Magento Extensions Rating 2024
Magento 2 Documentation  2.3
Documentation for Magento 2 CMS v2.3 (December 2018)
Public Member Functions | Protected Member Functions | Protected Attributes
AuthorizationService Class Reference
Inheritance diagram for AuthorizationService:
AuthorizationServiceInterface

Public Member Functions

 __construct (AclBuilder $aclBuilder, RoleFactory $roleFactory, RoleCollectionFactory $roleCollectionFactory, RulesFactory $rulesFactory, RulesCollectionFactory $rulesCollectionFactory, Logger $logger, RootAclResource $rootAclResource)
 
 grantPermissions ($integrationId, $resources)
 
 grantAllPermissions ($integrationId)
 
 removePermissions ($integrationId)
 

Protected Member Functions

 _createRole ($integrationId)
 
 _deleteRole ($integrationId)
 

Protected Attributes

 $_aclBuilder
 
 $_roleFactory
 
 $_roleCollectionFactory
 
 $_rulesFactory
 
 $_rulesCollectionFactory
 
 $_logger
 
 $_rootAclResource
 

Additional Inherited Members

- Data Fields inherited from AuthorizationServiceInterface
const PERMISSION_ANONYMOUS = 'anonymous'
 
const PERMISSION_SELF = 'self'
 

Detailed Description

Service for integration permissions management.

@SuppressWarnings(PHPMD.LongVariable) @SuppressWarnings(PHPMD.CouplingBetweenObjects)

Definition at line 27 of file AuthorizationService.php.

Constructor & Destructor Documentation

◆ __construct()

__construct ( AclBuilder  $aclBuilder,
RoleFactory  $roleFactory,
RoleCollectionFactory  $roleCollectionFactory,
RulesFactory  $rulesFactory,
RulesCollectionFactory  $rulesCollectionFactory,
Logger  $logger,
RootAclResource  $rootAclResource 
)

Initialize dependencies.

Parameters
AclBuilder$aclBuilder
RoleFactory$roleFactory
RoleCollectionFactory$roleCollectionFactory
RulesFactory$rulesFactory
RulesCollectionFactory$rulesCollectionFactory
Logger$logger
RootAclResource$rootAclResource

Definition at line 75 of file AuthorizationService.php.

83  {
84  $this->_aclBuilder = $aclBuilder;
85  $this->_roleFactory = $roleFactory;
86  $this->_rulesFactory = $rulesFactory;
87  $this->_rulesCollectionFactory = $rulesCollectionFactory;
88  $this->_roleCollectionFactory = $roleCollectionFactory;
89  $this->_logger = $logger;
90  $this->_rootAclResource = $rootAclResource;
91  }
$logger
$logger
Definition: health_check.php:20

Member Function Documentation

◆ _createRole()

_createRole (   $integrationId)
protected

Create new ACL role.

Parameters
int$integrationId
Returns
\Magento\Authorization\Model\Role

Definition at line 144 of file AuthorizationService.php.

145  {
146  $roleName = UserContextInterface::USER_TYPE_INTEGRATION . $integrationId;
147  $role = $this->_roleFactory->create();
148  $role->setRoleName($roleName)
149  ->setUserType(UserContextInterface::USER_TYPE_INTEGRATION)
150  ->setUserId($integrationId)
151  ->setRoleType(\Magento\Authorization\Model\Acl\Role\User::ROLE_TYPE)
152  ->setParentId(0)
153  ->save();
154  return $role;
155  }

◆ _deleteRole()

_deleteRole (   $integrationId)
protected

Remove integration role. This deletes the cascading permissions

Parameters
int$integrationId
Returns
\Magento\Authorization\Model\Role

Definition at line 163 of file AuthorizationService.php.

164  {
165  $roleName = UserContextInterface::USER_TYPE_INTEGRATION . $integrationId;
166  $role = $this->_roleFactory->create()->load($roleName, 'role_name');
167  return $role->delete();
168  }

◆ grantAllPermissions()

grantAllPermissions (   $integrationId)

{Grant permissions to the user to access all resources available in the system.

Parameters
int$integrationId
Returns
void
Exceptions
LocalizedException
}

Implements AuthorizationServiceInterface.

Definition at line 115 of file AuthorizationService.php.

116  {
117  $this->grantPermissions($integrationId, [$this->_rootAclResource->getId()]);
118  }

◆ grantPermissions()

grantPermissions (   $integrationId,
  $resources 
)

{#- Grant permissions to user to access the specified resources.

Parameters
int$integrationId
string[]$resources List of resources which should be available to the specified user.
Returns
void
Exceptions
LocalizedException
}

Implements AuthorizationServiceInterface.

Definition at line 96 of file AuthorizationService.php.

97  {
98  try {
99  $role = $this->_getUserRole($integrationId);
100  if (!$role) {
101  $role = $this->_createRole($integrationId);
102  }
103  $this->_associateResourcesWithRole($role, $resources);
104  } catch (\Exception $e) {
105  $this->_logger->critical($e);
106  throw new LocalizedException(
107  __('An error occurred during the attempt to grant permissions. For details, see the exceptions log.')
108  );
109  }
110  }
__
__()
Definition: __.php:13

◆ removePermissions()

removePermissions (   $integrationId)

{Remove role and associated permissions for the specified integration.

Parameters
int$integrationId
Returns
void
Exceptions
LocalizedException
}

Implements AuthorizationServiceInterface.

Definition at line 123 of file AuthorizationService.php.

124  {
125  try {
126  $this->_deleteRole($integrationId);
127  } catch (\Exception $e) {
128  $this->_logger->critical($e);
129  throw new LocalizedException(
130  __(
131  'Something went wrong while deleting roles and permissions.'
132  . ' You can find out more in the exceptions log.'
133  )
134  );
135  }
136  }
__
__()
Definition: __.php:13

Field Documentation

◆ $_aclBuilder

$_aclBuilder
protected

Definition at line 32 of file AuthorizationService.php.

◆ $_logger

$_logger
protected

Definition at line 57 of file AuthorizationService.php.

◆ $_roleCollectionFactory

$_roleCollectionFactory
protected

Definition at line 42 of file AuthorizationService.php.

◆ $_roleFactory

$_roleFactory
protected

Definition at line 37 of file AuthorizationService.php.

◆ $_rootAclResource

$_rootAclResource
protected

Definition at line 62 of file AuthorizationService.php.

◆ $_rulesCollectionFactory

$_rulesCollectionFactory
protected

Definition at line 52 of file AuthorizationService.php.

◆ $_rulesFactory

$_rulesFactory
protected

Definition at line 47 of file AuthorizationService.php.

The documentation for this class was generated from the following file: