/** * Evaluate the provided resource for a match on the provided URI * * @param string|\Psecio\Invoke\Resource $data URI to match against * @return boolean Pass/fail status */ public function evaluate($data) { $regex = $this->getConfig('route'); $url = $data instanceof \Psecio\Invoke\Resource ? $data->getUri() : $data; // Find any placeholders and replace them $split = explode('/', $regex); $placeholders = []; foreach ($split as $index => $item) { if (strpos($item, ':') === 0) { $placeholders[] = str_replace(':', '', $item); } } // replace the placeholders for regex location foreach ($placeholders as $item) { $regex = str_replace(':' . $item, '(.+?)', $regex); } $found = preg_match('#^/?' . $regex . '$#', $url, $matches); if ($found >= 1) { // first one is the URL itself, shift off array_shift($matches); $params = []; // Now match up the placeholders foreach ($matches as $index => $match) { if (isset($placeholders[$index])) { $params[$placeholders[$index]] = $match; } } $this->setParams($params); } return $found >= 1; }
/** * Check to see if the request is authorized * By default, fails closed * * @param \Psecio\Invoke\UserInterface $user User instance * @param \Psecio\Invoke\Resource $resource Resource instance * @param array $matches Additional matches to add manually for evaluation * @return boolean Pass/fail of authorization */ public function isAuthorized(\Psecio\Invoke\UserInterface $user, \Psecio\Invoke\Resource $resource, array $matches = array()) { $data = new Data($user, $resource); $data->setEnforcer($this); $config = $this->config; $uri = $resource->getUri(true)['path']; // See if we have a route match at all $route = $this->findRouteMatch($uri, $config); // If we don't have a configuration for the route, allow // public resource if ($route === null) { return true; } $data->setRoute($route); $this->addMatch($route); do { $match = array_pop($this->matches); $result = $match->evaluate($data); if ($result === false) { $this->setError($match->getError()); return false; } } while (!empty($this->matches)); return true; }