TomaHost/Chamilo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Actualización

Browse Source
This commit is contained in:
Xes
2025-04-10 12:24:57 +02:00
parent 8969cc929d
commit 45420b6f0d
39760 changed files with 4303286 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

118
vendor/sonata-project/admin-bundle/Util/AdminAclManipulator.php vendored Normal file
View File

@@ -0,0 +1,118 @@
<?php
/*
* This file is part of the Sonata Project package.
*
* (c) Thomas Rabaix <thomas.rabaix@sonata-project.org>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Sonata\AdminBundle\Util;
use Sonata\AdminBundle\Admin\AdminInterface;
use Sonata\AdminBundle\Security\Handler\AclSecurityHandlerInterface;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Security\Acl\Domain\ObjectIdentity;
use Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity;
use Symfony\Component\Security\Acl\Model\AclInterface;
/**
* @author Thomas Rabaix <thomas.rabaix@sonata-project.org>
*/
class AdminAclManipulator implements AdminAclManipulatorInterface
{
/**
* @var string
*/
protected $maskBuilderClass;
/**
* @param string $maskBuilderClass
*/
public function __construct($maskBuilderClass)
{
$this->maskBuilderClass = $maskBuilderClass;
}
/**
* {@inheritdoc}
*/
public function configureAcls(OutputInterface $output, AdminInterface $admin)
{
$securityHandler = $admin->getSecurityHandler();
if (!$securityHandler instanceof AclSecurityHandlerInterface) {
$output->writeln(sprintf('Admin `%s` is not configured to use ACL : <info>ignoring</info>', $admin->getCode()));
return;
}
$objectIdentity = ObjectIdentity::fromDomainObject($admin);
$newAcl = false;
if (is_null($acl = $securityHandler->getObjectAcl($objectIdentity))) {
$acl = $securityHandler->createAcl($objectIdentity);
$newAcl = true;
}
// create admin ACL
$output->writeln(sprintf(' > install ACL for %s', $admin->getCode()));
$configResult = $this->addAdminClassAces($output, $acl, $securityHandler, $securityHandler->buildSecurityInformation($admin));
if ($configResult) {
$securityHandler->updateAcl($acl);
} else {
$output->writeln(sprintf(' - %s , no roles and permissions found', ($newAcl ? 'skip' : 'removed')));
$securityHandler->deleteAcl($objectIdentity);
}
}
/**
* {@inheritdoc}
*/
public function addAdminClassAces(OutputInterface $output, AclInterface $acl, AclSecurityHandlerInterface $securityHandler, array $roleInformation = [])
{
if (count($securityHandler->getAdminPermissions()) > 0) {
$builder = new $this->maskBuilderClass();
foreach ($roleInformation as $role => $permissions) {
$aceIndex = $securityHandler->findClassAceIndexByRole($acl, $role);
$roleAdminPermissions = [];
foreach ($permissions as $permission) {
// add only the admin permissions
if (in_array($permission, $securityHandler->getAdminPermissions())) {
$builder->add($permission);
$roleAdminPermissions[] = $permission;
}
}
if (count($roleAdminPermissions) > 0) {
if ($aceIndex === false) {
$acl->insertClassAce(new RoleSecurityIdentity($role), $builder->get());
$action = 'add';
} else {
$acl->updateClassAce($aceIndex, $builder->get());
$action = 'update';
}
if (!is_null($output)) {
$output->writeln(sprintf(' - %s role: %s, permissions: %s', $action, $role, json_encode($roleAdminPermissions)));
}
$builder->reset();
} elseif ($aceIndex !== false) {
$acl->deleteClassAce($aceIndex);
if (!is_null($output)) {
$output->writeln(sprintf(' - remove role: %s', $role));
}
}
}
return true;
}
return false;
}
}

43
vendor/sonata-project/admin-bundle/Util/AdminAclManipulatorInterface.php vendored Normal file
View File

