作者:robertowes
项目:CuteFlow-V
/**
* {@inheritDoc}
*/
public function getSecurityIdentities(TokenInterface $token)
{
$sids = array();
// add user security identity
if (!$token instanceof AnonymousToken) {
try {
$sids[] = UserSecurityIdentity::fromToken($token);
} catch (\InvalidArgumentException $invalid) {
// ignore, user has no user security identity
}
}
// add all reachable roles
foreach ($this->roleHierarchy->getReachableRoles($token->getRoles()) as $role) {
$sids[] = new RoleSecurityIdentity($role);
}
// add built-in special roles
if ($this->authenticationTrustResolver->isFullFledged($token)) {
$sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_FULLY);
$sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED);
$sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY);
} else {
if ($this->authenticationTrustResolver->isRememberMe($token)) {
$sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED);
$sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY);
} else {
if ($this->authenticationTrustResolver->isAnonymous($token)) {
$sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY);
}
}
}
return $sids;
}
作者:neozo
项目:Cupo
/**
* Muestra el formulario para crear una nueva oferta y se encarga del
* procesamiento de la información recibida y la creación de las nuevas
* entidades de tipo Oferta
*/
public function ofertaNuevaAction()
{
$peticion = $this->getRequest();
$oferta = new Oferta();
$formulario = $this->createForm(new OfertaType(), $oferta);
if ($peticion->getMethod() == 'POST') {
$formulario->bindRequest($peticion);
if ($formulario->isValid()) {
// Completar las propiedades de la oferta que una tienda no puede establecer
$tienda = $this->get('security.context')->getToken()->getUser();
$oferta->setCompras(0);
$oferta->setRevisada(false);
$oferta->setTienda($tienda);
$oferta->setCiudad($tienda->getCiudad());
// Copiar la foto subida y guardar la ruta
$oferta->subirFoto($this->container->getParameter('cupon.directorio.imagenes'));
$em = $this->getDoctrine()->getEntityManager();
$em->persist($oferta);
$em->flush();
// Asignar el permiso necesario para que la tienda pueda modificar esta oferta
$idObjeto = ObjectIdentity::fromDomainObject($oferta);
$idUsuario = UserSecurityIdentity::fromAccount($tienda);
$acl = $this->get('security.acl.provider')->createAcl($idObjeto);
$acl->insertObjectAce($idUsuario, MaskBuilder::MASK_OPERATOR);
$this->get('security.acl.provider')->updateAcl($acl);
return $this->redirect($this->generateUrl('extranet_portada'));
}
}
return $this->render('TiendaBundle:Extranet:formulario.html.twig', array('accion' => 'crear', 'formulario' => $formulario->createView()));
}
作者:rosstuc
项目:Po
/**
* {@inheritDoc}
*/
public function getSecurityIdentities(TokenInterface $token)
{
$sids = array();
// add user security identity
$user = $token->getUser();
if ($user instanceof AccountInterface) {
$sids[] = UserSecurityIdentity::fromAccount($user);
}
// add all reachable roles
foreach ($this->roleHierarchy->getReachableRoles($token->getRoles()) as $role) {
$sids[] = new RoleSecurityIdentity($role);
}
// add built-in special roles
if ($this->authenticationTrustResolver->isFullFledged($token)) {
$sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_FULLY);
$sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED);
$sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY);
} else {
if ($this->authenticationTrustResolver->isRememberMe($token)) {
$sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED);
$sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY);
} else {
if ($this->authenticationTrustResolver->isAnonymous($token)) {
$sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY);
}
}
}
return $sids;
}
作者:unpetitl
项目:stor
/**
