public function testGettersAndSetters() { $obj = new AclPrivilege(); $id = new AclPrivilegeIdentity('TestId', 'TestName'); $obj->setIdentity($id); $obj->setExtensionKey('TestKey'); $obj->setGroup('TestGroup'); $this->assertTrue($id === $obj->getIdentity()); $this->assertEquals('TestKey', $obj->getExtensionKey()); $this->assertEquals('TestGroup', $obj->getGroup()); }
/** * Return AclPermission object for given permission, ACL mask and ACL privilege * * @param AclExtensionInterface $extension * @param string $permission * @param string $mask * @param AclPrivilege $privilege * @return AclPermission */ protected function getAclPermission(AclExtensionInterface $extension, $permission, $mask, AclPrivilege $privilege) { return new AclPermission($permission, $extension->getAccessLevel($mask, $permission, $privilege->getIdentity()->getId())); }
/** * Adds permissions to the given $privilege based on the given ACEs. * The $permissions argument is used to filter privileges for the given permissions only. * * @param AclPrivilege $privilege * @param string[] $permissions * @param EntryInterface[] $aces * @param AclExtensionInterface $extension * @param bool $itIsRootAcl */ protected function addAcesPermissions(AclPrivilege $privilege, array $permissions, array $aces, AclExtensionInterface $extension, $itIsRootAcl = false) { if (empty($aces)) { return; } foreach ($aces as $ace) { if (!$ace->isGranting()) { // denying ACE is not supported continue; } $mask = $ace->getMask(); if ($itIsRootAcl) { $mask = $extension->adaptRootMask($mask, $privilege->getIdentity()->getId()); } if ($extension->removeServiceBits($mask) === 0) { foreach ($permissions as $permission) { if (!$privilege->hasPermission($permission)) { $privilege->addPermission(new AclPermission($permission, AccessLevel::NONE_LEVEL)); } } } else { foreach ($extension->getPermissions($mask) as $permission) { if (!$privilege->hasPermission($permission) && in_array($permission, $permissions)) { $privilege->addPermission(new AclPermission($permission, $extension->getAccessLevel($mask, $permission))); } } } } }