@@ -0,0 +1,43 @@
<?php
/*
* This file is part of the Sonata Project package.
*
* (c) Thomas Rabaix <thomas.rabaix@sonata-project.org>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Sonata\AdminBundle\Util;
use Sonata\AdminBundle\Admin\AdminInterface;
use Sonata\AdminBundle\Security\Handler\AclSecurityHandlerInterface;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Security\Acl\Model\AclInterface;
/**
* @author Thomas Rabaix <thomas.rabaix@sonata-project.org>
*/
interface AdminAclManipulatorInterface
{
/**
* Batch configure the ACLs for all objects handled by an Admin.
*
* @param OutputInterface $output
* @param AdminInterface $admin
*/
public function configureAcls(OutputInterface $output, AdminInterface $admin);
/**
* Add the class ACE's to the admin ACL.
*
* @param OutputInterface $output
* @param AclInterface $acl
* @param AclSecurityHandlerInterface $securityHandler
* @param array $roleInformation
*
* @return bool TRUE if admin class ACEs are added, FALSE if not
*/
public function addAdminClassAces(OutputInterface $output, AclInterface $acl, AclSecurityHandlerInterface $securityHandler, array $roleInformation = []);
}

331
vendor/sonata-project/admin-bundle/Util/AdminObjectAclData.php vendored Normal file
View File

@@ -0,0 +1,331 @@
<?php
/*
* This file is part of the Sonata Project package.
*
* (c) Thomas Rabaix <thomas.rabaix@sonata-project.org>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Sonata\AdminBundle\Util;
use Sonata\AdminBundle\Admin\AdminInterface;
use Sonata\AdminBundle\Security\Handler\SecurityHandlerInterface;
use Symfony\Component\Form\Form;
use Symfony\Component\Security\Acl\Domain\Acl;
/**
* AdminObjectAclData holds data manipulated by {@link AdminObjectAclManipulator}.
*
* @author Kévin Dunglas <kevin@les-tilleuls.coop>
*/
class AdminObjectAclData
{
/**
* @var array Permissions managed only by a OWNER
*/
protected static $ownerPermissions = ['MASTER', 'OWNER'];
/**
* @var AdminInterface
*/
protected $admin;
/**
* @var mixed
*/
protected $object;
/**
* @var \Traversable Users to set ACL for
*/
protected $aclUsers;
/**
* @var \Traversable Roles to set ACL for
*/
protected $aclRoles;
/**
* @var array Cache of masks
*/
protected $masks;
/**
* @var Form
*/
protected $aclUsersForm;
/**
* @var Form
*/
protected $aclRolesForm;
/**
* @var Acl
*/
protected $acl;
/**
* @var string
*/
protected $maskBuilderClass;
/**
* @param AdminInterface $admin
* @param mixed $object
* @param \Traversable $aclUsers
* @param string $maskBuilderClass
* @param \Traversable|null $aclRoles
*/
public function __construct(AdminInterface $admin, $object, \Traversable $aclUsers, $maskBuilderClass, \Traversable $aclRoles = null)
{
$this->admin = $admin;
$this->object = $object;
$this->aclUsers = $aclUsers;
$this->aclRoles = (null === $aclRoles) ? new \ArrayIterator() : $aclRoles;
$this->maskBuilderClass = $maskBuilderClass;
$this->updateMasks();
}
/**
* Gets admin.
*
* @return AdminInterface
*/
public function getAdmin()
{
return $this->admin;
}
/**
* Gets object.
*
* @return mixed
*/
public function getObject()
{
return $this->object;
}
/**
* Gets ACL users.
*
* @return \Traversable
*/
public function getAclUsers()
{
return $this->aclUsers;
}
/**
* Gets ACL roles.
*
* @return \Traversable
*/
public function getAclRoles()
{
return $this->aclRoles;
}
/**
* Sets ACL.
*
* @param Acl $acl
*
* @return AdminObjectAclData
*/
public function setAcl(Acl $acl)
{
$this->acl = $acl;
return $this;
}
/**
* Gets ACL.
*
* @return Acl
*/
public function getAcl()
{
return $this->acl;
}
/**
* Gets masks.
*
* @return array
*/
public function getMasks()
{
return $this->masks;
}
/**
* Sets form.
*
* NEXT_MAJOR: remove this method.
*
* @param Form $form
*
* @return AdminObjectAclData
*
* @deprecated Deprecated since version 3.0. Use setAclUsersForm() instead
*/
public function setForm(Form $form)
{
@trigger_error(
'setForm() is deprecated since version 3.0 and will be removed in 4.0. '
.'Use setAclUsersForm() instead.',
E_USER_DEPRECATED
);
return $this->setAclUsersForm($form);
}
/**
* Gets form.
*
* NEXT_MAJOR: remove this method.
*
* @return Form
*
* @deprecated Deprecated since version 3.0. Use getAclUsersForm() instead
*/
public function getForm()
{
@trigger_error(
'getForm() is deprecated since version 3.0 and will be removed in 4.0. '
.'Use getAclUsersForm() instead.',
E_USER_DEPRECATED
);
return $this->getAclUsersForm();
}
/**
* Sets ACL users form.
*
* @param Form $form
*
* @return AdminObjectAclData
*/
public function setAclUsersForm(Form $form)
{
$this->aclUsersForm = $form;
return $this;
}
/**
* Gets ACL users form.
*
* @return Form
*/
public function getAclUsersForm()
{
return $this->aclUsersForm;
}
/**
* Sets ACL roles form.
*
* @param Form $form
*
* @return AdminObjectAclData
*/
public function setAclRolesForm(Form $form)
{
$this->aclRolesForm = $form;
return $this;
}
/**
* Gets ACL roles form.
*
* @return Form
*/
public function getAclRolesForm()
{
return $this->aclRolesForm;
}
/**
* Gets permissions.
*
* @return array
*/
public function getPermissions()
{
return $this->admin->getSecurityHandler()->getObjectPermissions();
}
/**
* Get permissions that the current user can set.
*
* @return array
*/
public function getUserPermissions()
{
$permissions = $this->getPermissions();
if (!$this->isOwner()) {
foreach (self::$ownerPermissions as $permission) {
$key = array_search($permission, $permissions);
if ($key !== false) {
unset($permissions[$key]);
}
}
}
return $permissions;
}
/**
* Tests if the current user has the OWNER right.
*
* @return bool
*/
public function isOwner()
{
// Only a owner can set MASTER and OWNER ACL
return $this->admin->isGranted('OWNER', $this->object);
}
/**
* Gets security handler.
*
* @return SecurityHandlerInterface
*/
public function getSecurityHandler()
{
return $this->admin->getSecurityHandler();
}
/**
* @return array
*/
public function getSecurityInformation()
{
return $this->admin->getSecurityHandler()->buildSecurityInformation($this->admin);
}
/**
* Cache masks.
*/
protected function updateMasks()
{
$permissions = $this->getPermissions();
$reflectionClass = new \ReflectionClass(new $this->maskBuilderClass());
$this->masks = [];
foreach ($permissions as $permission) {
$this->masks[$permission] = $reflectionClass->getConstant('MASK_'.$permission);
}
}
}

313
vendor/sonata-project/admin-bundle/Util/AdminObjectAclManipulator.php vendored Normal file
View File

@@ -0,0 +1,313 @@
<?php
/*
* This file is part of the Sonata Project package.
*
* (c) Thomas Rabaix <thomas.rabaix@sonata-project.org>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Sonata\AdminBundle\Util;
use Sonata\AdminBundle\Form\Type\AclMatrixType;
use Symfony\Component\Form\Form;
use Symfony\Component\Form\FormBuilderInterface;
use Symfony\Component\Form\FormFactoryInterface;
use Symfony\Component\Security\Acl\Domain\ObjectIdentity;
use Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity;
use Symfony\Component\Security\Acl\Domain\UserSecurityIdentity;
use Symfony\Component\Security\Acl\Exception\NoAceFoundException;
use Symfony\Component\Security\Core\User\UserInterface;
/**
* A manipulator for updating ACL related to an object.
*
* @author Kévin Dunglas <kevin@les-tilleuls.coop>
* @author Baptiste Meyer <baptiste@les-tilleuls.coop>
*/
class AdminObjectAclManipulator
{
const ACL_USERS_FORM_NAME = 'acl_users_form';
const ACL_ROLES_FORM_NAME = 'acl_roles_form';
/**
* @var FormFactoryInterface
*/
protected $formFactory;
/**
* @var string
*/
protected $maskBuilderClass;
/**
* @param FormFactoryInterface $formFactory
* @param string $maskBuilderClass
*/
public function __construct(FormFactoryInterface $formFactory, $maskBuilderClass)
{
$this->formFactory = $formFactory;
$this->maskBuilderClass = $maskBuilderClass;
}
/**
* Gets mask builder class name.
*
* @return string
*/
public function getMaskBuilderClass()
{
return $this->maskBuilderClass;
}
/**
* Gets the form.
*
* NEXT_MAJOR: remove this method.
*
* @param AdminObjectAclData $data
*
* @return Form
*
* @deprecated Deprecated since version 3.0. Use createAclUsersForm() instead
*/
public function createForm(AdminObjectAclData $data)
{
@trigger_error(
'createForm() is deprecated since version 3.0 and will be removed in 4.0. '
.'Use createAclUsersForm() instead.',
E_USER_DEPRECATED
);
return $this->createAclUsersForm($data);
}
/**
* Gets the ACL users form.
*
* @param AdminObjectAclData $data
*
* @return Form
*/
public function createAclUsersForm(AdminObjectAclData $data)
{
$aclValues = $data->getAclUsers();
$formBuilder = $this->formFactory->createNamedBuilder(self::ACL_USERS_FORM_NAME, 'form');
$form = $this->buildForm($data, $formBuilder, $aclValues);
$data->setAclUsersForm($form);
return $form;
}
/**
* Gets the ACL roles form.
*
* @param AdminObjectAclData $data
*
* @return Form
*/
public function createAclRolesForm(AdminObjectAclData $data)
{
$aclValues = $data->getAclRoles();
$formBuilder = $this->formFactory->createNamedBuilder(self::ACL_ROLES_FORM_NAME, 'form');
$form = $this->buildForm($data, $formBuilder, $aclValues);
$data->setAclRolesForm($form);
return $form;
}
/**
* Updates ACL users.
*
* @param AdminObjectAclData $data
*/
public function updateAclUsers(AdminObjectAclData $data)
{
$aclValues = $data->getAclUsers();
$form = $data->getAclUsersForm();
$this->buildAcl($data, $form, $aclValues);
}
/**
* Updates ACL roles.
*
* @param AdminObjectAclData $data
*/
public function updateAclRoles(AdminObjectAclData $data)
{
$aclValues = $data->getAclRoles();
$form = $data->getAclRolesForm();
$this->buildAcl($data, $form, $aclValues);
}
/**
* Updates ACl.
*
* NEXT_MAJOR: remove this method.
*
* @param AdminObjectAclData $data
*
* @deprecated Deprecated since version 3.0. Use updateAclUsers() instead
*/
public function updateAcl(AdminObjectAclData $data)
{
@trigger_error(
'updateAcl() is deprecated since version 3.0 and will be removed in 4.0.'
.'Use updateAclUsers() instead.',
E_USER_DEPRECATED
);
