Nette\Security\Permission::isAllowed PHP Метод

Документация по классу Permission Usage Examples Of Nette\Security\Permission::isAllowed Показать файл Открыть проект

isAllowed() публичный Метод

This method checks Role inheritance using a depth-first traversal of the Role list. The highest priority parent (i.e., the parent most recently added) is checked first, and its respective parents are checked similarly before the lower-priority parents of the Role are checked.

public isAllowed ( $role = self::ALL, $resource = self::ALL, $privilege = self::ALL ) : boolean
Результат	boolean

    public function isAllowed($role = self::ALL, $resource = self::ALL, $privilege = self::ALL)
    {
        $this->queriedRole = $role;
        if ($role !== self::ALL) {
            if ($role instanceof IRole) {
                $role = $role->getRoleId();
            }
            $this->checkRole($role);
        }
        $this->queriedResource = $resource;
        if ($resource !== self::ALL) {
            if ($resource instanceof IResource) {
                $resource = $resource->getResourceId();
            }
            $this->checkResource($resource);
        }
        do {
            // depth-first search on $role if it is not 'allRoles' pseudo-parent
            if ($role !== NULL && NULL !== ($result = $this->searchRolePrivileges($privilege === self::ALL, $role, $resource, $privilege))) {
                break;
            }
            if ($privilege === self::ALL) {
                if ($rules = $this->getRules($resource, self::ALL)) {
                    // look for rule on 'allRoles' psuedo-parent
                    foreach ($rules['byPrivilege'] as $privilege => $rule) {
                        if (self::DENY === ($result = $this->getRuleType($resource, NULL, $privilege))) {
                            break 2;
                        }
                    }
                    if (NULL !== ($result = $this->getRuleType($resource, NULL, NULL))) {
                        break;
                    }
                }
            } else {
                if (NULL !== ($result = $this->getRuleType($resource, NULL, $privilege))) {
                    // look for rule on 'allRoles' pseudo-parent
                    break;
                } elseif (NULL !== ($result = $this->getRuleType($resource, NULL, NULL))) {
                    break;
                }
            }
            $resource = $this->resources[$resource]['parent'];
            // try next Resource
        } while (TRUE);
        $this->queriedRole = $this->queriedResource = NULL;
        return $result;
    }

Usage Example

Пример #1

Показать файл

Файл: Authorizator.php Проект: blitzik/CMS

 /**
  * @param string $role
  * @param IResource|string $resource
  * @param $privilege
  * @return bool
  */
 public function isAllowed($role, $resource, $privilege)
 {
     $roles = [];
     if ($role instanceof User) {
         $roles = $role->getRoles();
     } elseif ($role instanceof \Nette\Security\User) {
         $userIdentity = $role->getIdentity();
         if ($userIdentity !== null) {
             $roles = $role->getIdentity()->getRoles();
         }
     } elseif ($role instanceof Role) {
         $roles[] = $role->getName();
     } elseif (Validators::is($role, 'unicode:1..')) {
         $roles[] = $role;
     } else {
         return false;
     }
     try {
         foreach ($roles as $role) {
             if ($this->acl->isAllowed($role, $resource, $privilege) === true) {
                 return true;
             }
         }
         return false;
     } catch (InvalidStateException $e) {
         return false;
         // role does not exists
     }
 }

All Usage Examples Of Nette\Security\Permission::isAllowed

Permission

addResource

addRole

allow

checkResource

checkRole

deny

getQueriedResource

getQueriedRole

getResources

getRoleParents