public function assert(Acl $acl, RoleInterface $role = null, ResourceInterface $resource = null, $privilege = null) { if (!$role instanceof UserInterface || !$resource instanceof JobInterface || 'edit' != $privilege) { return false; } return $resource->getPermissions()->isGranted($role->getId(), Permissions::PERMISSION_CHANGE); }
public function assert(Acl $acl, RoleInterface $role = null, ResourceInterface $resource = null, $privilege = null) { if (!$role instanceof UserInterface || !$resource instanceof FileInterface) { return false; } $privilege = $privilege ?: PermissionsInterface::PERMISSION_VIEW; return $resource->getPermissions()->isGranted($role, $privilege); }
/** * (non-PHPdoc) * @see \Zend\Permissions\Acl\Assertion\AssertionInterface::assert() * @param string $privilege * @return bool */ public function assert(Acl $acl, RoleInterface $role = null, ResourceInterface $resource = null, $privilege = null) { if (!$role instanceof UserInterface || !$resource instanceof ApplicationInterface) { return false; } $permission = 'read' == $privilege ? PermissionsInterface::PERMISSION_VIEW : PermissionsInterface::PERMISSION_CHANGE; return $resource->getPermissions()->isGranted($role, $permission); }
/** * Returns true, if the user has write access to the job. * * {@inheritDoc} * @see \Zend\Permissions\Acl\Assertion\AssertionInterface::assert() */ public function assert(Acl $acl, RoleInterface $role = null, ResourceInterface $resource = null, $privilege = null) { if (!$role instanceof UserInterface || !$resource instanceof JobInterface || 'edit' != $privilege) { return false; } /* @var $resource \Jobs\Entity\JobInterface */ return $resource->getPermissions()->isGranted($role->getId(), Permissions::PERMISSION_CHANGE) || $this->checkOrganizationPermissions($role, $resource); }
/** * Checks permissions based on resources' permissions. * * {@inheritDoc} * * @see \Zend\Permissions\Acl\Assertion\AssertionInterface::assert() */ public function assert(Acl $acl, RoleInterface $role = null, ResourceInterface $resource = null, $privilege = null) { if (!$role instanceof UserInterface || !$resource instanceof ApplicationInterface) { return false; } /* @var $resource ApplicationInterface|DraftableEntityInterface */ $permissions = $resource->getPermissions(); /* If application is a draft, only the associated user may view and edit. * As an anonymous user is not saved with the entity, we need to check the 'change' permission. */ if ($resource->isDraft()) { return $role === $resource->getUser() || $permissions->isGranted($role, PermissionsInterface::PERMISSION_CHANGE); } if (ApplicationInterface::PERMISSION_SUBSEQUENT_ATTACHMENT_UPLOAD == $privilege) { // only applicant is allowed to upload subsequent attachments return $permissions->isAssigned($role) && $permissions->isGranted($role, PermissionsInterface::PERMISSION_VIEW); } $permission = 'read' == $privilege ? PermissionsInterface::PERMISSION_VIEW : PermissionsInterface::PERMISSION_CHANGE; return $permissions->isGranted($role, $permission); }
public function assert(Acl $acl, RoleInterface $role = null, ResourceInterface $resource = null, $privilege = null) { return 'edit' == $privilege && $role instanceof UserInterface && $resource instanceof OrganizationInterface && $resource->getPermissions()->isGranted($role, PermissionsInterface::PERMISSION_CHANGE); }
/** * Returns true if and only if the assertion conditions are met * * This method is passed the ACL, Role, Resource, and privilege to which the authorization query applies. If the * $role, $resource, or $privilege parameters are null, it means that the query applies to all Roles, Resources, or * privileges, respectively. * * @param Acl $acl * @param RoleInterface $role * @param ResourceInterface $resource * @param string $privilege * * @return bool */ public function assert(Acl $acl, RoleInterface $role = null, ResourceInterface $resource = null, $privilege = null) { /* @var ResourceInterface|Cv $resource */ return $role instanceof UserInterface && $resource instanceof CvInterface && 'view' == $privilege && ($resource->getPermissions()->isGranted($role, PermissionsInterface::PERMISSION_VIEW) || Status::PUBLIC_TO_ALL == (string) $resource->getStatus()); }