diff --git a/lib/Alchemy/Phrasea/Application.php b/lib/Alchemy/Phrasea/Application.php index 6423fdc983..cdb7ff9108 100644 --- a/lib/Alchemy/Phrasea/Application.php +++ b/lib/Alchemy/Phrasea/Application.php @@ -12,6 +12,7 @@ namespace Alchemy\Phrasea; use Alchemy\Geonames\GeonamesServiceProvider; +use Alchemy\Phrasea\Application\Helper\AclAware; use Alchemy\Phrasea\Application\Helper\ApplicationBoxAware; use Alchemy\Phrasea\Application\Helper\AuthenticatorAware; use Alchemy\Phrasea\ControllerProvider\Thesaurus\Xmlhttp as ThesaurusXMLHttp; @@ -118,6 +119,7 @@ use XPDF\XPDFServiceProvider; class Application extends SilexApplication { + use AclAware; use ApplicationBoxAware; use AuthenticatorAware; use UrlGeneratorTrait; @@ -597,7 +599,7 @@ class Application extends SilexApplication return false; } - return count($this['acl']->get($user)->get_granted_base()) > 0; + return count($this->getAclForUser($user)->get_granted_base()) > 0; } /** diff --git a/lib/Alchemy/Phrasea/Application/Helper/AclAware.php b/lib/Alchemy/Phrasea/Application/Helper/AclAware.php new file mode 100644 index 0000000000..c0a06cc592 --- /dev/null +++ b/lib/Alchemy/Phrasea/Application/Helper/AclAware.php @@ -0,0 +1,79 @@ +aclProvider = $provider; + + return $this; + } + + /** + * @return ACLProvider + */ + public function getAclProvider() + { + if ($this->aclProvider instanceof ACLProvider) { + return $this->aclProvider; + } + + if (null === $this->aclProvider && $this instanceof \Pimple && $this->offsetExists('acl')) { + $this->aclProvider = function () { + return $this['acl']; + }; + } + + if (null === $this->aclProvider) { + throw new \LogicException(ACLProvider::class . ' instance or locator was not set'); + } + + $instance = call_user_func($this->aclProvider); + if (!$instance instanceof ACLProvider) { + throw new \LogicException(sprintf( + 'Expects locator to return instance of "%s", got "%s"', + ACLProvider::class, + is_object($instance) ? get_class($instance) : gettype($instance) + )); + } + $this->aclProvider = $instance; + + return $this->aclProvider; + } + + /** + * @param User $user + * @return \ACL + */ + public function getAclForUser(User $user) + { + return $this->getAclProvider()->get($user); + } +} diff --git a/lib/Alchemy/Phrasea/Authentication/AccountCreator.php b/lib/Alchemy/Phrasea/Authentication/AccountCreator.php index 0c72d4b82a..b8bc9792bb 100644 --- a/lib/Alchemy/Phrasea/Authentication/AccountCreator.php +++ b/lib/Alchemy/Phrasea/Authentication/AccountCreator.php @@ -91,7 +91,7 @@ class AccountCreator } foreach (array_merge($this->templates, $templates) as $template) { - $app['acl']->get($user)->apply_model($template, $base_ids); + $app->getAclForUser($user)->apply_model($template, $base_ids); } return $user; diff --git a/lib/Alchemy/Phrasea/Authentication/Authenticator.php b/lib/Alchemy/Phrasea/Authentication/Authenticator.php index 518a9c56f3..22bb1ad9d7 100644 --- a/lib/Alchemy/Phrasea/Authentication/Authenticator.php +++ b/lib/Alchemy/Phrasea/Authentication/Authenticator.php @@ -83,7 +83,7 @@ class Authenticator $this->populateSession($session); - foreach ($this->app['acl']->get($user)->get_granted_sbas() as $databox) { + foreach ($this->app->getAclForUser($user)->get_granted_sbas() as $databox) { \cache_databox::insertClient($this->app, $databox); } $this->reinitUser(); @@ -112,7 +112,7 @@ class Authenticator $this->session->clear(); $this->populateSession($session); - foreach ($this->app['acl']->get($user)->get_granted_sbas() as $databox) { + foreach ($this->app->getAclForUser($user)->get_granted_sbas() as $databox) { \cache_databox::insertClient($this->app, $databox); } diff --git a/lib/Alchemy/Phrasea/Command/CreateCollection.php b/lib/Alchemy/Phrasea/Command/CreateCollection.php index abfcf3db9e..841701baf3 100644 --- a/lib/Alchemy/Phrasea/Command/CreateCollection.php +++ b/lib/Alchemy/Phrasea/Command/CreateCollection.php @@ -50,7 +50,7 @@ class CreateCollection extends Command while ($n < $total) { $results = $query->limit($n, 40)->execute()->get_results(); foreach ($results as $user) { - $this->container['acl']->get($user)->duplicate_right_from_bas($input->getOption('base_id_rights'), $new_collection->get_base_id()); + $this->container->getAclForUser($user)->duplicate_right_from_bas($input->getOption('base_id_rights'), $new_collection->get_base_id()); } $n+=40; } diff --git a/lib/Alchemy/Phrasea/Command/Developer/JsFixtures.php b/lib/Alchemy/Phrasea/Command/Developer/JsFixtures.php index b8dd78033a..2b25e2ee73 100644 --- a/lib/Alchemy/Phrasea/Command/Developer/JsFixtures.php +++ b/lib/Alchemy/Phrasea/Command/Developer/JsFixtures.php @@ -85,7 +85,7 @@ class JsFixtures extends Command { $user = $app['manipulator.user']->createUser(uniqid('fixturejs'), uniqid('fixturejs'), uniqid('fixturejs') . '@js.js', true); - $app['acl']->get($user)->set_admin(true); + $app->getAclForUser($user)->set_admin(true); $app['manipulator.acl']->resetAdminRights($user); return $user; diff --git a/lib/Alchemy/Phrasea/Controller/RecordsRequest.php b/lib/Alchemy/Phrasea/Controller/RecordsRequest.php index eea6ad3700..7968c189d5 100644 --- a/lib/Alchemy/Phrasea/Controller/RecordsRequest.php +++ b/lib/Alchemy/Phrasea/Controller/RecordsRequest.php @@ -243,20 +243,20 @@ class RecordsRequest extends ArrayCollection $to_remove = []; foreach ($elements as $id => $record) { - if (!$app['acl']->get($app->getAuthenticatedUser())->has_access_to_record($record)) { + if (!$app->getAclForUser($app->getAuthenticatedUser())->has_access_to_record($record)) { $to_remove[] = $id; continue; } foreach ($rightsColl as $right) { - if (!$app['acl']->get($app->getAuthenticatedUser())->has_right_on_base($record->get_base_id(), $right)) { + if (!$app->getAclForUser($app->getAuthenticatedUser())->has_right_on_base($record->get_base_id(), $right)) { $to_remove[] = $id; continue; } } foreach ($rightsDatabox as $right) { - if (!$app['acl']->get($app->getAuthenticatedUser())->has_right_on_sbas($record->get_sbas_id(), $right)) { + if (!$app->getAclForUser($app->getAuthenticatedUser())->has_right_on_sbas($record->get_sbas_id(), $right)) { $to_remove[] = $id; continue; } diff --git a/lib/Alchemy/Phrasea/Feed/Aggregate.php b/lib/Alchemy/Phrasea/Feed/Aggregate.php index cc68b94277..65d8dce21e 100644 --- a/lib/Alchemy/Phrasea/Feed/Aggregate.php +++ b/lib/Alchemy/Phrasea/Feed/Aggregate.php @@ -78,7 +78,7 @@ class Aggregate implements FeedInterface */ public static function createFromUser(Application $app, User $user, array $restrictions = []) { - $feeds = $app['repo.feeds']->getAllForUser($app['acl']->get($user), $restrictions); + $feeds = $app['repo.feeds']->getAllForUser($app->getAclForUser($user), $restrictions); $token = $app['repo.aggregate-tokens']->findOneBy(['user' => $user]); return new static($app['orm.em'], $feeds, $token); diff --git a/lib/Alchemy/Phrasea/Helper/Prod.php b/lib/Alchemy/Phrasea/Helper/Prod.php index 490e4a4707..e4f0f1313b 100644 --- a/lib/Alchemy/Phrasea/Helper/Prod.php +++ b/lib/Alchemy/Phrasea/Helper/Prod.php @@ -32,12 +32,12 @@ class Prod extends Helper $searchSet = json_decode($this->app['settings']->getUserSetting($this->app->getAuthenticatedUser(), 'search'), true); $saveSettings = $this->app['settings']->getUserSetting($this->app->getAuthenticatedUser(), 'advanced_search_reload'); - foreach ($this->app['acl']->get($this->app->getAuthenticatedUser())->get_granted_sbas() as $databox) { + foreach ($this->app->getAclForUser($this->app->getAuthenticatedUser())->get_granted_sbas() as $databox) { $sbasId = $databox->get_sbas_id(); $bases[$sbasId] = array('thesaurus' => (trim($databox->get_thesaurus()) !== ""), 'cterms' => false, 'collections' => array(), 'sbas_id' => $sbasId); - foreach ($this->app['acl']->get($this->app->getAuthenticatedUser())->get_granted_base([], [$databox->get_sbas_id()]) as $coll) { + foreach ($this->app->getAclForUser($this->app->getAuthenticatedUser())->get_granted_base([], [$databox->get_sbas_id()]) as $coll) { $selected = $saveSettings ? ((isset($searchSet['bases']) && isset($searchSet['bases'][$sbasId])) ? (in_array($coll->get_base_id(), $searchSet['bases'][$sbasId])) : true) : true; $bases[$sbasId]['collections'][] = array('selected' => $selected, 'base_id' => $coll->get_base_id()); } @@ -78,7 +78,7 @@ class Prod extends Helper if (!$bases[$sbasId]['thesaurus']) { continue; } - if (!$this->app['acl']->get($this->app->getAuthenticatedUser())->has_right_on_sbas($sbasId, 'bas_modif_th')) { + if (!