/** * @param PermissionsInterface $permissions * @param VaultConfig $config */ public function boot(PermissionsInterface $permissions, VaultConfig $config) { if (!$permissions->hasRole(static::ROLE)) { $permissions->addRole(static::ROLE); } $namespace = $config->securityNamespace(); //Following rule will raise log message to notify that insecure setting were used $permissions->associate(static::ROLE, "{$namespace}.*", InsecureRule::class); $permissions->associate(static::ROLE, "{$namespace}.*.*", InsecureRule::class); $permissions->associate(static::ROLE, "{$namespace}.*.*.*", InsecureRule::class); $permissions->associate(static::ROLE, "{$namespace}.*.*.*.*", InsecureRule::class); }
/** * @param string $controller * @param string $action * @param array $parameters * @return mixed * @throws ControllerException */ protected function execute($controller, $action, array $parameters) { $benchmark = $this->benchmark('callAction', $controller . '::' . ($action ?: '~default~')); $scope = $this->container->replace(Vault::class, $this); $this->controller = $controller; try { //Initiating controller with all required dependencies $object = $this->container->make($this->config->controllers()[$controller]); if (!$object instanceof ControllerInterface) { throw new ControllerException("Invalid '{$controller}', ControllerInterface not implemented.", ControllerException::NOT_FOUND); } return $object->callAction($action, $parameters); } finally { $this->benchmark($benchmark); $this->container->restore($scope); $this->controller = ''; } }