/**
* Set the mapping between permissions and masks.
*/
public function __construct()
{
parent::__construct();
$this->map[self::PERMISSION_MONITOR] = array(MaskBuilder::MASK_MONITOR, MaskBuilder::MASK_DEPOSIT, MaskBuilder::MASK_PLNADMIN);
$this->map[self::PERMISSION_DEPOSIT] = array(MaskBuilder::MASK_DEPOSIT, MaskBuilder::MASK_PLNADMIN);
$this->map[self::PERMISSION_PLNADMIN] = array(MaskBuilder::MASK_PLNADMIN);
}
public function testGetMasksReturnsNullWhenNotSupportedMask()
{
$map = new BasicPermissionMap();
$this->assertNull($map->getMasks('IS_AUTHENTICATED_REMEMBERED', null));
}
public function testSetAclClassScope()
{
$objectId = 1;
$grantedPermission = 'VIEW';
$role = 'ROLE_USER';
$application = $this->getApplication();
$application->add(new SetAclCommand());
$setAclCommand = $application->find('acl:set');
$setAclCommandTester = new CommandTester($setAclCommand);
$setAclCommandTester->execute(array('command' => 'acl:set', 'arguments' => array($grantedPermission, sprintf('%s:%s', self::OBJECT_CLASS, $objectId)), '--class-scope' => true, '--role' => array($role)));
$objectIdentity1 = new ObjectIdentity($objectId, self::OBJECT_CLASS);
$objectIdentity2 = new ObjectIdentity(2, self::OBJECT_CLASS);
$roleSecurityIdentity = new RoleSecurityIdentity($role);
$permissionMap = new BasicPermissionMap();
/** @var \Symfony\Component\Security\Acl\Model\AclProviderInterface $aclProvider */
$aclProvider = $application->getKernel()->getContainer()->get('security.acl.provider');
$acl1 = $aclProvider->findAcl($objectIdentity1, array($roleSecurityIdentity));
$this->assertTrue($acl1->isGranted($permissionMap->getMasks($grantedPermission, null), array($roleSecurityIdentity)));
$acl2 = $aclProvider->createAcl($objectIdentity2);
$this->assertTrue($acl2->isGranted($permissionMap->getMasks($grantedPermission, null), array($roleSecurityIdentity)));
}
