public function testPermissions() { $obj = new AclPrivilege(); $this->assertFalse($obj->hasPermissions()); $this->assertFalse($obj->hasPermission('VIEW')); $this->assertEquals(0, $obj->getPermissionCount()); $permission = new AclPermission('VIEW', AccessLevel::BASIC_LEVEL); $obj->addPermission($permission); $this->assertTrue($obj->hasPermissions()); $this->assertTrue($obj->hasPermission('VIEW')); $this->assertFalse($obj->hasPermission('Another')); $this->assertEquals(1, $obj->getPermissionCount()); $obj->removePermission($permission); $this->assertFalse($obj->hasPermissions()); $this->assertFalse($obj->hasPermission('VIEW')); $this->assertEquals(0, $obj->getPermissionCount()); }
/** * Adds permissions to the given $privilege based on the given ACEs. * The $permissions argument is used to filter privileges for the given permissions only. * * @param AclPrivilege $privilege * @param string[] $permissions * @param EntryInterface[] $aces * @param AclExtensionInterface $extension * @param bool $itIsRootAcl */ protected function addAcesPermissions(AclPrivilege $privilege, array $permissions, array $aces, AclExtensionInterface $extension, $itIsRootAcl = false) { if (empty($aces)) { return; } foreach ($aces as $ace) { if (!$ace->isGranting()) { // denying ACE is not supported continue; } $mask = $ace->getMask(); if ($itIsRootAcl) { $mask = $extension->adaptRootMask($mask, $privilege->getIdentity()->getId()); } if ($extension->removeServiceBits($mask) === 0) { foreach ($permissions as $permission) { if (!$privilege->hasPermission($permission)) { $privilege->addPermission(new AclPermission($permission, AccessLevel::NONE_LEVEL)); } } } else { foreach ($extension->getPermissions($mask) as $permission) { if (!$privilege->hasPermission($permission) && in_array($permission, $permissions)) { $privilege->addPermission($this->getAclPermission($extension, $permission, $mask, $privilege)); } } } } }