These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace Kunstmaan\NodeBundle\Helper\Services; |
||
4 | |||
5 | use Kunstmaan\AdminBundle\Helper\Security\Acl\Permission\MaskBuilder; |
||
6 | use Symfony\Component\DependencyInjection\ContainerInterface; |
||
7 | use Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity; |
||
8 | use Symfony\Component\Security\Acl\Exception\AclNotFoundException; |
||
9 | use Symfony\Component\Security\Acl\Model\MutableAclProviderInterface; |
||
10 | use Symfony\Component\Security\Acl\Model\ObjectIdentityRetrievalStrategyInterface; |
||
11 | |||
12 | /** |
||
13 | * Service to add the correct permissions to new HasNodeInterface objects. |
||
14 | */ |
||
15 | class ACLPermissionCreatorService |
||
16 | { |
||
17 | /* @var MutableAclProviderInterface $aclProvider */ |
||
18 | protected $aclProvider; |
||
19 | /* @var ObjectIdentityRetrievalStrategyInterface $oidStrategy */ |
||
20 | protected $oidStrategy; |
||
21 | |||
22 | public function __construct(MutableAclProviderInterface $aclProvider = null, ObjectIdentityRetrievalStrategyInterface $oidStrategy = null) |
||
23 | { |
||
24 | if (null === $aclProvider) { |
||
25 | @trigger_error(sprintf('Not injecting the required dependencies in the constructor of "%s" is deprecated since KunstmaanNodeBundle 5.7 and will be required in KunstmaanNodeBundle 6.0.', __CLASS__), E_USER_DEPRECATED); |
||
0 ignored issues
–
show
|
|||
26 | } |
||
27 | |||
28 | $this->aclProvider = $aclProvider; |
||
29 | $this->oidStrategy = $oidStrategy; |
||
30 | } |
||
31 | |||
32 | /** |
||
33 | * @deprecated since KunstmaanNodeBundle 5.7 and will be removed in KunstmaanNodeBundle 6.0. Inject the required dependencies in the constructor instead. |
||
34 | */ |
||
35 | public function setAclProvider($aclProvider) |
||
36 | { |
||
37 | @trigger_error(sprintf('Using the "%s" method is deprecated since KunstmaanNodeBundle 5.7 and will be removed in KunstmaanNodeBundle 6.0. Inject the required dependencies in the constructor instead.', __METHOD__), E_USER_DEPRECATED); |
||
0 ignored issues
–
show
It seems like you do not handle an error condition here. This can introduce security issues, and is generally not recommended.
If you suppress an error, we recommend checking for the error condition explicitly: // For example instead of
@mkdir($dir);
// Better use
if (@mkdir($dir) === false) {
throw new \RuntimeException('The directory '.$dir.' could not be created.');
}
Loading history...
|
|||
38 | |||
39 | $this->aclProvider = $aclProvider; |
||
40 | } |
||
41 | |||
42 | /** |
||
43 | * @deprecated since KunstmaanNodeBundle 5.7 and will be removed in KunstmaanNodeBundle 6.0. Inject the required dependencies in the constructor instead. |
||
44 | */ |
||
45 | public function setObjectIdentityRetrievalStrategy($oidStrategy) |
||
46 | { |
||
47 | @trigger_error(sprintf('Using the "%s" method is deprecated since KunstmaanNodeBundle 5.7 and will be removed in KunstmaanNodeBundle 6.0. Inject the required dependencies in the constructor instead.', __METHOD__), E_USER_DEPRECATED); |
||
0 ignored issues
–
show
It seems like you do not handle an error condition here. This can introduce security issues, and is generally not recommended.
