function it_does_not_match_if_user_has_not_transition_permissions(Transition $transition, User $user, Permission $permission, Item $item, Context $context, ErrorCollection $errorCollection) { $user->hasPermission($permission)->willReturn(false); $permission->__toString()->willReturn('workflow/permission'); $errorCollection->addError(Argument::cetera())->shouldBeCalled(); $this->match($transition, $item, $context, $errorCollection)->shouldReturn(false); }
function it_does_not_match_if_step_role_is_not_granted(Transition $transition, Item $item, Context $context, User $user, Permission $permission, ErrorCollection $errorCollection) { $item->isWorkflowStarted()->willReturn(true); $item->getCurrentStepName()->willReturn('step'); $permission->__toString()->willReturn('workflow/permission'); $user->hasPermission($permission)->willReturn(false); $errorCollection->addError(Argument::cetera())->shouldBeCalled(); $this->match($transition, $item, $context, $errorCollection)->shouldReturn(false); }
/** * Check a specific transition. Check if access is granted by default if no permission is given. * * @param Permission|null $permission Permission to check. * * @return bool */ protected function checkPermission(Permission $permission = null) { if ($permission) { if ($this->user->hasPermission($permission)) { return true; } } elseif ($this->isGrantedByDefault()) { return true; } return false; }
/** * Add permission to the role. * * @param Role[] $roles Already created roles. * @param string $roleName The role name. * @param Permission $permission The permission name. * @param \User $contaoUser The Contao user. * @param User $user The security user. * * @return Role */ private function addPermissionToRole(&$roles, $roleName, Permission $permission, $contaoUser, User $user) { $workflow = $permission->getWorkflowName(); if (!isset($roles[$workflow])) { $role = new Role($roleName, $permission->getWorkflowName(), $this->translateLabel($roleName), array('user' => $contaoUser)); $roles[$workflow] = $role; $user->assign($role); } $roles[$workflow]->addPermission($permission); return $roles[$workflow]; }