diff --git a/src/Symfony/Component/Security/Acl/Dbal/MutableAclProvider.php b/src/Symfony/Component/Security/Acl/Dbal/MutableAclProvider.php
index e857c687c3c57..54bef68142fd5 100644
--- a/src/Symfony/Component/Security/Acl/Dbal/MutableAclProvider.php
+++ b/src/Symfony/Component/Security/Acl/Dbal/MutableAclProvider.php
@@ -351,6 +351,17 @@ public function updateAcl(MutableAclInterface $acl)
}
}
+ /**
+ * Updates a user security identity when the user's username changes
+ *
+ * @param UserSecurityIdentity $usid
+ * @param string $oldUsername
+ */
+ public function updateUserSecurityIdentity(UserSecurityIdentity $usid, $oldUsername)
+ {
+ $this->connection->executeQuery($this->getUpdateUserSecurityIdentitySql($usid, $oldUsername));
+ }
+
/**
* Constructs the SQL for deleting access control entries.
*
@@ -633,6 +644,31 @@ protected function getUpdateObjectIdentitySql($pk, array $changes)
);
}
+ /**
+ * Constructs the SQL for updating a user security identity.
+ *
+ * @param UserSecurityIdentity $usid
+ * @param string $oldUsername
+ * @return string
+ */
+ protected function getUpdateUserSecurityIdentitySql(UserSecurityIdentity $usid, $oldUsername)
+ {
+ if ($usid->getUsername() == $oldUsername) {
+ throw new \InvalidArgumentException('There are no changes.');
+ }
+
+ $oldIdentifier = $usid->getClass().'-'.$oldUsername;
+ $newIdentifier = $usid->getClass().'-'.$usid->getUsername();
+
+ return sprintf(
+ 'UPDATE %s SET identifier = %s WHERE identifier = %s AND username = %s',
+ $this->options['sid_table_name'],
+ $this->connection->quote($newIdentifier),
+ $this->connection->quote($oldIdentifier),
+ $this->connection->getDatabasePlatform()->convertBooleans(true)
+ );
+ }
+
/**
* Constructs the SQL for updating an ACE.
*
diff --git a/src/Symfony/Component/Security/Acl/Tests/Dbal/MutableAclProviderTest.php b/src/Symfony/Component/Security/Acl/Tests/Dbal/MutableAclProviderTest.php
index 440f69c422d1a..8c920cf31effe 100644
--- a/src/Symfony/Component/Security/Acl/Tests/Dbal/MutableAclProviderTest.php
+++ b/src/Symfony/Component/Security/Acl/Tests/Dbal/MutableAclProviderTest.php
@@ -407,6 +407,36 @@ public function testUpdateAclDeletingObjectFieldAcesThrowsDBConstraintViolations
$provider->updateAcl($acl);
}
+ public function testUpdateUserSecurityIdentity()
+ {
+ $provider = $this->getProvider();
+ $acl = $provider->createAcl(new ObjectIdentity(1, 'Foo'));
+ $sid = new UserSecurityIdentity('johannes', 'FooClass');
+ $acl->setEntriesInheriting(!$acl->isEntriesInheriting());
+
+ $acl->insertObjectAce($sid, 1);
+ $acl->insertClassAce($sid, 5, 0, false);
+ $acl->insertObjectAce($sid, 2, 1, true);
+ $acl->insertClassFieldAce('field', $sid, 2, 0, true);
+ $provider->updateAcl($acl);
+
+ $newSid = new UserSecurityIdentity('mathieu', 'FooClass');
+ $provider->updateUserSecurityIdentity($newSid, 'johannes');
+
+ $reloadProvider = $this->getProvider();
+ $reloadedAcl = $reloadProvider->findAcl(new ObjectIdentity(1, 'Foo'));
+
+ $this->assertNotSame($acl, $reloadedAcl);
+ $this->assertSame($acl->isEntriesInheriting(), $reloadedAcl->isEntriesInheriting());
+
+ $aces = $acl->getObjectAces();
+ $reloadedAces = $reloadedAcl->getObjectAces();
+ $this->assertEquals(count($aces), count($reloadedAces));
+ foreach ($reloadedAces as $ace) {
+ $this->assertTrue($ace->getSecurityIdentity()->equals($newSid));
+ }
+ }
+
/**
* Data must have the following format:
* array(
pFad - Phonifier reborn
Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies:
Alternative Proxy
pFad Proxy
pFad v3 Proxy
pFad v4 Proxy