* New category page
* @return \Symfony\Component\HttpFoundation\Response
*/
public function newAction(Request $request)
{
$category = new Category();
$user = $this->getUser();
$category->setJeweler($user);
//j'associe mon jeweler 1 à mon produit
// je crée un formulaire de produit
$form = $this->createForm(new CategoryType($user), $category, array('validation_groups' => 'new', 'attr' => array('method' => 'post', 'novalidate' => 'novalidate', 'action' => $this->generateUrl('store_backend_category_new'))));
$form->handleRequest($request);
if ($form->isValid()) {
$em = $this->getDoctrine()->getManager();
//je récupère le manager de Doctrine
// j'upload mon fichier en faisant appel a la methode upload()
$category->upload();
$em->persist($category);
//j'enregistre mon objet product dans doctrine
$em->flush();
//j'envoie ma requete d'insert à ma table product
// création de l'ACL
$aclProvider = $this->get('security.acl.provider');
$objectIdentity = ObjectIdentity::fromDomainObject($category);
$acl = $aclProvider->createAcl($objectIdentity);
// retrouve l'identifiant de sécurité de l'utilisateur actuellement connecté
$tokenStorage = $this->get('security.token_storage');
$user = $tokenStorage->getToken()->getUser();
$securityIdentity = UserSecurityIdentity::fromAccount($user);
// donne accès au propriétaire
$acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_OWNER);
$aclProvider->updateAcl($acl);
$this->get('session')->getFlashBag()->add('success', 'Votre catégorie a bien été crée');
return $this->redirectToRoute('store_backend_category_list');
//redirection selon la route
}
return $this->render('StoreBackendBundle:Category:new.html.twig', array('form' => $form->createView()));
}
作者:sidmahat
项目:sur
/**
* Creates a new Url entity.
*
*/
public function createAction(Request $request)
{
$entity = new Url();
$form = $this->createCreateForm($entity);
$form->handleRequest($request);
// sets the author field to session username
$entity->setAuthor($this->get('security.token_storage')->getToken()->getUser());
if ($form->isValid()) {
$em = $this->getDoctrine()->getManager();
$em->persist($entity);
$em->flush();
//check logged in user for acl creation
if ($this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')) {
// creating the ACL
$aclProvider = $this->get('security.acl.provider');
$objectIdentity = ObjectIdentity::fromDomainObject($entity);
$acl = $aclProvider->createAcl($objectIdentity);
// retrieving the security identity of the currently logged-in user
$tokenStorage = $this->get('security.token_storage');
$user = $tokenStorage->getToken()->getUser();
$securityIdentity = UserSecurityIdentity::fromAccount($user);
// grant owner access
$acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_OWNER);
$aclProvider->updateAcl($acl);
}
return $this->redirect($this->generateUrl('url_show', array('id' => $entity->getId())));
}
return $this->render('SurlUrlBundle:Url:new.html.twig', array('entity' => $entity, 'form' => $form->createView()));
}
作者:MaximePlanck
项目:Freedo
/**
* @Route("/create", name="freedom_objective_dashboard_create", options={"expose"=true})
* @Template()
*/
public function createAction()
{
$objective = new Objective();
$form = $this->createForm(new ObjectiveCreateType(), $objective);
$request = $this->get('request');
if ($request->getMethod() == 'POST') {
$form->handleRequest($request);
if ($form->isValid()) {
$objective->setUser($this->getUser());
$objective->setNbsteps(count($objective->getSteps()));
foreach ($objective->getSteps() as $key => $value) {
$value->setObjective($objective);
$objective->addStep($value);
}
$em = $this->getDoctrine()->getManager();
$em->persist($objective);
$em->flush();
//ACL
$aclProvider = $this->get('security.acl.provider');
