Completed
Push — master ( e62fa2...4391c3 )
by Kristof
133:20 queued 117:59
created

Kunstmaan/AdminBundle/Command/UpdateAclCommand.php (1 issue)

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

1
<?php
2
3
namespace Kunstmaan\AdminBundle\Command;
4
5
use Doctrine\ORM\EntityManagerInterface;
6
use Kunstmaan\AdminBundle\Service\AclManager;
7
use Symfony\Bundle\FrameworkBundle\Command\ContainerAwareCommand;
8
use Symfony\Component\Console\Input\InputInterface;
9
use Symfony\Component\Console\Output\OutputInterface;
10
use Symfony\Component\Console\Question\ChoiceQuestion;
11
use Symfony\Component\Security\Acl\Domain\Acl;
12
use Symfony\Component\Security\Acl\Permission\PermissionMapInterface;
13
14
/**
15
 * Permissions update of ACL entries for all nodes for given role.
16
 *
17
 * @final since 5.1
18
 * NEXT_MAJOR extend from `Command` and remove `$this->getContainer` usages
19
 */
20
class UpdateAclCommand extends ContainerAwareCommand
21
{
22
    /** @var AclManager */
23
    private $aclManager;
24
25
    /** @var PermissionMapInterface */
26
    private $permissionMap;
27
28
    /** @var EntityManagerInterface */
29
    private $em;
30
31
    /** @var  */
32
    private $roles;
33
34
    public function __construct(/*AclManager*/ $aclManager = null, EntityManagerInterface $em = null, PermissionMapInterface $permissionMap = null, array $roles = null)
35
    {
36
        parent::__construct();
37
38
        if (!$aclManager instanceof AclManager) {
39
            @trigger_error(sprintf('Passing a command name as the first argument of "%s" is deprecated since version symfony 3.4 and will be removed in symfony 4.0. If the command was registered by convention, make it a service instead. ', __METHOD__), E_USER_DEPRECATED);
0 ignored issues
show
Security Best Practice introduced by
It seems like you do not handle an error condition here. This can introduce security issues, and is generally not recommended.

If you suppress an error, we recommend checking for the error condition explicitly:

// For example instead of
@mkdir($dir);

// Better use
if (@mkdir($dir) === false) {
    throw new \RuntimeException('The directory '.$dir.' could not be created.');
}
Loading history...
40
41
            $this->setName(null === $aclManager ? 'kuma:acl:update' : $aclManager);
42
43
            return;
44
        }
45
46
        $this->aclManager = $aclManager;
47
        $this->em = $em;
48
        $this->permissionMap = $permissionMap;
49
        $this->roles = $roles;
50
    }
51
52
    /**
53
     * {@inheritdoc}
54
     */
55
    protected function configure()
56
    {
57
        parent::configure();
58
59
        $this->setName('kuma:acl:update')
60
            ->setDescription('Permissions update of ACL entries for all nodes for given role')
61
            ->setHelp('The <info>kuma:acl:update</info> will update ACL entries for the nodes of the current project' .
62
                'with given role and permissions');
63
    }
64
65
    /**
66
     * {@inheritdoc}
67
     */
68
    protected function execute(InputInterface $input, OutputInterface $output)
69
    {
70
        $helper = $this->getHelper('question');
71
        if (null === $this->aclManager) {
72
            $this->aclManager = $this->getContainer()->get('kunstmaan_admin.acl.manager');
73
        }
74
        if (null === $this->em) {
75
            $this->em = $this->getContainer()->get('doctrine.orm.entity_manager');
76
        }
77
        if (null === $this->permissionMap) {
78
            $this->permissionMap = $this->getContainer()->get('security.acl.permission.map');
79
        }
80
        if (null === $this->roles) {
81
            $this->roles = $this->getContainer()->getParameter('security.role_hierarchy.roles');
82
        }
83
84
        // Select Role
85
        $question = new ChoiceQuestion('Select role', array_keys($this->roles));
86
        $question->setErrorMessage('Role %s is invalid.');
87
        $role = $helper->ask($input, $output, $question);
88
89
        // Select Permission(s)
90
        $permissionMap = $this->permissionMap;
91
        $question = new ChoiceQuestion('Select permissions(s) (separate by ",")',
92
            $permissionMap->getPossiblePermissions());
93
        $question->setMultiselect(true);
94
        $mask = array_reduce($helper->ask($input, $output, $question), function ($a, $b) use ($permissionMap) {
95
            return $a | $permissionMap->getMasks($b, null)[0];
96
        }, 0);
97
98
        // Fetch all nodes & grant access
99
        $nodes = $this->em->getRepository('KunstmaanNodeBundle:Node')->findAll();
100
101
        $this->aclManager->updateNodesAclToRole($nodes, $role, $mask);
102
103
        $output->writeln(count($nodes) . ' nodes processed.');
104
    }
105
}
106