/**
* Checks if the combination of permission and userrole is allowed for the given attributes.
*
* @param SecurityCondition $object
* @param int $attribute
* @param Permission $permission
* @param array|null $locales
*
* @return bool
*/
private function isGranted($object, $attribute, Permission $permission, $locales)
{
if (!is_array($locales)) {
$locales = [];
}
$hasContext = $permission->getContext() == $object->getSecurityContext();
$hasLocale = $object->getLocale() == null || in_array($object->getLocale(), $locales);
// if there is a concrete object we only have to check for the locale and context
if ($object->getObjectId() || $object->getObjectType()) {
return $hasContext && $hasLocale;
}
$hasPermission = $permission->getPermissions() & $this->permissions[$attribute];
return $hasContext && $hasPermission && $hasLocale;
}