Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
Total | |
93.55% |
29 / 31 |
|
60.00% |
3 / 5 |
CRAP | |
0.00% |
0 / 1 |
PermissionLookupTrait | |
93.55% |
29 / 31 |
|
60.00% |
3 / 5 |
22.13 | |
0.00% |
0 / 1 |
fillPermissions | |
94.12% |
16 / 17 |
|
0.00% |
0 / 1 |
10.02 | |||
getAccessMode | |
87.50% |
7 / 8 |
|
0.00% |
0 / 1 |
6.07 | |||
getPermissions | |
100.00% |
4 / 4 |
|
100.00% |
1 / 1 |
4 | |||
getSession | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
getResourceService | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 |
1 | <?php |
2 | |
3 | /** |
4 | * This program is free software; you can redistribute it and/or |
5 | * modify it under the terms of the GNU General Public License |
6 | * as published by the Free Software Foundation; under version 2 |
7 | * of the License (non-upgradable). |
8 | * |
9 | * This program is distributed in the hope that it will be useful, |
10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
12 | * GNU General Public License for more details. |
13 | * |
14 | * You should have received a copy of the GNU General Public License |
15 | * along with this program; if not, write to the Free Software |
16 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
17 | * |
18 | * Copyright (c) 2020 (original work) Open Assessment Technologies SA; |
19 | */ |
20 | |
21 | declare(strict_types=1); |
22 | |
23 | namespace oat\taoQtiTest\models\creator; |
24 | |
25 | use common_exception_Error; |
26 | use common_session_AnonymousSession; |
27 | use common_session_Session; |
28 | use oat\oatbox\session\SessionService; |
29 | use oat\tao\model\resources\ResourceService; |
30 | |
31 | trait PermissionLookupTrait |
32 | { |
33 | /** |
34 | * @var array |
35 | */ |
36 | private $permissions; |
37 | |
38 | /** |
39 | * @param array $nodes |
40 | * @return array |
41 | * @throws common_exception_Error |
42 | */ |
43 | protected function fillPermissions(array $nodes): array |
44 | { |
45 | $permissions = $this->getPermissions($nodes); |
46 | if (is_array($permissions) && array_key_exists('data', $permissions) && is_array($permissions['data'])) { |
47 | $rules = $permissions['data']; |
48 | $rights = isset($permissions['supportedRights']) && count($permissions['supportedRights']) |
49 | ? $permissions['supportedRights'] |
50 | : false; |
51 | if ($rights) { |
52 | $self = $this; |
53 | $nodes = array_map(static function ($node) use ($rules, $self, $rights) { |
54 | if (is_array($node)) { |
55 | if (array_key_exists('children', $node)) { |
56 | $node['children'] = $self->fillPermissions($node['children']); |
57 | } |
58 | if (array_key_exists('uri', $node)) { |
59 | $node['accessMode'] = $self->getAccessMode($rules, $rights, $node['uri']); |
60 | } |
61 | } |
62 | |
63 | return $node; |
64 | }, $nodes); |
65 | } |
66 | } |
67 | return $nodes; |
68 | } |
69 | |
70 | /** |
71 | * partial|denied|allowed |
72 | * @param array $rules |
73 | * @param array $supportedRights |
74 | * @param string $uri |
75 | * @return string |
76 | */ |
77 | private function getAccessMode(array $rules, array $supportedRights, string $uri): string |
78 | { |
79 | $itemRules = array_key_exists($uri, $rules) ? $rules[$uri] : []; |
80 | if ( |
81 | count($supportedRights) === 0 |
82 | || $itemRules == $supportedRights |
83 | || (in_array('GRANT', $itemRules, true)) |
84 | ) { |
85 | return 'allowed'; |
86 | } |
87 | |
88 | if (!count($itemRules)) { |
89 | return 'denied'; |
90 | } |
91 | |
92 | return 'partial'; |
93 | } |
94 | |
95 | /** |
96 | * @param array $resources |
97 | * @return array |
98 | */ |
99 | private function getPermissions(array $resources): array |
100 | { |
101 | if (!$this->permissions) { |
102 | //retrieve resources permissions |
103 | $user = $this->getSession() ? $this->getSession()->getUser() : null; |
104 | |
105 | $this->permissions = $user ? $this->getResourceService()->getResourcesPermissions($user, $resources) : []; |
106 | } |
107 | |
108 | return $this->permissions; |
109 | } |
110 | |
111 | /** |
112 | * @return common_session_AnonymousSession|common_session_Session|null |
113 | */ |
114 | private function getSession(): common_session_Session |
115 | { |
116 | return $this->getServiceLocator()->get(SessionService::SERVICE_ID)->getCurrentSession(); |
117 | } |
118 | |
119 | /** |
120 | * @return ResourceService|object |
121 | */ |
122 | protected function getResourceService(): ResourceService |
123 | { |
124 | return $this->getServiceLocator()->get(ResourceService::SERVICE_ID); |
125 | } |
126 | } |