gergely/kekrozsak
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Added kekrozsak:security:init command to initialize ACLs

Browse Source 
Maybe it should be done via Doctrine fixtures?

Signed-off-by: Gergely Polonkai <polesz@w00d5t0ck.info>
This commit is contained in:
Polonkai Gergely 2012-08-21 13:35:09 +02:00
parent dcd9842c7d
commit 21366f7f75
1 changed files with 57 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
src/KekRozsak/SecurityBundle/Command/SecurityInitCommand.php Normal file
View File

@ -0,0 +1,57 @@
<?php
namespace KekRozsak\SecurityBundle\Command;
use Symfony\Bundle\FrameworkBundle\Command\ContainerAwareCommand;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity;
use Symfony\Component\Security\Acl\Domain\ObjectIdentity;
use Symfony\Component\Security\Acl\Permission\MaskBuilder;
class SecurityInitCommand extends ContainerAwareCommand
{
private $verbose;
/**
* @see Command
*/
protected function configure()
{
$this
->setName('kekrozsak:security:init')
->setDescription('Initializes ACLs')
->setHelp(<<<EOF
The <info>%command.full_name%</info> command fills up the ACL tables with default ACLs.
<info>php %command.full_name%</info>
ACL lists are currently hard-coded.
EOF
)
;
}
protected function initialize(InputInterface $input, OutputInterface $output)
{
parent::initialize($input, $output);
$this->verbose = $input->getOption('verbose');
}
/**
* @see Command
*/
protected function execute(InputInterface $input, OutputInterface $output)
{
$container = $this->getContainer();
$securityContext = $container->get('security.context');
$aclProvider = $container->get('security.acl.provider');
$securityIdentity = new RoleSecurityIdentity('ADMIN');
$objectIdentity = new ObjectIdentity('class', 'KekRozsak\\FrontBundle\\Entity\\News');
// TODO: Check if the ACL exists, and if so, if it has the same permission mask
$acl = $aclProvider->createAcl($objectIdentity);
$acl->insertObjectAce($securityIdentity, MaskBuilder::MASK_OWNER);
$aclProvider->updateAcl($acl);
}
}