use Mocks\Examples\User; use Ovide\Libs\Mvc\Rest\App; use Phalcon\Acl; use Ovide\Libs\Mvc\Rest\ContentType\XmlEncoder; App::reset(); $app = App::instance(); $handlers = $app->getHandlers(); $accept = $handlers[\Ovide\Libs\Mvc\Rest\HeaderHandler\Accept::HEADER]; $accept->setAcceptable(XmlEncoder::CONTENT_TYPE, XmlEncoder::class); $app->mountResource(User::class); $app->di->set('acl', function () { $guest = new Acl\Role('guest'); $user = new Acl\Role('user'); $root = new Acl\Role('root'); $users = new Acl\Resource('users'); $acl = new Acl\Adapter\Memory(); $acl->addRole($guest); $acl->addRole($user, $guest); $acl->addRole($root, $user); $acl->addResource($users, ['delete', 'get', 'getOne', 'post', 'put', 'putSelf', 'getSelf', 'deleteSelf']); $acl->allow('guest', 'users', ['post']); $acl->allow('user', 'users', ['getSelf', 'deleteSelf', 'putSelf']); $acl->deny('user', 'users', 'post'); $acl->allow('root', 'users', '*'); $acl->setDefaultAction(Acl::DENY); //Sets 'gest' as active role $acl->isAllowed('guest', '', ''); return $acl; }, true); return $app;
public function isAllowed($roleName, $resourceName, $access) { return parent::isAllowed($roleName, $resourceName, $access); }
public function isAllowed($roleName, $resourceName, $access, array $parameters = null) { return parent::isAllowed($roleName, $resourceName, $access, $parameters); }
protected function assertAclIsConfiguredAsExpected(\Phalcon\Acl\Adapter\Memory $acl, \Phalcon\Config $config) { // assert default action $this->assertEquals(\Phalcon\Acl::DENY, $acl->getDefaultAction()); // assert resources $resources = $acl->getResources(); $this->assertInternalType('array', $resources); $indexResource = $resources[0]; $testResource = $resources[1]; $this->assertEquals('index', $indexResource->getName()); $this->assertEquals('test', $testResource->getName()); $this->assertEquals($config->acl->resource->index->description, $indexResource->getDescription()); $this->assertEquals($config->acl->resource->test->description, $testResource->getDescription()); // assert roles $roles = $acl->getRoles(); $this->assertInternalType('array', $roles); $guestRole = $roles[0]; $userRole = $roles[1]; $this->assertEquals('guest', $guestRole->getName()); $this->assertEquals('user', $userRole->getName()); $this->assertEquals($config->acl->role->guest->description, $guestRole->getDescription()); $this->assertEquals($config->acl->role->user->description, $userRole->getDescription()); // assert guest rules $this->assertTrue($acl->isAllowed('guest', 'index', 'index')); $this->assertFalse($acl->isAllowed('guest', 'test', 'index')); // assert user rules // inherited from guest $this->assertTrue($acl->isAllowed('user', 'index', 'index')); $this->assertTrue($acl->isAllowed('user', 'test', 'index')); }
/** * Tests the negation of inherited roles * * @issue T65 */ public function testNegationOfInheritedRoles_T65() { $acl = new PhAclMem(); $acl->setDefaultAction(PhAcl::DENY); $acl->addRole('Guests'); $acl->addRole('Members', 'Guests'); $acl->addResource('Login', array('index')); $acl->allow('Guests', 'Login', 'index'); $acl->deny('Members', 'Login', 'index'); $actual = (bool) $acl->isAllowed('Members', 'Login', 'index'); $this->assertFalse($actual, 'Negation of inherited roles not correct'); }