Viewing file:  RoleVoter.php (1.73 KB) -rw-r--r--
Select action/file-type:
 (+) |  (+) |  (+) | Code (+) | Session (+) |  (+) | SDB (+) |  (+) |  (+) |  (+) |  (+) |  (+) |
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\Security\Core\Authorization\Voter;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
/**
* RoleVoter votes if any attribute starts with a given prefix.
*
* @author Fabien Potencier <fabien@symfony.com>
*/
class RoleVoter implements VoterInterface
{
private $prefix;
/**
* Constructor.
*
* @param string $prefix The role prefix
*/
public function __construct($prefix = 'ROLE_')
{
$this->prefix = $prefix;
}
/**
* {@inheritdoc}
*/
public function supportsAttribute($attribute)
{
return 0 === strpos($attribute, $this->prefix);
}
/**
* {@inheritdoc}
*/
public function supportsClass($class)
{
return true;
}
/**
* {@inheritdoc}
*/
public function vote(TokenInterface $token, $object, array $attributes)
{
$result = VoterInterface::ACCESS_ABSTAIN;
$roles = $this->extractRoles($token);
foreach ($attributes as $attribute) {
if (!$this->supportsAttribute($attribute)) {
continue;
}
$result = VoterInterface::ACCESS_DENIED;
foreach ($roles as $role) {
if ($attribute === $role->getRole()) {
return VoterInterface::ACCESS_GRANTED;
}
}
}
return $result;
}
protected function extractRoles(TokenInterface $token)
{
return $token->getRoles();
}
}
|