eZ\Publish\Core\Limitation\ParentUserGroupLimitationType::evaluate PHP Method

ParentUserGroupLimitationType Class Documentation Show file Open project: ezsystems/ezpublish-kernel

evaluate() public method

Evaluate permission against content & target(placement/parent/assignment).

public evaluate ( eZ\Publish\API\Repository\Values\User\Limitation $value, eZ\Publish\API\Repository\Values\User\UserReference $currentUser, eZ\Publish\API\Repository\Values\ValueObject $object, array $targets = null ) : boolean
$value	eZ\Publish\API\Repository\Values\User\Limitation
$currentUser	eZ\Publish\API\Repository\Values\User\UserReference
$object	eZ\Publish\API\Repository\Values\ValueObject
$targets	array	The context of the $object, like Location of Content, if null none where provided by caller
return	boolean

    public function evaluate(APILimitationValue $value, APIUserReference $currentUser, ValueObject $object, array $targets = null)
    {
        if (!$value instanceof APIParentUserGroupLimitation) {
            throw new InvalidArgumentException('$value', 'Must be of type: APIParentUserGroupLimitation');
        }
        if ($value->limitationValues[0] != 1) {
            throw new BadStateException('Parent User Group limitation', 'expected limitation value to be 1 but got:' . $value->limitationValues[0]);
        }
        // Parent Limitations are usually used by content/create where target is specified, so we return false if not provided.
        if (empty($targets)) {
            return false;
        }
        $locationHandler = $this->persistence->locationHandler();
        $currentUserLocations = $locationHandler->loadLocationsByContent($currentUser->getUserId());
        if (empty($currentUserLocations)) {
            return false;
        }
        foreach ($targets as $target) {
            if ($target instanceof LocationCreateStruct) {
                $target = $locationHandler->load($target->parentLocationId);
            }
            if ($target instanceof Location) {
                // $target is assumed to be parent in this case
                $parentOwnerId = $target->getContentInfo()->ownerId;
            } elseif ($target instanceof SPILocation) {
                // $target is assumed to be parent in this case
                $spiContentInfo = $this->persistence->contentHandler()->loadContentInfo($target->contentId);
                $parentOwnerId = $spiContentInfo->ownerId;
            } else {
                throw new InvalidArgumentException('$targets', 'Must contain objects of type: Location or LocationCreateStruct');
            }
            if ($parentOwnerId === $currentUser->getUserId()) {
                continue;
            }
            /*
             * As long as SPI userHandler and API UserService does not speak the same language, this is the ugly truth;
             */
            $locationHandler = $this->persistence->locationHandler();
            $parentOwnerLocations = $locationHandler->loadLocationsByContent($parentOwnerId);
            if (empty($parentOwnerLocations)) {
                return false;
            }
            foreach ($parentOwnerLocations as $parentOwnerLocation) {
                foreach ($currentUserLocations as $currentUserLocation) {
                    if ($parentOwnerLocation->parentId === $currentUserLocation->parentId) {
                        continue 3;
                    }
                }
            }
            return false;
        }
        return true;
    }

ParentUserGroupLimitationType

acceptValue

buildValue

evaluate

getCriterion

validate

valueSchema