public function assignRoleToUser(APIRole $role, User $user, RoleLimitation $roleLimitation = null)
{
if ($this->repository->canUser('role', 'assign', $user, $role) !== true) {
throw new UnauthorizedException('role', 'assign');
}
if ($roleLimitation === null) {
$limitation = null;
} else {
$limitationValidationErrors = $this->limitationService->validateLimitation($roleLimitation);
if (!empty($limitationValidationErrors)) {
throw new LimitationValidationException($limitationValidationErrors);
}
$limitation = array($roleLimitation->getIdentifier() => $roleLimitation->limitationValues);
}
// Check if objects exists
$spiRole = $this->userHandler->loadRole($role->id);
$spiUser = $this->userHandler->load($user->id);
$limitation = $this->checkAssignmentAndFilterLimitationValues($spiUser->id, $spiRole, $limitation);
$this->repository->beginTransaction();
try {
$this->userHandler->assignRole($spiUser->id, $spiRole->id, $limitation);
$this->repository->commit();
} catch (Exception $e) {
$this->repository->rollback();
throw $e;
}
}