Exemple #1
0
 /**
  * Return true if both user and object respects all the rules conditions
  * If the objectId is null, policy rules about its attributes will be ignored
  * In case of mismatch between attributes and expected values,
  * an array with the concerned attributes slugs will be returned.
  *
  * Available options are :
  * * dynamic_attributes: array
  * * cache_result: boolean
  * * cache_ttl: integer
  * * cache_driver: string
  *
  * Available cache drivers are :
  * * memory
  *
  * @param string $ruleName
  * @param object $user
  * @param object $resource
  * @param array $options
  * @return boolean|array
  */
 public function enforce($ruleName, $user, $resource = null, $options = [])
 {
     // If there is dynamic attributes, we pass them to the comparison manager
     // When a comparison will be performed, the passed values will be retrieved and used
     if (isset($options['dynamic_attributes'])) {
         $this->comparisonManager->setDynamicAttributes($options['dynamic_attributes']);
     }
     // Retrieve cache value for the current rule and values if cache item is valid
     if (($cacheResult = isset($options['cache_result']) && $options['cache_result'] === true) === true) {
         $cacheItem = $this->cacheManager->getItem("{$ruleName}-{$user->getId()}-" . ($resource !== null ? $resource->getId() : ''), isset($options['cache_driver']) ? $options['cache_driver'] : null, isset($options['cache_ttl']) ? $options['cache_ttl'] : null);
         // We check if the cache value s valid before returning it
         if (($cacheValue = $cacheItem->get()) !== null) {
             return $cacheValue;
         }
     }
     $policyRule = $this->policyRuleManager->getRule($ruleName, $user, $resource);
     // For each policy rule attribute, we retrieve the attribute value and proceed configured extra data
     foreach ($policyRule->getPolicyRuleAttributes() as $pra) {
         $attribute = $pra->getAttribute();
         $attribute->setValue($this->attributeManager->retrieveAttribute($attribute, $user, $resource));
         if (count($pra->getExtraData()) > 0) {
             $this->processExtraData($pra, $user, $resource);
         }
         $this->comparisonManager->compare($pra);
     }
     // The given result could be an array of rejected attributes or true
     // True means that the rule is correctly enforced for the given user and resource
     $result = $this->comparisonManager->getResult();
     if ($cacheResult) {
         $cacheItem->set($result);
         $this->cacheManager->save($cacheItem);
     }
     return $result;
 }
Exemple #2
0
 /**
  * Function to prepare Getter Params when getter require parameters ( this parameters must be specified in configuration file)
  *
  * @param $getter_params
  * @param $user
  * @param $resource
  *
  * @return array
  */
 private function prepareGetterParams($getter_params, $user, $resource)
 {
     if (empty($getter_params)) {
         return [];
     }
     $values = [];
     foreach ($getter_params as $getter_name => $params) {
         foreach ($params as $param) {
             if ('@' !== $param['param_name'][0]) {
                 $values[$getter_name][] = $param['param_value'];
             } else {
                 $values[$getter_name][] = $this->attributeManager->retrieveAttribute($this->attributeManager->getAttribute($param['param_value']), $user, $resource);
             }
         }
     }
     return $values;
 }
 public function testRetrieveEnvironmentAttribute()
 {
     $this->assertEquals('OPEN', $this->manager->retrieveAttribute($this->manager->getAttribute('environment.service_state'), (new User())->setAge(18)));
 }