Пример #1
0
 /**
  * Add role override if exists
  *
  * @param RoleInterface|string     $role      Role name or object
  * @param ResourceCollection|array $resources Role resources
  */
 public static function addRole($role, array $resources = [])
 {
     if ($role instanceof RoleInterface) {
         self::$roles[$role->getName()] = $role;
     } else {
         $role = new Role($role, $resources);
         self::$roles[$role->getName()] = $role;
     }
 }
Пример #2
0
 public function testIsGranted()
 {
     $collection = new ResourceCollection(['comments.add', 'comments.edit']);
     $adminRole = new Rbac\Role('admin', ['list_user', Rbac\Resource::create('delete_user')]);
     $this->rbac->addRole($adminRole);
     $adminRole->setResources($collection);
     $this->assertTrue($adminRole->hasResource('comments.add'));
     $this->assertTrue($adminRole->hasResource('comments.edit'));
     $this->assertFalse($adminRole->hasResource('posts.add'));
     $this->assertFalse($this->rbac->isGranted('admin', 'list_user'));
     $this->assertFalse($this->rbac->isGranted($adminRole, 'delete_user'));
     $notExistsRole = new Rbac\Role('notExistsRole');
     $this->setExpectedExceptionRegExp('RuntimeException', sprintf('/Role "%s" does not exists./', preg_quote($notExistsRole->getName(), '/')));
     $this->assertTrue($this->rbac->isGranted($notExistsRole->getName(), 'delete_user'));
 }
Пример #3
0
 /**
  * {@inheritdoc}
  */
 public function loadService()
 {
     if (false === $this->getContainer()->has('auth')) {
         $this->getContainer()->set('auth', function () {
             $storage = new SessionStorage($this->getContainer()->get('session'));
             $userDetails = new UserDetails(function ($userData) {
                 /** @var RolesTable $rolesTable */
                 $rolesTable = TableRegistry::get('Users.Roles');
                 $roles = $rolesTable->find('list', ['keyField' => 'id', 'valueField' => 'name'])->matching('Users', function ($q) use($userData) {
                     return $q->where(['Users.id' => $userData['id']]);
                 });
                 $userData['roles'] = $roles->toArray();
                 return $userData;
             });
             $authentication = new Auth($storage, $userDetails);
             return $authentication;
         });
     }
     if (false === $this->getContainer()->has('rbac')) {
         $this->getContainer()->set('rbac', function () {
             $rbac = new Rbac();
             /** @var RolesTable $rolesTable */
             $rolesTable = TableRegistry::get('Users.Roles');
             $roles = $rolesTable->find()->contain('Resources');
             /** @var Role $role */
             foreach ($roles as $role) {
                 $resourceCollection = new Rbac\ResourceCollection();
                 /** @var Resource $resource */
                 foreach ($role->get('resources') as $resource) {
                     $resourceCollection->attach(Rbac\Resource::create($resource->get('name'))->setTitle($resource->get('title'))->setDescription($resource->get('description')));
                 }
                 $rbac->addRole(Rbac\Role::create($role->get('name'), $resourceCollection)->setTitle($role->get('title'))->setDescription($role->get('description')));
             }
             return $rbac;
         });
     }
 }
Пример #4
0
 /**
  * Test resource
  */
 public function testResource()
 {
     $role = new Role('admin');
     $role->addResource('users.list');
     $this->assertTrue($role->hasResource('users.list'));
     $this->assertFalse($role->hasResource('users.does_not_have_resource'));
     $role->setResources(['posts.add', new Resource('posts.edit')]);
     $this->assertTrue($role->hasResource('posts.add'));
     $this->assertTrue($role->hasResource('posts.edit'));
     $this->assertFalse($role->hasResource('users.list'));
     $collection = new ResourceCollection(['comments.add', 'comments.edit']);
     $role->setResources($collection);
     $this->assertTrue($role->hasResource('comments.add'));
     $this->assertTrue($role->hasResource('comments.edit'));
     $this->assertFalse($role->hasResource('posts.add'));
     $this->assertTrue(spl_object_hash($collection) === spl_object_hash($role->getResources()));
 }