/** * {@inheritdoc} */ public function isAllowed($role, $resource, $privilege) { if ($role instanceof IRole) { $role = $role->getRoleId(); } if (!$resource instanceof PresenterResource) { throw new \Ark8\Security\Exceptions\SkipException(sprintf('Resource must be instance of %s, %s given.', PresenterResource::class, gettype($resource))); } $request = $resource->getRequest(); $presenterName = $request->getPresenterName(); list($signal, $signalReceiver) = $this->getSignal($request); if (!$signal) { throw new \Ark8\Security\Exceptions\SkipException(sprintf('No signal sent.')); } $refClass = new PresenterComponentReflection($class = $this->presenterFactory->getPresenterClass($presenterName)); while ($name = array_shift($signalReceiver)) { $name = 'createComponent' . ucfirst($name); if (!$refClass->hasMethod($name)) { throw new \Nette\InvalidStateException(sprintf('Method %s::%s is not implemented.', $refClass->getName(), $name)); } $refMethod = $refClass->getMethod($name); if (!$refMethod->hasAnnotation('return')) { throw new \Nette\InvalidStateException(sprintf('Method %s::%s must have fully qualified return annotation.', $refClass->getName(), $name)); } $refClass = new ClassType($refMethod->getAnnotation('return')); } if (!$refClass->hasMethod($name = Presenter::formatSignalMethod($signal))) { throw new \Ark8\Security\Exceptions\SkipException(sprintf('Method %s::%s is not implemented.', $refClass->getName(), $name)); } $refMethod = $refClass->getMethod($name); if (!$refMethod->hasAnnotation($privilege)) { throw new \Ark8\Security\Exceptions\SkipException(sprintf('Method %s::%s does not have annotation %s.', $refClass->getName(), $name, $privilege)); } return in_array($role, preg_split('#\\s+#', trim((string) $refMethod->getAnnotation($privilege)))); }
/** * Request/URL factory. * @param PresenterComponent base * @param string destination in format "[//] [[[module:]presenter:]action | signal! | this] [#fragment]" * @param array array of arguments * @param string forward|redirect|link * @return string URL * @throws InvalidLinkException * @internal */ protected function createRequest($component, $destination, array $args, $mode) { // note: createRequest supposes that saveState(), run() & tryCall() behaviour is final $this->lastCreatedRequest = $this->lastCreatedRequestFlag = NULL; // PARSE DESTINATION // 1) fragment $a = strpos($destination, '#'); if ($a === FALSE) { $fragment = ''; } else { $fragment = substr($destination, $a); $destination = substr($destination, 0, $a); } // 2) ?query syntax $a = strpos($destination, '?'); if ($a !== FALSE) { parse_str(substr($destination, $a + 1), $args); $destination = substr($destination, 0, $a); } // 3) URL scheme $a = strpos($destination, '//'); if ($a === FALSE) { $scheme = FALSE; } else { $scheme = substr($destination, 0, $a); $destination = substr($destination, $a + 2); } // 4) signal or empty if (!$component instanceof self || substr($destination, -1) === '!') { $signal = rtrim($destination, '!'); $a = strrpos($signal, ':'); if ($a !== FALSE) { $component = $component->getComponent(strtr(substr($signal, 0, $a), ':', '-')); $signal = (string) substr($signal, $a + 1); } if ($signal == NULL) { // intentionally == throw new InvalidLinkException('Signal must be non-empty string.'); } $destination = 'this'; } if ($destination == NULL) { // intentionally == throw new InvalidLinkException('Destination must be non-empty string.'); } // 5) presenter: action $current = FALSE; $a = strrpos($destination, ':'); if ($a === FALSE) { $action = $destination === 'this' ? $this->action : $destination; $presenter = $this->getName(); $presenterClass = get_class($this); } else { $action = (string) substr($destination, $a + 1); if ($destination[0] === ':') { // absolute if ($a < 2) { throw new InvalidLinkException("Missing presenter name in '{$destination}'."); } $presenter = substr($destination, 1, $a - 1); } else { // relative $presenter = $this->getName(); $b = strrpos($presenter, ':'); if ($b === FALSE) { // no module $presenter = substr($destination, 0, $a); } else { // with module $presenter = substr($presenter, 0, $b + 1) . substr($destination, 0, $a); } } if (!