/**
* Runs security to check, if user is authorized correctly
*
* @param SecurityCommand $securityCommand
*
*/
public function authorize(SecurityCommand $securityCommand)
{
/** @var UserFactory $userFactory */
$userFactory = $this->container->getUserFactory($securityCommand->userFactory());
$user = $userFactory->create();
/** @var ResourceFactory $resourceFactory */
if (!is_null($securityCommand->resourceFactory())) {
$resourceFactory = $this->container->getResourceFactory($securityCommand->resourceFactory());
$resource = $resourceFactory->create();
}
/** @var SecurityType $securityType */
$securityType = $this->container->getSecurityType($securityCommand->securityType());
$policiesList = array();
foreach ($securityCommand->policies() as $policy) {
$policiesList[] = $this->container->getSecurityPolicy($policy);
}
$expression = $securityCommand->expression() ? new Expression($securityCommand->expression()) : new EmptyExpression();
$securityType->execute($expression, $user, isset($resource) ? $resource : null, $policiesList);
}
/**
* @When user tries to modify
*/
public function userTriesToModify()
{
$this->applicationCore->initialize($this->container, new \Dgafka\AuthorizationSecurity\Infrastructure\ExpressionReader(new \Symfony\Component\ExpressionLanguage\ExpressionLanguage()), function () {
return new \Dgafka\AuthorizationSecurity\Domain\Security\Type\StandardSecurity();
});
try {
$securityAPI = $this->container->get('security');
$securityCommand = new \Dgafka\AuthorizationSecurity\Application\Api\SecurityCommand($this->securityName, $this->securityName, null, $this->securityName);
$securityAPI->authorize($securityCommand);
$this->securityCheckResult = 1;
} catch (\Dgafka\AuthorizationSecurity\Domain\Security\SecurityAccessDenied $e) {
$this->securityCheckResult = 0;
}
}
public function it_should_register_new_options(DIContainer $container, ExpressionReader $expressionReader, ExpressionFunction $expressionFunction)
{
$this->config->debugMode()->willReturn(false);
$this->config->includePaths()->willReturn(array());
$this->config->cachePath()->willReturn('/home/cache');
$closure = function () {
return 1;
};
$this->registerExpressionFunction($expressionFunction);
$this->registerExpressionFunction($expressionFunction);
$this->registerSecurityType('security1', $closure);
$this->registerSecurityType('security2', $closure);
$this->registerSecurityPolicy('policy1', $closure);
$this->registerSecurityPolicy('policy2', $closure);
$this->registerUserFactory('user1', $closure);
$this->registerUserFactory('user2', $closure);
$this->registerResourceFactory('resource1', $closure);
$this->registerResourceFactory('resource2', $closure);
$container->register('expressionReader', $expressionReader)->shouldBeCalledTimes(1);
$container->registerSecurityType('standard', Argument::type('callable'))->shouldBeCalledTimes(1);
$container->register('security', Argument::type('Dgafka\\AuthorizationSecurity\\Application\\Api\\Security'))->shouldBeCalledTimes(1);
$container->register('cachePath', '/home/cache')->shouldBeCalledTimes(1);
$container->register('includePaths', array())->shouldBeCalledTimes(1);
$container->register('debugMode', false)->shouldBeCalledTimes(1);
$container->registerSecurityType('security1', Argument::type('callable'))->shouldBeCalledTimes(1);
$container->registerSecurityType('security2', Argument::type('callable'))->shouldBeCalledTimes(1);
$container->registerSecurityPolicy('policy1', Argument::type('callable'))->shouldBeCalledTimes(1);
$container->registerSecurityPolicy('policy2', Argument::type('callable'))->shouldBeCalledTimes(1);
$container->registerUserFactory('user1', Argument::type('callable'))->shouldBeCalledTimes(1);
$container->registerUserFactory('user2', Argument::type('callable'))->shouldBeCalledTimes(1);
$container->registerResourceFactory('resource1', Argument::type('callable'))->shouldBeCalledTimes(1);
$container->registerResourceFactory('resource2', Argument::type('callable'))->shouldBeCalledTimes(1);
$expressionReader->registerFunction($expressionFunction)->shouldBeCalledTimes(2);
$this->initialize($container, $expressionReader, $closure);
$this->initialize($container, $expressionReader, $closure);
}
/**
* Initialize application, should not be called directly.
*
* @param DIContainer $container
* @param ExpressionReader $expressionReader
*
* @throws RuntimeException
* @internal
*/
public function initialize(DIContainer $container, ExpressionReader $expressionReader)
{
if ($this->isLoaded) {
return;
}
$container->register('expressionReader', $expressionReader);
$container->register('security', new Security($container));
$container->registerSecurityType('standard', function () {
return new StandardSecurity();
});
$container->register('cachePath', $this->config()->cachePath());
$container->register('debugMode', $this->config()->debugMode());
$container->register('includePaths', $this->config()->includePaths());
foreach ($this->expressionFunctions as $expressionFunction) {
$expressionReader->registerFunction($expressionFunction);
}
foreach ($this->securityTypes as $type) {
$container->registerSecurityType($type['name'], $type['closure']);
}
foreach ($this->securityPolicies as $policy) {
$container->registerSecurityPolicy($policy['name'], $policy['closure']);
}
foreach ($this->userFactories as $userFactory) {
$container->registerUserFactory($userFactory['name'], $userFactory['closure']);
}
foreach ($this->resourceFactories as $resourceFactory) {
$container->registerResourceFactory($resourceFactory['name'], $resourceFactory['closure']);
}
$this->isLoaded = true;
}
