/**
* @param \Generated\Shared\Transfer\RuleTransfer $rule
* @param string $bundle
* @param string $controller
* @param string $action
*
* @return bool
*/
public function assert(RuleTransfer $rule, $bundle, $controller, $action)
{
if (($rule->getBundle() === $bundle || $rule->getBundle() === AclConstants::VALIDATOR_WILDCARD) && ($rule->getController() === $controller || $rule->getController() === AclConstants::VALIDATOR_WILDCARD) && ($rule->getAction() === $action || $rule->getAction() === AclConstants::VALIDATOR_WILDCARD)) {
return true;
}
return false;
}
/**
* @throws \Spryker\Zed\Acl\Business\Exception\RoleNotFoundException
*
* @return void
*/
private function addRules()
{
foreach ($this->config->getInstallerRules() as $rule) {
$role = $this->role->getByName($rule['role']);
if (!$role) {
throw new RoleNotFoundException();
}
if (!$this->rule->existsRoleRule($role->getIdAclRole(), $rule['bundle'], $rule['controller'], $rule['action'], $rule['type'])) {
$ruleTransfer = new RuleTransfer();
$ruleTransfer->fromArray($rule, true);
$ruleTransfer->setFkAclRole($role->getIdAclRole());
$this->rule->addRule($ruleTransfer);
}
}
}
/**
* @return void
*/
public function testCheckPermissionWildcards()
{
$groupData = $this->mockGroupData();
$groupDto = $this->facade->addGroup($groupData['name'], $this->rolesTransfer);
$roleData = $this->mockRoleData();
$roleDto = $this->facade->addRole($roleData['name']);
$this->facade->addRoleToGroup($roleDto->getIdAclRole(), $groupDto->getIdAclGroup());
$ruleData[] = $this->mockRuleData('allow', $roleDto->getIdAclRole());
$ruleData[] = $this->mockRuleData('deny', $roleDto->getIdAclRole());
$userData = $this->mockUserData();
$userDto = $this->mockAddUser($userData);
$added = $this->facade->addUserToGroup($userDto->getIdUser(), $groupDto->getIdAclGroup());
$this->assertEquals($added, 1);
foreach ($ruleData as $current) {
$ruleTransfer = new RuleTransfer();
$ruleTransfer->fromArray($current, true);
$ruleTransfer->setBundle('*');
$ruleTransfer->setFkAclRole($roleDto->getIdAclRole());
$this->facade->addRule($ruleTransfer);
$shouldAllow = $current['type'] === 'allow' ? true : false;
$canAccess = $this->facade->checkAccess($userDto, $current['bundle'], $current['controller'], $current['action']);
$this->assertEquals($shouldAllow, $canAccess);
}
}
/**
* @return void
*/
protected function provideUserRuleWhitelist()
{
$ruleWhitelist = $this->config->getUserRuleWhitelist();
foreach ($ruleWhitelist as $rule) {
$rulesTransfer = new RuleTransfer();
$rulesTransfer->fromArray($rule, true);
$this->rulesValidator->addRule($rulesTransfer);
}
}
/**
* @param int $idAclRole
*
* @return array
*/
public function getData($idAclRole)
{
$ruleTransfer = new RuleTransfer();
$ruleTransfer->setFkAclRole($idAclRole);
return $ruleTransfer->toArray();
}