$this->updateAclUsers($data);
}
/**
* Builds ACL.
*
* @param AdminObjectAclData $data
* @param Form $form
* @param \Traversable $aclValues
*/
protected function buildAcl(AdminObjectAclData $data, Form $form, \Traversable $aclValues)
{
$masks = $data->getMasks();
$acl = $data->getAcl();
$matrices = $form->getData();
foreach ($aclValues as $aclValue) {
foreach ($matrices as $key => $matrix) {
if ($aclValue instanceof UserInterface) {
if (array_key_exists('user', $matrix) && $aclValue->getUsername() === $matrix['user']) {
$matrices[$key]['acl_value'] = $aclValue;
}
} elseif (array_key_exists('role', $matrix) && $aclValue === $matrix['role']) {
$matrices[$key]['acl_value'] = $aclValue;
}
}
}
foreach ($matrices as $matrix) {
if (!isset($matrix['acl_value'])) {
continue;
}
$securityIdentity = $this->getSecurityIdentity($matrix['acl_value']);
$maskBuilder = new $this->maskBuilderClass();
foreach ($data->getUserPermissions() as $permission) {
if (isset($matrix[$permission]) && $matrix[$permission] === true) {
$maskBuilder->add($permission);
}
}
// Restore OWNER and MASTER permissions
if (!$data->isOwner()) {
foreach ($data->getOwnerPermissions() as $permission) {
if ($acl->isGranted([$masks[$permission]], [$securityIdentity])) {
$maskBuilder->add($permission);
}
}
}
$mask = $maskBuilder->get();
$index = null;
$ace = null;
foreach ($acl->getObjectAces() as $currentIndex => $currentAce) {
if ($currentAce->getSecurityIdentity()->equals($securityIdentity)) {
$index = $currentIndex;
$ace = $currentAce;
break;
}
}
if ($ace) {
$acl->updateObjectAce($index, $mask);
} else {
$acl->insertObjectAce($securityIdentity, $mask);
}
}
$data->getSecurityHandler()->updateAcl($acl);
}
/**
* Builds the form.
*
* @param AdminObjectAclData $data
* @param FormBuilderInterface $formBuilder
* @param \Traversable $aclValues
*
* @return Form
*/
protected function buildForm(AdminObjectAclData $data, FormBuilderInterface $formBuilder, \Traversable $aclValues)
{
// Retrieve object identity
$objectIdentity = ObjectIdentity::fromDomainObject($data->getObject());
$acl = $data->getSecurityHandler()->getObjectAcl($objectIdentity);
if (!$acl) {
$acl = $data->getSecurityHandler()->createAcl($objectIdentity);
}
$data->setAcl($acl);
$masks = $data->getMasks();
$securityInformation = $data->getSecurityInformation();
foreach ($aclValues as $key => $aclValue) {
$securityIdentity = $this->getSecurityIdentity($aclValue);
$permissions = [];
foreach ($data->getUserPermissions() as $permission) {
try {
$checked = $acl->isGranted([$masks[$permission]], [$securityIdentity]);
} catch (NoAceFoundException $e) {
$checked = false;
}
$attr = [];
if (
self::ACL_ROLES_FORM_NAME === $formBuilder->getName()
&& isset($securityInformation[$aclValue])
&& array_search($permission, $securityInformation[$aclValue]) !== false
) {
$attr['disabled'] = 'disabled';
}
$permissions[$permission] = [
'required' => false,
'data' => $checked,
'disabled' => array_key_exists('disabled', $attr),
'attr' => $attr,
];
}
// NEXT_MAJOR: remove when dropping Symfony <2.8 support
$type = method_exists('Symfony\Component\Form\AbstractType', 'getBlockPrefix') ?
'Sonata\AdminBundle\Form\Type\AclMatrixType' :
new AclMatrixType();
$formBuilder->add($key, $type, ['permissions' => $permissions, 'acl_value' => $aclValue]);
}
return $formBuilder->getForm();
}
/**
* Gets a user or a role security identity.
*
* @param string|UserInterface $aclValue
*
* @return RoleSecurityIdentity|UserSecurityIdentity
*/
protected function getSecurityIdentity($aclValue)
{
return ($aclValue instanceof UserInterface)
? UserSecurityIdentity::fromAccount($aclValue)
: new RoleSecurityIdentity($aclValue)
;
}
}

