These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace Kunstmaan\NodeBundle\Command; |
||
4 | |||
5 | use Doctrine\ORM\EntityManager; |
||
6 | use Doctrine\ORM\EntityManagerInterface; |
||
7 | use Kunstmaan\AdminBundle\Helper\Security\Acl\Permission\MaskBuilder; |
||
8 | use Symfony\Bundle\FrameworkBundle\Command\ContainerAwareCommand; |
||
9 | use Symfony\Component\Console\Input\InputInterface; |
||
10 | use Symfony\Component\Console\Output\OutputInterface; |
||
11 | use Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity; |
||
12 | use Symfony\Component\Security\Acl\Exception\AclNotFoundException; |
||
13 | use Symfony\Component\Security\Acl\Model\MutableAclProviderInterface; |
||
14 | use Symfony\Component\Security\Acl\Model\ObjectIdentityRetrievalStrategyInterface; |
||
15 | |||
16 | /** |
||
17 | * Basic initialization of ACL entries for all nodes. |
||
18 | * |
||
19 | * @final since 5.1 |
||
20 | * NEXT_MAJOR extend from `Command` and remove `$this->getContainer` usages |
||
21 | */ |
||
22 | class InitAclCommand extends ContainerAwareCommand |
||
23 | { |
||
24 | /** |
||
25 | * @var EntityManager |
||
26 | */ |
||
27 | private $em; |
||
28 | |||
29 | /** |
||
30 | * @var MutableAclProviderInterface |
||
31 | */ |
||
32 | private $aclProvider; |
||
33 | |||
34 | /** |
||
35 | * @var ObjectIdentityRetrievalStrategyInterface |
||
36 | */ |
||
37 | private $oidStrategy; |
||
38 | |||
39 | /** |
||
40 | * @param EntityManagerInterface|null $em |
||
41 | * @param MutableAclProviderInterface|null $aclProvider |
||
42 | * @param ObjectIdentityRetrievalStrategyInterface|null $oidStrategy |
||
43 | */ |
||
44 | View Code Duplication | public function __construct(/* EntityManagerInterface */ $em = null, /* MutableAclProviderInterface */ $aclProvider = null, /* ObjectIdentityRetrievalStrategyInterface */ $oidStrategy = null) |
|
45 | { |
||
46 | parent::__construct(); |
||
47 | |||
48 | if (!$em instanceof EntityManagerInterface) { |
||
49 | @trigger_error(sprintf('Passing a command name as the first argument of "%s" is deprecated since version symfony 3.4 and will be removed in symfony 4.0. If the command was registered by convention, make it a service instead. ', __METHOD__), E_USER_DEPRECATED); |
||
50 | |||
51 | $this->setName(null === $em ? 'kuma:init:acl' : $em); |
||
52 | |||
53 | return; |
||
54 | } |
||
55 | |||
56 | $this->em = $em; |
||
0 ignored issues
–
show
|
|||
57 | $this->aclProvider = $aclProvider; |
||
58 | $this->oidStrategy = $oidStrategy; |
||
59 | } |
||
60 | |||
61 | /** |
||
62 | * {@inheritdoc} |
||
63 | */ |
||
64 | protected function configure() |
||
65 | { |
||
66 | parent::configure(); |
||
67 | |||
68 | $this->setName('kuma:init:acl') |
||
69 | ->setDescription('Basic initialization of ACL for projects') |
||
70 | ->setHelp('The <info>kuma:init:acl</info> will create basic ACL entries for the nodes of the current project'); |
||
71 | } |
||
72 | |||
73 | /** |
||
74 | * {@inheritdoc} |
||
75 | */ |
||
76 | protected function execute(InputInterface $input, OutputInterface $output) |
||
77 | { |
||
78 | if (null === $this->em) { |
||
79 | $this->em = $this->getContainer()->get('doctrine.orm.entity_manager'); |
||
80 | $this->aclProvider = $this->getContainer()->get('security.acl.provider'); |
||
81 | $this->oidStrategy = $this->getContainer()->get('security.acl.object_identity_retrieval_strategy'); |
||
82 | } |
||
83 | |||
84 | // Fetch all nodes & grant access |
||
85 | $nodes = $this->em->getRepository('KunstmaanNodeBundle:Node')->findAll(); |
||
86 | $count = 0; |
||
87 | foreach ($nodes as $node) { |
||
88 | ++$count; |
||
89 | $objectIdentity = $this->oidStrategy->getObjectIdentity($node); |
||
90 | |||
91 | try { |
||
92 | $this->aclProvider->deleteAcl($objectIdentity); |
||
93 | } catch (AclNotFoundException $e) { |
||
94 | // Do nothing |
||
95 | } |
||
96 | $acl = $this->aclProvider->createAcl($objectIdentity); |
||
97 | |||
98 | $securityIdentity = new RoleSecurityIdentity('IS_AUTHENTICATED_ANONYMOUSLY'); |
||
99 | $acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_VIEW); |
||
100 | |||
101 | $securityIdentity = new RoleSecurityIdentity('ROLE_ADMIN'); |
||
102 | $acl->insertObjectAce( |
||
103 | $securityIdentity, |
||
104 | MaskBuilder::MASK_VIEW | MaskBuilder::MASK_EDIT | MaskBuilder::MASK_PUBLISH | MaskBuilder::MASK_UNPUBLISH |
||
105 | ); |
||
106 | |||
107 | $securityIdentity = new RoleSecurityIdentity('ROLE_SUPER_ADMIN'); |
||
108 | $acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_IDDQD); |
||
109 | $this->aclProvider->updateAcl($acl); |
||
110 | } |
||
111 | $output->writeln("{$count} nodes processed."); |
||
112 | } |
||
113 | } |
||
114 |
Our type inference engine has found a suspicous assignment of a value to a property. This check raises an issue when a value that can be of a given class or a super-class is assigned to a property that is type hinted more strictly.
Either this assignment is in error or an instanceof check should be added for that assignment.