Path

projects / org / ezecosystem / ezplatform-page-fieldtype / git / 8a67961b7aa305c102bfd3991d1...

Revision 8a67961b7aa305c102bfd3991d1b0205dcfd38cb

Committed on 28/10/2015 1:14 pm by Jérôme Vieilledent <lolautruche@gmail.com> [GitHub Diff]

Fix EZP-24862: Expose available repository policies

> https://jira.ez.no/browse/EZP-24862

This patch makes it possible for any bundle to expose available policies checkable
against repository with a user. It introduces the concept of `PolicyProvider` which can be
added to EzPublishCoreBundle's DIC extension.

A `PolicyProvider` is an object providing a hash containing declared modules, functions and limitations.
* Each policy provider provides a collection of permission *modules*.
* Each module can provide *functions* (e.g. "content/read": "content" is the module, "read" is the function)
* Each function can provide a collection of limitations.

Limitations need to be implemented as *limitation types* and declared as services (already in place).

```php
namespace Acme\FooBundle\AcmeFooBundle\Security;

use eZ\Bundle\EzPublishCoreBundle\DependencyInjection\Configuration\ConfigBuilderInterface;
use eZ\Bundle\EzPublishCoreBundle\DependencyInjection\Security\PolicyProvider\PolicyProviderInterface;

class MyPolicyProvider implements PolicyProviderInterface
{
public function addPolicies(ConfigBuilderInterface $configBuilder)
{
$configBuilder->addConfig([
"custom_module" => [
"custom_function_1" => null,
"custom_function_2" => ["CustomLimitation"]
],
]);
}
}
```

An abstract class based on YAML is provided: `eZ\Bundle\EzPublishCoreBundle\DependencyInjection\Security\PolicyProvider\YamlPolicyProvider`.
It defines an abstract `getFiles()` method. Implement it to return absolute paths to your YAML files.

A bundle just has to to retrieve CoreBundle's DIC extension and call `addPolicyProvider()`.
This must be done in bundle's `build()` method.

```php
namespace Acme\FooBundle\AcmeFooBundle;

use Symfony\Component\HttpKernel\Bundle\Bundle;

class AcmeFooBundle extends Bundle
{
public function build(ContainerBuilder $container)
{
parent::build($container);

$eZExtension = $container->getExtension('ezpublish');
$eZExtension->addPolicyProvider(new MyPolicyProvider());
}
}
```

Policies used internally in repository services have been added and configured
like they were in legacy.

Useful Git links