/**
* Handling the request event.
*
* @param GetResponseEvent $event
*/
public function onKernelRequest(GetResponseEvent $event)
{
$request = $event->getRequest();
$route = $request->attributes->get(DynamicRouter::ROUTE_KEY);
if ($route && !$this->publishWorkflowChecker->isGranted($this->getPublishWorkflowPermission(), $route)) {
throw new NotFoundHttpException('Route not found at: ' . $request->getPathInfo());
}
$content = $request->attributes->get(DynamicRouter::CONTENT_KEY);
if ($content && !$this->publishWorkflowChecker->isGranted($this->getPublishWorkflowPermission(), $content)) {
throw new NotFoundHttpException('Content not found for: ' . $request->getPathInfo());
}
}
/**
* {@inheritdoc}
*
* @param object $object
*/
public function vote(TokenInterface $token, $object, array $attributes)
{
if (!$this->supportsClass(get_class($object))) {
return self::ACCESS_ABSTAIN;
}
foreach ($attributes as $attribute) {
if (!$this->supportsAttribute($attribute)) {
return self::ACCESS_ABSTAIN;
}
}
if ($this->publishWorkflowChecker->isGranted($attributes, $object)) {
return self::ACCESS_GRANTED;
}
return self::ACCESS_DENIED;
}
public function testNoSecurityContext()
{
$container = $this->getMock('Symfony\\Component\\DependencyInjection\\ContainerInterface');
$container->expects($this->any())->method('get')->with('security.context')->will($this->throwException(new ServiceNotFoundException('Service not defined')));
$container->expects($this->any())->method('has')->with('security.context')->will($this->returnValue(false));
$this->pwfc = new PublishWorkflowChecker($container, $this->adm, $this->role);
$this->adm->expects($this->once())->method('decide')->will($this->returnValue(false));
$this->assertFalse($this->pwfc->isGranted(PublishWorkflowChecker::VIEW_ATTRIBUTE, $this->doc));
}
public function testTokenStorageAndAuthenticationManager()
{
if (!class_exists('Symfony\\Component\\Security\\Core\\Authentication\\Token\\Storage\\TokenStorage')) {
$this->markTestSkipped('This test requires Symfony >2.6');
}
$token = new AnonymousToken('x', 'y');
$ts = \Mockery::mock('Symfony\\Component\\Security\\Core\\Authentication\\Token\\Storage\\TokenStorageInteface');
$ac = \Mockery::mock('Symfony\\Component\\Security\\Core\\Authorization\\AuthorizationCheckerInterface');
$container = \Mockery::mock('Symfony\\Component\\DependencyInjection\\ContainerInterface');
$container->shouldReceive('get')->with('security.token_storage')->andReturn($ts);
$container->shouldReceive('get')->with('security.authorization_checker')->andReturn($ac);
$container->shouldReceive('has')->with('security.token_storage')->andReturn(true);
$container->shouldReceive('has')->with('security.authorization_checker')->andReturn(true);
$ts->shouldReceive('getToken')->andReturn($token);
$ac->shouldReceive('isGranted')->with($this->role)->andReturn(true);
$pwfc = new PublishWorkflowChecker($container, $this->adm, $this->role);
$this->assertTrue($pwfc->isGranted(PublishWorkflowChecker::VIEW_ATTRIBUTE, $this->doc));
}
/**
* {@inheritdoc}
*/
public function exposeOnSitemap($content, $sitemap)
{
return $this->publishWorkflowChecker->isGranted(PublishWorkflowChecker::VIEW_ANONYMOUS_ATTRIBUTE, $content);
}
