AclManager::allow() - Code Metrics - phpMv/ubiquity-acl - Measure and Improve Code Quality continuously with Scrutinizer

AclManager::allow() A
last analyzed 2023-01-04 00:34 UTC

↳ Parent: AclManager

Complexity

Conditions	1
Paths	1

Size

Total Lines	2
Code Lines	1

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	2
CRAP Score	1

Importance

Changes	1
Bugs	0	Features	1

Metric	Value
cc	1
eloc	1
nc	1
nop	3
dl	0
loc	2
ccs	2
cts	2
cp	1
crap	1
rs	10
c	1
b	0
f	1

<?php
namespace Ubiquity\security\acl;

use Ubiquity\cache\CacheManager;
use Ubiquity\cache\ClassUtils;
use Ubiquity\exceptions\AclException;
use Ubiquity\security\acl\cache\AclControllerParser;
use Ubiquity\security\acl\cache\PermissionsMap;
use Ubiquity\security\acl\models\AbstractAclPart;
use Ubiquity\security\acl\models\AclElement;
use Ubiquity\security\acl\models\AclList;
use Ubiquity\security\acl\models\Permission;
use Ubiquity\security\acl\models\Resource;
use Ubiquity\security\acl\models\Role;
use Ubiquity\security\acl\persistence\AclCacheProvider;
use Ubiquity\controllers\Router;
use Ubiquity\security\acl\persistence\AclDAOProvider;
use Ubiquity\security\acl\persistence\AclProviderInterface;
use Ubiquity\security\acl\traits\AclManagerInit;
use Ubiquity\security\acl\traits\AclManagerTester;

/**
 * Ubiquity\security\acl$AclManager
 * This class is part of Ubiquity
 *
 * @author jc
 * @version 1.0.2
 *
 */
class AclManager {

	use AclManagerInit,AclManagerTester;

	protected static ?AclList $aclList=null;

	protected static PermissionsMap $permissionMap;

	protected static array $providersPersistence;


	public static function addRole(string $name, ?array $parents = []): void {
		self::$aclList->addRole(new Role($name, $parents));
	}

	public static function addRoles(array $nameParents): void {
		foreach ($nameParents as $name => $parents) {
			self::$aclList->addRole(new Role($name, $parents));
		}
	}

	public static function addResource(string $name, ?string $value = null): void {
		self::$aclList->addResource(new Resource($name, $value));
	}

	public static function addResources(array $nameValue): void {
		foreach ($nameValue as $name => $value) {
			self::$aclList->addResource(new Resource($name, $value));
		}
	}

	public static function addPermission(string $name, int $level = 0): void {
		self::$aclList->addPermission(new Permission($name, $level));
	}

	public static function addPermissions(array $nameLevel): void {
		foreach ($nameLevel as $name => $level) {
			self::$aclList->addPermission(new Permission($name, $level));
		}
	}

	public static function setPermissionLevel(string $name, int $level): void {
		self::$aclList->setPermissionLevel($name, $level);
	}

	public static function getRoles(): array {
		return self::$aclList->getRoles();
	}

	public static function getResources(): array {
		return self::$aclList->getResources();
	}

	/**
	 *
	 * @return \Ubiquity\security\acl\models\AclList
	 */
	public static function getAclList(): ?AclList {
		return AclManager::$aclList;
	}

	public static function getPermissions():array {
		return self::$aclList->getPermissions();
	}

	public static function getAcls() {
		return self::$aclList->getAcls();
	}

	/**
	 * Allow role to access to resource with the permission.
	 *
	 * @param string $role
	 * @param ?string $resource
	 * @param ?string $permission
	 */
	public static function allow(string $role, ?string $resource = '*', ?string $permission = 'ALL'): void {
		self::$aclList->allow($role, $resource ?? '*', $permission ?? 'ALL');
	}

	/**
	 * Add role, resource and permission and allow this role to access to resource with the permission.
	 *
	 * @param string $role
	 * @param ?string $resource
	 * @param ?string $permission
	 */
	public static function addAndAllow(string $role, ?string $resource = '*', ?string $permission = 'ALL'): void {
		self::$aclList->addAndAllow($role, $resource ?? '*', $permission ?? 'ALL');
	}

	/**
	 * Check if access to resource is allowed for role with the permission.
	 *
	 * @param string $role
	 * @param ?string $resource
	 * @param ?string $permission
	 * @return bool
	 */
	public static function isAllowed(string $role, ?string $resource = '*', ?string $permission = 'ALL'): bool {
		return self::$aclList->isAllowed($role, $resource ?? '*', $permission ?? 'ALL');
	}

	public static function isAllowedRoute(string $role,string $routeName): bool {
		$routeInfo=Router::getRouteInfoByName($routeName);
		if (!isset ( $routeInfo ['controller'] )) {
			$routeInfo=\current($routeInfo);
		}
		$controller=$routeInfo['controller']??null;
		$action=$routeInfo['action']??null;
		if(isset($controller) && isset($action)){
			$resourceController = self::getPermissionMap ()->getRessourcePermission ( $controller, $action );
			if (isset ( $resourceController )) {
				try{
					if (self::isAllowed ( $role, $resourceController ['resource'], $resourceController ['permission'] )) {
						return true;
					}
				}
				catch(AclException $e){
					//Nothing to do
				}
			}
			return false;
		}
		return false;
	}

