作者:ashutosh-srija
项目:findit_akene
/**
* Constructs an underlying ObjectIdentity for given ObjectIdentity
* Underlying is class level ObjectIdentity for given object level ObjectIdentity.
*
* @param ObjectIdentity $oid
* @return ObjectIdentity
* @throws InvalidAclException
*/
public function underlying(ObjectIdentity $oid)
{
if ($oid->getIdentifier() === self::ROOT_IDENTITY_TYPE || $oid->getIdentifier() === ($extensionKey = $this->extensionSelector->select($oid)->getExtensionKey())) {
throw new InvalidAclException(sprintf('Cannot get underlying ACL for %s', $oid));
}
return new ObjectIdentity($extensionKey, $oid->getType());
}
作者:sgh198691
项目:symfony-ts
public function createTskAcl(Contact $contact)
{
$aclProvider = $this->getContainer()->get('security.acl.provider');
$objectIdentity = ObjectIdentity::fromDomainObject($contact);
$orgIdentity = 'ROLE_ORG_' . $contact->getOrganization()->getId();
$orgSecurityIdentity = new RoleSecurityIdentity($orgIdentity);
$builder = new MaskBuilder();
$builder->add('VIEW');
$builder->add('EDIT');
$builder->add('CREATE');
$builder->add('MASTER');
try {
try {
$acl = $aclProvider->createAcl($objectIdentity);
$acl->insertObjectAce($orgSecurityIdentity, $builder->get());
foreach ($contact->getSchools() as $school) {
$schoolIdentity = 'ROLE_SCHOOL_' . $school->getId();
$schoolSecurityIdentity = new RoleSecurityIdentity($schoolIdentity);
$acl->insertObjectAce($schoolSecurityIdentity, $builder->get());
}
$aclProvider->updateAcl($acl);
} catch (AclAlreadyExistsException $e) {
// keep going ...
}
} catch (AclException $e) {
throw $e;
}
}
作者:jarmas861
项目:proyec
/**
* This method is here to make your life better, so overwrite it
*
* @param \Symfony\Component\Form\Form $form the valid form
* @param \Taskeet\MainBundle\Entity\Event $Ticket your \Taskeet\MainBundle\Entity\Event object
*/
public function postSave(\Symfony\Component\Form\Form $form, \Taskeet\MainBundle\Entity\Event $Event)
{
$proveedor = $this->container->get('security.acl.provider');
$idObjeto = ObjectIdentity::fromDomainObject($Event);
//poniendo al usuario logueado como owner
$this->setPermissions($proveedor, $idObjeto, $this->getUser(), MaskBuilder::MASK_OWNER);
if ($data = $form->get('repeat')->getData()) {
$start = clone $form->get('startDate')->getData();
$end = clone $form->get('dueDate')->getData();
$ocurrences = $form->get('ocurrences')->getData();
$interval = new DateInterval($form->get('repeat')->getData());
$periodo = new \DatePeriod($start, $interval, $ocurrences, \DatePeriod::EXCLUDE_START_DATE);
foreach ($periodo as $key => $fecha) {
$event = clone $Event;
$event->setStartDate($fecha);
$event->setDueDate($end->add($interval));
$event->setTitle(sprintf('%s-%s', $Event->getTitle(), $key));
// $event->setSlug(sprintf('%s-%s', $Event->getSlug(), $key));
$this->preSave($form, $event);
$this->saveObject($event);
$idObjeto = ObjectIdentity::fromDomainObject($event);
$this->setPermissions($proveedor, $idObjeto, $this->getUser(), MaskBuilder::MASK_OWNER);
}
}
}
作者:saberyouni
项目:Sonata-Projec
/**
* Gets the form
*
* @param \Sonata\AdminBundle\Util\AdminObjectAclData $data
* @return \Symfony\Component\Form\Form
*/
public function createForm(AdminObjectAclData $data)
{
// Retrieve object identity
$objectIdentity = ObjectIdentity::fromDomainObject($data->getObject());
$acl = $data->getSecurityHandler()->getObjectAcl($objectIdentity);
if (!$acl) {
$acl = $data->getSecurityHandler()->createAcl($objectIdentity);
}
$data->setAcl($acl);
$masks = $data->getMasks();
// Create a form to set ACL
$formBuilder = $this->formFactory->createBuilder('form');
foreach ($data->getAclUsers() as $aclUser) {
$securityIdentity = UserSecurityIdentity::fromAccount($aclUser);
foreach ($data->getUserPermissions() as $permission) {
try {
$checked = $acl->isGranted(array($masks[$permission]), array($securityIdentity));
} catch (NoAceFoundException $e) {
$checked = false;
}
$formBuilder->add($aclUser->getId() . $permission, 'checkbox', array('required' => false, 'data' => $checked));
}
}
$form = $formBuilder->getForm();
$data->setForm($form);
return $form;
}
作者:sidmahat
项目:sur
/**
* Creates a new Url entity.
