Skip to content
This repository has been archived by the owner on Jan 8, 2020. It is now read-only.

[ZF3] Rbac component cleaning #5231

Closed
wants to merge 18 commits into from
Closed

[ZF3] Rbac component cleaning #5231

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
46a754a
Update Rbac for ZF3
bakura10 Oct 5, 2013
f232a10
CS fix
bakura10 Oct 5, 2013
76a8b4b
Ensure role only have roleinterface instances and more tests
bakura10 Oct 5, 2013
aeb9f75
Not throw exception if cannot find role
bakura10 Oct 10, 2013
db3774f
Rewrite
bakura10 Dec 11, 2013
9523e9b
Store permission
bakura10 Dec 11, 2013
ddb7b91
Allow to add role by name
bakura10 Dec 11, 2013
131f8f1
no no, it must
bakura10 Dec 11, 2013
a6a8d7b
Fix tests and add new ones
bakura10 Dec 11, 2013
7382608
Remove parent
bakura10 Dec 11, 2013
d655040
Please everyone
bakura10 Dec 11, 2013
73648d2
Revert naming
bakura10 Dec 11, 2013
d2da093
Add tests
bakura10 Dec 11, 2013
703b6a0
Add optimization
bakura10 Dec 11, 2013
687566d
Fix
bakura10 Dec 11, 2013
726a18e
Remove features
bakura10 Dec 11, 2013
e238abc
update comment
bakura10 Dec 11, 2013
50b64e4
no need that now
bakura10 Dec 12, 2013
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
100 changes: 0 additions & 100 deletions library/Zend/Permissions/Rbac/AbstractIterator.php
View file
Open in desktop

This file was deleted.

67 changes: 47 additions & 20 deletions library/Zend/Permissions/Rbac/AbstractRole.php
View file
Open in desktop
Expand Up @@ -9,15 +9,21 @@

namespace Zend\Permissions\Rbac;

use RecursiveArrayIterator;
use RecursiveIteratorIterator;

abstract class AbstractRole extends AbstractIterator implements RoleInterface
abstract class AbstractRole implements RoleInterface
{
/**
* @var null|RoleInterface
*/
protected $parent;

/**
* @var array|RoleInterface[]
*/
protected $children = array();

/**
* @var string
*/
Expand All @@ -41,14 +47,12 @@ public function getName()
/**
* Add permission to the role.
*
* @param $name
* @return RoleInterface
* @param string $name
* @return void
*/
public function addPermission($name)
{
$this->permissions[$name] = true;

return $this;
$this->permissions[(string)$name] = true;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

space after cast :D

}

/**
Expand All @@ -63,8 +67,9 @@ public function hasPermission($name)
return true;
}

$it = new RecursiveIteratorIterator($this, RecursiveIteratorIterator::CHILD_FIRST);
foreach ($it as $leaf) {
$iteratorIterator = new RecursiveIteratorIterator($this, RecursiveIteratorIterator::CHILD_FIRST);

foreach ($iteratorIterator as $leaf) {
/** @var RoleInterface $leaf */
if ($leaf->hasPermission($name)) {
return true;
Expand All @@ -74,17 +79,40 @@ public function hasPermission($name)
return false;
}

/**
* Set parent role
*
* @param RoleInterface $parent
* @return void
*/
public function setParent(RoleInterface $parent)
{
$this->parent = $parent;
}

/**
* Get parent role
*
* @return null|RoleInterface
*/
public function getParent()
{
return $this->parent;
}

/**
* Add a child.
*
* @param RoleInterface|string $child
* @return Role
* @return void
* @throws Exception\InvalidArgumentException
*/
public function addChild($child)
{
if (is_string($child)) {
$child = new Role($child);
}

if (!$child instanceof RoleInterface) {
throw new Exception\InvalidArgumentException(
'Child must be a string or implement Zend\Permissions\Rbac\RoleInterface'
Expand All @@ -93,26 +121,25 @@ public function addChild($child)

