/** * Converts public => private key pairs into the array format accepted by ArrayAdapter * * @param array $accessList */ public function getExpandedAclList(array $accessList) { $entries = []; foreach ($accessList as $publicKey => $privateKey) { if (is_array($privateKey)) { throw new InvalidArgumentException('A public key can only have a single private key (as of 2.0.0)'); } $entries[] = ['publicKey' => $publicKey, 'privateKey' => $privateKey, 'acl' => [['resources' => Resource::getReadWriteResources(), 'users' => [$publicKey]]]]; } return $entries; }
/** * Figure out which resources we have available and subscribe to them * * @param EventInterface $event */ public function subscribe(EventInterface $event) { $resources = Resource::getAllResources(); if ($this->params['additionalResources']) { $resources = array_merge($resources, $this->params['additionalResources']); } $events = []; foreach ($resources as $resource) { $events[$resource] = ['checkAccess' => 500]; } $manager = $event->getManager(); $manager->addCallbacks($event->getHandler(), $events); }
public function testMethodsReturnsArrays() { $this->assertInternalType('array', Resource::getReadOnlyResources()); $this->assertInternalType('array', Resource::getReadWriteResources()); $this->assertInternalType('array', Resource::getAllResources()); }
<?php /** * This file is part of the Imbo package * * (c) Christer Edvartsen <*****@*****.**> * * For the full copyright and license information, please view the LICENSE file that was * distributed with this source code. */ use Imbo\Auth\AccessControl\Adapter\ArrayAdapter, Imbo\Resource; /** * Use individual read-only/read+write keys */ return ['accessControl' => function () { return new ArrayAdapter([['publicKey' => 'ro-pubkey', 'privateKey' => 'read-only-key', 'acl' => [['resources' => Resource::getReadOnlyResources(), 'users' => ['someuser']]]], ['publicKey' => 'rw-pubkey', 'privateKey' => 'read+write-key', 'acl' => [['resources' => Resource::getReadWriteResources(), 'users' => ['someuser']]]], ['publicKey' => 'foo', 'privateKey' => 'bar', 'acl' => [['resources' => Resource::getReadOnlyResources(), 'users' => ['user']]]]]); }];
/** * Ask user which specific resources the public key should have access to * * @param InputInterface $input * @param OutputInterface $output * @return array */ private function askForSpecificResources(InputInterface $input, OutputInterface $output) { $resources = Resource::getAllResources(); sort($resources); $question = new ChoiceQuestion('Which resources should the public key have access to? (comma-separated) ', $resources); $question->setMultiselect(true); return $this->getHelper('question')->ask($input, $output, $question); }
/** * @covers ImboCli\Command\AddPublicKey::execute * @covers ImboCli\Command\AddPublicKey::askForAnotherAclRule * @covers ImboCli\Command\AddPublicKey::askForCustomResources */ public function testPromtpsForListOfCustomResourcesIfOptionIsSelected() { $allResources = Resource::getAllResources(); sort($allResources); $this->adapter->expects($this->once())->method('addAccessRule')->with('foo', ['resources' => ['foo.read', 'bar.write'], 'users' => '*']); $this->adapter->expects($this->once())->method('addKeyPair')->with('foo', 'bar'); $helper = $this->command->getHelper('question'); $helper->setInputStream($this->getInputStream(['4', 'foo.read,bar.write', '*', 'n'])); $commandTester = new CommandTester($this->command); $commandTester->execute(['publicKey' => 'foo', 'privateKey' => 'bar']); }
<?php /** * This file is part of the Imbo package * * (c) Christer Edvartsen <*****@*****.**> * * For the full copyright and license information, please view the LICENSE file that was * distributed with this source code. */ use Imbo\Auth\AccessControl\Adapter\ArrayAdapter, Imbo\Resource; // Default config for testing $testConfig = ['accessControl' => function () { return new ArrayAdapter([['publicKey' => 'publickey', 'privateKey' => 'privatekey', 'acl' => [['resources' => Resource::getReadWriteResources(), 'users' => ['user', 'other-user']]]], ['publicKey' => 'unpriviledged', 'privateKey' => 'privatekey', 'acl' => [['resources' => Resource::getReadWriteResources(), 'users' => ['user']]]], ['publicKey' => 'wildcard', 'privateKey' => '*', 'acl' => [['resources' => Resource::getReadWriteResources(), 'users' => '*']]]]); }, 'database' => function () { return new Imbo\Database\MongoDB(['databaseName' => 'imbo_testing']); }, 'storage' => function () { return new Imbo\Storage\GridFS(['databaseName' => 'imbo_testing']); }]; // Default Imbo config $defaultConfig = (require __DIR__ . '/../../../config/config.default.php'); // Custom test config, if any, specified in the X-Imbo-Test-Config HTTP request header if (isset($_SERVER['HTTP_X_IMBO_TEST_CONFIG'])) { $customConfig = (require __DIR__ . '/' . basename($_SERVER['HTTP_X_IMBO_TEST_CONFIG'])); } else { $customConfig = []; } // Return the merged configuration, having the custom config overwrite the default testing config, // which in turn overwrites the default config return array_replace_recursive($defaultConfig, $testConfig, $customConfig);
<?php namespace Imbo\MetadataSearch; use Elasticsearch\ClientBuilder; use Imbo\Resource; use Imbo\Auth\AccessControl\Adapter\ArrayAdapter; $config = (require __DIR__ . '/../vendor/imbo/imbo/config/config.default.php'); $config = array_replace_recursive($config, ['accessControl' => function () { return new ArrayAdapter([['publicKey' => 'publickey', 'privateKey' => 'privatekey', 'acl' => [['resources' => Resource::getReadWriteResources(), 'users' => ['user', 'user2']]]], ['publicKey' => 'user2', 'privateKey' => 'privatekey', 'acl' => [['resources' => Resource::getReadWriteResources(), 'users' => ['user2']]]]]); }, 'database' => function () { return new \Imbo\Database\MongoDB(['databaseName' => 'metadatasearch_integration_db']); }, 'storage' => function () { return new \Imbo\Storage\GridFS(['databaseName' => 'metadatasearch_integration_storage']); }, 'eventListeners' => ['metadata' => ['listener' => new EventListener\MetadataOperations(['backend' => new Backend\ElasticSearch(ClientBuilder::create()->build(), ['index' => ['name' => 'metadatasearch_integration']])])]]]); return $config;