/** * Constructs sql restriction based on permission specified and fills list of used sql params to be bind in prepared * statement * * @param string $permission permission value (VIEW, EDIT, etc) * @param array &$valuesForBind list of params to be bind * * @return string */ private function getPermissionSqlRestriction($permission, &$valuesForBind) { if (!$this->permissionMap->contains($permission)) { throw new InvalidArgumentException(sprintf('There is no masks in permission map for specified permission "%s"', $permission)); } // Hack to omit mandatory object parameter which is not necessary $requiredMasks = $this->permissionMap->getMasks($permission, new \StdClass()); $maskSqlParams = []; // filling values for bind with mask params and prepare mask params array foreach ($requiredMasks as $maskKey => $mask) { $maskParam = "mask" . $maskKey; $maskSqlParams[$maskKey] = $maskParam; $valuesForBind[$maskParam] = ['value' => $mask, 'type' => PDO::PARAM_INT]; } $strategyMasksSqlRestrictions = []; foreach (static::$permissionStrategyCheckPatterns as $strategyKey => $pattern) { $strategyMasksSqlRestrictions[$strategyKey] = []; foreach ($requiredMasks as $maskKey => $mask) { $strategyMasksSqlRestrictions[$strategyKey][] = str_replace("%MASK_PARAM%", $maskSqlParams[$maskKey], $pattern); } } $strategySqlRestrictions = []; foreach ($strategyMasksSqlRestrictions as $strategyKey => $restrictions) { $strategySqlRestrictions[] = sprintf('(e.granting_strategy = "%s" AND (%s))', $strategyKey, implode(" OR ", $restrictions)); } $permissionSqlRestriction = sprintf('WHERE e.granting = 1 AND (%s)', implode(" OR ", $strategySqlRestrictions)); return $permissionSqlRestriction; }
/** * {@inheritdoc} */ public function contains($permission) { return $this->permissionMap->contains($permission); }