diff options
Diffstat (limited to 'Acl')
| -rw-r--r-- | Acl/Dbal/AclProvider.php | 42 | ||||
| -rw-r--r-- | Acl/Dbal/MutableAclProvider.php | 2 | ||||
| -rw-r--r-- | Acl/Domain/AclCollectionCache.php | 4 | ||||
| -rw-r--r-- | Acl/Domain/DoctrineAclCache.php | 2 | ||||
| -rw-r--r-- | Acl/Domain/ObjectIdentity.php | 4 | ||||
| -rw-r--r-- | Acl/Domain/PermissionGrantingStrategy.php | 17 | ||||
| -rw-r--r-- | Acl/Domain/UserSecurityIdentity.php | 2 | ||||
| -rw-r--r-- | Acl/Model/AclProviderInterface.php | 17 | ||||
| -rw-r--r-- | Acl/Model/MutableAclInterface.php | 1 | ||||
| -rw-r--r-- | Acl/Model/SecurityIdentityRetrievalStrategyInterface.php | 3 | ||||
| -rw-r--r-- | Acl/Permission/MaskBuilder.php | 8 | ||||
| -rw-r--r-- | Acl/Resources/bin/generateSql.php | 8 | ||||
| -rw-r--r-- | Acl/Voter/AclVoter.php | 2 |
13 files changed, 83 insertions, 29 deletions
diff --git a/Acl/Dbal/AclProvider.php b/Acl/Dbal/AclProvider.php index ada4f22..6f47231 100644 --- a/Acl/Dbal/AclProvider.php +++ b/Acl/Dbal/AclProvider.php @@ -258,16 +258,40 @@ SELECTCLAUSE; WHERE ( SELECTCLAUSE; - $where = '(o.object_identifier = %s AND c.class_type = %s)'; - for ($i=0,$c=count($batch); $i<$c; $i++) { + $types = array(); + $count = count($batch); + for ($i = 0; $i < $count; $i++) { + if (!isset($types[$batch[$i]->getType()])) { + $types[$batch[$i]->getType()] = true; + if ($count > 1) { + break; + } + } + } + + if (1 === count($types)) { + $ids = array(); + for ($i = 0; $i < $count; $i++) { + $ids[] = $this->connection->quote($batch[$i]->getIdentifier()); + } + $sql .= sprintf( - $where, - $this->connection->quote($batch[$i]->getIdentifier()), - $this->connection->quote($batch[$i]->getType()) + '(o.object_identifier IN (%s) AND c.class_type = %s)', + implode(',', $ids), + $this->connection->quote($batch[0]->getType()) ); - - if ($i+1 < $c) { - $sql .= ' OR '; + } else { + $where = '(o.object_identifier = %s AND c.class_type = %s)'; + for ($i = 0; $i < $count; $i++) { + $sql .= sprintf( + $where, + $this->connection->quote($batch[$i]->getIdentifier()), + $this->connection->quote($batch[$i]->getType()) + ); + + if ($i+1 < $count) { + $sql .= ' OR '; + } } } @@ -417,6 +441,8 @@ QUERY; * @param array $oidLookup * * @return \SplObjectStorage mapping object identities to ACL instances + * + * @throws AclNotFoundException */ private function lookupObjectIdentities(array $batch, array $sids, array $oidLookup) { diff --git a/Acl/Dbal/MutableAclProvider.php b/Acl/Dbal/MutableAclProvider.php index 9a20f61..0ac4fa7 100644 --- a/Acl/Dbal/MutableAclProvider.php +++ b/Acl/Dbal/MutableAclProvider.php @@ -147,6 +147,8 @@ class MutableAclProvider extends AclProvider implements MutableAclProviderInterf * @param string $propertyName * @param mixed $oldValue * @param mixed $newValue + * + * @throws \InvalidArgumentException */ public function propertyChanged($sender, $propertyName, $oldValue, $newValue) { diff --git a/Acl/Domain/AclCollectionCache.php b/Acl/Domain/AclCollectionCache.php index 88c017c..d3a4b37 100644 --- a/Acl/Domain/AclCollectionCache.php +++ b/Acl/Domain/AclCollectionCache.php @@ -44,8 +44,8 @@ class AclCollectionCache * Batch loads ACLs for an entire collection; thus, it reduces the number * of required queries considerably. * - * @param mixed $collection anything that can be passed to foreach() - * @param array $tokens an array of TokenInterface implementations + * @param mixed $collection anything that can be passed to foreach() + * @param TokenInterface[] $tokens an array of TokenInterface implementations */ public function cache($collection, array $tokens = array()) { diff --git a/Acl/Domain/DoctrineAclCache.php b/Acl/Domain/DoctrineAclCache.php index 731f98c..bfc5452 100644 --- a/Acl/Domain/DoctrineAclCache.php +++ b/Acl/Domain/DoctrineAclCache.php @@ -36,6 +36,8 @@ class DoctrineAclCache implements AclCacheInterface * @param Cache $cache * @param PermissionGrantingStrategyInterface $permissionGrantingStrategy * @param string $prefix + * + * @throws \InvalidArgumentException */ public function __construct(Cache $cache, PermissionGrantingStrategyInterface $permissionGrantingStrategy, $prefix = self::PREFIX) { diff --git a/Acl/Domain/ObjectIdentity.php b/Acl/Domain/ObjectIdentity.php index da98f5e..d7d5f84 100644 --- a/Acl/Domain/ObjectIdentity.php +++ b/Acl/Domain/ObjectIdentity.php @@ -31,6 +31,8 @@ final class ObjectIdentity implements ObjectIdentityInterface * * @param string $identifier * @param string $type + * + * @throws \InvalidArgumentException */ public function __construct($identifier, $type) { @@ -49,7 +51,7 @@ final class ObjectIdentity implements ObjectIdentityInterface * Constructs an ObjectIdentity for the given domain object * * @param object $domainObject - * @throws \InvalidArgumentException + * @throws InvalidDomainObjectException * @return ObjectIdentity */ public static function fromDomainObject($domainObject) diff --git a/Acl/Domain/PermissionGrantingStrategy.php b/Acl/Domain/PermissionGrantingStrategy.php index 09e227c..d505843 100644 --- a/Acl/Domain/PermissionGrantingStrategy.php +++ b/Acl/Domain/PermissionGrantingStrategy.php @@ -16,6 +16,7 @@ use Symfony\Component\Security\Acl\Model\AclInterface; use Symfony\Component\Security\Acl\Model\AuditLoggerInterface; use Symfony\Component\Security\Acl\Model\EntryInterface; use Symfony\Component\Security\Acl\Model\PermissionGrantingStrategyInterface; +use Symfony\Component\Security\Acl\Model\SecurityIdentityInterface; /** * The permission granting strategy to apply to the access control list. @@ -123,12 +124,15 @@ class PermissionGrantingStrategy implements PermissionGrantingStrategyInterface * permission/identity combinations are left. Finally, we will either throw * an NoAceFoundException, or deny access. * - * @param AclInterface $acl - * @param array $aces An array of ACE to check against - * @param array $masks An array of permission masks - * @param array $sids An array of SecurityIdentityInterface implementations - * @param Boolean $administrativeMode True turns off audit logging + * @param AclInterface $acl + * @param EntryInterface[] $aces An array of ACE to check against + * @param array $masks An array of permission masks + * @param SecurityIdentityInterface[] $sids An array of SecurityIdentityInterface implementations + * @param Boolean $administrativeMode True turns off audit logging + * * @return Boolean true, or false; either granting, or denying access respectively. + * + * @throws NoAceFoundException */ private function hasSufficientPermissions(AclInterface $acl, array $aces, array $masks, array $sids, $administrativeMode) { @@ -186,7 +190,10 @@ class PermissionGrantingStrategy implements PermissionGrantingStrategyInterface * * @param integer $requiredMask * @param EntryInterface $ace + * * @return Boolean + * + * @throws \RuntimeException if the ACE strategy is not supported */ private function isAceApplicable($requiredMask, EntryInterface $ace) { diff --git a/Acl/Domain/UserSecurityIdentity.php b/Acl/Domain/UserSecurityIdentity.php index ebb0056..3166a1a 100644 --- a/Acl/Domain/UserSecurityIdentity.php +++ b/Acl/Domain/UserSecurityIdentity.php @@ -31,6 +31,8 @@ final class UserSecurityIdentity implements SecurityIdentityInterface * * @param string $username the username representation * @param string $class the user's fully qualified class name + * + * @throws \InvalidArgumentException */ public function __construct($username, $class) { diff --git a/Acl/Model/AclProviderInterface.php b/Acl/Model/AclProviderInterface.php index bdb40b7..4be49bf 100644 --- a/Acl/Model/AclProviderInterface.php +++ b/Acl/Model/AclProviderInterface.php @@ -23,6 +23,7 @@ interface AclProviderInterface * * @param ObjectIdentityInterface $parentOid * @param Boolean $directChildrenOnly + * * @return array returns an array of child 'ObjectIdentity's */ public function findChildren(ObjectIdentityInterface $parentOid, $directChildrenOnly = false); @@ -30,20 +31,24 @@ interface AclProviderInterface /** * Returns the ACL that belongs to the given object identity * - * @throws AclNotFoundException when there is no ACL - * @param ObjectIdentityInterface $oid - * @param array $sids + * @param ObjectIdentityInterface $oid + * @param SecurityIdentityInterface[] $sids + * * @return AclInterface + * + * @throws AclNotFoundException when there is no ACL */ public function findAcl(ObjectIdentityInterface $oid, array $sids = array()); /** * Returns the ACLs that belong to the given object identities * - * @throws AclNotFoundException when we cannot find an ACL for all identities - * @param array $oids an array of ObjectIdentityInterface implementations - * @param array $sids an array of SecurityIdentityInterface implementations + * @param ObjectIdentityInterface[] $oids an array of ObjectIdentityInterface implementations + * @param SecurityIdentityInterface[] $sids an array of SecurityIdentityInterface implementations + * * @return \SplObjectStorage mapping the passed object identities to ACLs + * + * @throws AclNotFoundException when we cannot find an ACL for all identities */ public function findAcls(array $oids, array $sids = array()); } diff --git a/Acl/Model/MutableAclInterface.php b/Acl/Model/MutableAclInterface.php index 9028aa9..365a779 100644 --- a/Acl/Model/MutableAclInterface.php +++ b/Acl/Model/MutableAclInterface.php @@ -115,7 +115,6 @@ interface MutableAclInterface extends AclInterface * Sets the parent ACL * * @param AclInterface|null $acl - * @return void */ public function setParentAcl(AclInterface $acl = null); diff --git a/Acl/Model/SecurityIdentityRetrievalStrategyInterface.php b/Acl/Model/SecurityIdentityRetrievalStrategyInterface.php index c20f04b..5bb7915 100644 --- a/Acl/Model/SecurityIdentityRetrievalStrategyInterface.php +++ b/Acl/Model/SecurityIdentityRetrievalStrategyInterface.php @@ -28,7 +28,8 @@ interface SecurityIdentityRetrievalStrategyInterface * least specific. * * @param TokenInterface $token - * @return array of SecurityIdentityInterface implementations + * + * @return SecurityIdentityInterface[] An array of SecurityIdentityInterface implementations */ public function getSecurityIdentities(TokenInterface $token); } diff --git a/Acl/Permission/MaskBuilder.php b/Acl/Permission/MaskBuilder.php index df1fa7c..017e7c0 100644 --- a/Acl/Permission/MaskBuilder.php +++ b/Acl/Permission/MaskBuilder.php @@ -73,6 +73,8 @@ class MaskBuilder * Constructor * * @param integer $mask optional; defaults to 0 + * + * @throws \InvalidArgumentException */ public function __construct($mask = 0) { @@ -87,7 +89,10 @@ class MaskBuilder * Adds a mask to the permission * * @param mixed $mask + * * @return MaskBuilder + * + * @throws \InvalidArgumentException */ public function add($mask) { @@ -140,7 +145,10 @@ class MaskBuilder * Removes a mask from the permission * * @param mixed $mask + * * @return MaskBuilder + * + * @throws \InvalidArgumentException */ public function remove($mask) { diff --git a/Acl/Resources/bin/generateSql.php b/Acl/Resources/bin/generateSql.php index d65874b..4a5ca05 100644 --- a/Acl/Resources/bin/generateSql.php +++ b/Acl/Resources/bin/generateSql.php @@ -9,14 +9,14 @@ * file that was distributed with this source code. */ -require_once __DIR__.'/../../../../ClassLoader/UniversalClassLoader.php'; +require_once __DIR__.'/../../../../ClassLoader/ClassLoader.php'; -use Symfony\Component\ClassLoader\UniversalClassLoader; +use Symfony\Component\ClassLoader\ClassLoader; use Symfony\Component\Finder\Finder; use Symfony\Component\Security\Acl\Dbal\Schema; -$loader = new UniversalClassLoader(); -$loader->registerNamespaces(array( +$loader = new ClassLoader(); +$loader->addPrefixes(array( 'Symfony' => __DIR__.'/../../../../../..', 'Doctrine\\Common' => __DIR__.'/../../../../../../../vendor/doctrine-common/lib', 'Doctrine\\DBAL\\Migrations' => __DIR__.'/../../../../../../../vendor/doctrine-migrations/lib', diff --git a/Acl/Voter/AclVoter.php b/Acl/Voter/AclVoter.php index 456c434..5e9aee6 100644 --- a/Acl/Voter/AclVoter.php +++ b/Acl/Voter/AclVoter.php @@ -11,7 +11,7 @@ namespace Symfony\Component\Security\Acl\Voter; -use Symfony\Component\HttpKernel\Log\LoggerInterface; +use Psr\Log\LoggerInterface; use Symfony\Component\Security\Acl\Exception\NoAceFoundException; use Symfony\Component\Security\Acl\Exception\AclNotFoundException; use Symfony\Component\Security\Acl\Model\AclProviderInterface; |