Exemplo n.º 1
0
 /**
  * @covers Rbac\Role\Role::getPermissions
  */
 public function testRoleCanGetPermissions()
 {
     $role = new Role('php');
     $role->addPermission('foo');
     $role->addPermission('bar');
     $expectedPermissions = ['foo' => 'foo', 'bar' => 'bar'];
     $this->assertEquals($expectedPermissions, $role->getPermissions());
 }
Exemplo n.º 2
0
 /**
  * @covers Rbac\Role\Role::addPermission
  */
 public function testRoleCanAddPermission()
 {
     $role = new Role('php');
     $role->addPermission('debug');
     $this->assertTrue($role->hasPermission('debug'));
     $permission = $this->getMock('Rbac\\Permission\\PermissionInterface');
     $permission->expects($this->once())->method('__toString')->will($this->returnValue('interface'));
     $role->addPermission($permission);
     $this->assertTrue($role->hasPermission('interface'));
 }
Exemplo n.º 3
0
 /**
  * {@inheritDoc}
  */
 public function getRoles(array $roleNames)
 {
     $roles = [];
     foreach ($roleNames as $roleName) {
         // If no config, we create a simple role with no permission
         if (!isset($this->rolesConfig[$roleName])) {
             $roles[] = new Role($roleName);
             continue;
         }
         $roleConfig = $this->rolesConfig[$roleName];
         if (isset($roleConfig['children'])) {
             $role = new HierarchicalRole($roleName);
             $childRoles = (array) $roleConfig['children'];
             foreach ($this->getRoles($childRoles) as $childRole) {
                 $role->addChild($childRole);
             }
         } else {
             $role = new Role($roleName);
         }
         $permissions = isset($roleConfig['permissions']) ? $roleConfig['permissions'] : [];
         foreach ($permissions as $permission) {
             $role->addPermission($permission);
         }
         $roles[] = $role;
     }
     return $roles;
 }
Exemplo n.º 4
0
 function setup_role_manager_mocks(Permission $permission, Role $role, RoleSet $role_set, RoleManager $role_manager)
 {
     $permission->permission_id = 1;
     $permission->name = 'Permission Name';
     $permission->description = 'A dummy permission';
     $role->role_id = 1;
     $role->name = 'members';
     $role->description = 'A dummy role';
     $role->hasPermission(Argument::type('RBAC\\Permission'))->willReturn(true);
     $role->getPermissions()->willReturn(array($permission));
     $role->addPermission(Argument::any())->willReturn(true);
     $role_set->addRole(Argument::type('RBAC\\Role\\Role'))->willReturn(true);
     $role_set->has_permission('Permission Name')->willReturn(true);
     $role_manager->roleFetchByName('members')->willReturn($role);
     $role_manager->roleFetch()->willReturn(array($role));
     $role_manager->roleSave(Argument::any())->willReturn(true);
     $role_manager->permissionFetch()->willReturn(array($permission));
     //assigns a role set object to the UserAccount object
     $role_manager->loadSubjectRoles(Argument::type('PolyAuth\\UserAccount'))->will(function ($args) use($role_set) {
         $user = $args[0];
         $user->loadRoleSet($role_set);
         return $user;
     });
     //adds a role to the role set of the role object
     $role_manager->roleAddSubject(Argument::cetera())->will(function ($args) {
         $role = $args[0];
         $user = $args[1];
         $role_set = $user->getRoleSet();
         $role_set->addRole($role);
         $user->loadRoleSet($role_set);
         return $user;
     });
     return ['role_manager' => $role_manager];
 }
Exemplo n.º 5
0
 /**
  * @covers Rbac\Rbac::isGranted
  */
 public function testCanCheckHierarchicalRole()
 {
     $childRole = new Role('Bar');
     $childRole->addPermission('permission');
     $parentRole = new HierarchicalRole('Foo');
     $parentRole->addChild($childRole);
     $rbac = new Rbac();
     $this->assertTrue($rbac->isGranted($parentRole, 'permission'));
 }
Exemplo n.º 6
0
 public function getRoles(array $roleNames)
 {
     $identity = $this->authenticationService->getIdentity();
     $authenticatedIdentity = [];
     $keypart = 'guest';
     if ($identity instanceof AuthenticatedIdentity) {
         $authenticatedIdentity = $identity->getAuthenticationIdentity();
         $keypart = $authenticatedIdentity['client_id'] . $authenticatedIdentity['access_token'];
     }
     $key = implode('_', array(implode('', $roleNames), $keypart));
     if (isset($this->roleCache[$key])) {
         return $this->roleCache[$key];
     }
     $roles = [];
     foreach ($roleNames as $roleName) {
         $roleEntity = $this->roleMapper->fetchEntity($roleName);
         if (!$roleEntity) {
             $roles[] = new Role($roleName);
             continue;
         }
         $role = new Role($roleName);
         $permissions = $roleEntity->getScopes();
         if (!empty($permissions)) {
             $permissions = explode(' ', $permissions);
         } else {
             $permissions = [];
         }
         $client_permissions = $permissions;
         if (isset($authenticatedIdentity['client_data'])) {
             if (isset($authenticatedIdentity['client_data']['scope']) && !empty($authenticatedIdentity['client_data']['scope'])) {
                 $client_permissions = explode(' ', $authenticatedIdentity['client_data']['scope']);
             }
         }
         $token_permissions = $permissions;
         if (isset($authenticatedIdentity['scope']) && !empty($authenticatedIdentity['scope'])) {
             $token_permissions = explode(' ', $authenticatedIdentity['scope']);
         }
         $permissions = array_intersect($permissions, $client_permissions, $token_permissions);
         foreach ($permissions as $permission) {
             $role->addPermission($permission);
         }
         $roles[] = $role;
     }
     $this->roleCache[$key] = $roles;
     return $roles;
 }
Exemplo n.º 7
0
 /**
  * Get role by role name
  *
  * @param $roleName
  * @return RoleInterface
  */
 protected function getRole($roleName)
 {
     if (isset($this->roles[$roleName])) {
         return $this->roles[$roleName];
     }
     // If no config, we create a simple role with no permission
     if (!isset($this->rolesConfig[$roleName])) {
         $role = new Role($roleName);
         $this->roles[$roleName] = $role;
         return $role;
     }
     $roleConfig = $this->rolesConfig[$roleName];
     if (isset($roleConfig['children'])) {
         $role = new HierarchicalRole($roleName);
         $childRoles = (array) $roleConfig['children'];
         foreach ($childRoles as $childRole) {
             $childRole = $this->getRole($childRole);
             $role->addChild($childRole);
         }
     } else {
         $role = new Role($roleName);
     }
     $permissions = isset($roleConfig['permissions']) ? $roleConfig['permissions'] : [];
     foreach ($permissions as $permission) {
         $role->addPermission($permission);
     }
     $this->roles[$roleName] = $role;
     return $role;
 }