$objectIdentity = ObjectIdentity::fromDomainObject($objective);
$acl = $aclProvider->createAcl($objectIdentity);
$securityContext = $this->get('security.context');
$user = $securityContext->getToken()->getUser();
$securityIdentity = UserSecurityIdentity::fromAccount($user);
$acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_OWNER);
$aclProvider->updateAcl($acl);
return $this->redirect($this->generateUrl('freedom_objective_dashboard_details', array('id' => $objective->getId())));
}
}
return array('form' => $form->createView());
}
作者:GThero
项目:RestBundl
/**
* @param ResourceInterface $resource
* @param bool $andFlush
* @param UserInterface $creator
* @return ResourceInterface
*/
public function create(ResourceInterface $resource, $andFlush = true, UserInterface $creator = null)
{
$resource = parent::create($resource, $andFlush);
if (!is_null($creator)) {
$this->authorizationManager->grantMask($resource, MaskBuilder::MASK_OWNER, UserSecurityIdentity::fromAccount($creator));
}
return $resource;
}
作者:richardmille
项目:symfon
public function getCompareData()
{
$account = $this->getMockBuilder('Symfony\\Component\\Security\\Core\\User\\UserInterface')->setMockClassName('USI_AccountImpl')->getMock();
$account->expects($this->any())->method('getUsername')->will($this->returnValue('foo'));
$token = $this->getMock('Symfony\\Component\\Security\\Core\\Authentication\\Token\\TokenInterface');
$token->expects($this->any())->method('getUser')->will($this->returnValue($account));
return array(array(new UserSecurityIdentity('foo', 'Foo'), new UserSecurityIdentity('foo', 'Foo'), true), array(new UserSecurityIdentity('foo', 'Bar'), new UserSecurityIdentity('foo', 'Foo'), false), array(new UserSecurityIdentity('foo', 'Foo'), new UserSecurityIdentity('bar', 'Foo'), false), array(new UserSecurityIdentity('foo', 'Foo'), UserSecurityIdentity::fromAccount($account), false), array(new UserSecurityIdentity('bla', 'Foo'), new UserSecurityIdentity('blub', 'Foo'), false), array(new UserSecurityIdentity('foo', 'Foo'), new RoleSecurityIdentity('foo'), false), array(new UserSecurityIdentity('foo', 'Foo'), UserSecurityIdentity::fromToken($token), false), array(new UserSecurityIdentity('foo', 'USI_AccountImpl'), UserSecurityIdentity::fromToken($token), true));
}
作者:nightchille
项目:UserBundl
/**
* Creates the ACE for a user.
*
* @param UserInterface $user
*/
public function createUserAce(UserInterface $user)
{
if (!$this->aclProvider) {
return;
}
$oid = ObjectIdentity::fromDomainObject($user);
$acl = $this->aclProvider->createAcl($oid);
$acl->insertObjectAce(UserSecurityIdentity::fromAccount($user), MaskBuilder::MASK_OWNER);
$this->aclProvider->updateAcl($acl);
}
作者:rareki
项目:posi
/**
* Save acl for new object
*
* @param Object $object
* @param Integer $mask
*/
public function saveObjectAcl($object, $mask = MaskBuilder::MASK_OWNER)
{
// creating the ACL
$objectIdentity = ObjectIdentity::fromDomainObject($object);
$acl = $this->container->get('security.acl.provider')->createAcl($objectIdentity);
// retrieving the security identity of the currently logged-in user
$user = $this->container->get('security.context')->getToken()->getUser();
$securityIdentity = UserSecurityIdentity::fromAccount($user);
// grant owner access
$acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_OWNER);
$this->container->get('security.acl.provider')->updateAcl($acl);
}
作者:jarmas861
项目:proyec
private function setPermissions($proveedor, $object, $user, $mask)
{
$idUsuario = UserSecurityIdentity::fromAccount($user);
try {
$acl = $proveedor->findAcl($object, array($idUsuario));
} catch (\Symfony\Component\Security\Acl\Exception\AclNotFoundException $e) {
$acl = $proveedor->createAcl($object);
}
$acl->insertObjectAce($idUsuario, $mask);
