Skip to content
Snippets Groups Projects
Commit 9c4cb3a0 authored by Laurent Lecluse's avatar Laurent Lecluse
Browse files

Ajout de la possibilité de fournir des rôles au PrivilegeRuleProvider.

Simplification de l'AbstractAssertion
parent 1cded056
No related branches found
No related tags found
No related merge requests found
......@@ -2,6 +2,7 @@
namespace UnicaenAuth\Assertion;
use Zend\Mvc\Application;
use Zend\Mvc\MvcEvent;
use Zend\Permissions\Acl\Acl;
use Zend\Permissions\Acl\Assertion\AssertionInterface;
......@@ -19,6 +20,16 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
{
use ServiceLocatorAwareTrait;
/**
* @var Acl
*/
private $acl;
/**
* @var RoleInterface
*/
private $role;
/**
......@@ -49,10 +60,12 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
*/
public final function assert(Acl $acl, RoleInterface $role = null, ResourceInterface $resource = null, $privilege = null)
{
$this->setAcl($acl);
$this->setRole($role);
switch (true) {
case $this->detectPrivilege($resource):
return $this->assertPrivilege($acl, $role, ltrim(strstr($resource, '/'), '/'), $privilege);
return $this->assertPrivilege(ltrim(strstr($resource, '/'), '/'), $privilege);
case $this->detectController($resource):
......@@ -62,22 +75,69 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
$controller = substr($resource, $spos, $dpos - $spos - 1);
$action = substr($resource, $dpos);
return $this->assertController($acl, $role, $controller, $action, $privilege);
return $this->assertController($controller, $action, $privilege);
case $this->detectEntity($resource):
return $this->assertEntity($acl, $role, $resource, $privilege);
return $this->assertEntity($resource, $privilege);
default:
return $this->assertOther($acl, $role, $resource, $privilege);
return $this->assertOther($resource, $privilege);
}
}
/**
* @return Acl
*/
public function getAcl()
{
return $this->acl;
}
/**
* @param Acl $acl
*
* @return AbstractAssertion
*/
public function setAcl(Acl $acl = null)
{
$this->acl = $acl;
return $this;
}
/**
* @return RoleInterface
*/
public function getRole()
{
return $this->role;
}
/**
* @param RoleInterface $role
*
* @return AbstractAssertion
*/
public function setRole(RoleInterface $role = null)
{
$this->role = $role;
return $this;
}
/**
* @param string $resource
*
* @return boolean
......@@ -92,15 +152,12 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
/**
*
* @param Acl $acl
* @param RoleInterface $role
* @param string $privilege
* @param string $subPrivilege
*
* @return boolean
*/
protected function assertPrivilege(Acl $acl, RoleInterface $role = null, $privilege = null, $subPrivilege = null)
protected function assertPrivilege($privilege, $subPrivilege = null)
{
return true;
}
......@@ -108,7 +165,6 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
/**
*
* @param string $resource
*
* @return boolean
......@@ -123,16 +179,13 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
/**
*
* @param Acl $acl
* @param RoleInterface $role
* @param string $controller
* @param string $action
* @param string $privilege
*
* @return boolean
*/
protected function assertController(Acl $acl, RoleInterface $role = null, $controller = null, $action = null, $privilege = null)
protected function assertController($controller, $action = null, $privilege = null)
{
return true;
}
......@@ -140,7 +193,6 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
/**
*
* @param string $resource
*
* @return boolean
......@@ -155,15 +207,12 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
/**
*
* @param Acl $acl
* @param RoleInterface $role
* @param ResourceInterface $entity
* @param string $privilege
*
* @return boolean
*/
protected function assertEntity(Acl $acl, RoleInterface $role = null, ResourceInterface $entity = null, $privilege = null)
protected function assertEntity(ResourceInterface $entity, $privilege = null)
{
return true;
}
......@@ -171,15 +220,12 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
/**
*
* @param Acl $acl
* @param RoleInterface $role
* @param ResourceInterface $entity
* @param ResourceInterface $resource
* @param string $privilege
*
* @return boolean
*/
protected function assertOther(Acl $acl, RoleInterface $role = null, ResourceInterface $entity = null, $privilege = null)
protected function assertOther(ResourceInterface $resource = null, $privilege = null)
{
return true;
}
......@@ -187,13 +233,14 @@ abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAw
/**
*
* @return MvcEvent
*/
protected function getMvcEvent()
{
$application = $this->getServiceLocator()->get('Application');
/* @var $application Application */
return $application->getMvcEvent();
}
......
......@@ -45,7 +45,7 @@ class PrivilegeRuleProvider implements ProviderInterface
$privileges = (array)$rule['privileges'];
$ressources = $rule['resources'];
$assertion = isset($rule['assertion']) ? $rule['assertion'] : null;
$bjyRoles = [];
$bjyRoles = isset($rule['roles']) ? (array)$rule['roles'] : [];
foreach ($pr as $privilege => $roles) {
if (in_array($privilege, $privileges)) {
$bjyRoles = array_unique(array_merge($bjyRoles, $roles));
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment