ProjectAccessControlList::createACLSettings() - Code Metrics - SSHVersionControl/git-web-client - Measure and Improve Code Quality continuously with Scrutinizer

ProjectAccessControlList::createACLSettings() B
last analyzed 2020-04-05 19:19 UTC

↳ Parent: ProjectAccessControlList

Complexity

Conditions	8
Paths	45

Size

Total Lines	40
Code Lines	24

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	8
eloc	24
c	0
b	0
f	0
nc	45
nop	1
dl	0
loc	40
rs	8.4444

<?php
/*
 * This file is part of the GitControlBundle package.
 *
 * (c) Paul Schweppe <[email protected]>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace VersionControl\GitControlBundle\EventListener;

use Doctrine\ORM\Event\LifecycleEventArgs;
use Doctrine\Common\EventSubscriber;
use VersionControl\GitControlBundle\Entity\UserProjects;
use VersionControl\GitControlBundle\Entity\Project;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
use Symfony\Component\Security\Acl\Domain\ObjectIdentity;
use Symfony\Component\Security\Acl\Domain\UserSecurityIdentity;
use Symfony\Component\Security\Acl\Permission\MaskBuilder;
use Symfony\Component\DependencyInjection\ContainerInterface;

class ProjectAccessControlList implements EventSubscriber
{
    /**
     * @var Symfony\Component\Security\Acl\Model\AclProviderInterface

     */
    private $container;

    public function __construct(ContainerInterface  $container)
    {
        $this->container = $container;

    }

    public function getSubscribedEvents()
    {
        return array(
            'postPersist',
            'postUpdate',
            'preRemove',
        );
    }

    public function postPersist(LifecycleEventArgs $args)
    {
        $entity = $args->getEntity();
        //$entityManager = $args->getEntityManager();

        // If entity is userproject then update ACL based on roles
        if ($entity instanceof UserProjects) {
            $this->createACLSettings($entity);
        }
    }

    public function postUpdate(LifecycleEventArgs $args)
    {
        $entity = $args->getEntity();
        //$entityManager = $args->getEntityManager();

        // If entity is userproject then update ACL based on roles
        if ($entity instanceof UserProjects) {
            $this->createACLSettings($entity);
        }
    }

    public function preRemove(LifecycleEventArgs $args)
    {
        $entity = $args->getEntity();

        // Deletes Acl settings for Project if it is deleted
        if ($entity instanceof Project) {
            $this->deleteACLSettingsForProject($entity);
        }
    }

    /**
     * Sets the Access Control Level for the user for this project.
     *
     * @param UserProjects $userProject
     *
     * @throws AccessDeniedException
     */
    protected function createACLSettings(UserProjects $userProject)
    {
        // creating the ACL
        $user = $userProject->getUser();
        $project = $userProject->getProject();

        $aclProvider = $this->container->get('security.acl.provider');
        $objectIdentity = ObjectIdentity::fromDomainObject($project);
        // retrieving the security identity of the currently logged-in user
        $securityIdentity = UserSecurityIdentity::fromAccount($user);

        try {
            $acl = $aclProvider->findAcl($objectIdentity);

            //Delete any Exisitng acls for this users. Only the Username seems to work
            $aces = $acl->getObjectAces();
            foreach ($aces as $i => $ace) {
                if ($ace->getSecurityIdentity()->equals($securityIdentity)) {
                    //if($ace->getSecurityIdentity()->getUsername() == $user->getUsername()){
                    // Got it! Let's remove it!
                    $acl->deleteObjectAce($i);
                }
            }
        } catch (\Symfony\Component\Security\Acl\Exception\AclNotFoundException $e) {
            $acl = $aclProvider->createAcl($objectIdentity);
        }

        // grant owner access
        if ($userProject->getRoles() == 'Reporter') {
            $acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_VIEW);
        } elseif ($userProject->getRoles() == 'Developer') {
            $acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_OPERATOR);
        } elseif ($userProject->getRoles() == 'Master') {
            $acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_MASTER);
        } elseif ($userProject->getRoles() == 'Owner') {
            $acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_OWNER);
        } else {
            throw new AccessDeniedException('User Role is not valid');
        }
        $aclProvider->updateAcl($acl);
    }

    /**
     * Deletes all ACL settings for a project entity.
     *
     * @param Project $project
     */
    protected function deleteACLSettingsForProject(Project $project)
    {
        $aclProvider = $this->container->get('security.acl.provider');
        $objectIdentity = ObjectIdentity::fromDomainObject($project);
        $aclProvider->deleteAcl($objectIdentity);
    }

    /**
     * Deletes all ACL settings for a user.
     *
     * @param type $user
filter:
    dependency_paths: ["lib/*"]
     * @todo: Figure out how to do this
     */
    protected function deleteACLSettingsForUser($user)
    {
        $aclProvider = $this->container->get('security.acl.provider');
        $securityIdentity = UserSecurityIdentity::fromAccount($user);

        //Get all projects
        $userProjects = $user->getUserProjects();
        foreach ($userProjects as $userProject) {
            $objectIdentity = ObjectIdentity::fromDomainObject($userProject->getProject());
            try {
                $acl = $aclProvider->findAcl($objectIdentity);

                //Delete any Exisitng acls for this users. Only the Username seems to work
                $aces = $acl->getObjectAces();
                foreach ($aces as $i => $ace) {
                    if ($ace->getSecurityIdentity()->equals($securityIdentity)) {
                        $acl->deleteObjectAce($i);
                    }
                }
            } catch (\Symfony\Component\Security\Acl\Exception\AclNotFoundException $e) {

            }
        }
    }
}


1			<?php
2			/*
3			* This file is part of the GitControlBundle package.
4			*
5			* (c) Paul Schweppe <[email protected]>
6			*
7			* For the full copyright and license information, please view the LICENSE
8			* file that was distributed with this source code.
9			*/
10
11			namespace VersionControl\GitControlBundle\EventListener;
12
13			use Doctrine\ORM\Event\LifecycleEventArgs;
14			use Doctrine\Common\EventSubscriber;
15			use VersionControl\GitControlBundle\Entity\UserProjects;
16			use VersionControl\GitControlBundle\Entity\Project;
17			use Symfony\Component\Security\Core\Exception\AccessDeniedException;
18			use Symfony\Component\Security\Acl\Domain\ObjectIdentity;
19			use Symfony\Component\Security\Acl\Domain\UserSecurityIdentity;
20			use Symfony\Component\Security\Acl\Permission\MaskBuilder;
21			use Symfony\Component\DependencyInjection\ContainerInterface;
22
23			class ProjectAccessControlList implements EventSubscriber
24			{
25			/**
26			* @var Symfony\Component\Security\Acl\Model\AclProviderInterface
			0 ignored issues – show Bug introduced 2018-03-14 22:14 UTC by Report Bug Copy Issue Report The type `VersionControl\GitContro...el\AclProviderInterface` was not found. Did you mean `Symfony\Component\Securi...el\AclProviderInterface`? If so, make sure to prefix the type with `\`. Loading history...
27			*/
28			private $container;
29
30			public function __construct(ContainerInterface $container)
31			{
32			$this->container = $container;
			0 ignored issues – show Documentation Bug introduced 2018-03-14 22:14 UTC by Report Bug Copy Issue Report It seems like `$container` of type `Symfony\Component\Depend...tion\ContainerInterface` is incompatible with the declared type `VersionControl\GitContro...el\AclProviderInterface` of property `$container`. Our type inference engine has found an assignment to a property that is incompatible with the declared type of that property. Either this assignment is in error or the assigned type should be added to the documentation/type hint for that property.. Loading history...
33			}
34
35			public function getSubscribedEvents()
36			{
37			return array(
38			'postPersist',
39			'postUpdate',
40			'preRemove',
41			);
42			}
43
44			public function postPersist(LifecycleEventArgs $args)
45			{
46			$entity = $args->getEntity();
47			//$entityManager = $args->getEntityManager();
48
49			// If entity is userproject then update ACL based on roles
50			if ($entity instanceof UserProjects) {
51			$this->createACLSettings($entity);
52			}
53			}
54
55			public function postUpdate(LifecycleEventArgs $args)
56			{
57			$entity = $args->getEntity();
58			//$entityManager = $args->getEntityManager();
59
60			// If entity is userproject then update ACL based on roles
61			if ($entity instanceof UserProjects) {
62			$this->createACLSettings($entity);
63			}
64			}
65
66			public function preRemove(LifecycleEventArgs $args)
67			{
68			$entity = $args->getEntity();
69
70			// Deletes Acl settings for Project if it is deleted
71			if ($entity instanceof Project) {
72			$this->deleteACLSettingsForProject($entity);
73			}
74			}
75
76			/**
77			* Sets the Access Control Level for the user for this project.
