public function assert(AuthorizationResult $result, $role = null) { if (!$role instanceof RoleInterface) { throw new InvalidArgumentException(); } $instanceManager = $this->getInstanceManager(); $permissionService = $this->getPermissionService(); $assertion = new InstanceAssertion($instanceManager, $permissionService, $this->traversalStrategy); $checkPermission = $result->getPermission() . '.' . $role->getName(); $result = clone $result; $instancesToCheck = []; $rolesToCheck = $assertion->flattenRoles([$role]); foreach ($rolesToCheck as $roleToCheck) { foreach ($roleToCheck->getPermissions() as $permission) { $instance = $permission->getParameter('instance'); if (!in_array($instance, $instancesToCheck)) { $instancesToCheck[] = $instance; } } } try { $this->getPermissionService()->findPermissionByName($checkPermission); } catch (PermissionNotFoundException $e) { $checkPermission = $result->getPermission(); } $result->setPermission($checkPermission); foreach ($instancesToCheck as $instance) { if (!$assertion->assert($result, $instance)) { return false; } } return true; }
/** * Check if this assertion is true * * @param AuthorizationResult $authorization * @param mixed $context * @return bool */ public function assert(AuthorizationResult $authorization, $context = null) { if ($context instanceof InstanceProviderInterface or $context instanceof InstanceInterface) { $instance = $context; } else { $instance = $this->instanceManager->getInstanceFromRequest(); } return parent::assert($authorization, $instance); }