Magento Extensions Rating 2024
Magento 2 Documentation  2.3
Documentation for Magento 2 CMS v2.3 (December 2018)
AuthorizationService.php
Go to the documentation of this file.
1 <?php
7 namespace Magento\Integration\Model;
8 
9 use Magento\Authorization\Model\ResourceModel\Role\CollectionFactory as RoleCollectionFactory;
10 use Magento\Authorization\Model\ResourceModel\Rules\CollectionFactory as RulesCollectionFactory;
11 use Magento\Authorization\Model\Role;
12 use Magento\Authorization\Model\RoleFactory;
13 use Magento\Authorization\Model\RulesFactory;
14 use Magento\Authorization\Model\UserContextInterface;
15 use Magento\Framework\Acl;
16 use Magento\Framework\Acl\Builder as AclBuilder;
17 use Magento\Framework\Acl\RootResource as RootAclResource;
18 use Magento\Framework\Exception\LocalizedException;
19 use Psr\Log\LoggerInterface as Logger;
20 
27 class AuthorizationService implements \Magento\Integration\Api\AuthorizationServiceInterface
28 {
32  protected $_aclBuilder;
33 
37  protected $_roleFactory;
38 
42  protected $_roleCollectionFactory;
43 
47  protected $_rulesFactory;
48 
52  protected $_rulesCollectionFactory;
53 
57  protected $_logger;
58 
62  protected $_rootAclResource;
63 
75  public function __construct(
76  AclBuilder $aclBuilder,
77  RoleFactory $roleFactory,
78  RoleCollectionFactory $roleCollectionFactory,
79  RulesFactory $rulesFactory,
80  RulesCollectionFactory $rulesCollectionFactory,
81  Logger $logger,
82  RootAclResource $rootAclResource
83  ) {
84  $this->_aclBuilder = $aclBuilder;
85  $this->_roleFactory = $roleFactory;
86  $this->_rulesFactory = $rulesFactory;
87  $this->_rulesCollectionFactory = $rulesCollectionFactory;
88  $this->_roleCollectionFactory = $roleCollectionFactory;
89  $this->_logger = $logger;
90  $this->_rootAclResource = $rootAclResource;
91  }
92 
96  public function grantPermissions($integrationId, $resources)
97  {
98  try {
99  $role = $this->_getUserRole($integrationId);
100  if (!$role) {
101  $role = $this->_createRole($integrationId);
102  }
103  $this->_associateResourcesWithRole($role, $resources);
104  } catch (\Exception $e) {
105  $this->_logger->critical($e);
106  throw new LocalizedException(
107  __('An error occurred during the attempt to grant permissions. For details, see the exceptions log.')
108  );
109  }
110  }
111 
115  public function grantAllPermissions($integrationId)
116  {
117  $this->grantPermissions($integrationId, [$this->_rootAclResource->getId()]);
118  }
119 
123  public function removePermissions($integrationId)
124  {
125  try {
126  $this->_deleteRole($integrationId);
127  } catch (\Exception $e) {
128  $this->_logger->critical($e);
129  throw new LocalizedException(
130  __(
131  'Something went wrong while deleting roles and permissions.'
132  . ' You can find out more in the exceptions log.'
133  )
134  );
135  }
136  }
137 
144  protected function _createRole($integrationId)
145  {
146  $roleName = UserContextInterface::USER_TYPE_INTEGRATION . $integrationId;
147  $role = $this->_roleFactory->create();
148  $role->setRoleName($roleName)
149  ->setUserType(UserContextInterface::USER_TYPE_INTEGRATION)
150  ->setUserId($integrationId)
151  ->setRoleType(\Magento\Authorization\Model\Acl\Role\User::ROLE_TYPE)
152  ->setParentId(0)
153  ->save();
154  return $role;
155  }
156 
163  protected function _deleteRole($integrationId)
164  {
165  $roleName = UserContextInterface::USER_TYPE_INTEGRATION . $integrationId;
166  $role = $this->_roleFactory->create()->load($roleName, 'role_name');
167  return $role->delete();
168  }
169 
176  protected function _getUserRole($integrationId)
177  {
178  $roleCollection = $this->_roleCollectionFactory->create();
180  $role = $roleCollection
181  ->setUserFilter($integrationId, UserContextInterface::USER_TYPE_INTEGRATION)
182  ->getFirstItem();
183  return $role->getId() ? $role : false;
184  }
185 
194  protected function _associateResourcesWithRole($role, $resources)
195  {
197  $rules = $this->_rulesFactory->create();
198  $rules->setRoleId($role->getId())->setResources($resources)->saveRel();
199  }
200 }
__
__()
Definition: __.php:13
$logger
$logger
Definition: health_check.php:20
$rules
$rules
Definition: classmap_generator.php:59
Magento\Integration\Model\AuthorizationService\__construct
__construct(AclBuilder $aclBuilder, RoleFactory $roleFactory, RoleCollectionFactory $roleCollectionFactory, RulesFactory $rulesFactory, RulesCollectionFactory $rulesCollectionFactory, Logger $logger, RootAclResource $rootAclResource)
Definition: AuthorizationService.php:75