Checks is access allowed.
public isAllowed ( string | SimpleAcl\Role\RoleAggregateInterface $roleName, string | SimpleAcl\Resource\ResourceAggregateInterface $resourceName, string $ruleName ) : boolean | ||
$roleName | string | SimpleAcl\Role\RoleAggregateInterface | |
$resourceName | string | SimpleAcl\Resource\ResourceAggregateInterface | |
$ruleName | string | |
return | boolean |
public function testAddSameRules() { $acl = new Acl(); $rule = new Rule('Edit'); $user = new Role('User'); $page = new Resource('Page'); $superUser = new Role('SuperUser'); $superPage = new Resource('SuperPage'); $acl->addRule($user, $page, $rule, true); $this->assertSame($rule->getRole(), $user); $this->assertSame($rule->getResource(), $page); // If rule already exist don't add it in Acl, but change Role, Resource and Action $acl->addRule($superUser, $superPage, $rule, true); $this->assertNotSame($rule->getRole(), $user); $this->assertNotSame($rule->getResource(), $page); $this->assertSame($rule->getRole(), $superUser); $this->assertSame($rule->getResource(), $superPage); $this->assertFalse($acl->isAllowed('User', 'Page', 'Edit')); $this->assertTrue($acl->isAllowed('SuperUser', 'SuperPage', 'Edit')); $acl->addRule($superUser, $superPage, $rule, false); $this->assertFalse($acl->isAllowed('SuperUser', 'SuperPage', 'Edit')); $this->assertAttributeCount(1, 'rules', $acl); // rule should overwrite $role, $resource and $action when they actually used in addRule $acl->addRule($superUser, $superPage, $rule); $this->assertFalse($acl->isAllowed('SuperUser', 'SuperPage', 'Edit')); $this->assertAttributeCount(1, 'rules', $acl); $acl->addRule($rule); $this->assertFalse($acl->isAllowed('SuperUser', 'SuperPage', 'Edit')); $this->assertSame($rule->getRole(), $superUser); $this->assertSame($rule->getResource(), $superPage); $acl->addRule($rule, true); $this->assertTrue($acl->isAllowed('SuperUser', 'SuperPage', 'Edit')); $this->assertSame($rule->getRole(), $superUser); $this->assertSame($rule->getResource(), $superPage); }
public function testCustomRule() { require_once __DIR__ . '/../Stubs/CustomRule.php'; // must match any role and act as wide $acl = new Acl(); $rule = new \MathAnyRoleAndActAsWide('MathAnyRoleAndActAsWide'); $u = new Role('U'); $r = new Resource('R'); $acl->addRule($u, $r, $rule, true); $this->assertTrue($acl->isAllowed('U', 'R', 'ShouldActAsWide')); $this->assertTrue($acl->isAllowed('U1', 'R', 'ShouldActAsWide'), 'Must work with any role'); $this->assertFalse($acl->isAllowed('U', 'R1', 'ShouldActAsWide')); $this->assertFalse($acl->isAllowed('U1', 'R1', 'MathAnyRoleAndActAsWide')); // must match any resource and act as wide $acl = new Acl(); $rule = new \MathAnyResourceAndActAsWide('MathAnyResourceAndActAsWide'); $u = new Role('U'); $r = new Resource('R'); $acl->addRule($u, $r, $rule, true); $this->assertTrue($acl->isAllowed('U', 'R', 'ShouldActAsWide')); $this->assertTrue($acl->isAllowed('U', 'R1', 'ShouldActAsWide'), 'Must work with any resource'); $this->assertFalse($acl->isAllowed('U1', 'R', 'ShouldActAsWide')); $this->assertFalse($acl->isAllowed('U1', 'R1', 'MathAnyResourceAndActAsWide')); // must match anything $acl = new Acl(); $rule = new \MatchAnything('MathAnything'); $u = new Role('U'); $r = new Resource('R'); $acl->addRule($u, $r, $rule, true); $this->assertTrue($acl->isAllowed('anything', 'anything', 'anything')); }
public function testComplexGraph() { $acl = new Acl(); $u = new Role('U'); $u1 = new Role('U1'); $u2 = new Role('U2'); $u3 = new Role('U3'); $u->addChild($u1); $u->addChild($u2); $u->addChild($u3); $r = new Resource('R'); $r1 = new Resource('R1'); $r2 = new Resource('R2'); $r3 = new Resource('R3'); $r4 = new Resource('R4'); $r5 = new Resource('R5'); $r->addChild($r1); $r->addChild($r2); $r->addChild($r3); $r3->addChild($r4); $r3->addChild($r5); $a = new Rule('View'); $acl->addRule($u, $r, $a, true); $this->assertTrue($acl->isAllowed('U', 'R', 'View')); $this->assertTrue($acl->isAllowed('U', 'R1', 'View')); $this->assertTrue($acl->isAllowed('U', 'R2', 