/**
  * renders <f:then> child if the role could be found in the security context,
  * otherwise renders <f:else> child.
  *
  * @param string $role The role
  * @return string the rendered string
  * @author Andreas Förthner <*****@*****.**>
  * @api
  */
 public function render($role)
 {
     if ($this->securityContext->hasRole($role)) {
         return $this->renderThenChild();
     } else {
         return $this->renderElseChild();
     }
 }
Example #2
0
 /**
  * This is the default Acl voter, it votes for the ACCESS privilege for the given resource
  *
  * @param F3\FLOW3\Security\Context $securityContext The current securit context
  * @param string $resource The resource to vote for
  * @return integer One of: VOTE_GRANT, VOTE_ABSTAIN, VOTE_DENY
  */
 public function voteForResource(\F3\FLOW3\Security\Context $securityContext, $resource)
 {
     $accessGrants = 0;
     $accessDenies = 0;
     foreach ($securityContext->getRoles() as $role) {
         $privileges = $this->policyService->getPrivilegesForResource($role, $resource);
         if (!isset($privileges[0])) {
             continue;
         }
         if ($privileges[0]->isGrant()) {
             $accessGrants++;
         } else {
             $accessDenies++;
         }
     }
     if ($accessDenies > 0) {
         return self::VOTE_DENY;
     }
     if ($accessGrants > 0) {
         return self::VOTE_GRANT;
     }
     return self::VOTE_ABSTAIN;
 }
 /**
  * Logout all active authentication tokens
  *
  * @return void
  */
 public function logout()
 {
     foreach ($this->securityContext->getAuthenticationTokens() as $token) {
         $token->setAuthenticationStatus(\F3\FLOW3\Security\Authentication\TokenInterface::NO_CREDENTIALS_GIVEN);
     }
 }