PHP Neos\Flow\Security\Authorization PrivilegeManagerInterface::isGranted Examples

isGranted() public method

Returns TRUE, if the given privilege type is granted for the given subject based on the current security context.

public isGranted ( string $privilegeType, mixed $subject, string &$reason = '' ) : boolean
$privilegeType	string	The type of privilege that should be evaluated
$subject	mixed	The subject to check privileges for
$reason	string	This variable will be filled by a message giving information about the reasons for the result of this method
return	boolean

Example #1

File: PolicyEnforcement.php Project: neos/flow-development-collection

 /**
  * Invokes the security interception
  *
  * @return boolean TRUE if the security checks was passed
  * @throws AccessDeniedException
  * @throws AuthenticationRequiredException if an entity could not be found (assuming it is bound to the current session), causing a redirect to the authentication entrypoint
  * @throws NoTokensAuthenticatedException if no tokens could be found and the accessDecisionManager denied access to the privilege target, causing a redirect to the authentication entrypoint
  */
 public function invoke()
 {
     $reason = '';
     $privilegeSubject = new MethodPrivilegeSubject($this->joinPoint);
     try {
         $this->authenticationManager->authenticate();
     } catch (EntityNotFoundException $exception) {
         throw new AuthenticationRequiredException('Could not authenticate. Looks like a broken session.', 1358971444, $exception);
     } catch (NoTokensAuthenticatedException $noTokensAuthenticatedException) {
         // We still need to check if the privilege is available to "Neos.Flow:Everybody".
         if ($this->privilegeManager->isGranted(MethodPrivilegeInterface::class, $privilegeSubject, $reason) === false) {
             throw new NoTokensAuthenticatedException($noTokensAuthenticatedException->getMessage() . chr(10) . $reason, $noTokensAuthenticatedException->getCode());
         }
     }
     if ($this->privilegeManager->isGranted(MethodPrivilegeInterface::class, $privilegeSubject, $reason) === false) {
         throw new AccessDeniedException($this->renderDecisionReasonMessage($reason), 1222268609);
     }
 }

Example #2

File: NodeView.php Project: neos/neos-development-collection

 /**
  * Collect node data and traverse child nodes
  *
  * @param array &$nodes
  * @param NodeInterface $node
  * @param string $nodeTypeFilter
  * @param integer $depth levels of child nodes to fetch. 0 = unlimited
  * @param \Neos\ContentRepository\Domain\Model\NodeInterface $untilNode if given, expand all nodes on the rootline towards $untilNode, no matter what is defined with $depth.
  * @param integer $recursionPointer current recursion level
  * @return void
  */
 protected function collectChildNodeData(array &$nodes, NodeInterface $node, $nodeTypeFilter, $depth = 0, NodeInterface $untilNode = null, $recursionPointer = 1)
 {
     foreach ($node->getChildNodes($nodeTypeFilter) as $childNode) {
         if (!$this->privilegeManager->isGranted(NodeTreePrivilege::class, new NodePrivilegeSubject($childNode))) {
             continue;
         }
         /** @var NodeInterface $childNode */
         $expand = $depth === 0 || $recursionPointer < $depth;
         if ($expand === false && $untilNode !== null && strpos($untilNode->getPath(), $childNode->getPath()) === 0 && $childNode !== $untilNode) {
             // in case $untilNode is set, and the current childNode is on the rootline of $untilNode (and not the node itself), expand the node.
             $expand = true;
         }
         switch ($this->outputStyle) {
             case self::STYLE_LIST:
                 $nodeType = $childNode->getNodeType()->getName();
                 $properties = $childNode->getProperties();
                 $properties['__contextNodePath'] = $childNode->getContextPath();
                 $properties['__workspaceName'] = $childNode->getWorkspace()->getName();
                 $properties['__nodeName'] = $childNode->getName();
                 $properties['__nodeType'] = $nodeType;
                 $properties['__title'] = $nodeType === 'Neos.Neos:Document' ? $childNode->getProperty('title') : $childNode->getLabel();
                 array_push($nodes, $properties);
                 if ($expand) {
                     $this->collectChildNodeData($nodes, $childNode, $nodeTypeFilter, $depth, $untilNode, $recursionPointer + 1);
                 }
                 break;
             case self::STYLE_TREE:
                 $children = array();
                 $hasChildNodes = $childNode->hasChildNodes($nodeTypeFilter) === true;
                 if ($expand && $hasChildNodes) {
                     $this->collectChildNodeData($children, $childNode, $nodeTypeFilter, $depth, $untilNode, $recursionPointer + 1);
                 }
                 array_push($nodes, $this->collectTreeNodeData($childNode, $expand, $children, $hasChildNodes));
         }
     }
 }

Example #3

File: AuthorizationService.php Project: neos/neos-development-collection

 /**
  * @param NodeInterface $node
  * @param string $propertyName
  * @return boolean
  */
 public function isGrantedToEditNodeProperty(NodeInterface $node, $propertyName)
 {
     $privilegeSubject = new PropertyAwareNodePrivilegeSubject($node, null, $propertyName);
     return $this->privilegeManager->isGranted(EditNodePropertyPrivilege::class, $privilegeSubject);
 }