/** * @param PrivilegeSubjectInterface|CreateNodePrivilegeSubject|MethodPrivilegeSubject $subject * @return boolean * @throws InvalidPrivilegeTypeException */ public function matchesSubject(PrivilegeSubjectInterface $subject) { if ($subject instanceof CreateNodePrivilegeSubject === FALSE && $subject instanceof MethodPrivilegeSubject === FALSE) { throw new InvalidPrivilegeTypeException(sprintf('Privileges of type "TYPO3\\TYPO3CR\\Security\\Authorization\\Privilege\\Node\\CreateNodePrivilege" only support subjects of type "TYPO3\\TYPO3CR\\Security\\Authorization\\Privilege\\Node\\CreateNodePrivilegeSubject" or "TYPO3\\Flow\\Security\\Method\\MethodPrivilegeSubject", but we got a subject of type: "%s".', get_class($subject)), 1417014353); } $this->initialize(); if ($subject instanceof MethodPrivilegeSubject) { if ($this->methodPrivilege->matchesSubject($subject) === FALSE) { return FALSE; } $joinPoint = $subject->getJoinPoint(); $allowedCreationNodeTypes = $this->nodeContext->getCreationNodeTypes(); $actualNodeType = $joinPoint->getMethodName() === 'createNodeFromTemplate' ? $joinPoint->getMethodArgument('nodeTemplate')->getNodeType()->getName() : $joinPoint->getMethodArgument('nodeType')->getName(); if ($allowedCreationNodeTypes !== array() && !in_array($actualNodeType, $allowedCreationNodeTypes)) { return FALSE; } /** @var NodeInterface $node */ $node = $joinPoint->getProxy(); $nodePrivilegeSubject = new NodePrivilegeSubject($node); $result = parent::matchesSubject($nodePrivilegeSubject); return $result; } if ($this->nodeContext->getCreationNodeTypes() === array() || $subject->hasCreationNodeType() === FALSE || in_array($subject->getCreationNodeType()->getName(), $this->nodeContext->getCreationNodeTypes()) === TRUE) { return parent::matchesSubject($subject); } return FALSE; }
/** * @param PrivilegeSubjectInterface|CreateNodePrivilegeSubject|MethodPrivilegeSubject $subject * @return boolean * @throws InvalidPrivilegeTypeException */ public function matchesSubject(PrivilegeSubjectInterface $subject) { if ($subject instanceof CreateNodePrivilegeSubject === false && $subject instanceof MethodPrivilegeSubject === false) { throw new InvalidPrivilegeTypeException(sprintf('Privileges of type "%s" only support subjects of type "%s" or "%s", but we got a subject of type: "%s".', CreateNodePrivilege::class, CreateNodePrivilegeSubject::class, MethodPrivilegeSubject::class, get_class($subject)), 1417014353); } $this->initialize(); if ($subject instanceof MethodPrivilegeSubject) { if ($this->methodPrivilege->matchesSubject($subject) === false) { return false; } $joinPoint = $subject->getJoinPoint(); $allowedCreationNodeTypes = $this->nodeContext->getCreationNodeTypes(); $actualNodeType = $joinPoint->getMethodName() === 'createNodeFromTemplate' ? $joinPoint->getMethodArgument('nodeTemplate')->getNodeType()->getName() : $joinPoint->getMethodArgument('nodeType')->getName(); if ($allowedCreationNodeTypes !== array() && !in_array($actualNodeType, $allowedCreationNodeTypes)) { return false; } /** @var NodeInterface $node */ $node = $joinPoint->getProxy(); $nodePrivilegeSubject = new NodePrivilegeSubject($node); $result = parent::matchesSubject($nodePrivilegeSubject); return $result; } if ($this->nodeContext->getCreationNodeTypes() === array() || $subject->hasCreationNodeType() === false || in_array($subject->getCreationNodeType()->getName(), $this->nodeContext->getCreationNodeTypes()) === true) { return parent::matchesSubject($subject); } return false; }
