public function setUp()
{
parent::setUp();
$this->aclProvider = $this->prophesize(MutableAclProviderInterface::class);
$this->objectIdentityRetrievalStrategy = $this->prophesize(ObjectIdentityRetrievalStrategyInterface::class);
$this->securityIdentityRetrievalStrategy = $this->prophesize(SecurityIdentityRetrievalStrategyInterface::class);
$this->permissionMap = $this->prophesize(PermissionMapInterface::class);
$this->token = $this->prophesize(TokenInterface::class);
$this->accessControlVoter = new AccessControlVoter($this->aclProvider->reveal(), $this->objectIdentityRetrievalStrategy->reveal(), $this->securityIdentityRetrievalStrategy->reveal(), $this->permissionMap->reveal());
}
/**
* Constructs sql restriction based on permission specified and fills list of used sql params to be bind in prepared
* statement
*
* @param string $permission permission value (VIEW, EDIT, etc)
* @param array &$valuesForBind list of params to be bind
*
* @return string
*/
private function getPermissionSqlRestriction($permission, &$valuesForBind)
{
if (!$this->permissionMap->contains($permission)) {
throw new InvalidArgumentException(sprintf('There is no masks in permission map for specified permission "%s"', $permission));
}
// Hack to omit mandatory object parameter which is not necessary
$requiredMasks = $this->permissionMap->getMasks($permission, new \StdClass());
$maskSqlParams = [];
// filling values for bind with mask params and prepare mask params array
foreach ($requiredMasks as $maskKey => $mask) {
$maskParam = "mask" . $maskKey;
$maskSqlParams[$maskKey] = $maskParam;
$valuesForBind[$maskParam] = ['value' => $mask, 'type' => PDO::PARAM_INT];
}
$strategyMasksSqlRestrictions = [];
foreach (static::$permissionStrategyCheckPatterns as $strategyKey => $pattern) {
$strategyMasksSqlRestrictions[$strategyKey] = [];
foreach ($requiredMasks as $maskKey => $mask) {
$strategyMasksSqlRestrictions[$strategyKey][] = str_replace("%MASK_PARAM%", $maskSqlParams[$maskKey], $pattern);
}
}
$strategySqlRestrictions = [];
foreach ($strategyMasksSqlRestrictions as $strategyKey => $restrictions) {
$strategySqlRestrictions[] = sprintf('(e.granting_strategy = "%s" AND (%s))', $strategyKey, implode(" OR ", $restrictions));
}
$permissionSqlRestriction = sprintf('WHERE e.granting = 1 AND (%s)', implode(" OR ", $strategySqlRestrictions));
return $permissionSqlRestriction;
}
/**
* Resolves any variation of masks/permissions to an integer.
*
* @param string|int|array $masks
*
* @return type
*/
private function resolveMask($masks, $object)
{
$integerMask = 0;
if (is_integer($masks)) {
$integerMask = $masks;
} elseif (is_string($masks)) {
$permission = $this->permissionMap->getMasks($masks, $object);
$integerMask = $this->resolveMask($permission, $object);
} elseif (is_array($masks)) {
foreach ($masks as $mask) {
$integerMask += $this->resolveMask($mask, $object);
}
} else {
throw new \RuntimeException('Not a valid mask type');
}
return $integerMask;
}
/**
* {@inheritdoc}
*/
public function getMasks($permission, $object)
{
return $this->permissionMap->getMasks($permission, $object);
}
