Skip to content

Commit 7a9ab2c

Browse files
fabpotfabpot
committed
feature #8305 Added MutableAclProvider::deleteSecurityIdentity (lavoiesl)
This PR was merged into the 2.5-dev branch. Discussion ---------- Added MutableAclProvider::deleteSecurityIdentity This provides a very simple function to enable the deletion of a SecurityIdentity. Developers can add a listener on the delete of a user and remove all the related ACLs. Foreign keys already ensure that the ACEs are properly deleted. Among the problems of not deleting the SecurityIdentity: * Inconsistent database, referring to a non-existent user. * If a user is deleted and another is created with the same name, it will inherit all the old user’s ACEs Not addressed by this PR: Changing a user’s username breaks the related ACLs. See #5787 See also: https://groups.google.com/forum/#!topic/symfony2/mGTXlTWiMs8/discussion Commits ------- bdbbe58 [Security][Acl] Issue #5787 : Added MutableAclProvider::deleteSecurityIdentity
2 parents a4d423e + bdbbe58 commit 7a9ab2c

File tree

1 file changed

+27
-0
lines changed

1 file changed

+27
-0
lines changed

src/Symfony/Component/Security/Acl/Dbal/MutableAclProvider.php

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -108,6 +108,18 @@ public function deleteAcl(ObjectIdentityInterface $oid)
108108
}
109109
}
110110

111+
/**
112+
* Deletes the security identity from the database.
113+
* ACL entries have the CASCADE option on their foreign key so they will also get deleted
114+
*
115+
* @param SecurityIdentityInterface $sid
116+
* @throws \InvalidArgumentException
117+
*/
118+
public function deleteSecurityIdentity(SecurityIdentityInterface $sid)
119+
{
120+
$this->connection->executeQuery($this->getDeleteSecurityIdentityIdSql($sid));
121+
}
122+
111123
/**
112124
* {@inheritDoc}
113125
*/
@@ -622,6 +634,21 @@ protected function getSelectSecurityIdentityIdSql(SecurityIdentityInterface $sid
622634
);
623635
}
624636

637+
/**
638+
* Constructs the SQL to delete a security identity.
639+
*
640+
* @param SecurityIdentityInterface $sid
641+
* @throws \InvalidArgumentException
642+
* @return string
643+
*/
644+
protected function getDeleteSecurityIdentityIdSql(SecurityIdentityInterface $sid)
645+
{
646+
$select = $this->getSelectSecurityIdentityIdSql($sid);
647+
$delete = preg_replace('/^SELECT id FROM/', 'DELETE FROM', $select);
648+
649+
return $delete;
650+
}
651+
625652
/**
626653
* Constructs the SQL for updating an object identity.
627654
*

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy