[Security][Acl] Fix #5787 : Add MutableAclProvider::updateUserSecurityIdentity
This commit is contained in:
parent
c0e4c4a4d1
commit
da53d92188
@ -351,6 +351,17 @@ class MutableAclProvider extends AclProvider implements MutableAclProviderInterf
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Updates a user security identity when the user's username changes
|
||||||
|
*
|
||||||
|
* @param UserSecurityIdentity $usid
|
||||||
|
* @param string $oldUsername
|
||||||
|
*/
|
||||||
|
public function updateUserSecurityIdentity(UserSecurityIdentity $usid, $oldUsername)
|
||||||
|
{
|
||||||
|
$this->connection->executeQuery($this->getUpdateUserSecurityIdentitySql($usid, $oldUsername));
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Constructs the SQL for deleting access control entries.
|
* Constructs the SQL for deleting access control entries.
|
||||||
*
|
*
|
||||||
@ -633,6 +644,31 @@ QUERY;
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Constructs the SQL for updating a user security identity.
|
||||||
|
*
|
||||||
|
* @param UserSecurityIdentity $usid
|
||||||
|
* @param string $oldUsername
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
|
protected function getUpdateUserSecurityIdentitySql(UserSecurityIdentity $usid, $oldUsername)
|
||||||
|
{
|
||||||
|
if ($usid->getUsername() == $oldUsername) {
|
||||||
|
throw new \InvalidArgumentException('There are no changes.');
|
||||||
|
}
|
||||||
|
|
||||||
|
$oldIdentifier = $usid->getClass().'-'.$oldUsername;
|
||||||
|
$newIdentifier = $usid->getClass().'-'.$usid->getUsername();
|
||||||
|
|
||||||
|
return sprintf(
|
||||||
|
'UPDATE %s SET identifier = %s WHERE identifier = %s AND username = %s',
|
||||||
|
$this->options['sid_table_name'],
|
||||||
|
$this->connection->quote($newIdentifier),
|
||||||
|
$this->connection->quote($oldIdentifier),
|
||||||
|
$this->connection->getDatabasePlatform()->convertBooleans(true)
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Constructs the SQL for updating an ACE.
|
* Constructs the SQL for updating an ACE.
|
||||||
*
|
*
|
||||||
|
@ -407,6 +407,36 @@ class MutableAclProviderTest extends \PHPUnit_Framework_TestCase
|
|||||||
$provider->updateAcl($acl);
|
$provider->updateAcl($acl);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testUpdateUserSecurityIdentity()
|
||||||
|
{
|
||||||
|
$provider = $this->getProvider();
|
||||||
|
$acl = $provider->createAcl(new ObjectIdentity(1, 'Foo'));
|
||||||
|
$sid = new UserSecurityIdentity('johannes', 'FooClass');
|
||||||
|
$acl->setEntriesInheriting(!$acl->isEntriesInheriting());
|
||||||
|
|
||||||
|
$acl->insertObjectAce($sid, 1);
|
||||||
|
$acl->insertClassAce($sid, 5, 0, false);
|
||||||
|
$acl->insertObjectAce($sid, 2, 1, true);
|
||||||
|
$acl->insertClassFieldAce('field', $sid, 2, 0, true);
|
||||||
|
$provider->updateAcl($acl);
|
||||||
|
|
||||||
|
$newSid = new UserSecurityIdentity('mathieu', 'FooClass');
|
||||||
|
$provider->updateUserSecurityIdentity($newSid, 'johannes');
|
||||||
|
|
||||||
|
$reloadProvider = $this->getProvider();
|
||||||
|
$reloadedAcl = $reloadProvider->findAcl(new ObjectIdentity(1, 'Foo'));
|
||||||
|
|
||||||
|
$this->assertNotSame($acl, $reloadedAcl);
|
||||||
|
$this->assertSame($acl->isEntriesInheriting(), $reloadedAcl->isEntriesInheriting());
|
||||||
|
|
||||||
|
$aces = $acl->getObjectAces();
|
||||||
|
$reloadedAces = $reloadedAcl->getObjectAces();
|
||||||
|
$this->assertEquals(count($aces), count($reloadedAces));
|
||||||
|
foreach ($reloadedAces as $ace) {
|
||||||
|
$this->assertTrue($ace->getSecurityIdentity()->equals($newSid));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Data must have the following format:
|
* Data must have the following format:
|
||||||
* array(
|
* array(
|
||||||
|
Reference in New Issue
Block a user