Merge de48c02 into 1cb9a02

composer.json

@@ -26,13 +26,13 @@
     "minimum-stability": "dev",
     "require": {
         "php": ">=5.3.3",
-        "zendframework/zend-permissions-acl": "~2.1",
-        "zendframework/zend-mvc":             "~2.1",
-        "zendframework/zend-eventmanager":    "~2.1",
-        "zendframework/zend-servicemanager":  "~2.1",
-        "zendframework/zend-http":            "~2.1",
-        "zendframework/zend-view":            "~2.1",
-        "zendframework/zend-cache":           "~2.1"
+        "zendframework/zend-permissions-acl": "~2.2",
+        "zendframework/zend-mvc":             "~2.2",
+        "zendframework/zend-eventmanager":    "~2.2",
+        "zendframework/zend-servicemanager":  "~2.2",
+        "zendframework/zend-http":            "~2.2",
+        "zendframework/zend-view":            "~2.2",
+        "zendframework/zend-cache":           "~2.2"
     },
     "require-dev": {
         "phpunit/phpunit":                    "~3.7",

src/BjyAuthorize/Guard/AbstractGuard.php

@@ -0,0 +1,91 @@
+<?php
+/**
+ * BjyAuthorize Module (https://github.com/bjyoungblood/BjyAuthorize)
+ *
+ * @link https://github.com/bjyoungblood/BjyAuthorize for the canonical source repository
+ * @license http://framework.zend.com/license/new-bsd New BSD License
+ */
+
+namespace BjyAuthorize\Guard;
+
+use BjyAuthorize\Provider\Rule\ProviderInterface as RuleProviderInterface;
+use BjyAuthorize\Provider\Resource\ProviderInterface as ResourceProviderInterface;
+use \Zend\EventManager\AbstractListenerAggregate;
+use Zend\ServiceManager\ServiceLocatorInterface;
+
+abstract class AbstractGuard extends AbstractListenerAggregate implements
+    GuardInterface,
+    RuleProviderInterface,
+    ResourceProviderInterface
+{
+    /**
+     * @var ServiceLocatorInterface
+     */
+    protected $serviceLocator;
+
+    /**
+     * @var array[]
+     */
+    protected $rules = array();
+
+    /**
+     *
+     * @param array                   $rules
+     * @param ServiceLocatorInterface $serviceLocator
+     */
+    public function __construct(array $rules, ServiceLocatorInterface $serviceLocator)
+    {
+        $this->serviceLocator = $serviceLocator;
+
+        foreach ($rules as $rule) {
+            $rule['roles']  = (array) $rule['roles'];
+            $rule['action'] = isset($rule['action']) ? (array) $rule['action'] : array(null);
+
+            foreach ($this->extractResourcesFromRule($rule) as $resource) {
+                $this->rules[$resource] = array('roles' => (array) $rule['roles']);
+
+                if (isset($rule['assertion'])) {
+                    $this->rules[$resource]['assertion'] = $rule['assertion'];
+                }
+            }
+        }
+    }
+
+    abstract protected function extractResourcesFromRule(array $rule);
+
+    /**
+     * {@inheritDoc}
+     */
+    public function getResources()
+    {
+        $resources = array();
+
+        foreach (array_keys($this->rules) as $resource) {
+            $resources[] = $resource;
+        }
+
+        return $resources;
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    public function getRules()
+    {
+        $rules = array();
+        foreach ($this->rules as $resource => $ruleData) {
+            $rule   = array();
+            $rule[] = $ruleData['roles'];
+            $rule[] = $resource;
+
+            if (isset($ruleData['assertion'])) {
+                $rule[] = null; // no privilege
+                $rule[] = $ruleData['assertion'];
+            }
+
+            $rules[] = $rule;
+        }
+
+        return array('allow' => $rules);
+    }
+}

src/BjyAuthorize/Guard/Controller.php

@@ -9,12 +9,9 @@
 namespace BjyAuthorize\Guard;
 
 use BjyAuthorize\Exception\UnAuthorizedException;
-use BjyAuthorize\Provider\Rule\ProviderInterface as RuleProviderInterface;
-use BjyAuthorize\Provider\Resource\ProviderInterface as ResourceProviderInterface;
 
 use Zend\EventManager\EventManagerInterface;
 use Zend\Mvc\MvcEvent;
-use Zend\ServiceManager\ServiceLocatorInterface;
 use Zend\Http\Request as HttpRequest;
 
 /**
@@ -23,49 +20,25 @@
  *
  * @author Ben Youngblood <bx.youngblood@gmail.com>
  */
-class Controller implements GuardInterface, RuleProviderInterface, ResourceProviderInterface
+class Controller extends AbstractGuard
 {
     /**
      * Marker for invalid route errors
      */
     const ERROR = 'error-unauthorized-controller';
 
-    /**
-     * @var ServiceLocatorInterface
-     */
-    protected $serviceLocator;
-
-    /**
-     * @var array[]
-     */
-    protected $rules = array();
-
-    /**
-     * @var \Zend\Stdlib\CallbackHandler[]
-     */
-    protected $listeners = array();
-
-    /**
-     * @param array                   $rules
-     * @param ServiceLocatorInterface $serviceLocator
-     */
-    public function __construct(array $rules, ServiceLocatorInterface $serviceLocator)
+    protected function extractResourcesFromRule(array $rule)
     {
-        $this->serviceLocator = $serviceLocator;
+        $results        = array();
+        $rule['action'] = isset($rule['action']) ? (array) $rule['action'] : array(null);
 