$child->setParent($this);
$this->children[] = $child;

return $this;
}

/**
* @param RoleInterface $parent
* @return RoleInterface
* Get children roles
*
* @return array|RoleInterface[]
*/
public function setParent($parent)
public function getChildren()
{
$this->parent = $parent;

return $this;
return $this->children;
}

/**
* @return null|RoleInterface
* Implement the IteratorAggregate interface
*
* @return \Traversable
*/
public function getParent()
public function getIterator()
{
return $this->parent;
return new RecursiveArrayIterator($this->children);
}
}
2 changes: 1 addition & 1 deletion library/Zend/Permissions/Rbac/AssertionInterface.php
View file
Open in desktop
Expand Up @@ -14,7 +14,7 @@ interface AssertionInterface
/**
* Assertion method - must return a boolean.
*
* @param Rbac $rbac
* @param Rbac $rbac
* @return bool
*/
public function assert(Rbac $rbac);
Expand Down
62 changes: 35 additions & 27 deletions library/Zend/Permissions/Rbac/Rbac.php
View file
Open in desktop
Expand Up @@ -9,30 +9,39 @@

namespace Zend\Permissions\Rbac;

use RecursiveArrayIterator;
use RecursiveIteratorIterator;

class Rbac extends AbstractIterator
class Rbac
{
/**
* flag: whether or not to create roles automatically if
* they do not exist.
* List of roles
*
* @var array|RoleInterface[]
*/
protected $roles = array();

/**
* flag: whether or not to create roles automatically if they do not exist.
*
* @var bool
*/
protected $createMissingRoles = false;

/**
* @param bool $createMissingRoles
* @return \Zend\Permissions\Rbac\Rbac
* Set whether or not to create roles automatically if they do not exist
*
* @param bool $createMissingRoles
* @return void
*/
public function setCreateMissingRoles($createMissingRoles)
{
$this->createMissingRoles = $createMissingRoles;

return $this;
$this->createMissingRoles = (bool) $createMissingRoles;
}

/**
* Get whether or not to create roles automatically if they do not exist
*
* @return bool
*/
public function getCreateMissingRoles()
Expand All @@ -41,62 +50,62 @@ public function getCreateMissingRoles()
}

/**
* Add a child.
* Add a child
*
* @param string|RoleInterface $child
* @param array|RoleInterface|null $parents
* @return self
* @param string|RoleInterface $child
* @param array|RoleInterface[]|null $parents
* @return void
* @throws Exception\InvalidArgumentException
*/
public function addRole($child, $parents = null)
{
if (is_string($child)) {
$child = new Role($child);
}

if (!$child instanceof RoleInterface) {
throw new Exception\InvalidArgumentException(
'Child must be a string or implement Zend\Permissions\Rbac\RoleInterface'
);
}

if ($parents) {
if (null !== $parents) {
if (!is_array($parents)) {
$parents = array($parents);
}

foreach ($parents as $parent) {
if ($this->createMissingRoles && !$this->hasRole($parent)) {
$this->addRole($parent);
}

$this->getRole($parent)->addChild($child);
}
}

$this->children[] = $child;

return $this;
$this->roles[] = $child;
}

/**
* Is a child with $name registered?
*
* @param \Zend\Permissions\Rbac\RoleInterface|string $objectOrName
* @param RoleInterface|string $objectOrName
* @return bool
*/
public function hasRole($objectOrName)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I prefer a more explicit interface:

public function hasRole(RoleInterface $role);
public function hasRoleName($roleName);

{
try {
$this->getRole($objectOrName);

return true;
} catch (Exception\InvalidArgumentException $e) {
return false;
}
}

/**
* Get a child.
* Get a child
*
* @param \Zend\Permissions\Rbac\RoleInterface|string $objectOrName
* @param RoleInterface|string $objectOrName
* @return RoleInterface
* @throws Exception\InvalidArgumentException
*/
Expand All @@ -108,8 +117,10 @@ public function getRole($objectOrName)
);
}

$it = new RecursiveIteratorIterator($this, RecursiveIteratorIterator::CHILD_FIRST);
foreach ($it as $leaf) {
$iterator = new RecursiveArrayIterator($this->roles);
$iteratorIterator = new RecursiveIteratorIterator($iterator, RecursiveIteratorIterator::CHILD_FIRST);

foreach ($iteratorIterator as $leaf) {
if ((is_string($objectOrName) && $leaf->getName() == $objectOrName) || $leaf == $objectOrName) {
return $leaf;
}
Expand All @@ -127,6 +138,7 @@ public function getRole($objectOrName)
* @param RoleInterface|string $role
* @param string $permission
* @param AssertionInterface|Callable|null $assert
* @throws Exception\InvalidArgumentException
* @return bool
*/
public function isGranted($role, $permission, $assert = null)
Expand All @@ -147,10 +159,6 @@ public function isGranted($role, $permission, $assert = null)
}
}

if ($this->getRole($role)->hasPermission($permission)) {
return true;
}

return false;
return $this->getRole($role)->hasPermission($permission);
}
}