Commit 9c4cb3a0 authored by Laurent Lécluse's avatar Laurent Lécluse
Browse files

Ajout de la possibilité de fournir des rôles au PrivilegeRuleProvider.

Simplification de l'AbstractAssertion
parent 1cded056
......@@ -2,6 +2,7 @@
namespace UnicaenAuth\Assertion;
use Zend\Mvc\Application;
use Zend\Mvc\MvcEvent;
use Zend\Permissions\Acl\Acl;
use Zend\Permissions\Acl\Assertion\AssertionInterface;
......@@ -19,6 +20,16 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
{
use ServiceLocatorAwareTrait;
/**
* @var Acl
*/
private $acl;
/**
* @var RoleInterface
*/
private $role;
/**
......@@ -49,10 +60,12 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
*/
public final function assert(Acl $acl, RoleInterface $role = null, ResourceInterface $resource = null, $privilege = null)
{
$this->setAcl($acl);
$this->setRole($role);
switch (true) {
case $this->detectPrivilege($resource):
return $this->assertPrivilege($acl, $role, ltrim(strstr($resource, '/'), '/'), $privilege);
return $this->assertPrivilege(ltrim(strstr($resource, '/'), '/'), $privilege);
case $this->detectController($resource):
......@@ -62,22 +75,69 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
$controller = substr($resource, $spos, $dpos - $spos - 1);
$action = substr($resource, $dpos);
return $this->assertController($acl, $role, $controller, $action, $privilege);
return $this->assertController($controller, $action, $privilege);
case $this->detectEntity($resource):
return $this->assertEntity($acl, $role, $resource, $privilege);
return $this->assertEntity($resource, $privilege);
default:
return $this->assertOther($acl, $role, $resource, $privilege);
return $this->assertOther($resource, $privilege);
}
}
/**
* @return Acl
*/
public function getAcl()
{
return $this->acl;
}
/**
* @param Acl $acl
*
* @return AbstractAssertion
*/
public function setAcl(Acl $acl = null)
{
$this->acl = $acl;
return $this;
}
/**
* @return RoleInterface
*/
public function getRole()
{
return $this->role;
}
/**
* @param RoleInterface $role
*
* @return AbstractAssertion
*/
public function setRole(RoleInterface $role = null)
{
$this->role = $role;
return $this;
}
/**
* @param string $resource
*
* @return boolean
......@@ -92,15 +152,12 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
/**
*
* @param Acl $acl
* @param RoleInterface $role
* @param string $privilege
* @param string $subPrivilege
* @param string $privilege
* @param string $subPrivilege
*
* @return boolean
*/
protected function assertPrivilege(Acl $acl, RoleInterface $role = null, $privilege = null, $subPrivilege = null)
protected function assertPrivilege($privilege, $subPrivilege = null)
{
return true;
}
......@@ -108,7 +165,6 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
/**
*
* @param string $resource
*
* @return boolean
......@@ -123,16 +179,13 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
/**
*
* @param Acl $acl
* @param RoleInterface $role
* @param string $controller
* @param string $action
* @param string $privilege
* @param string $controller
* @param string $action
* @param string $privilege
*
* @return boolean
*/
protected function assertController(Acl $acl, RoleInterface $role = null, $controller = null, $action = null, $privilege = null)
protected function assertController($controller, $action = null, $privilege = null)
{
return true;
}
......@@ -140,7 +193,6 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
/**
*
* @param string $resource
*
* @return boolean
......@@ -155,15 +207,12 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
/**
*
* @param Acl $acl
* @param RoleInterface $role
* @param ResourceInterface $entity
* @param string $privilege
*
* @return boolean
*/
protected function assertEntity(Acl $acl, RoleInterface $role = null, ResourceInterface $entity = null, $privilege = null)
protected function assertEntity(ResourceInterface $entity, $privilege = null)
{
return true;
}
......@@ -171,15 +220,12 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
/**
*
* @param Acl $acl
* @param RoleInterface $role
* @param ResourceInterface $entity
* @param ResourceInterface $resource
* @param string $privilege
*
* @return boolean
*/
protected function assertOther(Acl $acl, RoleInterface $role = null, ResourceInterface $entity = null, $privilege = null)
protected function assertOther(ResourceInterface $resource = null, $privilege = null)
{
return true;
}
......@@ -187,13 +233,14 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
/**
*
* @return MvcEvent
*/
protected function getMvcEvent()
{
$application = $this->getServiceLocator()->get('Application');
/* @var $application Application */
return $application->getMvcEvent();
}
......
......@@ -45,7 +45,7 @@ class PrivilegeRuleProvider implements ProviderInterface
$privileges = (array)$rule['privileges'];
$ressources = $rule['resources'];
$assertion = isset($rule['assertion']) ? $rule['assertion'] : null;
$bjyRoles = [];
$bjyRoles = isset($rule['roles']) ? (array)$rule['roles'] : [];
foreach ($pr as $privilege => $roles) {
if (in_array($privilege, $privileges)) {
$bjyRoles = array_unique(array_merge($bjyRoles, $roles));
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment