public function testGettersAndSetters()
{
$obj = new AclPrivilege();
$id = new AclPrivilegeIdentity('TestId', 'TestName');
$obj->setIdentity($id);
$obj->setExtensionKey('TestKey');
$obj->setGroup('TestGroup');
$this->assertTrue($id === $obj->getIdentity());
$this->assertEquals('TestKey', $obj->getExtensionKey());
$this->assertEquals('TestGroup', $obj->getGroup());
}
/**
* Return AclPermission object for given permission, ACL mask and ACL privilege
*
* @param AclExtensionInterface $extension
* @param string $permission
* @param string $mask
* @param AclPrivilege $privilege
* @return AclPermission
*/
protected function getAclPermission(AclExtensionInterface $extension, $permission, $mask, AclPrivilege $privilege)
{
return new AclPermission($permission, $extension->getAccessLevel($mask, $permission, $privilege->getIdentity()->getId()));
}
/**
* Adds permissions to the given $privilege based on the given ACEs.
* The $permissions argument is used to filter privileges for the given permissions only.
*
* @param AclPrivilege $privilege
* @param string[] $permissions
* @param EntryInterface[] $aces
* @param AclExtensionInterface $extension
* @param bool $itIsRootAcl
*/
protected function addAcesPermissions(AclPrivilege $privilege, array $permissions, array $aces, AclExtensionInterface $extension, $itIsRootAcl = false)
{
if (empty($aces)) {
return;
}
foreach ($aces as $ace) {
if (!$ace->isGranting()) {
// denying ACE is not supported
continue;
}
$mask = $ace->getMask();
if ($itIsRootAcl) {
$mask = $extension->adaptRootMask($mask, $privilege->getIdentity()->getId());
}
if ($extension->removeServiceBits($mask) === 0) {
foreach ($permissions as $permission) {
if (!$privilege->hasPermission($permission)) {
$privilege->addPermission(new AclPermission($permission, AccessLevel::NONE_LEVEL));
}
}
} else {
foreach ($extension->getPermissions($mask) as $permission) {
if (!$privilege->hasPermission($permission) && in_array($permission, $permissions)) {
$privilege->addPermission(new AclPermission($permission, $extension->getAccessLevel($mask, $permission)));
}
}
}
}
}
