public function createUser(TokenInterface $token) { $username = $token->getUser(); $attributes = $token->getAttributes(); if (is_null($token->getRoles())) { $roles = isset($attributes['roles']) ? $attributes['roles'] : null; unset($attributes['roles']); } else { $roles = $token->getRoles(); } return new SpawnedUser($username, $attributes, $roles); }
public function vote(TokenInterface $token, Location $object, array $attributes) { if (in_array('ROLE_LOCATION_MODERATOR', $token->getRoles())) { return VoterInterface::ACCESS_GRANTED; } return VoterInterface::ACCESS_ABSTAIN; }
public function vote(TokenInterface $token, $group, array $attributes) { // check if class of this object is supported by this voter if (!$this->supportsClass(get_class($group))) { return VoterInterface::ACCESS_ABSTAIN; } // check if the given attribute is covered by this voter if (!$this->supportsAttribute($attributes[0])) { return VoterInterface::ACCESS_ABSTAIN; } // get current logged in user $user = $token->getUser(); //allow the token to have ROLE_SUPER_ADMIN before we check the user, for testing if (in_array(new Role("ROLE_SUPER_ADMIN"), $token->getRoles())) { return VoterInterface::ACCESS_GRANTED; } // make sure there is a user object (i.e. that the user is logged in) if (!$user instanceof User) { return VoterInterface::ACCESS_DENIED; } switch ($attributes[0]) { case self::VIEW: if ($user->hasGroup($group->getName())) { return VoterInterface::ACCESS_GRANTED; } break; case self::EDIT: if ($user->hasGroup($group->getName()) && $user->hasRole("ROLE_ADMIN")) { return VoterInterface::ACCESS_GRANTED; } break; } return VoterInterface::ACCESS_DENIED; }
/** * Returns the roles (an array of string) of the $token. * * @todo remove this $method * * @param \Symfony\Component\Security\Core\Authentication\Token\TokenInterface $token * * @return array */ public function getRoles(TokenInterface $token) { $roles = array(); foreach ($token->getRoles() as $role) { $roles[] = $role->getRole(); } return $roles; }
protected function isAdmin(TokenInterface $token) { foreach ($token->getRoles() as $role) { if (PlatformRoles::ADMIN === $role->getRole()) { return true; } } return false; }
private function getVariables(TokenInterface $token, $object) { if (null !== $this->roleHierarchy) { $roles = $this->roleHierarchy->getReachableRoles($token->getRoles()); } else { $roles = $token->getRoles(); } $variables = array('token' => $token, 'user' => $token->getUser(), 'object' => $object, 'roles' => array_map(function ($role) { return $role->getRole(); }, $roles), 'trust_resolver' => $this->trustResolver); // this is mainly to propose a better experience when the expression is used // in an access control rule, as the developer does not know that it's going // to be handled by this voter if ($object instanceof Request) { $variables['request'] = $object; } return $variables; }
/** * @param Request $request * @param TokenInterface $token * * @return RedirectResponse */ public function onAuthenticationSuccess(Request $request, TokenInterface $token) { foreach ($token->getRoles() as $role) { if ('ROLE_ADMIN' == $role->getRole()) { return new RedirectResponse($this->router->generate('admin_start')); } } return new RedirectResponse($this->router->generate('homepage')); }
protected function isIddqd(TokenInterface $token) { foreach ($token->getRoles() as $role) { if (in_array($role->getRole(), $this->iddqdAliases, true)) { return true; } } return false; }
protected function isIddqd(TokenInterface $token) { foreach ($token->getRoles() as $role) { if ('IS_IDDQD' === $role->getRole()) { return true; } } return false; }
public function authenticate(TokenInterface $token) { $user = $token->getUser(); if ($user) { $authenticatedToken = new WordpressUserToken($token->getRoles()); $authenticatedToken->setUser($user); return $authenticatedToken; } throw new AuthenticationException('Wordpress authentication failed.'); }
/** * Retrieves roles from user and appends SwitchUserRole if original token contained one. * * @param UserInterface $user The user * @param TokenInterface $token The token * * @return array The user roles */ private function getRoles(UserInterface $user, TokenInterface $token) { $roles = $user->getRoles(); foreach ($token->getRoles() as $role) { if ($role instanceof SwitchUserRole) { $roles[] = $role; break; } } return $roles; }
/** * Utility function to find role in token * * @param TokenInterface $token * @param $role * @return bool */ public static function hasRole(TokenInterface $token, $role) { if (is_string($role)) { $role = new Role($role); } foreach ($token->getRoles() as $tokenRole) { if ($role->getRole() == $tokenRole->getRole()) { return true; } } }
/** * * @param TokenInterface $token - Array of ACL objects to check * @param string $inputRole - Requested Role * * @return array */ public function getObjectIdsForRole(TokenInterface $token, $inputRole) { $object_ids = array(); $reachable = $this->getRoleHierarchy()->getReachableRoles($token->getRoles()); foreach ($token->getUser()->getAcls() as $acl) { // found an object id for this role if ($acl->getType()->equal($inputRole) || $this->findInMap($acl, $reachable)) { $object_ids[] = $acl->getObjectId(); } } return $object_ids; }
/** * Perform a single access check operation on a given attribute, subject and token. * * @param string $attribute * @param mixed $subject * @param TokenInterface $token * * @return bool */ protected function voteOnAttribute($attribute, $subject, TokenInterface $token) { /* @var $subject SecuredAccessInterface */ if ($subject->isUsernameAllowed($token->getUsername(), $attribute)) { return true; } foreach ($token->getRoles() as $role) { if ($subject->isRoleAllowed($role->getRole(), $attribute)) { return true; } } return false; }
function it_should_log_event(FilterControllerEvent $event, ApiControllerInterface $ctrl, LoggerInterface $logger, SecurityContext $security, Request $request, TokenInterface $token) { $logger->info('API call', Argument::type('array'))->shouldBeCalled(); $token->getRoles()->willReturn([]); $token->getUsername()->willReturn('anon.'); $security->getToken()->willReturn($token); $this->setContext($security); $this->setLogger($logger); $request->getRequestUri()->willReturn('/api/user/1'); $request->getMethod()->willReturn('GET'); $event->getController()->willReturn([$ctrl, 'someAction']); $event->getRequest()->willReturn($request); $this->onKernelController($event); }
private function checkCreation(TokenInterface $token) { $tool = $this->om->getRepository('ClarolineCoreBundle:Tool\\AdminTool')->findOneBy(['name' => 'user_management']); $roles = $tool->getRoles(); $tokenRoles = $token->getRoles(); foreach ($tokenRoles as $tokenRole) { foreach ($roles as $role) { if ($role->getRole() === $tokenRole->getRole()) { return VoterInterface::ACCESS_GRANTED; } } } return VoterInterface::ACCESS_DENIED; }
/** * @param Request $request * @param TokenInterface $token * @return RedirectResponse */ public function onAuthenticationSuccess(Request $request, TokenInterface $token) { // Get list of roles for current user $roles = $token->getRoles(); // Tranform this list in array $rolesTab = array_map(function ($role) { return $role->getRole(); }, $roles); // If is a admin or super admin we redirect to the backoffice area if (in_array('ROLE_ADMIN', $rolesTab, true) || in_array('ROLE_USER', $rolesTab, true)) { $redirection = new RedirectResponse($this->router->generate('mon_annuaire_homepage')); } return $redirection; }
/** * {@inheritDoc} */ public function buildRunAs(TokenInterface $token, $secureObject, array $attributes) { $roles = array(); foreach ($attributes as $attribute) { if ($this->supportsAttribute($attribute)) { $roles[] = new Role($attribute); } } if (0 === count($roles)) { return null; } $roles = array_merge($roles, $token->getRoles()); return new RunAsUserToken($this->key, $token->getUser(), $token->getCredentials(), $roles, $token); }
public function findVisibleFacets(TokenInterface $token) { $roleNames = array(); foreach ($token->getRoles() as $role) { $roleNames[] = $role->getRole(); } //the mighty admin can do anything in our world if (in_array('ROLE_ADMIN', $roleNames)) { return $this->findAll(); } $dql = "\n SELECT facet FROM Claroline\\CoreBundle\\Entity\\Facet\\Facet facet\n JOIN facet.roles role\n WHERE role.name IN (:rolenames)\n "; $query = $this->_em->createQuery($dql); $query->setParameter('rolenames', $roleNames); return $query->getResult(); }
