public function updateAction() { $request = $this->getRequest(); $recipe = $this->readService->findById($this->params('id')); if (false === $this->authorizationService->isGranted('recipe.manage', $recipe)) { throw new UnauthorizedException('Insufficient Permissions'); } $viewModel = new ViewModel(); $viewModel->setTemplate('recipe/update'); $viewModel->setVariables(['form' => $this->form]); $this->form->bind($recipe); if ($request->isPost()) { $this->form->setData($request->getPost()); if ($this->form->isValid()) { try { $this->writeService->save($this->form->getData()); $this->flashMessenger()->addSuccessMessage('Rezept erfolgreich aktualisiert'); $this->redirect()->toRoute('recipe/read/update', ['id' => $this->params('id')]); } catch (\Exception $e) { var_dump($e->getMessage()); } } } $this->layout('layout/backend'); return $viewModel; }
public function manageAction() { if (false === $this->authorizationService->isGranted('user.admin')) { throw new UnauthorizedException('Insufficient Permissions'); } $userId = $this->params('id', null); if (null === $userId) { return $this->listUsers(); } $userObject = $this->userService->findById($userId); if (false === $userObject instanceof UserEntity) { return $this->listUsers(); } $request = $this->getRequest(); $viewModel = new ViewModel(); $viewModel->setTemplate('user/update'); $viewModel->setVariables(['form' => $this->form]); $this->form->bind($userObject); if ($request->isPost()) { $this->form->setData($request->getPost()); if ($this->form->isValid()) { try { $this->userService->save($this->form->getData()); $this->flashMessenger()->addSuccessMessage('User successfully updated'); return $this->redirect()->toRoute('zfcuser/manage'); } catch (\Exception $e) { var_dump($e->getMessage()); } } else { var_dump($this->form->getMessages()); } } return $viewModel; }
public function findById($userId) { if (false === $this->authorizationService->isGranted('user.admin')) { throw new UnauthorizedException('Insufficient Permissions'); } return $this->objectRepository->find($userId); }
public function delete(Recipe $recipe) { if (false === $this->authorizationService->isGranted('recipe.manage', $recipe)) { throw new UnauthorizedException('Insufficient Permissions'); } $this->objectManager->remove($recipe); $this->objectManager->flush(); }
/** * @return array * @throws UnauthorizedException */ public function findAll() { if ($this->authorizationService->isGranted('recipe.admin')) { return $this->objectRepository->findBy([], ['dateUpdated' => 'DESC']); } if ($this->authorizationService->isGranted('recipe.manage')) { return $this->objectRepository->findBy(['author' => $this->authorizationService->getIdentity()], ['dateUpdated' => 'DESC']); } throw new UnauthorizedException('Insufficient Permission'); }
public function init() { $this->setHydrator(new DoctrineObject($this->objectManager)); $this->setObject(new Recipe()); $this->add(['name' => 'id', 'type' => Hidden::class]); $this->add(['name' => 'title', 'type' => Text::class, 'options' => ['label' => 'Name des Rezeptes'], 'attributes' => ['class' => 'form-element']]); $this->add(['name' => 'content', 'type' => Textarea::class, 'options' => ['label' => 'Das Rezept bitte'], 'attributes' => ['class' => 'form-element wysiwyg']]); if ($this->authorizationService->isGranted('recipe.admin')) { $this->add(['name' => 'published', 'type' => Checkbox::class, 'options' => ['label' => 'Publiziert', 'use_hidden_element' => true, 'checked_value' => 1, 'unchecked_value' => 0], 'attributes' => ['class' => 'form-element']]); } }
/** * @param string $className * @param $id * @param string|null $permission * @param string $notFoundMessage * * @return object * * @throws \Doctrine\ORM\TransactionRequiredException * @throws \Doctrine\ORM\OptimisticLockException * @throws \DomainException * @throws \Doctrine\ORM\ORMException * @throws \Doctrine\ORM\ORMInvalidArgumentException * @throws \ZfrRest\Http\Exception\Client\NotFoundException * @throws \ZfrRest\Http\Exception\Client\UnauthorizedException * @throws \ZfrRest\Http\Exception\Client\ForbiddenException */ public function __invoke(string $className, $id, string $permission = null, string $notFoundMessage = 'The resource you were looking for was not found') { $entity = $this->entityManager->find($className, $id); if (!$entity) { throw new NotFoundException($notFoundMessage); } if ($permission && !$this->authorizationService->isGranted($permission, $entity)) { if ($this->authorizationService->getIdentity()) { throw new ForbiddenException(); } throw new UnauthorizedException(); } return $entity; }
