Kilix /
php-abac
@@ -13,165 +13,165 @@ |
||
| 13 | 13 | use PhpAbac\Model\PolicyRuleAttribute; |
| 14 | 14 | |
| 15 | 15 | class Abac { |
| 16 | - /** @var \PhpAbac\Manager\ConfigurationManager * */ |
|
| 17 | - private $configuration; |
|
| 18 | - /** @var \PhpAbac\Manager\PolicyRuleManager * */ |
|
| 19 | - private $policyRuleManager; |
|
| 20 | - /** @var \PhpAbac\Manager\AttributeManager * */ |
|
| 21 | - private $attributeManager; |
|
| 22 | - /** @var \PhpAbac\Manager\CacheManager * */ |
|
| 23 | - private $cacheManager; |
|
| 24 | - /** @var \PhpAbac\Manager\ComparisonManager * */ |
|
| 25 | - private $comparisonManager; |
|
| 16 | + /** @var \PhpAbac\Manager\ConfigurationManager * */ |
|
| 17 | + private $configuration; |
|
| 18 | + /** @var \PhpAbac\Manager\PolicyRuleManager * */ |
|
| 19 | + private $policyRuleManager; |
|
| 20 | + /** @var \PhpAbac\Manager\AttributeManager * */ |
|
| 21 | + private $attributeManager; |
|
| 22 | + /** @var \PhpAbac\Manager\CacheManager * */ |
|
| 23 | + private $cacheManager; |
|
| 24 | + /** @var \PhpAbac\Manager\ComparisonManager * */ |
|
| 25 | + private $comparisonManager; |
|
| 26 | 26 | |
| 27 | - /** |
|
| 28 | - * @param array $configPaths |
|
| 29 | - * @param array $cacheOptions Option for cache |
|
| 30 | - * @param string $configPaths_root The origin folder to find $configPaths |
|
| 31 | - * @param array $options |
|
| 32 | - */ |
|
| 33 | - public function __construct( $configPaths, $cacheOptions = [], $configPaths_root = null, $options = [] ) { |
|
| 34 | - $this->configure( $configPaths, $configPaths_root ); |
|
| 35 | - $this->attributeManager = new AttributeManager( $this->configuration->getAttributes(), $options ); |
|
| 36 | - $this->policyRuleManager = new PolicyRuleManager( $this->attributeManager, $this->configuration->getRules() ); |
|
| 37 | - $this->cacheManager = new CacheManager( $cacheOptions ); |
|
| 38 | - $this->comparisonManager = new ComparisonManager( $this->attributeManager ); |
|
| 39 | - } |
|
| 27 | + /** |
|
| 28 | + * @param array $configPaths |
|
| 29 | + * @param array $cacheOptions Option for cache |
|
| 30 | + * @param string $configPaths_root The origin folder to find $configPaths |
|
| 31 | + * @param array $options |
|
| 32 | + */ |
|
| 33 | + public function __construct( $configPaths, $cacheOptions = [], $configPaths_root = null, $options = [] ) { |
|
| 34 | + $this->configure( $configPaths, $configPaths_root ); |
|
| 35 | + $this->attributeManager = new AttributeManager( $this->configuration->getAttributes(), $options ); |
|
| 36 | + $this->policyRuleManager = new PolicyRuleManager( $this->attributeManager, $this->configuration->getRules() ); |
|
| 37 | + $this->cacheManager = new CacheManager( $cacheOptions ); |
|
| 38 | + $this->comparisonManager = new ComparisonManager( $this->attributeManager ); |
|
| 39 | + } |
|
| 40 | 40 | |
| 41 | - /** |
|
| 42 | - * @param array $configPaths |
|
| 43 | - * @param string $configPaths_root The origin folder to find $configPaths |
|
| 44 | - */ |
|
| 45 | - public function configure( $configPaths, $configPaths_root = null ) { |
|
| 41 | + /** |
|
| 42 | + * @param array $configPaths |
|
| 43 | + * @param string $configPaths_root The origin folder to find $configPaths |
|
| 44 | + */ |
|
| 45 | + public function configure( $configPaths, $configPaths_root = null ) { |
|
| 46 | 46 | // foreach ( $configPaths as &$configPath ) { |
| 47 | 47 | // $configPath = $configPaths_root . $configPath; |
| 48 | 48 | // } |
| 49 | - $locator = new FileLocator( $configPaths_root ); |
|
| 50 | - $this->configuration = new ConfigurationManager( $locator ); |
|
| 51 | - $this->configuration->setConfigPathRoot( $configPaths_root ); |
|
| 52 | - $this->configuration->parseConfigurationFile( $configPaths ); |
|
| 53 | - } |
|
| 49 | + $locator = new FileLocator( $configPaths_root ); |
|
| 50 | + $this->configuration = new ConfigurationManager( $locator ); |
|
| 51 | + $this->configuration->setConfigPathRoot( $configPaths_root ); |
|
| 52 | + $this->configuration->parseConfigurationFile( $configPaths ); |
|
| 53 | + } |
|
| 54 | 54 | |
| 55 | - /** |
|
| 56 | - * Return true if both user and object respects all the rules conditions |
|
| 57 | - * If the objectId is null, policy rules about its attributes will be ignored |
|
| 58 | - * In case of mismatch between attributes and expected values, |
|
| 59 | - * an array with the concerned attributes slugs will be returned. |
|
| 60 | - * |
|
| 61 | - * Available options are : |
|
| 62 | - * * dynamic_attributes: array |
|
| 63 | - * * cache_result: boolean |
|
| 64 | - * * cache_ttl: integer |
|
| 65 | - * * cache_driver: string |
|
| 66 | - * |
|
| 67 | - * Available cache drivers are : |
|
| 68 | - * * memory |
|
| 69 | - * |
|
| 70 | - * @param string $ruleName |
|
| 71 | - * @param object $user |
|
| 72 | - * @param object $resource |
|
| 73 | - * @param array $options |
|
| 74 | - * |
|
| 75 | - * @return boolean|array |
|
| 76 | - */ |
|
| 77 | - public function enforce( $ruleName, $user, $resource = null, $options = [] ) { |
|
| 78 | - // If there is dynamic attributes, we pass them to the comparison manager |
|
| 79 | - // When a comparison will be performed, the passed values will be retrieved and used |
|
| 80 | - if ( isset( $options[ 'dynamic_attributes' ] ) ) { |
|
| 81 | - $this->comparisonManager->setDynamicAttributes( $options[ 'dynamic_attributes' ] ); |
|
| 82 | - } |
|
| 83 | - // Retrieve cache value for the current rule and values if cache item is valid |
|
| 84 | - if ( ( $cacheResult = isset( $options[ 'cache_result' ] ) && $options[ 'cache_result' ] === true ) === true ) { |
|
| 85 | - $cacheItem = $this->cacheManager->getItem( "$ruleName-{$user->getId()}-" . ( ( $resource !== null ) ? $resource->getId() : '' ), ( isset( $options[ 'cache_driver' ] ) ) ? $options[ 'cache_driver' ] : null, ( isset( $options[ 'cache_ttl' ] ) ) ? $options[ 'cache_ttl' ] : null ); |
|
| 86 | - // We check if the cache value s valid before returning it |
|
| 87 | - if ( ( $cacheValue = $cacheItem->get() ) !== null ) { |
|
| 88 | - return $cacheValue; |
|
| 89 | - } |
|
| 90 | - } |
|
| 91 | - $policyRule_a = $this->policyRuleManager->getRule( $ruleName, $user, $resource ); |
|
| 55 | + /** |
|
| 56 | + * Return true if both user and object respects all the rules conditions |
|
| 57 | + * If the objectId is null, policy rules about its attributes will be ignored |
|
| 58 | + * In case of mismatch between attributes and expected values, |
|
| 59 | + * an array with the concerned attributes slugs will be returned. |
|
| 60 | + * |
|
| 61 | + * Available options are : |
|
| 62 | + * * dynamic_attributes: array |
|
| 63 | + * * cache_result: boolean |
|
| 64 | + * * cache_ttl: integer |
|
| 65 | + * * cache_driver: string |
|
| 66 | + * |
|
| 67 | + * Available cache drivers are : |
|
| 68 | + * * memory |
|
| 69 | + * |
|
| 70 | + * @param string $ruleName |
|
| 71 | + * @param object $user |
|
| 72 | + * @param object $resource |
|
| 73 | + * @param array $options |
|
| 74 | + * |
|
| 75 | + * @return boolean|array |
|
| 76 | + */ |
|
| 77 | + public function enforce( $ruleName, $user, $resource = null, $options = [] ) { |
|
| 78 | + // If there is dynamic attributes, we pass them to the comparison manager |
|
| 79 | + // When a comparison will be performed, the passed values will be retrieved and used |
|
| 80 | + if ( isset( $options[ 'dynamic_attributes' ] ) ) { |
|
| 81 | + $this->comparisonManager->setDynamicAttributes( $options[ 'dynamic_attributes' ] ); |
|
| 82 | + } |
|
| 83 | + // Retrieve cache value for the current rule and values if cache item is valid |
|
| 84 | + if ( ( $cacheResult = isset( $options[ 'cache_result' ] ) && $options[ 'cache_result' ] === true ) === true ) { |
|
| 85 | + $cacheItem = $this->cacheManager->getItem( "$ruleName-{$user->getId()}-" . ( ( $resource !== null ) ? $resource->getId() : '' ), ( isset( $options[ 'cache_driver' ] ) ) ? $options[ 'cache_driver' ] : null, ( isset( $options[ 'cache_ttl' ] ) ) ? $options[ 'cache_ttl' ] : null ); |
|
| 86 | + // We check if the cache value s valid before returning it |
|
| 87 | + if ( ( $cacheValue = $cacheItem->get() ) !== null ) { |
|
| 88 | + return $cacheValue; |
|
| 89 | + } |
|
| 90 | + } |
|
| 91 | + $policyRule_a = $this->policyRuleManager->getRule( $ruleName, $user, $resource ); |
|
| 92 | 92 | |
| 93 | - foreach ( $policyRule_a as $policyRule ) { |
|
| 94 | - // For each policy rule attribute, we retrieve the attribute value and proceed configured extra data |
|
| 95 | - foreach ( $policyRule->getPolicyRuleAttributes() as $pra ) { |
|
| 96 | - /** @var PolicyRuleAttribute $pra */ |
|
| 97 | - $attribute = $pra->getAttribute(); |
|
| 93 | + foreach ( $policyRule_a as $policyRule ) { |
|
| 94 | + // For each policy rule attribute, we retrieve the attribute value and proceed configured extra data |
|
| 95 | + foreach ( $policyRule->getPolicyRuleAttributes() as $pra ) { |
|
| 96 | + /** @var PolicyRuleAttribute $pra */ |
|
| 97 | + $attribute = $pra->getAttribute(); |
|
| 98 | 98 | |
| 99 | - $getter_params = $this->prepareGetterParams($pra->getGetterParams(), $user, $resource); |
|
| 99 | + $getter_params = $this->prepareGetterParams($pra->getGetterParams(), $user, $resource); |
|
| 100 | 100 | // var_dump($pra->getGetterParams()); |
| 101 | 101 | // var_dump($getter_params); |
| 102 | - $attribute->setValue( $this->attributeManager->retrieveAttribute( $attribute, $user, $resource, $getter_params ) ); |
|
| 103 | - if ( count( $pra->getExtraData() ) > 0 ) { |
|
| 104 | - $this->processExtraData( $pra, $user, $resource ); |
|
| 105 | - } |
|
| 106 | - $this->comparisonManager->compare( $pra ); |
|
| 107 | - } |
|
| 108 | - // The given result could be an array of rejected attributes or true |
|
| 109 | - // True means that the rule is correctly enforced for the given user and resource |
|
| 110 | - $result = $this->comparisonManager->getResult(); |
|
| 111 | - if ( true === $result ) { |
|
| 112 | - break; |
|
| 113 | - } |
|
| 114 | - } |
|
| 115 | - if ( $cacheResult ) { |
|
| 116 | - $cacheItem->set( $result ); |
|
| 117 | - $this->cacheManager->save( $cacheItem ); |
|
| 118 | - } |
|
| 102 | + $attribute->setValue( $this->attributeManager->retrieveAttribute( $attribute, $user, $resource, $getter_params ) ); |
|
| 103 | + if ( count( $pra->getExtraData() ) > 0 ) { |
|
| 104 | + $this->processExtraData( $pra, $user, $resource ); |
|
| 105 | + } |
|
| 106 | + $this->comparisonManager->compare( $pra ); |
|
| 107 | + } |
|
| 108 | + // The given result could be an array of rejected attributes or true |
|
| 109 | + // True means that the rule is correctly enforced for the given user and resource |
|
| 110 | + $result = $this->comparisonManager->getResult(); |
|
| 111 | + if ( true === $result ) { |
|
| 112 | + break; |
|
| 113 | + } |
|
| 114 | + } |
|
| 115 | + if ( $cacheResult ) { |
|
| 116 | + $cacheItem->set( $result ); |
|
| 117 | + $this->cacheManager->save( $cacheItem ); |
|
| 118 | + } |
|
| 119 | 119 | |
| 120 | - return $result; |
|
| 121 | - } |
|
| 120 | + return $result; |
|
| 121 | + } |
|
| 122 | 122 | |
| 123 | - /** |
|
| 124 | - * Function to prepare Getter Params when getter require parameters ( this parameters must be specified in configuration file) |
|
| 125 | - * |
|
| 126 | - * @param $getter_params |
|
| 127 | - * @param $user |
|
| 128 | - * @param $resource |
|
| 129 | - * |
|
| 130 | - * @return array |
|
| 131 | - */ |
|
| 132 | - private function prepareGetterParams($getter_params, $user, $resource) { |
|
| 133 | - if (empty($getter_params)) return []; |
|
| 134 | - $values = []; |
|
| 135 | - foreach($getter_params as $getter_name=>$params) { |
|
| 136 | - foreach($params as $param) { |
|
| 137 | - if ( '@' !== $param[ 'param_name' ][ 0 ] ) { |
|
| 138 | - $values[$getter_name][] = $param[ 'param_value' ]; |
|
| 139 | - } |
|
| 140 | - else { |
|
| 141 | - $values[$getter_name][] = $this->attributeManager->retrieveAttribute( $this->attributeManager->getAttribute( $param[ 'param_value' ] ) , $user, $resource ); |
|
| 142 | - } |
|
| 143 | - } |
|
| 144 | - } |
|
| 145 | - return $values; |
|
| 146 | - } |
|
| 123 | + /** |
|
| 124 | + * Function to prepare Getter Params when getter require parameters ( this parameters must be specified in configuration file) |
|
| 125 | + * |
|
| 126 | + * @param $getter_params |
|
| 127 | + * @param $user |
|
| 128 | + * @param $resource |
|
| 129 | + * |
|
| 130 | + * @return array |
|
| 131 | + */ |
|
| 132 | + private function prepareGetterParams($getter_params, $user, $resource) { |
|
| 133 | + if (empty($getter_params)) return []; |
|
| 134 | + $values = []; |
|
| 135 | + foreach($getter_params as $getter_name=>$params) { |
|
| 136 | + foreach($params as $param) { |
|
| 137 | + if ( '@' !== $param[ 'param_name' ][ 0 ] ) { |
|
| 138 | + $values[$getter_name][] = $param[ 'param_value' ]; |
|
| 139 | + } |
|
| 140 | + else { |
|
| 141 | + $values[$getter_name][] = $this->attributeManager->retrieveAttribute( $this->attributeManager->getAttribute( $param[ 'param_value' ] ) , $user, $resource ); |
|
| 142 | + } |
|
| 143 | + } |
|
| 144 | + } |
|
| 145 | + return $values; |
|
| 146 | + } |
|
| 147 | 147 | |
| 148 | - /** |
|
| 149 | - * @param \PhpAbac\Model\PolicyRuleAttribute $pra |
|
| 150 | - * @param object $user |
|
| 151 | - * @param object $resource |
|
| 152 | - */ |
|
| 153 | - public function processExtraData( PolicyRuleAttribute $pra, $user, $resource ) { |
|
| 154 | - foreach ( $pra->getExtraData() as $key => $data ) { |
|
| 155 | - switch ( $key ) { |
|
| 156 | - case 'with': |
|
| 157 | - // This data has to be removed for it will be stored elsewhere |
|
| 158 | - // in the policy rule attribute |
|
| 159 | - $pra->removeExtraData( 'with' ); |
|
| 160 | - // The "with" extra data is an array of attributes, which are objects |
|
| 161 | - // Once we process it as policy rule attributes, we set it as the main policy rule attribute value |
|
| 162 | - $subPolicyRuleAttributes = []; |
|
| 163 | - $extraData = []; |
|
| 148 | + /** |
|
| 149 | + * @param \PhpAbac\Model\PolicyRuleAttribute $pra |
|
| 150 | + * @param object $user |
|
| 151 | + * @param object $resource |
|
| 152 | + */ |
|
| 153 | + public function processExtraData( PolicyRuleAttribute $pra, $user, $resource ) { |
|
| 154 | + foreach ( $pra->getExtraData() as $key => $data ) { |
|
| 155 | + switch ( $key ) { |
|
| 156 | + case 'with': |
|
| 157 | + // This data has to be removed for it will be stored elsewhere |
|
| 158 | + // in the policy rule attribute |
|
| 159 | + $pra->removeExtraData( 'with' ); |
|
| 160 | + // The "with" extra data is an array of attributes, which are objects |
|
| 161 | + // Once we process it as policy rule attributes, we set it as the main policy rule attribute value |
|
| 162 | + $subPolicyRuleAttributes = []; |
|
| 163 | + $extraData = []; |
|
| 164 | 164 | |
| 165 | - foreach ( $this->policyRuleManager->processRuleAttributes( $data, $user, $resource ) as $subPolicyRuleAttribute ) { |
|
| 166 | - $subPolicyRuleAttributes[] = $subPolicyRuleAttribute; |
|
| 167 | - } |
|
| 168 | - $pra->setValue( $subPolicyRuleAttributes ); |
|
| 169 | - // This data can be used in complex comparisons |
|
| 170 | - $pra->addExtraData( 'attribute', $pra->getAttribute() ); |
|
| 171 | - $pra->addExtraData( 'user', $user ); |
|
| 172 | - $pra->addExtraData( 'resource', $resource ); |
|
| 173 | - break; |
|
