Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Narrow Util Directory #6366

Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 5 additions & 12 deletions src/Util/AdminAclManipulator.php
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,6 @@
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Security\Acl\Domain\ObjectIdentity;
use Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity;
use Symfony\Component\Security\Acl\Model\AclInterface;
use Symfony\Component\Security\Acl\Model\MutableAclInterface;

/**
Expand All @@ -28,13 +27,14 @@ final class AdminAclManipulator implements AdminAclManipulatorInterface
{
/**
* @var string
* @phpstan-var class-string
*/
private $maskBuilderClass;

/**
* @param string $maskBuilderClass
* @phpstan-param class-string $maskBuilderClass
*/
public function __construct($maskBuilderClass)
public function __construct(string $maskBuilderClass)
{
$this->maskBuilderClass = $maskBuilderClass;
}
Expand Down Expand Up @@ -69,17 +69,10 @@ public function configureAcls(OutputInterface $output, AdminInterface $admin): v

public function addAdminClassAces(
OutputInterface $output,
AclInterface $acl,
MutableAclInterface $acl,
AclSecurityHandlerInterface $securityHandler,
array $roleInformation = []
) {
if (!$acl instanceof MutableAclInterface) {
throw new \TypeError(sprintf(
'Argument 2 passed to "%s()" must implement "%s".',
__METHOD__,
MutableAclInterface::class
));
}
): bool {
if (\count($securityHandler->getAdminPermissions()) > 0) {
$builder = new $this->maskBuilderClass();

Expand Down
10 changes: 5 additions & 5 deletions src/Util/AdminAclManipulatorInterface.php
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
use Sonata\AdminBundle\Admin\AdminInterface;
use Sonata\AdminBundle\Security\Handler\AclSecurityHandlerInterface;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Security\Acl\Model\AclInterface;
use Symfony\Component\Security\Acl\Model\MutableAclInterface;

/**
* @author Thomas Rabaix <[email protected]>
Expand All @@ -26,17 +26,17 @@ interface AdminAclManipulatorInterface
/**
* Batch configure the ACLs for all objects handled by an Admin.
*/
public function configureAcls(OutputInterface $output, AdminInterface $admin);
public function configureAcls(OutputInterface $output, AdminInterface $admin): void;

/**
* Add the class ACE's to the admin ACL.
*
* @return bool TRUE if admin class ACEs are added, FALSE if not
* @param array<string, string[]> $roleInformation
*/
public function addAdminClassAces(
OutputInterface $output,
AclInterface $acl,
MutableAclInterface $acl,
AclSecurityHandlerInterface $securityHandler,
array $roleInformation = []
);
): bool;
}
138 changes: 37 additions & 101 deletions src/Util/AdminObjectAclData.php
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,6 @@

use Sonata\AdminBundle\Admin\AdminInterface;
use Sonata\AdminBundle\Security\Handler\AclSecurityHandlerInterface;
use Symfony\Component\Form\Form;
use Symfony\Component\Form\FormInterface;
use Symfony\Component\Security\Acl\Domain\Acl;
use Symfony\Component\Security\Acl\Model\MutableAclInterface;
Expand All @@ -30,7 +29,7 @@
class AdminObjectAclData
{
/**
* @var array Permissions managed only by a OWNER
* @var string[] Permissions managed only by a OWNER
*/
protected static $ownerPermissions = ['MASTER', 'OWNER'];

Expand Down Expand Up @@ -60,34 +59,37 @@ class AdminObjectAclData
protected $masks = [];

/**
* @var FormInterface
* @var FormInterface|null
*/
protected $aclUsersForm;

/**
* @var FormInterface
* @var FormInterface|null
*/
protected $aclRolesForm;

/**
* @var MutableAclInterface
* @var MutableAclInterface|null
*/
protected $acl;

/**
* @var string
* @phpstan-var class-string
*/
protected $maskBuilderClass;