public function isAllowed(EventInterface $event) { $target = $event->getTarget(); if ($target instanceof \Zend\View\Helper\Navigation\AbstractHelper) { $page = $event->getParam('page'); if (!$page instanceof AbstractPage) { return; } $permission = $page->getPermission(); if (null === $permission) { return; } $event->stopPropagation(); return $this->authorizationService->isGranted($permission); } }
/** * @param Post $post * @return Post * @throws UnauthorizedException */ public function update(Post $post) { if (!$this->authorizationService->isGranted(self::UPDATE)) { throw new UnauthorizedException(); } $this->objectManager->persist($post); $this->objectManager->flush(); return $post; }
/** * Check if this assertion is true * * @param AuthorizationService $authorization * @param mixed $context * * @return bool */ public function assert(AuthorizationService $authorization, $context = null) { if ($context === null) { return true; } if ($authorization->getIdentity() === $context->getAuthor()) { return true; } return $authorization->isGranted('recipe.admin'); }
public function testThrowExceptionForInvalidAssertion() { $role = $this->getMock('Rbac\\Role\\RoleInterface'); $rbac = $this->getMock('Rbac\\Rbac', [], [], '', false); $rbac->expects($this->once())->method('isGranted')->will($this->returnValue(true)); $roleService = $this->getMock('ZfcRbac\\Service\\RoleService', [], [], '', false); $roleService->expects($this->once())->method('getIdentityRoles')->will($this->returnValue([$role])); $assertionPluginManager = $this->getMock('ZfcRbac\\Assertion\\AssertionPluginManager', [], [], '', false); $authorizationService = new AuthorizationService($rbac, $roleService, $assertionPluginManager); $this->setExpectedException('ZfcRbac\\Exception\\InvalidArgumentException'); $authorizationService->setAssertion('foo', new \stdClass()); $authorizationService->isGranted('foo'); }
/** * @param AuthorizationService $authorizationService * @param AbstractConversationEntity $context * * @return bool */ public function assert(AuthorizationService $authorizationService, $context = null) { if (!$context instanceof AbstractConversationEntity) { throw new InvalidArgumentException(); } /* @var MessageUserInterface $user */ $user = $authorizationService->getIdentity(); /* @var ArrayCollection $participants */ $participants = $context->getParticipants(); if ($participants->contains($user)) { return true; } return $authorizationService->isGranted('administrator'); }
public function deleteAction() { $request = $this->getRequest(); $recipe = $this->readService->findById($this->params('id')); if (false === $this->authorizationService->isGranted('recipe.manage', $recipe)) { throw new UnauthorizedException('Insufficient Permissions'); } $viewModel = new ViewModel(); $viewModel->setTemplate('recipe/delete'); $viewModel->setVariables(['recipe' => $recipe, 'form' => $this->form]); if ($request->isPost()) { $this->form->setData($request->getPost()); if ($this->form->isValid()) { try { $this->writeService->delete($recipe); $this->flashMessenger()->addSuccessMessage('Rezept wurde erfolgreich gelöscht!'); return $this->redirect()->toRoute('recipe'); } catch (\Exception $e) { var_dump($e->getMessage()); } } } return $viewModel; }
public function createAction() { if (false === $this->authorizationService->isGranted('recipe.add')) { throw new UnauthorizedException('Insufficient Permissions'); } $viewModel = new ViewModel(); $viewModel->setTemplate('recipe/add'); $viewModel->setVariables(['form' => $this->form]); $request = $this->getRequest(); if ($request->isPost()) { $this->form->setData($request->getPost()); if ($this->form->isValid()) { try { $recipe = $this->form->getData(); $this->writeService->save($recipe); return $this->redirect()->toRoute('recipe/read', ['id' => $recipe->getId()]); } catch (\Exception $e) { var_dump($e->getMessage()); } } } $this->layout('layout/backend'); return $viewModel; }
/** * @param RepositoryInterface $repository * @param RevisionInterface $revision * @param string $event * @return void * @throws UnauthorizedException */ protected function hasPermission(RepositoryInterface $repository, RevisionInterface $revision, $event) { $permission = $this->moduleOptions->getPermission($repository, $event); if (!$this->authorizationService->isGranted($permission, $revision)) { switch ($event) { case VersioningEvent::REJECT: $event = VersioningEvent::REJECT_UNAUTHORIZED; break; case VersioningEvent::COMMIT: $event = VersioningEvent::COMMIT_UNAUTHORIZED; break; case VersioningEvent::CHECKOUT: $event = VersioningEvent::CHECKOUT_UNAUTHORIZED; break; } $this->triggerEvent($event, $repository, $revision); throw new UnauthorizedException(sprintf('You are missing permission "%s" for this event %s.', $permission, $event)); } }