/**
* Execute the check
*
* @param \Psecio\Invoke\Data $data Data object instance
* @return boolean Result of evaluation
*/
public function evaluate($data)
{
$inherit = $data->route->getConfig('inherit');
if ($inherit !== null) {
$routes = $data->getEnforcer()->getConfig();
// Find the one to inherit from
foreach ($routes as $route) {
if ($route->getConfig('name') === $inherit) {
$data->getEnforcer()->addMatch($route);
return true;
}
}
}
return false;
}
/**
* Check to see if the request is authorized
* By default, fails closed
*
* @param \Psecio\Invoke\UserInterface $user User instance
* @param \Psecio\Invoke\Resource $resource Resource instance
* @param array $matches Additional matches to add manually for evaluation
* @return boolean Pass/fail of authorization
*/
public function isAuthorized(\Psecio\Invoke\UserInterface $user, \Psecio\Invoke\Resource $resource, array $matches = array())
{
$data = new Data($user, $resource);
$data->setEnforcer($this);
$config = $this->config;
$uri = $resource->getUri(true)['path'];
// See if we have a route match at all
$route = $this->findRouteMatch($uri, $config);
// If we don't have a configuration for the route, allow
// public resource
if ($route === null) {
return true;
}
$data->setRoute($route);
$this->addMatch($route);
do {
$match = array_pop($this->matches);
$result = $match->evaluate($data);
if ($result === false) {
$this->setError($match->getError());
return false;
}
} while (!empty($this->matches));
return true;
}