78			*
79			* @param UserProjects $userProject
80			*
81			* @throws AccessDeniedException
82			*/
83			protected function createACLSettings(UserProjects $userProject)
84			{
85			// creating the ACL
86			$user = $userProject->getUser();
87			$project = $userProject->getProject();
88
89			$aclProvider = $this->container->get('security.acl.provider');
90			$objectIdentity = ObjectIdentity::fromDomainObject($project);
91			// retrieving the security identity of the currently logged-in user
92			$securityIdentity = UserSecurityIdentity::fromAccount($user);
93
94			try {
95			$acl = $aclProvider->findAcl($objectIdentity);
96
97			//Delete any Exisitng acls for this users. Only the Username seems to work
98			$aces = $acl->getObjectAces();
99			foreach ($aces as $i => $ace) {
100			if ($ace->getSecurityIdentity()->equals($securityIdentity)) {
101			//if($ace->getSecurityIdentity()->getUsername() == $user->getUsername()){
102			// Got it! Let's remove it!
103			$acl->deleteObjectAce($i);
104			}
105			}
106			} catch (\Symfony\Component\Security\Acl\Exception\AclNotFoundException $e) {
107			$acl = $aclProvider->createAcl($objectIdentity);
108			}
109
110			// grant owner access
111			if ($userProject->getRoles() == 'Reporter') {
112			$acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_VIEW);
113			} elseif ($userProject->getRoles() == 'Developer') {
114			$acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_OPERATOR);
115			} elseif ($userProject->getRoles() == 'Master') {
116			$acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_MASTER);
117			} elseif ($userProject->getRoles() == 'Owner') {
118			$acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_OWNER);
119			} else {
120			throw new AccessDeniedException('User Role is not valid');
121			}
122			$aclProvider->updateAcl($acl);
123			}
124
125			/**
126			* Deletes all ACL settings for a project entity.
127			*
128			* @param Project $project
129			*/
130			protected function deleteACLSettingsForProject(Project $project)
131			{
132			$aclProvider = $this->container->get('security.acl.provider');
133			$objectIdentity = ObjectIdentity::fromDomainObject($project);
134			$aclProvider->deleteAcl($objectIdentity);
135			}
136
137			/**
138			* Deletes all ACL settings for a user.
139			*
140			* @param type $user
			0 ignored issues – show Bug introduced 2018-03-14 22:14 UTC by Report Bug Copy Issue Report The type `VersionControl\GitControlBundle\EventListener\type` was not found. Maybe you did not declare it correctly or list all dependencies? The issue could also be caused by a filter entry in the build configuration. If the path has been excluded in your configuration, e.g. `excluded_paths: ["lib/"]`, you can move it to the dependency path list as follows: filter: dependency_paths: ["lib/"] For further information see https://scrutinizer-ci.com/docs/tools/php/php-scrutinizer/#list-dependency-paths Loading history...
141			* @todo: Figure out how to do this
142			*/
143			protected function deleteACLSettingsForUser($user)
144			{
145			$aclProvider = $this->container->get('security.acl.provider');
146			$securityIdentity = UserSecurityIdentity::fromAccount($user);
147
148			//Get all projects
149			$userProjects = $user->getUserProjects();
150			foreach ($userProjects as $userProject) {
151			$objectIdentity = ObjectIdentity::fromDomainObject($userProject->getProject());
152			try {
153			$acl = $aclProvider->findAcl($objectIdentity);
154
155			//Delete any Exisitng acls for this users. Only the Username seems to work
156			$aces = $acl->getObjectAces();
157			foreach ($aces as $i => $ace) {
158			if ($ace->getSecurityIdentity()->equals($securityIdentity)) {
159			$acl->deleteObjectAce($i);
160			}
161			}
162			} catch (\Symfony\Component\Security\Acl\Exception\AclNotFoundException $e) {
			0 ignored issues – show Coding Style Comprehensibility introduced 2018-03-14 22:14 UTC by Report Bug Copy Issue Report Consider adding a comment why this CATCH block is empty. Loading history...
163			}
164			}
165			}
166			}
167

SSHVersionControl / git-web-client

ProjectAccessControlList::createACLSettings() B last analyzed 2020-04-05 19:19 UTC

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like

ProjectAccessControlList::createACLSettings() B
last analyzed 2020-04-05 19:19 UTC