If you suppress an error, we recommend checking for the error condition explicitly: // For example instead of
@mkdir($dir);
// Better use
if (@mkdir($dir) === false) {
throw new \RuntimeException('The directory '.$dir.' could not be created.');
}
Loading history...
|
|||
48 | |||
49 | $this->oidStrategy = $oidStrategy; |
||
50 | } |
||
51 | |||
52 | /** |
||
53 | * Sets the Container. This is still here for backwards compatibility. |
||
54 | * The ContainerAwareInterface has been removed so the container won't be injected automatically. |
||
55 | * This function is just there for code that calls it manually. |
||
56 | * |
||
57 | * @param ContainerInterface $container a ContainerInterface instance |
||
58 | * |
||
59 | * @deprecated since KunstmaanNodeBundle 5.7 and will be removed in KunstmaanNodeBundle 6.0. Inject the required dependencies in the constructor instead. |
||
60 | * |
||
61 | * @api |
||
62 | */ |
||
63 | public function setContainer(ContainerInterface $container = null) |
||
64 | { |
||
65 | @trigger_error(sprintf('Using the "%s" method is deprecated since KunstmaanNodeBundle 5.7 and will be removed in KunstmaanNodeBundle 6.0. Inject the required dependencies in the constructor instead.', __METHOD__), E_USER_DEPRECATED); |
||
0 ignored issues
–
show
It seems like you do not handle an error condition here. This can introduce security issues, and is generally not recommended.
If you suppress an error, we recommend checking for the error condition explicitly: // For example instead of
@mkdir($dir);
// Better use
if (@mkdir($dir) === false) {
throw new \RuntimeException('The directory '.$dir.' could not be created.');
}
Loading history...
|
|||
66 | |||
67 | $this->setAclProvider($container->get('security.acl.provider')); |
||
0 ignored issues
–
show
The method
Kunstmaan\NodeBundle\Hel...rvice::setAclProvider() has been deprecated with message: since KunstmaanNodeBundle 5.7 and will be removed in KunstmaanNodeBundle 6.0. Inject the required dependencies in the constructor instead.
This method has been deprecated. The supplier of the class has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.
Loading history...
|
|||
68 | $this->setObjectIdentityRetrievalStrategy($container->get('security.acl.object_identity_retrieval_strategy')); |
||
0 ignored issues
–
show
The method
Kunstmaan\NodeBundle\Hel...tityRetrievalStrategy() has been deprecated with message: since KunstmaanNodeBundle 5.7 and will be removed in KunstmaanNodeBundle 6.0. Inject the required dependencies in the constructor instead.
This method has been deprecated. The supplier of the class has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.
Loading history...
|
|||
69 | } |
||
70 | |||
71 | /** |
||
72 | * @param object $object |
||
73 | * |
||
74 | * Create ACL permissions for an object |
||
75 | */ |
||
76 | public function createPermission($object) |
||
77 | { |
||
78 | $aclProvider = $this->aclProvider; |
||
79 | |||
80 | $oidStrategy = $this->oidStrategy; |
||
81 | |||
82 | $objectIdentity = $oidStrategy->getObjectIdentity($object); |
||
83 | |||
84 | try { |
||
85 | $aclProvider->deleteAcl($objectIdentity); |
||
86 | } catch (AclNotFoundException $e) { |
||
87 | // Don't fail when the ACL didn't exist yet. |
||
88 | } |
||
89 | $acl = $aclProvider->createAcl($objectIdentity); |
||
90 | |||
91 | $securityIdentity = new RoleSecurityIdentity('IS_AUTHENTICATED_ANONYMOUSLY'); |
||
92 | $acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_VIEW); |
||
93 | |||
94 | $securityIdentity = new RoleSecurityIdentity('ROLE_ADMIN'); |
||
95 | $acl->insertObjectAce( |
||
96 | $securityIdentity, |
||
97 | MaskBuilder::MASK_VIEW | MaskBuilder::MASK_EDIT | MaskBuilder::MASK_DELETE | MaskBuilder::MASK_PUBLISH | MaskBuilder::MASK_UNPUBLISH |
||
98 | ); |
||
99 | |||
100 | $securityIdentity = new RoleSecurityIdentity('ROLE_SUPER_ADMIN'); |
||
101 | $acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_IDDQD); |
||
102 | $aclProvider->updateAcl($acl); |
||
103 | } |
||
104 | } |
||
105 |
If you suppress an error, we recommend checking for the error condition explicitly: