1
|
|
|
<?php |
2
|
|
|
/* |
3
|
|
|
* This file is part of EC-CUBE |
4
|
|
|
* |
5
|
|
|
* Copyright(c) 2000-2015 LOCKON CO.,LTD. All Rights Reserved. |
6
|
|
|
* |
7
|
|
|
* http://www.lockon.co.jp/ |
8
|
|
|
* |
9
|
|
|
* This program is free software; you can redistribute it and/or |
10
|
|
|
* modify it under the terms of the GNU General Public License |
11
|
|
|
* as published by the Free Software Foundation; either version 2 |
12
|
|
|
* of the License, or (at your option) any later version. |
13
|
|
|
* |
14
|
|
|
* This program is distributed in the hope that it will be useful, |
15
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
16
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
17
|
|
|
* GNU General Public License for more details. |
18
|
|
|
* |
19
|
|
|
* You should have received a copy of the GNU General Public License |
20
|
|
|
* along with this program; if not, write to the Free Software |
21
|
|
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
22
|
|
|
*/ |
23
|
|
|
|
24
|
|
|
|
25
|
|
|
namespace Eccube\Security\Voter; |
26
|
|
|
|
27
|
|
|
use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface; |
28
|
|
|
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; |
29
|
|
|
use Eccube\Application; |
30
|
|
|
|
31
|
|
|
class AuthorityVoter implements VoterInterface |
32
|
|
|
{ |
33
|
|
|
|
34
|
|
|
public $app; |
35
|
|
|
|
36
|
1189 |
|
public function __construct(Application $app) |
37
|
|
|
{ |
38
|
1189 |
|
$this->app = $app; |
39
|
|
|
} |
40
|
|
|
|
41
|
|
|
public function supportsAttribute($attribute) |
42
|
|
|
{ |
43
|
|
|
return true; |
44
|
|
|
} |
45
|
|
|
|
46
|
1 |
|
public function supportsClass($class) |
47
|
|
|
{ |
48
|
1 |
|
return true; |
49
|
|
|
} |
50
|
|
|
|
51
|
469 |
|
public function vote(TokenInterface $token, $object, array $attributes) |
52
|
|
|
{ |
53
|
|
|
|
54
|
469 |
|
$request = null; |
55
|
|
|
try { |
56
|
469 |
|
$request = $this->app['request']; |
57
|
207 |
|
} catch (\RuntimeException $e) { |
58
|
|
|
// requestが取得できない場合、無視する(テストプログラムで不要なため) |
59
|
207 |
|
return; |
60
|
|
|
} |
61
|
|
|
|
62
|
441 |
|
$path = rawurldecode($request->getPathInfo()); |
63
|
|
|
|
64
|
441 |
|
$Member = $this->app->user(); |
65
|
|
|
|
66
|
441 |
|
if ($Member instanceof \Eccube\Entity\Member) { |
|
|
|
|
67
|
|
|
// 管理者のロールをチェック |
68
|
306 |
|
$AuthorityRoles = $this->app['eccube.repository.authority_role']->findBy(array('Authority' => $Member->getAuthority())); |
69
|
306 |
|
foreach ($AuthorityRoles as $AuthorityRole) { |
70
|
|
|
// 許可しないURLが含まれていればアクセス拒否 |
71
|
|
|
try { |
72
|
|
|
// 正規表現でURLチェック |
73
|
3 |
|
$denyUrl = str_replace('/', '\/', $AuthorityRole->getDenyUrl()); |
74
|
3 |
|
if (preg_match("/^(\/{$this->app['config']['admin_route']}$denyUrl)/i", $path)) { |
75
|
3 |
|
return VoterInterface::ACCESS_DENIED; |
76
|
|
|
} |
77
|
|
|
} catch (\Exception $e) { |
78
|
|
|
// 拒否URLの指定に誤りがある場合、エスケープさせてチェック |
79
|
|
|
$denyUrl = preg_quote($AuthorityRole->getDenyUrl(), '/'); |
80
|
|
|
if (preg_match("/^(\/{$this->app['config']['admin_route']}$denyUrl)/i", $path)) { |
81
|
306 |
|
return VoterInterface::ACCESS_DENIED; |
82
|
|
|
} |
83
|
|
|
} |
84
|
|
|
} |
85
|
|
|
} |
86
|
|
|
|
87
|
441 |
|
return VoterInterface::ACCESS_GRANTED; |
88
|
|
|
} |
89
|
|
|
} |
This error could be the result of:
1. Missing dependencies
PHP Analyzer uses your
composer.json
file (if available) to determine the dependencies of your project and to determine all the available classes and functions. It expects thecomposer.json
to be in the root folder of your repository.Are you sure this class is defined by one of your dependencies, or did you maybe not list a dependency in either the
require
orrequire-dev
section?2. Missing use statement
PHP does not complain about undefined classes in
ìnstanceof
checks. For example, the following PHP code will work perfectly fine:If you have not tested against this specific condition, such errors might go unnoticed.