/** * Handling the request event. * * @param GetResponseEvent $event */ public function onKernelRequest(GetResponseEvent $event) { $request = $event->getRequest(); $route = $request->attributes->get(DynamicRouter::ROUTE_KEY); if ($route && !$this->publishWorkflowChecker->isGranted($this->getPublishWorkflowPermission(), $route)) { throw new NotFoundHttpException('Route not found at: ' . $request->getPathInfo()); } $content = $request->attributes->get(DynamicRouter::CONTENT_KEY); if ($content && !$this->publishWorkflowChecker->isGranted($this->getPublishWorkflowPermission(), $content)) { throw new NotFoundHttpException('Content not found for: ' . $request->getPathInfo()); } }
/** * {@inheritdoc} * * @param object $object */ public function vote(TokenInterface $token, $object, array $attributes) { if (!$this->supportsClass(get_class($object))) { return self::ACCESS_ABSTAIN; } foreach ($attributes as $attribute) { if (!$this->supportsAttribute($attribute)) { return self::ACCESS_ABSTAIN; } } if ($this->publishWorkflowChecker->isGranted($attributes, $object)) { return self::ACCESS_GRANTED; } return self::ACCESS_DENIED; }
public function testNoSecurityContext() { $container = $this->getMock('Symfony\\Component\\DependencyInjection\\ContainerInterface'); $container->expects($this->any())->method('get')->with('security.context')->will($this->throwException(new ServiceNotFoundException('Service not defined'))); $container->expects($this->any())->method('has')->with('security.context')->will($this->returnValue(false)); $this->pwfc = new PublishWorkflowChecker($container, $this->adm, $this->role); $this->adm->expects($this->once())->method('decide')->will($this->returnValue(false)); $this->assertFalse($this->pwfc->isGranted(PublishWorkflowChecker::VIEW_ATTRIBUTE, $this->doc)); }
public function testTokenStorageAndAuthenticationManager() { if (!class_exists('Symfony\\Component\\Security\\Core\\Authentication\\Token\\Storage\\TokenStorage')) { $this->markTestSkipped('This test requires Symfony >2.6'); } $token = new AnonymousToken('x', 'y'); $ts = \Mockery::mock('Symfony\\Component\\Security\\Core\\Authentication\\Token\\Storage\\TokenStorageInteface'); $ac = \Mockery::mock('Symfony\\Component\\Security\\Core\\Authorization\\AuthorizationCheckerInterface'); $container = \Mockery::mock('Symfony\\Component\\DependencyInjection\\ContainerInterface'); $container->shouldReceive('get')->with('security.token_storage')->andReturn($ts); $container->shouldReceive('get')->with('security.authorization_checker')->andReturn($ac); $container->shouldReceive('has')->with('security.token_storage')->andReturn(true); $container->shouldReceive('has')->with('security.authorization_checker')->andReturn(true); $ts->shouldReceive('getToken')->andReturn($token); $ac->shouldReceive('isGranted')->with($this->role)->andReturn(true); $pwfc = new PublishWorkflowChecker($container, $this->adm, $this->role); $this->assertTrue($pwfc->isGranted(PublishWorkflowChecker::VIEW_ATTRIBUTE, $this->doc)); }
/** * {@inheritdoc} */ public function exposeOnSitemap($content, $sitemap) { return $this->publishWorkflowChecker->isGranted(PublishWorkflowChecker::VIEW_ANONYMOUS_ATTRIBUTE, $content); }