*
*/
public function createAction(Request $request)
{
$entity = new Url();
$form = $this->createCreateForm($entity);
$form->handleRequest($request);
// sets the author field to session username
$entity->setAuthor($this->get('security.token_storage')->getToken()->getUser());
if ($form->isValid()) {
$em = $this->getDoctrine()->getManager();
$em->persist($entity);
$em->flush();
//check logged in user for acl creation
if ($this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')) {
// creating the ACL
$aclProvider = $this->get('security.acl.provider');
$objectIdentity = ObjectIdentity::fromDomainObject($entity);
$acl = $aclProvider->createAcl($objectIdentity);
// retrieving the security identity of the currently logged-in user
$tokenStorage = $this->get('security.token_storage');
$user = $tokenStorage->getToken()->getUser();
$securityIdentity = UserSecurityIdentity::fromAccount($user);
// grant owner access
$acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_OWNER);
$aclProvider->updateAcl($acl);
}
return $this->redirect($this->generateUrl('url_show', array('id' => $entity->getId())));
}
return $this->render('SurlUrlBundle:Url:new.html.twig', array('entity' => $entity, 'form' => $form->createView()));
}
作者:gobjil
项目:BackBe
protected function setUp()
{
$this->initAutoload();
$bbapp = $this->getBBApp();
$this->initDb($bbapp);
$this->getBBApp()->setIsStarted(true);
$this->initAcl();
$this->site = new Site();
$this->site->setLabel('Test Site')->setServerName('test_server');
$this->groupEditor = new Group();
$this->groupEditor->setName('groupName');
$this->groupEditor->setSite($this->site);
$bbapp->getEntityManager()->persist($this->site);
$bbapp->getEntityManager()->persist($this->groupEditor);
$bbapp->getEntityManager()->flush();
// setup ACE for site
$aclProvider = $this->getSecurityContext()->getACLProvider();
$objectIdentity = ObjectIdentity::fromDomainObject($this->site);
$acl = $aclProvider->createAcl($objectIdentity);
// retrieving the security identity of the currently logged-in user
$securityIdentity = new UserSecurityIdentity($this->groupEditor->getName(), 'BackBee\\Security\\Group');
// grant owner access
$acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_EDIT);
$aclProvider->updateAcl($acl);
// authenticate user , set up permissions
$token = $this->createAuthUser('api_user', array('ROLE_API_USER'));
}
作者:neozo
项目:Cupo
/**
* Muestra el formulario para crear una nueva oferta y se encarga del
* procesamiento de la información recibida y la creación de las nuevas
* entidades de tipo Oferta
*/
public function ofertaNuevaAction()
{
$peticion = $this->getRequest();
$oferta = new Oferta();
$formulario = $this->createForm(new OfertaType(), $oferta);
if ($peticion->getMethod() == 'POST') {
$formulario->bindRequest($peticion);
if ($formulario->isValid()) {
// Completar las propiedades de la oferta que una tienda no puede establecer
$tienda = $this->get('security.context')->getToken()->getUser();
$oferta->setCompras(0);
$oferta->setRevisada(false);
$oferta->setTienda($tienda);
$oferta->setCiudad($tienda->getCiudad());
// Copiar la foto subida y guardar la ruta
$oferta->subirFoto($this->container->getParameter('cupon.directorio.imagenes'));
$em = $this->getDoctrine()->getEntityManager();
$em->persist($oferta);
$em->flush();
// Asignar el permiso necesario para que la tienda pueda modificar esta oferta
$idObjeto = ObjectIdentity::fromDomainObject($oferta);
