Exemple #1
0
 /**
  * @covers PolicySet
  */
 public function testPolicySet()
 {
     // Test combining algorithm and default effect.
     $policySet = new PolicySet();
     self::assertEquals(COMBINING_DENY_OVERRIDES, $policySet->getCombiningAlgorithm());
     self::assertEquals(AUTHORIZATION_DENY, $policySet->getEffectIfNoPolicyApplies());
     $policySet = new PolicySet(COMBINING_PERMIT_OVERRIDES);
     $policySet->setEffectIfNoPolicyApplies(AUTHORIZATION_PERMIT);
     self::assertEquals(COMBINING_PERMIT_OVERRIDES, $policySet->getCombiningAlgorithm());
     self::assertEquals(AUTHORIZATION_PERMIT, $policySet->getEffectIfNoPolicyApplies());
     // Test adding policies.
     $policySet->addPolicy($policy1 = new AuthorizationPolicy('policy1'));
     $policySet->addPolicy($policy2 = new AuthorizationPolicy('policy2'));
     $policySet->addPolicy($policy3 = new AuthorizationPolicy('policy3'), $addToTop = true);
     self::assertEquals(array($policy3, $policy1, $policy2), $policySet->getPolicies());
 }
Exemple #2
0
 /**
  * Evaluate the given set of policies against the subject
  *
  * @param Subject $subject Current subject
  * @param PolicySet $policySet Set of policies
  * @param Action $action
  *
  * @return bool
  */
 public function evaluate(Subject $subject, PolicySet $policySet, Action $action)
 {
     // get the subject's attributes
     $this->setSubjectAttributes($subject->getAttributes());
     $policyResults = $this->handlePolicies($policySet->getPolicies());
     if (count($policyResults) == 1) {
         return array_shift($policyResults);
     } else {
         // we're working with a set of policies, go with the algorithm
         // if we have one...
         $algorithm = $policySet->getAlgorithm();
         if ($algorithm === null) {
             // default to most secure - deny overrides!
             $algorithm = new Algorithm\DenyOverrides();
         }
         return $algorithm = $algorithm->evaluate($policyResults);
     }
 }