如果生成新的UserGroup,则创建新的RoleSecurityIdentity和ROLE。如:
new RoleSecurityIdentity('ROLE_GROUP-'.$groupName);
如果管理员创建了一个新对象,比如一个媒体,他可以将组分配给要查看的媒体:
$acl->insertObjectAce($groupSecurityIdentity, MaskBuilder::MASK_VIEW);
现在我有问题,我不知道如何撤销所有的王牌的RoleSecurityIdentity,如果我删除一个组?
是否有现成的函数等?还没有找到,所以我编写如下代码:
$connection = $this->getDoctrine()->getManager()->getConnection();
// find securityIdentity ID
$secIdSearch = $connection->prepare('select * from acl_security_identities where identifier = "'.$groupRole.'"');
$secIdSearch->execute();
$secIdFetch = $secIdSearch->fetch();
$securityIdentitiyId = $secIdFetch['id'];
if($securityIdentitiyId):
// Delete all connected Object Entities for this RoleIdentitiys
$connection->prepare('DELETE FROM acl_entries where security_identity_id ='.$securityIdentitiyId)->execute();
// Remove the Role Identitiy itself.
$connection->prepare('DELETE FROM acl_security_identities where id ='.$securityIdentitiyId)->execute();
endif;
它不仅看起来很脏,如果我想在一个对象上保存一个新的ACL,我从中删除了Ace,我得到一个
Notice: Undefined offset: 6 in /../../Acl/Dbal/MutableAclProvider.php line 842
因为ace_order不正确。
已经有解决方案了吗?还是我要按自己的方式重新排列a ?
test this:
public function myDeleteAce($securityIdentity, $acl,$entity){
foreach($acl->getObjectAces() as $index => $ace) {
if($securityIdentity->equals($ace->getSecurityIdentity())) {
if (count($acl->getObjectAces())== 1){
$objectIdentity = ObjectIdentity::fromDomainObject($entity);
$this->provider->deleteAcl($objectIdentity);
$response = ('No more ACE, So ACL deleted');
}else{
$acl->deleteObjectAce($index);
$this->provider->updateAcl($acl);
$response = ('Rights deleted !');
}
}
}
return $response;
}
希望对你有帮助