/**
  * Constructs sql restriction based on permission specified and fills list of used sql params to be bind in prepared
  * statement
  *
  * @param string $permission     permission value (VIEW, EDIT, etc)
  * @param array  &$valuesForBind list of params to be bind
  *
  * @return string
  */
 private function getPermissionSqlRestriction($permission, &$valuesForBind)
 {
     if (!$this->permissionMap->contains($permission)) {
         throw new InvalidArgumentException(sprintf('There is no masks in permission map for specified permission "%s"', $permission));
     }
     // Hack to omit mandatory object parameter which is not necessary
     $requiredMasks = $this->permissionMap->getMasks($permission, new \StdClass());
     $maskSqlParams = [];
     // filling values for bind with mask params and prepare mask params array
     foreach ($requiredMasks as $maskKey => $mask) {
         $maskParam = "mask" . $maskKey;
         $maskSqlParams[$maskKey] = $maskParam;
         $valuesForBind[$maskParam] = ['value' => $mask, 'type' => PDO::PARAM_INT];
     }
     $strategyMasksSqlRestrictions = [];
     foreach (static::$permissionStrategyCheckPatterns as $strategyKey => $pattern) {
         $strategyMasksSqlRestrictions[$strategyKey] = [];
         foreach ($requiredMasks as $maskKey => $mask) {
             $strategyMasksSqlRestrictions[$strategyKey][] = str_replace("%MASK_PARAM%", $maskSqlParams[$maskKey], $pattern);
         }
     }
     $strategySqlRestrictions = [];
     foreach ($strategyMasksSqlRestrictions as $strategyKey => $restrictions) {
         $strategySqlRestrictions[] = sprintf('(e.granting_strategy = "%s" AND (%s))', $strategyKey, implode(" OR ", $restrictions));
     }
     $permissionSqlRestriction = sprintf('WHERE e.granting = 1 AND (%s)', implode(" OR ", $strategySqlRestrictions));
     return $permissionSqlRestriction;
 }
Ejemplo n.º 2
0
 /**
  * Resolves any variation of masks/permissions to an integer.
  *
  * @param string|int|array $masks
  *
  * @return type
  */
 private function resolveMask($masks, $object)
 {
     $integerMask = 0;
     if (is_integer($masks)) {
         $integerMask = $masks;
     } elseif (is_string($masks)) {
         $permission = $this->permissionMap->getMasks($masks, $object);
         $integerMask = $this->resolveMask($permission, $object);
     } elseif (is_array($masks)) {
         foreach ($masks as $mask) {
             $integerMask += $this->resolveMask($mask, $object);
         }
     } else {
         throw new \RuntimeException('Not a valid mask type');
     }
     return $integerMask;
 }
 /**
  * {@inheritdoc}
  */
 public function getMasks($permission, $object)
 {
     return $this->permissionMap->getMasks($permission, $object);
 }