本文整理汇总了PHP中Action::getAsArray方法的典型用法代码示例。如果您正苦于以下问题:PHP Action::getAsArray方法的具体用法?PHP Action::getAsArray怎么用?PHP Action::getAsArray使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类Action的用法示例。
在下文中一共展示了Action::getAsArray方法的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: authorizeAction
/**
* Get an array of Role names granted to the user that permit the requested
* action on the given NGI. If the user has no roles that
* permit the requested action, then return an empty array.
* <p>
* Supported actions: EDIT_OBJECT, NGI_ADD_SITE,
* GRANT_ROLE, REJECT_ROLE, REVOKE_ROLE
*
* @see \Action
* @param string $action suppored action
* @param \NGI $ngi
* @param \User $user
* @return array of RoleName values
* @throws \LogicException
*/
public function authorizeAction($action, \NGI $ngi, \User $user = null)
{
if (is_null($user)) {
return array();
// return empty array
}
if (!in_array($action, \Action::getAsArray())) {
throw new \LogicException('Coding Error - Invalid action not known');
}
$roleService = new Role();
// to inject
$roleService->setEntityManager($this->em);
if ($action == \Action::EDIT_OBJECT) {
// D and D' can edit an NGI
$usersActualRoleNames = $roleService->getUserRoleNamesOverEntity($ngi, $user);
$requiredRoles = array(\RoleTypeName::REG_FIRST_LINE_SUPPORT, \RoleTypeName::REG_STAFF_ROD, \RoleTypeName::NGI_SEC_OFFICER, \RoleTypeName::NGI_OPS_DEP_MAN, \RoleTypeName::NGI_OPS_MAN);
$enablingRoles = array_intersect($requiredRoles, array_unique($usersActualRoleNames));
} else {
if ($action == \Action::NGI_ADD_SITE) {
// Only D' can add a site to an owned group/ngi
$usersActualRoleNames = $roleService->getUserRoleNamesOverEntity($ngi, $user);
$requiredRoles = array(\RoleTypeName::NGI_SEC_OFFICER, \RoleTypeName::NGI_OPS_DEP_MAN, \RoleTypeName::NGI_OPS_MAN);
$enablingRoles = array_intersect($requiredRoles, array_unique($usersActualRoleNames));
} else {
if ($action == \Action::GRANT_ROLE || $action == \Action::REJECT_ROLE || $action == \Action::REVOKE_ROLE) {
// NGI (D') roles can manage roles on an owned group/ngi
$requiredNgiRoles = array(\RoleTypeName::NGI_SEC_OFFICER, \RoleTypeName::NGI_OPS_DEP_MAN, \RoleTypeName::NGI_OPS_MAN);
$usersActualRoleNames = $roleService->getUserRoleNamesOverEntity($ngi, $user);
// Project (E) level roles required to approve-reject/revoke role
// requests over the owned NGI (to bootstrap)
$requiredProjectRoles = array(\RoleTypeName::COD_STAFF, \RoleTypeName::COD_ADMIN, \RoleTypeName::EGI_CSIRT_OFFICER, \RoleTypeName::COO);
// Get all user's project level roles for all the projects that group the site's ngi
if (count($ngi->getProjects()) > 0) {
foreach ($ngi->getProjects() as $parentProject) {
$usersActualRoleNames = array_merge($usersActualRoleNames, $roleService->getUserRoleNamesOverEntity($parentProject, $user));
}
}
// rather than below that queries for all user roles and extracts ANY project role:
/*$allUserRoles = $roleService->getUserRoles($user, \RoleStatus::GRANTED);
foreach ($allUserRoles as $role) {
if (in_array($role->getRoleType()->getName(), $requiredProjectRoles)) {
$usersActualRoleNames[] = $role->getRoleType()->getName();
}
}*/
$enablingRoles = array_intersect(array_merge($requiredNgiRoles, $requiredProjectRoles), array_unique($usersActualRoleNames));
} else {
throw new \LogicException('Unsupported Action');
}
}
}
// finally add the gocdb admin role
if ($user->isAdmin()) {
$enablingRoles[] = \RoleTypeName::GOCDB_ADMIN;
}
return array_unique($enablingRoles);
}示例2: authorizeAction
/**
* Get an array of Role names granted to the user that permit the requested
* action on the given Service. If the user has no roles that
* permit the requested action, then return an empty array.
