/** * {@inheritdoc} */ public function isAllowed($role, $resource, $privilege) { if (NULL === ($allowed = $this->cache->load([$role, $resource, $privilege]))) { $allowed = $this->cache->save([$role, $resource, $privilege], function () use($role, $resource, $privilege) { return $this->authorizator->isAllowed($role, $resource, $privilege); }, [Cache::TAGS => ['role/' . serialize($role), 'resource/' . serialize($resource), 'privilege/' . serialize($privilege)]]); } return $allowed; }
public function isAllowed($role = IAuthorizator::ALL, $resource = IAuthorizator::ALL, $privilege = IAuthorizator::ALL) { if (!$this->acl->hasRole($role)) { $this->onUndefinedRole($role); } if (!$this->acl->hasResource($resource)) { $this->onUndefinedResource($resource); } return $this->acl->isAllowed($role, $resource, $privilege); }
/** * {@inheritdoc} */ public function isAllowed($role, $resource, $privilege) { if (!isset($this->authorizator)) { throw new \Ark8\Security\Exceptions\SkipException('Authorizator is not set.'); } if ($resource instanceof IResource) { if (!$resource instanceof GenericResource) { throw new \Ark8\Security\Exceptions\SkipException(sprintf('Resource must be instance of %s, %s given.', GenericResource::class, gettype($resource))); } $privilege = $resource->getPrivilege(); $resource = $resource->getResourceId(); } return $this->authorizator->isAllowed($role, $resource, $privilege); }