| 174 | - } |
|
| 175 | - } |
|
| 176 | - } |
|
| 165 | + foreach ( $this->policyRuleManager->processRuleAttributes( $data, $user, $resource ) as $subPolicyRuleAttribute ) { |
|
| 166 | + $subPolicyRuleAttributes[] = $subPolicyRuleAttribute; |
|
| 167 | + } |
|
| 168 | + $pra->setValue( $subPolicyRuleAttributes ); |
|
| 169 | + // This data can be used in complex comparisons |
|
| 170 | + $pra->addExtraData( 'attribute', $pra->getAttribute() ); |
|
| 171 | + $pra->addExtraData( 'user', $user ); |
|
| 172 | + $pra->addExtraData( 'resource', $resource ); |
|
| 173 | + break; |
|
| 174 | + } |
|
| 175 | + } |
|
| 176 | + } |
|
| 177 | 177 | } |
@@ -30,26 +30,26 @@ discard block |
||
| 30 | 30 | * @param string $configPaths_root The origin folder to find $configPaths |
| 31 | 31 | * @param array $options |
| 32 | 32 | */ |
| 33 | - public function __construct( $configPaths, $cacheOptions = [], $configPaths_root = null, $options = [] ) { |
|
| 34 | - $this->configure( $configPaths, $configPaths_root ); |
|
| 35 | - $this->attributeManager = new AttributeManager( $this->configuration->getAttributes(), $options ); |
|
| 36 | - $this->policyRuleManager = new PolicyRuleManager( $this->attributeManager, $this->configuration->getRules() ); |
|
| 37 | - $this->cacheManager = new CacheManager( $cacheOptions ); |
|
| 38 | - $this->comparisonManager = new ComparisonManager( $this->attributeManager ); |
|
| 33 | + public function __construct($configPaths, $cacheOptions = [], $configPaths_root = null, $options = []) { |
|
| 34 | + $this->configure($configPaths, $configPaths_root); |
|
| 35 | + $this->attributeManager = new AttributeManager($this->configuration->getAttributes(), $options); |
|
| 36 | + $this->policyRuleManager = new PolicyRuleManager($this->attributeManager, $this->configuration->getRules()); |
|
| 37 | + $this->cacheManager = new CacheManager($cacheOptions); |
|
| 38 | + $this->comparisonManager = new ComparisonManager($this->attributeManager); |
|
| 39 | 39 | } |
| 40 | 40 | |
| 41 | 41 | /** |
| 42 | 42 | * @param array $configPaths |
| 43 | 43 | * @param string $configPaths_root The origin folder to find $configPaths |
| 44 | 44 | */ |
| 45 | - public function configure( $configPaths, $configPaths_root = null ) { |
|
| 45 | + public function configure($configPaths, $configPaths_root = null) { |
|
| 46 | 46 | // foreach ( $configPaths as &$configPath ) { |
| 47 | 47 | // $configPath = $configPaths_root . $configPath; |
| 48 | 48 | // } |
| 49 | - $locator = new FileLocator( $configPaths_root ); |
|
| 50 | - $this->configuration = new ConfigurationManager( $locator ); |
|
| 51 | - $this->configuration->setConfigPathRoot( $configPaths_root ); |
|
| 52 | - $this->configuration->parseConfigurationFile( $configPaths ); |
|
| 49 | + $locator = new FileLocator($configPaths_root); |
|
| 50 | + $this->configuration = new ConfigurationManager($locator); |
|
| 51 | + $this->configuration->setConfigPathRoot($configPaths_root); |
|
| 52 | + $this->configuration->parseConfigurationFile($configPaths); |
|
| 53 | 53 | } |
| 54 | 54 | |
| 55 | 55 | /** |
@@ -74,47 +74,47 @@ discard block |
||
| 74 | 74 | * |
| 75 | 75 | * @return boolean|array |
| 76 | 76 | */ |
| 77 | - public function enforce( $ruleName, $user, $resource = null, $options = [] ) { |
|
| 77 | + public function enforce($ruleName, $user, $resource = null, $options = []) { |
|
| 78 | 78 | // If there is dynamic attributes, we pass them to the comparison manager |
| 79 | 79 | // When a comparison will be performed, the passed values will be retrieved and used |
| 80 | - if ( isset( $options[ 'dynamic_attributes' ] ) ) { |
|
| 81 | - $this->comparisonManager->setDynamicAttributes( $options[ 'dynamic_attributes' ] ); |
|
| 80 | + if (isset($options['dynamic_attributes'])) { |
|
| 81 | + $this->comparisonManager->setDynamicAttributes($options['dynamic_attributes']); |
|
| 82 | 82 | } |
| 83 | 83 | // Retrieve cache value for the current rule and values if cache item is valid |
| 84 | - if ( ( $cacheResult = isset( $options[ 'cache_result' ] ) && $options[ 'cache_result' ] === true ) === true ) { |
|
| 85 | - $cacheItem = $this->cacheManager->getItem( "$ruleName-{$user->getId()}-" . ( ( $resource !== null ) ? $resource->getId() : '' ), ( isset( $options[ 'cache_driver' ] ) ) ? $options[ 'cache_driver' ] : null, ( isset( $options[ 'cache_ttl' ] ) ) ? $options[ 'cache_ttl' ] : null ); |
|
| 84 | + if (($cacheResult = isset($options['cache_result']) && $options['cache_result'] === true) === true) { |
|
| 85 | + $cacheItem = $this->cacheManager->getItem("$ruleName-{$user->getId()}-".(($resource !== null) ? $resource->getId() : ''), (isset($options['cache_driver'])) ? $options['cache_driver'] : null, (isset($options['cache_ttl'])) ? $options['cache_ttl'] : null); |
|
| 86 | 86 | // We check if the cache value s valid before returning it |
| 87 | - if ( ( $cacheValue = $cacheItem->get() ) !== null ) { |
|
| 87 | + if (($cacheValue = $cacheItem->get()) !== null) { |
|
| 88 | 88 | return $cacheValue; |
| 89 | 89 | } |
| 90 | 90 | } |
| 91 | - $policyRule_a = $this->policyRuleManager->getRule( $ruleName, $user, $resource ); |
|
| 91 | + $policyRule_a = $this->policyRuleManager->getRule($ruleName, $user, $resource); |
|
| 92 | 92 | |
| 93 | - foreach ( $policyRule_a as $policyRule ) { |
|
| 93 | + foreach ($policyRule_a as $policyRule) { |
|
| 94 | 94 | // For each policy rule attribute, we retrieve the attribute value and proceed configured extra data |
| 95 | - foreach ( $policyRule->getPolicyRuleAttributes() as $pra ) { |
|
| 95 | + foreach ($policyRule->getPolicyRuleAttributes() as $pra) { |
|
| 96 | 96 | /** @var PolicyRuleAttribute $pra */ |
| 97 | 97 | $attribute = $pra->getAttribute(); |
| 98 | 98 | |
| 99 | 99 | $getter_params = $this->prepareGetterParams($pra->getGetterParams(), $user, $resource); |
| 100 | 100 | // var_dump($pra->getGetterParams()); |
| 101 | 101 | // var_dump($getter_params); |
| 102 | - $attribute->setValue( $this->attributeManager->retrieveAttribute( $attribute, $user, $resource, $getter_params ) ); |
|
| 103 | - if ( count( $pra->getExtraData() ) > 0 ) { |
|
| 104 | - $this->processExtraData( $pra, $user, $resource ); |
|
| 102 | + $attribute->setValue($this->attributeManager->retrieveAttribute($attribute, $user, $resource, $getter_params)); |
|
| 103 | + if (count($pra->getExtraData()) > 0) { |
|
| 104 | + $this->processExtraData($pra, $user, $resource); |
|
| 105 | 105 | } |
| 106 | - $this->comparisonManager->compare( $pra ); |
|
| 106 | + $this->comparisonManager->compare($pra); |
|
| 107 | 107 | } |
| 108 | 108 | // The given result could be an array of rejected attributes or true |
| 109 | 109 | // True means that the rule is correctly enforced for the given user and resource |
| 110 | 110 | $result = $this->comparisonManager->getResult(); |
| 111 | - if ( true === $result ) { |
|
| 111 | + if (true === $result) { |
|
| 112 | 112 | break; |
| 113 | 113 | } |
| 114 | 114 | } |
| 115 | - if ( $cacheResult ) { |
|
| 116 | - $cacheItem->set( $result ); |
|
| 117 | - $this->cacheManager->save( $cacheItem ); |
|
| 115 | + if ($cacheResult) { |
|
| 116 | + $cacheItem->set($result); |
|
| 117 | + $this->cacheManager->save($cacheItem); |
|
| 118 | 118 | } |
| 119 | 119 | |
| 120 | 120 | return $result; |
@@ -132,13 +132,13 @@ discard block |
||
| 132 | 132 | private function prepareGetterParams($getter_params, $user, $resource) { |
| 133 | 133 | if (empty($getter_params)) return []; |
| 134 | 134 | $values = []; |
| 135 | - foreach($getter_params as $getter_name=>$params) { |
|
| 136 | - foreach($params as $param) { |
|
| 137 | - if ( '@' !== $param[ 'param_name' ][ 0 ] ) { |
|
| 138 | - $values[$getter_name][] = $param[ 'param_value' ]; |
|
| 135 | + foreach ($getter_params as $getter_name=>$params) { |
|
| 136 | + foreach ($params as $param) { |
|
| 137 | + if ('@' !== $param['param_name'][0]) { |
|
| 138 | + $values[$getter_name][] = $param['param_value']; |
|
| 139 | 139 | } |
| 140 | 140 | else { |
| 141 | - $values[$getter_name][] = $this->attributeManager->retrieveAttribute( $this->attributeManager->getAttribute( $param[ 'param_value' ] ) , $user, $resource ); |
|
| 141 | + $values[$getter_name][] = $this->attributeManager->retrieveAttribute($this->attributeManager->getAttribute($param['param_value']), $user, $resource); |
|
| 142 | 142 | } |
| 143 | 143 | } |
| 144 | 144 | } |
@@ -150,26 +150,26 @@ discard block |
||
| 150 | 150 | * @param object $user |
| 151 | 151 | * @param object $resource |
| 152 | 152 | */ |
| 153 | - public function processExtraData( PolicyRuleAttribute $pra, $user, $resource ) { |
|
| 154 | - foreach ( $pra->getExtraData() as $key => $data ) { |
|
| 155 | - switch ( $key ) { |
|
| 153 | + public function processExtraData(PolicyRuleAttribute $pra, $user, $resource) { |
|
| 154 | + foreach ($pra->getExtraData() as $key => $data) { |
|
| 155 | + switch ($key) { |
|
| 156 | 156 | case 'with': |
| 157 | 157 | // This data has to be removed for it will be stored elsewhere |
| 158 | 158 | // in the policy rule attribute |
| 159 | - $pra->removeExtraData( 'with' ); |
|
| 159 | + $pra->removeExtraData('with'); |
|
| 160 | 160 | // The "with" extra data is an array of attributes, which are objects |
| 161 | 161 | // Once we process it as policy rule attributes, we set it as the main policy rule attribute value |
| 162 | 162 | $subPolicyRuleAttributes = []; |
| 163 | 163 | $extraData = []; |
| 164 | 164 | |
| 165 | - foreach ( $this->policyRuleManager->processRuleAttributes( $data, $user, $resource ) as $subPolicyRuleAttribute ) { |
|
| 165 | + foreach ($this->policyRuleManager->processRuleAttributes($data, $user, $resource) as $subPolicyRuleAttribute) { |
|
| 166 | 166 | $subPolicyRuleAttributes[] = $subPolicyRuleAttribute; |
| 167 | 167 | } |
| 168 | - $pra->setValue( $subPolicyRuleAttributes ); |
|
| 168 | + $pra->setValue($subPolicyRuleAttributes); |
|
| 169 | 169 | // This data can be used in complex comparisons |
| 170 | - $pra->addExtraData( 'attribute', $pra->getAttribute() ); |
|
| 171 | - $pra->addExtraData( 'user', $user ); |
|
| 172 | - $pra->addExtraData( 'resource', $resource ); |
|
| 170 | + $pra->addExtraData('attribute', $pra->getAttribute()); |
|
| 171 | + $pra->addExtraData('user', $user); |
|
| 172 | + $pra->addExtraData('resource', $resource); |
