Skip to content

Commit

Permalink
De-cruft and de-CRAP
Browse files Browse the repository at this point in the history
  • Loading branch information
jeremykendall committed Jan 3, 2016
1 parent 2a17fac commit eed945b
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 14 deletions.
18 changes: 6 additions & 12 deletions src/Middleware/Authorization.php
Original file line number Diff line number Diff line change
Expand Up @@ -61,15 +61,15 @@ public function __invoke(ServerRequestInterface $request, ResponseInterface $res
$route = $request->getAttribute('route', null);

if ($route === null) {
// User likely accessing a non-existant route. Calling next middleware.
// User likely accessing a nonexistent route. Calling next middleware.
return $next($request, $response);
}

$role = $this->getRole($this->auth->getIdentity());
$resource = $routePattern = $route->getPattern();
$resource = $route->getPattern();
$privilege = $request->getMethod();
$hasIdentity = $this->auth->hasIdentity();
$isAllowed = $this->acl->isAllowed($role, $resource, $privilege);
$hasIdentity = $this->auth->hasIdentity();

if ($hasIdentity && !$isAllowed) {
// Authenticated but unauthorized for this resource
Expand All @@ -93,20 +93,14 @@ public function __invoke(ServerRequestInterface $request, ResponseInterface $res
*/
private function getRole($identity = null)
{
$role = null;

if (is_object($identity)) {
$role = $identity->getRole();
return $identity->getRole();
}

if (is_array($identity) && isset($identity['role'])) {
$role = $identity['role'];
}

if ($role === null) {
$role = 'guest';
return $identity['role'];
}

return $role;
return 'guest';
}
}
3 changes: 1 addition & 2 deletions tests/Middleware/AuthorizationTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -131,7 +131,7 @@ public function authenticationDataProvider()
['GET', '/admin', null, true, new Identity('member'), 403, '/admin'],
['DELETE', '/member/photo/992892', null, true, ['role' => 'member'], 200, '/member/photo/{id}'],
// Admin
['GET', '/admin', null, true, ['role' => 'admin'], 200, '/member/photo/{id}'],
['GET', '/admin', null, true, ['role' => 'admin'], 200, '/admin'],
];
}

Expand All @@ -151,7 +151,6 @@ private function getConfiguredAcl()

$acl->allow('guest', '/');
$acl->allow('guest', '/login', ['GET', 'POST']);
$acl->deny('guest', '/admin');

$acl->allow('member', '/member');
$acl->allow('member', '/member/photo/{id}', 'DELETE');
Expand Down

0 comments on commit eed945b

Please sign in to comment.