ezsystems /
ezpublish-kernel
Duplicate code is one of the most pungent code smells. A rule that is often used is to re-structure code once it is duplicated in three or more places.
Common duplication problems, and corresponding solutions are:
Complex classes like RoleService often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes. You can also have a look at the cohesion graph to spot any un-connected, or weakly-connected components.
Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.
While breaking up the class, it is a good idea to analyze how other classes use RoleService, and based on these observations, apply Extract Interface, too.
| 1 | <?php |
||
| 48 | class RoleService implements RoleServiceInterface |
||
| 49 | { |
||
| 50 | const DEFAULT_CORE_POLICYMAP = [ |
||
| 51 | 'content' => [ |
||
| 52 | 'read' => ['Class' => true, 'Section' => true, 'Owner' => true, 'Group' => true, 'Node' => true, 'Subtree' => true, 'State' => true], |
||
| 53 | 'diff' => ['Class' => true, 'Section' => true, 'Owner' => true, 'Node' => true, 'Subtree' => true], |
||
| 54 | 'view_embed' => ['Class' => true, 'Section' => true, 'Owner' => true, 'Node' => true, 'Subtree' => true], |
||
| 55 | 'create' => ['Class' => true, 'Section' => true, 'ParentOwner' => true, 'ParentGroup' => true, 'ParentClass' => true, 'ParentDepth' => true, 'Node' => true, 'Subtree' => true, 'Language' => true], |
||
| 56 | 'edit' => ['Class' => true, 'Section' => true, 'Owner' => true, 'Group' => true, 'Node' => true, 'Subtree' => true, 'Language' => true, 'State' => true], |
||
| 57 | 'manage_locations' => ['Class' => true, 'Section' => true, 'Owner' => true, 'Subtree' => true], |
||
| 58 | 'hide' => ['Class' => true, 'Section' => true, 'Owner' => true, 'Group' => true, 'Node' => true, 'Subtree' => true, 'Language' => true], |
||
| 59 | 'reverserelatedlist' => null, |
||
| 60 | 'translate' => ['Class' => true, 'Section' => true, 'Owner' => true, 'Node' => true, 'Subtree' => true, 'Language' => true], |
||
| 61 | 'remove' => ['Class' => true, 'Section' => true, 'Owner' => true, 'Node' => true, 'Subtree' => true, 'State' => true], |
||
| 62 | 'versionread' => ['Class' => true, 'Section' => true, 'Owner' => true, 'Status' => true, 'Node' => true, 'Subtree' => true], |
||
| 63 | 'versionremove' => ['Class' => true, 'Section' => true, 'Owner' => true, 'Status' => true, 'Node' => true, 'Subtree' => true], |
||
| 64 | 'translations' => null, |
||
| 65 | 'urltranslator' => null, |
||
| 66 | 'pendinglist' => null, |
||
| 67 | 'restore' => null, |
||
| 68 | 'cleantrash' => null, |
||
| 69 | ], |
||
| 70 | 'class' => [ |
||
| 71 | 'update' => null, |
||
| 72 | 'create' => null, |
||
| 73 | 'delete' => null, |
||
| 74 | ], |
||
| 75 | 'state' => [ |
||
| 76 | 'assign' => ['Class' => true, 'Section' => true, 'Owner' => true, 'Group' => true, 'Node' => true, 'Subtree' => true, 'State' => true, 'NewState' => true], |
||
| 77 | 'administrate' => null, |
||
| 78 | ], |
||
| 79 | 'role' => [ |
||
| 80 | 'assign' => null, |
||
| 81 | 'update' => null, |
||
| 82 | 'create' => null, |
||
| 83 | 'delete' => null, |
||
| 84 | 'read' => null, |
||
| 85 | ], |
||
| 86 | 'section' => [ |
||
| 87 | 'assign' => ['Class' => true, 'Section' => true, 'Owner' => true, 'NewSection' => true], |
||
| 88 | 'edit' => null, |
||
| 89 | 'view' => null, |
||
| 90 | ], |
||
| 91 | 'user' => [ |
||
| 92 | 'login' => ['SiteAccess' => true], |
||
| 93 | 'password' => null, |
||
| 94 | 'preferences' => null, |
||
| 95 | 'register' => null, |
||
| 96 | 'selfedit' => null, |
||
| 97 | 'activation' => null, |
||
| 98 | ], |
||
| 99 | ]; |
||
| 100 | |||
