1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
namespace Kunstmaan\AdminBundle\Command; |
4
|
|
|
|
5
|
|
|
use Doctrine\ORM\EntityManagerInterface; |
6
|
|
|
use Kunstmaan\AdminBundle\Service\AclManager; |
7
|
|
|
use Symfony\Bundle\FrameworkBundle\Command\ContainerAwareCommand; |
8
|
|
|
use Symfony\Component\Console\Input\InputInterface; |
9
|
|
|
use Symfony\Component\Console\Output\OutputInterface; |
10
|
|
|
use Symfony\Component\Console\Question\ChoiceQuestion; |
11
|
|
|
use Symfony\Component\Security\Acl\Permission\PermissionMapInterface; |
12
|
|
|
|
13
|
|
|
/** |
14
|
|
|
* Permissions update of ACL entries for all nodes for given role. |
15
|
|
|
* |
16
|
|
|
* @final since 5.1 |
17
|
|
|
* NEXT_MAJOR extend from `Command` and remove `$this->getContainer` usages |
18
|
|
|
*/ |
19
|
|
|
class UpdateAclCommand extends ContainerAwareCommand |
20
|
|
|
{ |
21
|
|
|
/** @var AclManager */ |
22
|
|
|
private $aclManager; |
23
|
|
|
|
24
|
|
|
/** @var PermissionMapInterface */ |
25
|
|
|
private $permissionMap; |
26
|
|
|
|
27
|
|
|
/** @var EntityManagerInterface */ |
28
|
|
|
private $em; |
29
|
|
|
|
30
|
|
|
/** @var array */ |
31
|
|
|
private $roles; |
32
|
|
|
|
33
|
|
|
public function __construct(/*AclManager*/ $aclManager = null, EntityManagerInterface $em = null, PermissionMapInterface $permissionMap = null, array $roles = null) |
34
|
|
|
{ |
35
|
|
|
parent::__construct(); |
36
|
|
|
|
37
|
|
View Code Duplication |
if (!$aclManager instanceof AclManager) { |
38
|
|
|
@trigger_error(sprintf('Passing a command name as the first argument of "%s" is deprecated since version symfony 3.4 and will be removed in symfony 4.0. If the command was registered by convention, make it a service instead. ', __METHOD__), E_USER_DEPRECATED); |
|
|
|
|
39
|
|
|
|
40
|
|
|
$this->setName(null === $aclManager ? 'kuma:acl:update' : $aclManager); |
41
|
|
|
|
42
|
|
|
return; |
43
|
|
|
} |
44
|
|
|
|
45
|
|
|
$this->aclManager = $aclManager; |
46
|
|
|
$this->em = $em; |
47
|
|
|
$this->permissionMap = $permissionMap; |
48
|
|
|
$this->roles = $roles; |
49
|
|
|
} |
50
|
|
|
|
51
|
|
|
/** |
52
|
|
|
* {@inheritdoc} |
53
|
|
|
*/ |
54
|
|
|
protected function configure() |
55
|
|
|
{ |
56
|
|
|
parent::configure(); |
57
|
|
|
|
58
|
|
|
$this->setName('kuma:acl:update') |
59
|
|
|
->setDescription('Permissions update of ACL entries for all nodes for given role') |
60
|
|
|
->setHelp('The <info>kuma:acl:update</info> will update ACL entries for the nodes of the current project' . |
61
|
|
|
'with given role and permissions'); |
62
|
|
|
} |
63
|
|
|
|
64
|
|
|
/** |
65
|
|
|
* {@inheritdoc} |
66
|
|
|
*/ |
67
|
|
|
protected function execute(InputInterface $input, OutputInterface $output) |
68
|
|
|
{ |
69
|
|
|
$helper = $this->getHelper('question'); |
70
|
|
|
if (null === $this->aclManager) { |
71
|
|
|
$this->aclManager = $this->getContainer()->get('kunstmaan_admin.acl.manager'); |
72
|
|
|
} |
73
|
|
|
if (null === $this->em) { |
74
|
|
|
$this->em = $this->getContainer()->get('doctrine.orm.entity_manager'); |
75
|
|
|
} |
76
|
|
|
if (null === $this->permissionMap) { |
77
|
|
|
$this->permissionMap = $this->getContainer()->get('security.acl.permission.map'); |
78
|
|
|
} |
79
|
|
|
if (null === $this->roles) { |
80
|
|
|
$this->roles = $this->getContainer()->getParameter('security.role_hierarchy.roles'); |
81
|
|
|
} |
82
|
|
|
|
83
|
|
|
// Select Role |
84
|
|
|
$question = new ChoiceQuestion('Select role', array_keys($this->roles)); |
85
|
|
|
$question->setErrorMessage('Role %s is invalid.'); |
86
|
|
|
$role = $helper->ask($input, $output, $question); |
87
|
|
|
|
88
|
|
|
// Select Permission(s) |
89
|
|
|
$permissionMap = $this->permissionMap; |
90
|
|
|
$question = new ChoiceQuestion('Select permissions(s) (separate by ",")', |
91
|
|
|
$permissionMap->getPossiblePermissions()); |
92
|
|
|
$question->setMultiselect(true); |
93
|
|
|
$mask = array_reduce($helper->ask($input, $output, $question), function ($a, $b) use ($permissionMap) { |
94
|
|
|
return $a | $permissionMap->getMasks($b, null)[0]; |
95
|
|
|
}, 0); |
96
|
|
|
|
97
|
|
|
// Fetch all nodes & grant access |
98
|
|
|
$nodes = $this->em->getRepository('KunstmaanNodeBundle:Node')->findAll(); |
99
|
|
|
|
100
|
|
|
$this->aclManager->updateNodesAclToRole($nodes, $role, $mask); |
101
|
|
|
|
102
|
|
|
$output->writeln(\count($nodes) . ' nodes processed.'); |
103
|
|
|
|
104
|
|
|
return 0; |
105
|
|
|
} |
106
|
|
|
} |
107
|
|
|
|
If you suppress an error, we recommend checking for the error condition explicitly: