public function execute() { if (!$this->_response->getIntendedNameId()) { $this->_response->setIntendedNameId($this->_collabPersonId); } if ($this->_type === self::TYPE_IDP) { $entity = $this->_identityProvider; $serviceProvider = $this->_serviceProvider; } else { if ($this->_type === self::TYPE_SP) { $entity = $this->_serviceProvider; $serviceProvider = $entity; } else { if ($this->_type === self::TYPE_REQUESTER_SP) { $entity = EngineBlock_SamlHelper::findRequesterServiceProvider($this->_serviceProvider, $this->_request, $this->_server->getRepository()); if (!$entity) { return; } $serviceProvider = $entity; } else { throw new EngineBlock_Exception('Attribute Manipulator encountered an unexpected type: ' . $this->_type); } } } // Try entity specific file based manipulation from Service Registry $manipulator = new EngineBlock_Attributes_Manipulator_ServiceRegistry($this->_type); $manipulator->manipulate($entity, $this->_collabPersonId, $this->_responseAttributes, $this->_response, $this->_identityProvider, $serviceProvider); $this->_response->setIntendedNameId($this->_collabPersonId); }
public function execute() { $serviceProvider = EngineBlock_SamlHelper::findRequesterServiceProvider($this->_serviceProvider, $this->_request, $this->_server->getRepository()); if (!$serviceProvider) { $serviceProvider = $this->_serviceProvider; } if (!$serviceProvider->policyEnforcementDecisionRequired) { return; } EngineBlock_ApplicationSingleton::getLog()->debug("Policy Enforcement Point consult"); $validator = $this->_getValidator(); $hasAccess = $validator->hasAccess($this->_collabPersonId, $this->_identityProvider->entityId, $serviceProvider->entityId, $this->_responseAttributes); if ($hasAccess) { return; } $message = "Policy Decision Point: access denied."; if ($validator->getMessage()) { $message = $validator->getMessage(); } EngineBlock_ApplicationSingleton::getLog()->debug("Policy Enforcement Point access denied: " . $message); throw new EngineBlock_Corto_Exception_PEPNoAccess($message); }