| 101 | /** |
||
| 102 | * @var \eZ\Publish\API\Repository\Repository |
||
| 103 | */ |
||
| 104 | protected $repository; |
||
| 105 | |||
| 106 | /** |
||
| 107 | * @var \eZ\Publish\SPI\Persistence\User\Handler |
||
| 108 | */ |
||
| 109 | protected $userHandler; |
||
| 110 | |||
| 111 | /** |
||
| 112 | * @var \eZ\Publish\Core\Repository\Helper\LimitationService |
||
| 113 | */ |
||
| 114 | protected $limitationService; |
||
| 115 | |||
| 116 | /** |
||
| 117 | * @var \eZ\Publish\Core\Repository\Helper\RoleDomainMapper |
||
| 118 | */ |
||
| 119 | protected $roleDomainMapper; |
||
| 120 | |||
| 121 | /** |
||
| 122 | * @var array |
||
| 123 | */ |
||
| 124 | protected $settings; |
||
| 125 | |||
| 126 | /** |
||
| 127 | * Setups service with reference to repository object that created it & corresponding handler. |
||
| 128 | * |
||
| 129 | * @param \eZ\Publish\API\Repository\Repository $repository |
||
| 130 | * @param \eZ\Publish\SPI\Persistence\User\Handler $userHandler |
||
| 131 | * @param \eZ\Publish\Core\Repository\Helper\LimitationService $limitationService |
||
| 132 | * @param \eZ\Publish\Core\Repository\Helper\RoleDomainMapper $roleDomainMapper |
||
| 133 | * @param array $settings |
||
| 134 | */ |
||
| 135 | public function __construct( |
||
| 152 | |||
| 153 | /** |
||
| 154 | * Creates a new RoleDraft. |
||
| 155 | * |
||
| 156 | * @since 6.0 |
||
| 157 | * |
||
| 158 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to create a RoleDraft |
||
| 159 | * @throws \eZ\Publish\API\Repository\Exceptions\InvalidArgumentException |
||
| 160 | * if the name of the role already exists or if limitation of the same type |
||
| 161 | * is repeated in the policy create struct or if limitation is not allowed on module/function |
||
| 162 | * @throws \eZ\Publish\API\Repository\Exceptions\LimitationValidationException if a policy limitation in the $roleCreateStruct is not valid |
||
| 163 | * |
||
| 164 | * @param \eZ\Publish\API\Repository\Values\User\RoleCreateStruct $roleCreateStruct |
||
| 165 | * |
||
| 166 | * @return \eZ\Publish\API\Repository\Values\User\RoleDraft |
||
| 167 | */ |
||
| 168 | public function createRole(APIRoleCreateStruct $roleCreateStruct) |
||
| 208 | |||
| 209 | /** |
||
| 210 | * Creates a new RoleDraft for an existing Role. |
||
| 211 | * |
||
| 212 | * @since 6.0 |
||
| 213 | * |
||
| 214 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to create a RoleDraft |
||
| 215 | * @throws \eZ\Publish\API\Repository\Exceptions\InvalidArgumentException if the Role already has a RoleDraft that will need to be removed first |
||
| 216 | * |
||
| 217 | * @param \eZ\Publish\API\Repository\Values\User\Role $role |
||
| 218 | * |
||
| 219 | * @return \eZ\Publish\API\Repository\Values\User\RoleDraft |
||
| 220 | */ |
||
| 221 | View Code Duplication | public function createRoleDraft(APIRole $role) |
|
| 248 | |||
| 249 | /** |
||
| 250 | * Loads a RoleDraft for the given id. |
||
| 251 | * |
||
| 252 | * @since 6.0 |
||
| 253 | * |
||
| 254 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to read this RoleDraft |
||
| 255 | * @throws \eZ\Publish\API\Repository\Exceptions\NotFoundException if a RoleDraft with the given id was not found |
||
| 256 | * |
||
| 257 | * @param mixed $id |
||
| 258 | * |
||
| 259 | * @return \eZ\Publish\API\Repository\Values\User\RoleDraft |
||
| 260 | */ |
||
| 261 | View Code Duplication | public function loadRoleDraft($id) |
|
| 271 | |||
| 272 | /** |
||
| 273 | * Loads a RoleDraft by the ID of the role it was created from. |
||
| 274 | * |
||
| 275 | * @param mixed $roleId ID of the role the draft was created from. |
||
| 276 | * |