$this->presenterFactory) { throw new Nette\InvalidStateException('Unable to create link to other presenter, service PresenterFactory has not been set.'); } try { $presenterClass = $this->presenterFactory->getPresenterClass($presenter); } catch (Application\InvalidPresenterException $e) { throw new InvalidLinkException($e->getMessage(), NULL, $e); } } // PROCESS SIGNAL ARGUMENTS if (isset($signal)) { // $component must be IStatePersistent $reflection = new PresenterComponentReflection(get_class($component)); if ($signal === 'this') { // means "no signal" $signal = ''; if (array_key_exists(0, $args)) { throw new InvalidLinkException("Unable to pass parameters to 'this!' signal."); } } elseif (strpos($signal, self::NAME_SEPARATOR) === FALSE) { // counterpart of signalReceived() & tryCall() $method = $component->formatSignalMethod($signal); if (!$reflection->hasCallableMethod($method)) { throw new InvalidLinkException("Unknown signal '{$signal}', missing handler {$reflection->getName()}::{$method}()"); } if ($args) { // convert indexed parameters to named self::argsToParams(get_class($component), $method, $args); } } // counterpart of IStatePersistent if ($args && array_intersect_key($args, $reflection->getPersistentParams())) { $component->saveState($args); } if ($args && $component !== $this) { $prefix = $component->getUniqueId() . self::NAME_SEPARATOR; foreach ($args as $key => $val) { unset($args[$key]); $args[$prefix . $key] = $val; } } } // PROCESS ARGUMENTS if (is_subclass_of($presenterClass, __CLASS__)) { if ($action === '') { $action = self::DEFAULT_ACTION; } $current = ($action === '*' || strcasecmp($action, $this->action) === 0) && $presenterClass === get_class($this); $reflection = new PresenterComponentReflection($presenterClass); if ($args || $destination === 'this') { // counterpart of run() & tryCall() $method = $presenterClass::formatActionMethod($action); if (!$reflection->hasCallableMethod($method)) { $method = $presenterClass::formatRenderMethod($action); if (!$reflection->hasCallableMethod($method)) { $method = NULL; } } // convert indexed parameters to named if ($method === NULL) { if (array_key_exists(0, $args)) { throw new InvalidLinkException("Unable to pass parameters to action '{$presenter}:{$action}', missing corresponding method."); } } elseif ($destination === 'this') { self::argsToParams($presenterClass, $method, $args, $this->params); } else { self::argsToParams($presenterClass, $method, $args); } } // counterpart of IStatePersistent if ($args && array_intersect_key($args, $reflection->getPersistentParams())) { $this->saveState($args, $reflection); } if ($mode === 'redirect') { $this->saveGlobalState(); } $globalState = $this->getGlobalState($destination === 'this' ? NULL : $presenterClass); if ($current && $args) { $tmp = $globalState + $this->params; foreach ($args as $key => $val) { if (http_build_query([$val]) !== (isset($tmp[$key]) ? http_build_query([$tmp[$key]]) : '')) { $current = FALSE; break; } } } $args += $globalState; } // ADD ACTION & SIGNAL & FLASH if ($action) { $args[self::ACTION_KEY] = $action; } if (!empty($signal)) { $args[self::SIGNAL_KEY] = $component->getParameterId($signal); $current = $current && $args[self::SIGNAL_KEY] === $this->getParameter(self::SIGNAL_KEY); } if (($mode === 'redirect' || $mode === 'forward') && $this->hasFlashSession()) { $args[self::FLASH_KEY] = $this->getParameter(self::FLASH_KEY); } $this->lastCreatedRequest = new Application\Request($presenter, Application\Request::FORWARD, $args, [], []); $this->lastCreatedRequestFlag = ['current' => $current]; if ($mode === 'forward' || $mode === 'test') { return; } // CONSTRUCT URL static $refUrl; if ($refUrl === NULL) { $refUrl = new Http\Url($this->httpRequest->getUrl()); $refUrl->setPath($this->httpRequest->getUrl()->getScriptPath()); } if (!$this->router) { throw new Nette\InvalidStateException('Unable to generate URL, service Router has not been set.'); } $url = $this->router->constructUrl($this->lastCreatedRequest, $refUrl); if ($url === NULL) { unset($args[self::ACTION_KEY]); $params = urldecode(http_build_query($args, NULL, ', ')); throw new InvalidLinkException("No route for {$presenter}:{$action}({$params})"); } // make URL relative if possible if ($mode === 'link' && $scheme === FALSE && !$this->absoluteUrls) { $hostUrl = $refUrl->getHostUrl() . '/'; if (strncmp($url, $hostUrl, strlen($hostUrl)) === 0) { $url = substr($url, strlen($hostUrl) - 1); } } return $url . $fragment; }