|
From: <m_p...@us...> - 2013-11-05 20:58:55
|
Revision: 115
http://sourceforge.net/p/beeframework/code/115
Author: m_plomer
Date: 2013-11-05 20:58:50 +0000 (Tue, 05 Nov 2013)
Log Message:
-----------
- Security_Helper: minor refactoring
- Security_Helper: added ::getPrincipal() convenience
Modified Paths:
--------------
trunk/framework/Bee/Security/Helper.php
Modified: trunk/framework/Bee/Security/Helper.php
===================================================================
--- trunk/framework/Bee/Security/Helper.php 2013-11-05 20:48:29 UTC (rev 114)
+++ trunk/framework/Bee/Security/Helper.php 2013-11-05 20:58:50 UTC (rev 115)
@@ -24,47 +24,47 @@
*/
class Bee_Security_Helper {
- /**
- * @var Bee_Security_IAccessDecisionManager
- */
- private static $accessDecisionManager;
+ /**
+ * @var Bee_Security_IAccessDecisionManager
+ */
+ private static $accessDecisionManager;
- /**
- * @var Bee_Security_IAfterInvocationManager
- */
- private static $afterInvocationProviderManager;
+ /**
+ * @var Bee_Security_IAfterInvocationManager
+ */
+ private static $afterInvocationProviderManager;
- /**
- * @var Bee_Security_IUserDetailsService
- */
- private static $userDetailsService;
+ /**
+ * @var Bee_Security_IUserDetailsService
+ */
+ private static $userDetailsService;
- public static function construct(Bee_Security_IAccessDecisionManager $accessDecisionManager = null,
- Bee_Security_IAfterInvocationManager $afterInvocationProviderManager = null,
- Bee_Security_IUserDetailsService $userDetailsService = null) {
- self::$accessDecisionManager = $accessDecisionManager;
- self::$afterInvocationProviderManager = $afterInvocationProviderManager;
- self::$userDetailsService = $userDetailsService;
- }
+ public static function construct(Bee_Security_IAccessDecisionManager $accessDecisionManager = null,
+ Bee_Security_IAfterInvocationManager $afterInvocationProviderManager = null,
+ Bee_Security_IUserDetailsService $userDetailsService = null) {
+ self::$accessDecisionManager = $accessDecisionManager;
+ self::$afterInvocationProviderManager = $afterInvocationProviderManager;
+ self::$userDetailsService = $userDetailsService;
+ }
/**
* @return bool
*/
public static function isAuthenticated() {
- $auth = Bee_Security_Context_Holder::getContext()->getAuthentication();
- return is_null($auth) ? false : $auth->isAuthenticated();
- }
+ $auth = Bee_Security_Context_Holder::getContext()->getAuthentication();
+ return is_null($auth) ? false : $auth->isAuthenticated();
+ }
/**
* @return array
*/
public static function getRoles() {
- $auth = Bee_Security_Context_Holder::getContext()->getAuthentication();
- if(is_null($auth) || !$auth->isAuthenticated()) {
- return array();
- }
- return (array_keys($auth->getAuthorities()));
- }
+ $auth = Bee_Security_Context_Holder::getContext()->getAuthentication();
+ if (is_null($auth) || !$auth->isAuthenticated()) {
+ return array();
+ }
+ return (array_keys($auth->getAuthorities()));
+ }
/**
* @param $role
@@ -72,13 +72,12 @@
* @throws Bee_Security_Exception_Authentication
*/
public static function checkRole($role) {
- $auth = Bee_Security_Context_Holder::getContext()->getAuthentication();
- if(is_null($auth) || !$auth->isAuthenticated()) {
- throw new Bee_Security_Exception_Authentication('Not authenticated');
- }
- self::$accessDecisionManager->decide($auth, null, new Bee_Security_ConfigAttributeDefinition($role));
- return true;
- }
+ self::$accessDecisionManager->decide(
+ self::getAuthIfAuthenticated(), null,
+ new Bee_Security_ConfigAttributeDefinition($role)
+ );
+ return true;
+ }
/**
* @param $configAttribute
@@ -87,13 +86,12 @@
* @throws Bee_Security_Exception_Authentication
*/
public static function checkAccess($configAttribute, $secureObject = null) {
- $auth = Bee_Security_Context_Holder::getContext()->getAuthentication();
- if(is_null($auth) || !$auth->isAuthenticated()) {
- throw new Bee_Security_Exception_Authentication('Not authenticated');
