AppserverIo\Appserver\ServletEngine\Security\Utils\Util::getRoleSets PHP Метод

Документация по классу Util Usage Examples Of AppserverIo\Appserver\ServletEngine\Security\Utils\Util::getRoleSets Показать файл Открыть проект

getRoleSets() публичный статический Метод

Execute the rolesQuery against the dsJndiName to obtain the roles for the authenticated user.
public static getRoleSets ( string $username, string $lookupName, string $rolesQuery, AppserverIo\Psr\Security\Auth\Spi\LoginModuleInterface $aslm ) : array
$username string The username to load the roles for
$lookupName string The lookup name for the datasource
$rolesQuery string The query to load the roles
$aslm AppserverIo\Psr\Security\Auth\Spi\LoginModuleInterface The login module to add the roles to
Результат array An array of groups containing the sets of roles 
    public static function getRoleSets(string $username, string $lookupName, string $rolesQuery, LoginModuleInterface $aslm)
    {
        try {
            // initialize the map for the groups
            $setsMap = new HashMap();
            // load the application context
            $application = RequestHandler::getApplicationContext();
            /** @var \AppserverIo\Appserver\Core\Api\Node\DatabaseNode $databaseNode */
            $databaseNode = $application->getNamingDirectory()->search($lookupName)->getDatabase();
            // prepare the connection parameters and create the DBAL connection
            $connection = DriverManager::getConnection(ConnectionUtil::get($application)->fromDatabaseNode($databaseNode));
            // try to load the principal's roles from the database
            $statement = $connection->prepare($rolesQuery);
            $statement->bindParam(1, $username);
            $statement->execute();
            // query whether or not we've a password found or not
            $row = $statement->fetch(\PDO::FETCH_NUM);
            // query whether or not we've found at least one role
            if ($row == false) {
                // try load the unauthenticated identity
                if ($aslm->getUnauthenticatedIdentity() == null) {
                    throw new FailedLoginException('No matching username found in Roles');
                }
                // we're running with an unauthenticatedIdentity so create an empty roles set and return
                return array(new SimpleGroup(Util::DEFAULT_GROUP_NAME));
            }
            do {
                // load the found name and initialize the group name with a default value
                $name = $row[0];
                $groupName = Util::DEFAULT_GROUP_NAME;
                // query whether or not we've to initialize a default group
                if (isset($row[1])) {
                    $groupName = $row[1];
                }
                // query whether or not the group already exists in the set
                if ($setsMap->exists($groupName) === false) {
                    $group = new SimpleGroup(new String($groupName));
                    $setsMap->add($groupName, $group);
                } else {
                    $group = $setsMap->get($groupName);
                }
                try {
                    // add the user to the group
                    $group->addMember($aslm->createIdentity(new String($name)));
                    // log a message
                    $application->getNamingDirectory()->search(NamingDirectoryKeys::SYSTEM_LOGGER)->debug(sprintf('Assign user to role: %s', $name));
                } catch (\Exception $e) {
                    $application->getNamingDirectory()->search(NamingDirectoryKeys::SYSTEM_LOGGER)->error(sprintf('Failed to create principal: %s', $name));
                }
                // load one group after another
            } while ($row = $statement->fetch(\PDO::FETCH_OBJ));
        } catch (NamingException $ne) {
            throw new LoginException($ne->__toString());
        } catch (\PDOException $pdoe) {
            throw new LoginException($pdoe->__toString());
        }
        // close the prepared statement
        if ($statement != null) {
            try {
                $statement->closeCursor();
            } catch (\Exception $e) {
                $application->getNamingDirectory()->search(NamingDirectoryKeys::SYSTEM_LOGGER)->error($e->__toString());
            }
        }
        // close the DBAL connection
        if ($connection != null) {
            try {
                $connection->close();
            } catch (\Exception $e) {
                $application->getNamingDirectory()->search(NamingDirectoryKeys::SYSTEM_LOGGER)->error($e->__toString());
            }
        }
        // return the prepared groups
        return $setsMap->toArray();
    }

Usage Example

Пример #1
0
 /**
  * Execute the rolesQuery against the lookupName to obtain the roles for the authenticated user.
  *
  * @return array Array containing the sets of roles
  * @throws \AppserverIo\Psr\Security\Auth\Login\LoginException Is thrown if password can't be loaded
  */
 protected function getRoleSets()
 {
     return Util::getRoleSets($this->getUsername(), new String($this->lookupName), new String($this->rolesQuery), $this);
 }
Util
__clone
__construct
createPasswordHash
getRoleSets