//actualizando todos los permisos asignados
$this->get('security.acl.provider')->updateAcl($acl);
}
作者:Belka
项目:tangara-serve
public function setOwner(Project $project, User $user, $save = true)
{
$project->setOwner($user);
$objectIdentity = ObjectIdentity::fromDomainObject($project);
$entry = $this->acl->createAcl($objectIdentity);
$securityIdentity = UserSecurityIdentity::fromAccount($user);
$entry->insertObjectAce($securityIdentity, MaskBuilder::MASK_OWNER);
$this->acl->updateAcl($entry);
if ($save) {
$this->saveProject($project);
}
}
作者:reiarsen
项目:AdminCrudBundl
public function userCreateACL($entity, $user)
{
// creating the ACL
$aclProvider = $this->container->get('security.acl.provider');
$objectIdentity = ObjectIdentity::fromDomainObject($entity);
$acl = $aclProvider->createAcl($objectIdentity);
// retrieving the security identity of the user parameter
$securityIdentity = UserSecurityIdentity::fromAccount($user);
// grant owner access
$acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_OPERATOR);
$aclProvider->updateAcl($acl);
}
作者:abdeldaye
项目:pim-community-de
/**
* Constructs SID (an object implements SecurityIdentityInterface) based on the given identity
*
* @param string|RoleInterface|UserInterface|TokenInterface $identity
* @throws \InvalidArgumentException
* @return SID
*/
public function getSid($identity)
{
if (is_string($identity)) {
return new RoleSecurityIdentity($identity);
} elseif ($identity instanceof RoleInterface) {
return new RoleSecurityIdentity($identity->getRole());
} elseif ($identity instanceof UserInterface) {
return UserSecurityIdentity::fromAccount($identity);
} elseif ($identity instanceof TokenInterface) {
return UserSecurityIdentity::fromToken($identity);
}
throw new \InvalidArgumentException(sprintf('$identity must be a string or implement one of RoleInterface, UserInterface, TokenInterface' . ' (%s given)', is_object($identity) ? get_class($identity) : gettype($identity)));
}
作者:tchern
项目:LabD
public function testCreateACLCollection()
{
$user = new FakeUser();
$entity = new FakeEntity();
$collection = new ArrayCollection();
$collection->add($entity);
$acl = $this->getMock('Symfony\\Component\\Security\\Acl\\Model\\MutableAclInterface');
$acl->expects($this->at(0))->method('insertObjectAce')->with(UserSecurityIdentity::fromAccount($user), MaskBuilder::MASK_OWNER);
$acl->expects($this->at(1))->method('insertObjectAce')->with(new RoleSecurityIdentity('ROLE_TEST'), MaskBuilder::MASK_VIEW);
$this->aclProvider->expects($this->once())->method('createACL')->with($this->isInstanceOf('Symfony\\Component\\Security\\Acl\\Domain\\ObjectIdentity'))->will($this->returnValue($acl));
$this->aclProvider->expects($this->once())->method('updateAcl')->with($acl);
$this->om->createACL($collection, array(array('identity' => $user, 'permission' => MaskBuilder::MASK_OWNER), array('identity' => 'ROLE_TEST', 'permission' => MaskBuilder::MASK_VIEW)));
}
作者:aemio
项目:RPGRegiste
public function grantDefaultPrivileges($dbObject)
{
// creating the ACL
$objectIdentity = ObjectIdentity::fromDomainObject($dbObject);
$acl = $this->aclProvider->createAcl($objectIdentity);
$user = $this->tokenStorage->getToken()->getUser();
$securityIdentity = UserSecurityIdentity::fromAccount($user);
$acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_OWNER);
$securityIdentity = new RoleSecurityIdentity("ROLE_MODO");
$acl->insertClassAce($securityIdentity, MaskBuilder::MASK_OPERATOR);
$securityIdentity = new RoleSecurityIdentity("ROLE_ADMIN");
$acl->insertClassAce($securityIdentity, MaskBuilder::MASK_OWNER);
$this->aclProvider->updateAcl($acl);
}
作者:GlobalTradingTechnologie
项目:reverse-search-ac
protected function setUp()
{