$idUsuario = UserSecurityIdentity::fromAccount($tienda);
$acl = $this->get('security.acl.provider')->createAcl($idObjeto);
$acl->insertObjectAce($idUsuario, MaskBuilder::MASK_OPERATOR);
$this->get('security.acl.provider')->updateAcl($acl);
return $this->redirect($this->generateUrl('extranet_portada'));
}
}
return $this->render('TiendaBundle:Extranet:formulario.html.twig', array('accion' => 'crear', 'formulario' => $formulario->createView()));
}
作者:MaximePlanck
项目:Freedo
/**
* @Route("/create", name="freedom_objective_dashboard_create", options={"expose"=true})
* @Template()
*/
public function createAction()
{
$objective = new Objective();
$form = $this->createForm(new ObjectiveCreateType(), $objective);
$request = $this->get('request');
if ($request->getMethod() == 'POST') {
$form->handleRequest($request);
if ($form->isValid()) {
$objective->setUser($this->getUser());
$objective->setNbsteps(count($objective->getSteps()));
foreach ($objective->getSteps() as $key => $value) {
$value->setObjective($objective);
$objective->addStep($value);
}
$em = $this->getDoctrine()->getManager();
$em->persist($objective);
$em->flush();
//ACL
$aclProvider = $this->get('security.acl.provider');
$objectIdentity = ObjectIdentity::fromDomainObject($objective);
$acl = $aclProvider->createAcl($objectIdentity);
$securityContext = $this->get('security.context');
$user = $securityContext->getToken()->getUser();
$securityIdentity = UserSecurityIdentity::fromAccount($user);
$acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_OWNER);
$aclProvider->updateAcl($acl);
return $this->redirect($this->generateUrl('freedom_objective_dashboard_details', array('id' => $objective->getId())));
}
}
return array('form' => $form->createView());
}
作者:belackri
项目:step-inventor
/**
* {@inheritDoc}
*/
public function load(ObjectManager $manager)
{
$stepOrg = new Organization();
$stepOrg->setName('Step Inventory');
$manager->persist($stepOrg);
$demoOrg = new Organization();
$demoOrg->setName('Acme Inc.');
$manager->persist($demoOrg);
$manager->flush();
$this->addReference('stepOrg', $stepOrg);
$this->addReference('demoOrg', $demoOrg);
$aclProvider = $this->container->get('security.acl.provider');
$devRoleSecurityIdentity = new RoleSecurityIdentity('ROLE_DEV');
$adminRoleSecurityIdentity = new RoleSecurityIdentity('ROLE_ADMIN');
$leadRoleSecurityIdentity = new RoleSecurityIdentity('ROLE_LEAD');
$userRoleSecurityIdentity = new RoleSecurityIdentity('ROLE_USER');
$objectIdentity = ObjectIdentity::fromDomainObject($stepOrg);
$acl = $aclProvider->createAcl($objectIdentity);
$acl->insertObjectAce($userRoleSecurityIdentity, MaskBuilder::MASK_VIEW);
$acl->insertObjectAce($devRoleSecurityIdentity, MaskBuilder::MASK_OPERATOR);
$aclProvider->updateAcl($acl);
$objectIdentity = ObjectIdentity::fromDomainObject($demoOrg);
$acl = $aclProvider->createAcl($objectIdentity);
$acl->insertObjectAce($userRoleSecurityIdentity, MaskBuilder::MASK_VIEW);
$acl->insertObjectAce($adminRoleSecurityIdentity, MaskBuilder::MASK_OPERATOR);
$aclProvider->updateAcl($acl);
}
作者:unpetitl
项目:stor
/**
* New category page
* @return \Symfony\Component\HttpFoundation\Response
*/
public function newAction(Request $request)
{
$category = new Category();
$user = $this->getUser();
$category->setJeweler($user);
//j'associe mon jeweler 1 à mon produit
// je crée un formulaire de produit
