Get the current identity from the role service
public getIdentity ( ) : ZfcRbac\Identity\IdentityInterface | null | ||
return | ZfcRbac\Identity\IdentityInterface | null |
/** * Return an array of roles which may be granted the permission based on * the options. * * @param mixed $options Options provided from configuration. * * @return array */ public function getPermissions($options) { // If no user is logged in, or the user doesn't match the passed-in // whitelist, we can't grant the permission to any roles. if (!($user = $this->auth->getIdentity())) { return []; } // which user attribute has to match which pattern to get permissions? $criteria = []; foreach ((array) $options as $option) { $parts = explode(' ', $option, 2); if (count($parts) < 2) { $this->logError("configuration option '{$option}' invalid"); return []; } else { list($attribute, $pattern) = $parts; // check user attribute values against the pattern if (!preg_match('/^\\/.*\\/$/', $pattern)) { $pattern = '/' . $pattern . '/'; } if (preg_match($pattern, $user[$attribute])) { return ['loggedin']; } } } //no matches found, so the user don't get any permissions return []; }
public function readAction() { $user = $this->authorizationService->getIdentity(); if ($user) { $this->notificationManager->markRead($user); $this->notificationManager->flush(); } return new JsonModel([]); }
/** * @return array * @throws UnauthorizedException */ public function findAll() { if ($this->authorizationService->isGranted('recipe.admin')) { return $this->objectRepository->findBy([], ['dateUpdated' => 'DESC']); } if ($this->authorizationService->isGranted('recipe.manage')) { return $this->objectRepository->findBy(['author' => $this->authorizationService->getIdentity()], ['dateUpdated' => 'DESC']); } throw new UnauthorizedException('Insufficient Permission'); }
/** * Return an array of roles which may be granted the permission based on * the options. * * @param mixed $options Options provided from configuration. * * @return array */ public function getPermissions($options) { // If no user is logged in, or the user doesn't match the passed-in // whitelist, we can't grant the permission to any roles. $user = $this->auth->getIdentity(); if (!$user || !in_array($user->username, (array) $options)) { return []; } // If we got this far, we can grant the permission to the loggedin role. return ['loggedin']; }
public function save(Recipe $recipe) { $now = new \DateTimeImmutable(); if (null === $recipe->getDateCreated()) { $recipe->setDateCreated($now); } $recipe->setAuthor($this->authorizationService->getIdentity()); $recipe->setDateUpdated($now); $this->objectManager->persist($recipe); $this->objectManager->flush(); }
/** * @param string $className * @param $id * @param string|null $permission * @param string $notFoundMessage * * @return object * * @throws \Doctrine\ORM\TransactionRequiredException * @throws \Doctrine\ORM\OptimisticLockException * @throws \DomainException * @throws \Doctrine\ORM\ORMException * @throws \Doctrine\ORM\ORMInvalidArgumentException * @throws \ZfrRest\Http\Exception\Client\NotFoundException * @throws \ZfrRest\Http\Exception\Client\UnauthorizedException * @throws \ZfrRest\Http\Exception\Client\ForbiddenException */ public function __invoke(string $className, $id, string $permission = null, string $notFoundMessage = 'The resource you were looking for was not found') { $entity = $this->entityManager->find($className, $id); if (!$entity) { throw new NotFoundException($notFoundMessage); } if ($permission && !$this->authorizationService->isGranted($permission, $entity)) { if ($this->authorizationService->getIdentity()) { throw new ForbiddenException(); } throw new UnauthorizedException(); } return $entity; }
/** * @param string $eventName * @param RepositoryInterface $repository * @param RevisionInterface $revision * @param string $message * @param array $data * @return void */ protected function triggerEvent($eventName, RepositoryInterface $repository, RevisionInterface $revision, $message = '', $data = []) { $identity = $this->authorizationService->getIdentity(); $event = new VersioningEvent($repository, $revision, $this, $message, $data, $identity); $event->setName($eventName); $this->getEventManager()->trigger($eventName, $this, $event); }
/** * Check if this assertion is true * * @param AuthorizationService $authorization * @param mixed $context * * @return bool */ public function assert(AuthorizationService $authorization, $context = null) { if ($context === null) { return true; } if ($authorization->getIdentity() === $context->getAuthor()) { return true; } return $authorization->isGranted('recipe.admin'); }
/** * @param AuthorizationService $authorizationService * @param AbstractConversationEntity $context * * @return bool */ public function assert(AuthorizationService $authorizationService, $context = null) { if (!$context instanceof AbstractConversationEntity) { throw new InvalidArgumentException(); } /* @var MessageUserInterface $user */ $user = $authorizationService->getIdentity(); /* @var ArrayCollection $participants */ $participants = $context->getParticipants(); if ($participants->contains($user)) { return true; } return $authorizationService->isGranted('administrator'); }
public function unsubscribeAction() { if (!$this->authorizationService->getIdentity()) { throw new UnauthorizedException(); } $object = $this->params('object'); $user = $this->authorizationService->getIdentity(); try { $object = $this->uuidManager->getUuid($object); } catch (NotFoundException $e) { $this->getResponse()->setStatusCode(404); return false; } $this->subscriptionManager->unSubscribe($user, $object); $this->subscriptionManager->flush(); $this->flashMessenger()->addSuccessMessage('You are no longer receiving notifications for this content.'); return $this->redirect()->toReferer(); }
/** * @covers ZfcRbac\Service\AuthorizationService::getIdentity */ public function testGetIdentity() { $rbac = $this->getMock('Rbac\\Rbac', [], [], '', false); $identity = $this->getMock('ZfcRbac\\Identity\\IdentityInterface'); $roleService = $this->getMock('ZfcRbac\\Service\\RoleService', [], [], '', false); $assertionManager = $this->getMock('ZfcRbac\\Assertion\\AssertionPluginManager', [], [], '', false); $authorization = new AuthorizationService($rbac, $roleService, $assertionManager); $roleService->expects($this->once())->method('getIdentity')->will($this->returnValue($identity)); $this->assertSame($authorization->getIdentity(), $identity); }
/** * @param AuthorizationService $authorization * @return bool */ public function assert(AuthorizationService $authorization) { return (bool) $authorization->getIdentity()->getDefaultAffiliate(); }
/** * Check if this assertion is true * * @param AuthorizationService $authorization * @return bool */ public function assert(AuthorizationService $authorization) { return !is_object($authorization->getIdentity()); }