88 lines
3.1 KiB
PHP
88 lines
3.1 KiB
PHP
<?php
|
|
|
|
/**
|
|
* This file is part of the PropelBundle package.
|
|
* For the full copyright and license information, please view the LICENSE
|
|
* file that was distributed with this source code.
|
|
*
|
|
* @license MIT License
|
|
*/
|
|
|
|
namespace Propel\Bundle\PropelBundle\Model\Acl;
|
|
|
|
use Propel\Bundle\PropelBundle\Model\Acl\Base\SecurityIdentity as BaseSecurityIdentity;
|
|
|
|
use Propel\Runtime\Connection\ConnectionInterface;
|
|
|
|
use Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity;
|
|
use Symfony\Component\Security\Acl\Domain\UserSecurityIdentity;
|
|
use Symfony\Component\Security\Acl\Model\SecurityIdentityInterface;
|
|
|
|
class SecurityIdentity extends BaseSecurityIdentity
|
|
{
|
|
/**
|
|
* Transform a given mode security identity into an ACL related SecurityIdentity.
|
|
*
|
|
* @param \Propel\Bundle\PropelBundle\Model\Acl\SecurityIdentity $securityIdentity
|
|
*
|
|
* @return \Symfony\Component\Security\Acl\Model\SecurityIdentityInterface
|
|
*/
|
|
public static function toAclIdentity(SecurityIdentity $securityIdentity)
|
|
{
|
|
$identifier = $securityIdentity->getIdentifier();
|
|
|
|
if ($securityIdentity->getUsername()) {
|
|
if (false === strpos($identifier, '-')) {
|
|
throw new \InvalidArgumentException('The given identifier does not resolve to a UserSecurityIdentity.');
|
|
}
|
|
|
|
list($class, $username) = explode('-', $identifier, 2);
|
|
|
|
return new UserSecurityIdentity($username, $class);
|
|
}
|
|
|
|
if (0 === strpos($identifier, 'ROLE_') or 0 === strpos($identifier, 'IS_AUTHENTICATED_')) {
|
|
return new RoleSecurityIdentity($identifier);
|
|
}
|
|
|
|
throw new \InvalidArgumentException('The security identity does not resolve to either UserSecurityIdentity or RoleSecurityIdentity.');
|
|
}
|
|
|
|
/**
|
|
* Transform a given ACL security identity into a SecurityIdentity model.
|
|
*
|
|
* If there is no model entry given, a new one will be created and saved to the database.
|
|
*
|
|
* @throws \InvalidArgumentException
|
|
*
|
|
* @param \Symfony\Component\Security\Acl\Model\SecurityIdentityInterface $aclIdentity
|
|
* @param ConnectionInterface $con
|
|
*
|
|
* @return \Propel\Bundle\PropelBundle\Model\Acl\SecurityIdentity
|
|
*/
|
|
public static function fromAclIdentity(SecurityIdentityInterface $aclIdentity, ConnectionInterface $con = null)
|
|
{
|
|
if ($aclIdentity instanceof UserSecurityIdentity) {
|
|
$identifier = $aclIdentity->getClass().'-'.$aclIdentity->getUsername();
|
|
$username = true;
|
|
} elseif ($aclIdentity instanceof RoleSecurityIdentity) {
|
|
$identifier = $aclIdentity->getRole();
|
|
$username = false;
|
|
} else {
|
|
throw new \InvalidArgumentException('The ACL identity must either be an instance of UserSecurityIdentity or RoleSecurityIdentity.');
|
|
}
|
|
|
|
$obj = SecurityIdentityQuery::create()
|
|
->filterByIdentifier($identifier)
|
|
->filterByUsername($username)
|
|
->findOneOrCreate($con)
|
|
;
|
|
|
|
if ($obj->isNew()) {
|
|
$obj->save($con);
|
|
}
|
|
|
|
return $obj;
|
|
}
|
|
}
|