$form = $this->createForm(new CategoryType($user), $category, array('validation_groups' => 'new', 'attr' => array('method' => 'post', 'novalidate' => 'novalidate', 'action' => $this->generateUrl('store_backend_category_new'))));
$form->handleRequest($request);
if ($form->isValid()) {
$em = $this->getDoctrine()->getManager();
//je récupère le manager de Doctrine
// j'upload mon fichier en faisant appel a la methode upload()
$category->upload();
$em->persist($category);
//j'enregistre mon objet product dans doctrine
$em->flush();
//j'envoie ma requete d'insert à ma table product
// création de l'ACL
$aclProvider = $this->get('security.acl.provider');
$objectIdentity = ObjectIdentity::fromDomainObject($category);
$acl = $aclProvider->createAcl($objectIdentity);
// retrouve l'identifiant de sécurité de l'utilisateur actuellement connecté
$tokenStorage = $this->get('security.token_storage');
$user = $tokenStorage->getToken()->getUser();
$securityIdentity = UserSecurityIdentity::fromAccount($user);
// donne accès au propriétaire
$acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_OWNER);
$aclProvider->updateAcl($acl);
$this->get('session')->getFlashBag()->add('success', 'Votre catégorie a bien été crée');
return $this->redirectToRoute('store_backend_category_list');
//redirection selon la route
}
return $this->render('StoreBackendBundle:Category:new.html.twig', array('form' => $form->createView()));
}
作者:belackri
项目:step-inventor
/**
* {@inheritDoc}
*/
public function load(ObjectManager $manager)
{
$tidLabel = new Label();
$tidLabel->setName('TravelerId Label');
$tidLabel->setDescription('ZPL TID Label');
$tidLabel->setTemplate('
^XA
^FO50,50^BY3
^BCN,100,Y,N,N
^FD{{tid}}
^XZ
');
$manager->persist($tidLabel);
$manager->flush();
//$this->addReference('dfwOffice', $dfwOffice);
$aclProvider = $this->container->get('security.acl.provider');
$devRoleSecurityIdentity = new RoleSecurityIdentity('ROLE_DEV');
$adminRoleSecurityIdentity = new RoleSecurityIdentity('ROLE_ADMIN');
$leadRoleSecurityIdentity = new RoleSecurityIdentity('ROLE_LEAD');
$userRoleSecurityIdentity = new RoleSecurityIdentity('ROLE_USER');
$objectIdentity = ObjectIdentity::fromDomainObject($tidLabel);
$acl = $aclProvider->createAcl($objectIdentity);
$acl->insertObjectAce($userRoleSecurityIdentity, MaskBuilder::MASK_VIEW);
$acl->insertObjectAce($adminRoleSecurityIdentity, MaskBuilder::MASK_OPERATOR);
$aclProvider->updateAcl($acl);
}
作者:admarin198
项目:ticket
/**
* Actualiza la acl del objeto en cuestión.
*
* @param $object
* @param array $applyTo
* @throws \Symfony\Component\Security\Acl\Exception\InvalidDomainObjectException
*/
public function updateAcl($object, $applyTo = array())
{
$objectIdentity = ObjectIdentity::fromDomainObject($object);
$aclProviderCallable = $this->aclProviderCallable;
$aclProviderCallable($objectIdentity, 'delete');
$acl = $aclProviderCallable($objectIdentity, 'create');
$this->applyAcl($acl, $applyTo);
}
作者:nickaggarwa
项目:sample-symfony
/**
* {@inheritDoc}
*/
public function getObjectIdentity($domainObject)
{
try {
return ObjectIdentity::fromDomainObject($domainObject);
} catch (InvalidDomainObjectException $failed) {
return null;
}
}
作者:Dren-
项目:mobi
public function testFromDomainObjectWithoutInterfaceAllowsZeroAsIdentifier()
{
$domainObject = new TestDomainObject();
$domainObject->id = '0';
$id = ObjectIdentity::fromDomainObject($domainObject);
$this->assertSame('0', $id->getIdentifier());
