/** * @test */ public function hasRoleWorks() { $account = new Account(); $account->setRoles(array($this->administratorRole)); $this->assertTrue($account->hasRole($this->administratorRole)); $this->assertFalse($account->hasRole($this->customerRole)); }
/** * @test */ public function hasRoleReturnsFalseForAssignedButNonExistentRole() { $this->inject($this->account, 'roleIdentifiers', array('Acme.Demo:NoLongerThere', $this->administratorRole->getIdentifier())); $this->assertTrue($this->account->hasRole($this->administratorRole)); $this->assertFalse($this->account->hasRole(new Role('Acme.Demo:NoLongerThere'))); }
/** * @param \Ag\Login\Domain\Model\Role $role * @return bool */ public function hasRole($role) { return $this->login->hasRole($this->roleToFlowRole($role)); }
/** * Removes the specified role from the given account and potentially carries out further actions which are needed to * properly reflect these changes. * * @param Account $account The account to remove roles from * @param string $roleIdentifier A fully qualified role identifier, or a role identifier relative to the TYPO3.Neos namespace * @return integer How often this role has been removed from the given account (effectively can be 1 or 0) * @api */ public function removeRoleFromAccount(Account $account, $roleIdentifier) { $roleIdentifier = $this->normalizeRoleIdentifier($roleIdentifier); $role = $this->policyService->getRole($roleIdentifier); /** @var Account $account */ if ($account->hasRole($role)) { $account->removeRole($role); $this->accountRepository->update($account); $this->emitRolesRemoved($account, array($role)); return 1; } return 0; }
/** * renders <f:then> child if the role could be found in the security context, * otherwise renders <f:else> child. * * @param string $role The role or role identifier * @param string $packageKey PackageKey of the package defining the role * @param Account $account If specified, this subject of this check is the given Account instead of the currently authenticated account * @return string the rendered string * @api */ public function render($role, $packageKey = null, Account $account = null) { if (is_string($role)) { $roleIdentifier = $role; if (in_array($roleIdentifier, array('Everybody', 'Anonymous', 'AuthenticatedUser'))) { $roleIdentifier = 'TYPO3.Flow:' . $roleIdentifier; } if (strpos($roleIdentifier, '.') === false && strpos($roleIdentifier, ':') === false) { if ($packageKey === null) { $request = $this->controllerContext->getRequest(); $roleIdentifier = $request->getControllerPackageKey() . ':' . $roleIdentifier; } else { $roleIdentifier = $packageKey . ':' . $roleIdentifier; } } $role = $this->policyService->getRole($roleIdentifier); } if ($account instanceof Account) { $hasRole = $account->hasRole($role); } else { $hasRole = $this->securityContext->hasRole($role->getIdentifier()); } if ($hasRole) { return $this->renderThenChild(); } else { return $this->renderElseChild(); } }
/** * {@inheritDoc} */ public function hasRole(\TYPO3\Flow\Security\Policy\Role $role) { $this->__initializer__ && $this->__initializer__->__invoke($this, 'hasRole', array($role)); return parent::hasRole($role); }
/** * Adds new roles from CAS server since last authentication if some was added in CAS-Server. * Is used only if Account was persisted. See persistAccount() method. * * @param string $providerName Provider name. WARNING: not in settings set useStaticProviderNameByPersistingAccounts. * @param Account $account * * @return void * * @todo : move persistAll() at shutdown */ private function updateRolesInAccount($providerName, Account &$account) { $casAttributes = $this->casManager->getCasAttributes($providerName); $casServerRoles = $this->getRoles($providerName, $casAttributes); $accountMustBeUpdated = false; foreach ($casServerRoles as $casServerRole) { $accountMustBeUpdated = $accountMustBeUpdated == true ? $accountMustBeUpdated : !$account->hasRole($casServerRole); $account->addRole($casServerRole); } if ($accountMustBeUpdated) { $this->accountRepository->update($account); } $this->persistenceManager->persistAll(); }