From 16590ec4318257d3917e70b961ec9a370a02d468 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dawid=20Parafi=C5=84ski?= Date: Thu, 10 Nov 2022 12:22:40 +0100 Subject: [PATCH] Merge pull request from GHSA-pcpm-vc4v-cmvx --- composer.json | 3 +- src/bundle/Resources/config/services.yml | 1 + .../config/services/role_form_mappers.yml | 19 +++ .../translations/ezrepoforms_role.en.xliff | 5 + .../Mapper/MemberOfLimitationMapper.php | 112 ++++++++++++++++++ .../Mapper/RoleLimitationMapper.php | 47 ++++++++ 6 files changed, 186 insertions(+), 1 deletion(-) create mode 100644 src/bundle/Resources/config/services/role_form_mappers.yml create mode 100644 src/lib/Limitation/Mapper/MemberOfLimitationMapper.php create mode 100644 src/lib/Limitation/Mapper/RoleLimitationMapper.php diff --git a/composer.json b/composer.json index 37cf744afa..79501748f9 100644 --- a/composer.json +++ b/composer.json @@ -6,7 +6,8 @@ "autoload": { "psr-4": { "EzSystems\\EzPlatformAdminUiBundle\\": "src/bundle/", - "EzSystems\\EzPlatformAdminUi\\": "src/lib/" + "EzSystems\\EzPlatformAdminUi\\": "src/lib/", + "Ibexa\\AdminUi\\": "src/lib/" } }, "autoload-dev": { diff --git a/src/bundle/Resources/config/services.yml b/src/bundle/Resources/config/services.yml index 14d962751b..268e564540 100644 --- a/src/bundle/Resources/config/services.yml +++ b/src/bundle/Resources/config/services.yml @@ -23,6 +23,7 @@ imports: - { resource: services/forms.yml } - { resource: services/query_types.yaml } - { resource: services/search.yml } + - { resource: services/role_form_mappers.yml } services: _defaults: diff --git a/src/bundle/Resources/config/services/role_form_mappers.yml b/src/bundle/Resources/config/services/role_form_mappers.yml new file mode 100644 index 0000000000..37feaa66b9 --- /dev/null +++ b/src/bundle/Resources/config/services/role_form_mappers.yml @@ -0,0 +1,19 @@ +services: + Ibexa\AdminUi\Limitation\Mapper\MemberOfLimitationMapper: + parent: ezrepoforms.limitation.form_mapper.multiple_selection + arguments: + $userService: '@ezpublish.api.service.user' + $repository: '@ezpublish.api.repository' + $searchService: '@ezpublish.api.service.search' + $translator: '@translator' + tags: + - { name: ez.limitation.formMapper, limitationType: MemberOf } + - { name: ez.limitation.valueMapper, limitationType: MemberOf } + + Ibexa\AdminUi\Limitation\Mapper\RoleLimitationMapper: + parent: ezrepoforms.limitation.form_mapper.multiple_selection + arguments: + $roleService: '@ezpublish.api.service.role' + tags: + - { name: ez.limitation.formMapper, limitationType: Role } + - { name: ez.limitation.valueMapper, limitationType: Role } diff --git a/src/bundle/Resources/translations/ezrepoforms_role.en.xliff b/src/bundle/Resources/translations/ezrepoforms_role.en.xliff index eefcc74b20..3886b7dd37 100644 --- a/src/bundle/Resources/translations/ezrepoforms_role.en.xliff +++ b/src/bundle/Resources/translations/ezrepoforms_role.en.xliff @@ -6,6 +6,11 @@ The source node in most cases contains the sample message as written by the developer. If it looks like a dot-delimitted string such as "form.label.firstname", then the developer has not provided a default message. + + Self + Self + key: policy.limitation.member_of.self_user_group + Update Update diff --git a/src/lib/Limitation/Mapper/MemberOfLimitationMapper.php b/src/lib/Limitation/Mapper/MemberOfLimitationMapper.php new file mode 100644 index 0000000000..f20bcad1fc --- /dev/null +++ b/src/lib/Limitation/Mapper/MemberOfLimitationMapper.php @@ -0,0 +1,112 @@ +userService = $userService; + $this->repository = $repository; + $this->searchService = $searchService; + $this->translator = $translator; + } + + protected function getSelectionChoices(): array + { + $userGroups = $this->loadUserGroups(); + $choices = []; + $choices[MemberOfLimitationType::SELF_USER_GROUP] = $this->getSelfUserGroupLabel(); + + foreach ($userGroups as $userGroup) { + $choices[$userGroup->id] = $userGroup->getName(); + } + + return $choices; + } + + public function mapLimitationValue(Limitation $limitation): array + { + $values = []; + foreach ($limitation->limitationValues as $groupId) { + if ($groupId === MemberOfLimitationType::SELF_USER_GROUP) { + $values[] = $this->getSelfUserGroupLabel(); + continue; + } + $values[] = $this->userService->loadUserGroup($groupId)->getName(); + } + + return $values; + } + + /** + * @return \eZ\Publish\API\Repository\Values\User\UserGroup[] + */ + private function loadUserGroups(): array + { + return $this->repository->sudo(function () { + $query = new Query(); + $query->filter = new ContentTypeIdentifier('user_group'); + $query->offset = 0; + $query->limit = 100; + $query->performCount = true; + $query->sortClauses[] = new ContentName(); + + $groups = []; + do { + $results = $this->searchService->findContent($query); + foreach ($results->searchHits as $hit) { + $groups[] = $this->userService->loadUserGroup($hit->valueObject->id); + } + + $query->offset += $query->limit; + } while ($query->offset < $results->totalCount); + + return $groups; + }); + } + + private function getSelfUserGroupLabel(): string + { + return $this->translator->trans( + /** @Desc("Self") */ + 'policy.limitation.member_of.self_user_group', + [], + 'ezrepoforms_role' + ); + } +} diff --git a/src/lib/Limitation/Mapper/RoleLimitationMapper.php b/src/lib/Limitation/Mapper/RoleLimitationMapper.php new file mode 100644 index 0000000000..9986221c09 --- /dev/null +++ b/src/lib/Limitation/Mapper/RoleLimitationMapper.php @@ -0,0 +1,47 @@ +roleService = $roleService; + } + + protected function getSelectionChoices(): array + { + $choices = []; + foreach ($this->roleService->loadRoles() as $role) { + $choices[$role->id] = $role->identifier; + } + + return $choices; + } + + public function mapLimitationValue(Limitation $limitation): array + { + $values = []; + + foreach ($limitation->limitationValues as $roleId) { + $values[] = $this->roleService->loadRole((int)$roleId)->identifier; + } + + return $values; + } +}