|
| 173 | 173 | break; |
| 174 | 174 | } |
| 175 | 175 | } |
@@ -130,14 +130,15 @@ |
||
| 130 | 130 | * @return array |
| 131 | 131 | */ |
| 132 | 132 | private function prepareGetterParams($getter_params, $user, $resource) { |
| 133 | - if (empty($getter_params)) return []; |
|
| 133 | + if (empty($getter_params)) { |
|
| 134 | + return []; |
|
| 135 | + } |
|
| 134 | 136 | $values = []; |
| 135 | 137 | foreach($getter_params as $getter_name=>$params) { |
| 136 | 138 | foreach($params as $param) { |
| 137 | 139 | if ( '@' !== $param[ 'param_name' ][ 0 ] ) { |
| 138 | 140 | $values[$getter_name][] = $param[ 'param_value' ]; |
| 139 | - } |
|
| 140 | - else { |
|
| 141 | + } else { |
|
| 141 | 142 | $values[$getter_name][] = $this->attributeManager->retrieveAttribute( $this->attributeManager->getAttribute( $param[ 'param_value' ] ) , $user, $resource ); |
| 142 | 143 | } |
| 143 | 144 | } |
@@ -7,9 +7,7 @@ |
||
| 7 | 7 | use PhpAbac\Manager\ConfigurationManager; |
| 8 | 8 | use PhpAbac\Manager\CacheManager; |
| 9 | 9 | use PhpAbac\Manager\ComparisonManager; |
| 10 | - |
|
| 11 | 10 | use Symfony\Component\Config\FileLocator; |
| 12 | - |
|
| 13 | 11 | use PhpAbac\Model\PolicyRuleAttribute; |
| 14 | 12 | |
| 15 | 13 | class Abac { |
@@ -6,12 +6,12 @@ |
||
| 6 | 6 | |
| 7 | 7 | class YamlAbacLoader extends AbacLoader |
| 8 | 8 | { |
| 9 | - protected static $_EXTENSION_ALLOWED_A = ['yml','yaml']; |
|
| 9 | + protected static $_EXTENSION_ALLOWED_A = ['yml','yaml']; |
|
| 10 | 10 | |
| 11 | 11 | public function load($resource, $type = null) |
| 12 | 12 | { |
| 13 | - // $path_to_load = $this->locator->locate($resource); |
|
| 14 | - $path_to_load = $resource; |
|
| 13 | + // $path_to_load = $this->locator->locate($resource); |
|
| 14 | + $path_to_load = $resource; |
|
| 15 | 15 | |
| 16 | 16 | return Yaml::parse(file_get_contents($path_to_load)) + ['path' => $path_to_load]; |
| 17 | 17 | } |
@@ -6,7 +6,7 @@ |
||
| 6 | 6 | |
| 7 | 7 | class YamlAbacLoader extends AbacLoader |
| 8 | 8 | { |
| 9 | - protected static $_EXTENSION_ALLOWED_A = ['yml','yaml']; |
|
| 9 | + protected static $_EXTENSION_ALLOWED_A = ['yml', 'yaml']; |
|
| 10 | 10 | |
| 11 | 11 | public function load($resource, $type = null) |
| 12 | 12 | { |
@@ -7,14 +7,14 @@ |
||
| 7 | 7 | |
| 8 | 8 | class JsonAbacLoader extends AbacLoader |
| 9 | 9 | { |
| 10 | - protected static $_EXTENSION_ALLOWED_A = ['json']; |
|
| 10 | + protected static $_EXTENSION_ALLOWED_A = ['json']; |
|
| 11 | 11 | |
| 12 | 12 | public function load($resource, $type = null) |
| 13 | 13 | { |
| 14 | 14 | // $path_to_load = $this->locator->locate($resource); |
| 15 | - $path_to_load = $resource; |
|
| 15 | + $path_to_load = $resource; |
|
| 16 | 16 | |
| 17 | - return (new JsonDecode(true))->decode(file_get_contents($path_to_load),JsonEncoder::FORMAT,[ 'json_decode_associative' => true ] ) + ['path' => $path_to_load]; |
|
| 17 | + return (new JsonDecode(true))->decode(file_get_contents($path_to_load),JsonEncoder::FORMAT,[ 'json_decode_associative' => true ] ) + ['path' => $path_to_load]; |
|
| 18 | 18 | } |
| 19 | 19 | |
| 20 | 20 | public function supports($resource, $type = null) |
@@ -14,7 +14,7 @@ |
||
| 14 | 14 | // $path_to_load = $this->locator->locate($resource); |
| 15 | 15 | $path_to_load = $resource; |
| 16 | 16 | |
| 17 | - return (new JsonDecode(true))->decode(file_get_contents($path_to_load),JsonEncoder::FORMAT,[ 'json_decode_associative' => true ] ) + ['path' => $path_to_load]; |
|
| 17 | + return (new JsonDecode(true))->decode(file_get_contents($path_to_load), JsonEncoder::FORMAT, ['json_decode_associative' => true]) + ['path' => $path_to_load]; |
|
| 18 | 18 | } |
| 19 | 19 | |
| 20 | 20 | public function supports($resource, $type = null) |
@@ -70,7 +70,7 @@ |
||
| 70 | 70 | ->setComparison($attribute['comparison']) |
| 71 | 71 | ->setComparisonType($attribute['comparison_type']) |
| 72 | 72 | ->setValue((isset($attribute['value'])) ? $attribute['value'] : null) |
| 73 | - ->setGetterParams( isset( $attribute[ 'getter_params' ] ) ? $attribute[ 'getter_params' ] : [] ); |
|
| 73 | + ->setGetterParams( isset( $attribute[ 'getter_params' ] ) ? $attribute[ 'getter_params' ] : [] ); |
|
| 74 | 74 | $this->processRuleAttributeComparisonType($pra, $user, $resource); |
| 75 | 75 | // In the case the user configured more keys than the basic ones |
| 76 | 76 | // it will be stored as extra data |
@@ -32,7 +32,7 @@ discard block |
||
| 32 | 32 | public function getRule($ruleName, $user, $resource) |
| 33 | 33 | { |
| 34 | 34 | if (!isset($this->rules[$ruleName])) { |
| 35 | - throw new \InvalidArgumentException('The given rule "' . $ruleName . '" is not configured'); |
|
| 35 | + throw new \InvalidArgumentException('The given rule "'.$ruleName.'" is not configured'); |
|
| 36 | 36 | } |
| 37 | 37 | |
| 38 | 38 | // force to treat always arrays |
@@ -70,12 +70,12 @@ discard block |
||
| 70 | 70 | ->setComparison($attribute['comparison']) |
| 71 | 71 | ->setComparisonType($attribute['comparison_type']) |
| 72 | 72 | ->setValue((isset($attribute['value'])) ? $attribute['value'] : null) |