||
| 277 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to read this role |
||
| 278 | * @throws \eZ\Publish\API\Repository\Exceptions\NotFoundException if a RoleDraft with the given id was not found |
||
| 279 | * |
||
| 280 | * @return \eZ\Publish\API\Repository\Values\User\RoleDraft |
||
| 281 | */ |
||
| 282 | View Code Duplication | public function loadRoleDraftByRoleId($roleId) |
|
| 292 | |||
| 293 | /** |
||
| 294 | * Updates the properties of a RoleDraft. |
||
| 295 | * |
||
| 296 | * @since 6.0 |
||
| 297 | * |
||
| 298 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to update a RoleDraft |
||
| 299 | * @throws \eZ\Publish\API\Repository\Exceptions\InvalidArgumentException if the identifier of the RoleDraft already exists |
||
| 300 | * |
||
| 301 | * @param \eZ\Publish\API\Repository\Values\User\RoleDraft $roleDraft |
||
| 302 | * @param \eZ\Publish\API\Repository\Values\User\RoleUpdateStruct $roleUpdateStruct |
||
| 303 | * |
||
| 304 | * @return \eZ\Publish\API\Repository\Values\User\RoleDraft |
||
| 305 | */ |
||
| 306 | public function updateRoleDraft(APIRoleDraft $roleDraft, RoleUpdateStruct $roleUpdateStruct) |
||
| 356 | |||
| 357 | /** |
||
| 358 | * Adds a new policy to the RoleDraft. |
||
| 359 | * |
||
| 360 | * @since 6.0 |
||
| 361 | * |
||
| 362 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to add a policy |
||
| 363 | * @throws \eZ\Publish\API\Repository\Exceptions\InvalidArgumentException if limitation of the same type is repeated in policy create |
||
| 364 | * struct or if limitation is not allowed on module/function |
||
| 365 | * @throws \eZ\Publish\API\Repository\Exceptions\LimitationValidationException if a limitation in the $policyCreateStruct is not valid |
||
| 366 | * |
||
| 367 | * @param \eZ\Publish\API\Repository\Values\User\RoleDraft $roleDraft |
||
| 368 | * @param \eZ\Publish\API\Repository\Values\User\PolicyCreateStruct $policyCreateStruct |
||
| 369 | * |
||
| 370 | * @return \eZ\Publish\API\Repository\Values\User\RoleDraft |
||
| 371 | */ |
||
| 372 | View Code Duplication | public function addPolicyByRoleDraft(APIRoleDraft $roleDraft, APIPolicyCreateStruct $policyCreateStruct) |
|
| 419 | |||
| 420 | /** |
||
| 421 | * Removes a policy from a RoleDraft. |
||
| 422 | * |
||
| 423 | * @since 6.0 |
||
| 424 | * |
||
| 425 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to remove a policy |
||
| 426 | * @throws \eZ\Publish\API\Repository\Exceptions\InvalidArgumentException if policy does not belong to the given RoleDraft |
||
| 427 | * |
||
| 428 | * @param \eZ\Publish\API\Repository\Values\User\RoleDraft $roleDraft |
||
| 429 | * @param PolicyDraft $policyDraft the policy to remove from the RoleDraft |
||
| 430 | * |
||
| 431 | * @return APIRoleDraft if the authenticated user is not allowed to remove a policy |
||
| 432 | */ |
||
| 433 | View Code Duplication | public function removePolicyByRoleDraft(APIRoleDraft $roleDraft, PolicyDraft $policyDraft) |
|
| 447 | |||
| 448 | /** |
||
| 449 | * Updates the limitations of a policy. The module and function cannot be changed and |
||
| 450 | * the limitations are replaced by the ones in $roleUpdateStruct. |
||
| 451 | * |
||
| 452 | * @since 6.0 |
||
| 453 | * |
||
| 454 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to update a policy |
||
| 455 | * @throws \eZ\Publish\API\Repository\Exceptions\InvalidArgumentException if limitation of the same type is repeated in policy update |
||
| 456 | * struct or if limitation is not allowed on module/function |
||
| 457 | * @throws \eZ\Publish\API\Repository\Exceptions\LimitationValidationException if a limitation in the $policyUpdateStruct is not valid |
