hdabo_sf: vendor/symfony/src/Symfony/Component/Security/Acl/Permission/MaskBuilder.php@d672f7dd74dc (annotated)

0 7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	1	<?php
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	2
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	3	/*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	4	* This file is part of the Symfony package.
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	5	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	6	* (c) Fabien Potencier <fabien@symfony.com>
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	7	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	8	* For the full copyright and license information, please view the LICENSE
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	9	* file that was distributed with this source code.
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	10	*/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	11
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	12	namespace Symfony\Component\Security\Acl\Permission;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	13
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	14	/**
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	15	* This class allows you to build cumulative permissions easily, or convert
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	16	* masks to a human-readable format.
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	17	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	18	* <code>
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	19	* $builder = new MaskBuilder();
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	20	* $builder
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	21	* ->add('view')
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	22	* ->add('create')
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	23	* ->add('edit')
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	24	* ;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	25	* var_dump($builder->get()); // int(7)
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	26	* var_dump($builder->getPattern()); // string(32) ".............................ECV"
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	27	* </code>
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	28	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	29	* We have defined some commonly used base permissions which you can use:
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	30	* - VIEW: the SID is allowed to view the domain object / field
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	31	* - CREATE: the SID is allowed to create new instances of the domain object / fields
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	32	* - EDIT: the SID is allowed to edit existing instances of the domain object / field
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	33	* - DELETE: the SID is allowed to delete domain objects
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	34	* - UNDELETE: the SID is allowed to recover domain objects from trash
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	35	* - OPERATOR: the SID is allowed to perform any action on the domain object
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	36	* except for granting others permissions
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	37	* - MASTER: the SID is allowed to perform any action on the domain object,
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	38	* and is allowed to grant other SIDs any permission except for
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	39	* MASTER and OWNER permissions
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	40	* - OWNER: the SID is owning the domain object in question and can perform any
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	41	* action on the domain object as well as grant any permission
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	42	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	43	* @author Johannes M. Schmitt <schmittjoh@gmail.com>
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	44	*/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	45	class MaskBuilder
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	46	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	47	const MASK_VIEW = 1; // 1 << 0
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	48	const MASK_CREATE = 2; // 1 << 1
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	49	const MASK_EDIT = 4; // 1 << 2
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	50	const MASK_DELETE = 8; // 1 << 3
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	51	const MASK_UNDELETE = 16; // 1 << 4
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	52	const MASK_OPERATOR = 32; // 1 << 5
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	53	const MASK_MASTER = 64; // 1 << 6
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	54	const MASK_OWNER = 128; // 1 << 7
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	55	const MASK_IDDQD = 1073741823; // 1 << 0 \| 1 << 1 \| ... \| 1 << 30
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	56
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	57	const CODE_VIEW = 'V';
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	58	const CODE_CREATE = 'C';
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	59	const CODE_EDIT = 'E';
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	60	const CODE_DELETE = 'D';
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	61	const CODE_UNDELETE = 'U';
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	62	const CODE_OPERATOR = 'O';
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	63	const CODE_MASTER = 'M';
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	64	const CODE_OWNER = 'N';
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	65
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	66	const ALL_OFF = '................................';
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	67	const OFF = '.';
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	68	const ON = '*';
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	69
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	70	private $mask;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	71
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	72	/**
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	73	* Constructor
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	74	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	75	* @param integer $mask optional; defaults to 0
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	76	* @return void
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	77	*/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	78	public function __construct($mask = 0)
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	79	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	80	if (!is_int($mask)) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	81	throw new \InvalidArgumentException('$mask must be an integer.');
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	82	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	83
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	84	$this->mask = $mask;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	85	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	86
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	87	/**
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	88	* Adds a mask to the permission
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	89	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	90	* @param mixed $mask
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	91	* @return PermissionBuilder
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	92	*/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	93	public function add($mask)
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	94	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	95	if (is_string($mask) && defined($name = 'static::MASK_'.strtoupper($mask))) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	96	$mask = constant($name);
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	97	} else if (!is_int($mask)) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	98	throw new \InvalidArgumentException('$mask must be an integer.');
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	99	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	100
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	101	$this->mask \|= $mask;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	102
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	103	return $this;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	104	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	105
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	106	/**
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	107	* Returns the mask of this permission
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	108	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	109	* @return integer
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	110	*/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	111	public function get()
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	112	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	113	return $this->mask;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	114	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	115
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	116	/**
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	117	* Returns a human-readable representation of the permission
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	118	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	119	* @return string
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	120	*/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	121	public function getPattern()
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	122	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	123	$pattern = self::ALL_OFF;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	124	$length = strlen($pattern);
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	125	$bitmask = str_pad(decbin($this->mask), $length, '0', STR_PAD_LEFT);
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	126
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	127	for ($i=$length-1; $i>=0; $i--) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	128	if ('1' === $bitmask[$i]) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	129	try {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	130	$pattern[$i] = self::getCode(1 << ($length - $i - 1));
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	131	} catch (\Exception $notPredefined) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	132	$pattern[$i] = self::ON;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	133	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	134	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	135	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	136
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	137	return $pattern;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	138	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	139
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	140	/**
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	141	* Removes a mask from the permission
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	142	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	143	* @param mixed $mask
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	144	* @return PermissionBuilder
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	145	*/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	146	public function remove($mask)
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	147	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	148	if (is_string($mask) && defined($name = 'static::MASK_'.strtoupper($mask))) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	149	$mask = constant($name);
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	150	} else if (!is_int($mask)) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	151	throw new \InvalidArgumentException('$mask must be an integer.');
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	152	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	153
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	154	$this->mask &= ~$mask;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	155
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	156	return $this;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	157	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	158
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	159	/**
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	160	* Resets the PermissionBuilder
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	161	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	162	* @return PermissionBuilder
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	163	*/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	164	public function reset()
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	165	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	166	$this->mask = 0;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	167
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	168	return $this;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	169	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	170
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	171	/**
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	172	* Returns the code for the passed mask
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	173	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	174	* @param integer $mask
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	175	* @throws \InvalidArgumentException
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	176	* @throws \RuntimeException
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	177	* @return string
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	178	*/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	179	static public function getCode($mask)
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	180	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	181	if (!is_int($mask)) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	182	throw new \InvalidArgumentException('$mask must be an integer.');
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	183	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	184
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	185	$reflection = new \ReflectionClass(get_called_class());
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	186	foreach ($reflection->getConstants() as $name => $cMask) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	187	if (0 !== strpos($name, 'MASK_')) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	188	continue;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	189	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	190
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	191	if ($mask === $cMask) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	192	if (!defined($cName = 'static::CODE_'.substr($name, 5))) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	193	throw new \RuntimeException('There was no code defined for this mask.');
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	194	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	195
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	196	return constant($cName);
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	197	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	198	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	199
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	200	throw new \InvalidArgumentException(sprintf('The mask "%d" is not supported.', $mask));
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	201	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	202	}

author	cavaliet
	Mon, 07 Jul 2014 17:23:47 +0200
changeset 122	d672f7dd74dc
parent 0	7f95f8617b0b
permissions	-rwxr-xr-x