| 73 | - ->setGetterParams( isset( $attribute[ 'getter_params' ] ) ? $attribute[ 'getter_params' ] : [] ); |
|
| 73 | + ->setGetterParams(isset($attribute['getter_params']) ? $attribute['getter_params'] : []); |
|
| 74 | 74 | $this->processRuleAttributeComparisonType($pra, $user, $resource); |
| 75 | 75 | // In the case the user configured more keys than the basic ones |
| 76 | 76 | // it will be stored as extra data |
| 77 | 77 | foreach ($attribute as $key => $value) { |
| 78 | - if (!in_array($key, ['comparison', 'comparison_type', 'value','getter_params'])) { |
|
| 78 | + if (!in_array($key, ['comparison', 'comparison_type', 'value', 'getter_params'])) { |
|
| 79 | 79 | $pra->addExtraData($key, $value); |
| 80 | 80 | } |
| 81 | 81 | } |
@@ -19,23 +19,23 @@ discard block |
||
| 19 | 19 | |
| 20 | 20 | /** |
| 21 | 21 | * @param array $attributes |
| 22 | - * @param array $options A List of option to configure This Abac Instance |
|
| 23 | - * Options list : |
|
| 24 | - * 'getter_prefix' => Prefix to add before getter name (default)'get' |
|
| 25 | - * 'getter_name_transformation_function' => Function to apply on the getter name ( before adding prefix ) (default)'ucfirst' |
|
| 22 | + * @param array $options A List of option to configure This Abac Instance |
|
| 23 | + * Options list : |
|
| 24 | + * 'getter_prefix' => Prefix to add before getter name (default)'get' |
|
| 25 | + * 'getter_name_transformation_function' => Function to apply on the getter name ( before adding prefix ) (default)'ucfirst' |
|
| 26 | 26 | */ |
| 27 | 27 | public function __construct($attributes, $options = []) |
| 28 | 28 | { |
| 29 | 29 | $this->attributes = $attributes; |
| 30 | 30 | |
| 31 | - $options = array_intersect_key( $options, array_flip( [ |
|
| 32 | - 'getter_prefix', |
|
| 33 | - 'getter_name_transformation_function', |
|
| 34 | - ] ) ); |
|
| 31 | + $options = array_intersect_key( $options, array_flip( [ |
|
| 32 | + 'getter_prefix', |
|
| 33 | + 'getter_name_transformation_function', |
|
| 34 | + ] ) ); |
|
| 35 | 35 | |
| 36 | - foreach($options as $name => $value) { |
|
| 37 | - $this->$name = $value; |
|
| 38 | - } |
|
| 36 | + foreach($options as $name => $value) { |
|
| 37 | + $this->$name = $value; |
|
| 38 | + } |
|
| 39 | 39 | } |
| 40 | 40 | |
| 41 | 41 | /** |
@@ -117,18 +117,18 @@ discard block |
||
| 117 | 117 | foreach($propertyPath as $property) { |
| 118 | 118 | |
| 119 | 119 | |
| 120 | - $getter = $this->getter_prefix.call_user_func($this->getter_name_transformation_function,$property); |
|
| 120 | + $getter = $this->getter_prefix.call_user_func($this->getter_name_transformation_function,$property); |
|
| 121 | 121 | // Use is_callable, instead of method_exists, to deal with __call magic method |
| 122 | 122 | if(!is_callable([$propertyValue,$getter])) { |
| 123 | 123 | throw new \InvalidArgumentException('There is no getter for the "'.$attribute->getProperty().'" attribute for object "'.get_class($propertyValue).'" with getter "'.$getter.'"'); |
| 124 | 124 | } |
| 125 | - if ( ( $propertyValue = call_user_func_array( [ |
|
| 126 | - $propertyValue, |
|
| 127 | - $getter, |
|
| 128 | - ], isset( $getter_params[ $property ] ) ? $getter_params[ $property ] : [] ) ) === null |
|
| 129 | - ) { |
|
| 130 | - return null; |
|
| 131 | - } |
|
| 125 | + if ( ( $propertyValue = call_user_func_array( [ |
|
| 126 | + $propertyValue, |
|
| 127 | + $getter, |
|
| 128 | + ], isset( $getter_params[ $property ] ) ? $getter_params[ $property ] : [] ) ) === null |
|
| 129 | + ) { |
|
| 130 | + return null; |
|
| 131 | + } |
|
| 132 | 132 | } |
| 133 | 133 | return $propertyValue; |
| 134 | 134 | } |
@@ -28,12 +28,12 @@ discard block |
||
| 28 | 28 | { |
| 29 | 29 | $this->attributes = $attributes; |
| 30 | 30 | |
| 31 | - $options = array_intersect_key( $options, array_flip( [ |
|
| 31 | + $options = array_intersect_key($options, array_flip([ |
|
| 32 | 32 | 'getter_prefix', |
| 33 | 33 | 'getter_name_transformation_function', |
| 34 | - ] ) ); |
|
| 34 | + ])); |
|
| 35 | 35 | |
| 36 | - foreach($options as $name => $value) { |
|
| 36 | + foreach ($options as $name => $value) { |
|
| 37 | 37 | $this->$name = $value; |
| 38 | 38 | } |
| 39 | 39 | } |
@@ -95,7 +95,7 @@ discard block |
||
| 95 | 95 | */ |
| 96 | 96 | public function retrieveAttribute(AbstractAttribute $attribute, $user = null, $object = null, $getter_params = []) |
| 97 | 97 | { |
| 98 | - switch($attribute->getType()) { |
|
| 98 | + switch ($attribute->getType()) { |
|
| 99 | 99 | case 'user': |
| 100 | 100 | return $this->retrieveClassicAttribute($attribute, $user, $getter_params); |
| 101 | 101 | case 'resource': |
@@ -114,18 +114,18 @@ discard block |
||
| 114 | 114 | { |
| 115 | 115 | $propertyPath = explode('.', $attribute->getProperty()); |
| 116 | 116 | $propertyValue = $object; |
| 117 | - foreach($propertyPath as $property) { |
|
| 117 | + foreach ($propertyPath as $property) { |
|
| 118 | 118 | |
| 119 | 119 | |
| 120 | - $getter = $this->getter_prefix.call_user_func($this->getter_name_transformation_function,$property); |
|
| 120 | + $getter = $this->getter_prefix.call_user_func($this->getter_name_transformation_function, $property); |
