/**
* Iterator test
*/
public function testIterator()
{
$resourceCollection = new ResourceCollection([Resource::create('comments.add')->setTitle('Add comments')->setDescription('Add comments description'), Resource::create('comments.edit')->setTitle('Edit comments')->setDescription('Edit comments description')]);
$this->assertEquals($resourceCollection->count(), 2);
while ($resourceCollection->valid()) {
if (0 === $resourceCollection->key()) {
$this->assertEquals($resourceCollection->current()->getTitle(), 'Add comments');
$this->assertEquals($resourceCollection->current()->getDescription(), 'Add comments description');
}
$resourceCollection->next();
}
}
public function testIsGranted()
{
$collection = new ResourceCollection(['comments.add', 'comments.edit']);
$adminRole = new Rbac\Role('admin', ['list_user', Rbac\Resource::create('delete_user')]);
$this->rbac->addRole($adminRole);
$adminRole->setResources($collection);
$this->assertTrue($adminRole->hasResource('comments.add'));
$this->assertTrue($adminRole->hasResource('comments.edit'));
$this->assertFalse($adminRole->hasResource('posts.add'));
$this->assertFalse($this->rbac->isGranted('admin', 'list_user'));
$this->assertFalse($this->rbac->isGranted($adminRole, 'delete_user'));
$notExistsRole = new Rbac\Role('notExistsRole');
$this->setExpectedExceptionRegExp('RuntimeException', sprintf('/Role "%s" does not exists./', preg_quote($notExistsRole->getName(), '/')));
$this->assertTrue($this->rbac->isGranted($notExistsRole->getName(), 'delete_user'));
}
/**
* {@inheritdoc}
*/
public function loadService()
{
if (false === $this->getContainer()->has('auth')) {
$this->getContainer()->set('auth', function () {
$storage = new SessionStorage($this->getContainer()->get('session'));
$userDetails = new UserDetails(function ($userData) {
/** @var RolesTable $rolesTable */
$rolesTable = TableRegistry::get('Users.Roles');
$roles = $rolesTable->find('list', ['keyField' => 'id', 'valueField' => 'name'])->matching('Users', function ($q) use($userData) {
return $q->where(['Users.id' => $userData['id']]);
});
$userData['roles'] = $roles->toArray();
return $userData;
});
$authentication = new Auth($storage, $userDetails);
return $authentication;
});
}
if (false === $this->getContainer()->has('rbac')) {
$this->getContainer()->set('rbac', function () {
$rbac = new Rbac();
/** @var RolesTable $rolesTable */
$rolesTable = TableRegistry::get('Users.Roles');
$roles = $rolesTable->find()->contain('Resources');
/** @var Role $role */
foreach ($roles as $role) {
$resourceCollection = new Rbac\ResourceCollection();
/** @var Resource $resource */
foreach ($role->get('resources') as $resource) {
$resourceCollection->attach(Rbac\Resource::create($resource->get('name'))->setTitle($resource->get('title'))->setDescription($resource->get('description')));
}
$rbac->addRole(Rbac\Role::create($role->get('name'), $resourceCollection)->setTitle($role->get('title'))->setDescription($role->get('description')));
}
return $rbac;
});
}
}
