From 7277c1f50645ae8658c5ee4bd32af43416709451 Mon Sep 17 00:00:00 2001 From: Zdeno Kuzmany Date: Fri, 19 May 2023 08:05:50 +0200 Subject: [PATCH 1/5] Fix import custom objects on background --- EventListener/ImportSubscriber.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/EventListener/ImportSubscriber.php b/EventListener/ImportSubscriber.php index 98fba5826..cd4f1462e 100644 --- a/EventListener/ImportSubscriber.php +++ b/EventListener/ImportSubscriber.php @@ -185,7 +185,9 @@ public function onImportProcess(ImportProcessEvent $event): void try { $customObjectId = $this->getCustomObjectId($event->import->getObject()); - $this->permissionProvider->canCreate($customObjectId); + if (!$event->import->isBackgroundProcess()) { + $this->permissionProvider->canCreate($customObjectId); + } $customObject = $this->customObjectModel->fetchEntity($customObjectId); $merged = $this->customItemImportModel->import($event->import, $event->rowData, $customObject); $event->setWasMerged($merged); From e15d388033e1728f1b6d86ad279804e5928b01b7 Mon Sep 17 00:00:00 2001 From: Zdeno Kuzmany Date: Fri, 26 May 2023 08:03:54 +0200 Subject: [PATCH 2/5] Revert "Fix import custom objects on background" This reverts commit 7277c1f50645ae8658c5ee4bd32af43416709451. --- EventListener/ImportSubscriber.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/EventListener/ImportSubscriber.php b/EventListener/ImportSubscriber.php index cd4f1462e..98fba5826 100644 --- a/EventListener/ImportSubscriber.php +++ b/EventListener/ImportSubscriber.php @@ -185,9 +185,7 @@ public function onImportProcess(ImportProcessEvent $event): void try { $customObjectId = $this->getCustomObjectId($event->import->getObject()); - if (!$event->import->isBackgroundProcess()) { - $this->permissionProvider->canCreate($customObjectId); - } + $this->permissionProvider->canCreate($customObjectId); $customObject = $this->customObjectModel->fetchEntity($customObjectId); $merged = $this->customItemImportModel->import($event->import, $event->rowData, $customObject); $event->setWasMerged($merged); From f75fb277043fc07d191ce398c54c849775eda26e Mon Sep 17 00:00:00 2001 From: Zdeno Kuzmany Date: Fri, 26 May 2023 08:05:26 +0200 Subject: [PATCH 3/5] Fix import custom objects on background with user permission --- Config/config.php | 1 + EventListener/ImportSubscriber.php | 12 +++++++++--- Provider/CustomItemPermissionProvider.php | 11 ++++++----- 3 files changed, 16 insertions(+), 8 deletions(-) diff --git a/Config/config.php b/Config/config.php index 1476deaf4..826948053 100644 --- a/Config/config.php +++ b/Config/config.php @@ -747,6 +747,7 @@ 'custom_item.permission.provider', 'custom_field.repository', 'translator', + 'mautic.user.model.user', ], ], 'custom_item.contact.subscriber' => [ diff --git a/EventListener/ImportSubscriber.php b/EventListener/ImportSubscriber.php index 98fba5826..25e2ebe4c 100644 --- a/EventListener/ImportSubscriber.php +++ b/EventListener/ImportSubscriber.php @@ -10,6 +10,7 @@ use Mautic\LeadBundle\Event\ImportProcessEvent; use Mautic\LeadBundle\Event\ImportValidateEvent; use Mautic\LeadBundle\LeadEvents; +use Mautic\UserBundle\Model\UserModel; use MauticPlugin\CustomObjectsBundle\Entity\CustomField; use MauticPlugin\CustomObjectsBundle\Exception\ForbiddenException; use MauticPlugin\CustomObjectsBundle\Exception\NotFoundException; @@ -56,13 +57,16 @@ class ImportSubscriber implements EventSubscriberInterface */ private $customFieldRepository; + private UserModel $userModel; + public function __construct( CustomObjectModel $customObjectModel, CustomItemImportModel $customItemImportModel, ConfigProvider $configProvider, CustomItemPermissionProvider $permissionProvider, CustomFieldRepository $customFieldRepository, - TranslatorInterface $translator + TranslatorInterface $translator, + UserModel $userModel ) { $this->customObjectModel = $customObjectModel; $this->customItemImportModel = $customItemImportModel; @@ -70,6 +74,7 @@ public function __construct( $this->permissionProvider = $permissionProvider; $this->customFieldRepository = $customFieldRepository; $this->translator = $translator; + $this->userModel = $userModel; } /** @@ -185,8 +190,9 @@ public function onImportProcess(ImportProcessEvent $event): void try { $customObjectId = $this->getCustomObjectId($event->import->getObject()); - $this->permissionProvider->canCreate($customObjectId); - $customObject = $this->customObjectModel->fetchEntity($customObjectId); + $customObject = $this->customObjectModel->fetchEntity($customObjectId); + $user = $event->import->isBackgroundProcess() ? $this->userModel->getEntity($event->import->getCreatedBy()) : null; + $this->permissionProvider->canCreate($customObjectId, $user); $merged = $this->customItemImportModel->import($event->import, $event->rowData, $customObject); $event->setWasMerged($merged); } catch (NotFoundException $e) { diff --git a/Provider/CustomItemPermissionProvider.php b/Provider/CustomItemPermissionProvider.php index c756e1da8..d19d89cc5 100644 --- a/Provider/CustomItemPermissionProvider.php +++ b/Provider/CustomItemPermissionProvider.php @@ -5,6 +5,7 @@ namespace MauticPlugin\CustomObjectsBundle\Provider; use Mautic\CoreBundle\Security\Permissions\CorePermissions; +use Mautic\UserBundle\Entity\User; use MauticPlugin\CustomObjectsBundle\Entity\CustomItem; use MauticPlugin\CustomObjectsBundle\Exception\ForbiddenException; use MauticPlugin\CustomObjectsBundle\Security\Permissions\CustomObjectPermissions; @@ -24,9 +25,9 @@ public function __construct(CorePermissions $corePermissions) /** * @throws ForbiddenException */ - public function isGranted(string $permission, int $customObjectId): void + public function isGranted(string $permission, int $customObjectId, ?User $user): void { - if (!$this->corePermissions->isGranted($this->getPermissionName($customObjectId, $permission))) { + if (!$this->corePermissions->isGranted($this->getPermissionName($customObjectId, $permission), 'MATCH_ALL', $user)) { throw new ForbiddenException($permission, 'Items for Custom Object', $customObjectId); } } @@ -45,9 +46,9 @@ public function hasEntityAccess(string $permission, CustomItem $entity): void /** * @throws ForbiddenException */ - public function canCreate(int $customObjectId): void + public function canCreate(int $customObjectId, ?User $user = null): void { - $this->isGranted('create', $customObjectId); + $this->isGranted('create', $customObjectId, $user); } /** @@ -94,7 +95,7 @@ public function canDelete(CustomItem $entity): void $this->hasEntityAccess('delete', $entity); } - private function getPermissionName(int $customObjectId, string $permission): string + public function getPermissionName(int $customObjectId, string $permission): string { return sprintf('%s:%d:%s', CustomObjectPermissions::NAME, $customObjectId, $permission); } From a84b07b4b82ede236d589673bb7fb7b16232ba84 Mon Sep 17 00:00:00 2001 From: Zdeno Kuzmany Date: Fri, 26 May 2023 08:07:34 +0200 Subject: [PATCH 4/5] Fetch CustomObject after permission check --- EventListener/ImportSubscriber.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/EventListener/ImportSubscriber.php b/EventListener/ImportSubscriber.php index 25e2ebe4c..852856c46 100644 --- a/EventListener/ImportSubscriber.php +++ b/EventListener/ImportSubscriber.php @@ -190,9 +190,9 @@ public function onImportProcess(ImportProcessEvent $event): void try { $customObjectId = $this->getCustomObjectId($event->import->getObject()); - $customObject = $this->customObjectModel->fetchEntity($customObjectId); $user = $event->import->isBackgroundProcess() ? $this->userModel->getEntity($event->import->getCreatedBy()) : null; $this->permissionProvider->canCreate($customObjectId, $user); + $customObject = $this->customObjectModel->fetchEntity($customObjectId); $merged = $this->customItemImportModel->import($event->import, $event->rowData, $customObject); $event->setWasMerged($merged); } catch (NotFoundException $e) { From 3b97b31f4ef563f07421be48d97fe02f6061e074 Mon Sep 17 00:00:00 2001 From: Zdeno Kuzmany Date: Thu, 8 Jun 2023 11:22:14 +0200 Subject: [PATCH 5/5] Fix custom objects permission issue --- Provider/CustomItemPermissionProvider.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Provider/CustomItemPermissionProvider.php b/Provider/CustomItemPermissionProvider.php index d19d89cc5..a9d5bc8f0 100644 --- a/Provider/CustomItemPermissionProvider.php +++ b/Provider/CustomItemPermissionProvider.php @@ -25,7 +25,7 @@ public function __construct(CorePermissions $corePermissions) /** * @throws ForbiddenException */ - public function isGranted(string $permission, int $customObjectId, ?User $user): void + public function isGranted(string $permission, int $customObjectId, ?User $user = null): void { if (!$this->corePermissions->isGranted($this->getPermissionName($customObjectId, $permission), 'MATCH_ALL', $user)) { throw new ForbiddenException($permission, 'Items for Custom Object', $customObjectId);