The SSH host key has changed on 8 April, 2022 to this one: SHA256:573uTBSeh74kvOo0HJXi5ijdzRm8me27suzNEDlGyrQ

Removed hardcoded role names from code.

Signed-off-by: Gergely Polonkai <polesz@w00d5t0ck.info>
master
Polonkai Gergely 10 years ago
parent f220206de8
commit a8f1f85573
  1. 1710
      app/bootstrap.php.cache
  2. 16
      src/KekRozsak/AdminBundle/Controller/DefaultController.php
  3. 3
      src/KekRozsak/FrontBundle/Controller/ForumController.php
  4. 7
      src/KekRozsak/FrontBundle/Entity/Article.php
  5. 7
      src/KekRozsak/FrontBundle/Entity/ForumTopicGroup.php
  6. 7
      src/KekRozsak/FrontBundle/Entity/Group.php
  7. 7
      src/KekRozsak/FrontBundle/Entity/News.php
  8. 2
      src/KekRozsak/FrontBundle/Resources/views/Forum/topicGroupList.html.twig
  9. 15
      src/KekRozsak/SecurityBundle/Command/SecurityInitCommand.php
  10. 3
      src/KekRozsak/SecurityBundle/Controller/DefaultController.php
  11. 7
      src/KekRozsak/SecurityBundle/Entity/User.php
  12. 18
      src/KekRozsak/SecurityBundle/Resources/views/Default/ajaxUserdata.html.twig

File diff suppressed because it is too large Load Diff

@ -6,8 +6,12 @@ use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
use Symfony\Component\Security\Acl\Domain\ObjectIdentity;
use JMS\DiExtraBundle\Annotation as DI;
use KekRozsak\FrontBundle\Entity\Group;
use KekRozsak\SecurityBundle\Entity\User;
/**
* @Route("/admin")
*/
@ -26,9 +30,12 @@ class DefaultController extends Controller
*/
public function manageRegsAction()
{
if (!$this->$securityContext->isGranted('ROLE_ADMIN')) {
$objectIdentity = new ObjectIdentity(User::ACL_OID, 'KekRozsak\\SecurityBundle\\Entity\\User');
if (!$this->securityContext->isGranted('OWNER', $objectIdentity)) {
throw new AccessDeniedException('Ehhez a művelethez nincs jogosultságod.');
}
$users = $this->getDoctrine()->getEntityManager()->createQuery('SELECT u FROM KekRozsakSecurityBundle:User u WHERE u.acceptedBy IS NULL')->getResult();
$request = $this->getRequest();
@ -59,9 +66,10 @@ class DefaultController extends Controller
{
$user = $this->securityContext->getToken()->getUser();
$request = $this->getRequest();
$objectIdentity = new ObjectIdentity(Group::ACL_OID, 'KekRozsak\\FrontBundle\\Entity\\Group');
$groupRepo = $this->getDoctrine()->getRepository('KekRozsakFrontBundle:Group');
$groupRepo = $this->getDoctrine()->getRepository('KekRozsakFrontBundle:Group');
if ($this->securityContext->isGranted('ROLE_ADMIN') === false) {
if (!$this->securityContext->isGranted('OWNER', $objectIdentity)) {
$myGroups = $groupRepo->findByLeader($user);
} else {
$myGroups = $groupRepo->findAll();
@ -75,7 +83,7 @@ class DefaultController extends Controller
if ($aUser && $aGroup) {
if (
($aGroup->getLeader() == $user)
|| $this->securityContext->isGranted('ROLE_ADMIN')
|| $this->securityContext->isGranted('OWNER', $objectIdentity)
) {
$membershipRepo = $this->getDoctrine()->getRepository('KekRozsakFrontBundle:UserGroupMembership');
$membershipObject = $membershipRepo->findOneBy(array('user' => $aUser, 'group' => $aGroup));

