Mercurial Mercurial > hdabo_sf / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
vendor/symfony/src/Symfony/Component/Security/Acl/Domain/SecurityIdentityRetrievalStrategy.php
changeset 0 7f95f8617b0b 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/vendor/symfony/src/Symfony/Component/Security/Acl/Domain/SecurityIdentityRetrievalStrategy.php	Sat Sep 24 15:40:41 2011 +0200
@@ -0,0 +1,82 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Acl\Domain;
+
+use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
+
+use Symfony\Component\Security\Core\User\UserInterface;
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Acl\Model\SecurityIdentityRetrievalStrategyInterface;
+use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolver;
+use Symfony\Component\Security\Core\Role\RoleHierarchyInterface;
+use Symfony\Component\Security\Core\Authorization\Voter\AuthenticatedVoter;
+
+/**
+ * Strategy for retrieving security identities
+ *
+ * @author Johannes M. Schmitt <schmittjoh@gmail.com>
+ */
+class SecurityIdentityRetrievalStrategy implements SecurityIdentityRetrievalStrategyInterface
+{
+    private $roleHierarchy;
+    private $authenticationTrustResolver;
+
+    /**
+     * Constructor
+     *
+     * @param RoleHierarchyInterface      $roleHierarchy
+     * @param AuthenticationTrustResolver $authenticationTrustResolver
+     *
+     * @return void
+     */
+    public function __construct(RoleHierarchyInterface $roleHierarchy, AuthenticationTrustResolver $authenticationTrustResolver)
+    {
+        $this->roleHierarchy = $roleHierarchy;
+        $this->authenticationTrustResolver = $authenticationTrustResolver;
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    public function getSecurityIdentities(TokenInterface $token)
+    {
+        $sids = array();
+
+        // add user security identity
+        if (!$token instanceof AnonymousToken) {
+            try {
+                $sids[] = UserSecurityIdentity::fromToken($token);
+            } catch (\InvalidArgumentException $invalid) {
+                // ignore, user has no user security identity
+            }
+        }
+
+        // add all reachable roles
+        foreach ($this->roleHierarchy->getReachableRoles($token->getRoles()) as $role) {
+            $sids[] = new RoleSecurityIdentity($role);
+        }
+
+        // add built-in special roles
+        if ($this->authenticationTrustResolver->isFullFledged($token)) {
+            $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_FULLY);
+            $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED);
+            $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY);
+        } else if ($this->authenticationTrustResolver->isRememberMe($token)) {
+            $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED);
+            $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY);
+        } else if ($this->authenticationTrustResolver->isAnonymous($token)) {
+            $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY);
+        }
+
+        return $sids;
+    }
+}
hdabo_sf