||
| 458 | * |
||
| 459 | * @param \eZ\Publish\API\Repository\Values\User\RoleDraft $roleDraft |
||
| 460 | * @param \eZ\Publish\API\Repository\Values\User\PolicyDraft $policy |
||
| 461 | * @param \eZ\Publish\API\Repository\Values\User\PolicyUpdateStruct $policyUpdateStruct |
||
| 462 | * |
||
| 463 | * @return \eZ\Publish\API\Repository\Values\User\PolicyDraft |
||
| 464 | */ |
||
| 465 | public function updatePolicyByRoleDraft(APIRoleDraft $roleDraft, PolicyDraft $policy, APIPolicyUpdateStruct $policyUpdateStruct) |
||
| 513 | |||
| 514 | /** |
||
| 515 | * Deletes the given RoleDraft. |
||
| 516 | * |
||
| 517 | * @since 6.0 |
||
| 518 | * |
||
| 519 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to delete this RoleDraft |
||
| 520 | * |
||
| 521 | * @param \eZ\Publish\API\Repository\Values\User\RoleDraft $roleDraft |
||
| 522 | */ |
||
| 523 | public function deleteRoleDraft(APIRoleDraft $roleDraft) |
||
| 536 | |||
| 537 | /** |
||
| 538 | * Publishes a given RoleDraft. |
||
| 539 | * |
||
| 540 | * @since 6.0 |
||
| 541 | * |
||
| 542 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to publish this RoleDraft |
||
| 543 | * @throws \eZ\Publish\API\Repository\Exceptions\BadStateException if the role draft cannot be loaded |
||
| 544 | * @throws \eZ\Publish\API\Repository\Exceptions\InvalidArgumentException if the role draft has no policies |
||
| 545 | * |
||
| 546 | * @param \eZ\Publish\API\Repository\Values\User\RoleDraft $roleDraft |
||
| 547 | */ |
||
| 548 | View Code Duplication | public function publishRoleDraft(APIRoleDraft $roleDraft) |
|
| 581 | |||
| 582 | /** |
||
| 583 | * Updates the name of the role. |
||
| 584 | * |
||
| 585 | * @deprecated since 6.0, use {@see updateRoleDraft} |
||
| 586 | * |
||
| 587 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to update a role |
||
| 588 | * @throws \eZ\Publish\API\Repository\Exceptions\InvalidArgumentException if the name of the role already exists |
||
| 589 | * |
||
| 590 | * @param \eZ\Publish\API\Repository\Values\User\Role $role |
||
| 591 | * @param \eZ\Publish\API\Repository\Values\User\RoleUpdateStruct $roleUpdateStruct |
||
| 592 | * |
||
| 593 | * @return \eZ\Publish\API\Repository\Values\User\Role |
||
| 594 | */ |
||
| 595 | public function updateRole(APIRole $role, RoleUpdateStruct $roleUpdateStruct) |
||
| 640 | |||
| 641 | /** |
||
| 642 | * Adds a new policy to the role. |
||
| 643 | * |
||
| 644 | * @deprecated since 6.0, use {@see addPolicyByRoleDraft} |
||
| 645 | * |
||
| 646 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to add a policy |
||
| 647 | * @throws \eZ\Publish\API\Repository\Exceptions\InvalidArgumentException if limitation of the same type is repeated in policy create |
||
| 648 | * struct or if limitation is not allowed on module/function |
||
| 649 | * @throws \eZ\Publish\API\Repository\Exceptions\LimitationValidationException if a limitation in the $policyCreateStruct is not valid |
||
| 650 | * |
||
| 651 | * @param \eZ\Publish\API\Repository\Values\User\Role $role |
||
| 652 | * @param \eZ\Publish\API\Repository\Values\User\PolicyCreateStruct $policyCreateStruct |
||
| 653 | * |
||
| 654 | * @return \eZ\Publish\API\Repository\Values\User\Role |
||
| 655 | */ |
||
| 656 | View Code Duplication | public function addPolicy(APIRole $role, APIPolicyCreateStruct $policyCreateStruct) |
|
| 703 | |||
| 704 | /** |
||
| 705 | * Removes a policy from the role. |
||
| 706 | * |
||
| 707 | * @deprecated since 5.3, use {@link removePolicyByRoleDraft()} instead. |
||
| 708 | * |
||
| 709 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to remove a policy |