/** * @param PrivilegeSubjectInterface|PropertyAwareNodePrivilegeSubject|MethodPrivilegeSubject $subject * @return boolean * @throws InvalidPrivilegeTypeException */ public function matchesSubject(PrivilegeSubjectInterface $subject) { if ($subject instanceof PropertyAwareNodePrivilegeSubject === false && $subject instanceof MethodPrivilegeSubject === false) { throw new InvalidPrivilegeTypeException(sprintf('Privileges of type "%s" only support subjects of type "%s" or "%s", but we got a subject of type: "%s".', ReadNodePropertyPrivilege::class, PropertyAwareNodePrivilegeSubject::class, MethodPrivilegeSubject::class, get_class($subject)), 1417018448); } $this->initialize(); if ($subject instanceof MethodPrivilegeSubject) { if ($this->methodPrivilege->matchesSubject($subject) === false) { return false; } $joinPoint = $subject->getJoinPoint(); // if the context isn't restricted to certain properties, it matches *all* properties if ($this->nodeContext->hasProperties()) { $methodName = $joinPoint->getMethodName(); $actualPropertyName = null; if (isset($this->methodNameToPropertyMapping[$methodName])) { $propertyName = $this->methodNameToPropertyMapping[$methodName]; } else { $propertyName = $joinPoint->getMethodArgument('propertyName'); } if (!in_array($propertyName, $this->nodeContext->getNodePropertyNames())) { return false; } } /** @var NodeInterface $node */ $node = $joinPoint->getProxy(); $nodePrivilegeSubject = new NodePrivilegeSubject($node); return parent::matchesSubject($nodePrivilegeSubject); } if ($subject->hasPropertyName() && in_array($subject->getPropertyName(), $this->nodeContext->getNodePropertyNames()) === false) { return false; } return parent::matchesSubject($subject); }
/** * @param PrivilegeSubjectInterface|NodePrivilegeSubject|MethodPrivilegeSubject $subject * @return boolean * @throws InvalidPrivilegeTypeException */ public function matchesSubject(PrivilegeSubjectInterface $subject) { if (!$subject instanceof NodePrivilegeSubject && !$subject instanceof MethodPrivilegeSubject) { throw new InvalidPrivilegeTypeException(sprintf('Privileges of type "%s" only support subjects of type "%s" or "%s", but we got a subject of type: "%s".', EditNodePrivilege::class, NodePrivilegeSubject::class, MethodPrivilegeSubject::class, get_class($subject)), 1417017239); } $this->initialize(); if ($subject instanceof MethodPrivilegeSubject === TRUE) { if ($this->methodPrivilege->matchesSubject($subject) === FALSE) { return FALSE; } /** @var NodeInterface $node */ $node = $subject->getJoinPoint()->getProxy(); $nodePrivilegeSubject = new NodePrivilegeSubject($node); return parent::matchesSubject($nodePrivilegeSubject); } return parent::matchesSubject($subject); }
/** * @param PrivilegeSubjectInterface|NodePrivilegeSubject|MethodPrivilegeSubject $subject * @return boolean * @throws InvalidPrivilegeTypeException */ public function matchesSubject(PrivilegeSubjectInterface $subject) { if ($subject instanceof NodePrivilegeSubject === false && $subject instanceof MethodPrivilegeSubject === false) { throw new InvalidPrivilegeTypeException(sprintf('Privileges of type "TYPO3\\TYPO3CR\\Security\\Authorization\\Privilege\\Node\\EditNodePrivilege" only support subjects of type "TYPO3\\TYPO3CR\\Security\\Authorization\\Privilege\\Node\\NodePrivilegeSubject" or "TYPO3\\Flow\\Security\\Method\\MethodPrivilegeSubject", but we got a subject of type: "%s".', get_class($subject)), 1417017296); } $this->initialize(); if ($subject instanceof MethodPrivilegeSubject) { if ($this->methodPrivilege->matchesSubject($subject) === false) { return false; } /** @var NodeInterface $node */ $node = $subject->getJoinPoint()->getProxy(); $nodePrivilegeSubject = new NodePrivilegeSubject($node); return parent::matchesSubject($nodePrivilegeSubject); } return parent::matchesSubject($subject); }