/** * Runs security to check, if user is authorized correctly * * @param SecurityCommand $securityCommand * */ public function authorize(SecurityCommand $securityCommand) { /** @var UserFactory $userFactory */ $userFactory = $this->container->getUserFactory($securityCommand->userFactory()); $user = $userFactory->create(); /** @var ResourceFactory $resourceFactory */ if (!is_null($securityCommand->resourceFactory())) { $resourceFactory = $this->container->getResourceFactory($securityCommand->resourceFactory()); $resource = $resourceFactory->create(); } /** @var SecurityType $securityType */ $securityType = $this->container->getSecurityType($securityCommand->securityType()); $policiesList = array(); foreach ($securityCommand->policies() as $policy) { $policiesList[] = $this->container->getSecurityPolicy($policy); } $expression = $securityCommand->expression() ? new Expression($securityCommand->expression()) : new EmptyExpression(); $securityType->execute($expression, $user, isset($resource) ? $resource : null, $policiesList); }
/** * @When user tries to modify */ public function userTriesToModify() { $this->applicationCore->initialize($this->container, new \Dgafka\AuthorizationSecurity\Infrastructure\ExpressionReader(new \Symfony\Component\ExpressionLanguage\ExpressionLanguage()), function () { return new \Dgafka\AuthorizationSecurity\Domain\Security\Type\StandardSecurity(); }); try { $securityAPI = $this->container->get('security'); $securityCommand = new \Dgafka\AuthorizationSecurity\Application\Api\SecurityCommand($this->securityName, $this->securityName, null, $this->securityName); $securityAPI->authorize($securityCommand); $this->securityCheckResult = 1; } catch (\Dgafka\AuthorizationSecurity\Domain\Security\SecurityAccessDenied $e) { $this->securityCheckResult = 0; } }
public function it_should_register_new_options(DIContainer $container, ExpressionReader $expressionReader, ExpressionFunction $expressionFunction) { $this->config->debugMode()->willReturn(false); $this->config->includePaths()->willReturn(array()); $this->config->cachePath()->willReturn('/home/cache'); $closure = function () { return 1; }; $this->registerExpressionFunction($expressionFunction); $this->registerExpressionFunction($expressionFunction); $this->registerSecurityType('security1', $closure); $this->registerSecurityType('security2', $closure); $this->registerSecurityPolicy('policy1', $closure); $this->registerSecurityPolicy('policy2', $closure); $this->registerUserFactory('user1', $closure); $this->registerUserFactory('user2', $closure); $this->registerResourceFactory('resource1', $closure); $this->registerResourceFactory('resource2', $closure); $container->register('expressionReader', $expressionReader)->shouldBeCalledTimes(1); $container->registerSecurityType('standard', Argument::type('callable'))->shouldBeCalledTimes(1); $container->register('security', Argument::type('Dgafka\\AuthorizationSecurity\\Application\\Api\\Security'))->shouldBeCalledTimes(1); $container->register('cachePath', '/home/cache')->shouldBeCalledTimes(1); $container->register('includePaths', array())->shouldBeCalledTimes(1); $container->register('debugMode', false)->shouldBeCalledTimes(1); $container->registerSecurityType('security1', Argument::type('callable'))->shouldBeCalledTimes(1); $container->registerSecurityType('security2', Argument::type('callable'))->shouldBeCalledTimes(1); $container->registerSecurityPolicy('policy1', Argument::type('callable'))->shouldBeCalledTimes(1); $container->registerSecurityPolicy('policy2', Argument::type('callable'))->shouldBeCalledTimes(1); $container->registerUserFactory('user1', Argument::type('callable'))->shouldBeCalledTimes(1); $container->registerUserFactory('user2', Argument::type('callable'))->shouldBeCalledTimes(1); $container->registerResourceFactory('resource1', Argument::type('callable'))->shouldBeCalledTimes(1); $container->registerResourceFactory('resource2', Argument::type('callable'))->shouldBeCalledTimes(1); $expressionReader->registerFunction($expressionFunction)->shouldBeCalledTimes(2); $this->initialize($container, $expressionReader, $closure); $this->initialize($container, $expressionReader, $closure); }
/** * Initialize application, should not be called directly. * * @param DIContainer $container * @param ExpressionReader $expressionReader * * @throws RuntimeException * @internal */ public function initialize(DIContainer $container, ExpressionReader $expressionReader) { if ($this->isLoaded) { return; } $container->register('expressionReader', $expressionReader); $container->register('security', new Security($container)); $container->registerSecurityType('standard', function () { return new StandardSecurity(); }); $container->register('cachePath', $this->config()->cachePath()); $container->register('debugMode', $this->config()->debugMode()); $container->register('includePaths', $this->config()->includePaths()); foreach ($this->expressionFunctions as $expressionFunction) { $expressionReader->registerFunction($expressionFunction); } foreach ($this->securityTypes as $type) { $container->registerSecurityType($type['name'], $type['closure']); } foreach ($this->securityPolicies as $policy) { $container->registerSecurityPolicy($policy['name'], $policy['closure']); } foreach ($this->userFactories as $userFactory) { $container->registerUserFactory($userFactory['name'], $userFactory['closure']); } foreach ($this->resourceFactories as $resourceFactory) { $container->registerResourceFactory($resourceFactory['name'], $resourceFactory['closure']); } $this->isLoaded = true; }