDO $con = null) { if ($aclIdentity instanceof UserSecurityIdentity) { $identifier = $aclIdentity->getClass() . '-' . $aclIdentity->getUsername(); $username = true; } elseif ($aclIdentity instanceof RoleSecurityIdentity) { $identifier = $aclIdentity->getRole(); $username = false; } else { throw new \InvalidArgumentException('The ACL identity must either be an instance of UserSecurityIdentity or RoleSecurityIdentity.'); } $obj = SecurityIdentityQuery::create()->filterByIdentifier($identifier)->filterByUsername($username)->findOneOrCreate($con); if ($obj->isNew()) { $obj->save($con); } return $obj; }
/** * Constructs the SQL for selecting the primary key of a security identity. * * @param SecurityIdentityInterface $sid * @throws \InvalidArgumentException * @return string */ protected function getSelectSecurityIdentityIdSql(SecurityIdentityInterface $sid) { if ($sid instanceof UserSecurityIdentity) { $identifier = $sid->getClass() . '-' . $sid->getUsername(); $username = true; } elseif ($sid instanceof RoleSecurityIdentity) { $identifier = $sid->getRole(); $username = false; } else { throw new \InvalidArgumentException('$sid must either be an instance of UserSecurityIdentity, or RoleSecurityIdentity.'); } return sprintf('SELECT id FROM %s WHERE identifier = %s AND username = %s', $this->options['sid_table_name'], $this->connection->quote($identifier), $this->connection->getDatabasePlatform()->convertBooleans($username)); }
/** * Constructs the SQL for updating a security identity. * * @param SecurityIdentityInterface $sid * @param string $oldName * @throws \InvalidArgumentException * @return string */ protected function getUpdateSecurityIdentitySql(SecurityIdentityInterface $sid, $oldName) { if ($sid instanceof UserSecurityIdentity) { if ($sid->getUsername() == $oldName) { throw new \InvalidArgumentException('There are no changes.'); } $oldIdentifier = $sid->getClass() . '-' . $oldName; $newIdentifier = $sid->getClass() . '-' . $sid->getUsername(); $username = true; } elseif ($sid instanceof RoleSecurityIdentity) { if ($sid->getRole() == $oldName) { throw new \InvalidArgumentException('There are no changes.'); } $oldIdentifier = $oldName; $newIdentifier = $sid->getRole(); $username = false; } else { throw new \InvalidArgumentException('$sid must either be an instance of UserSecurityIdentity, or RoleSecurityIdentity.'); } return sprintf('UPDATE %s SET identifier = %s WHERE identifier = %s AND username = %s', $this->options['sid_table_name'], $this->connection->quote($newIdentifier), $this->connection->quote($oldIdentifier), $this->connection->getDatabasePlatform()->convertBooleans($username)); }
/** * Create an array of the security identity for inserting in the document * * @param SecurityIdentityInterface $sid * @throws \InvalidArgumentException * @return array */ protected function getSecurityIdentityQuery(SecurityIdentityInterface $sid) { if ($sid instanceof UserSecurityIdentity) { return array('username' => $sid->getUsername(), 'class' => $sid->getClass()); } else { if ($sid instanceof RoleSecurityIdentity) { return array('role' => $sid->getRole()); } else { throw new \InvalidArgumentException('$sid must either be an instance of UserSecurityIdentity, or RoleSecurityIdentity.'); } } }
/** * @param SecurityIdentityInterface $sid * * @return mixed */ protected function getSecurityIdentityId(SecurityIdentityInterface $sid) { if ($sid instanceof UserSecurityIdentity) { $identifier = $sid->getClass() . '-' . $sid->getUsername(); $username = true; } elseif ($sid instanceof RoleSecurityIdentity) { //skip Role SID because we didn't share records for Role return null; } elseif ($sid instanceof BusinessUnitSecurityIdentity) { $identifier = $sid->getClass() . '-' . $sid->getId(); $username = false; } else { throw new \InvalidArgumentException('$sid must either be an instance of UserSecurityIdentity or RoleSecurityIdentity ' . 'or BusinessUnitSecurityIdentity.'); } return $this->getObjectManager()->getRepository('OroSecurityBundle:AclSecurityIdentity')->findOneBy(['identifier' => $identifier, 'username' => $username]); }
/** * Constructs sql restriction based on sid specified as array and fills list * of used sql params to be bind in prepared statement * * @param SecurityIdentityInterface $sid sid * @param array &$valuesForBind list of params to be bind * * @return string */ private function getSidSqlRestriction(SecurityIdentityInterface $sid, &$valuesForBind) { if ($sid instanceof UserSecurityIdentity) { $identifier = $sid->getClass() . '-' . $sid->getUsername(); $isUsername = true; } elseif ($sid instanceof RoleSecurityIdentity) { $identifier = $sid->getRole(); $isUsername = false; } else { throw new InvalidArgumentException('$sid must either be an instance of UserSecurityIdentity, or RoleSecurityIdentity.'); } $sidSqlRestriction = sprintf("INNER JOIN %s s ON e.security_identity_id = s.id AND s.identifier = :identifier AND s.username = :username", $this->options['sid_table_name']); $valuesForBind['identifier'] = ['value' => $identifier, 'type' => PDO::PARAM_STR]; $valuesForBind['username'] = ['value' => $isUsername, 'type' => PDO::PARAM_BOOL]; return $sidSqlRestriction; }
/** * Constructs the SQL for inserting a security identity. * * @param SecurityIdentityInterface $sid * * @throws \InvalidArgumentException * * @return string */ protected function getInsertSecurityIdentitySql(SecurityIdentityInterface $sid) { if ($sid instanceof UserSecurityIdentity) { $identifier = $sid->getClass() . '-' . $sid->getUsername(); $username = true; } elseif ($sid instanceof RoleSecurityIdentity) { $identifier = $sid->getRole(); $username = false; } elseif ($sid instanceof JournalRoleSecurityIdentity) { $identifier = $sid->getIdentifier(); $username = false; } else { throw new \InvalidArgumentException('$sid must either be an instance of UserSecurityIdentity, JournalRoleSecurityIdentity or RoleSecurityIdentity.'); } return sprintf('INSERT INTO %s (identifier, username) VALUES (%s, %s)', $this->options['sid_table_name'], $this->connection->quote($identifier), $this->connection->getDatabasePlatform()->convertBooleans($username)); }
/** * Get Security Identifier and Username flag to create SQL queries * * @param SecurityIdentityInterface $sid * * @throws \InvalidArgumentException * * @return array */ protected function getSecurityIdentifier(SecurityIdentityInterface $sid) { if ($sid instanceof UserSecurityIdentity) { return [$sid->getClass() . '-' . $sid->getUsername(), true]; } elseif ($sid instanceof RoleSecurityIdentity) { return [$sid->getRole(), false]; } elseif ($sid instanceof BusinessUnitSecurityIdentity) { return [$sid->getClass() . '-' . $sid->getId(), false]; } else { throw new \InvalidArgumentException('$sid must either be an instance of UserSecurityIdentity or RoleSecurityIdentity' . ' or BusinessUnitSecurityIdentity.'); } }