Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
Total | |
65.00% |
26 / 40 |
|
28.57% |
2 / 7 |
CRAP | |
0.00% |
0 / 1 |
PermissionDeniedManager | |
65.00% |
26 / 40 |
|
28.57% |
2 / 7 |
24.65 | |
0.00% |
0 / 1 |
__construct | |
42.86% |
3 / 7 |
|
0.00% |
0 / 1 |
4.68 | |||
setDefaultDeniedControllerBehavior | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
setDefaultDeniedTemplateBehavior | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getDeniedControllerBehavior | |
100.00% |
7 / 7 |
|
100.00% |
1 / 1 |
2 | |||
getDeniedTemplateBehavior | |
0.00% |
0 / 7 |
|
0.00% |
0 / 1 |
6 | |||
getDeniedBehavior | |
100.00% |
2 / 2 |
|
100.00% |
1 / 1 |
2 | |||
processConfigString | |
93.33% |
14 / 15 |
|
0.00% |
0 / 1 |
4.00 |
1 | <?php |
2 | |
3 | /** |
4 | * Permission Manager |
5 | * |
6 | * PHP version 8 |
7 | * |
8 | * Copyright (C) Villanova University 2010. |
9 | * |
10 | * This program is free software; you can redistribute it and/or modify |
11 | * it under the terms of the GNU General Public License version 2, |
12 | * as published by the Free Software Foundation. |
13 | * |
14 | * This program is distributed in the hope that it will be useful, |
15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
17 | * GNU General Public License for more details. |
18 | * |
19 | * You should have received a copy of the GNU General Public License |
20 | * along with this program; if not, write to the Free Software |
21 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA |
22 | * |
23 | * @category VuFind |
24 | * @package Authorization |
25 | * @author Demian Katz <demian.katz@villanova.edu> |
26 | * @author Oliver Goldschmidt <o.goldschmidt@tuhh.de> |
27 | * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License |
28 | * @link http://vufind.org/wiki/ Wiki |
29 | */ |
30 | |
31 | namespace VuFind\Role; |
32 | |
33 | use function count; |
34 | |
35 | /** |
36 | * Permission Manager |
37 | * |
38 | * @category VuFind |
39 | * @package Authorization |
40 | * @author Demian Katz <demian.katz@villanova.edu> |
41 | * @author Oliver Goldschmidt <o.goldschmidt@tuhh.de> |
42 | * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License |
43 | * @link http://vufind.org/wiki/ Wiki |
44 | */ |
45 | class PermissionDeniedManager |
46 | { |
47 | /** |
48 | * List config |
49 | * |
50 | * @var array |
51 | */ |
52 | protected $config; |
53 | |
54 | /** |
55 | * Default behavior for denied permissions at the controller level. |
56 | * |
57 | * @var string|bool |
58 | */ |
59 | protected $defaultDeniedControllerBehavior = 'promptLogin'; |
60 | |
61 | /** |
62 | * Default behavior for denied permissions at the template level. |
63 | * (False means "do nothing"). |
64 | * |
65 | * @var string|bool |
66 | */ |
67 | protected $defaultDeniedTemplateBehavior = false; |
68 | |
69 | /** |
70 | * Constructor |
71 | * |
72 | * @param array $config configuration |
73 | */ |
74 | public function __construct($config) |
75 | { |
76 | $this->config = $config; |
77 | // if the config contains a defaultDeniedControllerBehavior setting, apply it |
78 | if (isset($config['global']['defaultDeniedControllerBehavior'])) { |
79 | $this->defaultDeniedControllerBehavior |
80 | = $config['global']['defaultDeniedControllerBehavior']; |
81 | } |
82 | // if the config contains a defaultDeniedTemplateBehavior setting, apply it |
83 | if (isset($config['global']['defaultDeniedTemplateBehavior'])) { |
84 | $this->defaultDeniedTemplateBehavior |
85 | = $config['global']['defaultDeniedTemplateBehavior']; |
86 | } |
87 | } |
88 | |
89 | /** |
90 | * Set the default behavior for a denied controller permission |
91 | * |
92 | * @param string|bool $value Default behavior for a denied controller permission |
93 | * |
94 | * @return void |
95 | */ |
96 | public function setDefaultDeniedControllerBehavior($value) |
97 | { |
98 | $this->defaultDeniedControllerBehavior = $value; |
99 | } |
100 | |
101 | /** |
102 | * Set the default behavior for a denied template permission |
103 | * |
104 | * @param string|bool $value Default behavior for a denied template permission |
105 | * |
106 | * @return void |
107 | */ |
108 | public function setDefaultDeniedTemplateBehavior($value) |
109 | { |
110 | $this->defaultDeniedTemplateBehavior = $value; |
111 | } |
112 | |
113 | /** |
114 | * Get behavior to apply when a controller denies a permission. |
115 | * |
116 | * @param string $permission Permission that has been denied |
117 | * @param string $defaultBehavior Default behavior to use if none configured |
118 | * (null to use default configured in this class, false to take no action). |
119 | * |
120 | * @return array|bool Associative array of behavior for the given |
121 | * permission (containing the keys 'action', 'value', 'params' and |
122 | * 'exceptionMessage' for exceptions) or false if no action needed. |
123 | */ |
124 | public function getDeniedControllerBehavior($permission, $defaultBehavior = null) |
125 | { |
126 | if ($defaultBehavior === null) { |
127 | $defaultBehavior = $this->defaultDeniedControllerBehavior; |
128 | } |
129 | return $this->getDeniedBehavior( |
130 | $permission, |
131 | 'deniedControllerBehavior', |
132 | $defaultBehavior |
133 | ); |
134 | } |
135 | |
136 | /** |
137 | * Get behavior to apply when a template denies a permission. |
138 | * |
139 | * @param string $permission Permission that has been denied |
140 | * @param string $defaultBehavior Default action to use if none configured |
141 | * (null to use default configured in this class, false to take no action). |
142 | * |
143 | * @return array|bool |
144 | */ |
145 | public function getDeniedTemplateBehavior($permission, $defaultBehavior = null) |
146 | { |
147 | if ($defaultBehavior === null) { |
148 | $defaultBehavior = $this->defaultDeniedTemplateBehavior; |
149 | } |
150 | return $this->getDeniedBehavior( |
151 | $permission, |
152 | 'deniedTemplateBehavior', |
153 | $defaultBehavior |
154 | ); |
155 | } |
156 | |
157 | /** |
158 | * Get permission denied logic |
159 | * |
160 | * @param string $permission Permission that has been denied |
161 | * @param string $mode Mode of the operation. Should be either |
162 | * deniedControllerBehavior or deniedTemplateBehavior |
163 | * @param string $defaultBehavior Default action to use if none configured |
164 | * |
165 | * @return array|bool |
166 | */ |
167 | protected function getDeniedBehavior($permission, $mode, $defaultBehavior) |
168 | { |
169 | $config = $this->config[$permission][$mode] ?? $defaultBehavior; |
170 | |
171 | return empty($config) ? false : $this->processConfigString($config); |
172 | } |
173 | |
174 | /** |
175 | * Translate a configuration string into an array. |
176 | * |
177 | * @param string $config Configuration string to process |
178 | * |
179 | * @return array |
180 | */ |
181 | protected function processConfigString($config) |
182 | { |
183 | // Split config string: |
184 | $parts = explode(':', $config); |
185 | |
186 | // Load standard values: |
187 | $output = [ |
188 | 'action' => array_shift($parts), |
189 | 'value' => array_shift($parts), |
190 | ]; |
191 | |
192 | // Special case -- extra parameters for exceptions: |
193 | if (strtolower($output['action']) === 'exception') { |
194 | $output['exceptionMessage'] = array_shift($parts); |
195 | } |
196 | |
197 | // Now process any remaining keypairs: |
198 | $params = []; |
199 | while ($param = array_shift($parts)) { |
200 | $paramParts = explode('=', $param, 2); |
201 | if (count($paramParts) == 2) { |
202 | $params[$paramParts[0]] = $paramParts[1]; |
203 | } else { |
204 | $params[] = $paramParts[0]; |
205 | } |
206 | } |
207 | $output['params'] = $params; |
208 | return $output; |
209 | } |
210 | } |