Symfony2 SecurityIdentity和ACE删除

时间:2013-03-15 18:35:10

标签: php symfony acl

如果生成了新的UserGroup,我会创建一个新的RoleSecurityIdentity和ROLE。像:

new RoleSecurityIdentity('ROLE_GROUP-'.$groupName);

如果管理员创建了一个新的对象,例如媒体,他可以将这些组分配给要查看的媒体:

$acl->insertObjectAce($groupSecurityIdentity, MaskBuilder::MASK_VIEW);

现在我遇到了问题,如果我删除了一个组,我不知道如何撤销RoleSecurityIdentity的所有Aces?

是否有现成的功能等?还没找到一些,所以我编码了这个:

 $connection = $this->getDoctrine()->getManager()->getConnection();
 // find securityIdentity ID
 $secIdSearch = $connection->prepare('select * from acl_security_identities where identifier = "'.$groupRole.'"');
 $secIdSearch->execute();
 $secIdFetch = $secIdSearch->fetch();
 $securityIdentitiyId = $secIdFetch['id'];

 if($securityIdentitiyId):
      // Delete all connected Object Entities for this RoleIdentitiys
  $connection->prepare('DELETE FROM acl_entries where security_identity_id ='.$securityIdentitiyId)->execute();
      // Remove the Role Identitiy itself. 
  $connection->prepare('DELETE FROM acl_security_identities where id ='.$securityIdentitiyId)->execute();
 endif;

它不仅看起来很脏,如果我想在一个对象上保存一个新的ACL我删除了Ace,我得到了

 Notice: Undefined offset: 6 in  /../../Acl/Dbal/MutableAclProvider.php line 842

因为ace_order不正确。

是否已有解决方案? 或者我必须走自己的路,不得不重新订购Aces?

1 个答案:

答案 0 :(得分:0)

测试一下:

public function myDeleteAce($securityIdentity, $acl,$entity){
    foreach($acl->getObjectAces() as $index => $ace) {

        if($securityIdentity->equals($ace->getSecurityIdentity())) {
                if (count($acl->getObjectAces())== 1){
                    $objectIdentity = ObjectIdentity::fromDomainObject($entity);
                    $this->provider->deleteAcl($objectIdentity);
                    $response = ('No more ACE, So ACL deleted');
                }else{
                    $acl->deleteObjectAce($index);
                    $this->provider->updateAcl($acl);
                    $response = ('Rights deleted !');
                }



        }  



            }
    return $response;
}

我希望这可以帮到你