* <p>
* Supported actions: EDIT_OBJECT
* @see \Action
*
* @param string $action @see \Action
* @param \Service $se
* @param \User $user
* @return array of RoleName string values that grant the requested action
* @throws \LogicException if action is not supported or is unknown
*/
public function authorizeAction($action, \Service $se, \User $user = null)
{
if (!in_array($action, \Action::getAsArray())) {
throw new \LogicException('Coding Error - Invalid action not known');
}
if (is_null($user)) {
return array();
}
if (is_null($user->getId())) {
return array();
}
if ($action == \Action::EDIT_OBJECT) {
$usersActualRoleNames = array();
$site = $se->getParentSite();
if (is_null($site)) {
//TODO: Service Group authentication - see if the current user holds a role over the creating service group
}
$roleService = new \org\gocdb\services\Role();
// to inject
$roleService->setEntityManager($this->em);
if ($site != null) {
$usersActualRoleNames = array_merge($usersActualRoleNames, $roleService->getUserRoleNamesOverEntity($site, $user));
}
$ngi = $site->getNgi();
if ($ngi != null) {
$usersActualRoleNames = array_merge($usersActualRoleNames, $roleService->getUserRoleNamesOverEntity($ngi, $user));
}
$requiredRoles = array(\RoleTypeName::SITE_ADMIN, \RoleTypeName::SITE_SECOFFICER, \RoleTypeName::SITE_OPS_DEP_MAN, \RoleTypeName::SITE_OPS_MAN, \RoleTypeName::REG_FIRST_LINE_SUPPORT, \RoleTypeName::REG_STAFF_ROD, \RoleTypeName::NGI_SEC_OFFICER, \RoleTypeName::NGI_OPS_DEP_MAN, \RoleTypeName::NGI_OPS_MAN);
$enablingRoles = array_intersect($requiredRoles, array_unique($usersActualRoleNames));
} else {
throw new \LogicException('Unsupported Action');
}
if ($user->isAdmin()) {
$enablingRoles[] = \RoleTypeName::GOCDB_ADMIN;
}
return array_unique($enablingRoles);
}示例3: authorizeAction
/**
* Get an array of Role names granted to the user that permit the requested
* action on the given ServiceGroup. If the user has no roles that
* permit the requested action, then return an empty array.
* <p>
* Suppored actions: EDIT_OBJECT
* GRANT_ROLE, REJECT_ROLE, REVOKE_ROLE
*
* @param string $action @see \Action
* @param \ServiceGroup $sg
* @param \User $user
* @return array of RoleName string values that grant the requested action
* @throws \LogicException if action is not supported or is unknown
*/
public function authorizeAction($action, \ServiceGroup $sg, \User $user = null)
{
if (!in_array($action, \Action::getAsArray())) {
throw new \LogicException('Coding Error - Invalid action not known');
}
if (is_null($user)) {
return array();
}
if (is_null($user->getId())) {
return array();
}
$roleService = new \org\gocdb\services\Role();
// to inject
$roleService->setEntityManager($this->em);
if ($action == \Action::EDIT_OBJECT) {
$requiredRoles = array(\RoleTypeName::SERVICEGROUP_ADMIN);
$usersActualRoleNames = $roleService->getUserRoleNamesOverEntity($sg, $user);
$enablingRoles = array_intersect($requiredRoles, array_unique($usersActualRoleNames));
} else {
if ($action == \Action::GRANT_ROLE || $action == \Action::REJECT_ROLE || $action == \Action::REVOKE_ROLE) {
$requiredRoles = array(\RoleTypeName::SERVICEGROUP_ADMIN);
$usersActualRoleNames = $roleService->getUserRoleNamesOverEntity($sg, $user);
$enablingRoles = array_intersect($requiredRoles, array_unique($usersActualRoleNames));
} else {
throw new \LogicException('Unsupported Action');
}
}
if ($user->isAdmin()) {
$enablingRoles[] = \RoleTypeName::GOCDB_ADMIN;
}
return array_unique($enablingRoles);
}示例4: authorizeAction
/**
* Get an array of Role names granted to the user that permit the requested
* action on the given Project. If the user has no roles that
* permit the requested action, then return an empty array.
