Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
lib
unicaen
auth
Commits
9c4cb3a0
Commit
9c4cb3a0
authored
Dec 02, 2015
by
Laurent Lécluse
Browse files
Ajout de la possibilité de fournir des rôles au PrivilegeRuleProvider.
Simplification de l'AbstractAssertion
parent
1cded056
Changes
2
Hide whitespace changes
Inline
Side-by-side
src/UnicaenAuth/Assertion/AbstractAssertion.php
View file @
9c4cb3a0
...
...
@@ -2,6 +2,7 @@
namespace
UnicaenAuth\Assertion
;
use
Zend\Mvc\Application
;
use
Zend\Mvc\MvcEvent
;
use
Zend\Permissions\Acl\Acl
;
use
Zend\Permissions\Acl\Assertion\AssertionInterface
;
...
...
@@ -19,6 +20,16 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
{
use
ServiceLocatorAwareTrait
;
/**
* @var Acl
*/
private
$acl
;
/**
* @var RoleInterface
*/
private
$role
;
/**
...
...
@@ -49,10 +60,12 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
*/
public
final
function
assert
(
Acl
$acl
,
RoleInterface
$role
=
null
,
ResourceInterface
$resource
=
null
,
$privilege
=
null
)
{
$this
->
setAcl
(
$acl
);
$this
->
setRole
(
$role
);
switch
(
true
)
{
case
$this
->
detectPrivilege
(
$resource
)
:
return
$this
->
assertPrivilege
(
$acl
,
$role
,
ltrim
(
strstr
(
$resource
,
'/'
),
'/'
),
$privilege
);
return
$this
->
assertPrivilege
(
ltrim
(
strstr
(
$resource
,
'/'
),
'/'
),
$privilege
);
case
$this
->
detectController
(
$resource
)
:
...
...
@@ -62,22 +75,69 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
$controller
=
substr
(
$resource
,
$spos
,
$dpos
-
$spos
-
1
);
$action
=
substr
(
$resource
,
$dpos
);
return
$this
->
assertController
(
$acl
,
$role
,
$controller
,
$action
,
$privilege
);
return
$this
->
assertController
(
$controller
,
$action
,
$privilege
);
case
$this
->
detectEntity
(
$resource
)
:
return
$this
->
assertEntity
(
$acl
,
$role
,
$resource
,
$privilege
);
return
$this
->
assertEntity
(
$resource
,
$privilege
);
default
:
return
$this
->
assertOther
(
$acl
,
$role
,
$resource
,
$privilege
);
return
$this
->
assertOther
(
$resource
,
$privilege
);
}
}
/**
* @return Acl
*/
public
function
getAcl
()
{
return
$this
->
acl
;
}
/**
* @param Acl $acl
*
* @return AbstractAssertion
*/
public
function
setAcl
(
Acl
$acl
=
null
)
{
$this
->
acl
=
$acl
;
return
$this
;
}
/**
* @return RoleInterface
*/
public
function
getRole
()
{
return
$this
->
role
;
}
/**
* @param RoleInterface $role
*
* @return AbstractAssertion
*/
public
function
setRole
(
RoleInterface
$role
=
null
)
{
$this
->
role
=
$role
;
return
$this
;
}
/**
* @param string $resource
*
* @return boolean
...
...
@@ -92,15 +152,12 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
/**
*
* @param Acl $acl
* @param RoleInterface $role
* @param string $privilege
* @param string $subPrivilege
* @param string $privilege
* @param string $subPrivilege
*
* @return boolean
*/
protected
function
assertPrivilege
(
Acl
$acl
,
RoleInterface
$role
=
null
,
$privilege
=
null
,
$subPrivilege
=
null
)
protected
function
assertPrivilege
(
$privilege
,
$subPrivilege
=
null
)
{
return
true
;
}
...
...
@@ -108,7 +165,6 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
/**
*
* @param string $resource
*
* @return boolean
...
...
@@ -123,16 +179,13 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
/**
*
* @param Acl $acl
* @param RoleInterface $role
* @param string $controller
* @param string $action
* @param string $privilege
* @param string $controller
* @param string $action
* @param string $privilege
*
* @return boolean
*/
protected
function
assertController
(
Acl
$acl
,
RoleInterface
$role
=
null
,
$controller
=
null
,
$action
=
null
,
$privilege
=
null
)
protected
function
assertController
(
$controller
,
$action
=
null
,
$privilege
=
null
)
{
return
true
;
}
...
...
@@ -140,7 +193,6 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
/**
*
* @param string $resource
*
* @return boolean
...
...
@@ -155,15 +207,12 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
/**
*
* @param Acl $acl
* @param RoleInterface $role
* @param ResourceInterface $entity
* @param string $privilege
*
* @return boolean
*/
protected
function
assertEntity
(
Acl
$acl
,
RoleInterface
$role
=
null
,
ResourceInterface
$entity
=
null
,
$privilege
=
null
)
protected
function
assertEntity
(
ResourceInterface
$entity
,
$privilege
=
null
)
{
return
true
;
}
...
...
@@ -171,15 +220,12 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
/**
*
* @param Acl $acl
* @param RoleInterface $role
* @param ResourceInterface $entity
* @param ResourceInterface $resource
* @param string $privilege
*
* @return boolean
*/
protected
function
assertOther
(
Acl
$acl
,
RoleInterface
$role
=
null
,
ResourceInterface
$entity
=
null
,
$privilege
=
null
)
protected
function
assertOther
(
ResourceInterface
$resource
=
null
,
$privilege
=
null
)
{
return
true
;
}
...
...
@@ -187,13 +233,14 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
/**
*
* @return MvcEvent
*/
protected
function
getMvcEvent
()
{
$application
=
$this
->
getServiceLocator
()
->
get
(
'Application'
);
/* @var $application Application */
return
$application
->
getMvcEvent
();
}
...
...
src/UnicaenAuth/Provider/Rule/PrivilegeRuleProvider.php
View file @
9c4cb3a0
...
...
@@ -45,7 +45,7 @@ class PrivilegeRuleProvider implements ProviderInterface
$privileges
=
(
array
)
$rule
[
'privileges'
];
$ressources
=
$rule
[
'resources'
];
$assertion
=
isset
(
$rule
[
'assertion'
])
?
$rule
[
'assertion'
]
:
null
;
$bjyRoles
=
[];
$bjyRoles
=
isset
(
$rule
[
'roles'
])
?
(
array
)
$rule
[
'roles'
]
:
[];
foreach
(
$pr
as
$privilege
=>
$roles
)
{
if
(
in_array
(
$privilege
,
$privileges
))
{
$bjyRoles
=
array_unique
(
array_merge
(
$bjyRoles
,
$roles
));
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment