function it_does_not_match_if_user_has_not_transition_permissions(Transition $transition, User $user, Permission $permission, Item $item, Context $context, ErrorCollection $errorCollection)
{
$user->hasPermission($permission)->willReturn(false);
$permission->__toString()->willReturn('workflow/permission');
$errorCollection->addError(Argument::cetera())->shouldBeCalled();
$this->match($transition, $item, $context, $errorCollection)->shouldReturn(false);
}
function it_does_not_match_if_step_role_is_not_granted(Transition $transition, Item $item, Context $context, User $user, Permission $permission, ErrorCollection $errorCollection)
{
$item->isWorkflowStarted()->willReturn(true);
$item->getCurrentStepName()->willReturn('step');
$permission->__toString()->willReturn('workflow/permission');
$user->hasPermission($permission)->willReturn(false);
$errorCollection->addError(Argument::cetera())->shouldBeCalled();
$this->match($transition, $item, $context, $errorCollection)->shouldReturn(false);
}
/**
* Check a specific transition. Check if access is granted by default if no permission is given.
*
* @param Permission|null $permission Permission to check.
*
* @return bool
*/
protected function checkPermission(Permission $permission = null)
{
if ($permission) {
if ($this->user->hasPermission($permission)) {
return true;
}
} elseif ($this->isGrantedByDefault()) {
return true;
}
return false;
}
/**
* Add permission to the role.
*
* @param Role[] $roles Already created roles.
* @param string $roleName The role name.
* @param Permission $permission The permission name.
* @param \User $contaoUser The Contao user.
* @param User $user The security user.
*
* @return Role
*/
private function addPermissionToRole(&$roles, $roleName, Permission $permission, $contaoUser, User $user)
{
$workflow = $permission->getWorkflowName();
if (!isset($roles[$workflow])) {
$role = new Role($roleName, $permission->getWorkflowName(), $this->translateLabel($roleName), array('user' => $contaoUser));
$roles[$workflow] = $role;
$user->assign($role);
}
$roles[$workflow]->addPermission($permission);
return $roles[$workflow];
}
