/**
* This is the default Policy voter, it votes for the access privilege for the given join point
*
* @param \TYPO3\Flow\Security\Context $securityContext The current security context
* @param \TYPO3\Flow\Aop\JoinPointInterface $joinPoint The joinpoint to vote for
* @return integer One of: VOTE_GRANT, VOTE_ABSTAIN, VOTE_DENY
*/
public function voteForJoinPoint(\TYPO3\Flow\Security\Context $securityContext, \TYPO3\Flow\Aop\JoinPointInterface $joinPoint)
{
$accessGrants = 0;
$accessDenies = 0;
foreach ($securityContext->getRoles() as $role) {
try {
$privileges = $this->policyService->getPrivilegesForJoinPoint($role, $joinPoint);
} catch (\TYPO3\Flow\Security\Exception\NoEntryInPolicyException $e) {
return self::VOTE_ABSTAIN;
}
foreach ($privileges as $privilege) {
if ($privilege === \TYPO3\Flow\Security\Policy\PolicyService::PRIVILEGE_GRANT) {
$accessGrants++;
} elseif ($privilege === \TYPO3\Flow\Security\Policy\PolicyService::PRIVILEGE_DENY) {
$accessDenies++;
}
}
}
if ($accessDenies > 0) {
return self::VOTE_DENY;
}
if ($accessGrants > 0) {
return self::VOTE_GRANT;
}
return self::VOTE_ABSTAIN;
}