'View')); $this->assertTrue($acl->isAllowed('U', 'R3', 'View')); $this->assertTrue($acl->isAllowed('U', 'R4', 'View')); $this->assertTrue($acl->isAllowed('U', 'R5', 'View')); $this->assertTrue($acl->isAllowed('U1', 'R', 'View')); $this->assertTrue($acl->isAllowed('U1', 'R1', 'View')); $this->assertTrue($acl->isAllowed('U1', 'R2', 'View')); $this->assertTrue($acl->isAllowed('U1', 'R3', 'View')); $this->assertTrue($acl->isAllowed('U1', 'R4', 'View')); $this->assertTrue($acl->isAllowed('U1', 'R5', 'View')); $this->assertTrue($acl->isAllowed('U2', 'R', 'View')); $this->assertTrue($acl->isAllowed('U2', 'R1', 'View')); $this->assertTrue($acl->isAllowed('U2', 'R2', 'View')); $this->assertTrue($acl->isAllowed('U2', 'R3', 'View')); $this->assertTrue($acl->isAllowed('U2', 'R4', 'View')); $this->assertTrue($acl->isAllowed('U2', 'R5', 'View')); $this->assertTrue($acl->isAllowed('U3', 'R', 'View')); $this->assertTrue($acl->isAllowed('U3', 'R1', 'View')); $this->assertTrue($acl->isAllowed('U3', 'R2', 'View')); $this->assertTrue($acl->isAllowed('U3', 'R3', 'View')); $this->assertTrue($acl->isAllowed('U3', 'R4', 'View')); $this->assertTrue($acl->isAllowed('U3', 'R5', 'View')); $a2 = new Rule('View'); $acl->addRule($u, $r3, $a2, false); $this->assertTrue($acl->isAllowed('U', 'R', 'View')); $this->assertTrue($acl->isAllowed('U', 'R1', 'View')); $this->assertTrue($acl->isAllowed('U', 'R2', 'View')); $this->assertFalse($acl->isAllowed('U', 'R3', 'View')); $this->assertFalse($acl->isAllowed('U', 'R4', 'View')); $this->assertFalse($acl->isAllowed('U', 'R5', 'View')); $this->assertTrue($acl->isAllowed('U1', 'R', 'View')); $this->assertTrue($acl->isAllowed('U1', 'R1', 'View')); $this->assertTrue($acl->isAllowed('U1', 'R2', 'View')); $this->assertFalse($acl->isAllowed('U1', 'R3', 'View')); $this->assertFalse($acl->isAllowed('U1', 'R4', 'View')); $this->assertFalse($acl->isAllowed('U1', 'R5', 'View')); $this->assertTrue($acl->isAllowed('U2', 'R', 'View')); $this->assertTrue($acl->isAllowed('U2', 'R1', 'View')); $this->assertTrue($acl->isAllowed('U2', 'R2', 'View')); $this->assertFalse($acl->isAllowed('U2', 'R3', 'View')); $this->assertFalse($acl->isAllowed('U2', 'R4', 'View')); $this->assertFalse($acl->isAllowed('U2', 'R5', 'View')); $this->assertTrue($acl->isAllowed('U3', 'R', 'View')); $this->assertTrue($acl->isAllowed('U3', 'R1', 'View')); $this->assertTrue($acl->isAllowed('U3', 'R2', 'View')); $this->assertFalse($acl->isAllowed('U3', 'R3', 'View')); $this->assertFalse($acl->isAllowed('U3', 'R4', 'View')); $this->assertFalse($acl->isAllowed('U3', 'R5', 'View')); $a3 = new Rule('View'); $a4 = new Rule('View'); $acl->addRule($u2, $r4, $a3, true); $acl->addRule($u2, $r5, $a4, true); $this->assertTrue($acl->isAllowed('U', 'R', 'View')); $this->assertTrue($acl->isAllowed('U', 'R1', 'View')); $this->assertTrue($acl->isAllowed('U', 'R2', 'View')); $this->assertFalse($acl->isAllowed('U', 'R3', 'View')); $this->assertFalse($acl->isAllowed('U', 'R4', 'View')); $this->assertFalse($acl->isAllowed('U', 'R5', 'View')); $this->assertTrue($acl->isAllowed('U1', 'R', 'View')); $this->assertTrue($acl->isAllowed('U1', 'R1', 'View')); $this->assertTrue($acl->isAllowed('U1', 'R2', 'View')); $this->assertFalse($acl->isAllowed('U1', 'R3', 'View')); $this->assertFalse($acl->isAllowed('U1', 'R4', 'View')); $this->assertFalse($acl->isAllowed('U1', 'R5', 'View')); $this->assertTrue($acl->isAllowed('U2', 'R', 'View')); $this->assertTrue($acl->isAllowed('U2', 'R1', 'View')); $this->assertTrue($acl->isAllowed('U2', 'R2', 'View')); $this->assertFalse($acl->isAllowed('U2', 'R3', 'View')); $this->assertTrue($acl->isAllowed('U2', 'R4', 'View')); $this->assertTrue($acl->isAllowed('U2', 'R5', 'View')); $this->assertTrue($acl->isAllowed('U3', 'R', 'View')); $this->assertTrue($acl->isAllowed('U3', 'R1', 'View')); $this->assertTrue($acl->isAllowed('U3', 'R2', 'View')); $this->assertFalse($acl->isAllowed('U3', 'R3', 'View')); $this->assertFalse($acl->isAllowed('U3', 'R4', 'View')); $this->assertFalse($acl->isAllowed('U3', 'R5', 'View')); }