Removed hardcoded role names from code.
Signed-off-by: Gergely Polonkai <polesz@w00d5t0ck.info>
This commit is contained in:
parent
f220206de8
commit
a8f1f85573
File diff suppressed because it is too large
Load Diff
@ -6,8 +6,12 @@ use Symfony\Bundle\FrameworkBundle\Controller\Controller;
|
||||
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
|
||||
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
|
||||
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
|
||||
use Symfony\Component\Security\Acl\Domain\ObjectIdentity;
|
||||
use JMS\DiExtraBundle\Annotation as DI;
|
||||
|
||||
use KekRozsak\FrontBundle\Entity\Group;
|
||||
use KekRozsak\SecurityBundle\Entity\User;
|
||||
|
||||
/**
|
||||
* @Route("/admin")
|
||||
*/
|
||||
@ -26,9 +30,12 @@ class DefaultController extends Controller
|
||||
*/
|
||||
public function manageRegsAction()
|
||||
{
|
||||
if (!$this->$securityContext->isGranted('ROLE_ADMIN')) {
|
||||
$objectIdentity = new ObjectIdentity(User::ACL_OID, 'KekRozsak\\SecurityBundle\\Entity\\User');
|
||||
|
||||
if (!$this->securityContext->isGranted('OWNER', $objectIdentity)) {
|
||||
throw new AccessDeniedException('Ehhez a művelethez nincs jogosultságod.');
|
||||
}
|
||||
|
||||
$users = $this->getDoctrine()->getEntityManager()->createQuery('SELECT u FROM KekRozsakSecurityBundle:User u WHERE u.acceptedBy IS NULL')->getResult();
|
||||
$request = $this->getRequest();
|
||||
|
||||
@ -59,9 +66,10 @@ class DefaultController extends Controller
|
||||
{
|
||||
$user = $this->securityContext->getToken()->getUser();
|
||||
$request = $this->getRequest();
|
||||
|
||||
$objectIdentity = new ObjectIdentity(Group::ACL_OID, 'KekRozsak\\FrontBundle\\Entity\\Group');
|
||||
$groupRepo = $this->getDoctrine()->getRepository('KekRozsakFrontBundle:Group');
|
||||
if ($this->securityContext->isGranted('ROLE_ADMIN') === false) {
|
||||
|
||||
if (!$this->securityContext->isGranted('OWNER', $objectIdentity)) {
|
||||
$myGroups = $groupRepo->findByLeader($user);
|
||||
} else {
|
||||
$myGroups = $groupRepo->findAll();
|
||||
@ -75,7 +83,7 @@ class DefaultController extends Controller
|
||||
if ($aUser && $aGroup) {
|
||||
if (
|
||||
($aGroup->getLeader() == $user)
|
||||
|| $this->securityContext->isGranted('ROLE_ADMIN')
|
||||
|| $this->securityContext->isGranted('OWNER', $objectIdentity)
|
||||
) {
|
||||
$membershipRepo = $this->getDoctrine()->getRepository('KekRozsakFrontBundle:UserGroupMembership');
|
||||
$membershipObject = $membershipRepo->findOneBy(array('user' => $aUser, 'group' => $aGroup));
|
||||
|
@ -8,6 +8,7 @@ use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method;
|
||||
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
|
||||
use Sensio\Bundle\FrameworkExtraBundle\Configuration\ParamConverter;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Symfony\Component\Security\Acl\Domain\ObjectIdentity;
|
||||
|
||||
use KekRozsak\FrontBundle\Entity\ForumTopicGroup;
|
||||
use KekRozsak\FrontBundle\Entity\ForumTopic;
|
||||
@ -29,6 +30,7 @@ class ForumController extends Controller
|
||||
*/
|
||||
public function topicGroupListAction()
|
||||
{
|
||||
$topicGroupOid = new ObjectIdentity(ForumTopicGroup::ACL_OID, 'KekRozsak\\FrontBundle\\Entity\\ForumTopicGroup');
|
||||
$groupRepo = $this->getDoctrine()->getRepository('KekRozsakFrontBundle:ForumTopicGroup');
|
||||
$request = $this->getRequest();
|
||||
$newTopicGroup = new ForumTopicGroup();
|
||||
@ -61,6 +63,7 @@ class ForumController extends Controller
|
||||
return array(
|
||||
'topicGroups' => $topicGroups,
|
||||
'newTopicGroupForm' => $newTopicGroupForm->createView(),
|
||||
'oid' => $topicGroupOid,
|
||||
);
|
||||
}
|
||||
|
||||
|
@ -12,6 +12,13 @@ use KekRozsak\SecurityBundle\Entity\User;
|
||||
*/
|
||||
class Article
|
||||
{
|
||||
/**
|
||||
* The ACL class OID for this class
|
||||
*
|
||||
* @const ACL_OID
|
||||
*/
|
||||
const ACL_OID = 'articleClass';
|
||||
|
||||
/**
|
||||
* The ID of the Article
|
||||
*
|
||||
|
@ -18,6 +18,13 @@ use KekRozsak\SecurityBundle\Entity\User;
|
||||
*/
|
||||
class ForumTopicGroup
|
||||
{
|
||||
/**
|
||||
* The ACL class OID for this class
|
||||
*
|
||||
* @const ACL_OID
|
||||
*/
|
||||
const ACL_OID = 'forumTopicGroupClass';
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
$this->topics = new ArrayCollection();
|
||||
|
@ -19,6 +19,13 @@ use KekRozsak\FrontBundle\Entity\Document;
|
||||
*/
|
||||
class Group
|
||||
{
|
||||
/**
|
||||
* The ACL class OID for this class
|
||||
*
|
||||
* @const ACL_OID
|
||||
*/
|
||||
const ACL_OID = 'groupClass';
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
$this->members = new ArrayCollection();
|
||||
|
@ -12,6 +12,13 @@ use KekRozsak\SecurityBundle\Entity\User;
|
||||
*/
|
||||
class News
|
||||
{
|
||||
/**
|
||||
* The ACL class OID for this class
|
||||
*
|
||||
* @const ACL_OID
|
||||
*/
|
||||
const ACL_OID = 'newsClass';
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
$this->public = false;
|
||||
|
@ -7,7 +7,7 @@
|
||||
|
||||
{% block content %}
|
||||
<h3>Fórum</h3>
|
||||
{% if is_granted('ROLE_ADMIN') %}
|
||||
{% if is_granted('OWNER', oid) %}
|
||||
<span class="gomb" id="new-topic-group-button">[Új témakör]</span><br />
|
||||
<div id="new-topic-group">
|
||||
{# TODO: make this an AJAX form #}
|
||||
|
@ -47,14 +47,21 @@ EOF
|
||||
|
||||
$securityContext = $container->get('security.context');
|
||||
$aclProvider = $container->get('security.acl.provider');
|
||||
$roleRepo = $container->get('doctrine')->getRepository('KekRozsakSecurityBundle:Role');
|
||||
$adminRole = $roleRepo->findOneByName('ROLE_ADMIN');
|
||||
|
||||
$classNames = array(
|
||||
'newsClass' => 'KekRozsak\\FrontBundle\\Entity\\News',
|
||||
'articlesClass' => 'KekRozsak\\FrontBundle\\Entity\\Articles',
|
||||
'KekRozsak\\FrontBundle\\Entity\\News',
|
||||
'KekRozsak\\FrontBundle\\Entity\\Article',
|
||||
'KekRozsak\\FrontBundle\\Entity\\Group',
|
||||
'KekRozsak\\FrontBundle\\Entity\\ForumTopicGroup',
|
||||
'KekRozsak\\SecurityBundle\\Entity\\User',
|
||||
);
|
||||
|
||||
$securityIdentity = new RoleSecurityIdentity('ROLE_ADMIN');
|
||||
foreach ($classNames as $id => $className) {
|
||||
$securityIdentity = new RoleSecurityIdentity($adminRole);
|
||||
foreach ($classNames as $className) {
|
||||
$id = $className::ACL_OID;
|
||||
|
||||
$objectIdentity = new ObjectIdentity($id, $className);
|
||||
try {
|
||||
$acl = $aclProvider->findAcl($objectIdentity, array($securityIdentity));
|
||||
|
@ -9,6 +9,7 @@ use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
|
||||
use Sensio\Bundle\FrameworkExtraBundle\Configuration\ParamConverter;
|
||||
use Symfony\Component\Security\Core\SecurityContext;
|
||||
use Symfony\Component\Security\Core\User\UserInterface;
|
||||
use Symfony\Component\Security\Acl\Domain\ObjectIdentity;
|
||||
|
||||
use KekRozsak\SecurityBundle\Entity\User;
|
||||
use KekRozsak\SecurityBundle\Form\Type\UserType;
|
||||
@ -146,7 +147,9 @@ class DefaultController extends Controller
|
||||
*/
|
||||
public function ajaxUserdataAction(User $user)
|
||||
{
|
||||
$userOid = new ObjectIdentity(User::ACL_OID, get_class($user));
|
||||
return array(
|
||||
'oid' => $userOid,
|
||||
'user' => $user,
|
||||
