Neos\ContentRepository\Service\AuthorizationService::getDeniedNodePropertiesForEditing PHP Method

AuthorizationService Class Documentation Usage Examples Of Neos\ContentRepository\Service\AuthorizationService::getDeniedNodePropertiesForEditing Mostra file Open project: neos/neos-development-collection

getDeniedNodePropertiesForEditing() public method

public getDeniedNodePropertiesForEditing ( Neos\ContentRepository\Domain\Model\NodeInterface $node ) : string[]
$node	Neos\ContentRepository\Domain\Model\NodeInterface
return	string[]	Array of granted node property names

    public function getDeniedNodePropertiesForEditing(NodeInterface $node)
    {
        $privilegeSubject = new PropertyAwareNodePrivilegeSubject($node);
        $deniedNodePropertyNames = array();
        $grantedNodePropertyNames = array();
        $abstainedNodePropertyNames = array();
        foreach ($this->securityContext->getRoles() as $role) {
            /** @var EditNodePropertyPrivilege $editNodePropertyPrivilege */
            foreach ($role->getPrivilegesByType(EditNodePropertyPrivilege::class) as $editNodePropertyPrivilege) {
                if (!$editNodePropertyPrivilege->matchesSubject($privilegeSubject)) {
                    continue;
                }
                if ($editNodePropertyPrivilege->isGranted()) {
                    $grantedNodePropertyNames = array_merge($grantedNodePropertyNames, $editNodePropertyPrivilege->getNodePropertyNames());
                } elseif ($editNodePropertyPrivilege->isDenied()) {
                    $deniedNodePropertyNames = array_merge($deniedNodePropertyNames, $editNodePropertyPrivilege->getNodePropertyNames());
                } else {
                    $abstainedNodePropertyNames = array_merge($abstainedNodePropertyNames, $editNodePropertyPrivilege->getNodePropertyNames());
                }
            }
        }
        $implicitlyDeniedNodePropertyNames = array_diff($abstainedNodePropertyNames, $grantedNodePropertyNames);
        return array_merge($implicitlyDeniedNodePropertyNames, $deniedNodePropertyNames);
    }

Usage Example

Esempio n. 1

Mostra file

File: NodeAuthorizationTrait.php Progetto: neos/neos-development-collection

 /**
  * @param TableNode $table
  * @Then /^I should get the following list of denied node properties from the node authorization service:$/
  */
 public function iShouldGetTheFollowingListOfDeniedNodePropertiesFromTheNodeAuthorizationService($table)
 {
     if ($this->isolated === true) {
         $this->callStepInSubProcess(__METHOD__, sprintf(' %s %s', escapeshellarg(\Neos\Flow\Tests\Functional\Command\TableNode::class), escapeshellarg(json_encode($table->getHash()))));
     } else {
         $rows = $table->getHash();
         $deniedPropertyNames = $this->nodeAuthorizationService->getDeniedNodePropertiesForEditing($this->currentNodes[0]);
         if (count($rows) !== count($deniedPropertyNames)) {
             Assert::fail('The node authorization service did not return the expected amount of node property names! Got: ' . implode(', ', $deniedPropertyNames));
         }
         foreach ($rows as $row) {
             if (in_array($row['propertyName'], $deniedPropertyNames) === false) {
                 Assert::fail('The following property name has not been returned by the node authorization service: ' . $row['propertyName']);
             }
         }
     }
 }

AuthorizationService

getDeniedNodePropertiesForEditing

getNodeTypeNamesDeniedForCreation

isGrantedToCreateNode

isGrantedToEditNode

isGrantedToEditNodeProperty

isGrantedToReadNodeProperty

isGrantedToRemoveNode