hdabo_sf: vendor/symfony/src/Symfony/Component/Security/Acl/Domain/SecurityIdentityRetrievalStrategy.php@d672f7dd74dc (annotated)

0 7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	1	<?php
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	2
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	3	/*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	4	* This file is part of the Symfony package.
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	5	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	6	* (c) Fabien Potencier <fabien@symfony.com>
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	7	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	8	* For the full copyright and license information, please view the LICENSE
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	9	* file that was distributed with this source code.
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	10	*/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	11
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	12	namespace Symfony\Component\Security\Acl\Domain;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	13
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	14	use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	15
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	16	use Symfony\Component\Security\Core\User\UserInterface;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	17	use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	18	use Symfony\Component\Security\Acl\Model\SecurityIdentityRetrievalStrategyInterface;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	19	use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolver;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	20	use Symfony\Component\Security\Core\Role\RoleHierarchyInterface;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	21	use Symfony\Component\Security\Core\Authorization\Voter\AuthenticatedVoter;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	22
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	23	/**
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	24	* Strategy for retrieving security identities
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	25	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	26	* @author Johannes M. Schmitt <schmittjoh@gmail.com>
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	27	*/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	28	class SecurityIdentityRetrievalStrategy implements SecurityIdentityRetrievalStrategyInterface
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	29	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	30	private $roleHierarchy;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	31	private $authenticationTrustResolver;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	32
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	33	/**
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	34	* Constructor
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	35	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	36	* @param RoleHierarchyInterface $roleHierarchy
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	37	* @param AuthenticationTrustResolver $authenticationTrustResolver
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	38	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	39	* @return void
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	40	*/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	41	public function __construct(RoleHierarchyInterface $roleHierarchy, AuthenticationTrustResolver $authenticationTrustResolver)
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	42	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	43	$this->roleHierarchy = $roleHierarchy;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	44	$this->authenticationTrustResolver = $authenticationTrustResolver;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	45	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	46
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	47	/**
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	48	* {@inheritDoc}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	49	*/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	50	public function getSecurityIdentities(TokenInterface $token)
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	51	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	52	$sids = array();
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	53
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	54	// add user security identity
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	55	if (!$token instanceof AnonymousToken) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	56	try {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	57	$sids[] = UserSecurityIdentity::fromToken($token);
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	58	} catch (\InvalidArgumentException $invalid) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	59	// ignore, user has no user security identity
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	60	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	61	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	62
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	63	// add all reachable roles
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	64	foreach ($this->roleHierarchy->getReachableRoles($token->getRoles()) as $role) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	65	$sids[] = new RoleSecurityIdentity($role);
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	66	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	67
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	68	// add built-in special roles
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	69	if ($this->authenticationTrustResolver->isFullFledged($token)) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	70	$sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_FULLY);
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	71	$sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED);
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	72	$sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY);
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	73	} else if ($this->authenticationTrustResolver->isRememberMe($token)) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	74	$sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED);
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	75	$sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY);
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	76	} else if ($this->authenticationTrustResolver->isAnonymous($token)) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	77	$sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY);
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	78	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	79
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	80	return $sids;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	81	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	82	}

author	cavaliet
	Mon, 07 Jul 2014 17:23:47 +0200
changeset 122	d672f7dd74dc
parent 0	7f95f8617b0b
permissions	-rwxr-xr-x