public function onAuthenticationSuccess(Request $request, TokenInterface $token) { // Get list of roles for current user $roles = $token->getRoles(); // Tranform this list in array $rolesTab = array_map(function ($role) { return $role->getRole(); }, $roles); // If is a admin or super admin we redirect to the backoffice area if (in_array('ROLE_ADMIN', $rolesTab, true) || in_array('ROLE_SUPER_ADMIN', $rolesTab, true)) { $redirection = new RedirectResponse($this->router->generate('sonata_admin_dashboard')); } else { $redirection = new RedirectResponse($this->router->generate('sonata_user_profile_show')); } return $redirection; }
/** * @param Request $request * @param TokenInterface $token * @return RedirectResponse */ public function onAuthenticationSuccess(Request $request, TokenInterface $token) { // Get list of roles for current user $roles = $token->getRoles(); // Tranform this list in array $rolesTab = array_map(function ($role) { return $role->getRole(); }, $roles); // If is a qualité, blanchisserie, RH, admin or super admin we redirect to the admin/dashboard area if (in_array('ROLE_ADMIN', $rolesTab, true) || in_array('ROLE_SUPER_ADMIN', $rolesTab, true) || in_array('ROLE_RH', $rolesTab, true) || in_array('ROLE_BLANCHISSERIE', $rolesTab, true) || in_array('ROLE_SERVICE_TECHNIC', $rolesTab, true) || in_array('ROLE_QGDR', $rolesTab, true)) { $redirection = new RedirectResponse($this->router->generate('sonata_admin_dashboard')); } else { $redirection = new RedirectResponse($this->router->generate('iuch_homepage')); } return $redirection; }
/** * @param Request $request * @param TokenInterface $token * @return RedirectResponse */ public function onAuthenticationSuccess(Request $request, TokenInterface $token) { // On récupère la liste des rôles d'un utilisateur $roles = $token->getRoles(); // On transforme le tableau d'instance en tableau simple $rolesTab = array_map(function ($role) { return $role->getRole(); }, $roles); // S'il s'agit d'un admin ou d'un super admin on le redirige vers le backoffice if (in_array('ROLE_ADMIN', $rolesTab, true) || in_array('ROLE_SUPER_ADMIN', $rolesTab, true)) { $redirection = new RedirectResponse($this->router->generate('ecommerce_ajoutcategorie')); } elseif (in_array('ROLE_USER', $rolesTab, true)) { $redirection = new RedirectResponse($this->router->generate('homepage')); } return $redirection; }
public function vote(TokenInterface $token, $object, array $attributes) { if ($object instanceof AdminTool) { $roles = $object->getRoles(); $tokenRoles = $token->getRoles(); foreach ($tokenRoles as $tokenRole) { foreach ($roles as $role) { if ($role->getRole() === $tokenRole->getRole()) { return VoterInterface::ACCESS_GRANTED; } } } return VoterInterface::ACCESS_DENIED; } return VoterInterface::ACCESS_ABSTAIN; }
/** * @param Request $request * @param TokenInterface $token * @return RedirectResponse */ public function onAuthenticationSuccess(Request $request, TokenInterface $token) { // On récupère la liste des rôles d'un utilisateur $roles = $token->getRoles(); // On transforme le tableau d'instance en tableau simple $rolesTab = array_map(function ($role) { return $role->getRole(); }, $roles); if (in_array('ROLE_TEACHER', $rolesTab, true) || in_array('ROLE_ADMIN', $rolesTab, true)) { $redirection = new RedirectResponse($this->router->generate('dashboard.default.index')); } elseif (in_array('ROLE_STUDENT', $rolesTab, true)) { $redirection = new RedirectResponse($this->router->generate('student.fiches.home')); } else { $redirection = new RedirectResponse($this->router->generate('ElyceeBundle.default.index')); } return $redirection; }
/** * @param Request $request * @param TokenInterface $token * @return RedirectResponse */ public function onAuthenticationSuccess(Request $request, TokenInterface $token) { // On récupère la liste des rôles d'un utilisateur $roles = $token->getRoles(); // On transforme le tableau d'instance en tableau simple $rolesTab = array_map(function ($role) { return $role->getRole(); }, $roles); // S'il s'agit d'un admin ou d'un super admin on le redirige vers le backoffice if (in_array('ROLE_PARTICULIER', $rolesTab, true)) { if ($this->session->getDesiredDevis() != null) { return new RedirectResponse($this->router->generate('devis_show', array('id' => $this->session->getDesiredDevis()))); } else { return $this->httpUtils->createRedirectResponse($request, $this->determineTargetUrl($request)); } } }
