Returns TRUE, if the given privilege type is granted for the given subject based
on the current security context.
| public isGranted ( string $privilegeType, mixed $subject, string &$reason = '' ) : boolean | ||
| $privilegeType | string | The type of privilege that should be evaluated |
| $subject | mixed | The subject to check privileges for |
| $reason | string | This variable will be filled by a message giving information about the reasons for the result of this method |
| Результат | boolean | |
/**
* Invokes the security interception
*
* @return boolean TRUE if the security checks was passed
* @throws AccessDeniedException
* @throws AuthenticationRequiredException if an entity could not be found (assuming it is bound to the current session), causing a redirect to the authentication entrypoint
* @throws NoTokensAuthenticatedException if no tokens could be found and the accessDecisionManager denied access to the privilege target, causing a redirect to the authentication entrypoint
*/
public function invoke()
{
$reason = '';
$privilegeSubject = new MethodPrivilegeSubject($this->joinPoint);
try {
$this->authenticationManager->authenticate();
} catch (EntityNotFoundException $exception) {
throw new AuthenticationRequiredException('Could not authenticate. Looks like a broken session.', 1358971444, $exception);
} catch (NoTokensAuthenticatedException $noTokensAuthenticatedException) {
// We still need to check if the privilege is available to "Neos.Flow:Everybody".
if ($this->privilegeManager->isGranted(MethodPrivilegeInterface::class, $privilegeSubject, $reason) === false) {
throw new NoTokensAuthenticatedException($noTokensAuthenticatedException->getMessage() . chr(10) . $reason, $noTokensAuthenticatedException->getCode());
}
}
if ($this->privilegeManager->isGranted(MethodPrivilegeInterface::class, $privilegeSubject, $reason) === false) {
throw new AccessDeniedException($this->renderDecisionReasonMessage($reason), 1222268609);
}
}
/**
* Collect node data and traverse child nodes
*
* @param array &$nodes
* @param NodeInterface $node
* @param string $nodeTypeFilter
* @param integer $depth levels of child nodes to fetch. 0 = unlimited
* @param \Neos\ContentRepository\Domain\Model\NodeInterface $untilNode if given, expand all nodes on the rootline towards $untilNode, no matter what is defined with $depth.
* @param integer $recursionPointer current recursion level
* @return void
*/
protected function collectChildNodeData(array &$nodes, NodeInterface $node, $nodeTypeFilter, $depth = 0, NodeInterface $untilNode = null, $recursionPointer = 1)
{
foreach ($node->getChildNodes($nodeTypeFilter) as $childNode) {
if (!$this->privilegeManager->isGranted(NodeTreePrivilege::class, new NodePrivilegeSubject($childNode))) {
continue;
}
/** @var NodeInterface $childNode */
$expand = $depth === 0 || $recursionPointer < $depth;
if ($expand === false && $untilNode !== null && strpos($untilNode->getPath(), $childNode->getPath()) === 0 && $childNode !== $untilNode) {
// in case $untilNode is set, and the current childNode is on the rootline of $untilNode (and not the node itself), expand the node.
$expand = true;
}
switch ($this->outputStyle) {
case self::STYLE_LIST:
$nodeType = $childNode->getNodeType()->getName();
$properties = $childNode->getProperties();
$properties['__contextNodePath'] = $childNode->getContextPath();
$properties['__workspaceName'] = $childNode->getWorkspace()->getName();
$properties['__nodeName'] = $childNode->getName();
$properties['__nodeType'] = $nodeType;
$properties['__title'] = $nodeType === 'Neos.Neos:Document' ? $childNode->getProperty('title') : $childNode->getLabel();
array_push($nodes, $properties);
if ($expand) {
$this->collectChildNodeData($nodes, $childNode, $nodeTypeFilter, $depth, $untilNode, $recursionPointer + 1);
}
break;
case self::STYLE_TREE:
$children = array();
$hasChildNodes = $childNode->hasChildNodes($nodeTypeFilter) === true;
if ($expand && $hasChildNodes) {
$this->collectChildNodeData($children, $childNode, $nodeTypeFilter, $depth, $untilNode, $recursionPointer + 1);
}
array_push($nodes, $this->collectTreeNodeData($childNode, $expand, $children, $hasChildNodes));
}
}
}
/**
* @param NodeInterface $node
* @param string $propertyName
* @return boolean
*/
public function isGrantedToEditNodeProperty(NodeInterface $node, $propertyName)
{
$privilegeSubject = new PropertyAwareNodePrivilegeSubject($node, null, $propertyName);
return $this->privilegeManager->isGranted(EditNodePropertyPrivilege::class, $privilegeSubject);
}