$this->app->getAclForUser($this->app->getAuthenticatedUser())->has_right_on_sbas($sbasId, 'bas_modif_th')) { continue; } diff --git a/lib/Alchemy/Phrasea/Helper/User/Edit.php b/lib/Alchemy/Phrasea/Helper/User/Edit.php index e06d1109eb..2d23a5b4d0 100644 --- a/lib/Alchemy/Phrasea/Helper/User/Edit.php +++ b/lib/Alchemy/Phrasea/Helper/User/Edit.php @@ -71,11 +71,11 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper protected function delete_user(User $user) { - $list = array_keys($this->app['acl']->get($this->app->getAuthenticatedUser())->get_granted_base(['canadmin'])); + $list = array_keys($this->app->getAclForUser($this->app->getAuthenticatedUser())->get_granted_base(['canadmin'])); - $this->app['acl']->get($user)->revoke_access_from_bases($list); + $this->app->getAclForUser($user)->revoke_access_from_bases($list); - if ($this->app['acl']->get($user)->is_phantom()) { + if ($this->app->getAclForUser($user)->is_phantom()) { $this->app['manipulator.user']->delete($user); } @@ -84,7 +84,7 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper public function get_users_rights() { - $list = array_keys($this->app['acl']->get($this->app->getAuthenticatedUser())->get_granted_base(['canadmin'])); + $list = array_keys($this->app->getAclForUser($this->app->getAuthenticatedUser())->get_granted_base(['canadmin'])); $sql = "SELECT b.sbas_id, @@ -476,7 +476,7 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper public function apply_rights() { - $ACL = $this->app['acl']->get($this->app->getAuthenticatedUser()); + $ACL = $this->app->getAclForUser($this->app->getAuthenticatedUser()); $base_ids = array_keys($ACL->get_granted_base(['canadmin'])); $update = $create = $delete = $create_sbas = $update_sbas = []; @@ -571,21 +571,21 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper $user = $this->app['repo.users']->find($usr_id); - $this->app['acl']->get($user)->revoke_access_from_bases($delete) + $this->app->getAclForUser($user)->revoke_access_from_bases($delete) ->give_access_to_base($create) ->give_access_to_sbas($create_sbas); foreach ($update as $base_id => $rights) { - $this->app['acl']->get($user)->update_rights_to_base($base_id, $rights); + $this->app->getAclForUser($user)->update_rights_to_base($base_id, $rights); } foreach ($update_sbas as $sbas_id => $rights) { - $this->app['acl']->get($user)->update_rights_to_sbas($sbas_id, $rights); + $this->app->getAclForUser($user)->update_rights_to_sbas($sbas_id, $rights); } $this->app['phraseanet.appbox']->get_connection()->commit(); - $this->app['acl']->get($user)->revoke_unused_sbas_rights(); + $this->app->getAclForUser($user)->revoke_unused_sbas_rights(); unset($user); } catch (\Exception $e) { @@ -688,12 +688,12 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper throw new AccessDeniedHttpException('You are not the owner of the template'); } - $base_ids = array_keys($this->app['acl']->get($this->app->getAuthenticatedUser())->get_granted_base(['canadmin'])); + $base_ids = array_keys($this->app->getAclForUser($this->app->getAuthenticatedUser())->get_granted_base(['canadmin'])); foreach ($this->users as $usr_id) { $user = $this->app['repo.users']->find($usr_id); - $this->app['acl']->get($user)->apply_model($template, $base_ids); + $this->app->getAclForUser($user)->apply_model($template, $base_ids); } return $this; @@ -706,9 +706,9 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper foreach ($this->users as $usr_id) { $user = $this->app['repo.users']->find($usr_id); if ($this->request->get('quota')) - $this->app['acl']->get($user)->set_quotas_on_base($this->base_id, $this->request->get('droits'), $this->request->get('restes')); + $this->app->getAclForUser($user)->set_quotas_on_base($this->base_id, $this->request->get('droits'), $this->request->get('restes')); else - $this->app['acl']->get($user)->remove_quotas_on_base($this->base_id); + $this->app->getAclForUser($user)->remove_quotas_on_base($this->base_id); } return $this; @@ -727,7 +727,7 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper foreach ($this->users as $usr_id) { $user = $this->app['repo.users']->find($usr_id); - $this->app['acl']->get($user)->set_masks_on_base($this->base_id, $vand_and, $vand_or, $vxor_and, $vxor_or); + $this->app->getAclForUser($user)->set_masks_on_base($this->base_id, $vand_and, $vand_or, $vxor_and, $vxor_or); } } @@ -744,16 +744,16 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper $activate = !!$this->request->get('limit'); - $base_ids = array_keys($this->app['acl']->get($this->app->getAuthenticatedUser())->get_granted_base(['canadmin'])); + $base_ids = array_keys($this->app->getAclForUser($this->app->getAuthenticatedUser())->get_granted_base(['canadmin'])); foreach ($this->users as $usr_id) { $user = $this->app['repo.users']->find($usr_id); if ($this->base_id > 0) { - $this->app['acl']->get($user)->set_limits($this->base_id, $activate, $dmin, $dmax); + $this->app->getAclForUser($user)->set_limits($this->base_id, $activate, $dmin, $dmax); } elseif ($sbas_id > 0) { foreach ($base_ids as $base_id) { - $this->app['acl']->get($user)->set_limits($base_id, $activate, $dmin, $dmax); + $this->app->getAclForUser($user)->set_limits($base_id, $activate, $dmin, $dmax); } } else { $this->app->abort(400, 'No collection or databox id available'); @@ -763,11 +763,11 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper public function resetRights() { - $base_ids = array_keys($this->app['acl']->get($this->app->getAuthenticatedUser())->get_granted_base(['canadmin'])); + $base_ids = array_keys($this->app->getAclForUser($this->app->getAuthenticatedUser())->get_granted_base(['canadmin'])); foreach ($this->users as $usr_id) { $user = $this->app['repo.users']->find($usr_id); - $ACL = $this->app['acl']->get($user); + $ACL = $this->app->getAclForUser($user); if ($user->isTemplate()) { $template = $user; diff --git a/lib/Alchemy/Phrasea/Helper/User/Manage.php b/lib/Alchemy/Phrasea/Helper/User/Manage.php index 44651c4372..f64dcd3225 100644 --- a/lib/Alchemy/Phrasea/Helper/User/Manage.php +++ b/lib/Alchemy/Phrasea/Helper/User/Manage.php @@ -76,7 +76,7 @@ class Manage extends Helper ->last_model_is($this->query_parms['last_model']) ->get_inactives($this->query_parms['inactives']) ->include_templates(false) - ->on_bases_where_i_am($this->app['acl']->get($this->app->getAuthenticatedUser()), ['canadmin']) + ->on_bases_where_i_am($this->app->getAclForUser($this->app->getAuthenticatedUser()), ['canadmin']) ->execute(); return $this->results->get_results(); @@ -114,7 +114,7 @@ class Manage extends Helper ->last_model_is($this->query_parms['last_model']) ->get_inactives($this->query_parms['inactives']) ->include_templates(true) - ->on_bases_where_i_am($this->app['acl']->get($this->app->getAuthenticatedUser()), ['canadmin']) + ->on_bases_where_i_am($this->app->getAclForUser($this->app->getAuthenticatedUser()), ['canadmin']) ->limit($offset_start, $results_quantity) ->execute(); diff --git a/lib/Alchemy/Phrasea/Model/Entities/Feed.php b/lib/Alchemy/Phrasea/Model/Entities/Feed.php index e3cdd9a62c..6f1c5a8a93 100644 --- a/lib/Alchemy/Phrasea/Model/Entities/Feed.php +++ b/lib/Alchemy/Phrasea/Model/Entities/Feed.php @@ -459,7 +459,7 @@ class Feed implements FeedInterface public function hasAccess(User $user, Application $app) { if ($this->getCollection($app) instanceof collection) { - return $app['acl']->get($user)->has_access_to_base($this->collection->get_base_id()); + return $app->getAclForUser($user)->has_access_to_base($this->collection->get_base_id()); } return true; @@ -556,7 +556,7 @@ class Feed implements FeedInterface $coll = $this->getCollection($app); if ($this->isPublic() || $coll === null - || in_array($coll->get_base_id(), array_keys($app['acl']->get($user)->get_granted_base()))) { + || in_array($coll->get_base_id(), array_keys($app->getAclForUser($user)->get_granted_base()))) { return true; } diff --git a/lib/Alchemy/Phrasea/Out/Module/PDF.php b/lib/Alchemy/Phrasea/Out/Module/PDF.php index ccb619a962..1f69fb1076 100644 --- a/lib/Alchemy/Phrasea/Out/Module/PDF.php +++ b/lib/Alchemy/Phrasea/Out/Module/PDF.php @@ -166,7 +166,7 @@ class PDF $fimg = $subdef->get_pathfile(); - if (!$this->app['acl']->get($this->app->getAuthenticatedUser())->has_right_on_base($rec->get_base_id(), "nowatermark") + if (!$this->app->getAclForUser($this->app->getAuthenticatedUser())->has_right_on_base($rec->get_base_id(), "nowatermark") && $subdef->get_type() == \media_subdef::TYPE_IMAGE) { $fimg = \recordutils_image::watermark($this->app, $subdef); } @@ -438,7 +438,7 @@ class PDF $f = $subdef->get_pathfile(); - if (!$this->app['acl']->get($this->app->getAuthenticatedUser())->has_right_on_base($rec->get_base_id(), "nowatermark") + if (!$this->app->getAclForUser($this->app->getAuthenticatedUser())->has_right_on_base($rec->get_base_id(), "nowatermark") && $subdef->get_type() == \media_subdef::TYPE_IMAGE) $f = \recordutils_image::watermark($this->app, $subdef); diff --git a/lib/Alchemy/Phrasea/SearchEngine/Elastic/ElasticSearchEngine.php b/lib/Alchemy/Phrasea/SearchEngine/Elastic/ElasticSearchEngine.php index f49ba150f8..8912edd13b 100644 --- a/lib/Alchemy/Phrasea/SearchEngine/Elastic/ElasticSearchEngine.php +++ b/lib/Alchemy/Phrasea/SearchEngine/Elastic/ElasticSearchEngine.php @@ -400,7 +400,7 @@ class ElasticSearchEngine implements SearchEngineInterface return []; } - $acl = $this->app['acl']->get($this->app->getAuthenticatedUser()); + $acl = $this->app->getAclForUser($this->app->getAuthenticatedUser()); $grantedCollections = array_keys($acl->get_granted_base(['actif'])); diff --git a/lib/Alchemy/Phrasea/Security/Firewall.php b/lib/Alchemy/Phrasea/Security/Firewall.php index 178bf91f29..eafe339a57 100644 --- a/lib/Alchemy/Phrasea/Security/Firewall.php +++ b/lib/Alchemy/Phrasea/Security/Firewall.php @@ -41,7 +41,7 @@ class Firewall { $this->requireNotGuest(); - if (!$this->app['acl']->get($this->app->getAuthenticatedUser())->is_admin()) { + if (!$this->app->getAclForUser($this->app->getAuthenticatedUser())->is_admin()) { $this->app->abort(403, 'Admin role is required'); } @@ -50,7 +50,7 @@ class Firewall public function requireAccessToModule($module) { - if (!$this->app['acl']->get($this->app->getAuthenticatedUser())->has_access_to_module($module)) { + if (!$this->app->getAclForUser($this->app->getAuthenticatedUser())->has_access_to_module($module)) { $this->app->abort(403, 'You do not have required rights'); } @@ -59,7 +59,7 @@ class Firewall public function requireAccessToSbas($sbas_id) { - if (!$this->app['acl']->get($this->app->getAuthenticatedUser())->has_access_to_sbas($sbas_id)) { + if (!$this->app->getAclForUser($this->app->getAuthenticatedUser())->has_access_to_sbas($sbas_id)) { $this->app->abort(403, 'You do not have required rights'); } @@ -68,7 +68,7 @@ class Firewall public function requireAccessToBase($base_id) { - if (!$this->app['acl']->get($this->app->getAuthenticatedUser())->has_access_to_base($base_id)) { + if (!