$this->assertEquals('Symfony\\Component\\Security\\Acl\\Tests\\Domain\\TestDomainObject', $id->getType());
}
作者:cmarianhodi
项目:BackBe
public function test_vote_objectScope()
{
$aclManager = $this->getBBApp()->getContainer()->get('security.acl_manager');
$aclManager->insertOrUpdateClassAce(ObjectIdentity::fromDomainObject($this->user), new UserSecurityIdentity($this->group->getObjectIdentifier(), get_class($this->group)), MaskBuilder::MASK_EDIT);
$this->assertEquals(BBAclVoter::ACCESS_GRANTED, $this->aclVoter->vote($this->token, $this->user, ['EDIT']));
$this->assertEquals(BBAclVoter::ACCESS_DENIED, $this->aclVoter->vote($this->token, new ObjectIdentity('all', get_class($this->user)), ['EDIT']));
$this->assertEquals(BBAclVoter::ACCESS_DENIED, $this->aclVoter->vote($this->token, new ObjectIdentity(23545866754, get_class($this->user)), ['EDIT']));
}
作者:jarmas861
项目:proyec
/**
* This method is here to make your life better, so overwrite it
*
* @param \Symfony\Component\Form\Form $form the valid form
* @param \Taskeet\MainBundle\Entity\Ticket $Ticket your \Taskeet\MainBundle\Entity\Ticket object
*/
public function postSave(\Symfony\Component\Form\Form $form, \Taskeet\MainBundle\Entity\Ticket $Ticket)
{
$proveedor = $this->container->get('security.acl.provider');
$idObjeto = ObjectIdentity::fromDomainObject($Ticket);
//si la tarea tiene asignado un empleado se le asigna el perm operator
if ($assignedTo = $Ticket->getAssignedTo()) {
$this->setPermissions($proveedor, $idObjeto, $assignedTo, MaskBuilder::MASK_EDIT);
}
}
作者:nightchille
项目:UserBundl
/**
* Creates the ACE for a user.
*
* @param UserInterface $user
*/
public function createUserAce(UserInterface $user)
{
if (!$this->aclProvider) {
return;
}
$oid = ObjectIdentity::fromDomainObject($user);
$acl = $this->aclProvider->createAcl($oid);
$acl->insertObjectAce(UserSecurityIdentity::fromAccount($user), MaskBuilder::MASK_OWNER);
$this->aclProvider->updateAcl($acl);
}
作者:belackri
项目:step-inventor
/**
* {@inheritDoc}
*/
public function load(ObjectManager $manager)
{
$userRole = new Role();
$userRole->setName('User');
$userRole->setRole('ROLE_USER');
$userRole->setIsAllowedToSwitch(false);
$manager->persist($userRole);
$leadRole = new Role();
$leadRole->setName('Lead');
$leadRole->setRole('ROLE_LEAD');
$leadRole->setIsAllowedToSwitch(false);
$leadRole->addRoleToHierarchy($userRole);
$manager->persist($leadRole);
$adminRole = new Role();
$adminRole->setName('Admin');
$adminRole->setRole('ROLE_ADMIN');
$adminRole->setIsAllowedToSwitch(false);
$adminRole->addRoleToHierarchy($leadRole);
$manager->persist($adminRole);
$devRole = new Role();
$devRole->setName('Dev');
$devRole->setRole('ROLE_DEV');
$devRole->setIsAllowedToSwitch(true);
$devRole->addRoleToHierarchy($adminRole);
$manager->persist($devRole);
$manager->flush();
$this->addReference('ROLE_USER', $userRole);
$this->addReference('ROLE_LEAD', $leadRole);
$this->addReference('ROLE_ADMIN', $adminRole);
$this->addReference('ROLE_DEV', $devRole);
$aclProvider = $this->container->get('security.acl.provider');
$devRoleSecurityIdentity = new RoleSecurityIdentity('ROLE_DEV');
$adminRoleSecurityIdentity = new RoleSecurityIdentity('ROLE_ADMIN');
$leadRoleSecurityIdentity = new RoleSecurityIdentity('ROLE_LEAD');
$userRoleSecurityIdentity = new RoleSecurityIdentity('ROLE_USER');
$objectIdentity = ObjectIdentity::fromDomainObject($userRole);
$acl = $aclProvider->createAcl($objectIdentity);
