PHP Tonic\Component\ApiLayer\JsonRpcExtensions\Security UserProviderInterface Examples

Programming Language: PHP

Namespace/Package Name: Tonic\Component\ApiLayer\JsonRpcExtensions\Security

Examples at hotexamples.com: 2

PHP Tonic\Component\ApiLayer\JsonRpcExtensions\Security UserProviderInterface - 2 examples found. These are the top rated real world PHP examples of Tonic\Component\ApiLayer\JsonRpcExtensions\Security\UserProviderInterface extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

getUserId(2)

Example #1

Show file

File: SecurableMethodInvoker.php Project: tonicforhealth/json-rpc

 /**
  * {@inheritdoc}
  */
 public function invoke(callable $callable, $requestObject)
 {
     /** @var Attribute $attributeAnnotation */
     $attributeAnnotation = $this->annotationReader->getMethodAnnotation(ReflectionFunctionFactory::createReflectionMethodFromCallable($callable), Attribute::class);
     $attributeName = $attributeAnnotation->name;
     $attributeValue = $this->propertyAccessor->getValue($requestObject, $attributeAnnotation->valueAt);
     $userId = $this->userProvider->getUserId();
     if (!is_array($attributeValue) && !$this->guard->isGranted($userId, $attributeName, $attributeValue)) {
         throw new AccessDeniedException();
     }
     if (is_array($attributeValue)) {
         $attributeValue = $this->guard->filterGranted($userId, $attributeName, $attributeValue);
         $this->propertyAccessor->setValue($requestObject, $attributeAnnotation->valueAt, $attributeValue);
     }
     return $this->methodInvoker->invoke($callable, $requestObject);
 }

Example #2

Show file

File: SecurableMethodInvokerSpec.php Project: tonicforhealth/json-rpc

 public function it_should_not_invoke_method_if_guard_denies(MethodInvokerInterface $methodInvoker, UserProviderInterface $userProvider, GuardInterface $guard, Reader $annotationReader, PropertyAccessor $propertyAccessor)
 {
     $securedService = new SecuredAreaApi();
     $requestObject = new \stdClass();
     $requestObject->prop1 = 'asd';
     $responseObject = new \stdClass();
     $responseObject->prop2 = 'asd';
     $attributeAnnotation = new Attribute();
     $attributeAnnotation->name = 'test';
     $attributeAnnotation->valueAt = 'test';
     $annotationReader->getMethodAnnotation(new \ReflectionMethod($securedService, 'securedMethod'), Attribute::class)->willReturn($attributeAnnotation)->shouldBeCalled();
     $propertyAccessor->getValue($requestObject, 'test')->willReturn('sec-attr-val')->shouldBeCalled();
     $userProvider->getUserId()->willReturn(12)->shouldBeCalled();
     $guard->isGranted(12, 'test', 'sec-attr-val')->willReturn(false)->shouldBeCalled();
     $methodInvoker->invoke([$securedService, 'securedMethod'], $requestObject)->willReturn($responseObject)->shouldNotBeCalled();
     $this->shouldThrow(AccessDeniedException::class)->duringInvoke([$securedService, 'securedMethod'], $requestObject);
 }