From da53d92188ae1d48313bc9f457c9792cfb33348e Mon Sep 17 00:00:00 2001 From: Mathieu Lemoine Date: Fri, 2 Aug 2013 14:54:25 -0400 Subject: [PATCH] [Security][Acl] Fix #5787 : Add MutableAclProvider::updateUserSecurityIdentity --- .../Security/Acl/Dbal/MutableAclProvider.php | 36 +++++++++++++++++++ .../Acl/Tests/Dbal/MutableAclProviderTest.php | 30 ++++++++++++++++ 2 files changed, 66 insertions(+) diff --git a/src/Symfony/Component/Security/Acl/Dbal/MutableAclProvider.php b/src/Symfony/Component/Security/Acl/Dbal/MutableAclProvider.php index e857c687c3..54bef68142 100644 --- a/src/Symfony/Component/Security/Acl/Dbal/MutableAclProvider.php +++ b/src/Symfony/Component/Security/Acl/Dbal/MutableAclProvider.php @@ -351,6 +351,17 @@ class MutableAclProvider extends AclProvider implements MutableAclProviderInterf } } + /** + * Updates a user security identity when the user's username changes + * + * @param UserSecurityIdentity $usid + * @param string $oldUsername + */ + public function updateUserSecurityIdentity(UserSecurityIdentity $usid, $oldUsername) + { + $this->connection->executeQuery($this->getUpdateUserSecurityIdentitySql($usid, $oldUsername)); + } + /** * Constructs the SQL for deleting access control entries. * @@ -633,6 +644,31 @@ QUERY; ); } + /** + * Constructs the SQL for updating a user security identity. + * + * @param UserSecurityIdentity $usid + * @param string $oldUsername + * @return string + */ + protected function getUpdateUserSecurityIdentitySql(UserSecurityIdentity $usid, $oldUsername) + { + if ($usid->getUsername() == $oldUsername) { + throw new \InvalidArgumentException('There are no changes.'); + } + + $oldIdentifier = $usid->getClass().'-'.$oldUsername; + $newIdentifier = $usid->getClass().'-'.$usid->getUsername(); + + return sprintf( + 'UPDATE %s SET identifier = %s WHERE identifier = %s AND username = %s', + $this->options['sid_table_name'], + $this->connection->quote($newIdentifier), + $this->connection->quote($oldIdentifier), + $this->connection->getDatabasePlatform()->convertBooleans(true) + ); + } + /** * Constructs the SQL for updating an ACE. * diff --git a/src/Symfony/Component/Security/Acl/Tests/Dbal/MutableAclProviderTest.php b/src/Symfony/Component/Security/Acl/Tests/Dbal/MutableAclProviderTest.php index 440f69c422..8c920cf31e 100644 --- a/src/Symfony/Component/Security/Acl/Tests/Dbal/MutableAclProviderTest.php +++ b/src/Symfony/Component/Security/Acl/Tests/Dbal/MutableAclProviderTest.php @@ -407,6 +407,36 @@ class MutableAclProviderTest extends \PHPUnit_Framework_TestCase $provider->updateAcl($acl); } + public function testUpdateUserSecurityIdentity() + { + $provider = $this->getProvider(); + $acl = $provider->createAcl(new ObjectIdentity(1, 'Foo')); + $sid = new UserSecurityIdentity('johannes', 'FooClass'); + $acl->setEntriesInheriting(!$acl->isEntriesInheriting()); + + $acl->insertObjectAce($sid, 1); + $acl->insertClassAce($sid, 5, 0, false); + $acl->insertObjectAce($sid, 2, 1, true); + $acl->insertClassFieldAce('field', $sid, 2, 0, true); + $provider->updateAcl($acl); + + $newSid = new UserSecurityIdentity('mathieu', 'FooClass'); + $provider->updateUserSecurityIdentity($newSid, 'johannes'); + + $reloadProvider = $this->getProvider(); + $reloadedAcl = $reloadProvider->findAcl(new ObjectIdentity(1, 'Foo')); + + $this->assertNotSame($acl, $reloadedAcl); + $this->assertSame($acl->isEntriesInheriting(), $reloadedAcl->isEntriesInheriting()); + + $aces = $acl->getObjectAces(); + $reloadedAces = $reloadedAcl->getObjectAces(); + $this->assertEquals(count($aces), count($reloadedAces)); + foreach ($reloadedAces as $ace) { + $this->assertTrue($ace->getSecurityIdentity()->equals($newSid)); + } + } + /** * Data must have the following format: * array(