);
|
||||
}
|
||||
|
@ -23,6 +23,13 @@ use KekRozsak\SecurityBundle\Entity\Role;
|
||||
*/
|
||||
class User implements UserInterface, AdvancedUserInterface
|
||||
{
|
||||
/**
|
||||
* The ACL class OID for this class
|
||||
*
|
||||
* @const ACL_OID
|
||||
*/
|
||||
const ACL_OID = 'userClass';
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
$this->groups = new ArrayCollection();
|
||||
|
@ -6,25 +6,25 @@
|
||||
</head>
|
||||
<body>
|
||||
<strong>Tagság kezdete</strong>: {{ user.registeredAt|date('Y-m-d') }}<br />
|
||||
{% if is_granted('ROLE_ADMIN') %}
|
||||
{% if is_granted('OWNER', oid) %}
|
||||
<strong>Felhasználónév</strong>: {{ user.username }}<br />
|
||||
{% endif %}
|
||||
{% if is_granted('ROLE_ADMIN') or (user.userData and user.userData.emailPublic) %}
|
||||
{% if is_granted('OWNER', oid) or (user.userData and user.userData.emailPublic) %}
|
||||
<strong>E-mail</strong>: {{ user.email }}<br />
|
||||
{% endif %}
|
||||
{% if user.userData and (is_granted('ROLE_ADMIN') or (user.userData.realNamePublic and (user.userData.realName == ''))) %}
|
||||
{% if user.userData and (is_granted('OWNER', oid) or (user.userData.realNamePublic and (user.userData.realName == ''))) %}
|
||||
<strong>Valódi név</strong>: {{ user.userData.realName }}<br />
|
||||
{% endif %}
|
||||
{% if user.userData and user.userData.msnAddress != '' and (is_granted('ROLE_ADMIN') or user.userData.msnAddressPublic) %}
|
||||
{% if user.userData and user.userData.msnAddress != '' and (is_granted('OWNER', oid) or user.userData.msnAddressPublic) %}
|
||||
<strong>MSN cím</strong>: {{ user.userData.msnAddress }}<br />
|
||||
{% endif %}
|
||||
{% if user.userData and user.userData.googleTalk != '' and (is_granted('ROLE_ADMIN') or user.userData.googleTalkPublic) %}
|
||||
{% if user.userData and user.userData.googleTalk != '' and (is_granted('OWNER', oid) or user.userData.googleTalkPublic) %}
|
||||
<strong>Google Talk cím</strong>: {{ user.userData.googleTalk }}<br />
|
||||
{% endif %}
|
||||
{% if user.userData and user.userData.skype != '' and (is_granted('ROLE_ADMIN') or user.userData.skypePublic) %}
|
||||
{% if user.userData and user.userData.skype != '' and (is_granted('OWNER', oid) or user.userData.skypePublic) %}
|
||||
<strong>Skype név</strong>: {{ user.userData.skype}}<br />
|
||||
{% endif %}
|
||||
{% if user.userData and user.userData.phoneNumber != '' and (is_granted('ROLE_ADMIN') or user.userData.phoneNumberPublic) %}
|
||||
{% if user.userData and user.userData.phoneNumber != '' and (is_granted('OWNER', oid) or user.userData.phoneNumberPublic) %}
|
||||
<strong>Telefonszám</strong>: {{ user.userData.phoneNumber }}<br />
|
||||
{% endif %}
|
||||
{% if user.userData and user.userData.selfDescription != '' %}
|
||||
@ -34,7 +34,7 @@
|
||||
<strong>Csoportok</strong>:<br />
|
||||
{% set groupCount = 0 %}
|
||||
{% for group in user.allGroups %}
|
||||
{#% if is_granted('ROLE_ADMIN') or group.isMember(app.user) or group.open %#}
|
||||
{#% if is_granted('OWNER', oid) or group.isMember(app.user) or group.open %#}
|
||||
{% set groupCount = groupCount + 1 %}
|
||||
{{ group.name }}<br />
|
||||
{#% endif %#}
|
||||
@ -42,7 +42,7 @@
|
||||
{% if groupCount == 0 %}
|
||||
Egy csoportnak sem tagja.<br />
|
||||
{% endif %}
|
||||
{% if is_granted('ROLE_ADMIN') %}
|
||||
{% if is_granted('OWNER', oid) %}
|
||||
<strong>Jóváhagyta</strong>: {{ user.acceptedBy.displayName }}<br />
|
||||
<strong>Utolsó bejelentkezés</strong>: {{ user.lastLoginAt|date('Y-m-d H:i') }}<br />
|
||||
<strong>Jogok</strong>:<br />
|
||||
|
Loading…
Reference in New Issue
Block a user