13 年之前 · ea102a7b42
--- a/Admin/Entity/UserAdmin.php
+++ b/Admin/Entity/UserAdmin.php
@@ -16,6 +16,9 @@ use Sonata\AdminBundle\Form\FormMapper;
 
				 
			
 
				 class UserAdmin extends BaseUserAdmin
			
 
				 {
			
 
				+    /**
			
 
				+     * {@inheritdoc}
			
 
				+     */
			
 
				     protected function configureFormFields(FormMapper $formMapper)
			
 
				     {
			
 
				         parent::configureFormFields($formMapper);
			
--- a/Admin/Model/GroupAdmin.php
+++ b/Admin/Model/GroupAdmin.php
@@ -22,6 +22,9 @@ class GroupAdmin extends Admin
 
				         'validation_groups' => 'Registration'
			
 
				     );
			
 
				 
			
 
				+    /**
			
 
				+     * {@inheritdoc}
			
 
				+     */
			
 
				     public function getNewInstance()
			
 
				     {
			
 
				         $class = $this->getClass();
			
@@ -29,6 +32,9 @@ class GroupAdmin extends Admin
 
				         return new $class('', array());
			
 
				     }
			
 
				 
			
 
				+    /**
			
 
				+     * {@inheritdoc}
			
 
				+     */
			
 
				     protected function configureListFields(ListMapper $listMapper)
			
 
				     {
			
 
				         $listMapper
			
@@ -37,12 +43,19 @@ class GroupAdmin extends Admin
 
				         ;
			
 
				     }
			
 
				 
			
 
				+    /**
			
 
				+     * {@inheritdoc}
			
 
				+     */
			
 
				     protected function configureDatagridFilters(DatagridMapper $datagridMapper)
			
 
				     {
			
 
				         $datagridMapper
			
 
				             ->add('name')
			
 
				         ;
			
 
				     }
			
 
				+
			
 
				+    /**
			
 
				+     * {@inheritdoc}
			
 
				+     */
			
 
				     protected function configureFormFields(FormMapper $formMapper)
			
 
				     {
			
 
				         $formMapper
			
--- a/Admin/Model/UserAdmin.php
+++ b/Admin/Model/UserAdmin.php
@@ -24,6 +24,9 @@ class UserAdmin extends Admin
 
				         'validation_groups' => 'Profile'
			
 
				     );
			
 
				 
			
 
				+    /**
			
 
				+     * {@inheritdoc}
			
 
				+     */
			
 
				     protected function configureListFields(ListMapper $listMapper)
			
 
				     {
			
 
				         $listMapper
			
@@ -42,6 +45,9 @@ class UserAdmin extends Admin
 
				         }
			
 
				     }
			
 
				 
			
 
				+    /**
			
 
				+     * {@inheritdoc}
			
 
				+     */
			
 
				     protected function configureDatagridFilters(DatagridMapper $filterMapper)
			
 
				     {
			
 
				         $filterMapper
			
@@ -53,6 +59,9 @@ class UserAdmin extends Admin
 
				         ;
			
 
				     }
			
 
				 
			
 
				+    /**
			
 
				+     * {@inheritdoc}
			
 
				+     */
			
 
				     protected function configureFormFields(FormMapper $formMapper)
			
 
				     {
			
 
				         $formMapper
			
@@ -77,17 +86,26 @@ class UserAdmin extends Admin
 
				         ;
			
 
				     }
			
 
				 
			
 
				+    /**
			
 
				+     * {@inheritdoc}
			
 
				+     */
			
 
				     public function preUpdate($user)
			
 
				     {
			
 
				         $this->getUserManager()->updateCanonicalFields($user);
			
 
				         $this->getUserManager()->updatePassword($user);
			
 
				     }
			
 
				 
			
 
				+    /**
			
 
				+     * @param UserManagerInterface $userManager
			
 
				+     */
			
 
				     public function setUserManager(UserManagerInterface $userManager)
			
 
				     {
			
 
				         $this->userManager = $userManager;
			
 
				     }
			
 
				 
			
 
				+    /**
			
 
				+     * @return UserManagerInterface
			
 
				+     */
			
 
				     public function getUserManager()
			
 
				     {
			
 
				         return $this->userManager;
			
--- a/Command/TwoStepVerificationCommand.php
+++ b/Command/TwoStepVerificationCommand.php
@@ -20,6 +20,9 @@ use Symfony\Component\Console\Output\Output;
 
				 
			
 
				 class TwoStepVerificationCommand extends ContainerAwareCommand
			
 
				 {
			
 
				+    /**
			
 
				+     * {@inheritdoc}
			
 
				+     */
			
 
				     public function configure()
			
 
				     {
			
 
				         $this->setName('sonata:user:two-step-verification');
			
@@ -27,6 +30,9 @@ class TwoStepVerificationCommand extends ContainerAwareCommand
 
				         $this->setDescription('Generate a two step verification process to secure an access (Ideal for super admin protection)');
			
 
				     }
			
 
				 
			
 
				+    /**
			
 
				+     * {@inheritdoc}
			
 
				+     */
			
 
				     public function execute(InputInterface $input, OutputInterface $output)
			
 
				     {
			
 
				         if (!$this->getContainer()->has('sonata.user.google.authenticator.provider')) {
			
--- a/Controller/AdminSecurityController.php
+++ b/Controller/AdminSecurityController.php
@@ -20,6 +20,9 @@ use Symfony\Component\HttpFoundation\RedirectResponse;
 
				 
			
 
				 class AdminSecurityController extends SecurityController
			
 
				 {
			
 
				+    /**
			
 
				+     * {@inheritdoc}
			
 
				+     */
			
 
				     public function loginAction()
			
 
				     {
			
 
				         $request = $this->container->get('request');
			
--- a/DependencyInjection/SonataUserExtension.php
+++ b/DependencyInjection/SonataUserExtension.php
@@ -62,10 +62,11 @@ class SonataUserExtension extends Extension
 
				     }
			
 
				 
			
 
				     /**
			
 
				+     * @param array            $config
			
 
				+     * @param ContainerBuilder $container
			
 
				+     *
			
 
				+     * @return mixed
			
 
				      * @throws \RuntimeException
			
 
				-     * @param $config
			
 
				-     * @param \Symfony\Component\DependencyInjection\ContainerBuilder $container
			
 
				-     * @return
			
 
				      */
			
 
				     public function configureGoogleAuthenticator($config, ContainerBuilder $container)
			
 
				     {
			
@@ -91,6 +92,7 @@ class SonataUserExtension extends Extension
 
				 
			
 
				     /**
			
 
				      * @param array $config
			
 
				+     *
			
 
				      * @return array
			
 
				      */
			
 
				     public function addDefaults(array $config)
			
@@ -108,8 +110,9 @@ class SonataUserExtension extends Extension
 
				     }
			
 
				 
			
 
				     /**
			
 
				-     * @param $config
			
 
				+     * @param array                                                   $config
			
 
				      * @param \Symfony\Component\DependencyInjection\ContainerBuilder $container
			
 
				+     *
			
 
				      * @return void
			
 
				      */
			
 
				     public function configureClass($config, ContainerBuilder $container)
			
@@ -126,7 +129,6 @@ class SonataUserExtension extends Extension
 
				 
			
 
				     /**
			
 
				      * @param array $config
			
 
				-     * @return void
			
 
				      */
			
 
				     public function registerDoctrineMapping(array $config)
			
 
				     {
			
--- a/Form/Type/SecurityRolesType.php
+++ b/Form/Type/SecurityRolesType.php
@@ -22,6 +22,9 @@ class SecurityRolesType extends ChoiceType
 
				 {
			
 
				     protected $pool;
			
 
				 
			
 
				+    /**
			
 
				+     * @param Pool $pool
			
 
				+     */
			
 
				     public function __construct(Pool $pool)
			
 
				     {
			
 
				         $this->pool = $pool;
			
@@ -55,6 +58,9 @@ class SecurityRolesType extends ChoiceType
 
				         $view->set('read_only_choices', $form->getAttribute('read_only_choices'));
			
 
				     }
			
 
				 
			
 
				+    /**
			
 
				+     * {@inheritdoc}
			
 
				+     */
			
 
				     public function getDefaultOptions(array $options)
			
 
				     {
			
 
				         $options = parent::getDefaultOptions($options);
			
--- a/Model/UserInterface.php
+++ b/Model/UserInterface.php
@@ -19,7 +19,8 @@ interface UserInterface extends \FOS\UserBundle\Model\UserInterface
 
				     public function getTwoStepVerificationCode();
			
 
				 
			
 
				     /**
			
 
				-     * @param $code
			
 
				+     * @param string $code
			
 
				+     *
			
 
				      * @return string
			
 
				      */
			
 
				     public function setTwoStepVerificationCode($code);
			
--- a/Security/Authorization/Voter/UserAclVoter.php
+++ b/Security/Authorization/Voter/UserAclVoter.php
@@ -11,33 +11,39 @@ class UserAclVoter extends AclVoter
 
				    /**
			
 
				     * {@InheritDoc}
			
 
				     */
			
 
				-   public function supportsClass($class)
			
 
				-   {
			
 
				-       // support the Object-Scope ACL
			
 
				-       return is_subclass_of($class, 'FOS\UserBundle\Model\UserInterface');
			
 
				-   }
			
 
				+    public function supportsClass($class)
			
 
				+    {
			
 
				+        // support the Object-Scope ACL
			
 
				+        return is_subclass_of($class, 'FOS\UserBundle\Model\UserInterface');
			
 
				+    }
			
 
				 
			
 
				-   public function supportsAttribute($attribute)
			
 
				-   {
			
 
				-       return $attribute === 'EDIT' || $attribute === 'DELETE';
			
 
				-   }
			
 
				+    /**
			
 
				+     * {@inheritdoc}
			
 
				+     */
			
 
				+    public function supportsAttribute($attribute)
			
 
				+    {
			
 
				+        return $attribute === 'EDIT' || $attribute === 'DELETE';
			
 
				+    }
			
 
				 
			
 
				-   public function vote(TokenInterface $token, $object, array $attributes)
			
 
				-   {
			
 
				-       if (!$this->supportsClass(get_class($object))) {
			
 
				-           return self::ACCESS_ABSTAIN;
			
 
				-       }
			
 
				+    /**
			
 
				+     * {@inheritdoc}
			
 
				+     */
			
 
				+    public function vote(TokenInterface $token, $object, array $attributes)
			
 
				+    {
			
 
				+        if (!$this->supportsClass(get_class($object))) {
			
 
				+            return self::ACCESS_ABSTAIN;
			
 
				+        }
			
 
				 
			
 
				-       foreach ($attributes as $attribute) {
			
 
				-           if ($this->supportsAttribute($attribute) && $object instanceof UserInterface) {
			
 
				-               if ($object->isSuperAdmin() && !$token->getUser()->isSuperAdmin()) {
			
 
				-                   // deny a non super admin user to edit or delete a super admin user
			
 
				-                   return self::ACCESS_DENIED;
			
 
				-               }
			
 
				-           }
			
 
				-       }
			
 
				+        foreach ($attributes as $attribute) {
			
 
				+            if ($this->supportsAttribute($attribute) && $object instanceof UserInterface) {
			
 
				+                if ($object->isSuperAdmin() && !$token->getUser()->isSuperAdmin()) {
			
 
				+                    // deny a non super admin user to edit or delete a super admin user
			
 
				+                    return self::ACCESS_DENIED;
			
 
				+                }
			
 
				+            }
			
 
				+        }
			
 
				 
			
 
				-       // leave the permission voting to the AclVoter that is using the default permission map
			
 
				-       return self::ACCESS_ABSTAIN;
			
 
				-   }
			
 
				+        // leave the permission voting to the AclVoter that is using the default permission map
			
 
				+        return self::ACCESS_ABSTAIN;
			
 
				+    }
			
 
				 }
			
--- a/SonataUserBundle.php
+++ b/SonataUserBundle.php
@@ -17,11 +17,17 @@ class SonataUserBundle extends Bundle
 
				 {
			
 
				     protected $parent;
			
 
				 
			
 
				+    /**
			
 
				+     * @param string $parent
			
 
				+     */
			
 
				     public function __construct($parent = null)
			
 
				     {
			
 
				         $this->parent = $parent;
			
 
				     }
			
 
				 
			
 
				+    /**
			
 
				+     * {@inheritdoc}
			
 
				+     */
			
 
				     public function getParent()
			
 
				     {
			
 
				         return $this->parent;