/** * Check to see if the given permission is granted to the current user (or * anonymous users, if no user resource is available in Pimple. You can optionally * choose to just throw an exception to halt execution when the user doesn't * have the requested permission. This can be convenient when the user * can only reach the point where this permission is checked by circumventing * the normal navigation provided in the UI (e.g. by manipulating the URL). * * @throws Exception * @param string $name * @param boolean $throwExceptionOnFail * @return boolean */ public function can($name, $throwExceptionOnFail = false) { if (!array_key_exists($name, $this->registeredPermissions)) { throw new Exception("Could not find permission with name '{$name}'"); } $can = $this->settings[$name]; if (is_array($can)) { $allowedRoles = $can; $can = false; $user = null; if ($this->component->hasPimpleResource('user')) { $user = $this->component->getPimpleResource('user'); } foreach ($allowedRoles as $role) { if ($user && in_array($role, $this->getUserRoleValues($user))) { $can = true; break; } } } if (!$can && $throwExceptionOnFail) { throw new Exception("Permission denied: {$this->component->getFullyQualifiedName()}/{$name}."); } return $can; }
public function testHasPimpleResourceReturnsFalseWhenInvalidResourceName() { $this->assertFalse($this->component->hasPimpleResource('invalidPimple')); }