Пример #1
0
 /**
  * Add user info for request
  *
  * @param GetResponseEvent $request
  */
 public function onKernelRequest(GetResponseEvent $request)
 {
     $token = $this->tokenStorage->getToken();
     $user = null;
     if (!is_null($token)) {
         $user = $token->getUser();
     }
     $this->xacmlRequest->set($this->category, $user);
 }
Пример #2
0
 /**
  * Add resource information for request from annotations
  *
  * @param GetResponseEvent $request
  */
 public function onKernelRequest(GetResponseEvent $request)
 {
     $controller = $request->getRequest()->get('_controller');
     $controllerParts = explode('::', $controller);
     if (is_array($controllerParts) && count($controllerParts) == 2) {
         $class = $controllerParts[0];
         $method = $controllerParts[1];
         $object = new \ReflectionMethod($class, $method);
         $resources = [];
         foreach ($this->annotationsReader->getMethodAnnotations($object) as $configuration) {
             if ($configuration instanceof XacmlResource) {
                 $baseClassName = $this->getBaseClassName($configuration->entity);
                 $resources[$baseClassName] = new Resource($configuration->entity, $request->getRequest()->get($configuration->id), $configuration->method);
                 $resources['type'] = $baseClassName;
             }
         }
         if (!empty($resources)) {
             $this->xacmlRequest->set($this->category, $resources);
         }
     }
 }
Пример #3
0
 /**
  * Retrieve value by attributeId from request context
  *
  * @param XacmlRequest $request
  * @param string $attributeId
  * @return mixed
  * @throws \Exception
  */
 public function getValue(XacmlRequest $request, $attributeId)
 {
     $attributeParts = explode('.', trim($attributeId));
     $array = [];
     foreach ($attributeParts as $key => $attributePart) {
         //First check Category - top level in XacmlRequest
         if ($key === 0) {
             $array = $request->get($attributePart);
             if (empty($array)) {
                 //Check if attribute part is Resource
                 $array = $request->get('Resource');
                 if (!empty($array) && isset($array[$attributePart])) {
                     if ($array[$attributePart] instanceof XacmlResource) {
                         /** @var XacmlResource $resource */
                         $resource = $array[$attributeParts[0]];
                         $array = $this->getEntity($resource);
                     } elseif (is_object($array[$attributePart])) {
                         $array = $array[$attributePart];
                     }
                 }
             }
             if (empty($array)) {
                 throw new \Exception("Attribute {$attributeId} not found");
             }
             continue;
         }
         if (is_array($array) && isset($array[$attributePart])) {
             $array = $array[$attributePart];
         } elseif (is_object($array)) {
             $getter = $this->getGetter($attributePart);
             $array = $array->{$getter}();
         } else {
             throw new \Exception("Attribute {$attributeId} not found");
         }
     }
     return $array;
 }
Пример #4
0
 public function evaluate(XacmlRequest $request)
 {
     $action = $request->get('Action');
     //Error pages not have Action name
     /**
      * Permit access to:
      * - Error pages with empty Action name
      * - Actions for debug, started with "_"
      */
     if (empty($action) || substr($action, 0, 1) === '_') {
         return Decision::PERMIT;
     }
     $policies = $this->em->getRepository(PolicySet::class)->findNotLinkedPolicySets();
     if (empty($policies)) {
         $policies = $this->em->getRepository(Policy::class)->findNotLinkedPolicies();
     }
     if (!empty($policies)) {
         $result = $this->combiningAlgorithmRegistry->get($this->combiningAlgId)->evaluate($request, $policies);
         if (in_array($result, [Decision::PERMIT, Decision::DENY])) {
             return $result;
         }
     }
     return $this->defaultDecision;
 }
 /**
  * Add environment information for request
  *
  * @param GetResponseEvent $request
  */
 public function onKernelRequest(GetResponseEvent $request)
 {
     $dateTime = new \DateTime();
     $this->xacmlRequest->set($this->category, ['ip' => $request->getRequest()->getClientIp(), 'date_time' => $dateTime->format('Y-m-d H:i:s')]);
 }
Пример #6
0
 /**
  * Add route name for request
  *
  * @param GetResponseEvent $request
  */
 public function onKernelRequest(GetResponseEvent $request)
 {
     $this->xacmlRequest->set($this->category, $request->getRequest()->get('_route'));
 }