-
Notifications
You must be signed in to change notification settings - Fork 6
Expand file tree
/
Copy pathIsGrantedEval.php
More file actions
55 lines (45 loc) · 1.57 KB
/
IsGrantedEval.php
File metadata and controls
55 lines (45 loc) · 1.57 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
<?php
namespace LinkORB\Bundle\WikiBundle\AccessControl;
use Symfony\Bundle\SecurityBundle\Security;
use Symfony\Component\ExpressionLanguage\ExpressionLanguage;
readonly class IsGrantedEval implements EvalInterface
{
private ExpressionLanguage $expressionLanguage;
public function __construct(private Security $security)
{
$this->expressionLanguage = new ExpressionLanguage();
$this->setupExpressionLanguage();
}
private function setupExpressionLanguage(): void
{
$this->expressionLanguage->register(
'is_granted',
fn() => null, // ignore compilation related function
fn (array $arguments, string $attribute, string|null $subject) : bool
=> $this->security->isGranted($attribute, $subject)
);
}
public function lint(string $expression): void
{
$this->expressionLanguage->lint($expression, []);
}
public function eval(string $expression): bool
{
$result = $this->expressionLanguage->evaluate($expression);
if (!is_bool($result)) {
throw new \InvalidArgumentException(sprintf(
"Wiki ACL expression should evaluate to a boolean value. Expression '%s' returned type %s",
$expression,
gettype($result)
));
}
return $result;
}
public function getExamplesHtml(): string
{
return '
<pre>is_granted("manage", "users")</pre>
<pre>is_granted("ROLE_ADMIN") or is_granted("manage", "platform")</pre>
';
}
}