public getNodeTypeNamesDeniedForCreation ( Neos\ContentRepository\Domain\Model\NodeInterface $referenceNode ) : string[] | ||
$referenceNode | Neos\ContentRepository\Domain\Model\NodeInterface | |
return | string[] | Array of granted node type names |
public function getNodeTypeNamesDeniedForCreation(NodeInterface $referenceNode)
{
$privilegeSubject = new CreateNodePrivilegeSubject($referenceNode);
$allNodeTypes = $this->nodeTypeManager->getNodeTypes();
$deniedCreationNodeTypes = array();
$grantedCreationNodeTypes = array();
$abstainedCreationNodeTypes = array();
foreach ($this->securityContext->getRoles() as $role) {
/** @var CreateNodePrivilege $createNodePrivilege */
foreach ($role->getPrivilegesByType(CreateNodePrivilege::class) as $createNodePrivilege) {
if (!$createNodePrivilege->matchesSubject($privilegeSubject)) {
continue;
}
$affectedNodeTypes = $createNodePrivilege->getCreationNodeTypes() !== array() ? $createNodePrivilege->getCreationNodeTypes() : $allNodeTypes;
if ($createNodePrivilege->isGranted()) {
$grantedCreationNodeTypes = array_merge($grantedCreationNodeTypes, $affectedNodeTypes);
} elseif ($createNodePrivilege->isDenied()) {
$deniedCreationNodeTypes = array_merge($deniedCreationNodeTypes, $affectedNodeTypes);
} else {
$abstainedCreationNodeTypes = array_merge($abstainedCreationNodeTypes, $affectedNodeTypes);
}
}
}
$implicitlyDeniedNodeTypes = array_diff($abstainedCreationNodeTypes, $grantedCreationNodeTypes);
return array_merge($implicitlyDeniedNodeTypes, $deniedCreationNodeTypes);
}
/** * @Then /^I should get the list of all available node types as denied node types for this node from the node authorization service$/ */ public function iShouldGetTheListOfAllAvailableNodeTypesAsDeniedNodeTypesForThisNodeFromTheNodeAuthorizationService() { if ($this->isolated === true) { $this->callStepInSubProcess(__METHOD__); } else { $availableNodeTypes = $this->nodeTypeManager->getNodeTypes(); $deniedNodeTypeNames = $this->nodeAuthorizationService->getNodeTypeNamesDeniedForCreation($this->currentNodes[0]); if (count($availableNodeTypes) !== count($deniedNodeTypeNames)) { Assert::fail('The node authorization service did not return the expected amount of node type names! Got: ' . implode(', ', $deniedNodeTypeNames)); } foreach ($availableNodeTypes as $nodeType) { if (in_array($nodeType, $deniedNodeTypeNames) === false) { Assert::fail('The following node type name has not been returned by the node authorization service: ' . $nodeType); } } } }