Exemplo n.º 1
0
 public function assert(AuthorizationResult $result, $role = null)
 {
     if (!$role instanceof RoleInterface) {
         throw new InvalidArgumentException();
     }
     $instanceManager = $this->getInstanceManager();
     $permissionService = $this->getPermissionService();
     $assertion = new InstanceAssertion($instanceManager, $permissionService, $this->traversalStrategy);
     $checkPermission = $result->getPermission() . '.' . $role->getName();
     $result = clone $result;
     $instancesToCheck = [];
     $rolesToCheck = $assertion->flattenRoles([$role]);
     foreach ($rolesToCheck as $roleToCheck) {
         foreach ($roleToCheck->getPermissions() as $permission) {
             $instance = $permission->getParameter('instance');
             if (!in_array($instance, $instancesToCheck)) {
                 $instancesToCheck[] = $instance;
             }
         }
     }
     try {
         $this->getPermissionService()->findPermissionByName($checkPermission);
     } catch (PermissionNotFoundException $e) {
         $checkPermission = $result->getPermission();
     }
     $result->setPermission($checkPermission);
     foreach ($instancesToCheck as $instance) {
         if (!$assertion->assert($result, $instance)) {
             return false;
         }
     }
     return true;
 }
Exemplo n.º 2
0
 /**
  * Check if this assertion is true
  *
  * @param  AuthorizationResult $authorization
  * @param  mixed               $context
  * @throws RuntimeException
  * @throws InvalidArgumentException
  * @return bool
  */
 public function assert(AuthorizationResult $authorization, $context = null)
 {
     if ($context === null) {
         $instance = null;
     } elseif ($context instanceof InstanceProviderInterface) {
         $instance = $context->getInstance();
         if (!is_object($instance)) {
             throw new RuntimeException(sprintf('%s provides an instance of null', get_class($context)));
         }
     } elseif ($context instanceof InstanceInterface) {
         $instance = $context;
     } else {
         throw new InvalidArgumentException(sprintf('Expected null, InstanceProviderInterface or InstanceInterface but got %s', is_object($context) ? get_class($context) : gettype($context)));
     }
     $permissionToCheck = $authorization->getPermission();
     $rolesToCheck = $this->flattenRoles($authorization->getRoles());
     $permissions = $this->permissionService->findParametrizedPermissions($permissionToCheck, 'instance', $instance);
     if ($this->isGranted($rolesToCheck, $permissions)) {
         return true;
     }
     // Not found..well, that's unfortunate! Let's check if it's satisfiable with global permissions
     if ($instance !== null) {
         $permissions = $this->permissionService->findParametrizedPermissions($permissionToCheck, 'instance', null);
         if ($this->isGranted($rolesToCheck, $permissions)) {
             return true;
         }
     }
     return false;
 }