function run($controller) { // now rule objects are only created if denyAccess() exists $isloggedin = new A_User_Rule_Isloggedin(); $ingroup = new A_User_Rule_Ingroup('admin'); // check if access check fails if (!$isloggedin->isValid($this->user) && !$ingroup->isValid($this->user)) { // if access check fails then return DL so Front Controller // will forward to 'login' instead of requested Action return array('', 'login', 'index'); } }
function run($controller) { if (method_exists($controller, $this->method)) { if (is_a($this->session, 'A_User_Session')) { $user = $this->session; } else { $this->session->start(); $user = new A_User_Session($this->session); } $groups = $controller->{$this->method}(); $access = new A_User_Rule_Ingroup($groups, 'Access Denied.'); if ($this->field) { $access->setField($this->field); // change default from 'access' } if (!$access->isValid($user)) { if ($this->forward) { return $this->forward; } } } }
function testUser_Rule_Ingroup() { $groups_str = 'foo|bar'; $groups_array = array('foo', 'bar'); $forward = array('x'); $field = 'access'; $delimiter = '|'; $rule = new A_User_Rule_Ingroup('box|fox', $forward); $user = new UserMock(); // all level checks will fail if not logged in $user->setLoggedIn(false); // level not set, not logged in $this->assertFalse($rule->isValid($user)); $this->assertFalse($rule->setUser($user)->isValid()); $this->assertEqual($rule->getErrorMsg(), $forward); // level less than, not logged in $user->set($field, 4); $this->assertFalse($rule->isValid($user)); $this->assertFalse($rule->setUser($user)->isValid()); $this->assertEqual($rule->getErrorMsg(), $forward); // level greater than, not logged in $user->set($field, 6); $this->assertFalse($rule->isValid($user)); $this->assertFalse($rule->setUser($user)->isValid()); $this->assertEqual($rule->getErrorMsg(), $forward); $user->setLoggedIn(true); $user->set($field, $groups_array); $rule->setGroups('baz|bat'); $this->assertFalse($rule->isValid($user)); $this->assertFalse($rule->setUser($user)->isValid()); $this->assertEqual($rule->getErrorMsg(), $forward); $rule->setGroups('foo'); $this->assertTrue($rule->isValid($user)); $this->assertTrue($rule->setUser($user)->isValid()); $this->assertEqual($rule->getErrorMsg(), array()); $rule->setGroups('bar'); $this->assertTrue($rule->isValid($user)); $this->assertTrue($rule->setUser($user)->isValid()); $this->assertEqual($rule->getErrorMsg(), array()); }