- }
- self::$accessDecisionManager->decide($auth, $secureObject, new Bee_Security_ConfigAttributeDefinition($configAttribute));
- return true;
- }
+ self::$accessDecisionManager->decide(
+ self::getAuthIfAuthenticated(), $secureObject,
+ new Bee_Security_ConfigAttributeDefinition($configAttribute)
+ );
+ return true;
+ }
/**
* @param $configAttribute
@@ -103,29 +101,43 @@
* @throws Bee_Security_Exception_Authentication
*/
public static function checkResultAccess($configAttribute, $secureObject = null, $returnedObject = null) {
- $auth = Bee_Security_Context_Holder::getContext()->getAuthentication();
- if(is_null($auth) || !$auth->isAuthenticated()) {
- throw new Bee_Security_Exception_Authentication('Not authenticated');
- }
- return self::$afterInvocationProviderManager->decide($auth, $secureObject, new Bee_Security_ConfigAttributeDefinition($configAttribute), $returnedObject);
- }
+ return self::$afterInvocationProviderManager->decide(
+ self::getAuthIfAuthenticated(), $secureObject,
+ new Bee_Security_ConfigAttributeDefinition($configAttribute), $returnedObject
+ );
+ }
/**
+ * @return mixed
+ */
+ public static function getPrincipal() {
+ return self::getAuthIfAuthenticated()->getPrincipal();
+ }
+
+ private static function getAuthIfAuthenticated() {
+ $auth = Bee_Security_Context_Holder::getContext()->getAuthentication();
+ if (is_null($auth) || !$auth->isAuthenticated()) {
+ throw new Bee_Security_Exception_Authentication('Not authenticated');
+ }
+ return $auth;
+ }
+
+ /**
* @param $identityName
* @return mixed
* @throws Bee_Security_Exception_Authentication
*/
public static function getIdentity($identityName) {
- $auth = self::$userDetailsService->getGroupByName($identityName);
- if ($auth instanceof Potiscom_Auth_Doctrine_Group) {
- return $auth;
- }
- $auth = self::$userDetailsService->getUserByName($identityName);
- if ($auth instanceof Potiscom_Auth_Doctrine_User) {
- return $auth;
- }
- throw new Bee_Security_Exception_Authentication('Not authenticated');
- }
+ $auth = self::$userDetailsService->getGroupByName($identityName);
+ if ($auth instanceof Potiscom_Auth_Doctrine_Group) {
+ return $auth;
+ }
+ $auth = self::$userDetailsService->getUserByName($identityName);
+ if ($auth instanceof Potiscom_Auth_Doctrine_User) {
+ return $auth;
+ }
+ throw new Bee_Security_Exception_Authentication('Not authenticated');
+ }
/**
* @param $identityName
@@ -134,11 +146,11 @@
* @return bool
*/
public static function checkAccessForIdentity($identityName, $configAttribute, $secureObject = null) {
- $identity = self::getIdentity($identityName);
- $auth = new Bee_Security_UsernamePasswordAuthenticationToken($username, $password);
- self::$accessDecisionManager->decide($auth, $secureObject, new Bee_Security_ConfigAttributeDefinition($configAttribute));
- return true;
- }
+ $identity = self::getIdentity($identityName);
+ $auth = new Bee_Security_UsernamePasswordAuthenticationToken($username, $password);
+ self::$accessDecisionManager->decide($auth, $secureObject, new Bee_Security_ConfigAttributeDefinition($configAttribute));
+ return true;
+ }
/**
* @param $identityName
@@ -148,11 +160,13 @@
* @return mixed
*/
public static function checkResultAccessForIdentity($identityName, $configAttribute, $secureObject = null, $returnedObject = null) {
- $auth = self::getIdentity($identityName);
- return self::$afterInvocationProviderManager->decide($auth, $secureObject, new Bee_Security_ConfigAttributeDefinition($configAttribute), $returnedObject);
- }
+ $auth = self::getIdentity($identityName);
+ return self::$afterInvocationProviderManager->decide($auth, $secureObject, new Bee_Security_ConfigAttributeDefinition($configAttribute), $returnedObject);
+ }
}
-class SEC extends Bee_Security_Helper {}
+class SEC extends Bee_Security_Helper {
+}
+
?>
\ No newline at end of file
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