||
| 710 | * @throws \eZ\Publish\API\Repository\Exceptions\InvalidArgumentException if policy does not belong to the given role |
||
| 711 | * |
||
| 712 | * @param \eZ\Publish\API\Repository\Values\User\Role $role |
||
| 713 | * @param \eZ\Publish\API\Repository\Values\User\Policy $policy the policy to remove from the role |
||
| 714 | * |
||
| 715 | * @return \eZ\Publish\API\Repository\Values\User\Role the updated role |
||
| 716 | */ |
||
| 717 | View Code Duplication | public function removePolicy(APIRole $role, APIPolicy $policy) |
|
| 731 | |||
| 732 | /** |
||
| 733 | * Deletes a policy. |
||
| 734 | * |
||
| 735 | * @deprecated since 6.0, use {@link removePolicyByRoleDraft()} instead. |
||
| 736 | * |
||
| 737 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to remove a policy |
||
| 738 | * |
||
| 739 | * @param \eZ\Publish\API\Repository\Values\User\Policy $policy the policy to delete |
||
| 740 | */ |
||
| 741 | public function deletePolicy(APIPolicy $policy) |
||
| 749 | |||
| 750 | /** |
||
| 751 | * Deletes a policy. |
||
| 752 | * |
||
| 753 | * Used by {@link removePolicy()} and {@link deletePolicy()} |
||
| 754 | * |
||
| 755 | * @param APIPolicy $policy |
||
| 756 | * |
||
| 757 | * @throws \Exception |
||
| 758 | */ |
||
| 759 | protected function internalDeletePolicy(APIPolicy $policy) |
||
| 770 | |||
| 771 | /** |
||
| 772 | * Updates the limitations of a policy. The module and function cannot be changed and |
||
| 773 | * the limitations are replaced by the ones in $roleUpdateStruct. |
||
| 774 | * |
||
| 775 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to update a policy |
||
| 776 | * @throws \eZ\Publish\API\Repository\Exceptions\InvalidArgumentException if limitation of the same type is repeated in policy update |
||
| 777 | * struct or if limitation is not allowed on module/function |
||
| 778 | * @throws \eZ\Publish\API\Repository\Exceptions\LimitationValidationException if a limitation in the $policyUpdateStruct is not valid |
||
| 779 | * |
||
| 780 | * @param \eZ\Publish\API\Repository\Values\User\PolicyUpdateStruct $policyUpdateStruct |
||
| 781 | * @param \eZ\Publish\API\Repository\Values\User\Policy $policy |
||
| 782 | * |
||
| 783 | * @return \eZ\Publish\API\Repository\Values\User\Policy |
||
| 784 | */ |
||
| 785 | public function updatePolicy(APIPolicy $policy, APIPolicyUpdateStruct $policyUpdateStruct) |
||
| 828 | |||
| 829 | /** |
||
| 830 | * Loads a role for the given id. |
||
| 831 | * |
||
| 832 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to read this role |
||
| 833 | * @throws \eZ\Publish\API\Repository\Exceptions\NotFoundException if a role with the given id was not found |
||
| 834 | * |
||
| 835 | * @param mixed $id |
||
| 836 | * |
||
| 837 | * @return \eZ\Publish\API\Repository\Values\User\Role |
||
| 838 | */ |
||
| 839 | View Code Duplication | public function loadRole($id) |
|
| 849 | |||
| 850 | /** |
||
| 851 | * Loads a role for the given identifier. |
||
| 852 | * |
||
| 853 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to read this role |
||
| 854 | * @throws \eZ\Publish\API\Repository\Exceptions\NotFoundException if a role with the given name was not found |
||
| 855 | * |
||
| 856 | * @param string $identifier |
||
| 857 | * |
||
| 858 | * @return \eZ\Publish\API\Repository\Values\User\Role |
||
| 859 | */ |
||
| 860 | View Code Duplication | public function loadRoleByIdentifier($identifier) |
|
| 874 | |||
| 875 | /** |
||
| 876 | * Loads all roles. |
||
| 877 | * |
||
| 878 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to read the roles |
||
| 879 | * |