	/**
	 * Save all acls,roles, resources and permissions for AclProviders with no autoSave.
	 */
	public static function saveAll(): void {
		self::$aclList->saveAll();
	}

	/**
	 *
	 * @param string $role
	 */
	public static function removeRole(string $role): void {
		self::$aclList->removeRole($role);
	}

	/**
	 *
	 * @param string $permission
	 */
	public static function removePermission(string $permission): void {
		self::$aclList->removePermission($permission);
	}

	/**
	 *
	 * @param string $resource
	 */
	public static function removeResource(string $resource): void {
		self::$aclList->removeResource($resource);
	}

	/**
	 *
	 * @param string $role
	 * @param string $resource
	 * @param ?string $permission
	 */
	public static function removeAcl(string $role, string $resource, ?string $permission = null): void {
		self::$aclList->removeAcl($role, $resource, $permission);
	}

	/**
	 *
	 * @return \Ubiquity\security\acl\cache\PermissionsMap
	 */
	public static function getPermissionMap():PermissionsMap {
		if (! isset(self::$permissionMap)) {
			self::$permissionMap = new PermissionsMap();
			self::$permissionMap->load();
		}
		return self::$permissionMap;
	}

	/**
	 *
	 * @param string $controller
	 * @param string $action
	 * @param string $resource
	 * @param string $permission
	 */
	public static function associate(string $controller, string $action, string $resource, string $permission = 'ALL'):void {
		self::$aclList->getResourceByName($resource);
		self::$aclList->getPermissionByName($permission);
		self::$permissionMap->addAction($controller, $action, $resource, $permission);
	}
}