/**
* @param object $object
* @param string $maskBuilderClass
* @param \Traversable $aclUsers
* @param \Traversable|null $aclRoles
*
* @phpstan-param class-string $maskBuilderClass
*/
public function __construct(
AdminInterface $admin,
$object,
object $object,
\Traversable $aclUsers,
$maskBuilderClass,
string $maskBuilderClass,
?\Traversable $aclRoles = null
) {
$this->admin = $admin;
Expand All @@ -102,138 +104,79 @@ public function __construct(
$this->updateMasks();
}

/**
* Gets admin.
*
* @return AdminInterface
*/
public function getAdmin()
public function getAdmin(): AdminInterface
{
return $this->admin;
}

/**
* Gets object.
*
* @return object
*/
public function getObject()
public function getObject(): object
{
return $this->object;
}

/**
* Gets ACL users.
*
* @return \Traversable
*/
public function getAclUsers()
public function getAclUsers(): \Traversable
{
return $this->aclUsers;
}

/**
* Gets ACL roles.
*
* @return \Traversable
*/
public function getAclRoles()
public function getAclRoles(): \Traversable
{
return $this->aclRoles;
}

/**
* Sets ACL.
*
* @return AdminObjectAclData
*/
public function setAcl(MutableAclInterface $acl)
public function setAcl(MutableAclInterface $acl): self
{
$this->acl = $acl;

return $this;
}

/**
* Gets ACL.
*
* @return MutableAclInterface
*/
public function getAcl()
public function getAcl(): MutableAclInterface
{
\assert($this->acl !== null);

return $this->acl;
}

/**
* Gets masks.
*
* @return array
*/
public function getMasks()
public function getMasks(): array
{
return $this->masks;
}

/**
* Sets ACL users form.
*
* @return AdminObjectAclData
*/
public function setAclUsersForm(FormInterface $form)
public function setAclUsersForm(FormInterface $form): self
{
$this->aclUsersForm = $form;

return $this;
}

/**
* Gets ACL users form.
*
* @return FormInterface
*/
public function getAclUsersForm()
public function getAclUsersForm(): FormInterface
{
\assert($this->aclUsersForm !== null);

return $this->aclUsersForm;
}

/**
* Sets ACL roles form.
*
* @return AdminObjectAclData
*/
public function setAclRolesForm(FormInterface $form)
public function setAclRolesForm(FormInterface $form): self
{
$this->aclRolesForm = $form;

return $this;
}

/**
* Gets ACL roles form.
*
* @return FormInterface
*/
public function getAclRolesForm()
public function getAclRolesForm(): FormInterface
{
\assert($this->aclRolesForm !== null);

return $this->aclRolesForm;
}

/**
* Gets permissions.
*
* @return array
*/
public function getPermissions()
public function getPermissions(): array
{
return $this->getSecurityHandler()->getObjectPermissions();
}

/**
* Get permissions that the current user can set.
*
* @return array
*/
public function getUserPermissions()
public function getUserPermissions(): array
{
$permissions = $this->getPermissions();

Expand All @@ -249,39 +192,32 @@ public function getUserPermissions()
return $permissions;
}

public function getOwnerPermissions()
/**
* @return string[]
*/
public function getOwnerPermissions(): array
{
return self::$ownerPermissions;
}

/**
* Tests if the current user has the OWNER right.
*
* @return bool
*/
public function isOwner()
public function isOwner(): bool
{
// Only a owner can set MASTER and OWNER ACL
return $this->admin->isGranted('OWNER', $this->object);
}

/**
* Gets security handler.
*
* @return AclSecurityHandlerInterface
*/
public function getSecurityHandler()
public function getSecurityHandler(): AclSecurityHandlerInterface
{
$securityHandler = $this->admin->getSecurityHandler();
\assert($securityHandler instanceof AclSecurityHandlerInterface);

return $securityHandler;
}

/**
* @return array
*/
public function getSecurityInformation()
public function getSecurityInformation(): array
{
return $this->getSecurityHandler()->buildSecurityInformation($this->admin);
}
Expand Down
Loading