vendor/ibexa/permissions/src/lib/EventSubscriber/FieldPermissionCheckSubscriber.php line 60

Open in your IDE?
  1. <?php
  3. /**
  4.  * @copyright Copyright (C) Ibexa AS. All rights reserved.
  5.  * @license For full copyright and license information view LICENSE file distributed with this source code.
  6.  */
  7. declare(strict_types=1);
  9. namespace Ibexa\Permissions\EventSubscriber;
  11. use Ibexa\ContentForms\Event\ContentCreateFieldOptionsEvent;
  12. use Ibexa\ContentForms\Event\ContentFormEvents;
  13. use Ibexa\ContentForms\Event\ContentUpdateFieldOptionsEvent;
  14. use Ibexa\ContentForms\Event\UserCreateFieldOptionsEvent;
  15. use Ibexa\ContentForms\Event\UserUpdateFieldOptionsEvent;
  16. use Ibexa\Contracts\Core\FieldType\Value;
  17. use Ibexa\Contracts\Core\Limitation\Target;
  18. use Ibexa\Contracts\Core\Repository\ContentService;
  19. use Ibexa\Contracts\Core\Repository\LocationService;
  20. use Ibexa\Contracts\Core\Repository\PermissionResolver;
  21. use Ibexa\Contracts\Core\Repository\Values\Content\Field;
  22. use Ibexa\Core\FieldType\User;
  23. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  25. class FieldPermissionCheckSubscriber implements EventSubscriberInterface
  26. {
  27.     /** @var \Ibexa\Contracts\Core\Repository\ContentService */
  28.     private $contentService;
  30.     /** @var \Ibexa\Contracts\Core\Repository\LocationService */
  31.     private $locationService;
  33.     /** @var \Ibexa\Contracts\Core\Repository\PermissionResolver */
  34.     private $permissionResolver;
  36.     private User\Type $userType;
  38.     public function __construct(
  39.         ContentService $contentService,
  40.         LocationService $locationService,
  41.         PermissionResolver $permissionResolver,
  42.         User\Type $userType
  43.     ) {
  44.         $this->contentService $contentService;
  45.         $this->locationService $locationService;
  46.         $this->permissionResolver $permissionResolver;
  47.         $this->userType $userType;
  48.     }
  50.     public static function getSubscribedEvents(): array
  51.     {
  52.         return [
  53.             ContentFormEvents::CONTENT_EDIT_FIELD_OPTIONS => 'onContentEditFieldOptions',
  54.             ContentFormEvents::CONTENT_CREATE_FIELD_OPTIONS => 'onContentCreateFieldOptions',
  55.             ContentFormEvents::USER_EDIT_FIELD_OPTIONS => 'onUserEditFieldOptions',
  56.             ContentFormEvents::USER_CREATE_FIELD_OPTIONS => 'onUserCreateFieldOptions',
  57.         ];
  58.     }
  60.     public function onContentCreateFieldOptions(ContentCreateFieldOptionsEvent $event)
  61.     {
  62.         $contentCreateStruct = clone $event->getContentCreateStruct();
  63.         $contentField $event->getFieldData()->field;
  65.         $contentCreateStruct->fields = [
  66.             new Field([
  67.                 'id' => $contentField->id,
  68.                 'fieldDefIdentifier' => $contentField->fieldDefIdentifier,
  69.                 'fieldTypeIdentifier' => $contentField->fieldTypeIdentifier,
  70.                 'languageCode' => $contentField->languageCode,
  71.                 'value' => new class() implements Value {
  72.                     public function __get(string $property)
  73.                     {
  74.                         return uniqid($property);
  75.                     }
  77.                     public function __toString(): string
  78.                     {
  79.                         return 'non-empty-value';
  80.                     }
  81.                 },
  82.             ]),
  83.         ];
  85.         $locationCreateStructs $contentCreateStruct->getLocationStructs();
  87.         if (empty($contentCreateStruct->sectionId)) {
  88.             if (isset($locationCreateStructs[0])) {
  89.                 $location $this->locationService->loadLocation(
  90.                     $locationCreateStructs[0]->parentLocationId
  91.                 );
  92.                 $contentCreateStruct->sectionId $location->contentInfo->sectionId;
  93.             } else {
  94.                 $contentCreateStruct->sectionId 1;
  95.             }
  96.         }
  98.         if (!$this->permissionResolver->canUser('content''create'$contentCreateStruct$locationCreateStructs)) {
  99.             $event->setOption('disabled'true);
  100.         }
  101.     }
  103.     public function onContentEditFieldOptions(ContentUpdateFieldOptionsEvent $event): void
  104.     {
  105.         $updatedFields = [
  106.             $event->getFieldData()->field,
  107.         ];
  109.         $content $event->getContent();
  110.         $contentUpdateStruct = clone $event->getContentUpdateStruct();
  111.         $contentUpdateStruct->fields $updatedFields;
  113.         if (!$this->permissionResolver->canUser(
  114.             'content',
  115.             'edit',
  116.             $content,
  117.             [
  118.                 (new Target\Builder\VersionBuilder())
  119.                     ->updateFields($updatedFields)
  120.                     ->updateFieldsTo(
  121.                         $contentUpdateStruct->initialLanguageCode,
  122.                         $contentUpdateStruct->fields
  123.                     )
  124.                     ->build(),
  125.             ]
  126.         )) {
  127.             $event->setOption('disabled'true);
  128.         }
  129.     }
  131.     /**
  132.      * @throws \Ibexa\Contracts\Core\Repository\Exceptions\InvalidArgumentException
  133.      * @throws \Ibexa\Contracts\Core\Repository\Exceptions\BadStateException
  134.      */
  135.     public function onUserCreateFieldOptions(UserCreateFieldOptionsEvent $event): void
  136.     {
  137.         $userCreateStruct = clone $event->getUserCreateStruct();
  138.         $contentField $event->getFieldData()->field;
  140.         $userCreateStruct->fields = [
  141.             new Field([
  142.                 'id' => $contentField->id,
  143.                 'fieldDefIdentifier' => $contentField->fieldDefIdentifier,
  144.                 'fieldTypeIdentifier' => $contentField->fieldTypeIdentifier,
  145.                 'languageCode' => $contentField->languageCode,
  146.                 'value' => $this->userType->getEmptyValue(),
  147.             ]),
  148.         ];
  150.         if (!$this->permissionResolver->canUser('content''create'$userCreateStruct)) {
  151.             $event->setOption('disabled'true);
  152.         }
  153.     }
  155.     /**
  156.      * @throws \Ibexa\Contracts\Core\Repository\Exceptions\InvalidArgumentException
  157.      * @throws \Ibexa\Contracts\Core\Repository\Exceptions\BadStateException
  158.      */
  159.     public function onUserEditFieldOptions(UserUpdateFieldOptionsEvent $event): void
  160.     {
  161.         $updatedFields = [
  162.             $event->getFieldData()->field,
  163.         ];
  165.         if (!$this->userCanEditContentField($event$updatedFields)) {
  166.             $event->setOption('disabled'true);
  167.         }
  168.     }
  170.     /**
  171.      * @param array<\Ibexa\Contracts\Core\Repository\Values\Content\Field> $fields
  172.      *
  173.      * @throws \Ibexa\Contracts\Core\Repository\Exceptions\InvalidArgumentException
  174.      * @throws \Ibexa\Contracts\Core\Repository\Exceptions\BadStateException
  175.      */
  176.     private function userCanEditContentField(UserUpdateFieldOptionsEvent $event, array $fields): bool
  177.     {
  178.         return $this->permissionResolver->canUser(
  179.             'content',
  180.             'edit',
  181.             $event->getContent(),
  182.             [
  183.                 (new Target\Builder\VersionBuilder())
  184.                     ->updateFields($fields)
  185.                     ->updateFieldsTo(
  186.                         $event->getOption('languageCode'),
  187.                         $fields,
  188.                     )
  189.                     ->build(),
  190.             ]
  191.         );
  192.     }
  193. }
  195. class_alias(FieldPermissionCheckSubscriber::class, 'Ibexa\Platform\Permissions\EventSubscriber\FieldPermissionCheckSubscriber');