$this->app->getAclForUser($this->app->getAuthenticatedUser())->has_access_to_base($base_id)) { $this->app->abort(403, 'You do not have required rights'); } @@ -77,7 +77,7 @@ class Firewall public function requireRight($right) { - if (!$this->app['acl']->get($this->app->getAuthenticatedUser())->has_right($right)) { + if (!$this->app->getAclForUser($this->app->getAuthenticatedUser())->has_right($right)) { $this->app->abort(403, 'You do not have required rights'); } @@ -86,7 +86,7 @@ class Firewall public function requireRightOnBase($base_id, $right) { - if (!$this->app['acl']->get($this->app->getAuthenticatedUser())->has_right_on_base($base_id, $right)) { + if (!$this->app->getAclForUser($this->app->getAuthenticatedUser())->has_right_on_base($base_id, $right)) { $this->app->abort(403, 'You do not have required rights'); } @@ -95,7 +95,7 @@ class Firewall public function requireRightOnSbas($sbas_id, $right) { - if (!$this->app['acl']->get($this->app->getAuthenticatedUser())->has_right_on_sbas($sbas_id, $right)) { + if (!$this->app->getAclForUser($this->app->getAuthenticatedUser())->has_right_on_sbas($sbas_id, $right)) { $this->app->abort(403, 'You do not have required rights'); } @@ -146,7 +146,7 @@ class Firewall public function requireOrdersAdmin() { - if (false === !!count($this->app['acl']->get($this->app->getAuthenticatedUser())->get_granted_base(['order_master']))) { + if (false === !!count($this->app->getAclForUser($this->app->getAuthenticatedUser())->get_granted_base(['order_master']))) { $this->app->abort(403, 'You are not an order admin'); } diff --git a/lib/Alchemy/Phrasea/Setup/Installer.php b/lib/Alchemy/Phrasea/Setup/Installer.php index afb26efef8..5c4a51cf3d 100644 --- a/lib/Alchemy/Phrasea/Setup/Installer.php +++ b/lib/Alchemy/Phrasea/Setup/Installer.php @@ -62,7 +62,7 @@ class Installer $template = new \SplFileInfo(__DIR__ . '/../../../conf.d/data_templates/' . $template . '-simple.xml'); $databox = \databox::create($this->app, $dbConn, $template); - $this->app['acl']->get($admin) + $this->app->getAclForUser($admin) ->give_access_to_sbas([$databox->get_sbas_id()]) ->update_rights_to_sbas( $databox->get_sbas_id(), [ @@ -73,8 +73,8 @@ class Installer $collection = \collection::create($this->app, $databox, $this->app['phraseanet.appbox'], 'test', $admin); - $this->app['acl']->get($admin)->give_access_to_base([$collection->get_base_id()]); - $this->app['acl']->get($admin)->update_rights_to_base($collection->get_base_id(), [ + $this->app->getAclForUser($admin)->give_access_to_base([$collection->get_base_id()]); + $this->app->getAclForUser($admin)->update_rights_to_base($collection->get_base_id(), [ 'canpush' => 1, 'cancmd' => 1 , 'canputinalbum' => 1, 'candwnldhd' => 1, 'candwnldpreview' => 1, 'canadmin' => 1 , 'actif' => 1, 'canreport' => 1, 'canaddrecord' => 1, 'canmodifrecord' => 1 diff --git a/lib/Alchemy/Phrasea/Twig/PhraseanetExtension.php b/lib/Alchemy/Phrasea/Twig/PhraseanetExtension.php index d51af79715..d52ec9a8ba 100644 --- a/lib/Alchemy/Phrasea/Twig/PhraseanetExtension.php +++ b/lib/Alchemy/Phrasea/Twig/PhraseanetExtension.php @@ -135,7 +135,7 @@ class PhraseanetExtension extends \Twig_Extension $rights = (array) $rights; foreach ($rights as $right) { - if (false === $this->app['acl']->get($this->app->getAuthenticatedUser())->has_right_on_sbas($databoxId, $right)) { + if (false === $this->app->getAclForUser($this->app->getAuthenticatedUser())->has_right_on_sbas($databoxId, $right)) { return false; } @@ -153,7 +153,7 @@ class PhraseanetExtension extends \Twig_Extension $rights = (array) $rights; foreach ($rights as $right) { - if (false === $this->app['acl']->get($this->app->getAuthenticatedUser())->has_right_on_base($baseId, $right)) { + if (false === $this->app->getAclForUser($this->app->getAuthenticatedUser())->has_right_on_base($baseId, $right)) { return false; } @@ -182,7 +182,7 @@ class PhraseanetExtension extends \Twig_Extension return false; } - return $this->app['acl']->get($this->app->getAuthenticatedUser())->has_access_to_subdef($record, $subDefinition); + return $this->app->getAclForUser($this->app->getAuthenticatedUser())->has_access_to_subdef($record, $subDefinition); } public function getDoctypeIcon(RecordInterface $record) diff --git a/lib/Alchemy/Phrasea/Vocabulary/ControlProvider/UserProvider.php b/lib/Alchemy/Phrasea/Vocabulary/ControlProvider/UserProvider.php index fe7e8a319a..deb32323f8 100644 --- a/lib/Alchemy/Phrasea/Vocabulary/ControlProvider/UserProvider.php +++ b/lib/Alchemy/Phrasea/Vocabulary/ControlProvider/UserProvider.php @@ -60,7 +60,7 @@ class UserProvider implements ControlProviderInterface ->like(\User_Query::LIKE_LOGIN, $query) ->like_match(\User_Query::LIKE_MATCH_OR) ->include_phantoms(true) - ->on_bases_where_i_am($this->app['acl']->get($for_user), ['canadmin']) + ->on_bases_where_i_am($this->app->getAclForUser($for_user), ['canadmin']) ->limit(0, 50) ->execute()->get_results(); diff --git a/lib/classes/ACL.php b/lib/classes/ACL.php index cd41d0baa4..d8c287435e 100644 --- a/lib/classes/ACL.php +++ b/lib/classes/ACL.php @@ -310,7 +310,7 @@ class ACL implements cache_cacheableInterface $sbas_to_acces = []; $rights_to_give = []; - foreach ($this->app['acl']->get($template_user)->get_granted_sbas() as $databox) { + foreach ($this->app->getAclForUser($template_user)->get_granted_sbas() as $databox) { $sbas_id = $databox->get_sbas_id(); if (!in_array($sbas_id, $sbas_ids)) @@ -321,7 +321,7 @@ class ACL implements cache_cacheableInterface } foreach ($sbas_rights as $right) { - if ($this->app['acl']->get($template_user)->has_right_on_sbas($sbas_id, $right)) { + if ($this->app->getAclForUser($template_user)->has_right_on_sbas($sbas_id, $right)) { $rights_to_give[$sbas_id][$right] = '1'; } } @@ -348,7 +348,7 @@ class ACL implements cache_cacheableInterface '11' => ['aa' => '1', 'ao' => '1', 'xa' => '1', 'xo' => '1'] ]; - foreach ($this->app['acl']->get($template_user)->get_granted_base() as $collection) { + foreach ($this->app->getAclForUser($template_user)->get_granted_base() as $collection) { $base_id = $collection->get_base_id(); if (!in_array($base_id, $base_ids)) @@ -359,13 +359,13 @@ class ACL implements cache_cacheableInterface } foreach ($bas_rights as $right) { - if ($this->app['acl']->get($template_user)->has_right_on_base($base_id, $right)) { + if ($this->app->getAclForUser($template_user)->has_right_on_base($base_id, $right)) { $rights_to_give[$base_id][$right] = '1'; } } - $mask_and = $this->app['acl']->get($template_user)->get_mask_and($base_id); - $mask_xor = $this->app['acl']->get($template_user)->get_mask_xor($base_id); + $mask_and = $this->app->getAclForUser($template_user)->get_mask_and($base_id); + $mask_xor = $this->app->getAclForUser($template_user)->get_mask_xor($base_id); /** * apply sb is substractive @@ -417,7 +417,7 @@ class ACL implements cache_cacheableInterface private function apply_template_time_limits(User $template_user, Array $base_ids) { foreach ($base_ids as $base_id) { - $limited = $this->app['acl']->get($template_user)->get_limits($base_id); + $limited = $this->app->getAclForUser($template_user)->get_limits($base_id); if (null !== $limited) { $this->set_limits($base_id, '1', $limited['dmin'], $limited['dmax']); } else { diff --git a/lib/classes/Session/Logger.php b/lib/classes/Session/Logger.php index 96c3cb71c4..41349459a7 100644 --- a/lib/classes/Session/Logger.php +++ b/lib/classes/Session/Logger.php @@ -99,7 +99,7 @@ class Session_Logger $colls = []; if ($app->getAuthenticatedUser()) { - $bases = $app['acl']->get($app->getAuthenticatedUser())->get_granted_base([], [$databox->get_sbas_id()]); + $bases = $app->getAclForUser($app->getAuthenticatedUser())->get_granted_base([], [$databox->get_sbas_id()]); foreach ($bases as $collection) { $colls[] = $collection->get_coll_id(); } @@ -218,7 +218,7 @@ class Session_Logger ]; if (isset($appName[$appId])) { - $sbas_ids = array_keys($app['acl']->get($app->getAuthenticatedUser())->get_granted_sbas()); + $sbas_ids = array_keys($app->getAclForUser($app->getAuthenticatedUser())->get_granted_sbas()); foreach ($sbas_ids as $sbas_id) { try { diff --git a/lib/classes/collection.php b/lib/classes/collection.php index ca89dc7434..a57ec2d7ab 100644 --- a/lib/classes/collection.php +++ b/lib/classes/collection.php @@ -541,8 +541,8 @@ class collection implements cache_cacheableInterface while ($n < $total) { $results = $query->limit($n, 50)->execute()->get_results(); foreach ($results as $user) { - $app['acl']->get($user)->delete_data_from_cache(ACL::CACHE_RIGHTS_SBAS); - $app['acl']->get($user)->delete_data_from_cache(ACL::CACHE_RIGHTS_BAS); + $app->getAclForUser($user)->delete_data_from_cache(ACL::CACHE_RIGHTS_SBAS); + $app->getAclForUser($user)->delete_data_from_cache(ACL::CACHE_RIGHTS_BAS); } $n+=50; } @@ -654,7 +654,7 @@ class collection implements cache_cacheableInterface "modify_struct" => "1" ]; - $this->app['acl']->get($user)->update_rights_to_base($base_id, $rights); + $this->app->getAclForUser($user)->update_rights_to_base($base_id, $rights); return true; } diff --git a/lib/classes/databox.php b/lib/classes/databox.php index 3bfc22e1be..6a7b999493 100644 --- a/lib/classes/databox.php +++ b/lib/classes/databox.php @@ -477,9 +477,9 @@ class databox extends base while ($n < $total) { $results = $query->limit($n, 50)->execute()->get_results(); foreach ($results as $user) { - $this->app['acl']->get($user)->delete_data_from_cache(ACL::CACHE_RIGHTS_SBAS); - $this->app['acl']->get($user)->delete_data_from_cache(ACL::CACHE_RIGHTS_BAS); - $this->app['acl']->get($user)->delete_injected_rights_sbas($this); + $this->app->getAclForUser($user)->delete_data_from_cache(ACL::CACHE_RIGHTS_SBAS); + $this->app->getAclForUser($user)->delete_data_from_cache(ACL::CACHE_RIGHTS_BAS); + $this->app->getAclForUser($user)->delete_injected_rights_sbas($this); } $n+=50; } @@ -1038,7 +1038,7 @@ class databox extends base { $conn = $this->app['phraseanet.appbox']->get_connection(); - $this->app['acl']->get($user) + $this->app->getAclForUser($user) ->give_access_to_sbas([$this->id]) ->update_rights_to_sbas( $this->id, [ @@ -1073,9 +1073,9 @@ class databox extends base } $stmt->closeCursor(); - $this->app['acl']->get($user)->give_access_to_base($base_ids); + $this->app->getAclForUser($user)->give_access_to_base($base_ids); foreach ($base_ids as $base_id) { - $this->app['acl']->get($user)->update_rights_to_base($base_id, [ + $this->app->getAclForUser($user)->update_rights_to_base($base_id, [ 'canpush' => 1, 'cancmd' => 1 , 'canputinalbum' => 1, 'candwnldhd' => 1, 'candwnldpreview' => 1, 'canadmin' => 1 , 'actif' => 1, 'canreport' => 1, 'canaddrecord' => 1, 'canmodifrecord' => 1 diff --git a/lib/classes/databox/cgu.php b/lib/classes/databox/cgu.php index e443afc849..ebcb566f30 100644 --- a/lib/classes/databox/cgu.php +++ b/lib/classes/databox/cgu.php @@ -59,7 +59,7 @@ class databox_cgu $userValidation = true; if (! $home) { - if ( ! $app['acl']->get($app->getAuthenticatedUser())->has_access_to_sbas($databox->get_sbas_id())) { + if ( ! $app->getAclForUser($app->getAuthenticatedUser())->has_access_to_sbas($databox->get_sbas_id())) { continue; } $userValidation = ($app['settings']->getUserSetting($app->getAuthenticatedUser(), 'terms_of_use_' . $databox->get_sbas_id()) !== $update && trim($value) !== ''); diff --git a/lib/classes/databox/status.php b/lib/classes/databox/status.php index 126043bff7..4882c14cc4 100644 --- a/lib/classes/databox/status.php +++ b/lib/classes/databox/status.php @@ -22,10 +22,10 @@ class databox_status public static function getSearchStatus(Application $app) { $see_all = $structures = $stats = []; - foreach ($app['acl']->get($app->getAuthenticatedUser())->get_granted_sbas() as $databox) { + foreach ($app->getAclForUser($app->getAuthenticatedUser())->get_granted_sbas() as $databox) { $see_all[$databox->get_sbas_id()] = false; foreach ($databox->get_collections() as $collection) { - if ($app['acl']->get($app->getAuthenticatedUser())->has_right_on_base($collection->get_base_id(), 'chgstatus')) { + if ($app->getAclForUser($app->getAuthenticatedUser())->has_right_on_base($collection->get_base_id(), 'chgstatus')) { $see_all[$databox->get_sbas_id()] = true; break; } diff --git a/lib/classes/eventsmanager/notify/autoregister.php b/lib/classes/eventsmanager/notify/autoregister.php index b1c7fb4b0d..ffd1cb01c4 100644 --- a/lib/classes/eventsmanager/notify/autoregister.php +++ b/lib/classes/eventsmanager/notify/autoregister.php @@ -73,6 +73,6 @@ class eventsmanager_notify_autoregister extends eventsmanager_notifyAbstract return false; } - return $this->app['acl']->get($user)->has_right('manageusers'); + return $this->app->getAclForUser($user)->has_right('manageusers'); } } diff --git a/lib/classes/eventsmanager/notify/order.php b/lib/classes/eventsmanager/notify/order.php index e09c60cbf6..e86cce8cfc 100644 --- a/lib/classes/eventsmanager/notify/order.php +++ b/lib/classes/eventsmanager/notify/order.php @@ -75,6 +75,6 @@ class eventsmanager_notify_order extends eventsmanager_notifyAbstract */ public function is_available(User $user) { - return $this->app['acl']->get($user)->has_right('order_master'); + return $this->app->getAclForUser($user)->has_right('order_master'); } } diff --git a/lib/classes/eventsmanager/notify/register.php b/lib/classes/eventsmanager/notify/register.php index 8525d19345..fe85334824 100644 --- a/lib/classes/eventsmanager/notify/register.php +++ b/lib/classes/eventsmanager/notify/register.php @@ -75,6 +75,6 @@ class eventsmanager_notify_register extends eventsmanager_notifyAbstract return false; } - return $this->app['acl']->get($user)->has_right('manageusers'); + return $this->app->getAclForUser($user)->has_right('manageusers'); } } diff --git a/lib/classes/eventsmanager/notify/uploadquarantine.php b/lib/classes/eventsmanager/notify/uploadquarantine.php index 9aff705218..4f92ec883f 100644 --- a/lib/classes/eventsmanager/notify/uploadquarantine.php +++ b/lib/classes/eventsmanager/notify/uploadquarantine.php @@ -79,6 +79,6 @@ class eventsmanager_notify_uploadquarantine extends eventsmanager_notifyAbstract */ public function is_available(User $user) { - return $this->app['acl']->get($user)->has_right('addrecord'); + return $this->app->getAclForUser($user)->has_right('addrecord'); } } diff --git a/lib/classes/eventsmanager/notify/validationdone.php b/lib/classes/eventsmanager/notify/validationdone.php index e1a1fe675d..588a0feee6 100644 --- a/lib/classes/eventsmanager/notify/validationdone.php +++ b/lib/classes/eventsmanager/notify/validationdone.php @@ -90,6 +90,6 @@ class eventsmanager_notify_validationdone extends eventsmanager_notifyAbstract */ public function is_available(User $user) { - return $this->app['acl']->get($user)->has_right('push'); + return $this->app->getAclForUser($user)->has_right('push'); } } diff --git a/lib/classes/module/report/dashboard.php b/lib/classes/module/report/dashboard.php index 2f5eeb7670..a71855f6b5 100644 --- a/lib/classes/module/report/dashboard.php +++ b/lib/classes/module/report/dashboard.php @@ -241,7 +241,7 @@ class module_report_dashboard implements module_report_dashboard_componentInterf { $all_coll = []; - $base_ids = $this->app['acl']->get($this->usr)->get_granted_base(['canreport']); + $base_ids = $this->app->getAclForUser($this->usr)->get_granted_base(['canreport']); foreach ($base_ids as $base_id => $collection) { $databox = $collection->get_databox(); diff --git a/lib/classes/patch/320alpha4b.php b/lib/classes/patch/320alpha4b.php index 8a75e9bc4e..1e4a000bd9 100644 --- a/lib/classes/patch/320alpha4b.php +++ b/lib/classes/patch/320alpha4b.php @@ -212,7 +212,7 @@ class patch_320alpha4b extends patchAbstract $app['orm.em']->flush(); } elseif ($pub_restrict == 1) { - $collections = $app['acl']->get($user)->get_granted_base(); + $collections = $app->getAclForUser($user)->get_granted_base(); $collection = array_shift($collections); if ( ! ($collection instanceof collection)) { foreach ($appbox->get_databoxes() as $databox) { diff --git a/lib/classes/record/exportElement.php b/lib/classes/record/exportElement.php index 0b8ad494d6..bb2979c816 100644 --- a/lib/classes/record/exportElement.php +++ b/lib/classes/record/exportElement.php @@ -102,17 +102,17 @@ class record_exportElement extends record_adapter 'thumbnail' => true ]; - if ($this->app['acl']->get($this->app->getAuthenticatedUser())->has_right_on_base($this->get_base_id(), 'candwnldhd')) { + if ($this->app->getAclForUser($this->app->getAuthenticatedUser())->has_right_on_base($this->get_base_id(), 'candwnldhd')) { $go_dl['document'] = true; } - if ($this->app['acl']->get($this->app->getAuthenticatedUser())->has_right_on_base($this->get_base_id(), 'candwnldpreview')) { + if ($this->app->getAclForUser($this->app->getAuthenticatedUser())->has_right_on_base($this->get_base_id(), 'candwnldpreview')) { $go_dl['preview'] = true; } - if ($this->app['acl']->get($this->app->getAuthenticatedUser())->has_hd_grant($this)) { + if ($this->app->getAclForUser($this->app->getAuthenticatedUser())->has_hd_grant($this)) { $go_dl['document'] = true; $go_dl['preview'] = true; } - if ($this->app['acl']->get($this->app->getAuthenticatedUser())->has_preview_grant($this)) { + if ($this->app->getAclForUser($this->app->getAuthenticatedUser())->has_preview_grant($this)) { $go_dl['preview'] = true; } @@ -122,14 +122,14 @@ class record_exportElement extends record_adapter ->who_have_right(['order_master']) ->execute()->get_results(); - $go_cmd = (count($masters) > 0 && $this->app['acl']->get($this->app->getAuthenticatedUser())->has_right_on_base($this->base_id, 'cancmd')); + $go_cmd = (count($masters) > 0 && $this->app->getAclForUser($this->app->getAuthenticatedUser())->has_right_on_base($this->base_id, 'cancmd')); $orderable['document'] = false; $downloadable['document'] = false; if (isset($sd['document']) && is_file($sd['document']->get_pathfile())) { if ($go_dl['document'] === true) { - if ($this->app['acl']->get($this->app->getAuthenticatedUser())->is_restricted_download($this->base_id)) { + if ($this->app->getAclForUser($this->app->getAuthenticatedUser())->is_restricted_download($this->base_id)) { $this->remain_hd --; if ($this->remain_hd >= 0) { $localizedLabel = $this->app->trans('document original'); @@ -183,7 +183,7 @@ class record_exportElement extends record_adapter if (isset($sd[$name]) && $sd[$name]->is_physically_present()) { if ($class == 'document') { - if ($this->app['acl']->get($this->app->getAuthenticatedUser())->is_restricted_download($this->base_id)) { + if ($this->app->getAclForUser($this->app->getAuthenticatedUser())->is_restricted_download($this->base_id)) { $this->remain_hd --; if ($this->remain_hd >= 0) $downloadable[$name] = [ diff --git a/lib/classes/record/preview.php b/lib/classes/record/preview.php index 218fa252fb..a441121bc3 100644 --- a/lib/classes/record/preview.php +++ b/lib/classes/record/preview.php @@ -325,7 +325,7 @@ class record_preview extends record_adapter $tab = []; - $report = $this->app['acl']->get($this->app->getAuthenticatedUser())->has_right_on_base($this->get_base_id(), 'canreport'); + $report = $this->app->getAclForUser($this->app->getAuthenticatedUser())->has_right_on_base($this->get_base_id(), 'canreport'); $databox = $this->app->findDataboxById($this->get_sbas_id()); $connsbas = $databox->get_connection(); @@ -401,7 +401,7 @@ class record_preview extends