||
| 880 | * @return \eZ\Publish\API\Repository\Values\User\Role[] |
||
| 881 | */ |
||
| 882 | View Code Duplication | public function loadRoles() |
|
| 897 | |||
| 898 | /** |
||
| 899 | * Deletes the given role. |
||
| 900 | * |
||
| 901 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to delete this role |
||
| 902 | * |
||
| 903 | * @param \eZ\Publish\API\Repository\Values\User\Role $role |
||
| 904 | */ |
||
| 905 | public function deleteRole(APIRole $role) |
||
| 922 | |||
| 923 | /** |
||
| 924 | * Loads all policies from roles which are assigned to a user or to user groups to which the user belongs. |
||
| 925 | * |
||
| 926 | * @throws \eZ\Publish\API\Repository\Exceptions\NotFoundException if a user with the given id was not found |
||
| 927 | * |
||
| 928 | * @param mixed $userId |
||
| 929 | * |
||
| 930 | * @return \eZ\Publish\API\Repository\Values\User\Policy[] |
||
| 931 | */ |
||
| 932 | public function loadPoliciesByUserId($userId) |
||
| 947 | |||
| 948 | /** |
||
| 949 | * Assigns a role to the given user group. |
||
| 950 | * |
||
| 951 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to assign a role |
||
| 952 | * @throws \eZ\Publish\API\Repository\Exceptions\LimitationValidationException if $roleLimitation is not valid |
||
| 953 | * @throws \eZ\Publish\API\Repository\Exceptions\InvalidArgumentException If assignment already exists |
||
| 954 | * |
||
| 955 | * @param \eZ\Publish\API\Repository\Values\User\Role $role |
||
| 956 | * @param \eZ\Publish\API\Repository\Values\User\UserGroup $userGroup |
||
| 957 | * @param \eZ\Publish\API\Repository\Values\User\Limitation\RoleLimitation $roleLimitation an optional role limitation (which is either a subtree limitation or section limitation) |
||
| 958 | */ |
||
| 959 | View Code Duplication | public function assignRoleToUserGroup(APIRole $role, UserGroup $userGroup, RoleLimitation $roleLimitation = null) |
|
| 995 | |||
| 996 | /** |
||
| 997 | * removes a role from the given user group. |
||
| 998 | * |
||
| 999 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to remove a role |
||
| 1000 | * @throws \eZ\Publish\API\Repository\Exceptions\InvalidArgumentException If the role is not assigned to the given user group |
||
| 1001 | * |
||
| 1002 | * @param \eZ\Publish\API\Repository\Values\User\Role $role |
||
| 1003 | * @param \eZ\Publish\API\Repository\Values\User\UserGroup $userGroup |
||
| 1004 | */ |
||
| 1005 | View Code Duplication | public function unassignRoleFromUserGroup(APIRole $role, UserGroup $userGroup) |
|
| 1036 | |||
| 1037 | /** |
||
| 1038 | * Assigns a role to the given user. |
||
| 1039 | * |
||
| 1040 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to assign a role |
||
| 1041 | * @throws \eZ\Publish\API\Repository\Exceptions\LimitationValidationException if $roleLimitation is not valid |
||
| 1042 | * @throws \eZ\Publish\API\Repository\Exceptions\InvalidArgumentException If assignment already exists |
||
| 1043 | * |
||
| 1044 | * @param \eZ\Publish\API\Repository\Values\User\Role $role |
||
| 1045 | * @param \eZ\Publish\API\Repository\Values\User\User $user |
||
| 1046 | * @param \eZ\Publish\API\Repository\Values\User\Limitation\RoleLimitation $roleLimitation an optional role limitation (which is either a subtree limitation or section limitation) |
||
| 1047 | */ |
||
| 1048 | View Code Duplication | public function assignRoleToUser(APIRole $role, User $user, RoleLimitation $roleLimitation = null) |
|
| 1084 | |||
| 1085 | /** |
||
| 1086 | * removes a role from the given user. |
||
| 1087 | * |
||
| 1088 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to remove a role |