126
vendor/sonata-project/admin-bundle/Util/FormBuilderIterator.php vendored Normal file
View File

@@ -0,0 +1,126 @@
<?php
/*
* This file is part of the Sonata Project package.
*
* (c) Thomas Rabaix <thomas.rabaix@sonata-project.org>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Sonata\AdminBundle\Util;
use Symfony\Component\Form\FormBuilderInterface;
/**
* @author Thomas Rabaix <thomas.rabaix@sonata-project.org>
*/
class FormBuilderIterator extends \RecursiveArrayIterator
{
/**
* @var \ReflectionProperty
*/
protected static $reflection;
/**
* @var FormBuilderInterface
*/
protected $formBuilder;
/**
* @var array
*/
protected $keys = [];
/**
* @var bool|string
*/
protected $prefix;
/**
* @var \ArrayIterator
*/
protected $iterator;
/**
* @param FormBuilderInterface $formBuilder
* @param bool $prefix
*/
public function __construct(FormBuilderInterface $formBuilder, $prefix = false)
{
$this->formBuilder = $formBuilder;
$this->prefix = $prefix ? $prefix : $formBuilder->getName();
$this->iterator = new \ArrayIterator(self::getKeys($formBuilder));
}
/**
* {@inheritdoc}
*/
public function rewind()
{
$this->iterator->rewind();
}
/**
* {@inheritdoc}
*/
public function valid()
{
return $this->iterator->valid();
}
/**
* {@inheritdoc}
*/
public function key()
{
$name = $this->iterator->current();
return sprintf('%s_%s', $this->prefix, $name);
}
/**
* {@inheritdoc}
*/
public function next()
{
$this->iterator->next();
}
/**
* {@inheritdoc}
*/
public function current()
{
return $this->formBuilder->get($this->iterator->current());
}
/**
* {@inheritdoc}
*/
public function getChildren()
{
return new self($this->formBuilder->get($this->iterator->current()), $this->current());
}
/**
* {@inheritdoc}
*/
public function hasChildren()
{
return count(self::getKeys($this->current())) > 0;
}
/**
* @static
*
* @param FormBuilderInterface $formBuilder
*
* @return array
*/
private static function getKeys(FormBuilderInterface $formBuilder)
{
return array_keys($formBuilder->all());
}
}

89
vendor/sonata-project/admin-bundle/Util/FormViewIterator.php vendored Normal file
View File

