/** * @covers Rbac\Role\Role::getPermissions */ public function testRoleCanGetPermissions() { $role = new Role('php'); $role->addPermission('foo'); $role->addPermission('bar'); $expectedPermissions = ['foo' => 'foo', 'bar' => 'bar']; $this->assertEquals($expectedPermissions, $role->getPermissions()); }
/** * @covers Rbac\Role\Role::addPermission */ public function testRoleCanAddPermission() { $role = new Role('php'); $role->addPermission('debug'); $this->assertTrue($role->hasPermission('debug')); $permission = $this->getMock('Rbac\\Permission\\PermissionInterface'); $permission->expects($this->once())->method('__toString')->will($this->returnValue('interface')); $role->addPermission($permission); $this->assertTrue($role->hasPermission('interface')); }
/** * {@inheritDoc} */ public function getRoles(array $roleNames) { $roles = []; foreach ($roleNames as $roleName) { // If no config, we create a simple role with no permission if (!isset($this->rolesConfig[$roleName])) { $roles[] = new Role($roleName); continue; } $roleConfig = $this->rolesConfig[$roleName]; if (isset($roleConfig['children'])) { $role = new HierarchicalRole($roleName); $childRoles = (array) $roleConfig['children']; foreach ($this->getRoles($childRoles) as $childRole) { $role->addChild($childRole); } } else { $role = new Role($roleName); } $permissions = isset($roleConfig['permissions']) ? $roleConfig['permissions'] : []; foreach ($permissions as $permission) { $role->addPermission($permission); } $roles[] = $role; } return $roles; }
function setup_role_manager_mocks(Permission $permission, Role $role, RoleSet $role_set, RoleManager $role_manager) { $permission->permission_id = 1; $permission->name = 'Permission Name'; $permission->description = 'A dummy permission'; $role->role_id = 1; $role->name = 'members'; $role->description = 'A dummy role'; $role->hasPermission(Argument::type('RBAC\\Permission'))->willReturn(true); $role->getPermissions()->willReturn(array($permission)); $role->addPermission(Argument::any())->willReturn(true); $role_set->addRole(Argument::type('RBAC\\Role\\Role'))->willReturn(true); $role_set->has_permission('Permission Name')->willReturn(true); $role_manager->roleFetchByName('members')->willReturn($role); $role_manager->roleFetch()->willReturn(array($role)); $role_manager->roleSave(Argument::any())->willReturn(true); $role_manager->permissionFetch()->willReturn(array($permission)); //assigns a role set object to the UserAccount object $role_manager->loadSubjectRoles(Argument::type('PolyAuth\\UserAccount'))->will(function ($args) use($role_set) { $user = $args[0]; $user->loadRoleSet($role_set); return $user; }); //adds a role to the role set of the role object $role_manager->roleAddSubject(Argument::cetera())->will(function ($args) { $role = $args[0]; $user = $args[1]; $role_set = $user->getRoleSet(); $role_set->addRole($role); $user->loadRoleSet($role_set); return $user; }); return ['role_manager' => $role_manager]; }
/** * @covers Rbac\Rbac::isGranted */ public function testCanCheckHierarchicalRole() { $childRole = new Role('Bar'); $childRole->addPermission('permission'); $parentRole = new HierarchicalRole('Foo'); $parentRole->addChild($childRole); $rbac = new Rbac(); $this->assertTrue($rbac->isGranted($parentRole, 'permission')); }
public function getRoles(array $roleNames) { $identity = $this->authenticationService->getIdentity(); $authenticatedIdentity = []; $keypart = 'guest'; if ($identity instanceof AuthenticatedIdentity) { $authenticatedIdentity = $identity->getAuthenticationIdentity(); $keypart = $authenticatedIdentity['client_id'] . $authenticatedIdentity['access_token']; } $key = implode('_', array(implode('', $roleNames), $keypart)); if (isset($this->roleCache[$key])) { return $this->roleCache[$key]; } $roles = []; foreach ($roleNames as $roleName) { $roleEntity = $this->roleMapper->fetchEntity($roleName); if (!$roleEntity) { $roles[] = new Role($roleName); continue; } $role = new Role($roleName); $permissions = $roleEntity->getScopes(); if (!empty($permissions)) { $permissions = explode(' ', $permissions); } else { $permissions = []; } $client_permissions = $permissions; if (isset($authenticatedIdentity['client_data'])) { if (isset($authenticatedIdentity['client_data']['scope']) && !empty($authenticatedIdentity['client_data']['scope'])) { $client_permissions = explode(' ', $authenticatedIdentity['client_data']['scope']); } } $token_permissions = $permissions; if (isset($authenticatedIdentity['scope']) && !empty($authenticatedIdentity['scope'])) { $token_permissions = explode(' ', $authenticatedIdentity['scope']); } $permissions = array_intersect($permissions, $client_permissions, $token_permissions); foreach ($permissions as $permission) { $role->addPermission($permission); } $roles[] = $role; } $this->roleCache[$key] = $roles; return $roles; }
/** * Get role by role name * * @param $roleName * @return RoleInterface */ protected function getRole($roleName) { if (isset($this->roles[$roleName])) { return $this->roles[$roleName]; } // If no config, we create a simple role with no permission if (!isset($this->rolesConfig[$roleName])) { $role = new Role($roleName); $this->roles[$roleName] = $role; return $role; } $roleConfig = $this->rolesConfig[$roleName]; if (isset($roleConfig['children'])) { $role = new HierarchicalRole($roleName); $childRoles = (array) $roleConfig['children']; foreach ($childRoles as $childRole) { $childRole = $this->getRole($childRole); $role->addChild($childRole); } } else { $role = new Role($roleName); } $permissions = isset($roleConfig['permissions']) ? $roleConfig['permissions'] : []; foreach ($permissions as $permission) { $role->addPermission($permission); } $this->roles[$roleName] = $role; return $role; }