Esempio n. 1
0
 /**
  * {@inheritdoc}
  */
 public function isAllowed(NodeInterface $from, NodeInterface $to)
 {
     if ($this->isSibling($from, $to)) {
         return EvaluationResult::allowed($this);
     }
     return EvaluationResult::undefined();
 }
Esempio n. 2
0
 /**
  * {@inheritdoc}
  */
 public function isAllowed(NodeInterface $from, NodeInterface $to)
 {
     foreach ($this->getTargets() as $namespace) {
         if ($this->namespaceContains($namespace, $to->getFQName())) {
             return EvaluationResult::allowed($this);
         }
     }
     return EvaluationResult::undefined();
 }
Esempio n. 3
0
 /**
  * {@inheritdoc}
  */
 public function isAllowed(NodeInterface $from, NodeInterface $to)
 {
     foreach ($this->getTargets() as $namespace) {
         if ($this->namespaceContains($namespace, $to->getFQName())) {
             return EvaluationResult::denied($this, sprintf("%s has an attached DenyPolicy of namespace %s, preventing use of %s", $from->getFQName(), $namespace, $to->getFQName()));
         }
     }
     return EvaluationResult::undefined();
 }
Esempio n. 4
0
 /**
  * {@inheritdoc}
  */
 public function isAllowed(NodeInterface $from, NodeInterface $to)
 {
     foreach ($this->allow as $regex => $allowed) {
         // check that $from matches
         if (!$this->regexMatchesNode($regex, $from)) {
             continue;
         }
         // check all allowed namespaces
         foreach ($allowed as $namespace) {
             if ($this->namespaceContains($namespace, $to->getFQName())) {
                 return EvaluationResult::allowed($this);
             }
         }
     }
     return EvaluationResult::undefined();
 }
Esempio n. 5
0
 /**
  * Resolves all hierarchical policies to determine whether the connection between $from and $to is valid.
  *
  * @param string $from
  * @param string $to
  * @return \ArchInspec\Policy\Evaluation\IEvaluationResult
  */
 public function isAllowed($from, $to)
 {
     $to = $this->getOrCreateNode($to);
     $from = $this->getOrCreateNode($from);
     $node = $from;
     while (!is_null($node)) {
         foreach ($node->getPolicies() as $policy) {
             // check that policy affects $to
             if (!$policy->affects($from, $to)) {
                 continue;
             }
             // only return if the result is not undefined
             $result = $policy->isAllowed($from, $to);
             if (!$result->isUndefined()) {
                 return $result;
             }
         }
         $node = $node->getParent();
     }
     return EvaluationResult::undefined("No matching policy was found!");
 }