/**
* {@inheritdoc}
*/
public function allows(ActorInterface $actor, $permission, array $context)
{
$allowed = 0;
foreach ($this->rules as $rule) {
$rule = $this->repository->get($rule);
if ($rule->allows($actor, $permission, $context)) {
if (static::JOINER == self::BOOLEAN_OR) {
return true;
}
$allowed++;
} elseif (static::JOINER == self::BOOLEAN_AND) {
return false;
}
}
return $allowed === count($this->rules);
}
/**
* {@inheritdoc}
*
* @return $this
*/
public function associate($role, $permission, $rule = GuardInterface::ALLOW)
{
if (!$this->hasRole($role)) {
throw new RoleException("Undefined role '{$role}'.");
}
if ($rule !== GuardInterface::ALLOW) {
if (!$this->rules->has($rule)) {
throw new PermissionException("Invalid permission rule '{$rule}'");
}
}
foreach ((array) $permission as $item) {
$this->associations[$role][$item] = $rule;
}
return $this;
}