||
| 1089 | * @throws \eZ\Publish\API\Repository\Exceptions\InvalidArgumentException If the role is not assigned to the user |
||
| 1090 | * |
||
| 1091 | * @param \eZ\Publish\API\Repository\Values\User\Role $role |
||
| 1092 | * @param \eZ\Publish\API\Repository\Values\User\User $user |
||
| 1093 | */ |
||
| 1094 | View Code Duplication | public function unassignRoleFromUser(APIRole $role, User $user) |
|
| 1125 | |||
| 1126 | /** |
||
| 1127 | * Removes the given role assignment. |
||
| 1128 | * |
||
| 1129 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to remove a role assignment |
||
| 1130 | * |
||
| 1131 | * @param \eZ\Publish\API\Repository\Values\User\RoleAssignment $roleAssignment |
||
| 1132 | */ |
||
| 1133 | public function removeRoleAssignment(RoleAssignment $roleAssignment) |
||
| 1150 | |||
| 1151 | /** |
||
| 1152 | * Loads a role assignment for the given id. |
||
| 1153 | * |
||
| 1154 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to read this role |
||
| 1155 | * @throws \eZ\Publish\API\Repository\Exceptions\NotFoundException If the role assignment was not found |
||
| 1156 | * |
||
| 1157 | * @param mixed $roleAssignmentId |
||
| 1158 | * |
||
| 1159 | * @return \eZ\Publish\API\Repository\Values\User\RoleAssignment |
||
| 1160 | */ |
||
| 1161 | public function loadRoleAssignment($roleAssignmentId) |
||
| 1196 | |||
| 1197 | /** |
||
| 1198 | * Returns the assigned user and user groups to this role. |
||
| 1199 | * |
||
| 1200 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to read a role |
||
| 1201 | * |
||
| 1202 | * @param \eZ\Publish\API\Repository\Values\User\Role $role |
||
| 1203 | * |
||
| 1204 | * @return \eZ\Publish\API\Repository\Values\User\RoleAssignment[] |
||
| 1205 | */ |
||
| 1206 | public function getRoleAssignments(APIRole $role) |
||
| 1242 | |||
| 1243 | /** |
||
| 1244 | * @see \eZ\Publish\API\Repository\RoleService::getRoleAssignmentsForUser() |
||
| 1245 | */ |
||
| 1246 | public function getRoleAssignmentsForUser(User $user, $inherited = false) |
||
| 1274 | |||
| 1275 | /** |
||
| 1276 | * Returns the roles assigned to the given user group. |
||
| 1277 | * |
||
| 1278 | * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the authenticated user is not allowed to read a role |
||
| 1279 | * |
||
| 1280 | * @param \eZ\Publish\API\Repository\Values\User\UserGroup $userGroup |
||
| 1281 | * |
||
| 1282 | * @return \eZ\Publish\API\Repository\Values\User\UserGroupRoleAssignment[] |
||
| 1283 | */ |
||
| 1284 | public function getRoleAssignmentsForUserGroup(UserGroup $userGroup) |
||
| 1303 | |||
| 1304 | /** |
||
| 1305 | * Instantiates a role create class. |
||
| 1306 | * |
||
| 1307 | * @param string $name |
||
| 1308 | * |
||
| 1309 | * @return \eZ\Publish\API\Repository\Values\User\RoleCreateStruct |
||
| 1310 | */ |
||
| 1311 | public function newRoleCreateStruct($name) |
||
| 1320 | |||
| 1321 | /** |
||
| 1322 | * Instantiates a policy create class. |
||
| 1323 | * |
||
| 1324 | * @param string $module |
||
| 1325 | * @param string $function |
||
| 1326 | * |
||
| 1327 | * @return \eZ\Publish\API\Repository\Values\User\PolicyCreateStruct |
||
| 1328 | */ |
||
| 1329 | public function newPolicyCreateStruct($module, $function) |
||
| 1339 | |||
| 1340 | /** |
||
| 1341 | * Instantiates a policy update class. |
||
| 1342 | * |
||
| 1343 | * @return \eZ\Publish\API\Repository\Values\User\PolicyUpdateStruct |
||
| 1344 | */ |
||
| 1345 | public function newPolicyUpdateStruct() |
||
| 1353 | |||
| 1354 | /** |
||
| 1355 | * Instantiates a policy update class. |
||
| 1356 | * |
||
