|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace Kunstmaan\AdminBundle\Command; |
|
4
|
|
|
|
|
5
|
|
|
use Doctrine\ORM\EntityManager; |
|
6
|
|
|
use Doctrine\ORM\EntityManagerInterface; |
|
7
|
|
|
use Kunstmaan\AdminBundle\Service\AclManager; |
|
8
|
|
|
use Symfony\Bundle\FrameworkBundle\Command\ContainerAwareCommand; |
|
9
|
|
|
use Symfony\Component\Console\Input\InputInterface; |
|
10
|
|
|
use Symfony\Component\Console\Output\OutputInterface; |
|
11
|
|
|
use Symfony\Component\Console\Question\ChoiceQuestion; |
|
12
|
|
|
use Symfony\Component\Security\Acl\Domain\Acl; |
|
13
|
|
|
use Symfony\Component\Security\Acl\Domain\Entry; |
|
14
|
|
|
use Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity; |
|
15
|
|
|
use Symfony\Component\Security\Acl\Model\MutableAclProviderInterface; |
|
16
|
|
|
use Symfony\Component\Security\Acl\Model\ObjectIdentityRetrievalStrategyInterface; |
|
17
|
|
|
use Symfony\Component\Security\Acl\Permission\PermissionMapInterface; |
|
18
|
|
|
|
|
19
|
|
|
/** |
|
20
|
|
|
* Permissions update of ACL entries for all nodes for given role. |
|
21
|
|
|
*/ |
|
22
|
|
|
class UpdateAclCommand extends ContainerAwareCommand |
|
23
|
|
|
{ |
|
24
|
|
|
/** @var AclManager */ |
|
25
|
|
|
private $aclManager; |
|
26
|
|
|
|
|
27
|
|
|
/** @var PermissionMapInterface */ |
|
28
|
|
|
private $permissionMap; |
|
29
|
|
|
|
|
30
|
|
|
/** @var EntityManagerInterface */ |
|
31
|
|
|
private $em; |
|
32
|
|
|
|
|
33
|
|
|
/** @var */ |
|
34
|
|
|
private $roles; |
|
35
|
|
|
|
|
36
|
|
View Code Duplication |
public function __construct(/*AclManager*/ $aclManager = null, EntityManagerInterface $em = null, PermissionMapInterface $permissionMap = null, array $roles = null) |
|
|
|
|
|
|
37
|
|
|
{ |
|
38
|
|
|
parent::__construct(); |
|
39
|
|
|
|
|
40
|
|
|
if (!$aclManager instanceof AclManager) { |
|
41
|
|
|
@trigger_error(sprintf('Passing a command name as the first argument of "%s" is deprecated since version symfony 3.4 and will be removed in symfony 4.0. If the command was registered by convention, make it a service instead. ', __METHOD__), E_USER_DEPRECATED); |
|
|
|
|
|
|
42
|
|
|
|
|
43
|
|
|
$this->setName(null === $aclManager ? 'kuma:acl:update' : $aclManager); |
|
44
|
|
|
|
|
45
|
|
|
return; |
|
46
|
|
|
} |
|
47
|
|
|
|
|
48
|
|
|
$this->aclManager = $aclManager; |
|
49
|
|
|
$this->em = $em; |
|
50
|
|
|
$this->permissionMap = $permissionMap; |
|
51
|
|
|
$this->roles = $roles; |
|
52
|
|
|
} |
|
53
|
|
|
|
|
54
|
|
|
/** |
|
55
|
|
|
* {@inheritdoc} |
|
56
|
|
|
*/ |
|
57
|
|
|
protected function configure() |
|
58
|
|
|
{ |
|
59
|
|
|
parent::configure(); |
|
60
|
|
|
|
|
61
|
|
|
$this->setName('kuma:acl:update') |
|
62
|
|
|
->setDescription('Permissions update of ACL entries for all nodes for given role') |
|
63
|
|
|
->setHelp("The <info>kuma:acl:update</info> will update ACL entries for the nodes of the current project" . |
|
64
|
|
|
"with given role and permissions"); |
|
65
|
|
|
} |
|
66
|
|
|
|
|
67
|
|
|
/** |
|
68
|
|
|
* {@inheritdoc} |
|
69
|
|
|
*/ |
|
70
|
|
|
protected function execute(InputInterface $input, OutputInterface $output) |
|
71
|
|
|
{ |
|
72
|
|
|
$helper = $this->getHelper('question'); |
|
73
|
|
|
if (null === $this->aclManager) { |
|
74
|
|
|
$this->aclManager = $this->getContainer()->get('kunstmaan_admin.acl.manager'); |
|
75
|
|
|
} |
|
76
|
|
|
if (null === $this->em ) { |
|
77
|
|
|
$this->em = $this->getContainer()->get('doctrine.orm.entity_manager'); |
|
78
|
|
|
} |
|
79
|
|
|
if (null === $this->permissionMap) { |
|
80
|
|
|
$this->permissionMap = $this->getContainer()->get('security.acl.permission.map'); |
|
81
|
|
|
} |
|
82
|
|
|
if (null === $this->roles) { |
|
83
|
|
|
$this->roles = $this->getContainer()->getParameter('security.role_hierarchy.roles'); |
|
84
|
|
|
} |
|
85
|
|
|
|
|
86
|
|
|
// Select Role |
|
87
|
|
|
$question = new ChoiceQuestion('Select role', array_keys($this->roles)); |
|
88
|
|
|
$question->setErrorMessage('Role %s is invalid.'); |
|
89
|
|
|
$role = $helper->ask($input, $output, $question); |
|
90
|
|
|
|
|
91
|
|
|
// Select Permission(s) |
|
92
|
|
|
$permissionMap = $this->permissionMap; |
|
93
|
|
|
$question = new ChoiceQuestion('Select permissions(s) (separate by ",")', |
|
94
|
|
|
$permissionMap->getPossiblePermissions()); |
|
95
|
|
|
$question->setMultiselect(true); |
|
96
|
|
|
$mask = array_reduce($helper->ask($input, $output, $question), function ($a, $b) use ($permissionMap) { |
|
97
|
|
|
return $a | $permissionMap->getMasks($b, null)[0]; |
|
98
|
|
|
}, 0); |
|
99
|
|
|
|
|
100
|
|
|
// Fetch all nodes & grant access |
|
101
|
|
|
$nodes = $this->em->getRepository('KunstmaanNodeBundle:Node')->findAll(); |
|
102
|
|
|
|
|
103
|
|
|
$this->aclManager->updateNodesAclToRole($nodes, $role, $mask); |
|
104
|
|
|
|
|
105
|
|
|
$output->writeln(count($nodes) . ' nodes processed.'); |
|
106
|
|
|
} |
|
107
|
|
|
|
|
108
|
|
|
} |
|
109
|
|
|
|
Kunstmaan /
KunstmaanBundlesCMS
Loading history...
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.