Skip to content
Snippets Groups Projects
Select Git revision
  • 2b13a20fb5b4d53a3064c5a344fad34e1cbe520f
  • master default protected
  • 5.x
  • ll-php8-bs5
  • release_5_bs5
  • ll-php8
  • 4.x
  • laminas_migration
  • release_1.0.0.2
  • release_4.0.0
  • release_3.2.8
  • bootstrap4_migration
  • 1.0.0.3
  • 6.0.7
  • 6.0.6
  • 6.0.5
  • 6.0.4
  • 6.0.3
  • 6.0.2
  • 6.0.1
  • 5.1.1
  • 6.0.0
  • 5.1.0
  • 5.0.0
  • 4.0.2
  • 3.2.11
  • 4.0.1
  • 3.2.10
  • 4.0.0
  • 1.0.0.2
  • 3.2.9
  • 3.2.8
32 results

AbstractAssertion.php

Blame
  • Code owners
    Assign users and groups as approvers for specific file changes. Learn more.
    AbstractAssertion.php 4.85 KiB
    <?php
    
    namespace UnicaenAuth\Assertion;
    
    use Zend\Mvc\MvcEvent;
    use Zend\Permissions\Acl\Acl;
    use Zend\Permissions\Acl\Assertion\AssertionInterface;
    use Zend\Permissions\Acl\Resource\ResourceInterface;
    use Zend\Permissions\Acl\Role\RoleInterface;
    use Zend\ServiceManager\ServiceLocatorAwareInterface;
    use Zend\ServiceManager\ServiceLocatorAwareTrait;
    
    /**
     * Description of AbstractAssertion
     *
     * @author Laurent LÉCLUSE <laurent.lecluse at unicaen.fr>
     */
    abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAwareInterface
    {
        use ServiceLocatorAwareTrait;
    
    
    
        /**
         * !!!! Pour éviter l'erreur "Serialization of 'Closure' is not allowed"... !!!!
         *
         * @return array
         */
        public function __sleep()
        {
            return [];
        }
    
    
    
        /**
         * Returns true if and only if the assertion conditions are met
         *
         * This method is passed the ACL, Role, Resource, and privilege to which the authorization query applies. If the
         * $role, $this->resource, or $privilege parameters are null, it means that the query applies to all Roles, Resources, or
         * privileges, respectively.
         *
         * @param  Acl               $acl
         * @param  RoleInterface     $role
         * @param  ResourceInterface $resource
         * @param  string            $privilege
         *
         * @return bool
         */
        public final function assert(Acl $acl, RoleInterface $role = null, ResourceInterface $resource = null, $privilege = null)
        {
            switch (true) {
                case $this->detectPrivilege($resource):
    
                    return $this->assertPrivilege($acl, $role, ltrim(strstr($resource, '/'), '/'), $privilege);
    
                case $this->detectController($resource):
    
                    $resource   = (string)$resource;
                    $spos       = strpos($resource, '/') + 1;
                    $dpos       = strrpos($resource, ':') + 1;
                    $controller = substr($resource, $spos, $dpos - $spos - 1);
                    $action     = substr($resource, $dpos);
    
                    return $this->assertController($acl, $role, $controller, $action, $privilege);
    
                case $this->detectEntity($resource):
    
                    return $this->assertEntity($acl, $role, $resource, $privilege);
    
                default:
    
                    return $this->assertOther($acl, $role, $resource, $privilege);
            }
        }
    
    
    
        /**
         *
         * @param string $resource
         *
         * @return boolean
         */
        private function detectPrivilege($resource = null)
        {
            if ($resource instanceof ResourceInterface) $resource = $resource->getResourceId();
    
            return is_string($resource) && 0 === strpos($resource, 'privilege/');
        }
    
    
    
        /**
         *
         * @param Acl           $acl
         * @param RoleInterface $role
         * @param string        $privilege
         * @param string        $subPrivilege
         *
         * @return boolean
         */
        protected function assertPrivilege(Acl $acl, RoleInterface $role = null, $privilege = null, $subPrivilege = null)
        {
            return true;
        }
    
    
    
        /**
         *
         * @param string $resource
         *
         * @return boolean
         */
        private function detectController($resource = null)
        {
            if ($resource instanceof ResourceInterface) $resource = $resource->getResourceId();
    
            return 0 === strpos($resource, 'controller/');
        }
    
    
    
        /**
         *
         * @param Acl           $acl
         * @param RoleInterface $role
         * @param string        $controller
         * @param string        $action
         * @param string        $privilege
         *
         * @return boolean
         */
        protected function assertController(Acl $acl, RoleInterface $role = null, $controller = null, $action = null, $privilege = null)
        {
            return true;
        }
    
    
    
        /**
         *
         * @param string $resource
         *
         * @return boolean
         */
        private function detectEntity($resource = null)
        {
            return
                is_object($resource)
                && method_exists($resource, 'getId');
        }
    
    
    
        /**
         *
         * @param Acl               $acl
         * @param RoleInterface     $role
         * @param ResourceInterface $entity
         * @param string            $privilege
         *
         * @return boolean
         */
        protected function assertEntity(Acl $acl, RoleInterface $role = null, ResourceInterface $entity = null, $privilege = null)
        {
            return true;
        }
    
    
    
        /**
         *
         * @param Acl               $acl
         * @param RoleInterface     $role
         * @param ResourceInterface $entity
         * @param string            $privilege
         *
         * @return boolean
         */
        protected function assertOther(Acl $acl, RoleInterface $role = null, ResourceInterface $entity = null, $privilege = null)
        {
            return true;
        }
    
    
    
        /**
         *
         * @return MvcEvent
         */
        protected function getMvcEvent()
        {
            $application = $this->getServiceLocator()->get('Application');
    
            return $application->getMvcEvent();
        }
    
    }