/** * @param Request $request * @param TokenInterface $token * @return RedirectResponse */ public function onAuthenticationSuccess(Request $request, TokenInterface $token) { // On récupère la liste des rôles d'un utilisateur $roles = $token->getRoles(); // On transforme le tableau d'instance en tableau simple $rolesTab = array_map(function ($role) { return $role->getRole(); }, $roles); // S'il s'agit d'un admin ou d'un super admin on le redirige vers le backoffice if (in_array('FORMATEUR', $rolesTab, true)) { $redirection = new RedirectResponse($this->router->generate('user')); } elseif (in_array('STAGIAIRE', $rolesTab, true)) { $redirection = new RedirectResponse($this->router->generate('currenttest')); } else { $redirection = new RedirectResponse($this->router->generate('login')); } return $redirection; }
/** * @param Request $request * @param TokenInterface $token * @return RedirectResponse */ public function onAuthenticationSuccess(Request $request, TokenInterface $token) { // On récupère la liste des rôles d'un utilisateur $roles = $token->getRoles(); // On transforme le tableau d'instance en tableau simple $rolesTab = array_map(function ($role) { return $role->getRole(); }, $roles); // S'il s'agit d'un admin on le redirige vers l'accueil admin if (in_array('ROLE_SUPER_ADMIN', $rolesTab, true)) { $redirection = new RedirectResponse($this->router->generate('btsappli_utilisateurs_accueilAdmin')); } elseif (in_array('ROLE_ETU', $rolesTab, true)) { $redirection = new RedirectResponse($this->router->generate('btsappli_utilisateurs_accueilEtu')); } else { $redirection = new RedirectResponse($this->router->generate('btsappli_utilisateurs_etudiantNonValide')); } return $redirection; }
public function onAuthenticationSuccess(Request $request, TokenInterface $token) { $session = $request->getSession(); $session->getFlashBag()->add('notice', 'Vous êtes connecté'); // $roles = $token->getRoles(); // $rolesTab = array_map(function ($role) { return $role->getRole(); }, $roles); // if (in_array('ROLE_ADMIN', $rolesTab, true) || in_array('ROLE_AUTEUR', $rolesTab, true)) { $redirection = new RedirectResponse($this->router->generate('admin_accueil')); } else { $redirection = new RedirectResponse($this->router->generate('blog_accueil')); } return $redirection; }
/** * @param Request $request * @param TokenInterface $token * @return RedirectResponse */ public function onAuthenticationSuccess(Request $request, TokenInterface $token) { // On récupère la liste des rôles d'un utilisateur $roles = $token->getRoles(); // On transforme le tableau d'instance en tableau simple $user = $token->getUser(); $rolesTab = array_map(function ($role) { return $role->getRole(); }, $roles); if (in_array('ROLE_TEACHER', $rolesTab, true) || in_array('ROLE_ADMIN', $rolesTab, true)) { $redirection = new RedirectResponse($this->router->generate('teacher.home', array('id' => $user->getId()))); } elseif (in_array('ROLE_STUDENT', $rolesTab, true)) { $redirection = new RedirectResponse($this->router->generate('student.home', array('id' => $user->getId()))); } else { $redirection = new RedirectResponse($this->router->generate('public.home.index')); } return $redirection; }
/** * @param Request $request * @param TokenInterface $token * @return RedirectResponse */ public function onAuthenticationSuccess(Request $request, TokenInterface $token) { // Get list of roles for current user $roles = $token->getRoles(); // Tranform this list in array $rolesTab = array_map(function ($role) { return $role->getRole(); }, $roles); // If is a super admin we redirect to the backoffice area if (in_array('ROLE_SUPER_ADMIN', $rolesTab, true)) { $redirection = new RedirectResponse($this->router->generate('userBundle_backoffice')); } elseif (in_array('ROLE_ADMIN', $rolesTab, true)) { $redirection = new RedirectResponse($this->router->generate('digital_pilot_choiceApp')); } else { $redirection = new RedirectResponse($this->router->generate('digital_pilot_choiceApp')); } return $redirection; }