Code Coverage
 
Lines
Functions and Methods
Classes and Traits
Total
71.43% covered (warning)
71.43%
25 / 35
40.00% covered (danger)
40.00%
2 / 5
 CRAP
0.00% covered (danger)
0.00%
0 / 1
RouteAnnotationService
71.43% covered (warning)
71.43%
25 / 35
40.00% covered (danger)
40.00%
2 / 5
 25.56
0.00% covered (danger)
0.00%
0 / 1
 isHidden
66.67% covered (warning)
66.67%
4 / 6
0.00% covered (danger)
0.00%
0 / 1
 3.33
 hasAccess
94.44% covered (success)
94.44%
17 / 18
0.00% covered (danger)
0.00%
0 / 1
 9.01
 getRights
0.00% covered (danger)
0.00%
0 / 7
0.00% covered (danger)
0.00%
0 / 1
 20
 getAnnotations
100.00% covered (success)
100.00%
3 / 3
100.00% covered (success)
100.00%
1 / 1
 1
 getAdvancedLogger
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
1 / 1
 1
1<?php
2
3/**
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; under version 2
7 * of the License (non-upgradable).
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
17 *
18 * Copyright (c) 2018  (original work) Open Assessment Technologies SA;
19 *
20 * @author Alexander Zagovorichev <zagovorichev@1pt.com>
21 */
22
23namespace oat\tao\model\routing;
24
25use Throwable;
26use Psr\Log\LoggerInterface;
27use oat\oatbox\log\logger\AdvancedLogger;
28use oat\oatbox\service\ConfigurableService;
29use oat\oatbox\log\logger\extender\ContextExtenderInterface;
30
31class RouteAnnotationService extends ConfigurableService
32{
33    public const SERVICE_ID = 'tao/routeAnnotation';
34
35    public const SECURITY_HIDE = 'hide';
36    public const SECURITY_ALLOW = 'allow';
37    public const SECURITY_DENY = 'deny';
38
39    /**
40     * @param string $className
41     * @param string $methodName
42     * @return bool
43     */
44    public function isHidden($className, $methodName)
45    {
46        try {
47            $annotations = $this->getAnnotations($className, $methodName);
48            $hidden = array_key_exists(AnnotationReaderService::PROP_SECURITY, $annotations)
49                && in_array(self::SECURITY_HIDE, $annotations[AnnotationReaderService::PROP_SECURITY], true);
50        } catch (\Exception $e) {
51            $hidden = false; // if class or method not found
52        }
53
54        return $hidden;
55    }
56
57    /**
58     * @param string $className
59     * @param string $methodName
60     * @return bool
61     */
62    public function hasAccess($className, $methodName = '')
63    {
64        $access = true;
65
66        try {
67            $annotations = $this->getAnnotations($className, $methodName);
68
69            if (
70                array_key_exists(AnnotationReaderService::PROP_SECURITY, $annotations)
71                && is_array($annotations[AnnotationReaderService::PROP_SECURITY])
72            ) {
73                foreach ($annotations[AnnotationReaderService::PROP_SECURITY] as $rule) {
74                    switch ($rule) {
75                        case self::SECURITY_HIDE:
76                        case self::SECURITY_DENY:
77                            $access = false;
78                            break;
79                        case self::SECURITY_ALLOW:
80                            // do not change state (it will be allowed by default but closed by hidden & deny)
81                            break;
82                            // any unsupported actions return false
83                        default:
84                            $access = false;
85                    }
86                }
87            }
88        } catch (Throwable $exception) {
89            $this->getAdvancedLogger()->error(
90                $exception->getMessage(),
91                [
92                    ContextExtenderInterface::CONTEXT_EXCEPTION => $exception,
93                ]
94            );
95            $access = false; // if class or method not found
96        }
97
98        return $access;
99    }
100
101    public function getRights($className, $methodName = '')
102    {
103        $res = [];
104        try {
105            $annotations = $this->getAnnotations($className, $methodName);
106            if (array_key_exists(AnnotationReaderService::PROP_RIGHTS, $annotations)) {
107                foreach ($annotations[AnnotationReaderService::PROP_RIGHTS] as $rule) {
108                    $res[$rule['key']] = $rule['permission'];
109                }
110            }
111        } catch (\Exception $e) {
112        }
113        return $res;
114    }
115
116    private function getAnnotations($className, $methodName)
117    {
118        return $this->getServiceLocator()
119            ->get(AnnotationReaderService::SERVICE_ID)
120            ->getAnnotations($className, $methodName);
121    }
122
123    private function getAdvancedLogger(): LoggerInterface
124    {
125        return $this->getServiceManager()->getContainer()->get(AdvancedLogger::ACL_SERVICE_ID);
126    }
127}