/** * @param \Generated\Shared\Transfer\UserTransfer $userTransfer * @param string $bundle * @param string $controller * @param string $action * * @return bool */ public function isAllowed(UserTransfer $userTransfer, $bundle, $controller, $action) { if ($this->userFacade->isSystemUser($userTransfer)) { $this->registerSystemUserRules($userTransfer); } if ($this->isIgnorable($bundle, $controller, $action)) { return true; } $groups = $this->group->getUserGroups($userTransfer->getIdUser()); if (!$groups->getGroups()) { return false; } $this->provideUserRuleWhitelist(); foreach ($groups->getGroups() as $group) { $rulesTransfer = $this->getRulesForGroupId($group->getIdAclGroup()); if (!$rulesTransfer->getRules()) { continue; } $this->rulesValidator->setRules($rulesTransfer); $isAccessible = $this->rulesValidator->isAccessible($bundle, $controller, $action); if ($isAccessible) { return true; } } return false; }
/** * @param int $idUser * * @return \Generated\Shared\Transfer\RolesTransfer */ public function getUserRoles($idUser) { $groupsTransfer = $this->group->getUserGroups($idUser); $rolesTransfer = new RolesTransfer(); foreach ($groupsTransfer->getGroups() as $groupTransfer) { $this->addGroupRoles($rolesTransfer, $groupTransfer->getIdAclGroup()); } return $rolesTransfer; }