function it_removes_condition(Permission $permission) { $permission->equals($permission)->willReturn(true); $this->addPermission($permission); $this->hasPermission($permission)->shouldReturn(true); $this->removePermission($permission)->shouldReturn($this); $this->hasPermission($permission)->shouldReturn(false); }
function it_does_not_match_if_step_role_is_not_granted(Transition $transition, Item $item, Context $context, User $user, Permission $permission, ErrorCollection $errorCollection) { $item->isWorkflowStarted()->willReturn(true); $item->getCurrentStepName()->willReturn('step'); $permission->__toString()->willReturn('workflow/permission'); $user->hasPermission($permission)->willReturn(false); $errorCollection->addError(Argument::cetera())->shouldBeCalled(); $this->match($transition, $item, $context, $errorCollection)->shouldReturn(false); }
function it_have_a_permission(Permission $permission) { $permission->equals($permission)->willReturn(false); $this->getPermission()->shouldReturn(null); $this->hasPermission($permission)->shouldReturn(false); $permission->equals($permission)->willReturn(true); $this->setPermission($permission)->shouldReturn($this); $this->hasPermission($permission)->shouldReturn(true); $this->getPermission()->shouldReturn($permission); }
/** * Consider if permission is assigned to transition. * * @param Permission $permission Permission being check. * * @return bool */ public function hasPermission(Permission $permission) { if ($this->permission) { return $this->permission->equals($permission); } return false; }
/** * {@inheritdoc} */ public function match(Transition $transition, Item $item, Context $context, ErrorCollection $errorCollection) { $permission = Permission::forWorkflowName($transition->getWorkflow()->getName(), 'contao-admin'); if ($this->user->hasPermission($permission)) { return true; } return parent::match($transition, $item, $context, $errorCollection); }
/** * Get all permissions of a specific workflow. * * @param \DataContainer $dataContainer The data container driver. * * @return array */ public function getWorkflowPermissions($dataContainer) { if (!$dataContainer->activeRecord || !$dataContainer->activeRecord->pid) { return array(); } $workflow = WorkflowModel::findBy('id', $dataContainer->activeRecord->pid); $options = array(); if ($workflow) { $permissions = deserialize($workflow->permissions, true); foreach ($permissions as $config) { $permission = WorkflowPermission::forWorkflowName($workflow->name, $config['name']); $options[(string) $permission] = $config['label'] ?: $config['name']; } } return $options; }
/** * Add a permission. * * @param string $permissionId The permission id. * @param string $group Permission group. * * @return $this */ public function addPermission($permissionId, $group) { $this->permissions[$group][] = Permission::forWorkflowName($this->workflowModel->name, $permissionId); return $this; }
/** * Create transitions from database. * * @param Workflow $workflow The current workflow. * * @throws DefinitionException If a target step is defined which does not exiss. * * @return void */ private function createTransitions(Workflow $workflow) { $collection = TransitionModel::findByWorkflow($workflow->getConfigValue('id')); if (!$collection) { return; } while ($collection->next()) { /** @var TransitionModel $model */ $model = $collection->current(); $transition = new Transition($model->name, $model->label, array_merge($collection->row(), array(Definition::SOURCE => Definition::SOURCE_DATABASE))); if (!isset($this->steps[$model->stepTo])) { throw new DefinitionException(sprintf('Transition "%s" refers to step "%s" which does not exists.', $transition->getName(), $model->stepTo)); } $transition->setStepTo($this->steps[$model->stepTo]); if ($model->limitPermission) { $transition->setPermission(Permission::fromString($model->permission)); } $workflow->addTransition($transition); $event = new CreateTransitionEvent($transition); $this->getServiceContainer()->getEventDispatcher()->dispatch($event::NAME, $event); $this->transitions[$model->id] = $transition; } }
/** * Add permission to the role. * * @param Role[] $roles Already created roles. * @param string $roleName The role name. * @param Permission $permission The permission name. * @param \User $contaoUser The Contao user. * @param User $user The security user. * * @return Role */ private function addPermissionToRole(&$roles, $roleName, Permission $permission, $contaoUser, User $user) { $workflow = $permission->getWorkflowName(); if (!isset($roles[$workflow])) { $role = new Role($roleName, $permission->getWorkflowName(), $this->translateLabel($roleName), array('user' => $contaoUser)); $roles[$workflow] = $role; $user->assign($role); } $roles[$workflow]->addPermission($permission); return $roles[$workflow]; }
function it_does_not_equals_if_not_the_same_workflow(Permission $permission) { $permission->__toString()->willReturn('workflow2:perm'); $this->equals($permission)->shouldReturn(false); }