/** * Check if this assertion is true * * @param AuthorizationResult $authorization * @param mixed $context * @throws RuntimeException * @throws InvalidArgumentException * @return bool */ public function assert(AuthorizationResult $authorization, $context = null) { if ($context === null) { $instance = null; } elseif ($context instanceof InstanceProviderInterface) { $instance = $context->getInstance(); if (!is_object($instance)) { throw new RuntimeException(sprintf('%s provides an instance of null', get_class($context))); } } elseif ($context instanceof InstanceInterface) { $instance = $context; } else { throw new InvalidArgumentException(sprintf('Expected null, InstanceProviderInterface or InstanceInterface but got %s', is_object($context) ? get_class($context) : gettype($context))); } $permissionToCheck = $authorization->getPermission(); $rolesToCheck = $this->flattenRoles($authorization->getRoles()); $permissions = $this->permissionService->findParametrizedPermissions($permissionToCheck, 'instance', $instance); if ($this->isGranted($rolesToCheck, $permissions)) { return true; } // Not found..well, that's unfortunate! Let's check if it's satisfiable with global permissions if ($instance !== null) { $permissions = $this->permissionService->findParametrizedPermissions($permissionToCheck, 'instance', null); if ($this->isGranted($rolesToCheck, $permissions)) { return true; } } return false; }
/** * Check if this assertion is true * * @param AuthorizationResult $authorization * @param mixed $context * @return bool * @throws InvalidArgumentException */ public function assert(AuthorizationResult $authorization, $context = null) { if ($context instanceof PageRepositoryInterface) { } elseif ($context instanceof PageRevisionInterface) { $context = $context->getRepository(); } else { throw new InvalidArgumentException(); } $flattened = $this->flattenRoles($authorization->getRoles()); foreach ($context->getRoles() as $role) { if (in_array($role, $flattened)) { return true; } } return false; }