1		<?php
2		namespace Ubiquity\security\acl;
3
4		use Ubiquity\cache\CacheManager;
5		use Ubiquity\cache\ClassUtils;
6		use Ubiquity\exceptions\AclException;
7		use Ubiquity\security\acl\cache\AclControllerParser;
8		use Ubiquity\security\acl\cache\PermissionsMap;
9		use Ubiquity\security\acl\models\AbstractAclPart;
10		use Ubiquity\security\acl\models\AclElement;
11		use Ubiquity\security\acl\models\AclList;
12		use Ubiquity\security\acl\models\Permission;
13		use Ubiquity\security\acl\models\Resource;
14		use Ubiquity\security\acl\models\Role;
15		use Ubiquity\security\acl\persistence\AclCacheProvider;
16		use Ubiquity\controllers\Router;
17		use Ubiquity\security\acl\persistence\AclDAOProvider;
18		use Ubiquity\security\acl\persistence\AclProviderInterface;
19		use Ubiquity\security\acl\traits\AclManagerInit;
20		use Ubiquity\security\acl\traits\AclManagerTester;
21
22		/**
23		* Ubiquity\security\acl$AclManager
24		* This class is part of Ubiquity
25		*
26		* @author jc
27		* @version 1.0.2
28		*
29		*/
30		class AclManager {
31
32		use AclManagerInit,AclManagerTester;
33
34		protected static ?AclList $aclList=null;
35
36		protected static PermissionsMap $permissionMap;
37
38		protected static array $providersPersistence;
39
40
41	9	public static function addRole(string $name, ?array $parents = []): void {
42	9	self::$aclList->addRole(new Role($name, $parents));
43		}
44
45	1	public static function addRoles(array $nameParents): void {
46	1	foreach ($nameParents as $name => $parents) {
47	1	self::$aclList->addRole(new Role($name, $parents));
48		}
49		}
50
51	8	public static function addResource(string $name, ?string $value = null): void {
52	8	self::$aclList->addResource(new Resource($name, $value));
53		}
54
55	1	public static function addResources(array $nameValue): void {
56	1	foreach ($nameValue as $name => $value) {
57	1	self::$aclList->addResource(new Resource($name, $value));
58		}
59		}
60
61	10	public static function addPermission(string $name, int $level = 0): void {
62	10	self::$aclList->addPermission(new Permission($name, $level));
63		}
64
65	1	public static function addPermissions(array $nameLevel): void {
66	1	foreach ($nameLevel as $name => $level) {
67	1	self::$aclList->addPermission(new Permission($name, $level));
68		}
69		}
70
71	3	public static function setPermissionLevel(string $name, int $level): void {
72	3	self::$aclList->setPermissionLevel($name, $level);
73		}
74
75	8	public static function getRoles(): array {
76	8	return self::$aclList->getRoles();
77		}
78
79	7	public static function getResources(): array {
80	7	return self::$aclList->getResources();
81		}
82
83		/**
84		*
85		* @return \Ubiquity\security\acl\models\AclList
86		*/
87	3	public static function getAclList(): ?AclList {
88	3	return AclManager::$aclList;
89		}
90
91	11	public static function getPermissions():array {
92	11	return self::$aclList->getPermissions();
93		}
94
95	6	public static function getAcls() {
96	6	return self::$aclList->getAcls();
97		}
98
99		/**
100		* Allow role to access to resource with the permission.
101		*
102		* @param string $role
103		* @param ?string $resource
104		* @param ?string $permission
105		*/
106	10	public static function allow(string $role, ?string $resource = '*', ?string $permission = 'ALL'): void {
107	10	self::$aclList->allow($role, $resource ?? '*', $permission ?? 'ALL');
108		}
109
110		/**
111		* Add role, resource and permission and allow this role to access to resource with the permission.
112		*
113		* @param string $role
114		* @param ?string $resource
115		* @param ?string $permission
116		*/
117	3	public static function addAndAllow(string $role, ?string $resource = '*', ?string $permission = 'ALL'): void {
118	3	self::$aclList->addAndAllow($role, $resource ?? '*', $permission ?? 'ALL');
119		}
120
121		/**
122		* Check if access to resource is allowed for role with the permission.
123		*
124		* @param string $role
125		* @param ?string $resource
126		* @param ?string $permission
127		* @return bool
128		*/
129	20	public static function isAllowed(string $role, ?string $resource = '*', ?string $permission = 'ALL'): bool {
130	20	return self::$aclList->isAllowed($role, $resource ?? '*', $permission ?? 'ALL');
131		}
132
133		public static function isAllowedRoute(string $role,string $routeName): bool {
134		$routeInfo=Router::getRouteInfoByName($routeName);
135		if (!isset ( $routeInfo ['controller'] )) {
136		$routeInfo=\current($routeInfo);
137		}
138		$controller=$routeInfo['controller']??null;
139		$action=$routeInfo['action']??null;
140		if(isset($controller) && isset($action)){
141		$resourceController = self::getPermissionMap ()->getRessourcePermission ( $controller, $action );
142		if (isset ( $resourceController )) {
143		try{
144		if (self::isAllowed ( $role, $resourceController ['resource'], $resourceController ['permission'] )) {
145		return true;
146		}
147		}
148		catch(AclException $e){
149		//Nothing to do
150		}
151		}
152		return false;
153		}
154		return false;
155		}
156
157		/**
158		* Save all acls,roles, resources and permissions for AclProviders with no autoSave.
159		*/
160	4	public static function saveAll(): void {
161	4	self::$aclList->saveAll();
162		}
163
164		/**
165		*
166		* @param string $role
167		*/
168	2	public static function removeRole(string $role): void {
169	2	self::$aclList->removeRole($role);
170		}
171
172		/**
173		*
174		* @param string $permission
175		*/
176	2	public static function removePermission(string $permission): void {
177	2	self::$aclList->removePermission($permission);
178		}
179
180		/**
181		*
182		* @param string $resource
183		*/
184		public static function removeResource(string $resource): void {
185		self::$aclList->removeResource($resource);
186		}
187
188		/**
189		*
190		* @param string $role
191		* @param string $resource
192		* @param ?string $permission
193		*/
194	2	public static function removeAcl(string $role, string $resource, ?string $permission = null): void {
195	2	self::$aclList->removeAcl($role, $resource, $permission);
196		}
197
198		/**
199		*
200		* @return \Ubiquity\security\acl\cache\PermissionsMap
201		*/
202	1	public static function getPermissionMap():PermissionsMap {
203	1	if (! isset(self::$permissionMap)) {
204	1	self::$permissionMap = new PermissionsMap();
205	1	self::$permissionMap->load();
206		}
207	1	return self::$permissionMap;
208		}
209
210		/**
211		*
212		* @param string $controller
213		* @param string $action
214		* @param string $resource
215		* @param string $permission
216		*/
217	1	public static function associate(string $controller, string $action, string $resource, string $permission = 'ALL'):void {
218	1	self::$aclList->getResourceByName($resource);
219	1	self::$aclList->getPermissionByName($permission);
220	1	self::$permissionMap->addAction($controller, $action, $resource, $permission);
221		}
222		}
223

phpMv / ubiquity-acl

AclManager::allow() A last analyzed 2023-01-04 00:34 UTC

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like

AclManager::allow() A
last analyzed 2023-01-04 00:34 UTC