hdabo_sf: vendor/bundles/JMS/SecurityExtraBundle/Security/Authorization/RunAsManager.php@d672f7dd74dc (annotated)

0 7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	1	<?php
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	2
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	3	/*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	4	* Copyright 2010 Johannes M. Schmitt <schmittjoh@gmail.com>
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	5	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	6	* Licensed under the Apache License, Version 2.0 (the "License");
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	7	* you may not use this file except in compliance with the License.
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	8	* You may obtain a copy of the License at
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	9	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	10	* http://www.apache.org/licenses/LICENSE-2.0
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	11	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	12	* Unless required by applicable law or agreed to in writing, software
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	13	* distributed under the License is distributed on an "AS IS" BASIS,
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	14	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	15	* See the License for the specific language governing permissions and
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	16	* limitations under the License.
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	17	*/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	18
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	19	namespace JMS\SecurityExtraBundle\Security\Authorization;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	20
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	21	use JMS\SecurityExtraBundle\Security\Authentication\Token\RunAsUserToken;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	22	use Symfony\Component\Security\Core\Role\Role;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	23	use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	24
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	25	/**
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	26	* The RunAsManager creates throw-away Tokens which are temporarily injected into
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	27	* the security context for the duration of the invocation of a specific method.
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	28	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	29	* @author Johannes M. Schmitt <schmittjoh@gmail.com>
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	30	*/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	31	class RunAsManager implements RunAsManagerInterface
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	32	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	33	private $key;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	34	private $rolePrefix;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	35
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	36	public function __construct($key, $rolePrefix = 'ROLE_')
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	37	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	38	$this->key = $key;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	39	$this->rolePrefix = $rolePrefix;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	40	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	41
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	42	/**
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	43	* {@inheritDoc}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	44	*/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	45	public function buildRunAs(TokenInterface $token, $secureObject, array $attributes)
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	46	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	47	$roles = array();
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	48	foreach ($attributes as $attribute)
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	49	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	50	if ($this->supportsAttribute($attribute)) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	51	$roles[] = new Role($attribute);
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	52	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	53	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	54
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	55	if (0 === count($roles)) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	56	return null;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	57	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	58
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	59	$roles = array_merge($roles, $token->getRoles());
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	60
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	61	return new RunAsUserToken($this->key, $token->getUser(), $token->getCredentials(), $roles, $token);
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	62	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	63
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	64	/**
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	65	* {@inheritDoc}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	66	*/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	67	public function supportsAttribute($attribute)
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	68	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	69	return !empty($attribute) && 0 === strpos($attribute, $this->rolePrefix);
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	70	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	71
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	72	/**
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	73	* {@inheritDoc}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	74	*/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	75	public function supportsClass($className)
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	76	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	77	return true;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	78	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	79	}

author	cavaliet
	Mon, 07 Jul 2014 17:23:47 +0200
changeset 122	d672f7dd74dc
parent 0	7f95f8617b0b
permissions	-rwxr-xr-x