/**
* {@inheritdoc}
*/
public function allows(ActorInterface $actor, $permission, array $context)
{
$allowed = 0;
foreach ($this->rules as $rule) {
$rule = $this->repository->get($rule);
if ($rule->allows($actor, $permission, $context)) {
if (static::JOINER == self::BOOLEAN_OR) {
return true;
}
$allowed++;
} elseif (static::JOINER == self::BOOLEAN_AND) {
return false;
}
}
return $allowed === count($this->rules);
}
/**
* {@inheritdoc}
*/
public function getRule($role, $permission)
{
if (!$this->hasRole($role)) {
throw new RoleException("Undefined role '{$role}'.");
}
if (!is_string($permission)) {
throw new RoleException("Invalid permission type, strings only.");
}
$rule = $this->findRule($role, $permission);
if ($rule === GuardInterface::ALLOW || $rule === GuardInterface::UNDEFINED) {
return $rule;
}
//Behaviour points to rule
return $this->rules->get($rule);
}