record_adapter return $this->view_popularity; } - $report = $this->app['acl']->get($this->app->getAuthenticatedUser())->has_right_on_base( + $report = $this->app->getAclForUser($this->app->getAuthenticatedUser())->has_right_on_base( $this->get_base_id(), 'canreport'); if ( ! $report && ! $this->app['conf']->get(['registry', 'webservices', 'google-charts-enabled'])) { @@ -491,7 +491,7 @@ class record_preview extends record_adapter return $this->refferer_popularity; } - $report = $this->app['acl']->get($this->app->getAuthenticatedUser())->has_right_on_base( + $report = $this->app->getAclForUser($this->app->getAuthenticatedUser())->has_right_on_base( $this->get_base_id(), 'canreport'); if ( ! $report && ! $this->app['conf']->get(['registry', 'webservices', 'google-charts-enabled'])) { @@ -564,7 +564,7 @@ class record_preview extends record_adapter return $this->download_popularity; } - $report = $this->app['acl']->get($this->app->getAuthenticatedUser())->has_right_on_base($this->get_base_id(), 'canreport'); + $report = $this->app->getAclForUser($this->app->getAuthenticatedUser())->has_right_on_base($this->get_base_id(), 'canreport'); $ret = false; if ( ! $report && ! $this->app['conf']->get(['registry', 'webservices', 'google-charts-enabled'])) { diff --git a/lib/classes/set/export.php b/lib/classes/set/export.php index 5e1c67b585..4c9a3f443e 100644 --- a/lib/classes/set/export.php +++ b/lib/classes/set/export.php @@ -66,8 +66,8 @@ class set_export extends set_abstract $record_id = $basket_element->getRecord($this->app)->get_record_id(); if (!isset($remain_hd[$base_id])) { - if ($app['acl']->get($app->getAuthenticatedUser())->is_restricted_download($base_id)) { - $remain_hd[$base_id] = $app['acl']->get($app->getAuthenticatedUser())->remaining_download($base_id); + if ($app->getAclForUser($app->getAuthenticatedUser())->is_restricted_download($base_id)) { + $remain_hd[$base_id] = $app->getAclForUser($app->getAuthenticatedUser())->remaining_download($base_id); } else { $remain_hd[$base_id] = false; } @@ -106,8 +106,8 @@ class set_export extends set_abstract $record_id = $child_basrec->get_record_id(); if (!isset($remain_hd[$base_id])) { - if ($app['acl']->get($app->getAuthenticatedUser())->is_restricted_download($base_id)) { - $remain_hd[$base_id] = $app['acl']->get($app->getAuthenticatedUser())->remaining_download($base_id); + if ($app->getAclForUser($app->getAuthenticatedUser())->is_restricted_download($base_id)) { + $remain_hd[$base_id] = $app->getAclForUser($app->getAuthenticatedUser())->remaining_download($base_id); } else { $remain_hd[$base_id] = false; } @@ -129,8 +129,8 @@ class set_export extends set_abstract $record_id = $record->get_record_id(); if (!isset($remain_hd[$base_id])) { - if ($app['acl']->get($app->getAuthenticatedUser())->is_restricted_download($base_id)) { - $remain_hd[$base_id] = $app['acl']->get($app->getAuthenticatedUser())->remaining_download($base_id); + if ($app->getAclForUser($app->getAuthenticatedUser())->is_restricted_download($base_id)) { + $remain_hd[$base_id] = $app->getAclForUser($app->getAuthenticatedUser())->remaining_download($base_id); } else { $remain_hd[$base_id] = false; } @@ -164,7 +164,7 @@ class set_export extends set_abstract $this->businessFieldsAccess = false; foreach ($this->elements as $download_element) { - if ($app['acl']->get($app->getAuthenticatedUser())->has_right_on_base($download_element->get_base_id(), 'canmodifrecord')) { + if ($app->getAclForUser($app->getAuthenticatedUser())->has_right_on_base($download_element->get_base_id(), 'canmodifrecord')) { $this->businessFieldsAccess = true; } @@ -216,11 +216,11 @@ class set_export extends set_abstract $display_ftp = []; - $hasadminright = $app['acl']->get($app->getAuthenticatedUser())->has_right('addrecord') - || $app['acl']->get($app->getAuthenticatedUser())->has_right('deleterecord') - || $app['acl']->get($app->getAuthenticatedUser())->has_right('modifyrecord') - || $app['acl']->get($app->getAuthenticatedUser())->has_right('coll_manage') - || $app['acl']->get($app->getAuthenticatedUser())->has_right('coll_modify_struct'); + $hasadminright = $app->getAclForUser($app->getAuthenticatedUser())->has_right('addrecord') + || $app->getAclForUser($app->getAuthenticatedUser())->has_right('deleterecord') + || $app->getAclForUser($app->getAuthenticatedUser())->has_right('modifyrecord') + || $app->getAclForUser($app->getAuthenticatedUser())->has_right('coll_manage') + || $app->getAclForUser($app->getAuthenticatedUser())->has_right('coll_modify_struct'); $this->ftp_datas = []; @@ -228,7 +228,7 @@ class set_export extends set_abstract $display_ftp = $display_download; $this->total_ftp = $this->total_download; - $lst_base_id = array_keys($app['acl']->get($app->getAuthenticatedUser())->get_granted_base()); + $lst_base_id = array_keys($app->getAclForUser($app->getAuthenticatedUser())->get_granted_base()); if ($hasadminright) { $sql = "SELECT Users.id AS usr_id ,Users.login AS usr_login ,Users.email AS usr_mail, FtpCredential.* @@ -429,7 +429,7 @@ class set_export extends set_abstract $BF = false; - if ($includeBusinessFields && $this->app['acl']->get($user)->has_right_on_base($download_element->get_base_id(), 'canmodifrecord')) { + if ($includeBusinessFields && $this->app->getAclForUser($user)->has_right_on_base($download_element->get_base_id(), 'canmodifrecord')) { $BF = true; } @@ -512,8 +512,8 @@ class set_export extends set_abstract 'path' => $sd[$name]->get_path() , 'file' => $sd[$name]->get_file() ]; - if (!$this->app['acl']->get($user)->has_right_on_base($download_element->get_base_id(), "nowatermark") - && !$this->app['acl']->get($user)->has_preview_grant($download_element) + if (!$this->app->getAclForUser($user)->has_right_on_base($download_element->get_base_id(), "nowatermark") + && !$this->app->getAclForUser($user)->has_preview_grant($download_element) && $sd[$name]->get_type() == media_subdef::TYPE_IMAGE) { $path = recordutils_image::watermark($this->app, $sd[$name]); if (file_exists($path)) { @@ -776,7 +776,7 @@ class set_export extends set_abstract $log["shortXml"] = $app['serializer.caption']->serialize($record_object->get_caption(), CaptionSerializer::SERIALIZE_XML); $tmplog[$record_object->get_base_id()][] = $log; if (!$anonymous && $o == 'document' && null !== $app->getAuthenticatedUser()) { - $app['acl']->get($app->getAuthenticatedUser())->remove_remaining($record_object->get_base_id()); + $app->getAclForUser($app->getAuthenticatedUser())->remove_remaining($record_object->get_base_id()); } } @@ -794,11 +794,11 @@ class set_export extends set_abstract $stmt = $app['phraseanet.appbox']->get_connection()->prepare($sql); foreach ($list_base as $base_id) { - if ($app['acl']->get($app->getAuthenticatedUser())->is_restricted_download($base_id)) { + if ($app->getAclForUser($app->getAuthenticatedUser())->is_restricted_download($base_id)) { $params = [ - ':remain_dl' => $app['acl']->get($app->getAuthenticatedUser())->remaining_download($base_id) + ':remain_dl' => $app->getAclForUser($app->getAuthenticatedUser())->remaining_download($base_id) , ':base_id' => $base_id - , ':usr_id' => $app['acl']->get($app->getAuthenticatedUser())->getId() + , ':usr_id' => $app->getAclForUser($app->getAuthenticatedUser())->getId() ]; $stmt->execute($params); diff --git a/lib/classes/set/selection.php b/lib/classes/set/selection.php index 09d88ca689..87e3b1f964 100644 --- a/lib/classes/set/selection.php +++ b/lib/classes/set/selection.php @@ -57,26 +57,26 @@ class set_selection extends set_abstract $sbas_id = $record->get_sbas_id(); $record_id = $record->get_record_id(); if (! $rights) { - if ($this->app['acl']->get($this->app->getAuthenticatedUser())->has_hd_grant($record)) { + if ($this->app->getAclForUser($this->app->getAuthenticatedUser())->has_hd_grant($record)) { continue; } - if ($this->app['acl']->get($this->app->getAuthenticatedUser())->has_preview_grant($record)) { + if ($this->app->getAclForUser($this->app->getAuthenticatedUser())->has_preview_grant($record)) { continue; } - if ( ! $this->app['acl']->get($this->app->getAuthenticatedUser())->has_access_to_base($base_id)) { + if ( ! $this->app->getAclForUser($this->app->getAuthenticatedUser())->has_access_to_base($base_id)) { $to_remove[] = $id; continue; } } else { foreach ($rights as $right) { - if ( ! $this->app['acl']->get($this->app->getAuthenticatedUser())->has_right_on_base($base_id, $right)) { + if ( ! $this->app->getAclForUser($this->app->getAuthenticatedUser())->has_right_on_base($base_id, $right)) { $to_remove[] = $id; continue; } } foreach ($sbas_rights as $right) { - if ( ! $this->app['acl']->get($this->app->getAuthenticatedUser())->has_right_on_sbas($sbas_id, $right)) { + if ( ! $this->app->getAclForUser($this->app->getAuthenticatedUser())->has_right_on_sbas($sbas_id, $right)) { $to_remove[] = $id; continue; } @@ -88,8 +88,8 @@ class set_selection extends set_abstract $sql = 'SELECT record_id FROM record - WHERE ((status ^ ' . $this->app['acl']->get($this->app->getAuthenticatedUser())->get_mask_xor($base_id) . ') - & ' . $this->app['acl']->get($this->app->getAuthenticatedUser())->get_mask_and($base_id) . ')=0 + WHERE ((status ^ ' . $this->app->getAclForUser($this->app->getAuthenticatedUser())->get_mask_xor($base_id) . ') + & ' . $this->app->getAclForUser($this->app->getAuthenticatedUser())->get_mask_and($base_id) . ')=0 AND record_id = :record_id'; $stmt = $connsbas->prepare($sql); diff --git a/tests/Alchemy/Tests/Phrasea/Authentication/ACLProviderTest.php b/tests/Alchemy/Tests/Phrasea/Authentication/ACLProviderTest.php index 968f843c58..22a47cd574 100644 --- a/tests/Alchemy/Tests/Phrasea/Authentication/ACLProviderTest.php +++ b/tests/Alchemy/Tests/Phrasea/Authentication/ACLProviderTest.php @@ -10,7 +10,7 @@ class ACLProviderTest extends \PhraseanetTestCase { public function testGetACL() { - $acl = self::$DI['app']['acl']->get(self::$DI['user']); + $acl = self::$DI['app']->getAclForUser(self::$DI['user']); $this->assertInstanceOf('\ACL', $acl); } diff --git a/tests/Alchemy/Tests/Phrasea/Controller/Admin/AdminCollectionTest.php b/tests/Alchemy/Tests/Phrasea/Controller/Admin/AdminCollectionTest.php index 6fb5d20a26..1c424ed16b 100644 --- a/tests/Alchemy/Tests/Phrasea/Controller/Admin/AdminCollectionTest.php +++ b/tests/Alchemy/Tests/Phrasea/Controller/Admin/AdminCollectionTest.php @@ -281,7 +281,7 @@ class AdminCollectionTest extends \PhraseanetAuthenticatedWebTestCase $this->checkRedirection(self::$DI['client']->getResponse(), '/admin/collection/' . self::$DI['collection']->get_base_id() . '/?success=1'); - $this->assertTrue(self::$DI['app']['acl']->get(self::$DI['user_alt1'])->has_right_on_base(self::$DI['collection']->get_base_id(), 'order_master')); + $this->assertTrue(self::$DI['app']->getAclForUser(self::$DI['user_alt1'])->has_right_on_base(self::$DI['collection']->get_base_id(), 'order_master')); } /** diff --git a/tests/Alchemy/Tests/Phrasea/Controller/Admin/PublicationTest.php b/tests/Alchemy/Tests/Phrasea/Controller/Admin/PublicationTest.php index 19fcdc3542..6f9d7cffcd 100644 --- a/tests/Alchemy/Tests/Phrasea/Controller/Admin/PublicationTest.php +++ b/tests/Alchemy/Tests/Phrasea/Controller/Admin/PublicationTest.php @@ -25,7 +25,7 @@ class PublicationTest extends \PhraseanetAuthenticatedWebTestCase $crawler = self::$DI['client']->request('GET', '/admin/publications/list/'); $pageContent = self::$DI['client']->getResponse()->getContent(); $this->assertTrue(self::$DI['client']->getResponse()->isOk()); - $feeds = self::$DI['app']['orm.em']->getRepository('Phraseanet:Feed')->getAllForUser(self::$DI['app']['acl']->get(self::$DI['user'])); + $feeds = self::$DI['app']['orm.em']->getRepository('Phraseanet:Feed')->getAllForUser(self::$DI['app']->getAclForUser(self::$DI['user'])); foreach ($feeds as $feed) { $this->assertRegExp('/\/admin\/publications\/feed\/' . $feed->getId() . '/', $pageContent); @@ -40,14 +40,14 @@ class PublicationTest extends \PhraseanetAuthenticatedWebTestCase public function testCreate() { - $feeds = self::$DI['app']['orm.em']->getRepository('Phraseanet:Feed')->getAllForUser(self::$DI['app']['acl']->get(self::$DI['user'])); + $feeds = self::$DI['app']['orm.em']->getRepository('Phraseanet:Feed')->getAllForUser(self::$DI['app']->getAclForUser(self::$DI['user'])); $count = sizeof($feeds); $crawler = self::$DI['client']->request('POST', '/admin/publications/create/', ["title" => "hello", "subtitle" => "coucou", "base_id" => self::$DI['collection']->get_base_id()]); $this->assertTrue(self::$DI['client']->getResponse()->isRedirect('/admin/publications/list/')); - $feeds = self::$DI['app']['orm.em']->getRepository('Phraseanet:Feed')->getAllForUser(self::$DI['app']['acl']->get(self::$DI['user'])); + $feeds = self::$DI['app']['orm.em']->getRepository('Phraseanet:Feed')->getAllForUser(self::$DI['app']->getAclForUser(self::$DI['user'])); $count_after = sizeof($feeds); $this->assertGreaterThan($count, $count_after); } diff --git a/tests/Alchemy/Tests/Phrasea/Controller/Admin/UsersTest.php b/tests/Alchemy/Tests/Phrasea/Controller/Admin/UsersTest.php index 8c50cd5172..3e51a5ee4e 100644 --- a/tests/Alchemy/Tests/Phrasea/Controller/Admin/UsersTest.php +++ b/tests/Alchemy/Tests/Phrasea/Controller/Admin/UsersTest.php @@ -69,9 +69,9 @@ class UsersTest extends \PhraseanetAuthenticatedWebTestCase $datas = json_decode($response->getContent()); $this->assertFalse($datas->error); - $this->assertTrue(self::$DI['app']['acl']->get($user)->has_right_on_base(self::$DI['collection']->get_base_id(), "manage")); - $this->assertTrue(self::$DI['app']['acl']->get($user)->has_right_on_base(self::$DI['collection']->get_base_id(), "canpush")); - $this->assertTrue(self::$DI['app']['acl']->get($user)->has_right_on_base(self::$DI['collection']->get_base_id(), "canreport")); + $this->assertTrue(self::$DI['app']->getAclForUser($user)->has_right_on_base(self::$DI['collection']->get_base_id(), "manage")); + $this->assertTrue(self::$DI['app']->getAclForUser($user)->has_right_on_base(self::$DI['collection']->get_base_id(), "canpush")); + $this->assertTrue(self::$DI['app']->getAclForUser($user)->has_right_on_base(self::$DI['collection']->get_base_id(), "canreport")); self::$DI['app']['orm.em']->refresh($user); self::$DI['app']['manipulator.user']->delete($user); @@ -94,7 +94,7 @@ class UsersTest extends \PhraseanetAuthenticatedWebTestCase public function testRouteQuota() { - $keys = array_keys(self::$DI['app']['acl']->get(self::$DI['user'])->get_granted_base()); + $keys = array_keys(self::$DI['app']->getAclForUser(self::$DI['user'])->get_granted_base()); $base_id = array_pop($keys); $params = ['base_id' => $base_id, 'users' => self::$DI['user']->getId()]; self::$DI['client']->request('POST', '/admin/users/rights/quotas/', $params); @@ -114,7 +114,7 @@ class UsersTest extends \PhraseanetAuthenticatedWebTestCase public function testRouteQuotaRemove() { - $keys = array_keys(self::$DI['app']['acl']->get(self::$DI['user'])->get_granted_base()); + $keys = array_keys(self::$DI['app']->getAclForUser(self::$DI['user'])->get_granted_base()); $base_id = array_pop($keys); $params = ['base_id' => $base_id, 'users' => self::$DI['user']->getId()]; @@ -125,7 +125,7 @@ class UsersTest extends \PhraseanetAuthenticatedWebTestCase public function testRouteRightTime() { - $keys = array_keys(self::$DI['app']['acl']->get(self::$DI['user'])->get_granted_base()); + $keys = array_keys(self::$DI['app']->getAclForUser(self::$DI['user'])->get_granted_base()); $base_id = array_pop($keys); $params = ['base_id' => $base_id, 'users' => self::$DI['user']->getId()]; @@ -188,7 +188,7 @@ class UsersTest extends \PhraseanetAuthenticatedWebTestCase public function testRouteRightMask() { - $keys = array_keys(self::$DI['app']['acl']->get(self::$DI['user'])->get_granted_base()); + $keys = array_keys(self::$DI['app']->getAclForUser(self::$DI['user'])->get_granted_base()); $base_id = array_pop($keys); $params = ['base_id' => $base_id, 'users' => self::$DI['user']->getId()]; @@ -333,7 +333,7 @@ class UsersTest extends \PhraseanetAuthenticatedWebTestCase { $user = self::$DI['app']['manipulator.user']->createUser(uniqid('user_'), "test"); - self::$DI['app']['acl']->get($user)->give_access_to_sbas(array_keys(self::$DI['app']->getDataboxes())); + self::$DI['app']->getAclForUser($user)->give_access_to_sbas(array_keys(self::$DI['app']->getDataboxes())); foreach (self::$DI['app']->getDataboxes() as $databox) { @@ -344,11 +344,11 @@ class UsersTest extends \PhraseanetAuthenticatedWebTestCase , 'bas_chupub' => '1' ]; - self::$DI['app']['acl']->get($user)->update_rights_to_sbas($databox->get_sbas_id(), $rights); + self::$DI['app']->getAclForUser($user)->update_rights_to_sbas($databox->get_sbas_id(), $rights); foreach ($databox->get_collections() as $collection) { $base_id = $collection->get_base_id(); - self::$DI['app']['acl']->get($user)->give_access_to_base([$base_id]); + self::$DI['app']->getAclForUser($user)->give_access_to_base([$base_id]); $rights = [ 'canputinalbum' => '1' @@ -357,7 +357,7 @@ class UsersTest extends \PhraseanetAuthenticatedWebTestCase , 'nowatermark' => '1' ]; - self::$DI['app']['acl']->get($user)->update_rights_to_base($collection->get_base_id(), $rights); + self::$DI['app']->getAclForUser($user)->update_rights_to_base($collection->get_base_id(), $rights); break; } } @@ -369,7 +369,7 @@ class UsersTest extends \PhraseanetAuthenticatedWebTestCase $datas = json_decode($response->getContent()); $this->assertTrue(is_object($datas)); $this->assertFalse($datas->error); - $this->assertFalse(self::$DI['app']['acl']->get($user)->has_access_to_base($base_id)); + $this->assertFalse(self::$DI['app']->getAclForUser($user)->has_access_to_base($base_id)); self::$DI['app']['manipulator.user']->delete($user); } @@ -436,7 +436,7 @@ class UsersTest extends \PhraseanetAuthenticatedWebTestCase // create a template if (null === self::$DI['app']['repo.users']->findByLogin('csv_template')) { $user = self::$DI['app']['manipulator.user']->createTemplate('csv_template', self::$DI['app']->getAuthenticatedUser()); - self::$DI['app']['acl']->get($user)->update_rights_to_base(self::$DI['collection']->get_base_id(), ['actif'=> 1]); + self::$DI['app']->getAclForUser($user)->update_rights_to_base(self::$DI['collection']->get_base_id(), ['actif'=> 1]); } $nativeQueryMock = $this->getMockBuilder('Alchemy\Phrasea\Model\NativeQueryProvider') diff --git a/tests/Alchemy/Tests/Phrasea/Controller/Api/ApiTestCase.php b/tests/Alchemy/Tests/Phrasea/Controller/Api/ApiTestCase.php index 37dcff34be..2e6ffec3f4 100644 --- a/tests/Alchemy/Tests/Phrasea/Controller/Api/ApiTestCase.php +++ b/tests/Alchemy/Tests/Phrasea/Controller/Api/ApiTestCase.php @@ -973,7 +973,7 @@ abstract class ApiTestCase extends \PhraseanetWebTestCase { $this->setToken($this->userAccessToken); - self::$DI['app']['acl']->get(self::$DI['user_notAdmin'])->update_rights_to_base(self::$DI['collection']->get_base_id(), array( + self::$DI['app']->getAclForUser(self::$DI['user_notAdmin'])->update_rights_to_base(self::$DI['collection']->get_base_id(), array( 'candwnldpreview' => 1, 'candwnldhd' => 1 )); @@ -1011,7 +1011,7 @@ abstract class ApiTestCase extends \PhraseanetWebTestCase { $this->setToken($this->userAccessToken); - self::$DI['app']['acl']->get(self::$DI['user_notAdmin'])->update_rights_to_base(self::$DI['collection']->get_base_id(), array( + self::$DI['app']->getAclForUser(self::$DI['user_notAdmin'])->update_rights_to_base(self::$DI['collection']->get_base_id(), array( 