*
* Suppored actions: EDIT_OBJECT, GRANT_ROLE, REJECT_ROLE, REVOKE_ROLE
*
* @param string $action @see \Action
* @param \ServiceGroup $sg
* @param \User $user
* @return array of RoleName string values that grant the requested action
* @throws \LogicException if action is not supported or is unknown
*/
public function authorizeAction($action, \Project $project, \User $user = null)
{
require_once __DIR__ . '/Role.php';
if (!in_array($action, \Action::getAsArray())) {
throw new \LogicException('Coding Error - Invalid action not known');
}
if (is_null($user)) {
return array();
}
if (is_null($user->getId())) {
return array();
}
$roleService = new \org\gocdb\services\Role();
// to inject
$roleService->setEntityManager($this->em);
if ($action == \Action::EDIT_OBJECT) {
// Only Project (E) level roles can edit project
$requiredRoles = array(\RoleTypeName::COD_ADMIN, \RoleTypeName::COD_STAFF, \RoleTypeName::EGI_CSIRT_OFFICER, \RoleTypeName::COO);
$usersActualRoleNames = $roleService->getUserRoleNamesOverEntity($project, $user);
$enablingRoles = array_intersect($requiredRoles, array_unique($usersActualRoleNames));
} else {
if ($action == \Action::GRANT_ROLE || $action == \Action::REJECT_ROLE || $action == \Action::REVOKE_ROLE) {
$requiredRoles = array(\RoleTypeName::COD_ADMIN, \RoleTypeName::COD_STAFF, \RoleTypeName::EGI_CSIRT_OFFICER, \RoleTypeName::COO);
$usersActualRoleNames = $roleService->getUserRoleNamesOverEntity($project, $user);
$enablingRoles = array_intersect($requiredRoles, array_unique($usersActualRoleNames));
} else {
throw new \LogicException('Unsupported Action');
}
}
if ($user->isAdmin()) {
$enablingRoles[] = \RoleTypeName::GOCDB_ADMIN;
}
return array_unique($enablingRoles);
}示例5: authorizeAction
/**
* Get an array of Role names granted to the user that permit the requested
* action on the given Site. If the user has no roles that
* permit the requested action, then return an empty array.
* <p>
* Suppored actions: EDIT_OBJECT, SITE_EDIT_CERT_STATUS,
* SITE_ADD_SERVICE, SITE_DELETE_SERVICE,
* GRANT_ROLE, REJECT_ROLE, REVOKE_ROLE
*
* @param string $action @see \Action
* @param \Site $site
* @param \User $user
* @return array of RoleName strings that grant the requested action
* @throws \LogicException if action is not supported or is unknown
*/
public function authorizeAction($action, \Site $site, \User $user = null)
{
if (is_null($user)) {
return array();
// empty array if null user
}
if (!in_array($action, \Action::getAsArray())) {
throw new \LogicException('Coding Error - Invalid action');
}
$roleService = new \org\gocdb\services\Role();
// to inject
$roleService->setEntityManager($this->em);
if ($action == \Action::EDIT_OBJECT || $action == \Action::SITE_ADD_SERVICE || $action == \Action::SITE_DELETE_SERVICE) {
// Site leve roles and parent NGI level roles can edit the site
$requiredRoles = array(\RoleTypeName::SITE_ADMIN, \RoleTypeName::SITE_SECOFFICER, \RoleTypeName::SITE_OPS_DEP_MAN, \RoleTypeName::SITE_OPS_MAN, \RoleTypeName::REG_FIRST_LINE_SUPPORT, \RoleTypeName::REG_STAFF_ROD, \RoleTypeName::NGI_SEC_OFFICER, \RoleTypeName::NGI_OPS_DEP_MAN, \RoleTypeName::NGI_OPS_MAN);
// get the user's actual roles
$usersActualRoleNames = $roleService->getUserRoleNamesOverEntity($site, $user);
if ($site->getNgi() != null) {
// A Site should always have a parent NGI, but this is not enforced
// by the DB constraints as this may? be needed in future - also
// unit tests use orphan sites. Thus this method is defensive.
