Converts the given permissions from the numerical to the array representation.
public convertPermissionsToArray ( integer $permissions ) : array | ||
$permissions | integer | |
return | array |
/** * @dataProvider provideObjectIdentifiers */ public function testGetPermissions($objectId, $objectType, $objectIdentifier) { $ace1 = $this->prophesize(EntryInterface::class); $ace1->getSecurityIdentity()->willReturn($this->securityIdentity); $ace1->getMask()->willReturn(64); $this->acl->getObjectAces()->willReturn([$ace1->reveal()]); $this->maskConverter->convertPermissionsToArray(64)->willReturn(['view' => true]); $this->aclProvider->findAcl(new ObjectIdentity($objectIdentifier, $objectType))->willReturn($this->acl->reveal()); $permissions = $this->accessControlManager->getPermissions($objectType, $objectId); $this->assertEquals(true, $permissions['ROLE_SULU_ADMINISTRATOR']['view']); }
/** * Returns the permissions for all security identities. * * @param string $type The type of the protected object * @param string $identifier The identifier of the protected object * * @return array */ public function getPermissions($type, $identifier) { $accessControls = $this->accessControlRepository->findByTypeAndId($type, $identifier); $permissions = []; foreach ($accessControls as $accessControl) { $permissions[$accessControl->getRole()->getId()] = $this->maskConverter->convertPermissionsToArray($accessControl->getPermissions()); } return $permissions; }
/** * @dataProvider provideUserPermission */ public function testGetUserPermissions($rolePermissions, $securityContextPermissions, $userLocales, $locale, $result) { $this->maskConverter->convertPermissionsToArray(0)->willReturn(['view' => false, 'edit' => false]); $this->maskConverter->convertPermissionsToArray(64)->willReturn(['view' => true, 'edit' => false]); /** @var AccessControlProviderInterface $accessControlProvider */ $accessControlProvider = $this->prophesize(AccessControlProviderInterface::class); $accessControlProvider->supports(\stdClass::class)->willReturn(true); $accessControlProvider->getPermissions(\stdClass::class, '1')->willReturn($rolePermissions); $this->accessControlManager->addAccessControlProvider($accessControlProvider->reveal()); // create role for given role permissions from data provider /** @var Permission $permission1 */ $permission1 = $this->prophesize(Permission::class); $permission1->getPermissions()->willReturn($securityContextPermissions); $permission1->getContext()->willReturn('example'); /** @var Role $role1 */ $role1 = $this->prophesize(Role::class); $role1->getPermissions()->willReturn([$permission1->reveal()]); $role1->getId()->willReturn(1); /** @var UserRole $userRole1 */ $userRole1 = $this->prophesize(UserRole::class); $userRole1->getRole()->willReturn($role1->reveal()); $userRole1->getLocales()->willReturn($userLocales); // add a role which should not influence the security context check /** @var Permission $permission */ $permission2 = $this->prophesize(Permission::class); $permission2->getPermissions()->willReturn(127); $permission2->getContext()->willReturn('not-important'); /** @var Role $role */ $role2 = $this->prophesize(Role::class); $role2->getPermissions()->willReturn([$permission2->reveal()]); $role2->getId()->willReturn(2); /** @var UserRole $userRole */ $userRole2 = $this->prophesize(UserRole::class); $userRole2->getRole()->willReturn($role2->reveal()); $userRole2->getLocales()->willReturn($userLocales); // return the user with the above definitions /** @var User $user */ $user = $this->prophesize(User::class); $user->getUserRoles()->willReturn([$userRole1->reveal(), $userRole2->reveal()]); $user->getRoleObjects()->willReturn([$role1->reveal(), $role2->reveal()]); $permissions = $this->accessControlManager->getUserPermissions(new SecurityCondition('example', $locale, \stdClass::class, '1'), $user->reveal()); $this->assertEquals($result, $permissions); }
/** * {@inheritdoc} */ public function getPermissions($type, $identifier) { $oid = new ObjectIdentity($identifier, $type); try { $acl = $this->aclProvider->findAcl($oid); } catch (AclNotFoundException $exc) { return []; } $permissions = []; foreach ($acl->getObjectAces() as $ace) { /* @var EntryInterface $ace */ $permissions[$ace->getSecurityIdentity()->getRole()] = $this->maskConverter->convertPermissionsToArray($ace->getMask()); } return $permissions; }
public function testGetPermissions() { $roleIdReflection = new \ReflectionProperty(BaseRole::class, 'id'); $roleIdReflection->setAccessible(true); $role1 = new Role(); $roleIdReflection->setValue($role1, 1); $role2 = new Role(); $roleIdReflection->setValue($role2, 2); $this->maskConverter->convertPermissionsToArray(64)->willReturn(['view' => true, 'edit' => false]); $this->maskConverter->convertPermissionsToArray(96)->willReturn(['view' => true, 'edit' => true]); $accessControl1 = new AccessControl(); $accessControl1->setPermissions(64); $accessControl1->setRole($role1); $accessControl2 = new AccessControl(); $accessControl2->setPermissions(96); $accessControl2->setRole($role2); $accessControls = [$accessControl1, $accessControl2]; $this->accessControlRepository->findByTypeAndId('AcmeBundle\\Example', 1)->willReturn($accessControls); $this->assertEquals($this->doctrineAccessControlProvider->getPermissions('AcmeBundle\\Example', 1), [1 => ['view' => true, 'edit' => false], 2 => ['view' => true, 'edit' => true]]); }
/** * Returns the permissions for the given security context for the given user role. * * @param string $locale * @param string $securityContext * @param UserRole $userRole The user role for which the security is checked * @param bool $checkPermissionType Flag to show if the permission type should also be checked * * @return array */ private function getUserRoleSecurityContextPermission($locale, $securityContext, UserRole $userRole, $checkPermissionType) { $userPermission = $this->maskConverter->convertPermissionsToArray(0); foreach ($userRole->getRole()->getPermissions() as $permission) { $hasContext = $permission->getContext() == $securityContext; if (!$hasContext) { continue; } $hasLocale = $locale == null || in_array($locale, $userRole->getLocales()); if (!$hasLocale) { continue; } if ($checkPermissionType) { $userPermission = $this->maskConverter->convertPermissionsToArray($permission->getPermissions()); } else { array_walk($userPermission, function (&$permission) { $permission = true; }); } } return $userPermission; }