Skip to content

Commit

Permalink
Add function to check access without exception message, return only t…
Browse files Browse the repository at this point in the history 
…rue/false.
  • Loading branch information
@tim96
tim96 committed May 2, 2016
1 parent 5009ab9 commit a81dae9
Show file tree
Hide file tree
Showing 3 changed files with 136 additions and 2 deletions.
45 changes: 43 additions & 2 deletions Admin/Admin.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2921,9 +2921,11 @@ public function getAccessMapping()
}

/**
* {@inheritdoc}
* Return list routes with permissions name.
*
* @return array
*/
public function checkAccess($action, $object = null)
protected function getAccess()
{
$access = array_merge(array(
'acl' => 'MASTER',
Expand All @@ -2946,6 +2948,16 @@ public function checkAccess($action, $object = null)
}
}

return $access;
}

/**
* {@inheritdoc}
*/
public function checkAccess($action, $object = null)
{
$access = $this->getAccess();

if (!array_key_exists($action, $access)) {
throw new \InvalidArgumentException(sprintf('Action "%s" could not be found in access mapping. Please make sure your action is defined into your admin class accessMapping property.', $action));
}
Expand All @@ -2961,6 +2973,35 @@ public function checkAccess($action, $object = null)
}
}

/**
* Hook to handle access authorization, without throw Exception.
*
* @param string $action
* @param object $object
*
* @return bool
*/
public function hasAccess($action, $object = null)
{
$access = $this->getAccess();

if (!array_key_exists($action, $access)) {
return false;
}

if (!is_array($access[$action])) {
$access[$action] = array($access[$action]);
}

foreach ($access[$action] as $role) {
if (false === $this->isGranted($role, $object)) {
return false;
}
}

return true;
}

/**
* {@inheritdoc}
*/
Expand Down
11 changes: 11 additions & 0 deletions Admin/AdminInterface.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1022,4 +1022,15 @@ public function checkAccess($action, $object = null);
*
*/
// public function configureActionButtons($action, $object = null);

// TODO: uncomment this method for next major release
// /**
// * Hook to handle access authorization, without throw Exception
// *
// * @param string $action
// * @param object $object
// *
// * @return bool
// */
// public function hasAccess($action, $object = null);
}
82 changes: 82 additions & 0 deletions Tests/Admin/AdminTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -133,6 +133,88 @@ public function testCheckAccessThrowsAccessDeniedException()
$admin->checkAccess('custom_action');
}

public function testHasAccessOnMadeUpAction()
{
$admin = new PostAdmin(
'sonata.post.admin.post',
'Application\Sonata\NewsBundle\Entity\Post',
'SonataNewsBundle:PostAdmin'
);

$this->assertFalse($admin->hasAccess('made-up'));
}

public function testHasAccess()
{
$admin = new PostAdmin(
'sonata.post.admin.post',
'Application\Sonata\NewsBundle\Entity\Post',
'SonataNewsBundle:PostAdmin'
);
$securityHandler = $this->prophesize(
'Sonata\AdminBundle\Security\Handler\SecurityHandlerInterface'
);
$securityHandler->isGranted($admin, 'CUSTOM_ROLE', $admin)->willReturn(true);
$securityHandler->isGranted($admin, 'EXTRA_CUSTOM_ROLE', $admin)->willReturn(false);
$customExtension = $this->prophesize(
'Sonata\AdminBundle\Admin\AdminExtension'
);
$customExtension->getAccessMapping($admin)->willReturn(
array('custom_action' => array('CUSTOM_ROLE', 'EXTRA_CUSTOM_ROLE'))
);
$admin->addExtension($customExtension->reveal());
$admin->setSecurityHandler($securityHandler->reveal());

$this->assertFalse($admin->hasAccess('custom_action'));
}

public function testHasAccessAllowsAccess()
{
$admin = new PostAdmin(
'sonata.post.admin.post',
'Application\Sonata\NewsBundle\Entity\Post',
'SonataNewsBundle:PostAdmin'
);
$securityHandler = $this->prophesize(
'Sonata\AdminBundle\Security\Handler\SecurityHandlerInterface'
);
$securityHandler->isGranted($admin, 'CUSTOM_ROLE', $admin)->willReturn(true);
$securityHandler->isGranted($admin, 'EXTRA_CUSTOM_ROLE', $admin)->willReturn(true);
$customExtension = $this->prophesize(
'Sonata\AdminBundle\Admin\AdminExtension'
);
$customExtension->getAccessMapping($admin)->willReturn(
array('custom_action' => array('CUSTOM_ROLE', 'EXTRA_CUSTOM_ROLE'))
);
$admin->addExtension($customExtension->reveal());
$admin->setSecurityHandler($securityHandler->reveal());

$this->assertTrue($admin->hasAccess('custom_action'));
}

public function testHasAccessAllowsAccessEditAction()
{
$admin = new PostAdmin(
'sonata.post.admin.post',
'Application\Sonata\NewsBundle\Entity\Post',
'SonataNewsBundle:PostAdmin'
);
$securityHandler = $this->prophesize(
'Sonata\AdminBundle\Security\Handler\SecurityHandlerInterface'
);
$securityHandler->isGranted($admin, 'EDIT_ROLE', $admin)->willReturn(true);
$customExtension = $this->prophesize(
'Sonata\AdminBundle\Admin\AdminExtension'
);
$customExtension->getAccessMapping($admin)->willReturn(
array('edit_action' => array('EDIT_ROLE'))
);
$admin->addExtension($customExtension->reveal());
$admin->setSecurityHandler($securityHandler->reveal());

$this->assertTrue($admin->hasAccess('edit_action'));
}

public function testGetBreadCrumbs()
{
$class = 'Application\Sonata\NewsBundle\Entity\Post';
Expand Down

0 comments on commit a81dae9

Please sign in to comment.