public function testReturnsFalseIfIdentityFailsAcls()
{
$listener = $this->listener;
$this->authorization->addResource('Foo\\Bar\\Controller::index');
$this->authorization->deny('guest', 'Foo\\Bar\\Controller::index', 'POST');
$this->mvcAuthEvent->setResource('Foo\\Bar\\Controller::index');
$this->mvcAuthEvent->getMvcEvent()->getRequest()->setMethod('POST');
$this->authentication->setIdentity(new GuestIdentity());
$this->assertFalse($listener($this->mvcAuthEvent));
}
/**
* Attempt to determine the authorization resource based on the request
*
* Looks at the matched controller.
*
* If the controller is in the list of rest controllers, determines if we
* have a collection or a resource, based on the presence of the named
* identifier in the route matches or query string.
*
* Otherwise, looks for the presence of an "action" parameter in the route
* matches.
*
* Once created, it is injected into the $mvcAuthEvent.
*
* @param MvcAuthEvent $mvcAuthEvent
*/
public function __invoke(MvcAuthEvent $mvcAuthEvent)
{
$mvcEvent = $mvcAuthEvent->getMvcEvent();
$request = $mvcEvent->getRequest();
$routeMatch = $mvcEvent->getRouteMatch();
$resource = $this->buildResourceString($routeMatch, $request);
if (!$resource) {
return;
}
$mvcAuthEvent->setResource($resource);
}
/**
* @depends testResourceStringIsNullByDefault
*/
public function testResourceStringIsMutable()
{
$this->mvcAuthEvent->setResource('foo');
$this->assertEquals('foo', $this->mvcAuthEvent->getResource());
}
