Exemple #1
0
 /**
  * Transform a given ACL entry into a Entry model.
  *
  * The entry will not be persisted!
  *
  * @param \Symfony\Component\Security\Acl\Model\EntryInterface $aclEntry
  *
  * @return \Propel\Bundle\PropelBundle\Model\Acl\Entry
  */
 public static function fromAclEntry(EntryInterface $aclEntry)
 {
     $entry = new self();
     // Already persisted before?
     if ($aclEntry->getId()) {
         $entry->setId($aclEntry->getId());
     }
     $entry->setMask($aclEntry->getMask())->setGranting($aclEntry->isGranting())->setGrantingStrategy($aclEntry->getStrategy())->setSecurityIdentity(SecurityIdentity::fromAclIdentity($aclEntry->getSecurityIdentity()));
     if ($aclEntry instanceof FieldEntryInterface) {
         $entry->setFieldName($aclEntry->getField());
     }
     if ($aclEntry instanceof AuditableEntryInterface) {
         $entry->setAuditFailure($aclEntry->isAuditFailure())->setAuditSuccess($aclEntry->isAuditSuccess());
     }
     return $entry;
 }
Exemple #2
0
 /**
  * Determines whether the ACE is applicable to the given permission/security
  * identity combination.
  *
  * Per default, we support three different comparison strategies.
  *
  * Strategy ALL:
  * The ACE will be considered applicable when all the turned-on bits in the
  * required mask are also turned-on in the ACE mask.
  *
  * Strategy ANY:
  * The ACE will be considered applicable when any of the turned-on bits in
  * the required mask is also turned-on the in the ACE mask.
  *
  * Strategy EQUAL:
  * The ACE will be considered applicable when the bitmasks are equal.
  *
  * @param integer $requiredMask
  * @param EntryInterface $ace
  * @return Boolean
  */
 protected function isAceApplicable($requiredMask, EntryInterface $ace)
 {
     $strategy = $ace->getStrategy();
     if (self::ALL === $strategy) {
         return $requiredMask === ($ace->getMask() & $requiredMask);
     } else {
         if (self::ANY === $strategy) {
             return 0 !== ($ace->getMask() & $requiredMask);
         } else {
             if (self::EQUAL === $strategy) {
                 return $requiredMask === $ace->getMask();
             }
         }
     }
     throw new \RuntimeException(sprintf('The strategy "%s" is not supported.', $strategy));
 }
Exemple #3
0
 /**
  * Determines whether the ACE is applicable to the given permission/security identity combination.
  *
  * Strategy ALL:
  *     The ACE will be considered applicable when all the turned-on bits in the
  *     required mask are also turned-on in the ACE mask.
  *
  * Strategy ANY:
  *     The ACE will be considered applicable when any of the turned-on bits in
  *     the required mask is also turned-on the in the ACE mask.
  *
  * Strategy EQUAL:
  *     The ACE will be considered applicable when the bitmasks are equal.
  *
  * @param integer $requiredMask
  * @param EntryInterface $ace
  * @param AclInterface $acl
  * @throws \RuntimeException if the ACE strategy is not supported
  * @return bool
  */
 protected function isAceApplicable($requiredMask, EntryInterface $ace, AclInterface $acl)
 {
     $extension = $this->getContext()->getAclExtension();
     $aceMask = $ace->getMask();
     if ($acl->getObjectIdentity()->getType() === ObjectIdentityFactory::ROOT_IDENTITY_TYPE) {
         if ($acl->getObjectIdentity()->getIdentifier() !== $extension->getExtensionKey()) {
             return false;
         }
         $aceMask = $extension->adaptRootMask($aceMask, $this->getContext()->getObject());
     }
     if ($extension->getServiceBits($requiredMask) !== $extension->getServiceBits($aceMask)) {
         return false;
     }
     $requiredMask = $extension->removeServiceBits($requiredMask);
     $aceMask = $extension->removeServiceBits($aceMask);
     $strategy = $ace->getStrategy();
     switch ($strategy) {
         case self::ALL:
             return $requiredMask === ($aceMask & $requiredMask);
         case self::ANY:
             return 0 !== ($aceMask & $requiredMask);
         case self::EQUAL:
             return $requiredMask === $aceMask;
         default:
             throw new \RuntimeException(sprintf('The strategy "%s" is not supported.', $strategy));
     }
 }
Exemple #4
0
 /**
  * Determines whether the ACE is applicable to the given permission/security
  * identity combination.
  *
  * Per default, we support three different comparison strategies.
  *
  * Strategy ALL:
  * The ACE will be considered applicable when all the turned-on bits in the
  * required mask are also turned-on in the ACE mask.
  *
  * Strategy ANY:
  * The ACE will be considered applicable when any of the turned-on bits in
  * the required mask is also turned-on the in the ACE mask.
  *
  * Strategy EQUAL:
  * The ACE will be considered applicable when the bitmasks are equal.
  *
  * @param SecurityIdentityInterface $sid
  * @param EntryInterface $ace
  * @param int $requiredMask
  * @return Boolean
  */
 protected function isAceApplicable($requiredMask, SecurityIdentityInterface $sid, EntryInterface $ace)
 {
     if (false === $ace->getSecurityIdentity()->equals($sid)) {
         return false;
     }
     $strategy = $ace->getStrategy();
     if (self::ALL === $strategy) {
         return $requiredMask === ($ace->getMask() & $requiredMask);
     } else {
         if (self::ANY === $strategy) {
             return 0 !== ($ace->getMask() & $requiredMask);
         } else {
             if (self::EQUAL === $strategy) {
                 return $requiredMask === $ace->getMask();
             } else {
                 throw new \RuntimeException(sprintf('The strategy "%s" is not supported.', $strategy));
             }
         }
     }
 }