public function testParseAnnotation() { $this->assertEquals( array(Authorizator::ROLE => "admin", Authorizator::RESOURCE => "foo", Authorizator::PRIVILEGE => "bar"), Authorizator::parseAnnotations('NellaTests\Security\Authorizator\Foo', 'bar1'), "::parseAnnotations allowed" ); $this->assertEquals( array(Authorizator::ROLE => "admin", Authorizator::RESOURCE => "foo", Authorizator::PRIVILEGE => "bar"), Authorizator::parseAnnotations('NellaTests\Security\Authorizator\Foo', 'bar2'), "::parseAnnotations role, resource, privilege" ); $this->assertEquals( array(Authorizator::ROLE => NULL, Authorizator::RESOURCE => NULL, Authorizator::PRIVILEGE => NULL), Authorizator::parseAnnotations('NellaTests\Security\Authorizator\Foo', 'bar3'), "::parseAnnotations none" ); }
/** * Is a method allowed for current user? * * @param string * @return bool */ protected function isAllowed($method) { $data = \Nella\Security\Authorizator::parseAnnotations(get_called_class(), $method); $user = $this->getUser(); if (isset($data['role']) && !$user->isInRole($data['role'])) { return FALSE; } if(!$data['resource'] && !$data['privilege']) { return TRUE; } return $user->isAllowed($data['resource'], $data['privilege']); }