-        foreach ($rules as $rule) {
-            if (!is_array($rule['roles'])) {
-                $rule['roles'] = array($rule['roles']);
-            }
-
-            $rule['action'] = isset($rule['action']) ? (array) $rule['action'] : array(null);
-
-            foreach ((array) $rule['controller'] as $controller) {
-                foreach ($rule['action'] as $action) {
-                    $this->rules[$this->getResourceName($controller, $action)] = $rule['roles'];
-                }
+        foreach ((array) $rule['controller'] as $controller) {
+            foreach ($rule['action'] as $action) {
+                $results[] = $this->getResourceName($controller, $action);
             }
         }
+
+        return $results;
     }
 
     /**
@@ -76,45 +49,6 @@ public function attach(EventManagerInterface $events)
         $this->listeners[] = $events->attach(MvcEvent::EVENT_ROUTE, array($this, 'onDispatch'), -1000);
     }
 
-    /**
-     * {@inheritDoc}
-     */
-    public function detach(EventManagerInterface $events)
-    {
-        foreach ($this->listeners as $index => $listener) {
-            if ($events->detach($listener)) {
-                unset($this->listeners[$index]);
-            }
-        }
-    }
-
-    /**
-     * {@inheritDoc}
-     */
-    public function getResources()
-    {
-        $resources = array();
-
-        foreach (array_keys($this->rules) as $resource) {
-            $resources[] = $resource;
-        }
-
-        return $resources;
-    }
-
-    /**
-     * {@inheritDoc}
-     */
-    public function getRules()
-    {
-        $rules = array();
-        foreach ($this->rules as $resource => $roles) {
-            $rules[] = array($roles, $resource);
-        }
-
-        return array('allow' => $rules);
-    }
-
     /**
      * Retrieves the resource name for a given controller
      *

src/BjyAuthorize/Guard/Route.php

@@ -9,56 +9,26 @@
 namespace BjyAuthorize\Guard;
 
 use BjyAuthorize\Exception\UnAuthorizedException;
-use BjyAuthorize\Provider\Rule\ProviderInterface as RuleProviderInterface;
-use BjyAuthorize\Provider\Resource\ProviderInterface as ResourceProviderInterface;
 
 use Zend\EventManager\EventManagerInterface;
 use Zend\Mvc\MvcEvent;
-use Zend\ServiceManager\ServiceLocatorInterface;
 
 /**
  * Route Guard listener, allows checking of permissions
  * during {@see \Zend\Mvc\MvcEvent::EVENT_ROUTE}
  *
  * @author Ben Youngblood <bx.youngblood@gmail.com>
  */
-class Route implements GuardInterface, RuleProviderInterface, ResourceProviderInterface
+class Route extends AbstractGuard
 {
     /**
      * Marker for invalid route errors
      */
     const ERROR = 'error-unauthorized-route';
 
-    /**
-     * @var ServiceLocatorInterface
-     */
-    protected $serviceLocator;
-
-    /**
-     * @var array[]
-     */
-    protected $rules = array();
-
-    /**
-     * @var \Zend\Stdlib\CallbackHandler[]
-     */
-    protected $listeners = array();
-
-    /**
-     * @param array                   $rules
-     * @param ServiceLocatorInterface $serviceLocator
-     */
-    public function __construct(array $rules, ServiceLocatorInterface $serviceLocator)
+    protected function extractResourcesFromRule(array $rule)
     {
-        $this->serviceLocator = $serviceLocator;
-
-        foreach ($rules as $rule) {
-            if (!is_array($rule['roles'])) {
-                $rule['roles'] = array($rule['roles']);
-            }
-
-            $this->rules['route/' . $rule['route']] = $rule['roles'];
-        }
+        return array('route/' . $rule['route']);
     }
 
     /**
@@ -69,46 +39,6 @@ public function attach(EventManagerInterface $events)
         $this->listeners[] = $events->attach(MvcEvent::EVENT_ROUTE, array($this, 'onRoute'), -1000);
     }
 
-    /**
-     * {@inheritDoc}
-     */
-    public function detach(EventManagerInterface $events)
-    {
-        foreach ($this->listeners as $index => $listener) {
-            if ($events->detach($listener)) {
-                unset($this->listeners[$index]);
-            }
-        }
-    }
-
-    /**
-     * {@inheritDoc}
-     */
-    public function getResources()
-    {
-        $resources = array();
-
-        foreach (array_keys($this->rules) as $resource) {
-            $resources[] = $resource;
-        }
-
-        return $resources;
-    }
-
-    /**
-     * {@inheritDoc}
-     */
-    public function getRules()
-    {
-        $rules = array();
-
-        foreach ($this->rules as $resource => $roles) {
-            $rules[] = array($roles, $resource);
-        }
-
-        return array('allow' => $rules);
-    }
-
     /**
      * Event callback to be triggered on dispatch, causes application error triggering
      * in case of failed authorization check
@@ -119,6 +49,7 @@ public function getRules()
      */
     public function onRoute(MvcEvent $event)
     {
+        /* @var $service \BjyAuthorize\Service\Authorize */
         $service    = $this->serviceLocator->get('BjyAuthorize\Service\Authorize');
         $match      = $event->getRouteMatch();
         $routeName  = $match->getMatchedRouteName();