如果生成了新的UserGroup,我会创建一个新的RoleSecurityIdentity和ROLE。像:
new RoleSecurityIdentity('ROLE_GROUP-'.$groupName);
如果管理员创建了一个新的对象,例如媒体,他可以将这些组分配给要查看的媒体:
$acl->insertObjectAce($groupSecurityIdentity, MaskBuilder::MASK_VIEW);
现在我遇到了问题,如果我删除了一个组,我不知道如何撤销RoleSecurityIdentity的所有Aces?
是否有现成的功能等?还没找到一些,所以我编码了这个:
$connection = $this->getDoctrine()->getManager()->getConnection();
// find securityIdentity ID
$secIdSearch = $connection->prepare('select * from acl_security_identities where identifier = "'.$groupRole.'"');
$secIdSearch->execute();
$secIdFetch = $secIdSearch->fetch();
$securityIdentitiyId = $secIdFetch['id'];
if($securityIdentitiyId):
// Delete all connected Object Entities for this RoleIdentitiys
$connection->prepare('DELETE FROM acl_entries where security_identity_id ='.$securityIdentitiyId)->execute();
// Remove the Role Identitiy itself.
$connection->prepare('DELETE FROM acl_security_identities where id ='.$securityIdentitiyId)->execute();
endif;
它不仅看起来很脏,如果我想在一个对象上保存一个新的ACL我删除了Ace,我得到了
Notice: Undefined offset: 6 in /../../Acl/Dbal/MutableAclProvider.php line 842
因为ace_order不正确。
是否已有解决方案? 或者我必须走自己的路,不得不重新订购Aces?
答案 0 :(得分:0)
测试一下:
public function myDeleteAce($securityIdentity, $acl,$entity){
foreach($acl->getObjectAces() as $index => $ace) {
if($securityIdentity->equals($ace->getSecurityIdentity())) {
if (count($acl->getObjectAces())== 1){
$objectIdentity = ObjectIdentity::fromDomainObject($entity);
$this->provider->deleteAcl($objectIdentity);
$response = ('No more ACE, So ACL deleted');
}else{
$acl->deleteObjectAce($index);
$this->provider->updateAcl($acl);
$response = ('Rights deleted !');
}
}
}
return $response;
}
我希望这可以帮到你