public static function &getInstance()
{
if (__PermissionManager::$_instance == null) {
__PermissionManager::$_instance = new __PermissionManager();
}
return __PermissionManager::$_instance;
}
private function _setPermissions(__Role &$role, __ConfigurationSection &$section)
{
$permission_sections = $section->getSections();
foreach ($permission_sections as &$permission_section) {
if (strtoupper($permission_section->getName()) == 'PERMISSION') {
$permission_id = $permission_section->getAttribute('id');
$permission = __PermissionManager::getInstance()->getPermission($permission_id);
$role->addPermission($permission);
unset($permission);
}
}
}
public function evaluateCondition()
{
$return_value = false;
$permission_id = $this->getPermission();
$permission = __PermissionManager::getInstance()->getPermission($permission_id);
if (!__AuthenticationManager::getInstance()->isAnonymous()) {
$user_in_session = __AuthenticationManager::getInstance()->getAuthenticatedUser();
if ($user_in_session->hasPermission($permission)) {
$return_value = true;
}
}
return $return_value;
}
public function canRenderChildrenComponents(__IComponent &$component)
{
$return_value = false;
$permission_id = $component->getPermission();
$condition = $component->getCondition();
if (__PermissionManager::getInstance()->hasPermission($permission_id)) {
$permission = __PermissionManager::getInstance()->getPermission($permission_id);
if ($condition == __ProtectedSectionComponent::IF_HAS_PERMISSION && __AuthorizationManager::getInstance()->hasPermission($permission)) {
$return_value = true;
} else {
if ($condition == __ProtectedSectionComponent::IF_NOT_HAS_PERMISSION && !__AuthorizationManager::getInstance()->hasPermission($permission)) {
$return_value = true;
}
}
} else {
throw __ExceptionFactory::getInstance()->createException('Unknow permission id: ' . $permission_id);
}
return $return_value;
}
public static function &createActionController($action_controller_definition, $controller_code = null)
{
$return_value = null;
$controller_code_substring = null;
if (strpos($action_controller_definition->getCode(), '*') !== false) {
if ($controller_code != null) {
$controller_code_substring_array = array();
if (preg_match('/^' . str_replace('*', '(.+?)', $action_controller_definition->getCode()) . '$/i', $controller_code, $controller_code_substring_array)) {
$controller_code_substring = $controller_code_substring_array[1];
} else {
return null;
}
}
}
$controller_class_name = $action_controller_definition->getClass();
if ($controller_code_substring != null) {
$controller_class_name = str_replace('*', $controller_code_substring, $controller_class_name);
if (!class_exists($controller_class_name)) {
throw __ExceptionFactory::getInstance()->createException('ERR_CAN_NOT_RESOLVE_CONTROLLER', array($controller_code));
}
}
if (class_exists($controller_class_name)) {
$return_value = new $controller_class_name();
if (!$return_value instanceof __IActionController) {
throw __ExceptionFactory::getInstance()->createException('ERR_WRONG_CONTROLLER_CLASS', array(get_class($return_value)));
}
$return_value->setCode($controller_code ? $controller_code : $action_controller_definition->getCode());
$return_value->setHistoriable($action_controller_definition->isHistoriable());
$return_value->setValidRequestMethod($action_controller_definition->getValidRequestMethod());
$return_value->setRequestable($action_controller_definition->isRequestable());
$return_value->setRequireSsl($action_controller_definition->requireSsl());
if ($action_controller_definition->getRequiredPermissionId() != null) {
$required_permission = __PermissionManager::getInstance()->getPermission($action_controller_definition->getRequiredPermissionId());
$return_value->setRequiredPermission($required_permission);
}
} else {
throw __ExceptionFactory::getInstance()->createException('ERR_CLASS_NOT_FOUND', array($controller_class_name));
}
return $return_value;
}
/**
* Checks if current user has access to a given url. This method just check if the
* action controller that will be executed as consequence of the url is accessible
* by the current user.
*
* @param string $url The url to check access to
* @return boolean true if the user has access to the given url
*/
public function hasAccessToUrl($url)
{
$return_value = true;
//by default
$uri = __UriFactory::getInstance()->createUri($url);
$action_identity = $uri->getActionIdentity();
$controller_code = $action_identity->getControllerCode();
$controller_definition = __ActionControllerResolver::getInstance()->getActionControllerDefinition($controller_code);
if ($controller_definition instanceof __ActionControllerDefinition) {
$required_permission = __PermissionManager::getInstance()->getPermission($controller_definition->getRequiredPermissionId());
if (!$required_permission->isJuniorPermissionOf($this->_user_session->getActiveRoles()->getEquivalentPermission())) {
$return_value = false;
}
}
return $return_value;
}
public function &getModelService()
{
$return_value = new __ModelService($this->getAlias());
$class = $this->getClass();
$instance = $this->getInstance();
if ($class != null) {
$return_value->setClass($class);
} else {
if ($instance != null) {
$return_value->setInstance($instance);
}
}
$return_value->setService($this->getService());
$return_value->setCache($this->getCache());
$return_value->setCacheTtl($this->getCacheTtl());
$return_value->setRemote($this->getRemote());
$return_value->setArguments($this->getArguments());
if ($this->getRequiredPermissionId() != null) {
$required_permission = __PermissionManager::getInstance()->getPermission($this->getRequiredPermissionId());
$return_value->setRequiredPermission($required_permission);
}
return $return_value;
}
