/** * Apply permissions, restrictions and roles to the given user * * @param User $user */ public function applyRoles(User $user) { $username = $user->getUsername(); try { $roles = Config::app('roles'); } catch (NotReadableError $e) { Logger::error('Can\'t get permissions and restrictions for user \'%s\'. An exception was thrown:', $username, $e); return; } $userGroups = $user->getGroups(); $permissions = array(); $restrictions = array(); $roleObjs = array(); foreach ($roles as $roleName => $role) { if ($this->match($username, $userGroups, $role)) { $permissionsFromRole = StringHelper::trimSplit($role->permissions); $permissions = array_merge($permissions, array_diff($permissionsFromRole, $permissions)); $restrictionsFromRole = $role->toArray(); unset($restrictionsFromRole['users']); unset($restrictionsFromRole['groups']); unset($restrictionsFromRole['permissions']); foreach ($restrictionsFromRole as $name => $restriction) { if (!isset($restrictions[$name])) { $restrictions[$name] = array(); } $restrictions[$name][] = $restriction; } $roleObj = new Role(); $roleObjs[] = $roleObj->setName($roleName)->setPermissions($permissionsFromRole)->setRestrictions($restrictionsFromRole); } } $user->setPermissions($permissions); $user->setRestrictions($restrictions); $user->setRoles($roleObjs); }
/** * Load a role * * @param string $name The name of the role * * @return $this * * @throws LogicException If the config is not set * @throws NotFoundError If the given role does not exist * @see ConfigForm::setConfig() For setting the config. */ public function load($name) { if (!isset($this->config)) { throw new LogicException(sprintf('Can\'t load role \'%s\'. Config is not set', $name)); } if (!$this->config->hasSection($name)) { throw new NotFoundError($this->translate('Can\'t load role \'%s\'. Role does not exist'), $name); } $role = $this->config->getSection($name)->toArray(); $role['permissions'] = !empty($role['permissions']) ? StringHelper::trimSplit($role['permissions']) : null; $role['name'] = $name; $restrictions = array(); foreach ($this->providedRestrictions as $name => $spec) { if (isset($role[$spec['name']])) { // Translate restriction names to filtered element names $restrictions[$name] = $role[$spec['name']]; unset($role[$spec['name']]); } } $role = array_merge($role, $restrictions); $this->populate($role); return $this; }
public function testWhetherTrimSplitSplitsByTheGivenDelimiter() { $this->assertEquals(array('one', 'two', 'three'), StringHelper::trimSplit('one.two.three', '.'), 'String::trimSplit does not split a string by the given delimiter'); }
/** * Convert the given comma separated string to an array * * @param string $value * * @return array */ protected function retrieveCommaSeparatedString($value) { if ($value && is_string($value)) { $value = StringHelper::trimSplit($value); } elseif ($value !== null) { throw new ProgrammingError('Cannot retrieve value "%s" as array. It\'s not a string', $value); } return $value; }
/** * Return the groups the given user is a member of * * @param User $user * * @return array */ public function getMemberships(User $user) { $result = $this->select()->fetchAll(); $groups = array(); foreach ($result as $group) { $groups[$group->group_name] = $group->parent; } $username = strtolower($user->getUsername()); $memberships = array(); foreach ($result as $group) { if ($group->users && !in_array($group->group_name, $memberships)) { $users = array_map('strtolower', StringHelper::trimSplit($group->users)); if (in_array($username, $users)) { $memberships[] = $group->group_name; $parent = $groups[$group->group_name]; while ($parent !== null) { $memberships[] = $parent; $parent = isset($groups[$parent]) ? $groups[$parent] : null; } } } } return $memberships; }