コード例 #1
0
 public function testTokenAwareAuthorizationCheckerAndDrupalPermissionVoter()
 {
     // We are in Drupal, user with uid 1 can access everything
     $superUser = new User();
     $superUser->uid = 1;
     $superUser->roles = [1 => 1];
     $superToken = new UserToken();
     $superToken->setUser(new DrupalUser($superUser));
     // And anonymous pretty much nothing
     $dumbUser = new User();
     $dumbUser->uid = 0;
     $dumbUser->roles = [0 => 0];
     $dumbToken = new UserToken();
     $dumbToken->setUser(new DrupalUser($dumbUser));
     // We are working in a fully bootstrapped Drupal, in theory
     // the permission voter is setup, we can send isGranted() calls
     // using permission names: sending a non existing permission
     // will always return false for any user, but always true for
     // the user with uid 1 (Drupal core default behavior)
     $permission = 'a drupal permission that does not exists';
     $tokenStorage = new TokenStorage();
     $authenticationManager = new SecurityNullAuthenticationManager();
     $accessDecisionManager = new AccessDecisionManager([new DrupalPermissionVoter()]);
     $defaultAuthorizationChecker = new AuthorizationChecker($tokenStorage, $authenticationManager, $accessDecisionManager);
     $tokenAwareAuthorizationChecker = new TokenAwareAuthorizationChecker($defaultAuthorizationChecker, $accessDecisionManager);
     // First check results for the current user (should not be allowed)
     // Then the super user (should be allowed)
     $tokenStorage->setToken($superToken);
     $this->assertTrue($defaultAuthorizationChecker->isGranted($permission, null));
     $this->assertTrue($tokenAwareAuthorizationChecker->isGranted($permission, null));
     $this->assertTrue($tokenAwareAuthorizationChecker->isGranted($permission, null, $superUser));
     $this->assertFalse($tokenAwareAuthorizationChecker->isGranted($permission, null, $dumbUser));
     // And do the exact opposite
     $tokenStorage->setToken($dumbToken);
     $this->assertFalse($defaultAuthorizationChecker->isGranted($permission, null));
     $this->assertFalse($tokenAwareAuthorizationChecker->isGranted($permission, null));
     $this->assertTrue($tokenAwareAuthorizationChecker->isGranted($permission, null, $superUser));
     $this->assertFalse($tokenAwareAuthorizationChecker->isGranted($permission, null, $dumbUser));
 }
コード例 #2
0
 /**
  * {@inheritdoc}
  */
 public function isGranted($attributes, $object = null, $user = null)
 {
     if (!$user) {
         return $this->authorizationChecker->isGranted($attributes, $object);
     }
     $token = null;
     if ($user instanceof TokenInterface) {
         $token = $user;
     } else {
         if ($user instanceof AccountInterface) {
             $token = new UserToken();
             $token->setUser(new DrupalUser($user));
         } else {
             $token = new UserToken();
             $token->setUser($user);
         }
     }
     if (!is_array($attributes)) {
         $attributes = [$attributes];
     }
     return $this->accessDecisionManager->decide($token, $attributes, $object);
 }