$acl->insertObjectAce($userRoleSecurityIdentity, MaskBuilder::MASK_VIEW);
$acl->insertObjectAce($devRoleSecurityIdentity, MaskBuilder::MASK_OPERATOR);
$aclProvider->updateAcl($acl);
$objectIdentity = ObjectIdentity::fromDomainObject($leadRole);
$acl = $aclProvider->createAcl($objectIdentity);
$acl->insertObjectAce($userRoleSecurityIdentity, MaskBuilder::MASK_VIEW);
$acl->insertObjectAce($devRoleSecurityIdentity, MaskBuilder::MASK_OPERATOR);
$aclProvider->updateAcl($acl);
$objectIdentity = ObjectIdentity::fromDomainObject($adminRole);
$acl = $aclProvider->createAcl($objectIdentity);
$acl->insertObjectAce($userRoleSecurityIdentity, MaskBuilder::MASK_VIEW);
$acl->insertObjectAce($devRoleSecurityIdentity, MaskBuilder::MASK_OPERATOR);
$aclProvider->updateAcl($acl);
$objectIdentity = ObjectIdentity::fromDomainObject($devRole);
$acl = $aclProvider->createAcl($objectIdentity);
$acl->insertObjectAce($devRoleSecurityIdentity, MaskBuilder::MASK_OPERATOR);
$aclProvider->updateAcl($acl);
}
作者:belackri
项目:step-inventor
/**
* {@inheritDoc}
*/
public function load(ObjectManager $manager)
{
$refs = $this->referenceRepository->getReferences();
$orgRefNames = [];
$deptRefNames = [];
$linkRefNames = [];
foreach ($refs as $ref) {
$refNames = $this->referenceRepository->getReferenceNames($ref);
if (is_a($ref, 'AppBundle\\Entity\\Department')) {
$deptRefNames[] = $refNames[0];
}
if (is_a($ref, 'AppBundle\\Entity\\MenuLink')) {
$linkRefNames[] = $refNames[0];
}
}
$items = [];
foreach ($deptRefNames as $deptRefName) {
$i = 1;
$department = $this->getReference($deptRefName);
foreach ($linkRefNames as $linkRefName) {
$item = new MenuItem();
$item->isActive(true);
$item->setPosition($i);
$item->setMenuLink($this->getReference($linkRefName));
$item->setOrganization($department->getOffice()->getOrganization());
if (in_array($linkRefName, ['inventoryAuditLink', 'inventoryActionLink', 'inventoryLogLink'])) {
$item->setParent($items[$deptRefName]['mainLink']);
} else {
if (in_array($linkRefName, ['adminInventoryLink', 'adminAccountingLink'])) {
$item->setParent($items[$deptRefName]['adminLink']);
} else {
$item->setDepartment($department);
}
}
$manager->persist($item);
$items[$deptRefName][$linkRefName] = $item;
$i++;
}
}
$manager->flush();
$aclProvider = $this->container->get('security.acl.provider');
$devRoleSecurityIdentity = new RoleSecurityIdentity('ROLE_DEV');
$adminRoleSecurityIdentity = new RoleSecurityIdentity('ROLE_ADMIN');
$leadRoleSecurityIdentity = new RoleSecurityIdentity('ROLE_LEAD');
$userRoleSecurityIdentity = new RoleSecurityIdentity('ROLE_USER');
foreach ($items as $deptItems) {
foreach ($deptItems as $item) {
$objectIdentity = ObjectIdentity::fromDomainObject($item);
$acl = $aclProvider->createAcl($objectIdentity);
$acl->insertObjectAce($userRoleSecurityIdentity, MaskBuilder::MASK_VIEW);
$acl->insertObjectAce($adminRoleSecurityIdentity, MaskBuilder::MASK_OPERATOR);
$aclProvider->updateAcl($acl);
}
}
}
作者:Belka
项目:tangara-serve
public function setOwner(Project $project, User $user, $save = true)
{
$project->setOwner($user);
$objectIdentity = ObjectIdentity::fromDomainObject($project);
$entry = $this->acl->createAcl($objectIdentity);
$securityIdentity = UserSecurityIdentity::fromAccount($user);
$entry->insertObjectAce($securityIdentity, MaskBuilder::MASK_OWNER);
$this->acl->updateAcl($entry);
if ($save) {
$this->saveProject($project);
}
}