|
| 121 | 121 | // Use is_callable, instead of method_exists, to deal with __call magic method |
| 122 | - if(!is_callable([$propertyValue,$getter])) { |
|
| 122 | + if (!is_callable([$propertyValue, $getter])) { |
|
| 123 | 123 | throw new \InvalidArgumentException('There is no getter for the "'.$attribute->getProperty().'" attribute for object "'.get_class($propertyValue).'" with getter "'.$getter.'"'); |
| 124 | 124 | } |
| 125 | - if ( ( $propertyValue = call_user_func_array( [ |
|
| 125 | + if (($propertyValue = call_user_func_array([ |
|
| 126 | 126 | $propertyValue, |
| 127 | 127 | $getter, |
| 128 | - ], isset( $getter_params[ $property ] ) ? $getter_params[ $property ] : [] ) ) === null |
|
| 128 | + ], isset($getter_params[$property]) ? $getter_params[$property] : [])) === null |
|
| 129 | 129 | ) { |
| 130 | 130 | return null; |
| 131 | 131 | } |
@@ -88,7 +88,6 @@ discard block |
||
| 88 | 88 | |
| 89 | 89 | /** |
| 90 | 90 | * @param AbstractAttribute $attribute |
| 91 | - * @param string $attributeType |
|
| 92 | 91 | * @param object $user |
| 93 | 92 | * @param object $object |
| 94 | 93 | * @return mixed |
@@ -136,7 +135,7 @@ discard block |
||
| 136 | 135 | /** |
| 137 | 136 | * |
| 138 | 137 | * @param \PhpAbac\Model\EnvironmentAttribute $attribute |
| 139 | - * @return mixed |
|
| 138 | + * @return string |
|
| 140 | 139 | */ |
| 141 | 140 | private function retrieveEnvironmentAttribute(EnvironmentAttribute $attribute) { |
| 142 | 141 | return getenv($attribute->getVariableName()); |
@@ -39,7 +39,7 @@ discard block |
||
| 39 | 39 | $item = $pool->getItem($key); |
| 40 | 40 | |
| 41 | 41 | // In this case, the pool returned a new CacheItem |
| 42 | - if($item->get() === null) { |
|
| 42 | + if ($item->get() === null) { |
|
| 43 | 43 | $item->expiresAfter($ttl); |
| 44 | 44 | } |
| 45 | 45 | return $item; |
@@ -51,8 +51,8 @@ discard block |
||
| 51 | 51 | * @return Psr\Cache\CacheItemPoolInterface |
| 52 | 52 | */ |
| 53 | 53 | public function getItemPool($driver) { |
| 54 | - if(!isset($this->pools[$driver])) { |
|
| 55 | - $poolClass = 'PhpAbac\\Cache\\Pool\\' . ucfirst($driver) . 'CacheItemPool'; |
|
| 54 | + if (!isset($this->pools[$driver])) { |
|
| 55 | + $poolClass = 'PhpAbac\\Cache\\Pool\\'.ucfirst($driver).'CacheItemPool'; |
|
| 56 | 56 | $this->pools[$driver] = new $poolClass($this->options); |
| 57 | 57 | } |
| 58 | 58 | return $this->pools[$driver]; |
@@ -35,7 +35,7 @@ discard block |
||
| 35 | 35 | $user1Vehicle = $abac->enforce('vehicle-homologation', $users[0], $vehicles[0], [ |
| 36 | 36 | 'dynamic_attributes' => ['proprietaire' => 1] |
| 37 | 37 | ]); |
| 38 | - if($user1Vehicle === true) { |
|
| 38 | + if ($user1Vehicle === true) { |
|
| 39 | 39 | echo("GRANTED : The vehicle 1 is able to be approved for the user 1\n"); |
| 40 | 40 | } else { |
| 41 | 41 | echo("FAIL : The system didn't grant access\n"); |
@@ -43,7 +43,7 @@ discard block |
||
| 43 | 43 | $user3Vehicle = $abac->enforce('vehicle-homologation', $users[2], $vehicles[1], [ |
| 44 | 44 | 'dynamic_attributes' => ['proprietaire' => 3] |
| 45 | 45 | ]); |
| 46 | - if(!$user3Vehicle !== true) { |
|
| 46 | + if (!$user3Vehicle !== true) { |
|
| 47 | 47 | echo("DENIED : The vehicle 2 is not approved for the user 3 because its last technical review is too old\n"); |
| 48 | 48 | } else { |
| 49 | 49 | echo("FAIL : The system didn't deny access\n"); |
@@ -51,7 +51,7 @@ discard block |
||
| 51 | 51 | $user4Vehicle = $abac->enforce('vehicle-homologation', $users[3], $vehicles[3], [ |
| 52 | 52 | 'dynamic_attributes' => ['proprietaire' => 4] |
| 53 | 53 | ]); |
| 54 | - if($user4Vehicle !== true) { |
|
| 54 | + if ($user4Vehicle !== true) { |
|
| 55 | 55 | echo("DENIED : The vehicle 4 is not able to be approved for the user 4 because he has no driving license\n"); |
| 56 | 56 | } else { |
| 57 | 57 | echo("FAIL : The system didn't deny access\n"); |
@@ -59,7 +59,7 @@ discard block |
||
| 59 | 59 | $user5Vehicle = $abac->enforce('vehicle-homologation', $users[3], $vehicles[3], [ |
| 60 | 60 | 'dynamic_attributes' => ['proprietaire' => 1] |
| 61 | 61 | ]); |
| 62 | - if($user5Vehicle !== true) { |
|
| 62 | + if ($user5Vehicle !== true) { |
|
| 63 | 63 | echo("DENIED : The vehicle 4 is not able to be approved for the user 2 because he doesn't own the vehicle\n"); |
| 64 | 64 | } else { |
| 65 | 65 | echo("FAIL : The system didn't deny access\n"); |
@@ -69,7 +69,7 @@ discard block |
||
| 69 | 69 | 'code-pays' => 'US' |
| 70 | 70 | ] |
| 71 | 71 | ]); |
| 72 | - if($userTravel1 !== true) { |
|
| 72 | + if ($userTravel1 !== true) { |
|
| 73 | 73 | echo("DENIED: The user 1 is not allowed to travel to the USA because he doesn't have an US visa\n"); |
| 74 | 74 | } else { |
| 75 | 75 | echo('FAIL: The system didn\'t deny access'); |
@@ -79,7 +79,7 @@ discard block |
||
| 79 | 79 | 'code-pays' => 'US' |
| 80 | 80 | ] |
| 81 | 81 | ]); |
| 82 | - if($userTravel2 === true) { |
|
| 82 | + if ($userTravel2 === true) { |
|
| 83 | 83 | echo("GRANTED: The user 2 is allowed to travel to the USA\n"); |
| 84 | 84 | } else { |
| 85 | 85 | echo('FAIL: The system didn\'t grant access'); |
