/**
  * {@inheritDoc}
  */
 public function isGranted(AclInterface $acl, array $masks, array $sids, $administrativeMode = false)
 {
     $result = null;
     // check object ACEs
     $aces = $acl->getObjectAces();
     if (!empty($aces)) {
         $result = $this->hasSufficientPermissions($acl, $aces, $masks, $sids, $administrativeMode);
     }
     // check class ACEs if object ACEs were not found
     if ($result === null) {
         $aces = $acl->getClassAces();
         if (!empty($aces)) {
             $result = $this->hasSufficientPermissions($acl, $aces, $masks, $sids, $administrativeMode);
         }
     }
     // check parent ACEs if object and class ACEs were not found
     if ($result === null && $acl->isEntriesInheriting()) {
         $parentAcl = $acl->getParentAcl();
         if ($parentAcl !== null) {
             $result = $parentAcl->isGranted($masks, $sids, $administrativeMode);
         }
     }
     // throw NoAceFoundException if no any ACEs were found
     if ($result === null) {
         throw new NoAceFoundException();
     }
     return $result;
 }
 /**
  * {@inheritDoc}
  */
 public function isGranted(AclInterface $acl, array $masks, array $sids, $administrativeMode = false)
 {
     try {
         try {
             $aces = $acl->getObjectAces();
             if (!$aces) {
                 throw static::$noAceException;
             }
             return $this->hasSufficientPermissions($acl, $aces, $masks, $sids, $administrativeMode);
         } catch (NoAceFoundException $noObjectAce) {
             $aces = $acl->getClassAces();
             if (!$aces) {
                 throw static::$noAceException;
             }
             return $this->hasSufficientPermissions($acl, $aces, $masks, $sids, $administrativeMode);
         }
     } catch (NoAceFoundException $noClassAce) {
         if ($acl->isEntriesInheriting() && null !== ($parentAcl = $acl->getParentAcl())) {
             return $parentAcl->isGranted($masks, $sids, $administrativeMode);
         }
         throw new NoAceFoundException('No applicable ACE was found.');
     }
 }
 /**
  * Get object ACE mask at specified index.
  *
  * @param AclInterface $acl   The acl interface
  * @param int          $index The index
  *
  * @return bool|int
  */
 private function getMaskAtIndex(AclInterface $acl, $index)
 {
     $objectAces = $acl->getObjectAces();
     /* @var $ace AuditableEntryInterface */
     $ace = $objectAces[$index];
     $securityIdentity = $ace->getSecurityIdentity();
     if ($securityIdentity instanceof RoleSecurityIdentity) {
         return $ace->getMask();
     }
     return false;
 }
Exemplo n.º 4
0
 /**
  * Extracts SIDs from ACL depending on entity config to prevent deletion of sharing when sharing scope is changed.
  *
  * @param AclInterface $acl
  *
  * @return array
  */
 protected function extractSids(AclInterface $acl)
 {
     $sids = [];
     foreach ($acl->getObjectAces() as $key => $ace) {
         /** @var Entry $ace */
         $sid = $ace->getSecurityIdentity();
         if ($this->isSidApplicable($sid)) {
             $sids[$key] = $sid;
         }
     }
     return $sids;
 }