'candwnldpreview' => 1, 'candwnldhd' => 0 )); @@ -1035,7 +1035,7 @@ abstract class ApiTestCase extends \PhraseanetWebTestCase { $this->setToken($this->userAccessToken); - self::$DI['app']['acl']->get(self::$DI['user_notAdmin'])->update_rights_to_base(self::$DI['collection']->get_base_id(), array( + self::$DI['app']->getAclForUser(self::$DI['user_notAdmin'])->update_rights_to_base(self::$DI['collection']->get_base_id(), array( 'candwnldpreview' => 0, 'candwnldhd' => 0 )); diff --git a/tests/Alchemy/Tests/Phrasea/Controller/Prod/FeedTest.php b/tests/Alchemy/Tests/Phrasea/Controller/Prod/FeedTest.php index 0a8cd7a4a9..c098c860a6 100644 --- a/tests/Alchemy/Tests/Phrasea/Controller/Prod/FeedTest.php +++ b/tests/Alchemy/Tests/Phrasea/Controller/Prod/FeedTest.php @@ -18,7 +18,7 @@ class FeedTest extends \PhraseanetAuthenticatedWebTestCase { $crawler = self::$DI['client']->request('POST', '/prod/feeds/requestavailable/'); $this->assertTrue(self::$DI['client']->getResponse()->isOk()); - $feeds = self::$DI['app']['orm.em']->getRepository('Phraseanet:Feed')->getAllForUser(self::$DI['app']['acl']->get(self::$DI['user'])); + $feeds = self::$DI['app']['orm.em']->getRepository('Phraseanet:Feed')->getAllForUser(self::$DI['app']->getAclForUser(self::$DI['user'])); foreach ($feeds as $one_feed) { if ($one_feed->isPublisher(self::$DI['user'])) { $this->assertEquals(1, $crawler->filterXPath("//input[@value='" . $one_feed->getId() . "' and @name='feed_proposal[]']")->count()); @@ -338,7 +338,7 @@ class FeedTest extends \PhraseanetAuthenticatedWebTestCase { $crawler = self::$DI['client']->request('GET', '/prod/feeds/'); $this->assertTrue(self::$DI['client']->getResponse()->isOk()); - $feeds = self::$DI['app']['orm.em']->getRepository('Phraseanet:Feed')->getAllForUser(self::$DI['app']['acl']->get(self::$DI['user'])); + $feeds = self::$DI['app']['orm.em']->getRepository('Phraseanet:Feed')->getAllForUser(self::$DI['app']->getAclForUser(self::$DI['user'])); foreach ($feeds as $one_feed) { $path = CssSelector::toXPath("ul.submenu a[href='/prod/feeds/feed/" . $one_feed->getId() . "/']"); @@ -355,7 +355,7 @@ class FeedTest extends \PhraseanetAuthenticatedWebTestCase public function testGetFeed() { $feed = self::$DI['app']['orm.em']->find('Phraseanet:Feed', 1); - $feeds = self::$DI['app']['orm.em']->getRepository('Phraseanet:Feed')->getAllForUser(self::$DI['app']['acl']->get(self::$DI['user'])); + $feeds = self::$DI['app']['orm.em']->getRepository('Phraseanet:Feed')->getAllForUser(self::$DI['app']->getAclForUser(self::$DI['user'])); $crawler = self::$DI['client']->request('GET', '/prod/feeds/feed/' . $feed->getId() . "/"); foreach ($feeds as $one_feed) { diff --git a/tests/Alchemy/Tests/Phrasea/Controller/Prod/QueryTest.php b/tests/Alchemy/Tests/Phrasea/Controller/Prod/QueryTest.php index c7e64f5bb7..e5c65d568d 100644 --- a/tests/Alchemy/Tests/Phrasea/Controller/Prod/QueryTest.php +++ b/tests/Alchemy/Tests/Phrasea/Controller/Prod/QueryTest.php @@ -46,7 +46,7 @@ class QueryTest extends \PhraseanetAuthenticatedWebTestCase self::$DI['record_2']; $options = new SearchEngineOptions(); - $options->onCollections(self::$DI['app']['acl']->get(self::$DI['app']->getAuthenticatedUser())->get_granted_base()); + $options->onCollections(self::$DI['app']->getAclForUser(self::$DI['app']->getAuthenticatedUser())->get_granted_base()); $serializedOptions = $options->serialize(); self::$DI['client']->request('POST', '/prod/query/answer-train/', [ diff --git a/tests/Alchemy/Tests/Phrasea/Controller/Prod/RecordsTest.php b/tests/Alchemy/Tests/Phrasea/Controller/Prod/RecordsTest.php index 0b326af0dd..fd32281d6e 100644 --- a/tests/Alchemy/Tests/Phrasea/Controller/Prod/RecordsTest.php +++ b/tests/Alchemy/Tests/Phrasea/Controller/Prod/RecordsTest.php @@ -122,7 +122,7 @@ class RecordsTest extends \PhraseanetAuthenticatedWebTestCase self::$DI['record_1']; $options = new SearchEngineOptions(); - $acl = self::$DI['app']['acl']->get(self::$DI['app']->getAuthenticatedUser()); + $acl = self::$DI['app']->getAclForUser(self::$DI['app']->getAuthenticatedUser()); $options->onCollections($acl->get_granted_base()); $serializedOptions = $options->serialize(); diff --git a/tests/Alchemy/Tests/Phrasea/Controller/Prod/StoryTest.php b/tests/Alchemy/Tests/Phrasea/Controller/Prod/StoryTest.php index 865d3aa05f..182cffc9a5 100644 --- a/tests/Alchemy/Tests/Phrasea/Controller/Prod/StoryTest.php +++ b/tests/Alchemy/Tests/Phrasea/Controller/Prod/StoryTest.php @@ -17,7 +17,7 @@ class StoryTest extends \PhraseanetAuthenticatedWebTestCase self::$DI['app']['phraseanet.SE'] = $this->createSearchEngineMock(); $route = "/prod/story/"; - $collections = self::$DI['app']['acl']->get(self::$DI['app']->getAuthenticatedUser()) + $collections = self::$DI['app']->getAclForUser(self::$DI['app']->getAuthenticatedUser()) ->get_granted_base(['canaddrecord']); $collection = array_shift($collections); @@ -46,7 +46,7 @@ class StoryTest extends \PhraseanetAuthenticatedWebTestCase { $route = "/prod/story/"; - $collections = self::$DI['app']['acl']->get(self::$DI['app']->getAuthenticatedUser()) + $collections = self::$DI['app']->getAclForUser(self::$DI['app']->getAuthenticatedUser()) ->get_granted_base(['canaddrecord']); $collection = array_shift($collections); diff --git a/tests/Alchemy/Tests/Phrasea/Controller/Prod/TOUTest.php b/tests/Alchemy/Tests/Phrasea/Controller/Prod/TOUTest.php index 10a73c7622..78b38c5c8d 100644 --- a/tests/Alchemy/Tests/Phrasea/Controller/Prod/TOUTest.php +++ b/tests/Alchemy/Tests/Phrasea/Controller/Prod/TOUTest.php @@ -54,7 +54,7 @@ class TOUTest extends \PhraseanetAuthenticatedWebTestCase unset($response, $databoxes); foreach ($databox->get_collections() as $collection) { - $this->assertFalse(self::$DI['app']['acl']->get(self::$DI['user_alt2'])->has_access_to_base($collection->get_base_id())); + $this->assertFalse(self::$DI['app']->getAclForUser(self::$DI['user_alt2'])->has_access_to_base($collection->get_base_id())); } } diff --git a/tests/Alchemy/Tests/Phrasea/Controller/RecordsRequestTest.php b/tests/Alchemy/Tests/Phrasea/Controller/RecordsRequestTest.php index 8a55471cb4..8bb9d9df85 100644 --- a/tests/Alchemy/Tests/Phrasea/Controller/RecordsRequestTest.php +++ b/tests/Alchemy/Tests/Phrasea/Controller/RecordsRequestTest.php @@ -78,7 +78,7 @@ class RecordsRequestTest extends \PhraseanetAuthenticatedTestCase public function testSimpleWithoutSbasRights() { - self::$DI['app']['acl']->get(self::$DI['app']->getAuthenticatedUser()) + self::$DI['app']->getAclForUser(self::$DI['app']->getAuthenticatedUser()) ->update_rights_to_sbas(self::$DI['record_2']->get_sbas_id(), ['bas_chupub' => 0]); $request = new Request([ @@ -104,7 +104,7 @@ class RecordsRequestTest extends \PhraseanetAuthenticatedTestCase public function testSimpleWithoutBasRights() { - self::$DI['app']['acl']->get(self::$DI['app']->getAuthenticatedUser()) + self::$DI['app']->getAclForUser(self::$DI['app']->getAuthenticatedUser()) ->update_rights_to_base(self::$DI['record_2']->get_base_id(), ['chgstatus' => 0]); $request = new Request([ diff --git a/tests/Alchemy/Tests/Phrasea/Controller/Root/LoginTest.php b/tests/Alchemy/Tests/Phrasea/Controller/Root/LoginTest.php index f471142723..185ccc64ee 100644 --- a/tests/Alchemy/Tests/Phrasea/Controller/Root/LoginTest.php +++ b/tests/Alchemy/Tests/Phrasea/Controller/Root/LoginTest.php @@ -243,7 +243,7 @@ class LoginTest extends \PhraseanetAuthenticatedWebTestCase $revokeBases[] = $collection->get_base_id(); } } - self::$DI['app']['acl']->get($user)->revoke_access_from_bases($revokeBases); + self::$DI['app']->getAclForUser($user)->revoke_access_from_bases($revokeBases); $this->deleteRequest(); self::$DI['client']->request('GET', '/login/register-confirm/', ['code' => $token->getValue()]); @@ -1287,7 +1287,7 @@ class LoginTest extends \PhraseanetAuthenticatedWebTestCase */ public function testGuestAuthenticate() { - self::$DI['app']['acl']->get(self::$DI['user_guest'])->give_access_to_base([self::$DI['collection']->get_base_id()]); + self::$DI['app']->getAclForUser(self::$DI['user_guest'])->give_access_to_base([self::$DI['collection']->get_base_id()]); $this->logout(self::$DI['app']); @@ -1314,7 +1314,7 @@ class LoginTest extends \PhraseanetAuthenticatedWebTestCase $this->assertEquals($context, $event->getContext()->getContext()); }); - self::$DI['app']['acl']->get(self::$DI['user_guest'])->give_access_to_base([self::$DI['collection']->get_base_id()]); + self::$DI['app']->getAclForUser(self::$DI['user_guest'])->give_access_to_base([self::$DI['collection']->get_base_id()]); $this->logout(self::$DI['app']); @@ -1329,7 +1329,7 @@ class LoginTest extends \PhraseanetAuthenticatedWebTestCase */ public function testGuestAuthenticateWithGetMethod() { - self::$DI['app']['acl']->get(self::$DI['user_guest'])->give_access_to_base([self::$DI['collection']->get_base_id()]); + self::$DI['app']->getAclForUser(self::$DI['user_guest'])->give_access_to_base([self::$DI['collection']->get_base_id()]); $this->logout(self::$DI['app']); $this->set_user_agent(self::USER_AGENT_FIREFOX8MAC, self::$DI['app']); diff --git a/tests/Alchemy/Tests/Phrasea/Model/Manipulator/ACLManipulatorTest.php b/tests/Alchemy/Tests/Phrasea/Model/Manipulator/ACLManipulatorTest.php index 6d75451247..f5c97a564a 100644 --- a/tests/Alchemy/Tests/Phrasea/Model/Manipulator/ACLManipulatorTest.php +++ b/tests/Alchemy/Tests/Phrasea/Model/Manipulator/ACLManipulatorTest.php @@ -11,7 +11,7 @@ class ACLManipulatorTest extends \PhraseanetTestCase public function testResetAdminRights() { $user = self::$DI['app']['manipulator.user']->createUser(uniqid('toto'), 'toto', null, true); - $acl = self::$DI['app']['acl']->get($user); + $acl = self::$DI['app']->getAclForUser($user); $databoxId = null; $baseId = null; @@ -59,7 +59,7 @@ class ACLManipulatorTest extends \PhraseanetTestCase self::$DI['app']['manipulator.acl']->resetAdminRights($user); self::$DI['app']['acl']->purge(); - $acl = self::$DI['app']['acl']->get($user); + $acl = self::$DI['app']->getAclForUser($user); if ($baseId === null) { $this->fail("Need at least one collection"); diff --git a/tests/classes/ACLTest.php b/tests/classes/ACLTest.php index e87c853fd5..79bb6edbc9 100644 --- a/tests/classes/ACLTest.php +++ b/tests/classes/ACLTest.php @@ -14,7 +14,7 @@ class ACLTest extends \PhraseanetTestCase parent::setUp(); self::resetUsersRights(self::$DI['app'], self::$DI['user']); - $this->object = self::$DI['app']['acl']->get(self::$DI['user']); + $this->object = self::$DI['app']->getAclForUser(self::$DI['user']); } public function tearDown() @@ -60,42 +60,42 @@ class ACLTest extends \PhraseanetTestCase public function testApplyModel() { $base_ids = [self::$DI['collection']->get_base_id()]; - self::$DI['app']['acl']->get(self::$DI['user_template'])->give_access_to_base($base_ids); + self::$DI['app']->getAclForUser(self::$DI['user_template'])->give_access_to_base($base_ids); foreach ($base_ids as $base_id) { - self::$DI['app']['acl']->get(self::$DI['user_template'])->set_limits($base_id, 0); + self::$DI['app']->getAclForUser(self::$DI['user_template'])->set_limits($base_id, 0); } - self::$DI['app']['acl']->get(self::$DI['user_1'])->apply_model(self::$DI['user_template'], $base_ids); + self::$DI['app']->getAclForUser(self::$DI['user_1'])->apply_model(self::$DI['user_template'], $base_ids); foreach ($base_ids as $base_id) { - $this->assertTrue(self::$DI['app']['acl']->get(self::$DI['user_1'])->has_access_to_base($base_id)); + $this->assertTrue(self::$DI['app']->getAclForUser(self::$DI['user_1'])->has_access_to_base($base_id)); } foreach ($base_ids as $base_id) { - $this->assertNull(self::$DI['app']['acl']->get(self::$DI['user_1'])->get_limits($base_id)); + $this->assertNull(self::$DI['app']->getAclForUser(self::$DI['user_1'])->get_limits($base_id)); } } public function testApplyModelWithTimeLimit() { $base_ids = [self::$DI['collection']->get_base_id()]; - self::$DI['app']['acl']->get(self::$DI['user_template'])->give_access_to_base($base_ids); + self::$DI['app']->getAclForUser(self::$DI['user_template'])->give_access_to_base($base_ids); $limit_from = new \DateTime('-1 day'); $limit_to = new \DateTime('+1 day'); foreach ($base_ids as $base_id) { - self::$DI['app']['acl']->get(self::$DI['user_template'])->set_limits($base_id, 1, $limit_from, $limit_to); + self::$DI['app']->getAclForUser(self::$DI['user_template'])->set_limits($base_id, 1, $limit_from, $limit_to); } - self::$DI['app']['acl']->get(self::$DI['user_2'])->apply_model(self::$DI['user_template'], $base_ids); + self::$DI['app']->getAclForUser(self::$DI['user_2'])->apply_model(self::$DI['user_template'], $base_ids); foreach ($base_ids as $base_id) { - $this->assertTrue(self::$DI['app']['acl']->get(self::$DI['user_2'])->has_access_to_base($base_id)); + $this->assertTrue(self::$DI['app']->getAclForUser(self::$DI['user_2'])->has_access_to_base($base_id)); } foreach ($base_ids as $base_id) { - $this->assertEquals(['dmin' => $limit_from, 'dmax' => $limit_to], self::$DI['app']['acl']->get(self::$DI['user_2'])->get_limits($base_id)); + $this->assertEquals(['dmin' => $limit_from, 'dmax' => $limit_to], self::$DI['app']->getAclForUser(self::$DI['user_2'])->get_limits($base_id)); } } diff --git a/tests/classes/PhraseanetAuthenticatedWebTestCase.php b/tests/classes/PhraseanetAuthenticatedWebTestCase.php index 61fe1abd98..eb75291aaf 100644 --- a/tests/classes/PhraseanetAuthenticatedWebTestCase.php +++ b/tests/classes/PhraseanetAuthenticatedWebTestCase.php @@ -119,7 +119,7 @@ abstract class PhraseanetAuthenticatedWebTestCase extends \PhraseanetAuthenticat , 'bas_chupub' => '1' ]; - $app['acl']->get($app->getAuthenticatedUser())->update_rights_to_sbas($databox->get_sbas_id(), $rights); + $app->getAclForUser($app->getAuthenticatedUser())->update_rights_to_sbas($databox->get_sbas_id(), $rights); $databox->registerAdmin($app->getAuthenticatedUser()); diff --git a/tests/classes/PhraseanetTestCase.php b/tests/classes/PhraseanetTestCase.php index 16b856f0c5..55ce6f59a8 100644 --- a/tests/classes/PhraseanetTestCase.php +++ b/tests/classes/PhraseanetTestCase.php @@ -457,9 +457,9 @@ abstract class PhraseanetTestCase extends WebTestCase switch ($user->getId()) { case self::$fixtureIds['user']['test_phpunit']: self::giveRightsToUser($app, $user); - $app['acl']->get($user)->set_admin(true); - $app['acl']->get($user)->revoke_access_from_bases([self::$DI['collection_no_access']->get_base_id()]); - $app['acl']->get($user)->set_masks_on_base(self::$DI['collection_no_access_by_status']->get_base_id(), '00000000000000000000000000010000', '00000000000000000000000000010000', '00000000000000000000000000010000', '00000000000000000000000000010000'); + $app->getAclForUser($user)->set_admin(true); + $app->getAclForUser($user)->revoke_access_from_bases([self::$DI['collection_no_access']->get_base_id()]); + $app->getAclForUser($user)->set_masks_on_base(self::$DI['collection_no_access_by_status']->get_base_id(), '00000000000000000000000000010000', '00000000000000000000000000010000', '00000000000000000000000000010000', '00000000000000000000000000010000'); break; case self::$fixtureIds['user']['user_1']: case self::$fixtureIds['user']['user_2']: @@ -469,9 +469,9 @@ abstract class PhraseanetTestCase extends WebTestCase case self::$fixtureIds['user']['test_phpunit_alt2']: case self::$fixtureIds['user']['user_template']: self::giveRightsToUser($app, $user); - $app['acl']->get($user)->set_admin(false); - $app['acl']->get($user)->revoke_access_from_bases([self::$DI['collection_no_access']->get_base_id()]); - $app['acl']->get($user)->set_masks_on_base(self::$DI['collection_no_access_by_status']->get_base_id(), '00000000000000000000000000010000', '00000000000000000000000000010000', '00000000000000000000000000010000', '00000000000000000000000000010000'); + $app->getAclForUser($user)->set_admin(false); + $app->getAclForUser($user)->revoke_access_from_bases([self::$DI['collection_no_access']->get_base_id()]); + $app->getAclForUser($user)->set_masks_on_base(self::$DI['collection_no_access_by_status']->get_base_id(), '00000000000000000000000000010000', '00000000000000000000000000010000', '00000000000000000000000000010000', '00000000000000000000000000010000'); break; default: throw new \InvalidArgumentException(sprintf('User %s not found', $user->getLogin())); @@ -485,12 +485,12 @@ abstract class PhraseanetTestCase extends WebTestCase */ public static function giveRightsToUser(Application $app, User $user, $base_ids = null, $force = false) { - $app['acl']->get($user)->delete_data_from_cache(\ACL::CACHE_GLOBAL_RIGHTS); - $app['acl']->get($user)->delete_data_from_cache(databox::CACHE_COLLECTIONS); - $app['acl']->get($user)->give_access_to_sbas(array_keys($app->getDataboxes())); + $app->getAclForUser($user)->delete_data_from_cache(\ACL::CACHE_GLOBAL_RIGHTS); + $app->getAclForUser($user)->delete_data_from_cache(databox::CACHE_COLLECTIONS); + $app->getAclForUser($user)->give_access_to_sbas(array_keys($app->getDataboxes())); foreach ($app->getDataboxes() as $databox) { - $app['acl']->get($user)->delete_data_from_cache(\ACL::CACHE_RIGHTS_SBAS); + $app->getAclForUser($user)->delete_data_from_cache(\ACL::CACHE_RIGHTS_SBAS); $rights = [ 'bas_manage' => '1' @@ -499,7 +499,7 @@ abstract class PhraseanetTestCase extends WebTestCase , 'bas_chupub' => '1' ]; - $app['acl']->get($user)->update_rights_to_sbas($databox->get_sbas_id(), $rights); + $app->getAclForUser($user)->update_rights_to_sbas($databox->get_sbas_id(), $rights); foreach ($databox->get_collections() as $collection) { if (null !== $base_ids && !in_array($collection->get_base_id(), (array) $base_ids, true)) { @@ -509,13 +509,13 @@ abstract class PhraseanetTestCase extends WebTestCase $base_id = $collection->get_base_id(); - if ($app['acl']->get($user)->has_access_to_base($base_id) && false === $force) { + if ($app->getAclForUser($user)->has_access_to_base($base_id) && false === $force) { continue; } - $app['acl']->get($user)->delete_data_from_cache(\ACL::CACHE_RIGHTS_BAS); - $app['acl']->get($user)->give_access_to_base([$base_id]); - $app['acl']->get($user)->update_rights_to_base($base_id, ['order_master' => true]); + $app->getAclForUser($user)->delete_data_from_cache(\ACL::CACHE_RIGHTS_BAS); + $app->getAclForUser($user)->give_access_to_base([$base_id]); + $app->getAclForUser($user)->update_rights_to_base($base_id, ['order_master' => true]); $rights = [ 'canputinalbum' => '1' @@ -538,7 +538,7 @@ abstract class PhraseanetTestCase extends WebTestCase , 'bas_modify_struct' => '1' ]; - $app['acl']->get($user)->update_rights_to_base($collection->get_base_id(), $rights); + $app->getAclForUser($user)->update_rights_to_base($collection->get_base_id(), $rights); } } } diff --git a/tests/classes/Session/LoggerTest.php b/tests/classes/Session/LoggerTest.php index 838dcd8489..d17e2d0c66 100644 --- a/tests/classes/Session/LoggerTest.php +++ b/tests/classes/Session/LoggerTest.php @@ -25,7 +25,7 @@ class Session_LoggerTest extends \PhraseanetAuthenticatedTestCase $this->authenticate(self::$DI['app']); $logger_creater = self::$DI['app']['phraseanet.logger']; - foreach (self::$DI['app']['acl']->get($user)->get_granted_sbas() as $databox) { + foreach (self::$DI['app']->getAclForUser($user)->get_granted_sbas() as $databox) { $this->object = $logger_creater($databox); $this->databox = $databox; break;