Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
| Total | |
0.00% |
0 / 25 |
|
0.00% |
0 / 6 |
CRAP | |
0.00% |
0 / 1 |
| AuthorizationAggregator | |
0.00% |
0 / 25 |
|
0.00% |
0 / 6 |
210 | |
0.00% |
0 / 1 |
| getAuthorizationProvider | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| verifyStartAuthorization | |
0.00% |
0 / 2 |
|
0.00% |
0 / 1 |
6 | |||
| verifyResumeAuthorization | |
0.00% |
0 / 6 |
|
0.00% |
0 / 1 |
6 | |||
| getProviders | |
0.00% |
0 / 8 |
|
0.00% |
0 / 1 |
30 | |||
| addProvider | |
0.00% |
0 / 3 |
|
0.00% |
0 / 1 |
2 | |||
| unregister | |
0.00% |
0 / 5 |
|
0.00% |
0 / 1 |
12 | |||
| 1 | <?php |
| 2 | |
| 3 | /** |
| 4 | * This program is free software; you can redistribute it and/or |
| 5 | * modify it under the terms of the GNU General Public License |
| 6 | * as published by the Free Software Foundation; under version 2 |
| 7 | * of the License (non-upgradable). |
| 8 | * |
| 9 | * This program is distributed in the hope that it will be useful, |
| 10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 12 | * GNU General Public License for more details. |
| 13 | * |
| 14 | * You should have received a copy of the GNU General Public License |
| 15 | * along with this program; if not, write to the Free Software |
| 16 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
| 17 | * |
| 18 | * Copyright (c) 2016 (original work) Open Assessment Technologies SA; |
| 19 | * |
| 20 | */ |
| 21 | |
| 22 | namespace oat\taoDelivery\model\authorization\strategy; |
| 23 | |
| 24 | use oat\oatbox\event\EventManager; |
| 25 | use oat\oatbox\service\ConfigurableService; |
| 26 | use oat\taoDelivery\model\authorization\AuthorizationProvider; |
| 27 | use oat\taoDelivery\model\authorization\AuthorizationService; |
| 28 | use oat\oatbox\user\User; |
| 29 | use oat\taoDelivery\model\execution\DeliveryExecutionInterface; |
| 30 | use oat\taoDelivery\models\classes\execution\event\DeliveryExecutionVerified; |
| 31 | use Zend\ServiceManager\ServiceLocatorAwareInterface; |
| 32 | |
| 33 | /** |
| 34 | * An Authorization Aggregator, that requires all internal |
| 35 | * authorization providers to allow access |
| 36 | */ |
| 37 | class AuthorizationAggregator extends ConfigurableService implements AuthorizationService, AuthorizationProvider |
| 38 | { |
| 39 | public const OPTION_PROVIDERS = 'providers'; |
| 40 | |
| 41 | private $providers; |
| 42 | |
| 43 | /** |
| 44 | * Returns the base authorization provider. |
| 45 | * |
| 46 | * @return AuthorizationProvider |
| 47 | */ |
| 48 | public function getAuthorizationProvider() |
| 49 | { |
| 50 | return $this; |
| 51 | } |
| 52 | |
| 53 | /** |
| 54 | * Verify that a given delivery is allowed to be started |
| 55 | * |
| 56 | * @param string $deliveryId |
| 57 | * @throws \common_exception_Unauthorized |
| 58 | */ |
| 59 | public function verifyStartAuthorization($deliveryId, User $user) |
| 60 | { |
| 61 | foreach ($this->getProviders() as $provider) { |
| 62 | $provider->verifyStartAuthorization($deliveryId, $user); |
| 63 | } |
| 64 | } |
| 65 | |
| 66 | /** |
| 67 | * Verify that a given delivery execution is allowed to be executed |
| 68 | * |
| 69 | * @param DeliveryExecutionInterface $deliveryExecution |
| 70 | * @param User $user |
| 71 | */ |
| 72 | public function verifyResumeAuthorization(DeliveryExecutionInterface $deliveryExecution, User $user) |
| 73 | { |
| 74 | foreach ($this->getProviders() as $provider) { |
| 75 | $provider->verifyResumeAuthorization($deliveryExecution, $user); |
| 76 | } |
| 77 | $this |
| 78 | ->getServiceManager() |
| 79 | ->get(EventManager::SERVICE_ID) |
| 80 | ->trigger(new DeliveryExecutionVerified($deliveryExecution)); |
| 81 | } |
| 82 | |
| 83 | /** |
| 84 | * Returns a list of providers that need to be verified |
| 85 | * |
| 86 | * @return AuthorizationProvider[] |
| 87 | */ |
| 88 | protected function getProviders() |
| 89 | { |
| 90 | if (is_null($this->providers)) { |
| 91 | $this->providers = []; |
| 92 | if ($this->hasOption(self::OPTION_PROVIDERS)) { |
| 93 | foreach ($this->getOption(self::OPTION_PROVIDERS) as $provider) { |
| 94 | if ($provider instanceof ServiceLocatorAwareInterface) { |
| 95 | $provider->setServiceLocator($this->getServiceLocator()); |
| 96 | } |
| 97 | $this->providers[] = $provider; |
| 98 | } |
| 99 | } |
| 100 | } |
| 101 | return $this->providers; |
| 102 | } |
| 103 | |
| 104 | /** |
| 105 | * Add an additional authorization provider that needs |
| 106 | * to be satisfied as well |
| 107 | * |
| 108 | * @param AuthorizationProvider $provider |
| 109 | */ |
| 110 | public function addProvider(AuthorizationProvider $provider) |
| 111 | { |
| 112 | $providers = $this->getOption(self::OPTION_PROVIDERS); |
| 113 | $providers[] = $provider; |
| 114 | $this->setOption(self::OPTION_PROVIDERS, $providers); |
| 115 | } |
| 116 | |
| 117 | /** |
| 118 | * Remove an existing authorization provider, identified by |
| 119 | * exact class |
| 120 | * |
| 121 | * @param $providerClass |
| 122 | * @internal param AuthorizationProvider $provider |
| 123 | */ |
| 124 | public function unregister($providerClass) |
| 125 | { |
| 126 | $providers = $this->getOption(self::OPTION_PROVIDERS); |
| 127 | foreach ($providers as $key => $provider) { |
| 128 | if (get_class($provider) == $providerClass) { |
| 129 | unset($providers[$key]); |
| 130 | } |
| 131 | } |
| 132 | $this->setOption(self::OPTION_PROVIDERS, $providers); |
| 133 | } |
| 134 | } |