1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
declare(strict_types=1); |
4
|
|
|
|
5
|
|
|
/* |
6
|
|
|
* This file is part of the Sonata Project package. |
7
|
|
|
* |
8
|
|
|
* (c) Thomas Rabaix <[email protected]> |
9
|
|
|
* |
10
|
|
|
* For the full copyright and license information, please view the LICENSE |
11
|
|
|
* file that was distributed with this source code. |
12
|
|
|
*/ |
13
|
|
|
|
14
|
|
|
namespace Sonata\DoctrineMongoDBAdminBundle\Util; |
15
|
|
|
|
16
|
|
|
use Doctrine\ODM\MongoDB\DocumentManager; |
17
|
|
|
use Sonata\AdminBundle\Admin\AdminInterface; |
18
|
|
|
use Sonata\AdminBundle\Exception\ModelManagerException; |
19
|
|
|
use Sonata\AdminBundle\Security\Handler\AclSecurityHandlerInterface; |
20
|
|
|
use Sonata\AdminBundle\Util\ObjectAclManipulator as BaseObjectAclManipulator; |
21
|
|
|
use Symfony\Component\Console\Output\OutputInterface; |
22
|
|
|
use Symfony\Component\Security\Acl\Domain\ObjectIdentity; |
23
|
|
|
use Symfony\Component\Security\Acl\Domain\UserSecurityIdentity; |
24
|
|
|
|
25
|
|
|
class ObjectAclManipulator extends BaseObjectAclManipulator |
26
|
|
|
{ |
27
|
|
|
public function batchConfigureAcls(OutputInterface $output, AdminInterface $admin, ?UserSecurityIdentity $securityIdentity = null): void |
28
|
|
|
{ |
29
|
|
|
$securityHandler = $admin->getSecurityHandler(); |
30
|
|
|
if (!$securityHandler instanceof AclSecurityHandlerInterface) { |
31
|
|
|
$output->writeln('Admin class is not configured to use ACL : <info>ignoring</info>'); |
32
|
|
|
|
33
|
|
|
return; |
34
|
|
|
} |
35
|
|
|
|
36
|
|
|
$output->writeln(sprintf(' > generate ACLs for %s', $admin->getCode())); |
37
|
|
|
$objectOwnersMsg = null === $securityIdentity ? '' : ' and set the object owner'; |
38
|
|
|
|
39
|
|
|
/** @var DocumentManager $om */ |
40
|
|
|
$om = $admin->getModelManager()->getDocumentManager(); |
41
|
|
|
$qb = $om->createQueryBuilder($admin->getClass()); |
42
|
|
|
|
43
|
|
|
$count = 0; |
44
|
|
|
$countUpdated = 0; |
45
|
|
|
$countAdded = 0; |
46
|
|
|
|
47
|
|
|
try { |
48
|
|
|
$batchSize = 20; |
49
|
|
|
$batchSizeOutput = 200; |
50
|
|
|
$objectIds = []; |
51
|
|
|
$objectIdIterator = new \ArrayIterator(); |
52
|
|
|
|
53
|
|
|
foreach ($qb->getQuery()->iterate() as $row) { |
54
|
|
|
$objectIds[] = ObjectIdentity::fromDomainObject($row); |
55
|
|
|
$objectIdIterator = new \ArrayIterator($objectIds); |
56
|
|
|
|
57
|
|
|
// detach from Doctrine, so that it can be Garbage-Collected immediately |
58
|
|
|
$om->detach($row); |
59
|
|
|
|
60
|
|
|
++$count; |
61
|
|
|
|
62
|
|
|
if (0 === ($count % $batchSize)) { |
63
|
|
|
[$batchAdded, $batchUpdated] = $this->configureAcls($output, $admin, $objectIdIterator, $securityIdentity); |
|
|
|
|
64
|
|
|
$countAdded += $batchAdded; |
65
|
|
|
$countUpdated += $batchUpdated; |
66
|
|
|
$objectIds = []; |
67
|
|
|
} |
68
|
|
|
|
69
|
|
|
if (0 === ($count % $batchSizeOutput)) { |
70
|
|
|
$output->writeln(sprintf( |
71
|
|
|
' - generated class ACEs%s for %s objects (added %s, updated %s)', |
72
|
|
|
$objectOwnersMsg, |
73
|
|
|
$count, |
74
|
|
|
$countAdded, |
75
|
|
|
$countUpdated |
76
|
|
|
)); |
77
|
|
|
} |
78
|
|
|
} |
79
|
|
|
|
80
|
|
|
if (\count($objectIds) > 0) { |
81
|
|
|
[$batchAdded, $batchUpdated] = $this->configureAcls($output, $admin, $objectIdIterator, $securityIdentity); |
82
|
|
|
$countAdded += $batchAdded; |
83
|
|
|
$countUpdated += $batchUpdated; |
84
|
|
|
} |
85
|
|
|
} catch (\BadMethodCallException $e) { |
86
|
|
|
throw new ModelManagerException('', 0, $e); |
87
|
|
|
} |
88
|
|
|
|
89
|
|
|
$output->writeln(sprintf( |
90
|
|
|
' - [TOTAL] generated class ACEs%s for %s objects (added %s, updated %s)', |
91
|
|
|
$objectOwnersMsg, |
92
|
|
|
$count, |
93
|
|
|
$countAdded, |
94
|
|
|
$countUpdated |
95
|
|
|
)); |
96
|
|
|
} |
97
|
|
|
} |
98
|
|
|
|
This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.