public function testResultWithNullAction() { $collection = new RuleResultCollection(); $rule = new Rule('Test'); $rule->setAction(null); $result = new RuleResult($rule, 0, 'testNeedRole', 'testNeedResource'); $rule2 = new Rule('Test2'); $rule2->setAction(true); $result2 = new RuleResult($rule2, 0, 'testNeedRole', 'testNeedResource'); $collection->add($result); $this->assertFalse($collection->get()); $collection->add($result2); $this->assertTrue($collection->get()); }
/** * Check is access allowed by some rule. * Returns null if rule don't match any role or resource. * * @param string $roleName * @param string $resourceName * @param $ruleName * @param RuleResultCollection $ruleResultCollection * @param string|RoleAggregateInterface $roleAggregate * @param string|ResourceAggregateInterface $resourceAggregate */ protected function isRuleAllow($roleName, $resourceName, $ruleName, RuleResultCollection $ruleResultCollection, $roleAggregate, $resourceAggregate) { foreach ($this->rules as $rule) { $rule->resetAggregate($roleAggregate, $resourceAggregate); $result = $rule->isAllowed($ruleName, $roleName, $resourceName); $ruleResultCollection->add($result); } }
/** * Simple checks is access allowed. * * @param string|RoleAggregateInterface $roleAggregate * @param string|ResourceAggregateInterface $resourceAggregate * @param string $ruleName * @param RuleResultCollection $ruleResultCollection * * @return RuleResultCollection|null null if there wasn't a clear result */ protected function isAllowedReturnResultSimple($roleAggregate, $resourceAggregate, $ruleName, $ruleResultCollection) { if (is_string($ruleName) && is_string($roleAggregate) && is_string($resourceAggregate)) { foreach ($this->rules as $ruleTmp) { // INFO: we can't use "getName()" here, because of performance issue if ($ruleTmp->name !== $ruleName) { continue; } $resourceTmp = $ruleTmp->getResource(); $roleTmp = $ruleTmp->getRole(); if ($resourceTmp instanceof Resource && $resourceTmp->getName() === $resourceAggregate && ($roleTmp instanceof Role && $roleTmp->getName() === $roleAggregate)) { $resultTmp = $ruleTmp->isAllowed($ruleName, $roleAggregate, $resourceAggregate); if (null === $resultTmp->getAction()) { unset($resultTmp); } else { // Set null if rule don't match any role or resource. $ruleResultCollection->add($resultTmp); return $ruleResultCollection; } } } } return null; }