/** * {@inheritdoc} */ public function allows(ActorInterface $actor, $permission, array $context) { $allowed = 0; foreach ($this->rules as $rule) { $rule = $this->repository->get($rule); if ($rule->allows($actor, $permission, $context)) { if (static::JOINER == self::BOOLEAN_OR) { return true; } $allowed++; } elseif (static::JOINER == self::BOOLEAN_AND) { return false; } } return $allowed === count($this->rules); }
/** * {@inheritdoc} */ public function getRule($role, $permission) { if (!$this->hasRole($role)) { throw new RoleException("Undefined role '{$role}'."); } if (!is_string($permission)) { throw new RoleException("Invalid permission type, strings only."); } $rule = $this->findRule($role, $permission); if ($rule === GuardInterface::ALLOW || $rule === GuardInterface::UNDEFINED) { return $rule; } //Behaviour points to rule return $this->rules->get($rule); }