/** * @param \Generated\Shared\Transfer\RuleTransfer $rule * @param string $bundle * @param string $controller * @param string $action * * @return bool */ public function assert(RuleTransfer $rule, $bundle, $controller, $action) { if (($rule->getBundle() === $bundle || $rule->getBundle() === AclConstants::VALIDATOR_WILDCARD) && ($rule->getController() === $controller || $rule->getController() === AclConstants::VALIDATOR_WILDCARD) && ($rule->getAction() === $action || $rule->getAction() === AclConstants::VALIDATOR_WILDCARD)) { return true; } return false; }
/** * @throws \Spryker\Zed\Acl\Business\Exception\RoleNotFoundException * * @return void */ private function addRules() { foreach ($this->config->getInstallerRules() as $rule) { $role = $this->role->getByName($rule['role']); if (!$role) { throw new RoleNotFoundException(); } if (!$this->rule->existsRoleRule($role->getIdAclRole(), $rule['bundle'], $rule['controller'], $rule['action'], $rule['type'])) { $ruleTransfer = new RuleTransfer(); $ruleTransfer->fromArray($rule, true); $ruleTransfer->setFkAclRole($role->getIdAclRole()); $this->rule->addRule($ruleTransfer); } } }
/** * @return void */ public function testCheckPermissionWildcards() { $groupData = $this->mockGroupData(); $groupDto = $this->facade->addGroup($groupData['name'], $this->rolesTransfer); $roleData = $this->mockRoleData(); $roleDto = $this->facade->addRole($roleData['name']); $this->facade->addRoleToGroup($roleDto->getIdAclRole(), $groupDto->getIdAclGroup()); $ruleData[] = $this->mockRuleData('allow', $roleDto->getIdAclRole()); $ruleData[] = $this->mockRuleData('deny', $roleDto->getIdAclRole()); $userData = $this->mockUserData(); $userDto = $this->mockAddUser($userData); $added = $this->facade->addUserToGroup($userDto->getIdUser(), $groupDto->getIdAclGroup()); $this->assertEquals($added, 1); foreach ($ruleData as $current) { $ruleTransfer = new RuleTransfer(); $ruleTransfer->fromArray($current, true); $ruleTransfer->setBundle('*'); $ruleTransfer->setFkAclRole($roleDto->getIdAclRole()); $this->facade->addRule($ruleTransfer); $shouldAllow = $current['type'] === 'allow' ? true : false; $canAccess = $this->facade->checkAccess($userDto, $current['bundle'], $current['controller'], $current['action']); $this->assertEquals($shouldAllow, $canAccess); } }
/** * @return void */ protected function provideUserRuleWhitelist() { $ruleWhitelist = $this->config->getUserRuleWhitelist(); foreach ($ruleWhitelist as $rule) { $rulesTransfer = new RuleTransfer(); $rulesTransfer->fromArray($rule, true); $this->rulesValidator->addRule($rulesTransfer); } }
/** * @param int $idAclRole * * @return array */ public function getData($idAclRole) { $ruleTransfer = new RuleTransfer(); $ruleTransfer->setFkAclRole($idAclRole); return $ruleTransfer->toArray(); }