@@ -0,0 +1,89 @@
<?php
/*
* This file is part of the Sonata Project package.
*
* (c) Thomas Rabaix <thomas.rabaix@sonata-project.org>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Sonata\AdminBundle\Util;
use Symfony\Component\Form\FormView;
/**
* @author Thomas Rabaix <thomas.rabaix@sonata-project.org>
*/
class FormViewIterator implements \RecursiveIterator
{
/**
* @var \ArrayIterator
*/
protected $iterator;
/**
* @param FormView $formView
*/
public function __construct(FormView $formView)
{
$this->iterator = $formView->getIterator();
}
/**
* {@inheritdoc}
*/
public function getChildren()
{
return new self($this->current());
}
/**
* {@inheritdoc}
*/
public function hasChildren()
{
return count($this->current()->children) > 0;
}
/**
* {@inheritdoc}
*/
public function current()
{
return $this->iterator->current();
}
/**
* {@inheritdoc}
*/
public function next()
{
$this->iterator->next();
}
/**
* {@inheritdoc}
*/
public function key()
{
return $this->current()->vars['id'];
}
/**
* {@inheritdoc}
*/
public function valid()
{
return $this->iterator->valid();
}
/**
* {@inheritdoc}
*/
public function rewind()
{
$this->iterator->rewind();
}
}

74
vendor/sonata-project/admin-bundle/Util/ObjectAclManipulator.php vendored Normal file
View File

@@ -0,0 +1,74 @@
<?php
/*
* This file is part of the Sonata Project package.
*
* (c) Thomas Rabaix <thomas.rabaix@sonata-project.org>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Sonata\AdminBundle\Util;
use Sonata\AdminBundle\Admin\AdminInterface;
use Sonata\AdminBundle\Security\Handler\AclSecurityHandlerInterface;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Security\Acl\Domain\UserSecurityIdentity;
/**
* @author Thomas Rabaix <thomas.rabaix@sonata-project.org>
*/
abstract class ObjectAclManipulator implements ObjectAclManipulatorInterface
{
/**
* Configure the object ACL for the passed object identities.
*
* @param OutputInterface $output
* @param AdminInterface $admin
* @param \Traversable $oids a collection of ObjectIdentityInterface implementations
* @param UserSecurityIdentity $securityIdentity
*
* @throws \Exception
*
* @return array [countAdded, countUpdated]
*/
public function configureAcls(OutputInterface $output, AdminInterface $admin, \Traversable $oids, UserSecurityIdentity $securityIdentity = null)
{
$countAdded = 0;
$countUpdated = 0;
$securityHandler = $admin->getSecurityHandler();
if (!$securityHandler instanceof AclSecurityHandlerInterface) {
$output->writeln(sprintf('Admin `%s` is not configured to use ACL : <info>ignoring</info>', $admin->getCode()));
return [0, 0];
}
$acls = $securityHandler->findObjectAcls($oids);
foreach ($oids as $oid) {
if ($acls->contains($oid)) {
$acl = $acls->offsetGet($oid);
++$countUpdated;
} else {
$acl = $securityHandler->createAcl($oid);
++$countAdded;
}
if (!is_null($securityIdentity)) {
// add object owner
$securityHandler->addObjectOwner($acl, $securityIdentity);
}
$securityHandler->addObjectClassAces($acl, $securityHandler->buildSecurityInformation($admin));
try {
$securityHandler->updateAcl($acl);
} catch (\Exception $e) {
$output->writeln(sprintf('Error saving ObjectIdentity (%s, %s) ACL : %s <info>ignoring</info>', $oid->getIdentifier(), $oid->getType(), $e->getMessage()));
}
}
return [$countAdded, $countUpdated];
}
}

36
vendor/sonata-project/admin-bundle/Util/ObjectAclManipulatorInterface.php vendored Normal file
View File

@@ -0,0 +1,36 @@
<?php
/*
* This file is part of the Sonata Project package.
*
* (c) Thomas Rabaix <thomas.rabaix@sonata-project.org>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Sonata\AdminBundle\Util;
use Sonata\AdminBundle\Admin\AdminInterface;
use Sonata\AdminBundle\Exception\ModelManagerException;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Security\Acl\Domain\UserSecurityIdentity;
/**
* @author Thomas Rabaix <thomas.rabaix@sonata-project.org>
*/
interface ObjectAclManipulatorInterface
{
/**
* Batch configure the ACLs for all objects handled by an Admin.
*
* @abstract
*
* @param OutputInterface $output
* @param AdminInterface $admin
* @param UserSecurityIdentity $securityIdentity
*
* @throws ModelManagerException
*/
public function batchConfigureAcls(OutputInterface $output, AdminInterface $admin, UserSecurityIdentity $securityIdentity = null);
}