/** * @return JsonResponse */ public function getAction() { $securityFacade = $this->securityFacade; $annotations = $this->aclProvider->getAnnotations(); $result = []; foreach ($annotations as $annotation) { $result[$annotation->getId()] = $securityFacade->isGranted($annotation->getId()); } return new JsonResponse($result); }
public function testCache() { $this->loader->expects($this->exactly(2))->method('load'); $this->cache->expects($this->at(0))->method('fetch'); $this->cache->expects($this->at(1))->method('save'); $this->cache->expects($this->at(2))->method('delete'); $this->cache->expects($this->at(3))->method('fetch'); $this->provider->warmUpCache(); $this->provider->clearCache(); $this->assertNull($this->provider->findAnnotationById('unknown')); }
/** * Checks if an access to a resource is granted to the caller * * @param string|string[] $attributes Can be a role name(s), permission name(s), an ACL annotation id * or something else, it depends on registered security voters * @param mixed $object A domain object, object identity or object identity descriptor (id:type) * @return bool */ public function isGranted($attributes, $object = null) { if ($object === null && is_string($attributes) && ($annotation = $this->annotationProvider->findAnnotationById($attributes))) { $this->logger->debug(sprintf('Check an access using "%s" ACL annotation.', $annotation->getId())); $isGranted = $this->authorizationChecker->isGranted($annotation->getPermission(), $this->objectIdentityFactory->get($annotation)); } elseif (is_string($object)) { $isGranted = $this->authorizationChecker->isGranted($attributes, $this->objectIdentityFactory->get($object)); } else { $isGranted = $this->authorizationChecker->isGranted($attributes, $object); } return $isGranted; }
/** * Loads metadata and save them in cache */ protected function loadMetadata() { $data = array(); foreach ($this->annotationProvider->getAnnotations('action') as $annotation) { $data[$annotation->getId()] = new ActionMetadata($annotation->getId(), $annotation->getGroup(), $annotation->getLabel()); } if ($this->cache) { $this->cache->save(self::CACHE_KEY, $data); } $this->localCache = $data; }
/** * Makes sure that metadata are loaded */ protected function ensureMetadataLoaded() { if ($this->localCache === null) { $data = null; if ($this->cache) { $data = $this->cache->fetch(self::CACHE_KEY); } if (!$data) { $data = []; foreach ($this->annotationProvider->getAnnotations('action') as $annotation) { $data[$annotation->getId()] = new ActionMetadata($annotation->getId(), $annotation->getGroup(), $annotation->getLabel()); } if ($this->cache) { $this->cache->save(self::CACHE_KEY, $data); } } $this->localCache = $data; } }
/** * Checks if an access to a resource is granted to the caller * * @param string|string[] $attributes Can be a role name(s), permission name(s), an ACL annotation id, * string in format "permission;descriptor" * (VIEW;entity:AcmeDemoBundle:AcmeEntity, EDIT;action:acme_action) * or something else, it depends on registered security voters * @param mixed $object A domain object, object identity or object identity descriptor (id:type) * (entity:Acme/DemoBundle/Entity/AcmeEntity, action:some_action) * * @return bool */ public function isGranted($attributes, $object = null) { if (is_string($attributes) && ($annotation = $this->annotationProvider->findAnnotationById($attributes))) { if ($object === null) { $this->logger->debug(sprintf('Check class based an access using "%s" ACL annotation.', $annotation->getId())); $isGranted = $this->securityContext->isGranted($annotation->getPermission(), $this->objectIdentityFactory->get($annotation)); } else { $this->logger->debug(sprintf('Check object based an access using "%s" ACL annotation.', $annotation->getId())); $isGranted = $this->securityContext->isGranted($annotation->getPermission(), $object); } } elseif (is_string($object)) { $isGranted = $this->securityContext->isGranted($attributes, $this->objectIdentityFactory->get($object)); } else { if (is_string($attributes) && $object == null) { $delimiter = strpos($attributes, ';'); if ($delimiter) { $object = substr($attributes, $delimiter + 1); $attributes = substr($attributes, 0, $delimiter); } } $isGranted = $this->securityContext->isGranted($attributes, $object); } return $isGranted; }
public function testCache() { // Called when: warmUpCache, findAnnotationById, warmUpCache $this->loader->expects($this->exactly(3))->method('load'); // First warmUpCache $this->cache->expects($this->at(0))->method('save')->with(AclAnnotationProvider::CACHE_KEY); // clearCache $this->cache->expects($this->at(1))->method('delete')->with(AclAnnotationProvider::CACHE_KEY); // First findAnnotationById $this->cache->expects($this->at(2))->method('fetch')->with(AclAnnotationProvider::CACHE_KEY); $this->cache->expects($this->at(3))->method('save')->with(AclAnnotationProvider::CACHE_KEY); // Second warmUpCache $this->cache->expects($this->at(4))->method('save')->with(AclAnnotationProvider::CACHE_KEY); $this->provider->warmUpCache(); $this->provider->clearCache(); $this->assertNull($this->provider->findAnnotationById('unknown')); $this->provider->warmUpCache(); $this->assertNull($this->provider->findAnnotationById('unknown')); }
/** * {inheritdoc} */ public function clear($cacheDir) { $this->provider->clearCache(); }
/** * {inheritdoc} */ public function warmUp($cacheDir) { $this->provider->warmUpCache(); }