/**
* @test
* @category unit
* @author Andreas Förthner <*****@*****.**>
*/
public function parseStoresTheCorrectResourceTreeTraceInTheTraceParameter()
{
$resourcesTree = array('theOneAndOnlyResource' => 'method(F3\\TestPackage\\BasicClass->setSomeProperty())', 'theOtherLonelyResource' => 'theOneAndOnlyResource', 'theIntegrativeResource' => 'theOtherLonelyResource');
$mockPointcutFilterComposite = $this->getMock('F3\\FLOW3\\AOP\\Pointcut\\PointcutFilterComposite', array(), array(), '', FALSE);
$mockObjectFactory = $this->getMock('F3\\FLOW3\\Object\\ObjectFactoryInterface', array(), array(), '', FALSE);
$mockObjectFactory->expects($this->any())->method('create')->will($this->returnValue($mockPointcutFilterComposite));
$mockObjectManager = $this->getMock('F3\\FLOW3\\Object\\ObjectManagerInterface', array(), array(), '', FALSE);
$parser = new \F3\FLOW3\Security\ACL\PolicyExpressionParser();
$parser->injectObjectFactory($mockObjectFactory);
$parser->injectObjectManager($mockObjectManager);
$parser->setResourcesTree($resourcesTree);
$trace = array();
$parser->parse('theIntegrativeResource', $trace);
$expectedTrace = array('theIntegrativeResource', 'theOtherLonelyResource', 'theOneAndOnlyResource');
$this->assertEquals($expectedTrace, $trace, 'The trace has not been set as expected.');
}
/**
* Checks if the specified class and method matches against the filter, i.e. if there is a policy entry to intercept this method.
* This method also creates a cache entry for every method, to cache the associated roles and privileges.
*
* @param string $className Name of the class to check the name of
* @param string $methodName Name of the method to check the name of
* @param string $methodDeclaringClassName Name of the class the method was originally declared in
* @param mixed $pointcutQueryIdentifier Some identifier for this query - must at least differ from a previous identifier. Used for circular reference detection.
* @return boolean TRUE if the names match, otherwise FALSE
* @author Andreas Förthner <*****@*****.**>
* @author Robert Lemke <*****@*****.**>
*/
public function matches($className, $methodName, $methodDeclaringClassName, $pointcutQueryIdentifier)
{
if ($this->settings['security']['enable'] === FALSE) {
return FALSE;
}
$matches = FALSE;
if (count($this->filters) === 0) {
$this->policyExpressionParser->setResourcesTree($this->settings['security']['policy']['resources']);
foreach ($this->settings['security']['policy']['acls'] as $role => $acl) {
foreach ($acl as $resource => $privilege) {
$resourceTrace = array();
$this->filters[$role][$resource] = $this->policyExpressionParser->parse($resource, $resourceTrace);
foreach ($resourceTrace as $currentResource) {
$this->acls[$currentResource][$role][] = $privilege;
}
}
}
}
foreach ($this->filters as $role => $filtersForRole) {
foreach ($filtersForRole as $resource => $filter) {
if ($filter->matches($className, $methodName, $methodDeclaringClassName, $pointcutQueryIdentifier)) {
$methodIdentifier = $className . '->' . $methodName;
$this->acls[$methodIdentifier][$role][] = $this->settings['security']['policy']['acls'][$role][$resource];
$matches = TRUE;
}
}
}
return $matches;
}