Skip to content
Snippets Groups Projects
Select Git revision
  • cef641cf99655c3fd84311f30329c81f3871b15d
  • master default protected
  • cleanup_fixtures
  • add-openvox
  • freebsd-14
  • remove-legacy-top-scope-syntax
  • rel430
  • tests
  • revert-363-augeas-module-cleanup
  • release-4.1.0
  • puppet8
  • relax-dependencies
  • rel400
  • mode
  • puppet7
  • release-3.1.0
  • freebsd13
  • freebsd11
  • stdlib
  • centos
  • fedora
  • v5.1.0
  • v5.0.0
  • v4.5.0
  • v4.4.0
  • v4.3.0
  • v4.2.1
  • v4.2.0
  • v4.1.0
  • v4.0.0
  • v3.1.0
  • v3.0.0
  • v2.0.0
  • 1.12.0
  • 1.11.0
  • 1.10.0
  • 1.9.0
  • 1.8.0
  • 1.7.0
  • 1.6.0
  • 1.5.0
41 results

Gemfile

Blame
  • Code owners
    Assign users and groups as approvers for specific file changes. Learn more.
    This project manages its dependencies using Bundler. Learn more
    AbstractAssertion.php 4.85 KiB
    <?php
    
    namespace UnicaenAuth\Assertion;
    
    use Zend\Mvc\MvcEvent;
    use Zend\Permissions\Acl\Acl;
    use Zend\Permissions\Acl\Assertion\AssertionInterface;
    use Zend\Permissions\Acl\Resource\ResourceInterface;
    use Zend\Permissions\Acl\Role\RoleInterface;
    use Zend\ServiceManager\ServiceLocatorAwareInterface;
    use Zend\ServiceManager\ServiceLocatorAwareTrait;
    
    /**
     * Description of AbstractAssertion
     *
     * @author Laurent LÉCLUSE <laurent.lecluse at unicaen.fr>
     */
    abstract class AbstractAssertion implements AssertionInterface, ServiceLocatorAwareInterface
    {
        use ServiceLocatorAwareTrait;
    
    
    
        /**
         * !!!! Pour éviter l'erreur "Serialization of 'Closure' is not allowed"... !!!!
         *
         * @return array
         */
        public function __sleep()
        {
            return [];
        }
    
    
    
        /**
         * Returns true if and only if the assertion conditions are met
         *
         * This method is passed the ACL, Role, Resource, and privilege to which the authorization query applies. If the
         * $role, $this->resource, or $privilege parameters are null, it means that the query applies to all Roles, Resources, or
         * privileges, respectively.
         *
         * @param  Acl               $acl
         * @param  RoleInterface     $role
         * @param  ResourceInterface $resource
         * @param  string            $privilege
         *
         * @return bool
         */
        public final function assert(Acl $acl, RoleInterface $role = null, ResourceInterface $resource = null, $privilege = null)
        {
            switch (true) {
                case $this->detectPrivilege($resource):
    
                    return $this->assertPrivilege($acl, $role, ltrim(strstr($resource, '/'), '/'), $privilege);
    
                case $this->detectController($resource):
    
                    $resource   = (string)$resource;
                    $spos       = strpos($resource, '/') + 1;
                    $dpos       = strrpos($resource, ':') + 1;
                    $controller = substr($resource, $spos, $dpos - $spos - 1);
                    $action     = substr($resource, $dpos);
    
                    return $this->assertController($acl, $role, $controller, $action, $privilege);
    
                case $this->detectEntity($resource):
    
                    return $this->assertEntity($acl, $role, $resource, $privilege);
    
                default:
    
                    return $this->assertOther($acl, $role, $resource, $privilege);
            }
        }
    
    
    
        /**
         *
         * @param string $resource
         *
         * @return boolean
         */
        private function detectPrivilege($resource = null)
        {
            if ($resource instanceof ResourceInterface) $resource = $resource->getResourceId();
    
            return is_string($resource) && 0 === strpos($resource, 'privilege/');
        }
    
    
    
        /**
         *
         * @param Acl           $acl
         * @param RoleInterface $role
         * @param string        $privilege
         * @param string        $subPrivilege
         *
         * @return boolean
         */
        protected function assertPrivilege(Acl $acl, RoleInterface $role = null, $privilege = null, $subPrivilege = null)
        {
            return true;
        }
    
    
    
        /**
         *
         * @param string $resource
         *
         * @return boolean
         */
        private function detectController($resource = null)
        {
            if ($resource instanceof ResourceInterface) $resource = $resource->getResourceId();
    
            return 0 === strpos($resource, 'controller/');
        }
    
    
    
        /**
         *
         * @param Acl           $acl
         * @param RoleInterface $role
         * @param string        $controller
         * @param string        $action
         * @param string        $privilege
         *
         * @return boolean
         */
        protected function assertController(Acl $acl, RoleInterface $role = null, $controller = null, $action = null, $privilege = null)
        {
            return true;
        }
    
    
    
        /**
         *
         * @param string $resource
         *
         * @return boolean
         */
        private function detectEntity($resource = null)
        {
            return
                is_object($resource)
                && method_exists($resource, 'getId');
        }
    
    
    
        /**
         *
         * @param Acl               $acl
         * @param RoleInterface     $role
         * @param ResourceInterface $entity
         * @param string            $privilege
         *
         * @return boolean
         */
        protected function assertEntity(Acl $acl, RoleInterface $role = null, ResourceInterface $entity = null, $privilege = null)
        {
            return true;
        }
    
    
    
        /**
         *
         * @param Acl               $acl
         * @param RoleInterface     $role
         * @param ResourceInterface $entity
         * @param string            $privilege
         *
         * @return boolean
         */
        protected function assertOther(Acl $acl, RoleInterface $role = null, ResourceInterface $entity = null, $privilege = null)
        {
            return true;
        }
    
    
    
        /**
         *
         * @return MvcEvent
         */
        protected function getMvcEvent()
        {
            $application = $this->getServiceLocator()->get('Application');
    
            return $application->getMvcEvent();
        }
    
    }