@ -8,6 +8,7 @@ use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\ParamConverter;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Acl\Domain\ObjectIdentity;
use KekRozsak\FrontBundle\Entity\ForumTopicGroup;
use KekRozsak\FrontBundle\Entity\ForumTopic;
@ -29,6 +30,7 @@ class ForumController extends Controller
*/
public function topicGroupListAction()
{
$topicGroupOid = new ObjectIdentity(ForumTopicGroup::ACL_OID, 'KekRozsak\\FrontBundle\\Entity\\ForumTopicGroup');
$groupRepo = $this->getDoctrine()->getRepository('KekRozsakFrontBundle:ForumTopicGroup');
$request = $this->getRequest();
$newTopicGroup = new ForumTopicGroup();
@ -61,6 +63,7 @@ class ForumController extends Controller
return array(
'topicGroups' => $topicGroups,
'newTopicGroupForm' => $newTopicGroupForm->createView(),
'oid' => $topicGroupOid,
);
}

@ -12,6 +12,13 @@ use KekRozsak\SecurityBundle\Entity\User;
*/
class Article
{
/**
* The ACL class OID for this class
*
* @const ACL_OID
*/
const ACL_OID = 'articleClass';
/**
* The ID of the Article
*

@ -18,6 +18,13 @@ use KekRozsak\SecurityBundle\Entity\User;
*/
class ForumTopicGroup
{
/**
* The ACL class OID for this class
*
* @const ACL_OID
*/
const ACL_OID = 'forumTopicGroupClass';
public function __construct()
{
$this->topics = new ArrayCollection();

@ -19,6 +19,13 @@ use KekRozsak\FrontBundle\Entity\Document;
*/
class Group
{
/**
* The ACL class OID for this class
*
* @const ACL_OID
*/
const ACL_OID = 'groupClass';
public function __construct()
{
$this->members = new ArrayCollection();

@ -12,6 +12,13 @@ use KekRozsak\SecurityBundle\Entity\User;
*/
class News
{
/**
* The ACL class OID for this class
*
* @const ACL_OID
*/
const ACL_OID = 'newsClass';
public function __construct()
{
$this->public = false;

@ -7,7 +7,7 @@
{% block content %}
<h3>Fórum</h3>
{% if is_granted('ROLE_ADMIN') %}
{% if is_granted('OWNER', oid) %}
<span class="gomb" id="new-topic-group-button">[Új témakör]</span><br />
<div id="new-topic-group">
{# TODO: make this an AJAX form #}

@ -47,14 +47,21 @@ EOF
$securityContext = $container->get('security.context');
$aclProvider = $container->get('security.acl.provider');
$roleRepo = $container->get('doctrine')->getRepository('KekRozsakSecurityBundle:Role');
$adminRole = $roleRepo->findOneByName('ROLE_ADMIN');
$classNames = array(
'newsClass' => 'KekRozsak\\FrontBundle\\Entity\\News',
'articlesClass' => 'KekRozsak\\FrontBundle\\Entity\\Articles',
'KekRozsak\\FrontBundle\\Entity\\News',
'KekRozsak\\FrontBundle\\Entity\\Article',
'KekRozsak\\FrontBundle\\Entity\\Group',
'KekRozsak\\FrontBundle\\Entity\\ForumTopicGroup',
'KekRozsak\\SecurityBundle\\Entity\\User',
);
$securityIdentity = new RoleSecurityIdentity('ROLE_ADMIN');
foreach ($classNames as $id => $className) {
$securityIdentity = new RoleSecurityIdentity($adminRole);
foreach ($classNames as $className) {
$id = $className::ACL_OID;
$objectIdentity = new ObjectIdentity($id, $className);
try {
$acl = $aclProvider->findAcl($objectIdentity, array($securityIdentity));

@ -9,6 +9,7 @@ use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\ParamConverter;
use Symfony\Component\Security\Core\SecurityContext;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Acl\Domain\ObjectIdentity;
use KekRozsak\SecurityBundle\Entity\User;
use KekRozsak\SecurityBundle\Form\Type\UserType;
@ -146,7 +147,9 @@ class DefaultController extends Controller
*/
public function ajaxUserdataAction(User $user)
{
$userOid = new ObjectIdentity(User::ACL_OID, get_class($user));
return array(
'oid' => $userOid,
'user' => $user,
);
}

@ -23,6 +23,13 @@ use KekRozsak\SecurityBundle\Entity\Role;
*/
class User implements UserInterface, AdvancedUserInterface
{
/**
* The ACL class OID for this class
*
* @const ACL_OID
*/
const ACL_OID = 'userClass';
public function __construct()
{
$this->groups = new ArrayCollection();

@ -6,25 +6,25 @@
</head>
<body>
<strong>Tagság kezdete</strong>: {{ user.registeredAt|date('Y-m-d') }}<br />
{% if is_granted('ROLE_ADMIN') %}
{% if is_granted('OWNER', oid) %}
<strong>Felhasználónév</strong>: {{ user.username }}<br />
{% endif %}
{% if is_granted('ROLE_ADMIN') or (user.userData and user.userData.emailPublic) %}
{% if is_granted('OWNER', oid) or (user.userData and user.userData.emailPublic) %}
<strong>E-mail</strong>: {{ user.email }}<br />
{% endif %}
{% if user.userData and (is_granted('ROLE_ADMIN') or (user.userData.realNamePublic and (user.userData.realName == ''))) %}
{% if user.userData and (is_granted('OWNER', oid) or (user.userData.realNamePublic and (user.userData.realName == ''))) %}
<strong>Valódi név</strong>: {{ user.userData.realName }}<br />
{% endif %}
{% if user.userData and user.userData.msnAddress != '' and (is_granted('ROLE_ADMIN') or user.userData.msnAddressPublic) %}
{% if user.userData and user.userData.msnAddress != '' and (is_granted('OWNER', oid) or user.userData.msnAddressPublic) %}
<strong>MSN cím</strong>: {{ user.userData.msnAddress }}<br />
{% endif %}
{% if user.userData and user.userData.googleTalk != '' and (is_granted('ROLE_ADMIN') or user.userData.googleTalkPublic) %}
{% if user.userData and user.userData.googleTalk != '' and (is_granted('OWNER', oid) or user.userData.googleTalkPublic) %}
<strong>Google Talk cím</strong>: {{ user.userData.googleTalk }}<br />
{% endif %}
{% if user.userData and user.userData.skype != '' and (is_granted('ROLE_ADMIN') or user.userData.skypePublic) %}
{% if user.userData and user.userData.skype != '' and (is_granted('OWNER', oid) or user.userData.skypePublic) %}
<strong>Skype név</strong>: {{ user.userData.skype}}<br />
{% endif %}
{% if user.userData and user.userData.phoneNumber != '' and (is_granted('ROLE_ADMIN') or user.userData.phoneNumberPublic) %}
{% if user.userData and user.userData.phoneNumber != '' and (is_granted('OWNER', oid) or user.userData.phoneNumberPublic) %}
<strong>Telefonszám</strong>: {{ user.userData.phoneNumber }}<br />
{% endif %}
{% if user.userData and user.userData.selfDescription != '' %}
@ -34,7 +34,7 @@
<strong>Csoportok</strong>:<br />
{% set groupCount = 0 %}
{% for group in user.allGroups %}
{#% if is_granted('ROLE_ADMIN') or group.isMember(app.user) or group.open %#}
{#% if is_granted('OWNER', oid) or group.isMember(app.user) or group.open %#}
{% set groupCount = groupCount + 1 %}
{{ group.name }}<br />
{#% endif %#}
@ -42,7 +42,7 @@
{% if groupCount == 0 %}
Egy csoportnak sem tagja.<br />
{% endif %}
{% if is_granted('ROLE_ADMIN') %}
{% if is_granted('OWNER', oid) %}
<strong>Jóváhagyta</strong>: {{ user.acceptedBy.displayName }}<br />
<strong>Utolsó bejelentkezés</strong>: {{ user.lastLoginAt|date('Y-m-d H:i') }}<br />
<strong>Jogok</strong>:<br />

Loading…
Cancel
Save