/** * Adds and removes an array with access level to the given access * entity uuid. If the donor hasn't the permission for the access * level no action is taken. * * @access public * @param \Zepi\Core\AccessControl\Entity\AccessEntity $accessEntity * @param array $accessLevels * @param \Zepi\Core\AccessControl\Entity\AccessEntity $donor */ public function updatePermissions(AccessEntity $accessEntity, $accessLevels, AccessEntity $donor) { $permissions = $this->getPermissionsRawForUuid($accessEntity->getUuid()); $grantedPermissions = array_diff($accessLevels, $permissions); $revokedPermissions = array_diff($permissions, $accessLevels); // Grant the added access levels foreach ($grantedPermissions as $accessLevel) { if (!$donor->hasAccess($accessLevel)) { continue; } $this->grantPermission($accessEntity->getUuid(), get_class($accessEntity), $accessLevel, $donor->getName()); } // Revoke the removed access levels foreach ($revokedPermissions as $accessLevel) { if (!$donor->hasAccess($accessLevel)) { continue; } $this->revokePermission($accessEntity->getUuid(), get_class($accessEntity), $accessLevel); } }