if (!class_exists('PDO') || !in_array('sqlite', \PDO::getAvailableDrivers())) {
self::markTestSkipped('This test requires SQLite support in your environment');
}
$this->con = DriverManager::getConnection(['driver' => 'pdo_sqlite', 'memory' => true]);
// import the schema
$schema = new Schema($this->getOptions());
foreach ($schema->toSql($this->con->getDatabasePlatform()) as $sql) {
$this->con->exec($sql);
}
$this->sid = UserSecurityIdentity::fromAccount(new User('jimmy', 'jimmypass'));
$this->aclProvider = $this->getProvider();
}
作者:bebetojefr
项目:symfony-
public function postPersist(LifecycleEventArgs $args)
{
$entity = $args->getEntity();
if ($entity instanceof Product) {
// creating the ACL
$aclProvider = $this->container->get('security.acl.provider');
$objectIdentity = ObjectIdentity::fromDomainObject($entity);
$acl = $aclProvider->createAcl($objectIdentity);
// retrieving the security identity of the currently logged-in user
$securityIdentity = UserSecurityIdentity::fromAccount($entity->getUser());
// grant owner access
$acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_OWNER);
$aclProvider->updateAcl($acl);
}
}
作者:leondejon
项目:symfony2-bundle-example
protected function addAcl(Base $entity, $role = 'ROLE_SUPER', User $user = null)
{
$aclProvider = $this->get('security.acl.provider');
$securityContext = $this->get('security.context');
$objectIdentity = ObjectIdentity::fromDomainObject($entity);
$acl = $aclProvider->createAcl($objectIdentity);
if (!$user) {
$user = $securityContext->getToken()->getUser();
}
$securityIdentity = UserSecurityIdentity::fromAccount($user);
$acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_OPERATOR);
$roleSecurityIdentity = new RoleSecurityIdentity($role);
$acl->insertObjectAce($roleSecurityIdentity, MaskBuilder::MASK_MASTER);
$aclProvider->updateAcl($acl);
}
作者:bada
项目:OneupAclBundl
/**
* execute
*
* @param InputInterface $input
* @param OutputInterface $output
* @access protected
* @return void
*/
protected function execute(InputInterface $input, OutputInterface $output)
{
// creating the ACL
$objectClass = $input->getArgument('objectClass');
$objectId = $input->getArgument('objectId');
$doctrine = $input->getOption('doctrine');
$entityManager = $input->getOption('entity-manager');
if (!$doctrine) {
$doctrine = 'doctrine';
}
if ($doctrine != 'doctrine' && $doctrine != 'doctrine_mongodb') {
$output->writeln('<error>You have to choose between "doctrine" and "doctrine_mongodb"</error>');
return 1;
}
$object = $this->get($doctrine)->getManager($entityManager ?: null)->getRepository($objectClass)->find($objectId);
if (!$object) {
$output->writeln('<error>Unable to find the ' . $objectClass . ':' . $objectId . '</error>');
return 1;
}
$aclProvider = $this->get('security.acl.provider');
$objectIdentity = ObjectIdentity::fromDomainObject($object);
try {
$acl = $aclProvider->findAcl($objectIdentity);
} catch (\Symfony\Component\Security\Acl\Exception\AclNotFoundException $e) {
$output->writeln('<error>No previous acl found for ' . $objectClass . ':' . $objectId . '</error>');
return 1;
}
// retrieving the security identity of the currently logged-in user
$username = $input->getArgument('username');
$user = $this->get('fos_user.user_manager')->findUserByUsernameOrEmail($username);
if (!$user) {
$output->writeln('<error>User ' . $username . ' not found.</error>');
return 1;
}
$securityIdentity = UserSecurityIdentity::fromAccount($user);
$aceList = $acl->getObjectAces();
$i = 0;
foreach ($aceList as $ace) {
if ($ace->getSecurityIdentity() == $securityIdentity) {
// Got it! Let's remove it!
$output->writeln('got one');
$acl->deleteObjectAce($i);
}
$i++;
}
$aclProvider->updateAcl($acl);
$output->writeln('<info>ACL successfully updated.</info>');
}