| 1357 | * @return \eZ\Publish\API\Repository\Values\User\RoleUpdateStruct |
||
| 1358 | */ |
||
| 1359 | public function newRoleUpdateStruct() |
||
| 1363 | |||
| 1364 | /** |
||
| 1365 | * Returns the LimitationType registered with the given identifier. |
||
| 1366 | * |
||
| 1367 | * Returns the correct implementation of API Limitation value object |
||
| 1368 | * based on provided identifier |
||
| 1369 | * |
||
| 1370 | * @param string $identifier |
||
| 1371 | * |
||
| 1372 | * @return \eZ\Publish\SPI\Limitation\Type |
||
| 1373 | * |
||
| 1374 | * @throws \RuntimeException if there is no LimitationType with $identifier |
||
| 1375 | */ |
||
| 1376 | public function getLimitationType($identifier) |
||
| 1380 | |||
| 1381 | /** |
||
| 1382 | * Returns the LimitationType's assigned to a given module/function. |
||
| 1383 | * |
||
| 1384 | * Typically used for: |
||
| 1385 | * - Internal validation limitation value use on Policies |
||
| 1386 | * - Role admin gui for editing policy limitations incl list limitation options via valueSchema() |
||
| 1387 | * |
||
| 1388 | * @param string $module Legacy name of "controller", it's a unique identifier like "content" |
||
| 1389 | * @param string $function Legacy name of a controller "action", it's a unique within the controller like "read" |
||
| 1390 | * |
||
| 1391 | * @return \eZ\Publish\SPI\Limitation\Type[] |
||
| 1392 | * |
||
| 1393 | * @throws \eZ\Publish\API\Repository\Exceptions\BadStateException If module/function to limitation type mapping |
||
| 1394 | * refers to a non existing identifier. |
||
| 1395 | */ |
||
| 1396 | public function getLimitationTypesByModuleFunction($module, $function) |
||
| 1417 | |||
| 1418 | /** |
||
| 1419 | * Validates Policies and Limitations in Role create struct. |
||
| 1420 | * |
||
| 1421 | * @uses ::validatePolicy() |
||
| 1422 | * |
||
| 1423 | * @param \eZ\Publish\API\Repository\Values\User\RoleCreateStruct $roleCreateStruct |
||
| 1424 | * |
||
| 1425 | * @return \eZ\Publish\Core\FieldType\ValidationError[][][] |
||
| 1426 | */ |
||
| 1427 | protected function validateRoleCreateStruct(APIRoleCreateStruct $roleCreateStruct) |
||
| 1444 | |||
| 1445 | /** |
||
| 1446 | * Validates Policy context: Limitations on a module and function. |
||
| 1447 | * |
||
| 1448 | * @throws \eZ\Publish\Core\Base\Exceptions\InvalidArgumentException If the same limitation is repeated or if |
||
| 1449 | * limitation is not allowed on module/function |
||
| 1450 | * |
||
| 1451 | * @param string $module |
||
| 1452 | * @param string $function |
||
| 1453 | * @param \eZ\Publish\API\Repository\Values\User\Limitation[] $limitations |
||
| 1454 | * |
||
| 1455 | * @return \eZ\Publish\Core\FieldType\ValidationError[][] |
||
| 1456 | */ |
||
| 1457 | protected function validatePolicy($module, $function, array $limitations) |
||
| 1482 | |||
| 1483 | /** |
||
| 1484 | * Validate that assignments not already exists and filter validations against existing. |
||
| 1485 | * |
||
| 1486 | * @param mixed $contentId |
||
| 1487 | * @param SPIRole $spiRole |
||
| 1488 | * @param array|null $limitation |
||
| 1489 | * |
||
| 1490 | * @return array[]|null Filtered version of $limitation |
||
| 1491 | * |
||
| 1492 | * @throws \eZ\Publish\Core\Base\Exceptions\InvalidArgumentException If assignment already exists |
||
| 1493 | */ |
||
| 1494 | protected function checkAssignmentAndFilterLimitationValues($contentId, SPIRole $spiRole, array $limitation = null) |
||
| 1536 | } |
||
| 1537 |
Loading history...
This method has been deprecated. The supplier of the class has supplied an explanatory message.
The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.