vendor/se7enxweb/legacy-bridge/mvc/Security/Voter/VoterDecorator.php line 16

Open in your IDE?
  1. <?php
  3. /**
  4. * @copyright Copyright (C) eZ Systems AS. All rights reserved.
  5. * @license For full copyright and license information view LICENSE file distributed with this source code.
  6. */
  7. namespace eZ\Publish\Core\MVC\Legacy\Security\Voter;
  9. use Closure;
  10. use eZ\Publish\API\Repository\Exceptions\InvalidArgumentException;
  11. use eZUser;
  12. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  13. use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
  14. use eZ\Publish\Core\MVC\Symfony\Security\Authorization\Attribute as AuthorizationAttribute;
  16. class VoterDecorator implements VoterInterface
  17. {
  18. private $innerVoter;
  20. private $legacyKernelClosure;
  22. public function __construct(
  23. VoterInterface $innerVoter,
  24. Closure $legacyKernelClosure
  25. ) {
  26. $this->innerVoter = $innerVoter;
  27. $this->legacyKernelClosure = $legacyKernelClosure;
  28. }
  30. public function supportsAttribute($attribute)
  31. {
  32. return $attribute instanceof AuthorizationAttribute;
  33. }
  35. public function supportsClass($class)
  36. {
  37. return true;
  38. }
  40. /**
  41. * Decorates the built in eZ kernel voters to allow eZ Publish legacy
  42. * to vote on modules/functions available only in legacy kernel.
  43. *
  44. * @param \Symfony\Component\Security\Core\Authentication\Token\TokenInterface $token
  45. * @param mixed $object
  46. * @param array $attributes
  47. *
  48. * @return int
  49. */
  50. public function vote(TokenInterface $token, $object, array $attributes)
  51. {
  52. try {
  53. return $this->innerVoter->vote($token, $object, $attributes);
  54. } catch (InvalidArgumentException $e) {
  55. $legacyResult = $this->voteLegacy($token, $object, $attributes);
  56. if ($legacyResult === static::ACCESS_ABSTAIN) {
  57. throw $e;
  58. }
  60. return $legacyResult;
  61. }
  62. }
  64. private function voteLegacy(TokenInterface $token, $object, array $attributes)
  65. {
  66. $legacyKernel = \call_user_func($this->legacyKernelClosure);
  67. foreach ($attributes as $attribute) {
  68. if (!$this->supportsAttribute($attribute)) {
  69. continue;
  70. }
  72. $result = $legacyKernel->runCallback(
  73. static function () use ($attribute) {
  74. $currentUser = eZUser::currentUser();
  76. return $currentUser->hasAccessTo($attribute->module, $attribute->function);
  77. },
  78. false
  79. );
  81. if ($result['accessWord'] === 'no') {
  82. return static::ACCESS_DENIED;
  83. }
  85. return static::ACCESS_GRANTED;
  86. }
  88. return static::ACCESS_ABSTAIN;
  89. }
  90. }