$usersActualRoleNames = array_merge($usersActualRoleNames, $roleService->getUserRoleNamesOverEntity($site->getNgi(), $user));
}
// return intersection between between required roles and user's actual roles
$enablingRoles = array_intersect($requiredRoles, array_unique($usersActualRoleNames));
} else {
if ($action == \Action::GRANT_ROLE || $action == \Action::REJECT_ROLE || $action == \Action::REVOKE_ROLE) {
// Site managers and NGI managers can manage roles
$requiredRoles = array(\RoleTypeName::SITE_SECOFFICER, \RoleTypeName::SITE_OPS_DEP_MAN, \RoleTypeName::SITE_OPS_MAN, \RoleTypeName::NGI_SEC_OFFICER, \RoleTypeName::NGI_OPS_DEP_MAN, \RoleTypeName::NGI_OPS_MAN);
// get the user's actual roles
$usersActualRoleNames = $roleService->getUserRoleNamesOverEntity($site, $user);
if ($site->getNgi() != null) {
// A Site should always have a parent NGI, but this is not enforced
// by the DB constraints as this may? be needed in future - also
// unit tests use orphan sites. Thus this method is defensive.
$usersActualRoleNames = array_merge($usersActualRoleNames, $roleService->getUserRoleNamesOverEntity($site->getNgi(), $user));
}
// return intersection between between required roles and user's actual roles
$enablingRoles = array_intersect($requiredRoles, $usersActualRoleNames);
} else {
if ($action == \Action::SITE_EDIT_CERT_STATUS) {
// only NGI manager and Project level roles can edit cert status
$requiredRoles = array(\RoleTypeName::NGI_SEC_OFFICER, \RoleTypeName::NGI_OPS_DEP_MAN, \RoleTypeName::NGI_OPS_MAN, \RoleTypeName::COD_STAFF, \RoleTypeName::COD_ADMIN, \RoleTypeName::EGI_CSIRT_OFFICER, \RoleTypeName::COO);
$usersActualRoleNames = array();
if ($site->getNgi() != null) {
// A Site should always have a parent NGI, but this is not enforced
// by the DB constraints as this may? be needed in future - also
// unit tests use orphan sites. Thus this method is defensive.
$usersActualRoleNames = $roleService->getUserRoleNamesOverEntity($site->getNgi(), $user);
// Get all project level roles for all the projects that group the site's ngi
if (count($site->getNgi()->getProjects()) > 0) {
foreach ($site->getNgi()->getProjects() as $parentProject) {
$usersActualRoleNames = array_merge($usersActualRoleNames, $roleService->getUserRoleNamesOverEntity($parentProject, $user));
}
}
}
// return intersection between required roles and user's actual roles
$enablingRoles = array_intersect($requiredRoles, array_unique($usersActualRoleNames));
} else {
throw new \LogicException('Unsupported Action');
}
}
}
if ($user->isAdmin()) {
$enablingRoles[] = \RoleTypeName::GOCDB_ADMIN;
}
return array_unique($enablingRoles);
}